Bapho
June 5, 2024, 3:57pm
1
Gl.iNet package repository does not offer the latest Snort 3 release. Would it be possible to obtain the latest release of Snort 3 by having Gl.iNet Team adding the latest into the repository / feeds?
root@GL-MT6000:~# opkg info snort3 | grep Version
Version: 3.1.0.0-3
From OpenWrt page regarding Snort 3 :
Package version is at or before 3.1.48.0-1, you have a very old legacy version that will require completely manual setup.
Router: Flint 2, GL.iNet GL-MT6000:
root@GL-MT6000:~# cat /etc/openwrt_release
DISTRIB_ID='OpenWrt'
DISTRIB_RELEASE='21.02-SNAPSHOT'
DISTRIB_REVISION='r15812+1071-46b6ee7ffc'
DISTRIB_TARGET='mediatek/mt7986'
DISTRIB_ARCH='aarch64_cortex-a53'
DISTRIB_DESCRIPTION='OpenWrt 21.02-SNAPSHOT r15812+1071-46b6ee7ffc'
DISTRIB_TAINTS='busybox'
Snort package offered by Gl.iNet:
root@GL-MT6000:~# opkg list | grep -e snort
snort - 2.9.17-2 - Snort is an open source network intrusion detection and prevention system. It is capable of performing real-time traffic analysis, alerting, blocking and packet logging on IP networks. It utilizes a combination of protocol analysis and pattern matching in order to detect anomalies, misuse and attacks.
snort3 - 3.1.0.0-3 - Snort is an open source network intrusion detection and prevention system. It is capable of performing real-time traffic analysis, alerting, blocking and packet logging on IP networks. It utilizes a combination of protocol analysis and pattern matching in order to detect anomalies, misuse and attacks.
Gl.iNet feeds:
root@GL-MT6000:~# cat /etc/opkg/distfeeds.conf
src/gz glinet_core https://fw.gl-inet.com/releases/mt798x/kmod-4.5.7/aarch64_cortex-a53/mediatek/mt7986
src/gz glinet_gli_pub https://fw.gl-inet.com/releases/mt798x/packages-4.5/aarch64_cortex-a53/glinet
src/gz glinet_gli_packages https://fw.gl-inet.com/releases/mt798x/packages-4.5/aarch64_cortex-a53/packages
bruce
June 12, 2024, 3:21am
2
Also can add the openwrt official opkg url to feeds.
opkg info snort3 | grep Version
Version: 3.1.84.0-r2
Bapho
June 16, 2024, 7:40pm
3
I had added the the official opkg feed URL:https://downloads.openwrt.org/snapshots/packages/aarch64_cortex-a53/packages/
root@GL-MT6000:~# nano /etc/opkg/customfeeds.conf
/etc/opkg/customfeeds.conf
# add your custom package feeds here
#
# src/gz example_feed_name http://www.example.com/path/to/files
src/gz aarch64_cortex-a53_packages https://downloads.openwrt.org/snapshots/packages/aarch64_cortex-a53/packages/
and
opkg update
was a success (in contrast adding the URL feed into /etc/opkg/distfeeds.conf)
Then navigating within MT6000 main UI, into Plug-ins, I did attempt to install snort version 3.1.84.0-r3, and I do get dependencies error:
Collected errors:
* pkg_hash_check_unresolved: cannot find dependency libopenssl3 for snort3
* pkg_hash_check_unresolved: cannot find dependency kmod-nft-queue for snort3
* pkg_hash_check_unresolved: cannot find dependency ucode for snort3
* pkg_hash_check_unresolved: cannot find dependency ucode-mod-fs for snort3
* pkg_hash_check_unresolved: cannot find dependency ucode-mod-uci for snort3
Yet the each dependencies failed the install via SSH into the OS?
root@GL-MT6000:~# opkg install libopenssl3 ucode ucode-mod-fs ucode-mod-uci
Unknown package 'libopenssl3'.
Unknown package 'ucode'.
Unknown package 'ucode-mod-fs'.
Unknown package 'ucode-mod-uci'.
Collected errors:
* opkg_install_cmd: Cannot install package libopenssl3.
* opkg_install_cmd: Cannot install package ucode.
* opkg_install_cmd: Cannot install package ucode-mod-fs.
* opkg_install_cmd: Cannot install package ucode-mod-uci.
What do you suggest regarding installing the latest snort package on MT6000?
Thank you
This package is used to secure the network? how to use it and configure it?
admon
June 17, 2024, 5:25am
5
Totally out of scope for this forum
Get access to all documented Snort Setup Guides, User Manual, Startup Scripts, Deployment Guides and Whitepapers for managing your open source IPS software.
