update latest snort2 version

README.md

@@ -1 +1,3 @@
 Snort 2 in a docker container
+
+Forked from [snort2-docker](https://github.com/Cisco-Talos/snort2-docker)

docker-compose.yml

@@ -0,0 +1,19 @@
+version: '3'
+
+services:
+  snort2:
+    image: snort2
+    build: ./docker
+    hostname: snort2
+    container_name: snort2
+    restart: always
+    command: >
+      /bin/bash -c "sleep 20s
+      && snort -c /etc/snort/snort.conf"
+    cap_add:
+      - NET_ADMIN
+      - NET_RAW
+    volumes:
+      - ./docker/etc:/etc/snort
+      - ./log:/var/log/snort
+    network_mode: host

docker/Dockerfile

@@ -1,5 +1,5 @@
-FROM debian:buster-slim
+FROM debian:bookworm-slim
-ENV VERSION 2.9.19
+ENV VERSION 2.9.20
 
 RUN mkdir -p /root/pcaps/
 COPY labs /root/
@@ -8,6 +8,7 @@ WORKDIR /root/src/
 
 RUN  apt-get update && \
   apt-get -y install \
+file \
   build-essential \
   vim \
   curl \
@@ -29,14 +30,15 @@ RUN  apt-get update && \
   liblzma-dev \
   luajit \
   libluajit-5.1-dev \
-  libssl1.1 \
+  libssl3 \
   libssl-dev \
+libntirpc-dev \
   tcpreplay && \
   apt-get clean && \
   curl -L -O https://snort.org/downloads/snort/snort-$VERSION.tar.gz && \
   tar xf ./snort-$VERSION.tar.gz && \
   cd ./snort-$VERSION && \
-  ./configure --enable-sourcefire --enable-open-appid && \
+  ./configure CFLAGS="-I/usr/include/ntirpc/" --enable-sourcefire --enable-open-appid && \
   make -j$(nproc) && \
   make install && \
   ldconfig && \