Isn't pihole better suited for that ?
From what I can see, Snort is more for network intrusion detection.
OTOH if you need Snort for detecting network intrusion, your firewall may not be up to par
True
@anav, you did not specify the bigger context ; Offcourse "Snort" can run on/in a container, but did you mean : "run SNORT on a container ON a Mikrotik ??"
In that case I don't think it will fly...its very resource-hungry and only if you run like a CHR on a x64 servers with lots of resources you might consider this...
Also remember that SNORT is a
single-threaded application...you need multiple instances and complex setup to really scale well.