diff options
Diffstat (limited to 'net/snort3/files/snort.config')
| -rw-r--r-- | net/snort3/files/snort.config | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/net/snort3/files/snort.config b/net/snort3/files/snort.config index 5567ef464..b7d379010 100644 --- a/net/snort3/files/snort.config +++ b/net/snort3/files/snort.config @@ -13,7 +13,7 @@ # your lan range, default is '192.168.1.0/24' # external_net - IP range external to home. Usually 'any', but if you only # care about true external hosts (trusting all lan devices), -# then '!$HOMENET' or some specific range +# then '!$HOME_NET' or some specific range # mode - 'ids' or 'ips', for detection-only or prevention, respectively # oinkcode - https://www.snort.org/oinkcodes # config_dir - Location of the base snort configuration files. Default /etc/snort @@ -28,6 +28,7 @@ # action - 'alert', 'block', 'reject' or 'drop' # method - 'pcap', 'afpacket' or 'nfq' # snaplen - int daq.snaplen = 1518: set snap length (same as -s) { 0:65535 } +# include - User-defined snort configuration, applied at end of generated snort.lua # # nfq - https://github.com/snort3/libdaq/blob/master/modules/nfq/README.nfq.md # queue_maxlen - nfq's '--daq-var queue_maxlen=int' @@ -61,6 +62,7 @@ config snort 'snort' option action 'alert' # one of [alert, block, drop, reject] option interface 'eth0' # a string option snaplen '1518' # 1518 <= x <= 65535 + option include '' # a path string config nfq 'nfq' option queue_count '4' # 1 <= x <= 16 |