Snort mailing list archives
RE: HOME_NET Clarification
From: "Esler, Joel - Contractor" <joel.esler () rcert-s army mil>
Date: Fri, 29 Oct 2004 14:45:55 -0400
Enter the ones you want to be internal (in your below example [10.0.0.0/8, 192.168.1.0/24] all others will be specified as External_net if you have External_net defined as any. J -----Original Message----- From: snort-users-admin () lists sourceforge net [mailto:snort-users-admin () lists sourceforge net] On Behalf Of Ilango S Allikuzhi Sent: Friday, October 22, 2004 12:25 PM To: snort-users () lists sourceforge net Subject: [Snort-users] HOME_NET Clarification Is it possible to define HOME_NET as [!10.40.1.0/24, !10.40.2.0/24, 10.0.0.0/8, 192.168.1.0/24] for instance? In other words, we want all subnets under 10 except a few. Some public addresses get NAT'ed to 10.40.2.x addresses and hence I need to treat them as external net. Thanks, Ilango
Current thread:
- HOME_NET Clarification Ilango S Allikuzhi (Oct 29)
- Message not available
- Re: HOME_NET Clarification Matt Kettler (Oct 29)
- Message not available
- <Possible follow-ups>
- RE: HOME_NET Clarification Esler, Joel - Contractor (Oct 29)
- RE: HOME_NET Clarification Ilango S Allikuzhi (Nov 19)