This repository offers a Dockerized deployment of Snort3, a robust network intrusion prevention system, facilitating the utilization of Snort3 for Network Functions Virtualization (NFV).
To validate the Snort configuration, execute the following command:
snort -c /usr/local/etc/snort/snort.lua
Note: Depending on your setup, you may require sudo
for Docker commands.
To launch the Snort3 Docker container with complete network access, utilize the following command:
docker run -it --rm --net=host ghcr.io/bengo237/snort3:latest /bin/bash
In certain scenarios, you might need to append --cap-add=NET_ADMIN
or --privileged
to the Docker command. Nonetheless, exercising caution is advised when using --privileged
since it grants all capabilities to the container, warranting careful consideration.