Package Details: snort

Git Clone URL: (read-only, click to copy)
Package Base: snort
Description: A lightweight network intrusion detection system.
Upstream URL:
Licenses: GPL
Submitter: Snowman
Maintainer: robertfoster
Last Packager: robertfoster
Votes: 62
Popularity: 0.094111
First Submitted: 2012-11-16 17:33
Last Updated: 2021-06-26 11:09

Latest Comments

1 2 3 4 5 6 ... Next › Last »

amish commented on 2021-07-02 04:51

@akeller - actually message is wrong. You have to edit this file. /etc/snort/homenet.conf and NOT snort.lua

In most cases you do not need to edit homenet.conf if using private addresses.

akeller commented on 2021-07-02 03:12

pulledpork also probably shouldn't be a requirement since the rules are incompatible with snort3. The requirement should be removed or replaced with pulledpork3

edit: I'm completely new to snort and could be wrong about the compatibility. But that seems to be the case.

akeller commented on 2021-07-02 02:22

The install gives this message:

You have to edit the HOME_NET variable in the /etc/snort/snort.conf file to reflect your local network.

but it seems that the conf file is now /etc/snort/snort.lua

robertfoster commented on 2021-06-10 11:31

@amish you're totally right, apologies. I added your username as contributor

hemitheconyx commented on 2021-06-06 09:21

Is there a reason for !makeflags to be in the options of the PKGBUILD ?

I built without it (meaning I built with my MAKEFLAGS, set to -j8) and it worked fine.

amish commented on 2021-06-06 01:57

Hi robertfoster. You copied everything from my AUR package. Snort-nfqueue.

That is fine. But you didn't mention my name anywhere. i.e. you gave me no credits for studying snort 3 and putting lots of hardwork in configuring it etc.

Thats very bad.

bidulock commented on 2021-06-04 00:16

For a 3.x package, see snort-nfqueue package.

flattymatty commented on 2021-02-14 21:06

systemd fails to start service as inline using /usr/lib/systemd/system/snort@.service as described in wiki. If I delete "ExecStartPre=/usr/sbin/ip link set up dev %I" the service will start.

Description=Snort IDS system listening on '%I'

ExecStartPre=/usr/sbin/ip link set up dev %I
ExecStartPre=/usr/bin/ethtool -K %I gro off
ExecStart=/usr/bin/snort --daq-dir /usr/lib/daq/ -A fast -b -p -u snort -g snort -c /etc/snort/snort.conf -i %I -Q


jaapcrezee commented on 2020-08-08 08:07

This works for me:

# Maintainer: robertfoster
# Contributor: Lukas Fleischer <archlinux at cryptocrack dot de>
# Contributor: Hugo Doria <>
# Contributor: Kessia 'even' Pinheiro <kessiapinheiro at>
# Contributor: dorphell <>
# Contributor: Gregor Ibic <>
# Contributor: Netboy3
# Contributor: Jaap Crezee <>

pkgdesc='A lightweight network intrusion detection system.'
arch=('i686' 'x86_64' 'armv6h' 'armv7h' 'aarch64' 'arm')
depends=('dbus' 'libdaq' 'libdnet' 'libgcrypt' 'libgpg-error' 'libnghttp2' 'libnl' 'libpcap' 'luajit' 'lz4' 'openssl' 'pcre' 'xz' 'zlib')
options=('!makeflags' '!libtool')

build() {
    cd "${srcdir}/${pkgname}-${pkgver}"
    ./configure --prefix=/usr \
    --sysconfdir=/etc/snort \
    --with-libpcap-includes=/usr/include/pcap \
    --with-daq-includes=/usr/include \
    --with-daq-libraries=/usr/lib/daq/ \
    --disable-static-daq \
    CPPFLAGS="$CPPFLAGS -I/usr/include/tirpc/"

package() {
    cd "${srcdir}/${pkgname}-${pkgver}"

    make DESTDIR="${pkgdir}" install

    mkdir -p "${pkgdir}/"{etc/rc.d,etc/snort/rules}

    install -d -m755 "${pkgdir}/var/log/snort"
    install -D -m644 etc/{*.conf*,*.map} "${pkgdir}/etc/snort/"
    cd "${srcdir}/${pkgname}-${pkgver}"

    # init service file
    install -D -m644 ../snort@.service $pkgdir/usr/lib/systemd/system/snort@.service

    sed -i 's#/usr/local/lib/#/usr/lib/#' "${pkgdir}/etc/snort/snort.conf"

    # emerginthreats rules
    echo 'include $RULE_PATH/emerging.conf' >> "${pkgdir}/etc/snort/snort.conf"
    cp ${srcdir}/rules/* "${pkgdir}/etc/snort/rules"


jaapcrezee commented on 2020-08-08 07:53

==> Making package: snort 2.9.16-2 (Sat Aug  8 09:52:46 2020)
==> Retrieving sources...
  -> Downloading snort-2.9.16.tar.gz...
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0
curl: (22) The requested URL returned error: 404 
==> ERROR: Failure while downloading
Error downloading sources: snort