suricata: Use HOME_NET declaration from external file

Use the gernerated HOME_NET details from
/var/ipfire/suricata/suricata-homenet.yaml which will be
generated by the WUI.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

diff --git a/config/suricata/suricata.yaml b/config/suricata/suricata.yaml
index 0c0293603f848a142c6f913228326bab401e72a2..8d6ed9ada775494c79496aa169d9f03a5186ec2f 100644 (file)
--- a/config/suricata/suricata.yaml
+++ b/config/suricata/suricata.yaml
@@ -12,11 +12,8 @@
 vars:
   # more specifc is better for alert accuracy and performance
   address-groups:
-    HOME_NET: "[192.168.0.0/16,10.0.0.0/8,172.16.0.0/12]"
-    #HOME_NET: "[192.168.0.0/16]"
-    #HOME_NET: "[10.0.0.0/8]"
-    #HOME_NET: "[172.16.0.0/12]"
-    #HOME_NET: "any"
+    # Include HOME_NET declaration from external file.
+    include /var/ipfire/suricata/suricata-homenet.yaml
 
     EXTERNAL_NET: "!$HOME_NET"
     #EXTERNAL_NET: "any"