Merge pull request #4855 from sartura/yara_add_package
yara: add package
This commit is contained in:
champtar
GitHub
commit
86605ec7e2
2 changed files with 87 additions and 0 deletions
16
utils/yara/Config.in
Normal file
16
utils/yara/Config.in
Normal file
|
|
@ -0,0 +1,16 @@
|
|||
if PACKAGE_yara
|
||||
comment "Optional modules"
|
||||
|
||||
config YARA_module_magic
|
||||
bool "Magic module"
|
||||
default y
|
||||
help
|
||||
Identify the type of the file based on the output of file command
|
||||
|
||||
config YARA_module_cuckoo
|
||||
bool "Cuckoo module"
|
||||
default n
|
||||
help
|
||||
Create rules based on behavioral info generated by a Cuckoo sandbox
|
||||
endif
|
||||
|
||||
71
utils/yara/Makefile
Normal file
71
utils/yara/Makefile
Normal file
|
|
@ -0,0 +1,71 @@
|
|||
#
|
||||
# Copyright (C) 2017 OpenWrt.org
|
||||
#
|
||||
# This is free software, licensed under the GNU General Public License v2.
|
||||
# See /LICENSE for more information.
|
||||
#
|
||||
|
||||
include $(TOPDIR)/rules.mk
|
||||
|
||||
PKG_NAME:=yara
|
||||
PKG_VERSION:=3.6.3
|
||||
PKG_RELEASE:=1
|
||||
PKG_LICENSE:=BSD-3-Clause
|
||||
|
||||
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
|
||||
PKG_SOURCE_URL:=https://github.com/VirusTotal/yara/archive/v$(PKG_VERSION)/
|
||||
PKG_HASH:=ad2c0e788b4d8b2f3e9078f448754313249a302b749b9a24e932bfc5e141a5e8
|
||||
|
||||
PKG_FIXUP:=autoreconf
|
||||
PKG_BUILD_PARALLEL:=1
|
||||
PKG_INSTALL:=1
|
||||
|
||||
include $(INCLUDE_DIR)/package.mk
|
||||
|
||||
define Package/yara
|
||||
SECTION:=utils
|
||||
CATEGORY:=Utilities
|
||||
TITLE:=Pattern matching swiss knife for malware researchers
|
||||
URL:=http://virustotal.github.io/yara/
|
||||
MAINTAINER:=Marko Ratkaj <marko.ratkaj@sartura.hr>
|
||||
DEPENDS:= +libopenssl
|
||||
DEPENDS+= +YARA_module_magic:libmagic
|
||||
DEPENDS+= +YARA_module_cuckoo:jansson
|
||||
MENU:=1
|
||||
endef
|
||||
|
||||
define Package/yara/description
|
||||
YARA is a tool aimed at (but not limited to) helping malware researchers
|
||||
to identify and classify malware samples. With YARA you can create
|
||||
descriptions of malware families based on textual or binary patterns.
|
||||
endef
|
||||
|
||||
CONFIGURE_ARGS += \
|
||||
--disable-dotnet \
|
||||
$(if $(YARA_module_magic),--enable,--disable)-magic \
|
||||
$(if $(YARA_module_cuckoo),--enable,--disable)-cuckoo
|
||||
|
||||
define Package/yara/config
|
||||
source "$(SOURCE)/Config.in"
|
||||
endef
|
||||
|
||||
define Build/InstallDev
|
||||
$(INSTALL_DIR) $(1)/usr/include
|
||||
$(CP) $(PKG_INSTALL_DIR)/usr/include/yara.h $(1)/usr/include
|
||||
$(INSTALL_DIR) $(1)/usr/include/yara
|
||||
$(CP) $(PKG_INSTALL_DIR)/usr/include/yara/* $(1)/usr/include/yara
|
||||
$(INSTALL_DIR) $(1)/usr/lib
|
||||
$(CP) $(PKG_INSTALL_DIR)/usr/lib/libyara.{a,la,so*} $(1)/usr/lib/
|
||||
$(INSTALL_DIR) $(1)/usr/lib/pkgconfig
|
||||
$(CP) $(PKG_INSTALL_DIR)/usr/lib/pkgconfig/yara.pc $(1)/usr/lib/pkgconfig
|
||||
endef
|
||||
|
||||
define Package/yara/install
|
||||
$(INSTALL_DIR) $(1)/usr/bin
|
||||
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/yara $(1)/usr/bin/
|
||||
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/yarac $(1)/usr/bin/
|
||||
$(INSTALL_DIR) $(1)/usr/lib/
|
||||
$(CP) $(PKG_INSTALL_DIR)/usr/lib/libyara.so* $(1)/usr/lib/
|
||||
endef
|
||||
|
||||
$(eval $(call BuildPackage,yara))
|
||||
Loading…
Reference in a new issue