Package Details: snort 3.1.78.0-1

Git Clone URL: https://aur.archlinux.org/snort.git (read-only, click to copy)
Package Base: snort
Description: A lightweight network IDS /IPS with OpenAppID support.
Upstream URL: https://www.snort.org
Licenses: GPL
Submitter: Snowman
Maintainer: robertfoster
Last Packager: robertfoster
Votes: 64
Popularity: 0.037324
First Submitted: 2012-11-16 17:33 (UTC)
Last Updated: 2024-02-06 15:57 (UTC)

Pinned Comments

Latest Comments

1 2 3 4 5 6 .. 10 Next › Last »

slepy8 commented on 2023-06-29 13:01 (UTC)

Looks like openappid has been changed to 33380

Bh289 commented on 2023-06-29 08:12 (UTC)

==> Making package: snort 3.1.62.0-1 (Thursday 29 June 2023 01:22:28 PM) ==> Checking runtime dependencies... ==> Checking buildtime dependencies... ==> Retrieving sources... -> Found snort3-3.1.62.0.tar.gz -> Downloading snort-openappid-26425.tar.gz... % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0 curl: (22) The requested URL returned error: 404 ==> ERROR: Failure while downloading https://snort.org/downloads/openappid/26425 Aborting... -> error making: snort-exit status 1 -> Failed to install the following packages. Manual intervention is required:

the following openappid has been removed _openappid=26425

JohnRobson commented on 2023-05-20 03:45 (UTC)

[ 24%] Building CXX object src/js_norm/CMakeFiles/js_norm.dir/js_pdf_norm.cc.o
In file included from /tmp/yay/snort/src/snort3-3.1.58.0/src/js_norm/js_identifier_ctx.cc:24:
/tmp/yay/snort/src/snort3-3.1.58.0/src/js_norm/js_identifier_ctx.h:59:36: error: ‘uint32_t’ has not been declared
   59 |     JSIdentifierCtx(int32_t depth, uint32_t max_scope_depth,
      |                                    ^~~~~~~~
/tmp/yay/snort/src/snort3-3.1.58.0/src/js_norm/js_identifier_ctx.h:79:9: error: ‘uint8_t’ does not name a type
   79 |         uint8_t type = 0;

randomxusr commented on 2023-04-13 00:05 (UTC)

Failing for myself using Paru.

DAQ_Msg_h does not name a type

and DAQ_PKT_FLAG_SIGNIFICANT_GROUPS was not declared in this scope.

Is this an issue with the PKGBUILD?

DanSman commented on 2023-03-06 19:10 (UTC)

Hey

Just testing snort and get the following errors:

ERROR: file_magic.rules:14 can't compile content ''
...
ERROR: /etc/snort/rules/snort.rules:105 can't compile content ''
...

I'm new to snort and I'm not sure what the issue is. I can't find anything helpful in the www so I thought it might be related to the package here?

graysky commented on 2022-12-05 15:45 (UTC)

@robertfoster - you have some omissions in your PKGBUILD. The rules are broken and homenet.lua does not get read. Please see how amish is doing it in the snort-nfqueue package.

amish commented on 2022-12-05 12:03 (UTC)

@graysky - Extremely sorry. I mixed up with a snort package (snort-nfqueue) that I maintain with this package which you are using (snort without nfqueue).

This snort package took over lots of PKGBUILD config from snort-nfqueue, but it seems it was partly picked up.

The package maintainer here seems to have removed the "sed" commands which adds support for homenet.lua.

If you want then you may have a look at snort-nfqueue AUR package. https://aur.archlinux.org/packages/snort-nfqueue

graysky commented on 2022-12-05 10:41 (UTC)

Here is what I get on a freshly built package in /etc/snort/snort.lua under section 1


-- HOME_NET and EXTERNAL_NET must be set now
-- setup the network addresses you are protecting
HOME_NET = 'any'

-- set up the external network addresses.
-- (leave as "any" in most situations)
EXTERNAL_NET = 'any'

include 'snort_defaults.lua'

No reference to /etc/snort/homenet.lua and both variables are not commented out.

amish commented on 2022-12-05 04:21 (UTC)

@graysky. Its not default, the lines (which you think are default) are commented lines and include statement is placed there instead, which actually defines those variables.