IDS, selectable home nets as advanced option, for https://github.com/opnsense/core/issues/1793

src/opnsense/mvc/app/controllers/OPNsense/IDS/forms/generalSettings.xml

@@ -37,6 +37,15 @@
         <help><![CDATA[Select interface(s) to use. When enabling IPS, only use physical interfaces here (no vlans etc).]]></help>
         <hint>Type or select interface.</hint>
     </field>
+    <field>
+        <id>ids.general.homenet</id>
+        <label>Home networks</label>
+        <type>select_multiple</type>
+        <style>tokenize</style>
+        <allownew>true</allownew>
+        <help>Networks to interpret as local</help>
+        <advanced>true</advanced>
+    </field>
     <field>
         <id>ids.general.defaultPacketSize</id>
         <label>default packet size</label>

src/opnsense/mvc/app/models/OPNsense/IDS/IDS.xml

@@ -1,6 +1,6 @@
 <model>
     <mount>//OPNsense/IDS</mount>
-    <version>1.0.0</version>
+    <version>1.0.1</version>
     <description>
         OPNsense IDS
     </description>
@@ -118,6 +118,12 @@
                     <enable>/^(?!0).*$/</enable>
                 </filters>
             </interfaces>
+            <homenet type="NetworkField">
+                <Required>N</Required>
+                <FieldSeparator>,</FieldSeparator>
+                <default>192.168.0.0/16,10.0.0.0/8,172.16.0.0/12</default>
+                <asList>Y</asList>
+            </homenet>
             <defaultPacketSize type="IntegerField">
                 <Required>N</Required>
                 <MinimumValue>82</MinimumValue>

src/opnsense/service/templates/OPNsense/IDS/suricata.yaml

@@ -799,7 +799,7 @@ vars:
   # These would be retrieved during the Signature address parsing stage.
   address-groups:
 
-    HOME_NET: "[192.168.0.0/16,10.0.0.0/8,172.16.0.0/12]"
+    HOME_NET: "[{{OPNsense.IDS.general.homenet|default('192.168.0.0/16,10.0.0.0/8,172.16.0.0/12')}}]"
 
     EXTERNAL_NET: "!$HOME_NET"