tell yara cmdline the range(s) to scan for stuff

[radare]

as long as yara doesnt knows about file formats, it will be good to be able to specify this in the commandline options to be used in conjuntion with other tools or just to scan a portion of a memory dump, etc

[GWHAYWOOD]

I don't know if this helps with your issue or not, but I seemed to have success by defining a variable at rule compilation time to determine what parts of the data will be scanned at scan time by choosing from different rulesets which are built using different variable definitions at rule compilation time.

I define rulesets in a shell script.

In the shell script, the statements which compile the rule contain the definitions ' -d range_start=value -d range_end=value '.

In the rule definitions, in the 'condition' sections I use for example

condition: $string in ( range_start .. range_end )

I define more than one ruleset using different values for the range, and choose the ruleset at scan time.

An alternative with which I'm experimenting is to define a condition such as

condition: $something in (range1start..range1end) or ( BOOLEAN and $something in (range2start..range2end) )