OPNsense Forum
English Forums => Intrusion Detection and Prevention => Topic started by: tcpip on August 01, 2022, 12:21:46 pm
-
Hello,
I have IPS enabled on the WAN interfaces of my OPNsense box. As I have my public IPs (with NAT) directly on the OPNsense, I must add the IPs to the Home networks field. This isn't a problem for my primary WAN link which has a static IP address. However, on my backup link the IP changes every now and then. Is there a way to edit the Home Networks dynamically via a script? It should be doable by editing the HOME_NET variable in the suricata.yaml, I guess. But is there a better way? I think the API does not provide access to the Home Networks setting, at least I do not know how.
Thanks!
-
I solved this with a Python script and a cron job to check if there was an IP change. On a change I edit a custom YAML config containing the vars and set the current WAN IPs as HOME_NET. After updating the config, the script restarts Suricata.
-
Would you be willing to share what you did with us?
So people less good at scripting might use your solution as well? :)
-
Anybody else have an idea?