diff --git a/snort/Dockerfile b/snort/Dockerfile
index 3c13798..588f96e 100644
--- a/snort/Dockerfile
+++ b/snort/Dockerfile
@@ -40,6 +40,8 @@ RUN apt-get update \
         && make install \
         && cd .. \
         && rm -rf snort \
+    && mkdir -p /etc/snort/rules \
+        && curl -sSL https://snort.org/rules/community | tar xz -C /etc/snort/rules \
     && apt-get purge -y --auto-remove build-essential \
                                       bison \
                                       flex \
@@ -48,4 +50,6 @@ RUN apt-get update \
                                       libpcre3-dev \
                                       zlib1g-dev
 
-CMD ["snort", "--help"]
+ENTRYPOINT ["snort"]
+CMD ["--help"]
+
diff --git a/snort/README.md b/snort/README.md
index c3f3cf4..82c4e30 100644
--- a/snort/README.md
+++ b/snort/README.md
@@ -1,9 +1,16 @@
-snort (WIP)
-===========
+snort
+=====
 
 ![](https://badge.imagelayers.io/vimagick/snort:latest.svg)
 
 [`Snort`][1] is an open source intrusion prevention system capable of real-time
 traffic analysis and packet logging.
 
+## Quick Start
+
+```
+$ alias snort='docker run --rm --net host -v `pwd`:/work -w /work vimagick/snort'
+$ snort -vde
+```
+
 [1]: https://snort.org/