We are incredibly excited to release PulledPork 3 — the next evolution for PulledPork, a companion piece of software for SNORTⓇ that is specifically designed for Snort 3.
PulledPork 3 is built to use the LightSPD package. It allows a single ruleset package to adapt the rules it can run to the version of the engine running on the system and allows users to select a default policy for the ruleset.
Noah Dietrich, an extremely helpful and generous member of our community, re-wrote PulledPork from the ground up in Python (Pulled Pork for Snort 2.X is written in Perl). Not all PulledPork functionality carries over, but the tool is at a point now where it's ready for users to start testing it. We are considering PulledPork 3 to be in alpha.
Please check out the tool here. As always, we are looking for contributors to the project as well. If you are well-versed in Python, would love to have a hand in documentation, or simply want to help "QA" the tool, all issues and pull requests against the tool are welcome.
We also created a special PulledPork channel on the newly created Snort Discord server, so feel free to contribute there as well!