Updated ipset packages that fix one bug are now available for Red Hat Enterprise Linux 6.
The ipset packages provide IP sets, a framework inside the Linux 2.4.x and 2.6.x kernel, which can be administered by the ipset utility. Depending on the type, an IP set can currently store IP addresses, TCP/UDP port numbers or IP addresses with MAC addresses in a way that ensures high speed when matching an entry against a set.
Prior to this update, ipset initiation script which would load the ipset rules was missing. Consequently, security problems at system initiation could occur. This update provides all the files necessary to add an ipset systemd service, which starts up before iptables and stops afterwards. As a result, ipset rules can be started, stopped, and saved as intended.
Users of ipset are advised to upgrade to these updated packages, which fix this bug.