Snort Netlist for IPv6 subnets

  • Going to search the net on this one. But does only know the correct format to add a IPv6 Subnet to a NETLIST?

    i've tried 2001:470:xxxx:xxxx::/64 and 2001:470:xxxx:xxxx::1/64 but its blocking traffic from one of my boxes.. Still learning IPv6 so maybe the subnet /64 is wrong

    The subnet is in snort.conf under 'var HOME_NET'

    I've added the single server IP address and see if that helps for now and probably throw some client IPs if needed

  • I don't expect this being fix until IP6v6 is fully implemented in pfSense. But wanted it to be known, that snort is ignoring IPV6 addresses and/or subnets when they are added to NETLIST and WHITELIST it seems. I'm thinking this is probably a snort issue and not pfSense since it is in the conf file looks right… Still re-searching tho..

Log in to reply