Enhancement #3221

snort HOME_NET should include trusted networks

Added by Filippo Carletti about 6 years ago. Updated about 6 years ago.

Status:CLOSEDStart date:
Priority:NormalDue date:
Assignee:-% Done:

100%

Category:nethserver-snort
Target version:v6.6
Resolution: NEEDINFO:No

Description

HOME_NET snort var is defined as green networks, but I think that all trusted networks should be included.

Associated revisions

Revision 02c5e2cb
Added by Giacomo Sanchietti about 6 years ago

Config: use trusted networks for HOME_NET var. Refs #3221

History

#1 Updated by Giacomo Sanchietti about 6 years ago

  • Status changed from NEW to TRIAGED
  • % Done changed from 0 to 20

#2 Updated by Giacomo Sanchietti about 6 years ago

  • Status changed from TRIAGED to ON_DEV
  • Assignee set to Giacomo Sanchietti
  • % Done changed from 20 to 30

#3 Updated by Giacomo Sanchietti about 6 years ago

  • Status changed from ON_DEV to MODIFIED
  • % Done changed from 30 to 60

#4 Updated by Giacomo Sanchietti about 6 years ago

  • Status changed from MODIFIED to ON_QA
  • Assignee deleted (Giacomo Sanchietti)
  • % Done changed from 60 to 70
Package in nethserver-testing:
  • nethserver-snort-1.0.1-1.2.g02c5e2c.ns6.noarch.rpm
Test case
  • Create a server with at least two green interfaces
  • Add a trusted networks
  • Check all networks are present inside the HOME_NET variable in /etc/snort/snort.conf file

#5 Updated by Filippo Carletti about 6 years ago

  • Status changed from ON_QA to VERIFIED
  • % Done changed from 70 to 90
# grep "var HOME_NET" /etc/snort/snort.conf
var HOME_NET [192.168.56.0/24]
...
Updated:
  nethserver-snort.noarch 0:1.0.1-1.2.g02c5e2c.ns6
...
# grep "var HOME_NET" /etc/snort/snort.conf
var HOME_NET [127.0.0.1/32,192.168.56.0/24,192.169.0.0/16]

service snortd restart
and snort still running :-)

#6 Updated by Giacomo Sanchietti about 6 years ago

  • Status changed from VERIFIED to CLOSED
  • % Done changed from 90 to 100
Released in nethserver-updates:
  • nethserver-snort-1.0.2-1.ns6.noarch.rpm

Also available in: Atom PDF