From 6eb7ddf66bf8f40a8981a25353bc8a99558eefcd Mon Sep 17 00:00:00 2001
From: Ermal <eri@pfsense.org>
Date: Tue, 29 Jan 2013 17:19:26 +0100
Subject: Use subnet of interface here to have HOME_NET set properly

---
 config/snort/snort.inc | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

(limited to 'config/snort')

diff --git a/config/snort/snort.inc b/config/snort/snort.inc
index ace1c89c..dede1f1d 100755
--- a/config/snort/snort.inc
+++ b/config/snort/snort.inc
@@ -147,8 +147,13 @@ function snort_build_list($snortcfg, $listname = "", $whitelist = false) {
 		$home_net .= "{$snortip} ";
 	if (function_exists('get_interface_ipv6')) {
 		$snortip = get_interface_ipv6($snortcfg['interface']);
-		if (is_ipaddrv6($snortip))
-			$home_net .= "{$snortip} ";
+		if (is_ipaddrv6($snortip)) {
+			if ($whitelist === false) {
+				$sn = get_interface_subnet($int);
+				$home_net .= "{$subnet}/{$sn} ";
+			} else
+				$home_net .= "{$subnet} ";
+		}
 	}
 		
 	/*  iterate through interface list and write out whitelist items
-- 
cgit v1.2.3