aboutsummaryrefslogtreecommitdiffstats
path: root/config/snort
diff options
context:
space:
mode:
authorErmal <eri@pfsense.org>2013-01-26 18:39:13 +0100
committerErmal <eri@pfsense.org>2013-01-26 18:39:13 +0100
commit29dd57f966af743dbf2c77e94d050a167266bf10 (patch)
tree23c85dc92fc5ac3fc52ec4f1b479ee0f2771e000 /config/snort
parentdadcb727d5ac0f94081cafdcc4db55a0408a5e46 (diff)
downloadpfsense-packages-29dd57f966af743dbf2c77e94d050a167266bf10.tar.gz
pfsense-packages-29dd57f966af743dbf2c77e94d050a167266bf10.tar.bz2
pfsense-packages-29dd57f966af743dbf2c77e94d050a167266bf10.zip
Always put the running interface ip(s) in the list so no issues come from it
Diffstat (limited to 'config/snort')
-rwxr-xr-xconfig/snort/snort.inc10
1 files changed, 10 insertions, 0 deletions
diff --git a/config/snort/snort.inc b/config/snort/snort.inc
index 39d48687..e2695ed4 100755
--- a/config/snort/snort.inc
+++ b/config/snort/snort.inc
@@ -141,6 +141,16 @@ function snort_build_list($snortcfg, $listname = "", $whitelist = false) {
}
}
+ /* Always put snort running interface in the list */
+ $snortip = get_interface_ip($snortcfg['interface']);
+ if (is_ipaddr($snortip))
+ $home_net .= "{$snortip} ";
+ if (function_exists('get_interface_ipv6')) {
+ $snortip = get_interface_ipv6($snortcfg['interface']);
+ if (is_ipaddrv6($snortip))
+ $home_net .= "{$snortip} ";
+ }
+
/* iterate through interface list and write out whitelist items
* and also compile a home_net list for snort.
*/