Suricata HOME_NET - unable to uncheck Locally-Attached Networks
-
Hi all,
I'd like to fill strict addresses and nets in $HOME_NET variable for my LAN interface, excluding other "firewall Locally-Attached Networks".
In other words : I have a LAN interface, and many other DMZ interfaces, and I would like to exclude DMZs networks from my LAN's HOME_NET variable.
So I did like always :- pfSense alias including desired nets only
- Suricata pass list pointing to this alias, and of course unchecking "Local Networks / Add firewall Locally-Attached Networks to the list (excluding WAN)"
- select the pass list for my interface HOME_NET
-validate everything
and… >:(
The DMZs nets still appear in the list when I click "view list". :-
Is there anything I misunderstood ? ???
Any help would be greatly appreciated ! :)
Thanks
Pierre
-
In other words : unchecking Local Networks from the pass list seems to have no effect. :(
Could it be a cosmetic issue, while clicking "View list" ? (don't think so…)
Also tried to overload HOME_NET value in Advanced Configuration Pass-Through, but Advanced Configuration Pass-Through seems to be broken too (encoded while config is saved). :(