net-analyzer / snort

The de facto standard for intrusion detection/prevention

Official package sites : https://www.snort.org ·

Snort is an open source network intrusion prevention and detection system (IDS/IPS) developed by Sourcefire. Combining the benefits of signature, protocol, and anomaly-based inspection, Snort is the most widely deployed IDS/IPS technology worldwide. With millions of downloads and approximately 300,000 registered users, Snort has become the de facto standard for IPS.

v2.9.20 :: 0 :: gentoo

Modified
License
GPL-2
Keywords
~amd64 ~arm ~arm64 ~mips ~ppc ~ppc64 ~sparc ~x86
USE flags
active-response control-socket debug file-inspect flexresp3 gre high-availability inline-init-failopen large-pcap-64bit libtirpc linux-smp-stats non-ether-decoders open-appid perfprofiling ppm react reload-error-restart selinux shared-rep side-channel sourcefire threads

General

active-response
Enables support for automatically sending TCP resets and ICMP unreachable messages to terminate connections. Used with inline deployments.
control-socket
Enables Snort's control socket.
debug
Enable extra debug codepaths, like asserts and extra output. If you want to get meaningful backtraces see https://wiki.gentoo.org/wiki/Project:Quality_Assurance/Backtraces
file-inspect
Enables extended file inspection capabilities.
flexresp3
Enables support for new flexable response preprocessor for enabling connection tearing for inline deployments. Replaces flexresp and flexresp2.
gre
Enable support for inspecting and processing Generic Routing Encapsulation (GRE) packet headers. Only needed if you are monitoring GRE tunnels.
high-availability
Enables high-availability state sharing.
inline-init-failopen
Enables support to allow traffic to pass (fail-open) through inline deployments while snort is starting and not ready to begin inspecting traffic. If this option is not enabled, network traffic will not pass (fail-closed) until snort has fully started and is ready to perform packet inspection.
large-pcap-64bit
Allows Snort to read pcap files that are larger than 2 GB. ONLY VALID FOR 64bit SYSTEMS!
libtirpc
Build against net-libs/libtirpc for RPC support
linux-smp-stats
Enable accurate statistics reporting through /proc on systems with multiple processors.
non-ether-decoders
Enable decoding of non-ethernet protocols such as TokenRing, FDDI, IPX, etc.
open-appid
Enable OpenAppID, an open, application-focused detection language and processing module for Snort that enables users to create, share, and implement application detection. Requires dev-lang/luajit.
perfprofiling
Enables support for preprocessor and rule performance profiling using the perfmonitor preprocessor.
ppm
Enables support for setting per rule or per packet latency limits. Helps protect against introducing network latency with inline deployments.
react
Enables support for the react rule keyword. Supports interception, termination, and redirection of HTTP connections.
reload-error-restart
Enables support for completely restarting snort if an error is detected during a reload.
selinux
!!internal use only!! Security Enhanced Linux support, this must be set by the selinux profile or breakage will occur
shared-rep
Enables the use of shared memory for the Reputation Preprocessor (Only available on Linux systems)
side-channel
Enables Snort's side channel.
sourcefire
Enables Sourcefire specific build options, which include --enable-perfprofiling and --enable-ppm.
threads
Add threads support for various packages. Usually pthreads

lua_single_target

luajit
Build for LuaJIT only

acct-group / snort : System group: snort

acct-user / snort : User for snort

dev-lang / luajit : Just-In-Time Compiler for the Lua programming language

dev-libs / libdnet : Simplified, portable interface to several low-level networking routines

dev-libs / libpcre : Perl-compatible regular expression library

net-libs / libnsl : Public client interface for NIS(YP) in a IPv6 ready version

net-libs / libpcap : A system-independent library for user-level network packet capture

net-libs / libtirpc : Transport Independent RPC library (SunRPC replacement)

sys-libs / glibc : GNU libc C library

sys-libs / zlib : Standard (de)compression library

acct-group / snort : System group: snort

acct-user / snort : User for snort

dev-lang / luajit : Just-In-Time Compiler for the Lua programming language

dev-libs / libdnet : Simplified, portable interface to several low-level networking routines

dev-libs / libpcre : Perl-compatible regular expression library

net-libs / libnsl : Public client interface for NIS(YP) in a IPv6 ready version

net-libs / libpcap : A system-independent library for user-level network packet capture

net-libs / libtirpc : Transport Independent RPC library (SunRPC replacement)

sec-policy / selinux-snort : SELinux policy for snort

sys-libs / glibc : GNU libc C library

sys-libs / zlib : Standard (de)compression library

virtual / tmpfiles : Virtual to select between different tmpfiles.d handlers

net-analyzer / barnyard : Fast output system for Snort

363769
net-analyzer/snort 2.9.4.6 needs explicit parameter to find daq
571550
=net-analyzer/snort-2.9.8.0 - WARNING: /var/run/snort is invalid, trying /var/run... // Previous Error, errno=13, (Permission denied)
773343
net-analyzer/snort-2.9.16-r100 undefined symbol: SSLHAPostConfigInit
784074
net-analyzer/snort-2.9.17 snort -c /etc/snort/snort.conf => undefined symbol: SSLHAPostConfigInit
899930
net-analyzer/snort-2.9.20 has implicit function declarations in configure logs (GCC-13-SYSTEM)
918617
net-analyzer/snort: IP geolocation rule circumvention
921185
net-analyzer/snort-2.9.20 fails to compile (GCC-14-SYSTEM): dce2_smb.c:6932:60: error: pointer type mismatch in conditional expression [-Wincompatible-pointer-types]
928296
net-analyzer/snort: version bump 3.1.83.0
934152
net-analyzer/snort-2.9.20 fails to compile: fcntl2.h:50:11: error: call to __open_missing_mode declared with attribute error: open with O_CREAT or O_TMPFILE in second argument needs 3 arguments
943927
net-analyzer/snort-2.9.20 - [libtool] [gcc-15] file_decomp_PDF.c: error: conflicting types for File_Decomp_PDF; have fd_status_t(struct fd_session_s ) {aka enum fd_status
945295
net-analyzer/snort-2.9.20 fails to compile: getopt_long.c:293:23: error: too many arguments to function getenv
Repository mirror & CI · gentoo
Merge updates from master
Eli Schwartz · gentoo
net-analyzer/snort: update EAPI 7 -> 8
Signed-off-by: Eli Schwartz <eschwartz93@gmail.com> Signed-off-by: Sam James <sam@gentoo.org>
Eli Schwartz · gentoo
net-analyzer/snort: add 2.9.20
Upstream update fixes the misnamed USE=debug code. Fails to fix anything else... they did add some code to handle libtirpc. It looks like this: ``` ################################################## # Centos 8+ does not have inbuilt SunRPC support # # in glibc and is separately availble in tirpc # # package. Make sure we've got the library and # # link it # ################################################## if test -f /etc/centos-release ; then [...] ``` Obviously this doesn't work... There is also a snort 3.x which may be better but it looks like a lot more work to package, and upstream still lists both as "stable releases"? Signed-off-by: Eli Schwartz <eschwartz93@gmail.com> Signed-off-by: Sam James <sam@gentoo.org>
Eli Schwartz · gentoo
net-analyzer/snort: mark as LTO-unsafe, strict-aliasing unsafe
Closes: https://bugs.gentoo.org/861239 Signed-off-by: Eli Schwartz <eschwartz93@gmail.com> Signed-off-by: Sam James <sam@gentoo.org>
Repository mirror & CI · gentoo
Merge updates from master
Sam James · gentoo
net-analyzer/snort: drop 2.9.17
Signed-off-by: Sam James <sam@gentoo.org>
Repository mirror & CI · gentoo
Merge updates from master
Repository mirror & CI · gentoo
Merge updates from master
John Helmert III · gentoo
net-analyzer/snort: drop 2.9.16, 2.9.16-r100
Bug: https://bugs.gentoo.org/765466 Signed-off-by: John Helmert III <ajak@gentoo.org>
Repository mirror & CI · gentoo
Merge updates from master
Sam James · gentoo
net-analyzer/snort: multilib--
Signed-off-by: Sam James <sam@gentoo.org>
Repository mirror & CI · gentoo
Merge updates from master
Repository mirror & CI · gentoo
Merge updates from master
Sam James · gentoo
net-analyzer/snort: multilib--
Signed-off-by: Sam James <sam@gentoo.org>
Repository mirror & CI · gentoo
Merge updates from master
Sam James · gentoo
net-analyzer/snort: forcefully remove .la files
Fixes build with slibtool where they don't exist in the first place. Closes: https://bugs.gentoo.org/775179 Signed-off-by: Sam James <sam@gentoo.org>
Alessandro Barbieri · gentoo
net-analyzer/snort: fix ip path
Closes: https://bugs.gentoo.org/792297 Package-Manager: Portage-3.0.15, Repoman-3.0.2 Signed-off-by: Alessandro Barbieri <lssndrbarbieri@gmail.com> Closes: https://github.com/gentoo/gentoo/pull/19699 Signed-off-by: Sam James <sam@gentoo.org>
John Helmert III · gentoo
net-analyzer/snort: drop 2.9.15
Closes: https://github.com/gentoo/gentoo/pull/19071 Package-Manager: Portage-3.0.13, Repoman-3.0.2 Signed-off-by: John Helmert III <ajak@gentoo.org>
John Helmert III · gentoo
net-analyzer/snort: add 2.9.17
Drop GCC 10 patch, unconditionally disable static, convert to GLEP 81. Bug: https://bugs.gentoo.org/765466 Closes: https://bugs.gentoo.org/781365 Package-Manager: Portage-3.0.13, Repoman-3.0.2 Signed-off-by: John Helmert III <ajak@gentoo.org>
Repository mirror & CI · gentoo
Merge updates from master
Andreas K. Huettel · gentoo
net-analyzer/snort: Remove old
Bug: https://bugs.gentoo.org/706858 Package-Manager: Portage-3.0.12, Repoman-3.0.2 Signed-off-by: Andreas K. Huettel <dilfridge@gentoo.org>
Repository mirror & CI · gentoo
Merge updates from master
Sam James · gentoo
net-analyzer/snort: Keyword 2.9.16-r100 arm64, #728712
Signed-off-by: Sam James <sam@gentoo.org>
Repository mirror & CI · gentoo
Merge updates from master
Marek Szuba · gentoo
net-analyzer/snort: migrate to lua-single.eclass
Only supports luajit so simple enough. Closes: https://bugs.gentoo.org/752783 Signed-off-by: Marek Szuba <marecki@gentoo.org>
Repository mirror & CI · gentoo
Merge updates from master
Jeroen Roovers · gentoo
net-analyzer/snort: Version 2.9.16
Package-Manager: Portage-2.3.99, Repoman-2.3.22 Signed-off-by: Jeroen Roovers <jer@gentoo.org>
Repository mirror & CI · gentoo
Merge updates from master
Michał Górny · gentoo
*/*: Bump copyright on files touched this year
Update the copyright notice on all files that were touched since January 1st but did not have the notice updated. Signed-off-by: Michał Górny <mgorny@gentoo.org>
Repository mirror & CI · gentoo
Merge updates from master
David Seifert · gentoo
net-analyzer/snort: [QA] Fix UnnecessarySlashStrip
Signed-off-by: David Seifert <soap@gentoo.org>
Repository mirror & CI · gentoo
Merge updates from master
Jeroen Roovers · gentoo
net-analyzer/snort: Fix CFLAGS=-fno-common
While there, drop a couple of ineffective sed scripts. Package-Manager: Portage-2.3.86, Repoman-2.3.20 Closes: https://bugs.gentoo.org/show_bug.cgi?id=706858 Signed-off-by: Jeroen Roovers <jer@gentoo.org>
Repository mirror & CI · gentoo
Merge updates from master
Jeroen Roovers · gentoo
net-analyzer/snort: Version 2.9.15.1
Package-Manager: Portage-2.3.84, Repoman-2.3.20 Closes: https://bugs.gentoo.org/691886 Signed-off-by: Jeroen Roovers <jer@gentoo.org>
Repository mirror & CI · gentoo
Merge updates from master
Jeroen Roovers · gentoo
net-analyzer/snort: Version 2.9.15
Package-Manager: Portage-2.3.81, Repoman-2.3.20 Signed-off-by: Jeroen Roovers <jer@gentoo.org>
Repository mirror & CI · gentoo
Merge updates from master
Sergei Trofimovich · gentoo
net-analyzer/snort: drop old
Main target here is snort-2.9.4.6-r1 which OOMs m4 at src_prepare(). While at it drop EAPI=5 ebuilds and a few older revbumps. Package-Manager: Portage-2.3.56, Repoman-2.3.12 Signed-off-by: Sergei Trofimovich <slyfox@gentoo.org>
Repository mirror & CI · gentoo
Merge updates from master
Thomas Deutschmann · gentoo
net-analyzer/snort: bump to v2.9.12
Closes: https://bugs.gentoo.org/550366 Closes: https://bugs.gentoo.org/618822 Package-Manager: Portage-2.3.52, Repoman-2.3.12 Signed-off-by: Thomas Deutschmann <whissi@gentoo.org>
Michael Mair-Keimberger · gentoo
net-analyzer/snort: use HTTPS, fix SRC_URI
Andreas K. Hüttel · gentoo
net-analyzer/snort: Depend unconditionally on libnsl
Package-Manager: Portage-2.3.13, Repoman-2.3.4
Andreas K. Hüttel · gentoo
net-analyzer/snort: Allow building against libtirpc for rpc support, bug 631314
Closes: https://bugs.gentoo.org/631314 Package-Manager: Portage-2.3.10, Repoman-2.3.3
Robin H. Johnson · gentoo
Drop $Id$ per council decision in bug #611234.
Signed-off-by: Robin H. Johnson <robbat2@gentoo.org>
T. Malfatti · gentoo
media-libs/portaudio: Version bump
Zero_Chaos · gentoo
net-analyzer/snort: remove errant code block which should have been removed as part of USE=-* cleanup
Package-Manager: portage-2.3.1
Sergei Trofimovich · gentoo
net-analyzer/snort: fix USE="-*" build failures, bug #595512
Minimum buildable configurations is: USE="-* targetbased normalizer mpls" Surrounding code assumes availability enums and defines guarded by these flags. Enable them unconditionally. Bug: https://bugs.gentoo.org/595512 Package-Manager: portage-2.3.2
Patrick Lauer · gentoo
net-analyzer/snort: Bump #587194
Package-Manager: portage-2.3.0
Patrick Lauer · gentoo
net-analyzer/snort: Bump
Package-Manager: portage-2.2.28
Patrice Clement · gentoo
Merge remote-tracking branch 'github/pr/503'.
Patrick Lauer · gentoo
net-analyzer/snort: Bump
Package-Manager: portage-2.2.26
Robin H. Johnson · gentoo
proj/gentoo: Initial commit
This commit represents a new era for Gentoo: Storing the gentoo-x86 tree in Git, as converted from CVS. This commit is the start of the NEW history. Any historical data is intended to be grafted onto this point. Creation process: 1. Take final CVS checkout snapshot 2. Remove ALL ChangeLog* files 3. Transform all Manifests to thin 4. Remove empty Manifests 5. Convert all stale $Header$/$Id$ CVS keywords to non-expanded Git $Id$ 5.1. Do not touch files with -kb/-ko keyword flags. Signed-off-by: Robin H. Johnson <robbat2@gentoo.org> X-Thanks: Alec Warner <antarus@gentoo.org> - did the GSoC 2006 migration tests X-Thanks: Robin H. Johnson <robbat2@gentoo.org> - infra guy, herding this project X-Thanks: Nguyen Thai Ngoc Duy <pclouds@gentoo.org> - Former Gentoo developer, wrote Git features for the migration X-Thanks: Brian Harring <ferringb@gentoo.org> - wrote much python to improve cvs2svn X-Thanks: Rich Freeman <rich0@gentoo.org> - validation scripts X-Thanks: Patrick Lauer <patrick@gentoo.org> - Gentoo dev, running new 2014 work in migration X-Thanks: Michał Górny <mgorny@gentoo.org> - scripts, QA, nagging X-Thanks: All of other Gentoo developers - many ideas and lots of paint on the bikeshed