suricata HOME_NET should contain RED interfaces

[filippocarletti]

The HOME_NET variable lists green and local networks, but it should also contain all the red networks.
Observed problem:

1. transparent proxy on port 80
2. ids rule like alert http $HOME_NET any -> $EXTERNAL_NET any
3. rule can't fire because the connection goes from nethserver red to net, but nethserver red is not in $HOME_NET

Adding the red address to HOME_NET the rule fires.

[gsanchietti]

In nethserver-testing:
nethserver-suricata-1.0.0-1.4.g6790b2a.ns7.noarch.rpm

Test case
Check all IP of red static network interfaces are added to HOME_NET

[filippocarletti]

# diff old /etc/suricata/suricata.yaml 
26c26
<     HOME_NET: "[127.0.0.1/32,10.9.9.0/24,192.168.147.0/24,192.168.5.0/24,192.168.6.0/24]"
---
>     HOME_NET: "[127.0.0.1/32,10.9.9.0/24,192.168.147.0/24,192.168.5.0/24,192.168.6.0/24,93.57.48.64/29]"

[filippocarletti]

# find /etc/e-smith/events/trusted-networks-modify/ -type f | grep suricata
/etc/e-smith/events/trusted-networks-modify/services2adjust/suricata
/etc/e-smith/events/trusted-networks-modify/templates2expand/etc/suricata/suricata.yaml

[gsanchietti]

Released:
nethserver-suricata-1.0.1-1.ns7.noarch.rpm

[gsanchietti]

In nethserver-testing:
nethserver-suricata-1.0.0-1.4.g6790b2a.ns7.noarch.rpm

Test case
Check all IP of red static network interfaces are added to HOME_NET

[filippocarletti]

# diff old /etc/suricata/suricata.yaml 
26c26
<     HOME_NET: "[127.0.0.1/32,10.9.9.0/24,192.168.147.0/24,192.168.5.0/24,192.168.6.0/24]"
---
>     HOME_NET: "[127.0.0.1/32,10.9.9.0/24,192.168.147.0/24,192.168.5.0/24,192.168.6.0/24,93.57.48.64/29]"

[filippocarletti]

# find /etc/e-smith/events/trusted-networks-modify/ -type f | grep suricata
/etc/e-smith/events/trusted-networks-modify/services2adjust/suricata
/etc/e-smith/events/trusted-networks-modify/templates2expand/etc/suricata/suricata.yaml

[gsanchietti]

Released:
nethserver-suricata-1.0.1-1.ns7.noarch.rpm