[Snort-users] Snort does not detect attacks
wkitty42 at ...14940...
Sat Feb 22 19:39:33 EST 2014
On 2/22/2014 3:45 PM, Michal Šutta wrote:
> # Setup the network addresses you are protecting
> ipvar HOME_NET 192.168.1.0/24 <http://192.168.1.0/24>
> # Set up the external network addresses. Leave as "any" in most situations
> ipvar EXTERNAL_NET any
these two are conflicting... specifically, EXTERNAL_NET is including your
HOME_NET range within it... you need to fix that... as a guess, at least
ipvar EXTERNAL_NET !$HOME_NET
so that HOME_NET is not included in that blanket "any" range"...
NOTE: No off-list assistance is given without prior approval.
Please keep mailing list traffic on the list unless
private contact is specifically requested and granted.
More information about the Snort-users