net-analyzer / snort

The de facto standard for intrusion detection/prevention

Official package sites : https://www.snort.org ·

Snort is an open source network intrusion prevention and detection system (IDS/IPS) developed by Sourcefire. Combining the benefits of signature, protocol, and anomaly-based inspection, Snort is the most widely deployed IDS/IPS technology worldwide. With millions of downloads and approximately 300,000 registered users, Snort has become the de facto standard for IPS.

v2.9.12 :: 0 :: gentoo

Modified
License
GPL-2
Keywords
~amd64 ~arm ~mips ~ppc ~ppc64 ~sparc ~x86
USE flags
active-response control-socket debug file-inspect flexresp3 gre high-availability inline-init-failopen large-pcap-64bit libtirpc linux-smp-stats non-ether-decoders open-appid perfprofiling ppm react reload-error-restart selinux shared-rep side-channel sourcefire static threads

v2.9.8.3-r2 :: 0 :: gentoo

Modified
License
GPL-2
Keywords
~amd64 ~arm ~mips ~ppc ~ppc64 ~sparc ~x86
USE flags
active-response control-socket debug file-inspect flexresp3 gre high-availability inline-init-failopen large-pcap-64bit libtirpc linux-smp-stats non-ether-decoders perfprofiling ppm react reload-error-restart selinux shared-rep side-channel sourcefire static threads

General

active-response
Enables support for automatically sending TCP resets and ICMP unreachable messages to terminate connections. Used with inline deployments.
control-socket
Enables Snort's control socket.
debug
Enable extra debug codepaths, like asserts and extra output. If you want to get meaningful backtraces see https://wiki.gentoo.org/wiki/Project:Quality_Assurance/Backtraces
file-inspect
Enables extended file inspection capabilities.
flexresp3
Enables support for new flexable response preprocessor for enabling connection tearing for inline deployments. Replaces flexresp and flexresp2.
gre
Enable support for inspecting and processing Generic Routing Encapsulation (GRE) packet headders. Only needed if you are monitoring GRE tunnels.
high-availability
Enables high-availability state sharing.
inline-init-failopen
Enables support to allow traffic to pass (fail-open) through inline deployments while snort is starting and not ready to begin inspecting traffic. If this option is not enabled, network traffic will not pass (fail-closed) until snort has fully started and is ready to perform packet inspection.
large-pcap-64bit
Allows Snort to read pcap files that are larger than 2 GB. ONLY VALID FOR 64bit SYSTEMS!
libtirpc
Build against net-libs/libtirpc for RPC support
linux-smp-stats
Enable accurate statistics reporting through /proc on systems with multipule processors.
non-ether-decoders
Enable decoding of non-ethernet protocols such as TokenRing, FDDI, IPX, etc.
open-appid
Enable OpenAppID, an open, application-focused detection language and processing module for Snort that enables users to create, share, and implement application detection. Requires dev-lang/luajit.
perfprofiling
Enables support for preprocessor and rule performance profiling using the perfmonitor preprocessor.
ppm
Enables support for setting per rule or per packet latency limits. Helps protect against introducing network latency with inline deployments.
react
Enables support for the react rule keyword. Supports interception, termination, and redirection of HTTP connections.
reload-error-restart
Enables support for completely restarting snort if an error is detected durring a reload.
selinux
!!internal use only!! Security Enhanced Linux support, this must be set by the selinux profile or breakage will occur
shared-rep
Enables the use of shared memory for the Reputation Preprocessor (Only available on Linux systems)
side-channel
Enables Snort's the side channel.
sourcefire
Enables Sourcefire specific build options, which include --enable-perfprofiling and --enable-ppm.
static
!!do not set this during bootstrap!! Causes binaries to be statically linked instead of dynamically
threads
Add threads support for various packages. Usually pthreads

app-portage / elt-patches : Collection of patches for libtool.eclass

dev-lang / luajit : Just-In-Time Compiler for the Lua programming language

dev-libs / libdnet : simplified, portable interface to several low-level networking routines

dev-libs / libpcre : Perl-compatible regular expression library

net-libs / daq : Data Acquisition library, for packet I/O

net-libs / libnsl : Public client interface for NIS(YP) and NIS+ in a IPv6 ready version

net-libs / libpcap : A system-independent library for user-level network packet capture

net-libs / libtirpc : Transport Independent RPC library (SunRPC replacement)

sys-devel / autoconf : Used to create autoconfiguration files

sys-devel / automake : Used to generate Makefile.in from Makefile.am

sys-devel / libtool : A shared library tool for developers

sys-libs / glibc : GNU libc C library

sys-libs / zlib : Standard (de)compression library

virtual / pkgconfig : Virtual for the pkg-config implementation

dev-lang / luajit : Just-In-Time Compiler for the Lua programming language

dev-libs / libdnet : simplified, portable interface to several low-level networking routines

dev-libs / libpcre : Perl-compatible regular expression library

net-libs / daq : Data Acquisition library, for packet I/O

net-libs / libnsl : Public client interface for NIS(YP) and NIS+ in a IPv6 ready version

net-libs / libpcap : A system-independent library for user-level network packet capture

net-libs / libtirpc : Transport Independent RPC library (SunRPC replacement)

sec-policy / selinux-snort : SELinux policy for snort

sys-libs / glibc : GNU libc C library

sys-libs / zlib : Standard (de)compression library

virtual / tmpfiles : Virtual to select between different tmpfiles.d handlers

net-analyzer / barnyard : Fast output system for Snort

net-analyzer / quidscor : Qualys IDS Correlation Daemon

net-analyzer / sguil-sensor : Sensor part of sguil Network Security Monitoring

363769
net-analyzer/snort 2.9.4.6 needs explicit parameter to find daq
558454
net-analyzer/snort-2.9.7.5 - src/preprocessors/Session/session_common.h:140:5: error: unknown type name 'PreprocEvalFuncNode'
571550
=net-analyzer/snort-2.9.8.0 - WARNING: /var/run/snort is invalid, trying /var/run... // Previous Error, errno=13, (Permission denied)
605362
net-analyzer/snort-2.9.8.3-r1 : installs into paths that should be created at runtime
614826
net-analyzer/snort-2.9.9.0 version bump
691886
net-analyzer/snort-2.9.12 : ../.../util.h:374:21: error: static declaration of gettid follows non-static declaration
Repository mirror & CI · gentoo
Merge updates from master
Sergei Trofimovich · gentoo
net-analyzer/snort: drop old
Main target here is snort-2.9.4.6-r1 which OOMs m4 at src_prepare(). While at it drop EAPI=5 ebuilds and a few older revbumps. Package-Manager: Portage-2.3.56, Repoman-2.3.12 Signed-off-by: Sergei Trofimovich <slyfox@gentoo.org>
Repository mirror & CI · gentoo
Merge updates from master
Thomas Deutschmann · gentoo
net-analyzer/snort: bump to v2.9.12
Closes: https://bugs.gentoo.org/550366 Closes: https://bugs.gentoo.org/618822 Package-Manager: Portage-2.3.52, Repoman-2.3.12 Signed-off-by: Thomas Deutschmann <whissi@gentoo.org>
Michael Mair-Keimberger · gentoo
net-analyzer/snort: use HTTPS, fix SRC_URI
Andreas K. Hüttel · gentoo
net-analyzer/snort: Depend unconditionally on libnsl
Package-Manager: Portage-2.3.13, Repoman-2.3.4
Andreas K. Hüttel · gentoo
net-analyzer/snort: Allow building against libtirpc for rpc support, bug 631314
Closes: https://bugs.gentoo.org/631314 Package-Manager: Portage-2.3.10, Repoman-2.3.3
Robin H. Johnson · gentoo
Drop $Id$ per council decision in bug #611234.
Signed-off-by: Robin H. Johnson <robbat2@gentoo.org>
T. Malfatti · gentoo
media-libs/portaudio: Version bump
Zero_Chaos · gentoo
net-analyzer/snort: remove errant code block which should have been removed as part of USE=-* cleanup
Package-Manager: portage-2.3.1
Sergei Trofimovich · gentoo
net-analyzer/snort: fix USE="-*" build failures, bug #595512
Minimum buildable configurations is: USE="-* targetbased normalizer mpls" Surrounding code assumes availability enums and defines guarded by these flags. Enable them unconditionally. Bug: https://bugs.gentoo.org/595512 Package-Manager: portage-2.3.2
Patrick Lauer · gentoo
net-analyzer/snort: Bump #587194
Package-Manager: portage-2.3.0
Patrick Lauer · gentoo
net-analyzer/snort: Bump
Package-Manager: portage-2.2.28
Patrice Clement · gentoo
Merge remote-tracking branch 'github/pr/503'.
Patrick Lauer · gentoo
net-analyzer/snort: Bump
Package-Manager: portage-2.2.26
Robin H. Johnson · gentoo
proj/gentoo: Initial commit
This commit represents a new era for Gentoo: Storing the gentoo-x86 tree in Git, as converted from CVS. This commit is the start of the NEW history. Any historical data is intended to be grafted onto this point. Creation process: 1. Take final CVS checkout snapshot 2. Remove ALL ChangeLog* files 3. Transform all Manifests to thin 4. Remove empty Manifests 5. Convert all stale $Header$/$Id$ CVS keywords to non-expanded Git $Id$ 5.1. Do not touch files with -kb/-ko keyword flags. Signed-off-by: Robin H. Johnson <robbat2@gentoo.org> X-Thanks: Alec Warner <antarus@gentoo.org> - did the GSoC 2006 migration tests X-Thanks: Robin H. Johnson <robbat2@gentoo.org> - infra guy, herding this project X-Thanks: Nguyen Thai Ngoc Duy <pclouds@gentoo.org> - Former Gentoo developer, wrote Git features for the migration X-Thanks: Brian Harring <ferringb@gentoo.org> - wrote much python to improve cvs2svn X-Thanks: Rich Freeman <rich0@gentoo.org> - validation scripts X-Thanks: Patrick Lauer <patrick@gentoo.org> - Gentoo dev, running new 2014 work in migration X-Thanks: Michał Górny <mgorny@gentoo.org> - scripts, QA, nagging X-Thanks: All of other Gentoo developers - many ideas and lots of paint on the bikeshed