From 29dd57f966af743dbf2c77e94d050a167266bf10 Mon Sep 17 00:00:00 2001
From: Ermal <eri@pfsense.org>
Date: Sat, 26 Jan 2013 18:39:13 +0100
Subject: Always put the running interface ip(s) in the list so no issues come
 from it

---
 config/snort/snort.inc | 10 ++++++++++
 1 file changed, 10 insertions(+)

(limited to 'config/snort')

diff --git a/config/snort/snort.inc b/config/snort/snort.inc
index 39d48687..e2695ed4 100755
--- a/config/snort/snort.inc
+++ b/config/snort/snort.inc
@@ -141,6 +141,16 @@ function snort_build_list($snortcfg, $listname = "", $whitelist = false) {
 		}
 	}
 
+	/* Always put snort running interface in the list */
+	$snortip = get_interface_ip($snortcfg['interface']);
+	if (is_ipaddr($snortip))
+		$home_net .= "{$snortip} ";
+	if (function_exists('get_interface_ipv6')) {
+		$snortip = get_interface_ipv6($snortcfg['interface']);
+		if (is_ipaddrv6($snortip))
+			$home_net .= "{$snortip} ";
+	}
+		
 	/*  iterate through interface list and write out whitelist items
 	 *  and also compile a home_net list for snort.
 	 */
-- 
cgit v1.2.3