PKG_NAME:=snort3
PKG_VERSION:=3.1.77.0
-PKG_RELEASE:=1
+PKG_RELEASE:=2
PKG_SOURCE:=$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://github.com/snort3/snort3/archive/refs/tags/
mode: config_item("enum", [ "ids", "ips" ]),
method: config_item("enum", [ "pcap", "afpacket", "nfq" ]),
- action: config_item("enum", [ "alert", "block", "drop", "reject" ]),
+ action: config_item("enum", [ "default", "alert", "block", "drop", "reject" ]),
interface: config_item("str", [ uci.get("network", "wan", "device") ]),
snaplen: config_item("range", [ 1518, 65535 ]), // int daq.snaplen = 1518: set snap length (same as -s) { 0:65535 }
PID file (why?). Default /var/log
openappid - Enabled inspection using the 'openappid' package
See 'opkg info openappid'
- action - 'alert', 'block', 'reject' or 'drop'
+ action - Override the specified action of your rules. One of 'default',
+ 'alert', 'block', 'reject' or 'drop', where 'default' means use
+ the rule as defined and don't override.
method - 'pcap', 'afpacket' or 'nfq'
snaplen - int daq.snaplen = 1518: set snap length (same as -s) { 0:65535 }
include - User-defined snort configuration, applied at end of generated snort.lua
# PID file (why?). Default /var/log
# openappid - Enabled inspection using the 'openappid' package
# See 'opkg info openappid'
-# action - 'alert', 'block', 'reject' or 'drop'
+# action - Override the specified action of your rules. One of 'default',
+# 'alert', 'block', 'reject' or 'drop', where 'default' means use
+# the rule as defined and don't override.
# method - 'pcap', 'afpacket' or 'nfq'
# snaplen - int daq.snaplen = 1518: set snap length (same as -s) { 0:65535 }
# include - User-defined snort configuration, applied at end of generated snort.lua
option openappid '0' # one of [0, 1]
option mode 'ids' # one of [ids, ips]
option method 'pcap' # one of [pcap, afpacket, nfq]
- option action 'alert' # one of [alert, block, drop, reject]
+ option action 'default' # one of [default, alert, block, drop, reject]
option interface 'eth0' # a string
option snaplen '1518' # 1518 <= x <= 65535
option include '' # a path string
ips = {
mode = '{{ line_mode }}',
variables = default_variables,
+{% if (snort.action != 'default'): %}
action_override = '{{ snort.action }}',
+{% endif %}
{% if (getenv("_SNORT_WITHOUT_RULES") == "1"): %}
-- WARNING: THIS IS A TEST-ONLY CONFIGURATION WITHOUT ANY RULES.
{% else %}