[Dnsmasq-discuss] Dnsmasq issues with ipsets and nftsets

Dmitry Shiryaev dmitry.mac at icloud.com
Sun Aug 31 19:16:34 UTC 2025 

Tried it again with no luck. Steps I've taken: (On Debian 12 Bookworm) 1. Deleted dnsmasq package: apt autoremove --purge dnsmasq 2. Installed the package again, and set NetworkManager to work with DNSMasq. 3. Made sure DNS resolving is working using dig and made sure it uses 127.0.0.1:53 to resolve DNS names. 4. Created IPsets via ipset create vpn hash:ip and ipset create search hash:ip to match ipsets used in dnsmasq.conf 5. Uncommented ipset=/yahoo.com/google.com/vpn,search line from /etc/dnsmasq.conf and restarted the service systemctl restart dnsmasq 6. After service restart, no ip addresses appears in either of ipsets. ipset -L Name: vpn Type: hash:ip Revision: 6 Header: family inet hashsize 1024 maxelem 65536 bucketsize 12 initval 0x0653e89c Size in memory: 216 References: 0 Number of entries: 0 Members: Name: search Type: hash:ip Revision: 6 Header: family inet hashsize 1024 maxelem 65536 bucketsize 12 initval 0x4ebb8d20 Size in memory: 216 References: 0 Number of entries: 0 Members: Either this functionality is broken of there is some incompatibility with my OS setup. Logs for dnsmasq show no errors. I would appreciate any insight on how to troubleshoot this On Aug 30, 2025, at 8:14 PM, Dmitry Shiryaev via Dnsmasq-discuss <dnsmasq-discuss at lists.thekelleys.org.uk> wrote: >The documentation (manpage) says that the first component of the value is a domain name to be resolved, not an IP address. My bad. I tried all options. My /etc/dnsmasq.conf has: ipset=/ yahoo.com/google.com/vpn,search (uncommented example) I also tried running with --ipset=/ google.ca/test_set option. Same results, nothing is being added to ipsets. _______________________________________________ Dnsmasq-discuss mailing list Dnsmasq-discuss at lists.thekelleys.org.uk https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/attachments/20250831/aee53dd0/attachment.htm>

More information about the Dnsmasq-discuss mailing list