Public bug reported: Greetings!
Recently, I was trying to build Cisco's Snort 3 on Ubuntu 24.04. Snort 3 can be compiled with support for hyperscan to enable better PCRE performance for network detection. In the past, using the libhyperscan- dev package worked fine. But now, it doesn't seem to want to cooperate. I filed a bug under snort 3 here (https://github.com/snort3/snort3/issues/366) that details the problem I'm seeing. To summarize: some of the IDS signatures use PCRE, and one of the options to use hyperscan_literals causes over 2,000 rules in the 50,000+ set of signatures to fail to work, causing fatal errors. Ubuntu 22.04 doesn't have this problem, when I compiled snort3 against version 5.4.0 of the hyperscan library, this problen appears to be specific to version 5.4.2 -- which to my knowledge is the last version that Intel released before changing the license and no longer supporting open-source hyperscan. I was made aware of vectorscan recently and that it is essentially a drop-in portable replacement for Intel hyperscan. I searched to see if there was a package available for vectorscan, and I came across libvectorscan. Searching the apt repos returned nothing on my 24.04 system, and it was then that I realized there isn't a build for x86_64 yet. Just to make sure I wasn't wasting anyone's time here, I grabbed the source code vector scan at: https://github.com/VectorCamp/vectorscan, compiled it, then recompiled snort3. I confirmed that it linked against vectorscan, and acted as a drop-in replacement. I also confirmed that my bug that I reported for snort3 seemed to disappear. I opened up a bug on the vectorscan github page to see about getting an x86_64 package for the convenience of Snort3 (as well as Suricata IDS -- Suricata can be compiled and configured to utilize hyperscan as well) users to not have to compile vectorscan from source to acquire the performance improvements that hyperscan brings (https://github.com/VectorCamp/vectorscan/issues/260). I was advised to open a bug report here. So here I am. If there is any other information I can supply or anything I neglected to provide on this "bug", please let me know. lsb_release -rd: Description: Ubuntu 24.04 LTS Release: 24.04 root@ubuntu-2404-snort3:~# No output for apt-cache policy libvectorscan-dev -- package doesn't exist for amd64 systems What I expect to happen: I would like for apt-get to provide libvectorscan5 and libvectorscan-dev for x86_64 systems What happened instead: The package is not available. ** Affects: vectorscan (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2064289 Title: Requesting x86_64/AMD 64 vectorscan package To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/vectorscan/+bug/2064289/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
