Home network in IDS/IPS

[hushcoden]

Could someone explain why the IDS/IPS should know the local IP addresses? What if I'd' leave that field empty ?

Tia.

[XeroX]

Define custom home networks, when different than an RFC1918 network. In some cases, people tend to enable IDPS on a wan interface behind NAT (Network Address Translation), in which case Suricata would only see translated addresses in stead of internal ones. Using this option, you can define which addresses Suricata should consider local

https://docs.opnsense.org/manual/ips.html?highlight=suricata#advanced-options

[hushcoden]

Thanks, I actually read that, and I understand that way when you look at the logs you have a clear idea of the traffic in/out... and my question is: would Suricata still work properly even not knowing the local IP addresses?

[XeroX]

Yes as long your ip range is within RFC1918 according to the description.