macOS
brew install snortlocal Homebrew formula metadata
sudo port install snortMacPorts ports tree · net/snort/Portfile · 来源: api.github.com
安装
brew install snortlocal Homebrew formula metadata
sudo port install snortMacPorts ports tree · net/snort/Portfile · 来源: api.github.com
sudo apk add snortAlpine Linux edge package indexes · snort · 来源: dl-cdn.alpinelinux.org
nix profile install nixpkgs#snortnixpkgs package indexes · pkgs/by-name/sn/snort/package.nix · 来源: api.github.com
sudo apt install snortUbuntu 24.04 LTS package indexes · snort · 来源: archive.ubuntu.com
概览
Flexible Network Intrusion Detection System
历史
Snort is a long-running open-source intrusion detection and prevention system whose command-line engine, rule language, and packaging history make it one of the canonical security tools in Unix and network-operations package collections.
Snort's official GPL page carries Martin Roesch copyrights beginning in 1998, and Snort's own site describes it as an open-source IPS capable of real-time traffic analysis and packet logging. The project evolved from a packet sniffer and logger into a rule-driven network IDS/IPS with community and subscriber rules.
Snort 3, also known in the repository README as Snort++, was officially released on January 19, 2021 as version 3.1.0.0 after more than seven years of development. The official announcement describes a ground-up rework with faster rules, more user control, multi-environment support, multi-threaded packet processing, Lua configuration, pluggable components, service autodetection, sticky buffers, and autogenerated reference documentation.
Snort has a package-manager footprint because it is both a classic open-source security engine and an operational dependency for labs, appliances, training environments, and production sensors. The supplied package metadata lists Homebrew, Alpine, MacPorts, Nix, and Ubuntu packaging, while Snort.org points users to source releases, GitHub code, rule downloads, setup guides, and the Snort 3 manual.
Snort is used as a packet sniffer, packet logger, network intrusion detection system, and inline prevention system. Snort 3 users typically build or install the engine, configure Lua files such as `snort.lua`, add rule sets, validate the configuration, then run against live interfaces or PCAP files with alert output suitable for analysts and automation.
Package nerds care about Snort because it exercises nearly every hard part of packaging security software: libpcap/DAQ integration, LuaJIT configuration, C++ build requirements, rule data that changes independently from the engine, optional acceleration libraries, service files, sample configs, and upgrades between major rule-engine generations.
安全态势
broad file, network, media, or database tool signal.
blue 风险 · 中 置信度 · tool
在无人值守的代理使用前,请检查该工具是否读取明文凭据、写入远程状态、发布制品或调用插件。
local files
These source-backed paths show where this package keeps local settings or durable credentials. Automic Vault can use them as review targets for secret scanning, migration, and command approval.
Config paths the tool may read or write during local use.
snort.luasnort_defaults.lua可执行文件
| 命令 | 类型 | 暴露范围 | 备注 |
|---|---|---|---|
appid_detector_builder.sh | cli | 全局可执行文件 | |
show_flows | cli | 全局可执行文件 | |
snort | cli | 全局可执行文件 | |
snort2lua | cli | 全局可执行文件 | |
u2boat | cli | 全局可执行文件 | |
u2spewfoo | cli | 全局可执行文件 |
新鲜度
这些信号区分页生成时间、软件包管理器活动和上游发布比较。只有存在证据 URL 和可比较版本时,才会提示版本落后。
https://github.com/snort3/snort3
安装元数据
| 软件包键 | brew:snort |
|---|---|
| 版本 | 3.12.2.0 |
| 软件包管理器 | Homebrew |
| 软件包管理器页面 | https://formulae.brew.sh/formula/snort |
| 主页 | https://www.snort.org |
| 仓库 | https://github.com/snort3/snort3 |
| 上游文档 | https://docs.snort.org/rules |
| 许可证 | GPL-2.0-only |
| 源码归档 | https://github.com/snort3/snort3/archive/refs/tags/3.12.2.0.tar.gz |
| 最后更新 | 2026-06-27T17:38:03-04:00 |
| Pulse | updated |
| 依赖 | daq, hwloc, jemalloc, libdnet, libpcap, luajit, openssl@3, pcre2, vectorscan, xz |
| 构建依赖 | cmake, flex, pkgconf |
| Bottle | 可用 (于 arm64_linux, arm64_sequoia, arm64_sonoma, arm64_tahoe, sonoma, x86_64_linux) |
| Homebrew post-install | 未定义 |
| 服务 | 未声明 |
| 注意事项 | For snort to be functional, you need to update the permissions for /dev/bpf* so that they can be read by non-root users. This can be done manually using: sudo chmod o+r /dev/bpf* or you could create a startup item to do this for you. |
注册表事实
| Source Database | Homebrew formula API |
|---|---|
| Tap | homebrew/core |
| Full Name | snort |
| Version Scheme | 0 |
| Revision | 0 |
| Head Version | HEAD |
| Bottle Stable Root URL | https://ghcr.io/v2/homebrew/core |
| Deprecated | no |
| Disabled | no |
| Keg Only | no |
| URL Keys |
|
源数据库匹配
匹配项来自外部软件包管理器索引,并与本地 Automic Vault 软件包链接分开显示。
snort
nix profile install nixpkgs#snortsnort 2.9.20-0+deb11u1ubuntu1
flexible Network Intrusion Detection System
sudo apt install snortsnort-common 2.9.20-0+deb11u1ubuntu1
flexible Network Intrusion Detection System - common files
sudo apt install snort-commonsnort-common-libraries 2.9.20-0+deb11u1ubuntu1
flexible Network Intrusion Detection System - libraries
sudo apt install snort-common-librariessnort-doc 2.9.20-0+deb11u1ubuntu1
flexible Network Intrusion Detection System - documentation
sudo apt install snort-docsnort-rules-default 2.9.20-0+deb11u1ubuntu1
flexible Network Intrusion Detection System - ruleset
http://www.snort.org/snort-rules/
sudo apt install snort-rules-defaultsnort 3.9.2.0-r0
Open source network intrusion prevention and detection system
sudo apk add snortsnort-dev 3.9.2.0-r0
Open source network intrusion prevention and detection system (development files)
sudo apk add snort-devsnort-doc 3.9.2.0-r0
Open source network intrusion prevention and detection system (documentation)
sudo apk add snort-docsnort-openrc 3.9.2.0-r0
Open source network intrusion prevention and detection system (OpenRC init scripts)
sudo apk add snort-openrcsnort
sudo port install snort来源线索
此页面由 av-web 从 scripts/generate-pkg-sqlite.py 生成的私有软件包 SQLite 工件提供。
View the package source record on GitHub.