I have some questions about configuration Suricata-IDS

Hello,
I have a CentOS x86_64 server that is Virtualized and its NIC connected to a switch port. Because the server is virtualized and not connected directly to the Internet, my NIC IP is something like 192.168.1.2 and the server NIC is connected to the switch port and then connected to the Internet.
My local and public IPs are:
192.168.1.2
1.2.3.4
In this case:
1- What are the values of HOME_NET and EXTERNAL_NET?
2- Is below configuration OK to protect HTTP, SSH and FTP services?

port-groups:
HTTP_PORTS: “80”
SHELLCODE_PORTS: “!80”
ORACLE_PORTS: 1521
SSH_PORTS: 22
DNP3_PORTS: 20000
MODBUS_PORTS: 502
FILE_DATA_PORTS: “[$HTTP_PORTS,110,143]”
FTP_PORTS: 21
VXLAN_PORTS: 4789
TEREDO_PORTS: 3544

3- What is the value of address: []?

server-config:
- apache:
address:
personality: Apache_2

4- I’m using Linux, how to configure below setting?

host-os-policy:
Make the default policy windows.
windows: [0.0.0.0/0]
bsd:
bsd-right:
old-linux:
linux:
old-solaris:
solaris:
hpux10:
hpux11:
irix:
macos:
vista:
windows2k3:

Thank you.

Based on the provided information:

1. The value of HOME_NET would include the IP addresses that are considered part of your local network, which in this case would be 192.168.1.0/24. The value of EXTERNAL_NET would include all IP addresses that are not part of your local network, which would typically be the public internet. Since your server is not directly connected to the internet and is behind a switch, you might want to include the public IP address 1.2.3.4 in the EXTERNAL_NET variable as well, as it represents external traffic.

2. The configuration for protecting HTTP, SSH, and FTP services appears to be missing. Could you please provide the configuration details for the port-groups section so that I can assess whether it is sufficient for protecting those services?