require 'formula' class Sshguard < Formula homepage 'http://www.sshguard.net/' url 'https://downloads.sourceforge.net/project/sshguard/sshguard/sshguard-1.5/sshguard-1.5.tar.bz2' sha1 'f8f713bfb3f5c9877b34f6821426a22a7eec8df3' # Fix blacklist flag (-b) so that it doesn't abort on first usage. # Upstream bug report: # http://sourceforge.net/tracker/?func=detail&aid=3252151&group_id=188282&atid=924685 patch do url "https://sourceforge.net/tracker/download.php?group_id=188282&atid=924685&file_id=405677&aid=3252151" sha1 "68cd0910d310e4d23e7752dee1b077ccfe715c0b" end def install system "./configure", "--disable-debug", "--disable-dependency-tracking", "--prefix=#{prefix}", "--with-firewall=#{firewall}" system "make install" end def firewall MacOS.version >= :lion ? "pf" : "ipfw" end def log_path MacOS.version >= :lion ? "/var/log/system.log" : "/var/log/secure.log" end def caveats if MacOS.version >= :lion then <<-EOS.undent Add the following lines to /etc/pf.conf to block entries in the sshguard table (replace $ext_if with your WAN interface): table persist block in quick on $ext_if proto tcp from to any port 22 label "ssh bruteforce" Then run sudo pfctl -f /etc/pf.conf to reload the rules. EOS end end plist_options :startup => true def plist; <<-EOS.undent Label #{plist_name} KeepAlive ProgramArguments #{opt_sbin}/sshguard -l #{log_path} RunAtLoad EOS end end