- Support for multiple packet processing threads
- Improved throughput and latency performance
- Improved detection
- Modular design
- Plugin framework with over 200 plugins
- More scalable memory profile
- A brand new HTTP inspector
- Service rules like alert http
- Rule "sticky" buffers
- LuaJIT configuration, loggers, and rule options
- Auto-detect common services for portless configuration
- Rewritten TCP handling
- New rule parser and syntax
- New performance monitor
- New time and space profiling
- New latency monitoring and enforcement
- Automake or Cmake - your choice
- Builtin help and generated reference documentation
There are lots of enhancements and new features planned for Snort++, some of which are already in development. As always, new downloads are posted to snort.org monthly. You can also get the latest updates from github (snortadmin/snort3) which is updated weekly.
Please submit bugs, questions, and feedback to bugs@snort.org or the Snort-Users mailing list.
Happy Snorting!
The Snort Release Team