dockerfiles/snort/Dockerfile

#
# Dockerfile for snort
#

FROM centos:8
MAINTAINER EasyPi Software Foundation

ENV SNORT_VERSION=2.9.18
ENV SNORT_URL=https://www.snort.org/downloads/snort/snort-${SNORT_VERSION}-1.centos8.x86_64.rpm
ENV RULES_URL=https://www.snort.org/downloads/community/community-rules.tar.gz

RUN set -xe \
    && yum -y install epel-release jq libdnet \
    && yum -y install ${SNORT_URL} \
    && mkdir -p /etc/snort/rules \
    && curl -sSL ${RULES_URL} | \
       tar xz --strip 1 -C /etc/snort/rules/ community-rules/community.rules \
    && touch /etc/snort/rules/local.rules \
             /etc/snort/rules/black_list.rules \
             /etc/snort/rules/white_list.rules \
    && mkdir -p /etc/snort/so_rules \
                /etc/snort/preproc_rules \
                /usr/local/lib/snort_dynamicrules \
    && ln -s /usr/lib64/libdnet.so.1 /usr/local/lib/libdnet.1 \
    && curl -sSL https://bootstrap.pypa.io/get-pip.py | python \
    && pip install --no-cache-dir idstools \
    && yum clean all

COPY data/snort.conf /etc/snort/snort.conf
COPY data/u2json.conf /etc/snort/u2json.conf

ENTRYPOINT ["snort"]
CMD ["--help"]
add snort 2015-09-02 17:58:29 +00:00			`#`
			`# Dockerfile for snort`
			`#`

update snort 2020-08-14 03:26:15 +00:00			`FROM centos:8`
fix snort 2020-06-08 05:20:41 +00:00			`MAINTAINER EasyPi Software Foundation`
add snort 2015-09-02 17:58:29 +00:00
upgrade snort to 2.9.18 2021-08-12 10:33:10 +00:00			`ENV SNORT_VERSION=2.9.18`
update snort 2020-08-14 03:26:15 +00:00			`ENV SNORT_URL=https://www.snort.org/downloads/snort/snort-${SNORT_VERSION}-1.centos8.x86_64.rpm`
fix snort 2020-06-08 05:20:41 +00:00			`ENV RULES_URL=https://www.snort.org/downloads/community/community-rules.tar.gz`
upgrade snort to 2.9.8.2 2016-06-04 06:02:26 +00:00
			`RUN set -xe \`
update snort 2020-06-08 06:29:13 +00:00			`&& yum -y install epel-release jq libdnet \`
fix snort 2020-06-08 05:20:41 +00:00			`&& yum -y install ${SNORT_URL} \`
upgrade snort to 2.9.12 2018-10-25 23:23:14 +00:00			`&& mkdir -p /etc/snort/rules \`
fix snort 2020-06-08 05:20:41 +00:00			`&& curl -sSL ${RULES_URL} \| \`
update snort 2018-08-26 06:55:20 +00:00			`tar xz --strip 1 -C /etc/snort/rules/ community-rules/community.rules \`
			`&& touch /etc/snort/rules/local.rules \`
			`/etc/snort/rules/black_list.rules \`
			`/etc/snort/rules/white_list.rules \`
			`&& mkdir -p /etc/snort/so_rules \`
			`/etc/snort/preproc_rules \`
			`/usr/local/lib/snort_dynamicrules \`
			`&& ln -s /usr/lib64/libdnet.so.1 /usr/local/lib/libdnet.1 \`
update snort 2020-06-08 06:16:46 +00:00			`&& curl -sSL https://bootstrap.pypa.io/get-pip.py \| python \`
chore: Use --no-cache-dir flag to pip in Dockerfiles, to save space Using "--no-cache-dir" flag in pip install ,make sure dowloaded packages by pip don't cached on system . This is a best practise which make sure to fetch ftom repo instead of using local cached one . Further , in case of Docker Containers , by restricing caching , we can reduce image size. In term of stats , it depends upon the number of python packages multiplied by their respective size . e.g for heavy packages with a lot of dependencies it reduce a lot by don't caching pip packages. Further , more detail information can be found at https://medium.com/sciforce/strategies-of-docker-images-optimization-2ca9cc5719b6 Signed-off-by: Pratik Raj <rajpratik71@gmail.com> 2021-07-01 19:32:49 +00:00			`&& pip install --no-cache-dir idstools \`
update snort 2018-08-26 06:55:20 +00:00			`&& yum clean all`

			`COPY data/snort.conf /etc/snort/snort.conf`
update snort 2020-06-08 06:16:46 +00:00			`COPY data/u2json.conf /etc/snort/u2json.conf`
add snort 2015-09-02 17:58:29 +00:00
update 2015-09-03 02:08:27 +00:00			`ENTRYPOINT ["snort"]`
			`CMD ["--help"]`