• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Snort: Don't Automatically Add Internal Subnets

Scheduled Pinned Locked Moved pfSense Packages
1 Posts 1 Posters 1.7k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • J
    jwbrown77
    last edited by May 11, 2010, 11:37 PM

    Is there a way to configure Snort to use a HOME_NET that only includes the subnets I designate as the HOME_NET?

    Our PCI auditor wants the IDS to run on internal interfaces, not on external.  This means I need to figure out how to get the internal subnets the firewall is aware of to stop ignoring inspection with Snort.  As far as I can tell, anything in the HOME_NET is automatically ignored.

    I tried creating a new "homenet" NETLIST and setting that as the HOME_NET in the GUI, but it is still adding the internal subnets automatically.

    Thanks.

    1 Reply Last reply Reply Quote 0
    1 out of 1
    • First post
      1/1
      Last post
    Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
      This community forum collects and processes your personal information.
      consent.not_received