Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
Intrusion Detection and Prevention
»
Set Home Networks dynamically
« previous
next »
Print
Pages: [
1
]
Author
Topic: Set Home Networks dynamically (Read 2300 times)
tcpip
Newbie
Posts: 22
Karma: 3
Set Home Networks dynamically
«
on:
August 01, 2022, 12:21:46 pm »
Hello,
I have IPS enabled on the WAN interfaces of my OPNsense box. As I have my public IPs (with NAT) directly on the OPNsense, I must add the IPs to the Home networks field. This isn't a problem for my primary WAN link which has a static IP address. However, on my backup link the IP changes every now and then. Is there a way to edit the Home Networks dynamically via a script? It should be doable by editing the HOME_NET variable in the suricata.yaml, I guess. But is there a better way? I think the API does not provide access to the Home Networks setting, at least I do not know how.
Thanks!
«
Last Edit: August 12, 2022, 06:56:46 pm by tcpip
»
Logged
tcpip
Newbie
Posts: 22
Karma: 3
Re: Set Home Networks dynamically
«
Reply #1 on:
August 12, 2022, 07:09:23 pm »
I solved this with a Python script and a cron job to check if there was an IP change. On a change I edit a custom YAML config containing the vars and set the current WAN IPs as HOME_NET. After updating the config, the script restarts Suricata.
Logged
The_Istar
Newbie
Posts: 7
Karma: 0
Re: Set Home Networks dynamically
«
Reply #2 on:
September 28, 2022, 10:32:38 am »
Would you be willing to share what you did with us?
So people less good at scripting might use your solution as well?
Logged
The_Istar
Newbie
Posts: 7
Karma: 0
Re: Set Home Networks dynamically
«
Reply #3 on:
September 29, 2022, 03:36:02 pm »
Anybody else have an idea?
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
Intrusion Detection and Prevention
»
Set Home Networks dynamically
