aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--security/Makefile1
-rw-r--r--security/razorback-yaraNugget/Makefile50
-rw-r--r--security/razorback-yaraNugget/distinfo2
-rw-r--r--security/razorback-yaraNugget/pkg-descr8
-rw-r--r--security/razorback-yaraNugget/pkg-message6
-rw-r--r--security/razorback-yaraNugget/pkg-plist14
6 files changed, 81 insertions, 0 deletions
diff --git a/security/Makefile b/security/Makefile
index c22380cf8662..0f89332f82d3 100644
--- a/security/Makefile
+++ b/security/Makefile
@@ -798,6 +798,7 @@
SUBDIR += razorback-scriptNugget
SUBDIR += razorback-swfScanner
SUBDIR += razorback-syslogNugget
+ SUBDIR += razorback-yaraNugget
SUBDIR += rdigest
SUBDIR += retranslator
SUBDIR += revelation
diff --git a/security/razorback-yaraNugget/Makefile b/security/razorback-yaraNugget/Makefile
new file mode 100644
index 000000000000..c68d1e383372
--- /dev/null
+++ b/security/razorback-yaraNugget/Makefile
@@ -0,0 +1,50 @@
+# New ports collection makefile for: razorback-yaraNugget
+# Date created: 2011/06/8
+# Whom: Tom Judge <tom@tomjudge.com>
+#
+# $FreeBSD$
+#
+
+PORTNAME= yaraNugget
+PORTVERSION= 0.5.0
+CATEGORIES= security
+MASTER_SITES= SF/razorbacktm/Nuggets
+PKGNAMEPREFIX= razorback-
+DIST_SUBDIR= razorback
+
+MAINTAINER= tj@FreeBSD.org
+COMMENT= Framework for an intelligence driven security - Yara Detection
+
+LICENSE= GPLv2
+LICENSE_FILE= ${WRKSRC}/LICENSE
+
+LIB_DEPENDS= razorback_api:${PORTSDIR}/security/razorback-api \
+ pcre:${PORTSDIR}/devel/pcre
+BUILD_DEPENDS= razorback-masterNugget>=0.5.0:${PORTSDIR}/security/razorback-masterNugget
+RUN_DEPENDS= razorback-masterNugget>=0.5.0:${PORTSDIR}/security/razorback-masterNugget
+
+OPTIONS_DEFINE= DEBUG ASSERT
+ASSERT_DESC= Enable Asserts
+
+.include <bsd.port.options.mk>
+
+RB_LIBDIR?= ${PREFIX}/lib/razorback
+GNU_CONFIGURE= yes
+USE_AUTOTOOLS= libtool
+USE_LDCONFIG= ${RB_LIBDIR}
+
+.if ${PORT_OPTIONS:MDEBUG}
+CONFIGURE_ARGS+=--enable-debug
+.endif
+
+.if ${PORT_OPTIONS:MASSERT}
+CONFIGURE_ARGS+=--enable-assert
+.endif
+
+post-install:
+ ${LN} -sf ${RB_LIBDIR}/yaraNugget.so.2 ${RB_LIBDIR}/yaraNugget.so.2.0.0
+ @if [ ! -f ${PREFIX}/etc/razorback/yara.conf ]; then \
+ ${CP} -p ${PREFIX}/etc/razorback/yara.conf.sample ${PREFIX}/etc/razorback/yara.conf ; \
+ fi
+
+.include <bsd.port.mk>
diff --git a/security/razorback-yaraNugget/distinfo b/security/razorback-yaraNugget/distinfo
new file mode 100644
index 000000000000..8017e2160990
--- /dev/null
+++ b/security/razorback-yaraNugget/distinfo
@@ -0,0 +1,2 @@
+SHA256 (razorback/yaraNugget-0.5.0.tar.gz) = 6b43e0033aa9f834acdd8aba1c437d7fac47a4d2edac1e9961983d6a019b1fc1
+SIZE (razorback/yaraNugget-0.5.0.tar.gz) = 623917
diff --git a/security/razorback-yaraNugget/pkg-descr b/security/razorback-yaraNugget/pkg-descr
new file mode 100644
index 000000000000..a8b27d1c8830
--- /dev/null
+++ b/security/razorback-yaraNugget/pkg-descr
@@ -0,0 +1,8 @@
+Razorback is a framework for an intelligence driven security solution.
+It consists of a Dispatcher at the core of the system, surrounded by
+Nuggets of varying types.
+
+The Yara nugget allows modified Yara rules to dictate which flags are
+set when they alert.
+
+WWW: http://razorbacktm.sourceforge.net/
diff --git a/security/razorback-yaraNugget/pkg-message b/security/razorback-yaraNugget/pkg-message
new file mode 100644
index 000000000000..498ac9913048
--- /dev/null
+++ b/security/razorback-yaraNugget/pkg-message
@@ -0,0 +1,6 @@
+After this port has been installed, you will need to copy and edit the
+sample configuration (rzb_yara.conf.sample) to rzb_yara.conf.
+
+Additionally, you will need to provide rules for yara. The rules should be
+placed in the directory specified in the rzb_yara.conf file. The rules may
+be placed in subdirectories or symlinked.
diff --git a/security/razorback-yaraNugget/pkg-plist b/security/razorback-yaraNugget/pkg-plist
new file mode 100644
index 000000000000..a3086f3bf32b
--- /dev/null
+++ b/security/razorback-yaraNugget/pkg-plist
@@ -0,0 +1,14 @@
+@comment $FreeBSD$
+@unexec if cmp -s %D/etc/razorback/yara.conf %D/etc/razorback/yara.conf.sample; then rm -f %D/etc/razorback/yara.conf; fi
+etc/razorback/yara.conf.sample
+@exec if [ ! -f %D/etc/razorback/yara.conf ]; then cp -p %D/%F %B/yara.conf; fi
+etc/razorback/yara/banker.rules
+etc/razorback/yara/packer.rules
+@dirrmtry etc/razorback/yara
+@dirrmtry etc/razorback
+lib/razorback/yaraNugget.so.2.0.0
+lib/razorback/yaraNugget.so.2
+lib/razorback/yaraNugget.so
+lib/razorback/yaraNugget.la
+lib/razorback/yaraNugget.a
+@dirrmtry lib/razorback