Lightweight IDS/IPS like Snort

Hi i have been trying to use openwrt snort package in my access point to do URL filtering/blocking, Parental controls, application identification etc, related security features. But the Snort utility takes a big hit on my performance as it consumes almost 60-70% CPU and memory of my device.

Could anyone please suggest an alternative lighweight package/method to do the same?

'netiftyd' or similar heuristical / fragmented toolsets are the only 'lightweight' above layer 4 tools... but afaik they are proprietary or require related server agents that may not exist...

in short;

  • pay someone
  • use another device
  • don't inspect deeply
1 Like