Project

General

Profile

Actions

Documentation #3222

open

Configuring ipv6

Added by Daniel Vein about 5 years ago. Updated about 5 years ago.

Status:
New
Priority:
Normal
Target version:
Affected Versions:
Effort:
Difficulty:
Label:

Description

suricata.yaml documentation doesn't mention how to set up ipv6 for HOME_NET var or host-os-policy.

For HOME var it shows multiple ipv4 like so: HOME_NET: "[192.168.0.0/16,10.0.0.0/8,172.16.0.0/12]"
As you can see there are no spaces between commas. But if you have HOME_NET: "[192.168.0.0/16,2001:1234:5678:1234::/64]" suricata will fail to start without giving any ERRCODE.
To get it run you need a space after the comma for the ipv4 net like HOME_NET: "[192.168.0.0/16, 2001:1234:5678:1234::/64]"

For host-os-policy: you need to quote the ipv6 net like so

linux: [192.168.0.0/16, "2001:1234:5678:1234::/64"]

I think this should be better documented.

Actions #1

Updated by Andreas Herz about 5 years ago

  • Assignee set to Community Ticket
  • Target version set to TBD

Would you like to contribute the updated documentation?

Actions #2

Updated by Daniel Vein about 5 years ago

I'd love to help any way I can

Actions #3

Updated by Andreas Herz about 5 years ago

That's great, you can read how the best way to contribute should look like here: https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Contributing

Actions

Also available in: Atom PDF