Actions
Documentation #3222
openConfiguring ipv6
Affected Versions:
Effort:
Difficulty:
Label:
Description
suricata.yaml documentation doesn't mention how to set up ipv6 for HOME_NET var or host-os-policy.
For HOME var it shows multiple ipv4 like so: HOME_NET: "[192.168.0.0/16,10.0.0.0/8,172.16.0.0/12]"
As you can see there are no spaces between commas. But if you have HOME_NET: "[192.168.0.0/16,2001:1234:5678:1234::/64]" suricata will fail to start without giving any ERRCODE.
To get it run you need a space after the comma for the ipv4 net like HOME_NET: "[192.168.0.0/16, 2001:1234:5678:1234::/64]"
For host-os-policy: you need to quote the ipv6 net like so
linux: [192.168.0.0/16, "2001:1234:5678:1234::/64"]
I think this should be better documented.
Actions