English Forums > Intrusion Detection and Prevention

Set Home Networks dynamically

(1/1)

tcpip:
Hello,

I have IPS enabled on the WAN interfaces of my OPNsense box. As I have my public IPs (with NAT) directly on the OPNsense, I must add the IPs to the Home networks field. This isn't a problem for my primary WAN link which has a static IP address. However, on my backup link the IP changes every now and then. Is there a way to edit the Home Networks dynamically via a script? It should be doable by editing the HOME_NET variable in the suricata.yaml, I guess. But is there a better way? I think the API does not provide access to the Home Networks setting, at least I do not know how.

Thanks!

tcpip:
I solved this with a Python script and a cron job to check if there was an IP change. On a change I edit a custom YAML config containing the vars and set the current WAN IPs as HOME_NET. After updating the config, the script restarts Suricata.

The_Istar:
Would you be willing to share what you did with us?
So people less good at scripting might use your solution as well? :)

The_Istar:
Anybody else have an idea?

Navigation

[0] Message Index