# -*- coding: utf-8; mode: tcl; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- vim:fenc=utf-8:ft=tcl:et:sw=4:ts=4:sts=4
description Open Source Network Intrusion Detection System
Snort is an open source network intrusion detection system, capable \
of performing real-time traffic analysis and packet logging on IP \
networks. It can perform protocol analysis, content \
searching/matching and can be used to detect a variety of attacks \
and probes, such as buffer overflows, stealth port scans, CGI \
attacks, SMB probes, OS fingerprinting attempts, and much more.
homepage https://www.snort.org/
master_sites ${homepage}downloads/snort/
checksums rmd160 926e11ffe17da5b19e65b6cc4d7dcb3e07403dc4 \
sha256 bfb437746446ef72a03c501db13cd6da5edd2b41f55c80c437ba288be6da7dba \
depends_build port:pkgconfig
path:lib/libssl.dylib:openssl
add_users snort group=snort home=${prefix}/var/snort shell=/sbin/nologin realname=Snort\ user
# snort interface, defined outside variants below so that `port lint` succeeds
# provide snort interface as port variants
description "Snort launch daemon interface en0" {
description "Snort launch daemon interface en1" {
if { ![variant_isset if_en0] && ![variant_isset if_en1] } {
-l ${prefix}/var/log/snort \
--pid-path ${prefix}/var/run \