Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Snort Netlist for IPv6 subnets

    Scheduled Pinned Locked Moved pfSense Packages
    2 Posts 1 Posters 1.3k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • C
      Cino
      last edited by

      Going to search the net on this one. But does only know the correct format to add a IPv6 Subnet to a NETLIST?

      i've tried 2001:470:xxxx:xxxx::/64 and 2001:470:xxxx:xxxx::1/64 but its blocking traffic from one of my boxes.. Still learning IPv6 so maybe the subnet /64 is wrong

      The subnet is in snort.conf under 'var HOME_NET'

      I've added the single server IP address and see if that helps for now and probably throw some client IPs if needed

      1 Reply Last reply Reply Quote 0
      • C
        Cino
        last edited by

        I don't expect this being fix until IP6v6 is fully implemented in pfSense. But wanted it to be known, that snort is ignoring IPV6 addresses and/or subnets when they are added to NETLIST and WHITELIST it seems. I'm thinking this is probably a snort issue and not pfSense since it is in the conf file looks right… Still re-searching tho..

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.