Excluding IPs in HOME_NET?

["Paul Martin" <pmartin () hgvc com>]

I've been wrestling with this for a few days, with little success.  I
currently have my HOME_NET variable set to our internal network (Class
B):

var HOME_NET X.X.0.0/16

However, there are a few IP addresses that we will be doing testing
from, and I don't want Snort to pay any attention to these machines.  I
have tried to redo the HOME_NET variable like - 

var HOME_NET [X.X.0.0/16,!X.X.Y.0/24]  -  to no avail
var HOME_NET [X.X.Y.A, X.X.Y.B, X.X.Y.C]  -  didn't work either

I don't want to run multiple instances of Snort or any other workarounds
like that, I just want Snort to globally ignore traffic coming from a
few specific IP addresses.  Has anyone successfully managed to get this
working?

Paul Martin
Network Technician
Hilton Grand Vacations Co.
(407) 393-3034
pmartin () hgvc com



-------------------------------------------------------
This SF.Net email is sponsored by the new InstallShield X.
> From Windows to Linux, servers to mobile, InstallShield X is the one
installation-authoring solution that does it all. Learn more and
evaluate today! http://www.installshield.com/Dev2Dev/0504
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users