Index: head/net/libdaq/Makefile
===================================================================
--- head/net/libdaq/Makefile
+++ head/net/libdaq/Makefile
@@ -3,7 +3,7 @@
 
 PORTNAME=	libdaq
 DISTVERSIONPREFIX=	v
-DISTVERSION=	3.0.0-alpha3
+DISTVERSION=	3.0.0-alpha4
 CATEGORIES=	net
 
 MAINTAINER=	bofh@FreeBSD.org
Index: head/net/libdaq/distinfo
===================================================================
--- head/net/libdaq/distinfo
+++ head/net/libdaq/distinfo
@@ -1,3 +1,3 @@
-TIMESTAMP = 1572019559
-SHA256 (snort3-libdaq-v3.0.0-alpha3_GH0.tar.gz) = 5a54e804d57b4fa4e31bff331af3d5b96edcd6d45156805843275f6725097e40
-SIZE (snort3-libdaq-v3.0.0-alpha3_GH0.tar.gz) = 154109
+TIMESTAMP = 1585510481
+SHA256 (snort3-libdaq-v3.0.0-alpha4_GH0.tar.gz) = 7e5bb5487b774324156770b3505a9aa932c3fcf03d4a9aa905d286d2a71f996a
+SIZE (snort3-libdaq-v3.0.0-alpha4_GH0.tar.gz) = 154832
Index: head/security/snort3/Makefile
===================================================================
--- head/security/snort3/Makefile
+++ head/security/snort3/Makefile
@@ -2,7 +2,7 @@
 # $FreeBSD$
 
 PORTNAME=	snort
-DISTVERSION=	3.0.0-258
+DISTVERSION=	3.0.0-270
 PORTEPOCH=	1
 CATEGORIES=	security
 PKGNAMESUFFIX=	3
@@ -13,20 +13,17 @@
 LICENSE=	GPLv2
 LICENSE_FILE=	${WRKSRC}/LICENSE
 
-BROKEN=		fails to build
-
-BUILD_DEPENDS=	libdaq>=0:net/libdaq \
-		bash>0:shells/bash
 LIB_DEPENDS=	libpcre.so:devel/pcre \
 		libdnet.so:net/libdnet \
 		libpcap.so:net/libpcap \
 		libluajit-5.1.so:lang/luajit \
-		libhwloc.so:devel/hwloc
-RUN_DEPENDS=	libdaq>=0:net/libdaq
+		libhwloc.so:devel/hwloc \
+		libuuid.so:misc/e2fsprogs-libuuid \
+		libdaq.so:net/libdaq
 
-USES=		cmake compiler:c++11-lang cpe libtool localbase pathfix pkgconfig shebangfix ssl iconv
-
+USES=		cmake compiler:c++14-lang cpe localbase pathfix pkgconfig shebangfix ssl iconv
 USE_GITHUB=	yes
+
 GH_ACCOUNT=	snort3
 GH_PROJECT=	snort3
 
@@ -35,10 +32,9 @@
 OPTIONS_DEFINE=		ADDRESSSANITIZER DEBUG DOCS FLATBUFFERS LARGEPCAP PIE THREADSANITIZER STATICDAQ
 OPTIONS_DEFINE_amd64=	HYPERSCAN TSC
 OPTIONS_DEFAULT=	STATICDAQ
+OPTIONS_DEFAULT_amd64=	HYPERSCAN
 
 ADDRESSSANITIZER_DESC=	Enable address sanitizer
-DEBUG_DESC=		Enable debug
-DOCS_DESC=		Enable documentation
 FLATBUFFERS_DESC=	Enable flatbuffers support
 HYPERSCAN_DESC=		Enable high-performance regular expression lib
 LARGEPCAP_DESC=		Enable support for pcaps larger than 2 GB
@@ -56,9 +52,21 @@
 THREADSANITIZER_CMAKE_BOOL=	ENABLE_THREAD_SANITIZER
 TSC_CMAKE_BOOL=		ENABLE_TSC_CLOCK
 
-FLATBUFFERS_LIB_DEPENDS=	libflatbuffers.so:devel/flatbuffers
+FLATBUFFERS_LIB_DEPENDS=libflatbuffers.so:devel/flatbuffers
 HYPERSCAN_LIB_DEPENDS=	libhs.so:devel/hyperscan
 
 CONFLICTS=	snort-2*
+
+.include <bsd.port.options.mk>
+
+.if ${PORT_OPTIONS:MHYPERSCAN}
+PLIST_SUB+=	HYPERSCAN=""
+.else
+PLIST_SUB+=	HYPERSCAN="@comment "
+.endif
+
+post-patch:
+	${REINPLACE_CMD} -e 's|_LIBDIR}/pkgconfig|_PREFIX}/libdata/pkgconfig|g' \
+		${WRKSRC}/cmake/create_pkg_config.cmake
 
 .include <bsd.port.mk>
Index: head/security/snort3/distinfo
===================================================================
--- head/security/snort3/distinfo
+++ head/security/snort3/distinfo
@@ -1,3 +1,3 @@
-TIMESTAMP = 1563993608
-SHA256 (snort3-snort3-3.0.0-258_GH0.tar.gz) = 93db0d36d18c22dd78caf46c6fdfb7121886784167b5e5b3e6fcbddddc2cdfe2
-SIZE (snort3-snort3-3.0.0-258_GH0.tar.gz) = 6361952
+TIMESTAMP = 1585861636
+SHA256 (snort3-snort3-3.0.0-270_GH0.tar.gz) = 06e127240c9c234b17f9ff22469dd21651374fac0fec8fceea9849a108bb3499
+SIZE (snort3-snort3-3.0.0-270_GH0.tar.gz) = 6537334
Index: head/security/snort3/files/patch-src_file__api_file__cache.cc
===================================================================
--- head/security/snort3/files/patch-src_file__api_file__cache.cc
+++ head/security/snort3/files/patch-src_file__api_file__cache.cc
@@ -1,6 +1,6 @@
---- src/file_api/file_cache.cc.orig	2019-04-10 20:51:55 UTC
+--- src/file_api/file_cache.cc.orig	2020-03-25 14:13:20 UTC
 +++ src/file_api/file_cache.cc
-@@ -134,7 +134,7 @@ FileContext* FileCache::add(const FileHashKey& hashKey
+@@ -133,7 +133,7 @@ FileContext* FileCache::add(const FileHashKey& hashKey
      struct timeval now;
      packet_gettimeofday(&now);
  
@@ -9,7 +9,7 @@
      timeradd(&now, &time_to_add, &new_node.cache_expire_time);
  
      new_node.file = new FileContext;
-@@ -187,7 +187,7 @@ FileContext* FileCache::find(const FileHashKey& hashKe
+@@ -183,7 +183,7 @@ FileContext* FileCache::find(const FileHashKey& hashKe
      }
  
      struct timeval next_expire_time;
@@ -18,7 +18,7 @@
      timeradd(&now, &time_to_add, &next_expire_time);
  
      //  Refresh the timer on the cache.
-@@ -314,7 +314,7 @@ bool FileCache::apply_verdict(Packet* p, FileContext* 
+@@ -311,7 +311,7 @@ bool FileCache::apply_verdict(Packet* p, FileContext* 
  
              if (!timerisset(&file_ctx->pending_expire_time))
              {
Index: head/security/snort3/files/patch-src_flow_ha.cc
===================================================================
--- head/security/snort3/files/patch-src_flow_ha.cc
+++ head/security/snort3/files/patch-src_flow_ha.cc
@@ -1,10 +0,0 @@
---- src/flow/ha.cc.orig	2019-07-31 09:26:02 UTC
-+++ src/flow/ha.cc
-@@ -35,6 +35,7 @@
- #include "flow_key.h"
- #include "ha_module.h"
- #include "session.h"
-+#include <array>
- 
- using namespace snort;
- 
Index: head/security/snort3/files/patch-src_host__tracker_host__cache__allocator.h
===================================================================
--- head/security/snort3/files/patch-src_host__tracker_host__cache__allocator.h
+++ head/security/snort3/files/patch-src_host__tracker_host__cache__allocator.h
@@ -0,0 +1,25 @@
+--- src/host_tracker/host_cache_allocator.h.orig	2020-04-04 02:00:30 UTC
++++ src/host_tracker/host_cache_allocator.h
+@@ -44,6 +44,22 @@ class HostCacheAlloc : public std::allocator<T> (prote
+     HostCacheInterface* lru = 0;
+ };
+ 
++template <class T>
++T* HostCacheAlloc<T>::allocate(std::size_t n)
++{
++    size_t sz = n * sizeof(T);
++    T* out = std::allocator<T>::allocate(n);
++    lru->update(sz);
++    return out;
++}
++
++template <class T>
++void HostCacheAlloc<T>::deallocate(T* p, std::size_t n) noexcept
++{
++    size_t sz = n * sizeof(T);
++    std::allocator<T>::deallocate(p, n);
++    lru->update(-(int) sz);
++}
+ 
+ // Trivial derived allocator, pointing to their own host cache.
+ // HostCacheAllocIp has a HostCacheInterface* pointing to an lru cache
Index: head/security/snort3/files/patch-src_host__tracker_host__cache__allocator.cc
===================================================================
--- head/security/snort3/files/patch-src_host__tracker_host__cache__allocator.cc
+++ head/security/snort3/files/patch-src_host__tracker_host__cache__allocator.cc
@@ -0,0 +1,26 @@
+--- src/host_tracker/host_cache_allocator.cc.orig	2020-04-04 01:57:20 UTC
++++ src/host_tracker/host_cache_allocator.cc
+@@ -24,23 +24,6 @@
+ #include "host_cache.h"
+ 
+ template <class T>
+-T* HostCacheAlloc<T>::allocate(std::size_t n)
+-{
+-    size_t sz=n*sizeof(T);
+-    T* out=std::allocator<T>::allocate(n);
+-    lru->update(sz);
+-    return out;
+-}
+-
+-template <class T>
+-void HostCacheAlloc<T>::deallocate(T* p, std::size_t n) noexcept
+-{
+-    size_t sz = n*sizeof(T);
+-    std::allocator<T>::deallocate(p, n);
+-    lru->update( -(int) sz);
+-}
+-
+-template <class T>
+ HostCacheAllocIp<T>::HostCacheAllocIp()
+ {
+     lru = &host_cache;
Index: head/security/snort3/files/patch-src_main_analyzer.cc
===================================================================
--- head/security/snort3/files/patch-src_main_analyzer.cc
+++ head/security/snort3/files/patch-src_main_analyzer.cc
@@ -1,11 +1,20 @@
---- src/main/analyzer.cc.orig	2019-07-31 10:41:21 UTC
+--- src/main/analyzer.cc.orig	2020-03-25 14:13:20 UTC
 +++ src/main/analyzer.cc
-@@ -94,7 +94,7 @@ class RetryQueue (public)
+@@ -95,7 +95,7 @@ class RetryQueue (public)
      RetryQueue(unsigned interval_ms)
      {
          assert(interval_ms > 0);
--        interval = { interval_ms / 1000, (interval_ms % 1000) * 1000 };
+-        interval = { interval_ms / 1000, static_cast<suseconds_t>((interval_ms % 1000) * 1000) };
 +        interval = { static_cast<time_t>(interval_ms / 1000), static_cast<suseconds_t>( (interval_ms % 1000) * 1000 )};
      }
  
      ~RetryQueue()
+@@ -546,7 +546,7 @@ void Analyzer::idle()
+     struct timeval now, increment;
+     unsigned int timeout = SnortConfig::get_conf()->daq_config->timeout;
+     packet_gettimeofday(&now);
+-    increment = { timeout / 1000, static_cast<suseconds_t>((timeout % 1000) * 1000) };
++    increment = { static_cast<time_t>(timeout / 1000), static_cast<suseconds_t>((timeout % 1000) * 1000) };
+     timeradd(&now, &increment, &now);
+     packet_time_update(&now);
+ 
Index: head/security/snort3/pkg-plist
===================================================================
--- head/security/snort3/pkg-plist
+++ head/security/snort3/pkg-plist
@@ -3,8 +3,12 @@
 bin/snort2lua
 bin/u2boat
 bin/u2spewfoo
+%%ETCDIR%%/balanced.lua
+%%ETCDIR%%/connectivity.lua
 %%ETCDIR%%/file_magic.lua
 %%ETCDIR%%/inline.lua
+%%ETCDIR%%/max_detect.lua
+%%ETCDIR%%/security.lua
 %%ETCDIR%%/snort.lua
 %%ETCDIR%%/snort_defaults.lua
 %%ETCDIR%%/talos.lua
@@ -66,11 +70,21 @@
 include/snort/framework/so_rule.h
 include/snort/framework/value.h
 include/snort/hash/ghash.h
+include/snort/hash/hash_defs.h
+include/snort/hash/hash_key_operations.h
 include/snort/hash/hashes.h
-include/snort/hash/hashfcn.h
+%%HYPERSCAN%%include/snort/helpers/hyper_scratch_allocator.h
+%%HYPERSCAN%%include/snort/helpers/hyper_search.h
 include/snort/hash/lru_cache_shared.h
 include/snort/hash/xhash.h
 include/snort/helpers/base64_encoder.h
+include/snort/helpers/boyer_moore_search.h
+include/snort/helpers/literal_search.h
+include/snort/helpers/scratch_allocator.h
+include/snort/host_tracker/host_cache.h
+include/snort/host_tracker/host_cache_allocator.h
+include/snort/host_tracker/host_cache_interface.h
+include/snort/host_tracker/host_tracker.h
 include/snort/log/log.h
 include/snort/log/log_text.h
 include/snort/log/messages.h
@@ -103,7 +117,12 @@
 include/snort/network_inspectors/appid/appid_types.h
 include/snort/network_inspectors/appid/application_ids.h
 include/snort/network_inspectors/appid/http_xff_fields.h
+include/snort/network_inspectors/appid/tp_appid_module_api.h
+include/snort/network_inspectors/appid/tp_appid_session_api.h
+include/snort/network_inspectors/appid/tp_appid_types.h
 include/snort/network_inspectors/packet_tracer/packet_tracer.h
+include/snort/network_inspectors/reputation/reputation_common.h
+include/snort/network_inspectors/rna/rna_logger.h
 include/snort/packet_io/active.h
 include/snort/packet_io/sfdaq.h
 include/snort/packet_io/sfdaq_instance.h
@@ -115,6 +134,7 @@
 include/snort/profiler/rule_profiler_defs.h
 include/snort/profiler/time_profiler_defs.h
 include/snort/protocols/arp.h
+include/snort/protocols/cisco_meta_data.h
 include/snort/protocols/eapol.h
 include/snort/protocols/eth.h
 include/snort/protocols/gre.h
@@ -139,6 +159,9 @@
 include/snort/protocols/vlan.h
 include/snort/protocols/wlan.h
 include/snort/pub_sub/appid_events.h
+include/snort/pub_sub/cip_events.h
+include/snort/pub_sub/daq_message_event.h
+include/snort/pub_sub/data_decrypt_event.h
 include/snort/pub_sub/expect_events.h
 include/snort/pub_sub/finalize_packet_event.h
 include/snort/pub_sub/http_events.h
@@ -155,18 +178,19 @@
 include/snort/time/clock_defs.h
 include/snort/time/packet_time.h
 include/snort/time/stopwatch.h
-include/snort/time/tsc_clock.h
 include/snort/utils/bitop.h
+include/snort/utils/boyer_moore.h
 include/snort/utils/cpp_macros.h
 include/snort/utils/endian.h
 include/snort/utils/event_gen.h
 include/snort/utils/infractions.h
 include/snort/utils/kmap.h
+include/snort/utils/memcap_allocator.h
+include/snort/utils/util_ber.h
 include/snort/utils/primed_allocator.h
 include/snort/utils/safec.h
 include/snort/utils/segment_mem.h
 include/snort/utils/sflsq.h
-include/snort/utils/sfmemcap.h
 include/snort/utils/stats.h
 include/snort/utils/util.h
 include/snort/utils/util_cstring.h