83 lines
3.3 KiB
Ruby
83 lines
3.3 KiB
Ruby
class Zeek < Formula
|
|
desc "Network security monitor"
|
|
homepage "https://www.zeek.org"
|
|
url "https://github.com/zeek/zeek.git",
|
|
tag: "v5.1.1",
|
|
revision: "80d359af4993d8202bb735da5e3ebe8a75a24431"
|
|
license "BSD-3-Clause"
|
|
head "https://github.com/zeek/zeek.git", branch: "master"
|
|
|
|
livecheck do
|
|
url :stable
|
|
regex(/^v?(\d+(?:\.\d+)+)$/i)
|
|
end
|
|
|
|
bottle do
|
|
sha256 arm64_ventura: "fa93e6176cf97f82780d2110414e7934fdbcf8070bebc8ef9407b5ab589ad4b9"
|
|
sha256 arm64_monterey: "80060a6e15fbaa65b7a74a2712e31bca292a20c713a9563cd1da714e3d63a385"
|
|
sha256 arm64_big_sur: "ef2b9e304742a56d4f0652453620721188a525f8e0778d6ee4a4b4d8b81fc770"
|
|
sha256 ventura: "8b0c9da0ac2c56f3e3f1ff99ef840d261dc693b4716af04efe297027dec4cfcd"
|
|
sha256 monterey: "9c4a13980311f9245221e5f3eb27c968daab730f83ee3e1fff9516755caf9b08"
|
|
sha256 big_sur: "cb5eff2965c0acafbe74111e22c062482226c423034b91956e12a4e19322616b"
|
|
sha256 x86_64_linux: "284858db0d06901a300639c78e39527846955640c0cfde7226983dee5a384d74"
|
|
end
|
|
|
|
depends_on "bison" => :build
|
|
depends_on "cmake" => :build
|
|
depends_on "flex" => :build
|
|
depends_on "swig" => :build
|
|
depends_on "c-ares"
|
|
depends_on "libmaxminddb"
|
|
depends_on macos: :mojave
|
|
depends_on "openssl@1.1"
|
|
depends_on "python@3.11"
|
|
|
|
uses_from_macos "libpcap"
|
|
uses_from_macos "libxcrypt"
|
|
uses_from_macos "zlib"
|
|
|
|
fails_with gcc: "5"
|
|
|
|
def install
|
|
(buildpath/"auxil/c-ares").rmtree
|
|
|
|
# Remove SDK paths from zeek-config. This breaks usage with other SDKs.
|
|
# https://github.com/corelight/zeek-community-id/issues/15
|
|
inreplace "zeek-config.in" do |s|
|
|
s.gsub! "@ZEEK_CONFIG_PCAP_INCLUDE_DIR@", ""
|
|
s.gsub! "@ZEEK_CONFIG_ZLIB_INCLUDE_DIR@", ""
|
|
end
|
|
|
|
# Avoid references to the Homebrew shims directory
|
|
inreplace "auxil/spicy/spicy/hilti/toolchain/src/config.cc.in", "${CMAKE_CXX_COMPILER}", ENV.cxx
|
|
|
|
system "cmake", "-S", ".", "-B", "build",
|
|
"-DBROKER_DISABLE_TESTS=on",
|
|
"-DINSTALL_AUX_TOOLS=on",
|
|
"-DINSTALL_ZEEKCTL=on",
|
|
"-DUSE_GEOIP=on",
|
|
"-DCARES_ROOT_DIR=#{Formula["c-ares"].opt_prefix}",
|
|
"-DCARES_LIBRARIES=#{Formula["c-ares"].opt_lib/shared_library("libcares")}",
|
|
"-DLibMMDB_LIBRARY=#{Formula["libmaxminddb"].opt_lib/shared_library("libmaxminddb")}",
|
|
"-DOPENSSL_ROOT_DIR=#{Formula["openssl@1.1"].opt_prefix}",
|
|
"-DPYTHON_EXECUTABLE=#{which("python3.11")}",
|
|
"-DZEEK_ETC_INSTALL_DIR=#{etc}",
|
|
"-DZEEK_LOCAL_STATE_DIR=#{var}",
|
|
*std_cmake_args
|
|
system "cmake", "--build", "build"
|
|
system "cmake", "--install", "build"
|
|
end
|
|
|
|
test do
|
|
assert_match "version #{version}", shell_output("#{bin}/zeek --version")
|
|
assert_match "ARP packet analyzer", shell_output("#{bin}/zeek --print-plugins")
|
|
system bin/"zeek", "-C", "-r", test_fixtures("test.pcap")
|
|
assert_predicate testpath/"conn.log", :exist?
|
|
refute_predicate testpath/"conn.log", :empty?
|
|
assert_predicate testpath/"http.log", :exist?
|
|
refute_predicate testpath/"http.log", :empty?
|
|
# For bottling MacOS SDK paths must not be part of the public include directories, see zeek/zeek#1468.
|
|
refute_includes shell_output("#{bin}/zeek-config --include_dir").chomp, "MacOSX"
|
|
end
|
|
end
|