Difuse/packages
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Merge pull request #4855 from sartura/yara_add_package

Browse source 
yara: add package
This commit is contained in:
champtar 2017-09-23 16:09:05 -07:00 committed by GitHub
commit 86605ec7e2
2 changed files with 87 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

16
utils/yara/Config.in Normal file
View file

@ -0,0 +1,16 @@
if PACKAGE_yara
comment "Optional modules"
config YARA_module_magic
bool "Magic module"
default y
help
Identify the type of the file based on the output of file command
config YARA_module_cuckoo
bool "Cuckoo module"
default n
help
Create rules based on behavioral info generated by a Cuckoo sandbox
endif

71
utils/yara/Makefile Normal file
View file

@ -0,0 +1,71 @@
#
# Copyright (C) 2017 OpenWrt.org
#
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
#
include $(TOPDIR)/rules.mk
PKG_NAME:=yara
PKG_VERSION:=3.6.3
PKG_RELEASE:=1
PKG_LICENSE:=BSD-3-Clause
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://github.com/VirusTotal/yara/archive/v$(PKG_VERSION)/
PKG_HASH:=ad2c0e788b4d8b2f3e9078f448754313249a302b749b9a24e932bfc5e141a5e8
PKG_FIXUP:=autoreconf
PKG_BUILD_PARALLEL:=1
PKG_INSTALL:=1
include $(INCLUDE_DIR)/package.mk
define Package/yara
SECTION:=utils
CATEGORY:=Utilities
TITLE:=Pattern matching swiss knife for malware researchers
URL:=http://virustotal.github.io/yara/
MAINTAINER:=Marko Ratkaj <marko.ratkaj@sartura.hr>
DEPENDS:= +libopenssl
DEPENDS+= +YARA_module_magic:libmagic
DEPENDS+= +YARA_module_cuckoo:jansson
MENU:=1
endef
define Package/yara/description
YARA is a tool aimed at (but not limited to) helping malware researchers
to identify and classify malware samples. With YARA you can create
descriptions of malware families based on textual or binary patterns.
endef
CONFIGURE_ARGS += \
--disable-dotnet \
$(if $(YARA_module_magic),--enable,--disable)-magic \
$(if $(YARA_module_cuckoo),--enable,--disable)-cuckoo
define Package/yara/config
source "$(SOURCE)/Config.in"
endef
define Build/InstallDev
$(INSTALL_DIR) $(1)/usr/include
$(CP) $(PKG_INSTALL_DIR)/usr/include/yara.h $(1)/usr/include
$(INSTALL_DIR) $(1)/usr/include/yara
$(CP) $(PKG_INSTALL_DIR)/usr/include/yara/* $(1)/usr/include/yara
$(INSTALL_DIR) $(1)/usr/lib
$(CP) $(PKG_INSTALL_DIR)/usr/lib/libyara.{a,la,so*} $(1)/usr/lib/
$(INSTALL_DIR) $(1)/usr/lib/pkgconfig
$(CP) $(PKG_INSTALL_DIR)/usr/lib/pkgconfig/yara.pc $(1)/usr/lib/pkgconfig
endef
define Package/yara/install
$(INSTALL_DIR) $(1)/usr/bin
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/yara $(1)/usr/bin/
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/yarac $(1)/usr/bin/
$(INSTALL_DIR) $(1)/usr/lib/
$(CP) $(PKG_INSTALL_DIR)/usr/lib/libyara.so* $(1)/usr/lib/
endef
$(eval $(call BuildPackage,yara))