4. Suricata HOME_NET - unable to uncheck Locally-Attached Networks

Suricata HOME_NET - unable to uncheck Locally-Attached Networks

  • T

    Hi all,
    I'd like to fill strict addresses and nets in $HOME_NET variable for my LAN interface, excluding other "firewall Locally-Attached Networks".
    In other words : I have a LAN interface, and many other DMZ interfaces, and I would like to exclude DMZs networks from my LAN's HOME_NET variable.
    So I did like always :

    • pfSense alias including desired nets only
    • Suricata pass list pointing to this alias, and of course unchecking "Local Networks / Add firewall Locally-Attached Networks to the list (excluding WAN)"
    • select the pass list for my interface HOME_NET
      -validate everything
      and…  >:(
      The DMZs nets still appear in the list when I click "view list".  :-
      Is there anything I misunderstood ?  ???
      Any help would be greatly appreciated !  :)
      Thanks
      Pierre
    0
  • T

    In other words : unchecking Local Networks from the pass list seems to have no effect.  :(
    Could it be a cosmetic issue, while clicking "View list"  ? (don't think so…)
    Also tried to overload HOME_NET value in Advanced Configuration Pass-Through, but Advanced Configuration Pass-Through seems to be broken too (encoded while config is saved).  :(

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy