71 lines
1.9 KiB
Ruby
71 lines
1.9 KiB
Ruby
class Snort < Formula
|
|
desc "Flexible Network Intrusion Detection System"
|
|
homepage "https://www.snort.org"
|
|
url "https://www.snort.org/downloads/snort/snort-2.9.11.tar.gz"
|
|
sha256 "23a45e3ea1e155a3d871c691a10fe23f2bfcfe4d6abc0ebbcdc2ab1fccca14ee"
|
|
|
|
bottle do
|
|
cellar :any
|
|
sha256 "a703be9360454c2031021a9db4894b495cf135178749914f336c35a017f26312" => :high_sierra
|
|
sha256 "94711a7c4ea9ed122b87d679fd92c68d63491a80ca0bf7024b20300b016c2c9e" => :sierra
|
|
sha256 "097879b36e1f2eeb463c92c2111abe2c261e082ab21fceb63372bb7567df9cf2" => :el_capitan
|
|
end
|
|
|
|
option "with-debug", "Compile Snort with debug options enabled"
|
|
|
|
deprecated_option "enable-debug" => "with-debug"
|
|
|
|
depends_on "pkg-config" => :build
|
|
depends_on "luajit"
|
|
depends_on "daq"
|
|
depends_on "libdnet"
|
|
depends_on "pcre"
|
|
depends_on "openssl"
|
|
|
|
def install
|
|
openssl = Formula["openssl"]
|
|
|
|
args = %W[
|
|
--prefix=#{prefix}
|
|
--sysconfdir=#{etc}/snort
|
|
--disable-dependency-tracking
|
|
--disable-silent-rules
|
|
--enable-gre
|
|
--enable-mpls
|
|
--enable-targetbased
|
|
--enable-sourcefire
|
|
--with-openssl-includes=#{openssl.opt_include}
|
|
--with-openssl-libraries=#{openssl.opt_lib}
|
|
--enable-active-response
|
|
--enable-normalizer
|
|
--enable-reload
|
|
--enable-react
|
|
--enable-flexresp3
|
|
]
|
|
|
|
if build.with? "debug"
|
|
args << "--enable-debug"
|
|
args << "--enable-debug-msgs"
|
|
else
|
|
args << "--disable-debug"
|
|
end
|
|
|
|
system "./configure", *args
|
|
system "make", "install"
|
|
|
|
rm Dir[buildpath/"etc/Makefile*"]
|
|
(etc/"snort").install Dir[buildpath/"etc/*"]
|
|
end
|
|
|
|
def caveats; <<-EOS.undent
|
|
For snort to be functional, you need to update the permissions for /dev/bpf*
|
|
so that they can be read by non-root users. This can be done manually using:
|
|
sudo chmod o+r /dev/bpf*
|
|
or you could create a startup item to do this for you.
|
|
EOS
|
|
end
|
|
|
|
test do
|
|
system bin/"snort", "-V"
|
|
end
|
|
end
|