For a 3.x package, see snort-nfqueue package.
Search Criteria
Package Details: snort 3.5.0.0-1
Package Actions
| Git Clone URL: | https://aur.archlinux.org/snort.git (read-only, click to copy) |
|---|---|
| Package Base: | snort |
| Description: | A lightweight network IDS /IPS with OpenAppID support. |
| Upstream URL: | https://www.snort.org |
| Licenses: | GPL |
| Submitter: | Snowman |
| Maintainer: | robertfoster |
| Last Packager: | robertfoster |
| Votes: | 65 |
| Popularity: | 0.030460 |
| First Submitted: | 2012-11-16 17:33 (UTC) |
| Last Updated: | 2024-10-30 11:32 (UTC) |
Dependencies (17)
- gperftools (gperftools-gitAUR)
- hwloc
- hyperscan (hyperscan-gitAUR)
- libdaqAUR (libdaq-staticAUR)
- libdnet (libdnet-gitAUR)
- libmnl (libmnl-gitAUR)
- libpcap (libpcap-gitAUR)
- libunwind (libunwind-carbonAUR, libunwind-gitAUR)
- luajit (luajit-2.1-lua52-gitAUR, luajit-gitAUR, luajit-openrestyAUR)
- lz4 (lz4-gitAUR)
- openssl (openssl-gitAUR, openssl-staticAUR)
- pcre
- pulledporkAUR
- xz (xz-gitAUR)
- zlib (zlib-ng-compat-gitAUR, zlib-gitAUR, zlib-ng-compat)
- cmake (cmake-gitAUR) (make)
- pkgconf (pkgconf-gitAUR) (make)
Required by (5)
- barnyard2 (optional)
- oinkmaster
- pulledpork (optional)
- sguil-sensor (optional)
- snort3-extra
Sources (8)
bidulock commented on 2021-06-04 00:16 (UTC)
brnwsl commented on 2021-02-14 21:06 (UTC)
systemd fails to start service as inline using /usr/lib/systemd/system/snort@.service as described in wiki. If I delete "ExecStartPre=/usr/sbin/ip link set up dev %I" the service will start.
[Unit]
Description=Snort IDS system listening on '%I'
[Service]
Type=simple
ExecStartPre=/usr/sbin/ip link set up dev %I
ExecStartPre=/usr/bin/ethtool -K %I gro off
ExecStart=/usr/bin/snort --daq-dir /usr/lib/daq/ -A fast -b -p -u snort -g snort -c /etc/snort/snort.conf -i %I -Q
[Install]
Alias=multi-user.target.wants/snort@%i.service
jaapcrezee commented on 2020-08-08 08:07 (UTC)
This works for me:
# Maintainer: robertfoster
# Contributor: Lukas Fleischer <archlinux at cryptocrack dot de>
# Contributor: Hugo Doria <hugo@archlinux.org>
# Contributor: Kessia 'even' Pinheiro <kessiapinheiro at gmail.com>
# Contributor: dorphell <dorphell@archlinux.org>
# Contributor: Gregor Ibic <gregor.ibic@intelicom.si>
# Contributor: Netboy3
# Contributor: Jaap Crezee <jaap@jcz.nl>
pkgname=snort
pkgver=2.9.16.1
pkgrel=1
pkgdesc='A lightweight network intrusion detection system.'
arch=('i686' 'x86_64' 'armv6h' 'armv7h' 'aarch64' 'arm')
url='http://www.snort.org'
license=('GPL')
depends=('dbus' 'libdaq' 'libdnet' 'libgcrypt' 'libgpg-error' 'libnghttp2' 'libnl' 'libpcap' 'luajit' 'lz4' 'openssl' 'pcre' 'xz' 'zlib')
makedepends=('libtirpc')
backup=('etc/snort/snort.conf'
'etc/snort/threshold.conf'
'etc/snort/reference.config'
'etc/snort/classification.config'
'etc/snort/rules/emerging.conf')
options=('!makeflags' '!libtool')
install='snort.install'
source=("https://www.snort.org/downloads/snort/${pkgname}-${pkgver}.tar.gz"
"http://rules.emergingthreats.net/open/${pkgname}-2.9.0/emerging.rules.tar.gz"
'snort@.service'
)
build() {
cd "${srcdir}/${pkgname}-${pkgver}"
./configure --prefix=/usr \
--sysconfdir=/etc/snort \
--with-libpcap-includes=/usr/include/pcap \
--with-daq-includes=/usr/include \
--with-daq-libraries=/usr/lib/daq/ \
--disable-static-daq \
CPPFLAGS="$CPPFLAGS -I/usr/include/tirpc/"
make
}
package() {
cd "${srcdir}/${pkgname}-${pkgver}"
make DESTDIR="${pkgdir}" install
mkdir -p "${pkgdir}/"{etc/rc.d,etc/snort/rules}
install -d -m755 "${pkgdir}/var/log/snort"
install -D -m644 etc/{*.conf*,*.map} "${pkgdir}/etc/snort/"
cd "${srcdir}/${pkgname}-${pkgver}"
# init service file
install -D -m644 ../snort@.service $pkgdir/usr/lib/systemd/system/snort@.service
sed -i 's#/usr/local/lib/#/usr/lib/#' "${pkgdir}/etc/snort/snort.conf"
# emerginthreats rules
echo 'include $RULE_PATH/emerging.conf' >> "${pkgdir}/etc/snort/snort.conf"
cp ${srcdir}/rules/* "${pkgdir}/etc/snort/rules"
}
md5sums=('ec148a494cde9095fb590a51efa306de'
'SKIP'
'a847030a34396e6b2d1cacd272ad42da'
)
jaapcrezee commented on 2020-08-08 07:53 (UTC)
==> Making package: snort 2.9.16-2 (Sat Aug 8 09:52:46 2020)
==> Retrieving sources...
-> Downloading snort-2.9.16.tar.gz...
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0
curl: (22) The requested URL returned error: 404
==> ERROR: Failure while downloading https://www.snort.org/downloads/snort/snort-2.9.16.tar.gz
Aborting...
Error downloading sources: snort
Netboy3 commented on 2020-05-30 12:41 (UTC)
@Strykar, download links for this package are just fine. You can try them out in the "Sources" section above and see that they work. If you have a problem with a dependent AUR package (like libdaq), then post it in the proper AUR package page, not here (it's not even the same maintainer).
Strykar commented on 2020-05-30 03:24 (UTC)
Download links are outdated, for ex. daq is now at https://www.snort.org/downloads/snort/daq-2.0.7.tar.gz
Netboy3 commented on 2020-05-30 03:02 (UTC)
Build of 2.9.16 now fails with GCC10. See https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=956d614c759705691a0c336c71bc2a176e71a56f for patching 2.9.16 so it can build under GCC10.
eliran commented on 2019-08-18 16:06 (UTC)
curl: (22) The requested URL returned error: 404 ==> ERROR: Failure while downloading https://www.snort.org/downloads/snort/snort-2.9.13.tar.gz
Pinned Comments