[Snort-users] DMZ and NAT

Erek Adams erek at ...950...
Fri Jun 27 16:00:10 EDT 2003

On Fri, 27 Jun 2003, Roelf Schreurs wrote:

> I have a DMZ and run snort on both firewals. I always get alerts when
> people from the inside use the internet.
> How do I specify that no alertt should be done if my DMZ's IP's are the
> source?

Make sure you have your HOME_NET set correctly.  The default snort.conf
comes with HOME_NET set to 'any'.  You need it set to the value of your
"inside" network.


Erek Adams

   "When things get weird, the weird turn pro."   H.S. Thompson

More information about the Snort-users mailing list