From 46d64e39d158da629b5cdf8cbe59f747dd570d49 Mon Sep 17 00:00:00 2001
From: Tom Eastep <teastep@shorewall.net>
Date: Sun, 19 Jun 2011 14:04:53 -0700
Subject: [PATCH] Use correct syntax to create IPv6 ipsets.

Signed-off-by: Tom Eastep <teastep@shorewall.net>
---
 Shorewall/Perl/Shorewall/Chains.pm | 20 +++++++++++++++++---
 1 file changed, 17 insertions(+), 3 deletions(-)

diff --git a/Shorewall/Perl/Shorewall/Chains.pm b/Shorewall/Perl/Shorewall/Chains.pm
index 8622777fb..6ea93985b 100644
--- a/Shorewall/Perl/Shorewall/Chains.pm
+++ b/Shorewall/Perl/Shorewall/Chains.pm
@@ -4532,7 +4532,13 @@ sub load_ipsets() {
 
 	if ( @ipsets ) {
 	    emit ( '' );
-	    emit ( "    qt \$IPSET -L $_ -n || \$IPSET -N $_ iphash" ) for @ipsets;
+
+	    if ( $family == F_IPV4 ) {
+		emit ( "    qt \$IPSET -L $_ -n || \$IPSET -N $_ iphash" ) for @ipsets;
+	    } else {
+		emit ( "    qt \$IPSET -L $_ -n || \$IPSET -N $_ hash:ip family ipv6" ) for @ipsets;
+	    }
+
 	    emit ( '' );
 	}
 
@@ -4551,7 +4557,11 @@ sub load_ipsets() {
 	if ( @ipsets ) {
 	    emit '';
 
-	    emit ( "    qt \$IPSET -L $_ -n || \$IPSET -N $_ iphash" ) for @ipsets;
+	    if ( $family == F_IPV4 ) {
+		emit ( "    qt \$IPSET -L $_ -n || \$IPSET -N $_ iphash" ) for @ipsets;
+	    } else {
+		emit ( "    qt \$IPSET -L $_ -n || \$IPSET -N $_ hash:ip family ipv6" ) for @ipsets;
+	    }
 
 	    emit ( '' ,
 		   'elif [ "$COMMAND" = restart ]; then' ,
@@ -4574,7 +4584,11 @@ sub load_ipsets() {
 		   '    fi',
 		   'elif [ "$COMMAND" = refresh ]; then' );
 
-	    emit ( "   qt \$IPSET -L $_ -n || \$IPSET -N $_ iphash" ) for @ipsets;
+	    if ( $family == F_IPV4 ) {
+		emit ( "    qt \$IPSET -L $_ -n || \$IPSET -N $_ iphash" ) for @ipsets;
+	    } else {
+		emit ( "    qt \$IPSET -L $_ -n || \$IPSET -N $_ hash:ip family ipv6" ) for @ipsets;
+	    }
 	}
 
 	emit ( 'fi' ,