[Oisf-users] "HOME_NET" and "EXTERNAL_NET: "!$HOME_NET"".

Orion Poplawski orion at nwra.com
Thu Feb 7 22:33:42 UTC 2019


On 2/6/19 2:06 AM, Jason Long wrote:
> Hello,
> I installed "" on CentOS 7.6 x86_64 and I want to configure it. In
> "suricata.yaml" I see:
> 
> HOME_NET: "[ 192.168.1.2]"
>     #HOME_NET: "[192.168.0.0/16]"
>     #HOME_NET: "[10.0.0.0/8]"
>     #HOME_NET: "[172.16.0.0/12]"
>     #HOME_NET: "any"
> 
>     EXTERNAL_NET: "!$HOME_NET"
>     #EXTERNAL_NET: "any"
> 
> My CentOS is a VM that running a web server and its Local IP address is
> "192.168.1.2" and Global IP address is "X.X.X.X", which values I must set for
> "HOME_NET" and " EXTERNAL_NET"?
> I see that " EXTERNAL_NET" have a "!$HOME_NET" value, what is it? If I set
> "HOME_NET" to "192.168.1.2" then all of "!$HOME_NET" refer to this IP?
> 
> Thank you.

You also probably want to set HOME_NET to your actual home network rather than
just the specific IP.  Presumably something like 192.168.1.0/24, depending on
your netmask and local networks in use.


-- 
Orion Poplawski
Manager of NWRA Technical Systems          720-772-5637
NWRA, Boulder/CoRA Office             FAX: 303-415-9702
3380 Mitchell Lane                       orion at nwra.com
Boulder, CO 80301                 https://www.nwra.com/

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3799 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20190207/d956e026/attachment-0001.bin>


More information about the Oisf-users mailing list