[Oisf-users] HOMENET question
Peter Manev
petermanev at gmail.com
Tue Sep 29 20:44:55 UTC 2015
On Tue, Sep 29, 2015 at 10:23 PM, <coolyasha at hotmail.com> wrote:
> Good to know. Another question.
> If i monitor two interfaces via pfring, can i have separate homenets for
> each interface?
If you use VLANs you can try the latest git and the multi tenancy
feature (work in progress) -
https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Multi_Tenancy
>
> Thanks
>
>
>
>
> On Tue, Sep 29, 2015 at 12:34 PM -0700, "rmkml" <rmkml at yahoo.fr> wrote:
>
> Hi Yasha,
>
> Yes please negate subnet first.
>
> Regards
> @Rmkml
>
>
> On Tue, 29 Sep 2015, Yasha Zislin wrote:
>
>> Question about HOMENET.
>> Can we exclude subnets from a bigger subnet?
>> For example,
>> HOME_NET: "[10.0.0.0/8,!10.1.0.0/16]"
>>
>> Is that possible?
>>
>> Thanks
>>
>>
>
> _______________________________________________
> Suricata IDS Users mailing list: oisf-users at openinfosecfoundation.org
> Site: http://suricata-ids.org | Support: http://suricata-ids.org/support/
> List: https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
> Suricata User Conference November 4 & 5 in Barcelona: http://oisfevents.net
--
Regards,
Peter Manev
More information about the Oisf-users
mailing list