I've been looking at Snort, and I realized there's no software to block alerts on OpenWRT. I noted that SnortSam requires a second agent to run. fwsnort seems to only require the iptables string match module.
This seems like a good software to add to OpenWRT...any thoughts?
Trying to get into "firewalls". Stumbled upon this when searched snort.
Where would be a good place to start on snort3 on openwrt?
I want to gives it a try, which I understand 3 is the first version to use multi-cores.
Also I was under impression snort is self-sufficient.
It appears it's not if add-ons SnortSam/fwsnort is required.
Lastly, is snort on pfsense any different from snort on openwrt?
I read you @lleachii recommended someone to use pfsense+snort.
opkg install perl perlbase-socket perlbase-io perlbase-file perlbase-sys perlbase-data perlbase-getopt
Can't locate IPTables/Parse.pm in @INC (you may need to install the IPTables::Parse module) (@INC contains: /usr/lib/perl5/5.28) at /usr/sbin/fwsnort line 4288.
Can't locate NetAddr/IP.pm in @INC (you may need to install the NetAddr::IP module) (@INC contains: /usr/lib/perl5/5.28) at /usr/sbin/fwsnort line 4289.
Can't locate AutoLoader.pm in @INC (you may need to install the AutoLoader module) (@INC contains: /usr/lib/perl5/5.28) at /usr/lib/perl5/5.28/NetAddr/IP/InetBase.pm line 9.
opkg install perlbase-autoloader
Can't locate auto/NetAddr/IP/InetBase/autosplit.ix in @INC (@INC contains: /usr/lib/perl5/5.28) at /usr/lib/perl5/5.28/AutoLoader.pm line 181.