diff options
author | Ermal <eri@pfsense.org> | 2013-01-29 17:19:26 +0100 |
---|---|---|
committer | Ermal <eri@pfsense.org> | 2013-01-29 17:19:26 +0100 |
commit | 6eb7ddf66bf8f40a8981a25353bc8a99558eefcd (patch) | |
tree | 7fc5b0e06d0a6c457120c1dade5e5f3ec5c1cd9f /config/snort | |
parent | 6684741c9cdd0891bfddec85aaccf535124c59cd (diff) | |
download | pfsense-packages-6eb7ddf66bf8f40a8981a25353bc8a99558eefcd.tar.gz pfsense-packages-6eb7ddf66bf8f40a8981a25353bc8a99558eefcd.tar.bz2 pfsense-packages-6eb7ddf66bf8f40a8981a25353bc8a99558eefcd.zip |
Use subnet of interface here to have HOME_NET set properly
Diffstat (limited to 'config/snort')
-rwxr-xr-x | config/snort/snort.inc | 9 |
1 files changed, 7 insertions, 2 deletions
diff --git a/config/snort/snort.inc b/config/snort/snort.inc index ace1c89c..dede1f1d 100755 --- a/config/snort/snort.inc +++ b/config/snort/snort.inc @@ -147,8 +147,13 @@ function snort_build_list($snortcfg, $listname = "", $whitelist = false) { $home_net .= "{$snortip} "; if (function_exists('get_interface_ipv6')) { $snortip = get_interface_ipv6($snortcfg['interface']); - if (is_ipaddrv6($snortip)) - $home_net .= "{$snortip} "; + if (is_ipaddrv6($snortip)) { + if ($whitelist === false) { + $sn = get_interface_subnet($int); + $home_net .= "{$subnet}/{$sn} "; + } else + $home_net .= "{$subnet} "; + } } /* iterate through interface list and write out whitelist items |