From 15aeeee0afa34863293fd0c6cf6a30e74b2a5272 Mon Sep 17 00:00:00 2001 From: kev Date: Thu, 3 Sep 2015 01:58:29 +0800 Subject: [PATCH] add snort --- snort/Dockerfile | 51 ++++++++++++++++++++++++++++++++++++++++++++++++ snort/README.md | 9 +++++++++ 2 files changed, 60 insertions(+) create mode 100644 snort/Dockerfile create mode 100644 snort/README.md diff --git a/snort/Dockerfile b/snort/Dockerfile new file mode 100644 index 0000000..e4ca49d --- /dev/null +++ b/snort/Dockerfile @@ -0,0 +1,51 @@ +# +# Dockerfile for snort +# + +FROM debian +MAINTAINER kev + +RUN apt-get update \ + && apt-get install -y build-essential \ + bison \ + curl \ + flex \ + libdnet \ + libdnet-dev \ + libpcap0.8 \ + libpcap-dev \ + libpcre3 \ + libpcre3-dev \ + zlib1g \ + zlib1g-dev \ + && mkdir daq \ + && curl -sSL https://snort.org/downloads/snort/daq-2.0.6.tar.gz | tar xz --strip 1 -C daq \ + && cd daq \ + && ./configure \ + && make install \ + && cd .. \ + && rm -rf daq \ + && mkdir libdnet \ + && curl -sSL https://github.com/dugsong/libdnet/archive/libdnet-1.12.tar.gz | tar xz --strip 1 -C libdnet \ + && cd libdnet \ + && ./configure \ + && make install \ + && (cd /usr/local/lib && ln -s libdnet.1 libdnet.so.1) \ + && cd .. \ + && rm -rf libdnet \ + && mkdir snort \ + && curl -sSL https://snort.org/downloads/snort/snort-2.9.7.5.tar.gz | tar xz --strip 1 -C snort \ + && cd snort \ + && ./configure --enable-sourcefire \ + && make install \ + && cd .. \ + && rm -rf snort \ + && apt-get purge -y --auto-remove build-essential \ + bison \ + flex \ + libdnet-dev \ + libpcap-dev \ + libpcre3-dev \ + zlib1g-dev \ + +CMD ["snort", "--help"] diff --git a/snort/README.md b/snort/README.md new file mode 100644 index 0000000..c3f3cf4 --- /dev/null +++ b/snort/README.md @@ -0,0 +1,9 @@ +snort (WIP) +=========== + +![](https://badge.imagelayers.io/vimagick/snort:latest.svg) + +[`Snort`][1] is an open source intrusion prevention system capable of real-time +traffic analysis and packet logging. + +[1]: https://snort.org/