[Snort-users] Gentoo Linux Snort Users

Jason Wallace jason.r.wallace at ...11827...
Thu Feb 24 14:35:30 EST 2011


Just wanted to give an update on the current Snort ebuild and the
ebuilds for some snort related packages.

This was committed to portage this afternoon, so it should hit the
mirror near you in the next 24-48 hrs. The ebuild was delayed due to a
bug we found when trying to compile with the dynamicplugins USE flag
disabled. The Sourcefire folks provided a patch for this.

The ebuild is currently stable for amd64 and unstable for x86. The
unstable is due to the prelude package being unstable. I'm considering
yanking support for Prelude from the ebuild. This is something that
should be handled by Barnyard2 anyways. If you are violently opposed
to dropping Prelude support, then shoot me an email. Also, I will
likely drop the ipv6 USE flag in the next version and hard code in
ipv6 support. This is due to the difference between ipv4 and ipv6 and
how that affects ipvar/portvar and var.

I've gotten a number of emails from Gentoo folks looking for
config.log and build.log when working bugs with SF. Since the build
environment gets cleaned up after the package is installed these were
not available. With the ebuild you can now find both of these
files in the "support" directory in the package's doc directory.

This ebuild is currently stable for amd64 and unstable for x86. This
will likely stabilize when Snort does. This version does not have the
buffer_size_mb fix in it. I'll roll an -r1 version to include this fix
some time soon.

This ebuild is marked unstable for both amd64 and x86. The ebuild is
fairly new, that is why it is not stabilized yet. There are some
issues with this ebuild. It currently only supports the database
output plugins and those plugins that get compiled by default. The is
no ipv6 support. Barnyard2 currently does not compile with
--enable-ipv6. I've bugged this upstream.

The above are all in the main portage tree. The following packages
have been committed to the Sunrise Overlay
(http://overlays.gentoo.org/proj/sunrise). I'm working with the dev's
to get these into the main distro tree, but they live in Sunrise for

No known issues.

No known issues. Supports both tap and logging mode in the init scripts.

No known issues.

If you want to help out with any of these packages or you just want
access to them before they are committed to the trees, you can add my
Github repository as an overly https://github.com/wally3514/Gentoo.
This is a development space so YMMV.


More information about the Snort-users mailing list