gentoo resync : 12.05.2022

author: V3n3RiX <venerix@koprulu.sector> 2022-05-12 16:42:50 +0300
committer: V3n3RiX <venerix@koprulu.sector> 2022-05-12 16:42:50 +0300
commit: 752d6256e5204b958b0ef7905675a940b5e9172f (patch)
tree: 330d16e6362a49cbed8875a777fe641a43376cd3 /net-firewall
parent: 0c100b7dd2b30e75b799d806df4ef899fd98e1ea (diff)
18 files changed, 200 insertions, 1461 deletions
diff --git a/net-firewall/Manifest.gz b/net-firewall/Manifest.gz
index 09b6869a9ead..88b45124c954 100644
--- a/net-firewall/Manifest.gz
+++ b/net-firewall/Manifest.gz
diff --git a/net-firewall/firewalld/Manifest b/net-firewall/firewalld/Manifest
index 5d603a6e7029..26ae594e0032 100644
--- a/net-firewall/firewalld/Manifest
+++ b/net-firewall/firewalld/Manifest
@@ -1,11 +1,5 @@
 AUX firewalld.init 250 BLAKE2B 1c0f690e24313037b801902aa772a9d1cb6889a05f142bc3d84602002ef053cd059b5193983f9fe6d89065a070a566a6a9ba8212a092435953ebed80ea7c7b40 SHA512 457cda01449f38563e98e1db937fe1c50745eab91797f52687e3ab9f5d94dd42d129740ae6669e99666a3f096d631dd3a44e66010b638b31b9c6ba798362403e
 AUX firewalld.service 581 BLAKE2B b4eb7549305da68bc53f913d5d0a3ff2595e8e482ed2a474ede645f33b8192e142cd1aa964c5c1dcf8a7c336c68d494ee13421ec7566312a4f89330c236cab9c SHA512 b81fb8414619b3661985cbac001a47c76d76b13eebe421919a838fa0396e6470a3109e0d20d88f423ff43b6e48c0537467125a85bf8939ef0ab6ded4d4829b03
-DIST firewalld-1.0.2.tar.gz 1307963 BLAKE2B 11a7710981ba39f4bcb8431558e5b558a60d77fb1aa3fe4c5febc37f2eab754a6608e4820b6318c963bb6290a9b26ae9e162d9e46277c34dfdacac46ba938b21 SHA512 fbb60a6f52e5be26051303769b6521a6c775d450ab6704f2d63fe38dc6194976ad36f1d924380d09012f41ab6dab1f6f78c5a859fbfe00c52cdff40d82e62283
-DIST firewalld-1.0.3.tar.gz 1310433 BLAKE2B c414a347ca1008e010bf8393e45ffff38b5845fde7cc53b810276e46d67c6302cfe93a59665ad6ebc533b3ae04908f9089546b109888f60f0c798f3cac62a30d SHA512 0ba423e8c294d143f31bbdac13553e58cd0a3429812b555829c34f411478c26cffcc40095218539155e9ed7fe7e360fb8dd85a572a8ad9d5650b0cc206fe42a1
-DIST firewalld-1.1.0.tar.gz 1324519 BLAKE2B d9f97c88a1ed44b325bb95616770c0aff6e0088bccd08d062b3be686964d3d36003c1e13809a8802af2062ff7544b2a1fd870c1e933952a9b77af989ec0f9b54 SHA512 4cb8b0d6387de72827d06c19019e5608e36f647a70aef04879f9225795571638758abd5ff6333bd9db816b6de40d7e8df04c402556c2402e85ad34633d337091
 DIST firewalld-1.1.1.tar.gz 1325362 BLAKE2B 0167d9bc1c76da420dfe8aa5e6bfdd743116fbe6959d5920b972fac09c72608c90b9d6b2bb4bd7bb01250cbab2bdbb30a017becf5d050f490f4f289661e4366a SHA512 ecf75c30be63d2285d0b915b26d20e679c2f45f121c37b8cecc236da02d21039c692d1fec72e6c29d2a7b6de570daad573c230deacaef7491a2fd39c35332479
-EBUILD firewalld-1.0.2-r1.ebuild 4845 BLAKE2B 97a508d2b0549aa2479f85b5a408dc69c578056eb7260e18c8f3c529e0671d6717bc71ccd76599e902067d0999816636a2049a705593d4ea9a4c42574d20fb96 SHA512 8ce1404b9784a415bc82c46add90d3166901dc2ddab234a549f6be103f03cedb0f9bd3dcd8aa68a2883bf64a4eadabda2475bcdf1ad64d24aeddf73c8a50ec61
-EBUILD firewalld-1.0.3-r1.ebuild 4840 BLAKE2B 564b9da71fd3d7c8e17ec2cd36864c7079116125b6e0d8cff129127ef377820d41ba2f04ccba0d37e7df7a21a37794d341c9071859e56ab918645479e59068e6 SHA512 519487890a562cd085ffc047d1235e8b7ffbc4be682ca258df8dcde2ded376714fdaaa989e21f9e4929241bc1dc1ada6d4219a02bd67c690713c18dc09610b25
-EBUILD firewalld-1.1.0-r1.ebuild 5140 BLAKE2B d7450569feb484f201eb4c17670f6697ac3d249567bdb894b3a612208c20ece8e81256f1aa0f9452670291d2d43636e7695747f388f3d4157803f5eabd6acce4 SHA512 e7421c80821b004202e3f6182f024b3d393ef1797fe06a7e62841bdc1dffcd8caf3628f37be90fc7fcd565a5da868c12b5c0579feb24141e1c433ecaabfcba91
-EBUILD firewalld-1.1.1.ebuild 5145 BLAKE2B 3df6225eb714b69345d770bd00462d5ec3445c618488253c07011e24c466a53f878734c772258fc91cb6df41880aad8692c5f0f62d6e7b81ea2a95246a35d75b SHA512 0d47fe57bbc5dd5449e54e69e1132e94e99b640a3da9e9d371750ac769d586a87566b8a8d3963336c81d9b4ff771d152235225d52e12dc5c934c57bb9f9f1727
+EBUILD firewalld-1.1.1.ebuild 5166 BLAKE2B 40802a29a71d688686acdb223f493c0ca2b5552416b5ffb5dad7ca75d5a8af433df72a289a57fd527a97ae6d33173db2059241f4951f0bbdfaceaa8ad734ab20 SHA512 d65f3b8c9c2aedd4d9ee76fb28bcd77e9eebfa23e326b05225e94f84ce9b9b7c6a0491da3ca867ab3c49bbac244aa3a8622b281e3ccfae321889e27a58ab9dfd
 MISC metadata.xml 587 BLAKE2B f4a873c64f1760c1d28f09886573b638053e23bc2562674b4c21b81414c66271ff8c168d3a98f402bb0d2a3f8982b29cbd77817f0eac346f0774b51ed014113d SHA512 47bd8f14d0eeae00a59fc0507dd178f4420381a8ba197535936acba3aae0344614f003647636c0361c5cc0ef86d2653d7ca175cdeb2d5fdbc8869c3e633df6ba
diff --git a/net-firewall/firewalld/firewalld-1.0.2-r1.ebuild b/net-firewall/firewalld/firewalld-1.0.2-r1.ebuild
deleted file mode 100644
index 36b30b91cc4e..000000000000
--- a/net-firewall/firewalld/firewalld-1.0.2-r1.ebuild
+++ /dev/null
@@ -1,203 +0,0 @@
-# Copyright 1999-2022 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=7
-
-PYTHON_COMPAT=( python3_{8,9,10} )
-inherit autotools bash-completion-r1 gnome2-utils linux-info plocale python-single-r1 systemd xdg-utils
-
-DESCRIPTION="A firewall daemon with D-Bus interface providing a dynamic firewall"
-HOMEPAGE="https://www.firewalld.org/"
-SRC_URI="https://github.com/${PN}/${PN}/archive/v${PV}.tar.gz -> ${P}.tar.gz"
-
-LICENSE="GPL-2+"
-SLOT="0"
-KEYWORDS="amd64 ~arm arm64 ppc64 ~riscv x86"
-IUSE="gui +nftables +iptables"
-REQUIRED_USE="${PYTHON_REQUIRED_USE}"
-
-RDEPEND="${PYTHON_DEPS}
-	iptables? (
-		net-firewall/iptables[ipv6(+)]
-		net-firewall/ebtables
-		net-firewall/ipset
-		nftables? ( net-firewall/nftables[xtables(+)] )
-	)
-	|| ( >=sys-apps/openrc-0.11.5 sys-apps/systemd )
-	$(python_gen_cond_dep '
-		dev-python/dbus-python[${PYTHON_USEDEP}]
-		dev-python/pygobject:3[${PYTHON_USEDEP}]
-		gui? (
-			x11-libs/gtk+:3
-			dev-python/PyQt5[gui,widgets,${PYTHON_USEDEP}]
-		)
-		nftables? ( >=net-firewall/nftables-0.9.4[python,json] )
-	')"
-DEPEND="${RDEPEND}
-	dev-libs/glib:2"
-BDEPEND=">=dev-util/intltool-0.35
-	sys-devel/gettext"
-
-RESTRICT="test" # bug 650760
-
-# Testsuite's Makefile.am calls missing(!)
-# ... but this seems to be consistent with the autoconf docs?
-# Needs more investigation: https://www.gnu.org/software/autoconf/manual/autoconf-2.67/html_node/autom4te-Invocation.html
-QA_AM_MAINTAINER_MODE=".*--run autom4te --language=autotest.*"
-
-PLOCALES="ar as ast bg bn_IN ca cs da de el en_GB en_US es et eu fa fi fr gl gu hi hu ia id it ja ka kn ko lt ml mr nl or pa pl pt pt_BR ru si sk sq sr sr@latin sv ta te tr uk zh_CN zh_TW"
-
-pkg_setup() {
-	# See bug #830132 for the huge list
-	# We can probably narrow it down a bit but it's rather fragile
-	local CONFIG_CHECK="~NF_CONNTRACK ~NETFILTER_XT_MATCH_CONNTRACK
-	~NETFILTER
-	~NETFILTER_ADVANCED
-	~NETFILTER_INGRESS
-	~NF_NAT_MASQUERADE
-	~NF_NAT_REDIRECT
-	~NF_TABLES_INET
-	~NF_TABLES_IPV4
-	~NF_TABLES_IPV6
-	~NF_CONNTRACK
-	~NF_CONNTRACK_BROADCAST
-	~NF_CONNTRACK_NETBIOS
-	~NF_CONNTRACK_TFTP
-	~NF_CT_NETLINK
-	~NF_CT_NETLINK_HELPER
-	~NF_DEFRAG_IPV4
-	~NF_DEFRAG_IPV6
-	~NF_NAT
-	~NF_NAT_TFTP
-	~NF_REJECT_IPV4
-	~NF_REJECT_IPV6
-	~NF_SOCKET_IPV4
-	~NF_SOCKET_IPV6
-	~NF_TABLES
-	~NF_TABLES_SET
-	~NF_TPROXY_IPV4
-	~NF_TPROXY_IPV6
-	~IP_NF_FILTER
-	~IP_NF_IPTABLES
-	~IP_NF_MANGLE
-	~IP_NF_NAT
-	~IP_NF_RAW
-	~IP_NF_SECURITY
-	~IP_NF_TARGET_MASQUERADE
-	~IP_NF_TARGET_REJECT
-	~IP6_NF_FILTER
-	~IP6_NF_IPTABLES
-	~IP6_NF_MANGLE
-	~IP6_NF_NAT
-	~IP6_NF_RAW
-	~IP6_NF_SECURITY
-	~IP6_NF_TARGET_MASQUERADE
-	~IP6_NF_TARGET_REJECT
-	~IP_SET
-	~NETFILTER_CONNCOUNT
-	~NETFILTER_NETLINK
-	~NETFILTER_NETLINK_OSF
-	~NETFILTER_NETLINK_QUEUE
-	~NETFILTER_SYNPROXY
-	~NETFILTER_XTABLES
-	~NETFILTER_XT_CONNMARK
-	~NETFILTER_XT_MATCH_CONNTRACK
-	~NETFILTER_XT_MATCH_MULTIPORT
-	~NETFILTER_XT_MATCH_STATE
-	~NETFILTER_XT_NAT
-	~NETFILTER_XT_TARGET_MASQUERADE
-	~NFT_COMPAT
-	~NFT_COUNTER
-	~NFT_CT
-	~NFT_FIB
-	~NFT_FIB_INET
-	~NFT_FIB_IPV4
-	~NFT_FIB_IPV6
-	~NFT_HASH
-	~NFT_LIMIT
-	~NFT_LOG
-	~NFT_MASQ
-	~NFT_NAT
-	~NFT_NET
-	~NFT_OBJREF
-	~NFT_QUEUE
-	~NFT_QUOTA
-	~NFT_REDIR
-	~NFT_REJECT
-	~NFT_REJECT_INET
-	~NFT_REJECT_IPV4
-	~NFT_REJECT_IPV6
-	~NFT_SOCKET
-	~NFT_SYNPROXY
-	~NFT_TPROXY
-	~NFT_TUNNEL
-	~NFT_XFRM"
-
-	# kernel >= 4.19 has unified a NF_CONNTRACK module, bug 692944
-	if kernel_is -lt 4 19; then
-		CONFIG_CHECK="${CONFIG_CHECK} ~NF_CONNTRACK_IPV4 ~NF_CONNTRACK_IPV6"
-	fi
-
-	linux-info_pkg_setup
-}
-
-src_prepare() {
-	default
-
-	eautoreconf
-
-	plocale_find_changes "po" "" ".po"
-	plocale_get_locales | sed -e 's/ /\n/g' > po/LINGUAS
-}
-
-src_configure() {
-	python_setup
-
-	local econf_args=(
-		--enable-systemd
-		$(use_with iptables iptables "${EPREFIX}/sbin/iptables")
-		$(use_with iptables iptables_restore "${EPREFIX}/sbin/iptables-restore")
-		$(use_with iptables ip6tables "${EPREFIX}/sbin/ip6tables")
-		$(use_with iptables ip6tables_restore "${EPREFIX}/sbin/ip6tables-restore")
-		$(use_with iptables ebtables "${EPREFIX}/sbin/ebtables")
-		$(use_with iptables ebtables_restore "${EPREFIX}/sbin/ebtables-restore")
-		$(use_with iptables ipset "${EPREFIX}/usr/sbin/ipset")
-		--with-systemd-unitdir="$(systemd_get_systemunitdir)"
-		--with-bashcompletiondir="$(get_bashcompdir)"
-	)
-
-	econf "${econf_args[@]}"
-}
-
-src_install() {
-	default
-	python_optimize
-
-	# Get rid of junk
-	rm -rf "${D}/etc/sysconfig/" || die
-
-	# For non-gui installs we need to remove GUI bits
-	if ! use gui; then
-		rm -rf "${D}/etc/xdg/autostart" || die
-		rm -f "${D}/usr/bin/firewall-applet" || die
-		rm -f "${D}/usr/bin/firewall-config" || die
-		rm -rf "${D}/usr/share/applications" || die
-		rm -rf "${D}/usr/share/icons" || die
-	fi
-
-	newinitd "${FILESDIR}"/firewalld.init firewalld
-}
-
-pkg_preinst() {
-	gnome2_schemas_savelist
-}
-
-pkg_postinst() {
-	xdg_icon_cache_update
-	gnome2_schemas_update
-}
-
-pkg_postrm() {
-	xdg_icon_cache_update
-	gnome2_schemas_update
-}
diff --git a/net-firewall/firewalld/firewalld-1.0.3-r1.ebuild b/net-firewall/firewalld/firewalld-1.0.3-r1.ebuild
deleted file mode 100644
index 44c9ba18b636..000000000000
--- a/net-firewall/firewalld/firewalld-1.0.3-r1.ebuild
+++ /dev/null
@@ -1,203 +0,0 @@
-# Copyright 1999-2022 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=7
-
-PYTHON_COMPAT=( python3_{8,9,10} )
-inherit autotools bash-completion-r1 gnome2-utils linux-info plocale python-single-r1 systemd xdg-utils
-
-DESCRIPTION="A firewall daemon with D-Bus interface providing a dynamic firewall"
-HOMEPAGE="https://firewalld.org/"
-SRC_URI="https://github.com/${PN}/${PN}/archive/v${PV}.tar.gz -> ${P}.tar.gz"
-
-LICENSE="GPL-2+"
-SLOT="0"
-KEYWORDS="amd64 arm arm64 ppc64 ~riscv x86"
-IUSE="gui +nftables +iptables"
-REQUIRED_USE="${PYTHON_REQUIRED_USE}"
-
-RDEPEND="${PYTHON_DEPS}
-	iptables? (
-		net-firewall/iptables[ipv6(+)]
-		net-firewall/ebtables
-		net-firewall/ipset
-		nftables? ( net-firewall/nftables[xtables(+)] )
-	)
-	|| ( >=sys-apps/openrc-0.11.5 sys-apps/systemd )
-	$(python_gen_cond_dep '
-		dev-python/dbus-python[${PYTHON_USEDEP}]
-		dev-python/pygobject:3[${PYTHON_USEDEP}]
-		gui? (
-			x11-libs/gtk+:3
-			dev-python/PyQt5[gui,widgets,${PYTHON_USEDEP}]
-		)
-		nftables? ( >=net-firewall/nftables-0.9.4[python,json] )
-	')"
-DEPEND="${RDEPEND}
-	dev-libs/glib:2"
-BDEPEND=">=dev-util/intltool-0.35
-	sys-devel/gettext"
-
-RESTRICT="test" # bug 650760
-
-# Testsuite's Makefile.am calls missing(!)
-# ... but this seems to be consistent with the autoconf docs?
-# Needs more investigation: https://www.gnu.org/software/autoconf/manual/autoconf-2.67/html_node/autom4te-Invocation.html
-QA_AM_MAINTAINER_MODE=".*--run autom4te --language=autotest.*"
-
-PLOCALES="ar as ast bg bn_IN ca cs da de el en_GB en_US es et eu fa fi fr gl gu hi hu ia id it ja ka kn ko lt ml mr nl or pa pl pt pt_BR ru si sk sq sr sr@latin sv ta te tr uk zh_CN zh_TW"
-
-pkg_setup() {
-	# See bug #830132 for the huge list
-	# We can probably narrow it down a bit but it's rather fragile
-	local CONFIG_CHECK="~NF_CONNTRACK ~NETFILTER_XT_MATCH_CONNTRACK
-	~NETFILTER
-	~NETFILTER_ADVANCED
-	~NETFILTER_INGRESS
-	~NF_NAT_MASQUERADE
-	~NF_NAT_REDIRECT
-	~NF_TABLES_INET
-	~NF_TABLES_IPV4
-	~NF_TABLES_IPV6
-	~NF_CONNTRACK
-	~NF_CONNTRACK_BROADCAST
-	~NF_CONNTRACK_NETBIOS
-	~NF_CONNTRACK_TFTP
-	~NF_CT_NETLINK
-	~NF_CT_NETLINK_HELPER
-	~NF_DEFRAG_IPV4
-	~NF_DEFRAG_IPV6
-	~NF_NAT
-	~NF_NAT_TFTP
-	~NF_REJECT_IPV4
-	~NF_REJECT_IPV6
-	~NF_SOCKET_IPV4
-	~NF_SOCKET_IPV6
-	~NF_TABLES
-	~NF_TABLES_SET
-	~NF_TPROXY_IPV4
-	~NF_TPROXY_IPV6
-	~IP_NF_FILTER
-	~IP_NF_IPTABLES
-	~IP_NF_MANGLE
-	~IP_NF_NAT
-	~IP_NF_RAW
-	~IP_NF_SECURITY
-	~IP_NF_TARGET_MASQUERADE
-	~IP_NF_TARGET_REJECT
-	~IP6_NF_FILTER
-	~IP6_NF_IPTABLES
-	~IP6_NF_MANGLE
-	~IP6_NF_NAT
-	~IP6_NF_RAW
-	~IP6_NF_SECURITY
-	~IP6_NF_TARGET_MASQUERADE
-	~IP6_NF_TARGET_REJECT
-	~IP_SET
-	~NETFILTER_CONNCOUNT
-	~NETFILTER_NETLINK
-	~NETFILTER_NETLINK_OSF
-	~NETFILTER_NETLINK_QUEUE
-	~NETFILTER_SYNPROXY
-	~NETFILTER_XTABLES
-	~NETFILTER_XT_CONNMARK
-	~NETFILTER_XT_MATCH_CONNTRACK
-	~NETFILTER_XT_MATCH_MULTIPORT
-	~NETFILTER_XT_MATCH_STATE
-	~NETFILTER_XT_NAT
-	~NETFILTER_XT_TARGET_MASQUERADE
-	~NFT_COMPAT
-	~NFT_COUNTER
-	~NFT_CT
-	~NFT_FIB
-	~NFT_FIB_INET
-	~NFT_FIB_IPV4
-	~NFT_FIB_IPV6
-	~NFT_HASH
-	~NFT_LIMIT
-	~NFT_LOG
-	~NFT_MASQ
-	~NFT_NAT
-	~NFT_NET
-	~NFT_OBJREF
-	~NFT_QUEUE
-	~NFT_QUOTA
-	~NFT_REDIR
-	~NFT_REJECT
-	~NFT_REJECT_INET
-	~NFT_REJECT_IPV4
-	~NFT_REJECT_IPV6
-	~NFT_SOCKET
-	~NFT_SYNPROXY
-	~NFT_TPROXY
-	~NFT_TUNNEL
-	~NFT_XFRM"
-
-	# kernel >= 4.19 has unified a NF_CONNTRACK module, bug 692944
-	if kernel_is -lt 4 19; then
-		CONFIG_CHECK="${CONFIG_CHECK} ~NF_CONNTRACK_IPV4 ~NF_CONNTRACK_IPV6"
-	fi
-
-	linux-info_pkg_setup
-}
-
-src_prepare() {
-	default
-
-	eautoreconf
-
-	plocale_find_changes "po" "" ".po"
-	plocale_get_locales | sed -e 's/ /\n/g' > po/LINGUAS
-}
-
-src_configure() {
-	python_setup
-
-	local econf_args=(
-		--enable-systemd
-		$(use_with iptables iptables "${EPREFIX}/sbin/iptables")
-		$(use_with iptables iptables_restore "${EPREFIX}/sbin/iptables-restore")
-		$(use_with iptables ip6tables "${EPREFIX}/sbin/ip6tables")
-		$(use_with iptables ip6tables_restore "${EPREFIX}/sbin/ip6tables-restore")
-		$(use_with iptables ebtables "${EPREFIX}/sbin/ebtables")
-		$(use_with iptables ebtables_restore "${EPREFIX}/sbin/ebtables-restore")
-		$(use_with iptables ipset "${EPREFIX}/usr/sbin/ipset")
-		--with-systemd-unitdir="$(systemd_get_systemunitdir)"
-		--with-bashcompletiondir="$(get_bashcompdir)"
-	)
-
-	econf "${econf_args[@]}"
-}
-
-src_install() {
-	default
-	python_optimize
-
-	# Get rid of junk
-	rm -rf "${D}/etc/sysconfig/" || die
-
-	# For non-gui installs we need to remove GUI bits
-	if ! use gui; then
-		rm -rf "${D}/etc/xdg/autostart" || die
-		rm -f "${D}/usr/bin/firewall-applet" || die
-		rm -f "${D}/usr/bin/firewall-config" || die
-		rm -rf "${D}/usr/share/applications" || die
-		rm -rf "${D}/usr/share/icons" || die
-	fi
-
-	newinitd "${FILESDIR}"/firewalld.init firewalld
-}
-
-pkg_preinst() {
-	gnome2_schemas_savelist
-}
-
-pkg_postinst() {
-	xdg_icon_cache_update
-	gnome2_schemas_update
-}
-
-pkg_postrm() {
-	xdg_icon_cache_update
-	gnome2_schemas_update
-}
diff --git a/net-firewall/firewalld/firewalld-1.1.0-r1.ebuild b/net-firewall/firewalld/firewalld-1.1.0-r1.ebuild
deleted file mode 100644
index 85cf40f8f02f..000000000000
--- a/net-firewall/firewalld/firewalld-1.1.0-r1.ebuild
+++ /dev/null
@@ -1,213 +0,0 @@
-# Copyright 1999-2022 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=7
-
-PYTHON_COMPAT=( python3_{8,9,10} )
-inherit autotools bash-completion-r1 gnome2-utils linux-info optfeature plocale python-single-r1 systemd xdg-utils
-
-DESCRIPTION="A firewall daemon with D-Bus interface providing a dynamic firewall"
-HOMEPAGE="https://firewalld.org/"
-SRC_URI="https://github.com/${PN}/${PN}/archive/v${PV}.tar.gz -> ${P}.tar.gz"
-
-LICENSE="GPL-2+"
-SLOT="0"
-KEYWORDS="amd64 arm arm64 ppc64 ~riscv x86"
-IUSE="gui +nftables +iptables"
-REQUIRED_USE="${PYTHON_REQUIRED_USE}"
-
-RDEPEND="${PYTHON_DEPS}
-	iptables? (
-		net-firewall/iptables[ipv6(+)]
-		net-firewall/ebtables
-		net-firewall/ipset
-		nftables? ( net-firewall/nftables[xtables(+)] )
-	)
-	|| ( >=sys-apps/openrc-0.11.5 sys-apps/systemd )
-	$(python_gen_cond_dep '
-		dev-python/dbus-python[${PYTHON_USEDEP}]
-		dev-python/pygobject:3[${PYTHON_USEDEP}]
-		gui? (
-			x11-libs/gtk+:3
-			dev-python/PyQt5[gui,widgets,${PYTHON_USEDEP}]
-		)
-		nftables? ( >=net-firewall/nftables-0.9.4[python,json] )
-	')"
-DEPEND="${RDEPEND}
-	dev-libs/glib:2"
-BDEPEND=">=dev-util/intltool-0.35
-	sys-devel/gettext"
-
-RESTRICT="test" # bug 650760
-
-# Testsuite's Makefile.am calls missing(!)
-# ... but this seems to be consistent with the autoconf docs?
-# Needs more investigation: https://www.gnu.org/software/autoconf/manual/autoconf-2.67/html_node/autom4te-Invocation.html
-QA_AM_MAINTAINER_MODE=".*--run autom4te --language=autotest.*"
-
-PLOCALES="ar as ast bg bn_IN ca cs da de el en_GB en_US es et eu fa fi fr gl gu hi hr hu ia id it ja ka kn ko lt ml mr nl or pa pl pt pt_BR ru si sk sq sr sr@latin sv ta te tr uk zh_CN zh_TW"
-
-pkg_setup() {
-	# See bug #830132 for the huge list
-	# We can probably narrow it down a bit but it's rather fragile
-	local CONFIG_CHECK="~NF_CONNTRACK ~NETFILTER_XT_MATCH_CONNTRACK
-	~NETFILTER
-	~NETFILTER_ADVANCED
-	~NETFILTER_INGRESS
-	~NF_NAT_MASQUERADE
-	~NF_NAT_REDIRECT
-	~NF_TABLES_INET
-	~NF_TABLES_IPV4
-	~NF_TABLES_IPV6
-	~NF_CONNTRACK
-	~NF_CONNTRACK_BROADCAST
-	~NF_CONNTRACK_NETBIOS_NS
-	~NF_CONNTRACK_TFTP
-	~NF_CT_NETLINK
-	~NF_CT_NETLINK_HELPER
-	~NF_DEFRAG_IPV4
-	~NF_DEFRAG_IPV6
-	~NF_NAT
-	~NF_NAT_TFTP
-	~NF_REJECT_IPV4
-	~NF_REJECT_IPV6
-	~NF_SOCKET_IPV4
-	~NF_SOCKET_IPV6
-	~NF_TABLES
-	~NF_TPROXY_IPV4
-	~NF_TPROXY_IPV6
-	~IP_NF_FILTER
-	~IP_NF_IPTABLES
-	~IP_NF_MANGLE
-	~IP_NF_NAT
-	~IP_NF_RAW
-	~IP_NF_SECURITY
-	~IP_NF_TARGET_MASQUERADE
-	~IP_NF_TARGET_REJECT
-	~IP6_NF_FILTER
-	~IP6_NF_IPTABLES
-	~IP6_NF_MANGLE
-	~IP6_NF_NAT
-	~IP6_NF_RAW
-	~IP6_NF_SECURITY
-	~IP6_NF_TARGET_MASQUERADE
-	~IP6_NF_TARGET_REJECT
-	~IP_SET
-	~NETFILTER_CONNCOUNT
-	~NETFILTER_NETLINK
-	~NETFILTER_NETLINK_OSF
-	~NETFILTER_NETLINK_QUEUE
-	~NETFILTER_SYNPROXY
-	~NETFILTER_XTABLES
-	~NETFILTER_XT_CONNMARK
-	~NETFILTER_XT_MATCH_CONNTRACK
-	~NETFILTER_XT_MATCH_MULTIPORT
-	~NETFILTER_XT_MATCH_STATE
-	~NETFILTER_XT_NAT
-	~NETFILTER_XT_TARGET_MASQUERADE
-	~NFT_COMPAT
-	~NFT_COUNTER
-	~NFT_CT
-	~NFT_FIB
-	~NFT_FIB_INET
-	~NFT_FIB_IPV4
-	~NFT_FIB_IPV6
-	~NFT_HASH
-	~NFT_LIMIT
-	~NFT_LOG
-	~NFT_MASQ
-	~NFT_NAT
-	~NFT_OBJREF
-	~NFT_QUEUE
-	~NFT_QUOTA
-	~NFT_REDIR
-	~NFT_REJECT
-	~NFT_REJECT_INET
-	~NFT_REJECT_IPV4
-	~NFT_REJECT_IPV6
-	~NFT_SOCKET
-	~NFT_SYNPROXY
-	~NFT_TPROXY
-	~NFT_TUNNEL
-	~NFT_XFRM"
-
-	# kernel >= 4.19 has unified a NF_CONNTRACK module, bug #692944
-	if kernel_is -lt 4 19; then
-		CONFIG_CHECK+=" ~NF_CONNTRACK_IPV4 ~NF_CONNTRACK_IPV6"
-	fi
-
-	# bug #831259
-	if kernel_is -le 5 4 ; then
-		CONFIG_CHECK+=" ~NF_TABLES_SET"
-	fi
-
-	linux-info_pkg_setup
-}
-
-src_prepare() {
-	default
-
-	eautoreconf
-
-	plocale_find_changes "po" "" ".po" || die
-	plocale_get_locales | sed -e 's/ /\n/g' > po/LINGUAS
-}
-
-src_configure() {
-	python_setup
-
-	local econf_args=(
-		--enable-systemd
-		$(use_with iptables iptables "${EPREFIX}/sbin/iptables")
-		$(use_with iptables iptables_restore "${EPREFIX}/sbin/iptables-restore")
-		$(use_with iptables ip6tables "${EPREFIX}/sbin/ip6tables")
-		$(use_with iptables ip6tables_restore "${EPREFIX}/sbin/ip6tables-restore")
-		$(use_with iptables ebtables "${EPREFIX}/sbin/ebtables")
-		$(use_with iptables ebtables_restore "${EPREFIX}/sbin/ebtables-restore")
-		$(use_with iptables ipset "${EPREFIX}/usr/sbin/ipset")
-		--with-systemd-unitdir="$(systemd_get_systemunitdir)"
-		--with-bashcompletiondir="$(get_bashcompdir)"
-	)
-
-	econf "${econf_args[@]}"
-}
-
-src_install() {
-	default
-	python_optimize
-
-	# Get rid of junk
-	rm -rf "${D}/etc/sysconfig/" || die
-
-	# For non-gui installs we need to remove GUI bits
-	if ! use gui; then
-		rm -rf "${D}/etc/xdg/autostart" || die
-		rm -f "${D}/usr/bin/firewall-applet" || die
-		rm -f "${D}/usr/bin/firewall-config" || die
-		rm -rf "${D}/usr/share/applications" || die
-		rm -rf "${D}/usr/share/icons" || die
-	fi
-
-	newinitd "${FILESDIR}"/firewalld.init firewalld
-
-	# Our version drops the/an obsolete 'conflicts' line with old iptables services
-	# bug #833506
-	systemd_dounit "${FILESDIR}"/firewalld.service
-}
-
-pkg_preinst() {
-	gnome2_schemas_savelist
-}
-
-pkg_postinst() {
-	xdg_icon_cache_update
-	gnome2_schemas_update
-
-	# bug #833569
-	optfeature "changing zones with NetworkManager" gnome-extra/nm-applet
-}
-
-pkg_postrm() {
-	xdg_icon_cache_update
-	gnome2_schemas_update
-}
diff --git a/net-firewall/firewalld/firewalld-1.1.1.ebuild b/net-firewall/firewalld/firewalld-1.1.1.ebuild
index 93efaebbee7e..44aacd0abb81 100644
--- a/net-firewall/firewalld/firewalld-1.1.1.ebuild
+++ b/net-firewall/firewalld/firewalld-1.1.1.ebuild
@@ -12,7 +12,7 @@ SRC_URI="https://github.com/${PN}/${PN}/archive/v${PV}.tar.gz -> ${P}.tar.gz"
 
 LICENSE="GPL-2+"
 SLOT="0"
-KEYWORDS="~amd64 ~arm ~arm64 ~ppc64 ~riscv ~x86"
+KEYWORDS="amd64 arm arm64 ppc64 ~riscv x86"
 IUSE="gui +nftables +iptables"
 REQUIRED_USE="${PYTHON_REQUIRED_USE}"
 
@@ -35,7 +35,8 @@ RDEPEND="${PYTHON_DEPS}
 	')"
 DEPEND="${RDEPEND}
 	dev-libs/glib:2"
-BDEPEND=">=dev-util/intltool-0.35
+BDEPEND="app-text/docbook-xml-dtd
+	>=dev-util/intltool-0.35
 	sys-devel/gettext"
 
 RESTRICT="test" # bug 650760
diff --git a/net-firewall/ipset/Manifest b/net-firewall/ipset/Manifest
index c2efdd0962a1..494b2b3c7d04 100644
--- a/net-firewall/ipset/Manifest
+++ b/net-firewall/ipset/Manifest
@@ -2,8 +2,6 @@ AUX ipset-7.4-fix-pkgconfig-dir.patch 287 BLAKE2B b12f88e3743e815f4f9af79674998f
 AUX ipset.confd 588 BLAKE2B fb1b728c12953cb6d5009469eaeeb9e58e01dd76b6849ad554d545bab417e8614d6417be52c2079b961bc66e355cf27c697ac3b2e0fcd823f978c39d14c66264 SHA512 93e01873c3fb8ff5f4f78e04118a666a650e604a1ba2908309faab08aa140e0ca7a2e24fc5114a9e809d3dbe81e801fc9ad59d53e174014cae1f23719a2a8e3e
 AUX ipset.initd-r4 2997 BLAKE2B 9c376e1a5083829a1fc40bfcca192cad19644c8ba585c29018a55837c0788127963071de2a94a251288ee19a7308ba4d7d80f48f3bc1aba497489872f9810479 SHA512 0e674308ae51b5d65e8aba913ffece7e9233ff69b15086d5f35cd8b4e23e6ee08d6c233ed21b647a033039a9e268ee2cb01718ac9ebb548734c5996a8acb3961
 AUX ipset.systemd 476 BLAKE2B 6d536142066ab60fdec24bcb138976709f186c575a7958ad9e8f0762c5b473de6882dcbdb7fbe16c79840096806fb8472308647aaa5b26dec192f91f4a541174 SHA512 c537c8c1bacbf9f3eeedfa123b666ac4f3d71cca9e44e89c9dc0f95328e1ec6be9480927272bd69d06a59f1d22bf4dc117c092d187d950c3f72e31608ab27a08
-DIST ipset-7.11.tar.bz2 674100 BLAKE2B 97f2e3372e963654ece511960e8c22d0dd9e29376d087a3767d89544dfbd85f9f9e75e0cc6c4eb9e1d813d1a472a410033a76feef3319b1d87fd51b0c3fd97cd SHA512 20890de32c17c04d9d3ae42fff64acfe21a252974bee5843ae39bdda707fcef55fde11cffccab9f987bf7e18f5445443c46c50eb854fb6f93f172f7bad07f922
 DIST ipset-7.15.tar.bz2 680383 BLAKE2B 10acff9741370ad80a2845605be1be4f691e987b271f4dcf1fab3abfe158c63c7d39e6b3453ba7cd361dee3df92f85419cfb70806a71b6806555f6571c70b1ed SHA512 0fc936d971c30a0925c585d506c8840e782fdaeec09bc8fd249e874fe838fa55a4dbb697f6e1423a6769abf07a1ce2195abc37cb641e8e4ad70f1b4c7130916a
-EBUILD ipset-7.11-r1.ebuild 3450 BLAKE2B 214cade04c6b499a7e0043df1eec4cd475b9247b21fa1bc218503082a5265d54d93f6a388281ac7360c48de65581dd3517e49aea7022557535ff42590695795f SHA512 a8ec2d9ca9b17ba666641c6e9539714bb836e043363a5a8e0a913314b476aca59eb4fb9efd6febcc8c13bbe35962ea14bdddc510a2055d980a347e43271c6439
 EBUILD ipset-7.15.ebuild 3448 BLAKE2B 2c850a8eb40653629905320c3f5bc6ee153bd33fb1c88b0865efdfd80b6a431a5b56a5af0879fac96b00aefe43d3036f8ee9e102808fd14712594d35649a9fe0 SHA512 49d89f3e53330c38dfac993633eb00bca2f65eb37ba60725d2bc57a36df6a2e466e654623bc52f8ccc4b9112087a4022b21452cba4d94867874ebf10463e978a
 MISC metadata.xml 369 BLAKE2B f41c3bdbd41f5cd6ae9451f00d80d3ca0e17343f45c37f88ab6e34dda8fce78e4d9b4d670385b3f8d9025f6065f1911d1815b610bbbbbfeb364942b8512ccc7b SHA512 f359ed08f769da53de8c31350f48b7fd0504c863fb29664ce40eac4e56f2cca842d9dc8de350fd4790a3a143ed4db6ed3df3419cc9daad4403078039ced52d3e
diff --git a/net-firewall/ipset/ipset-7.11-r1.ebuild b/net-firewall/ipset/ipset-7.11-r1.ebuild
deleted file mode 100644
index cbee799db563..000000000000
--- a/net-firewall/ipset/ipset-7.11-r1.ebuild
+++ /dev/null
@@ -1,114 +0,0 @@
-# Copyright 1999-2021 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI="7"
-MODULES_OPTIONAL_USE=modules
-inherit autotools linux-info linux-mod systemd
-
-DESCRIPTION="IPset tool for iptables, successor to ippool"
-HOMEPAGE="https://ipset.netfilter.org/"
-SRC_URI="https://ipset.netfilter.org/${P}.tar.bz2"
-
-LICENSE="GPL-2"
-SLOT="0"
-KEYWORDS="amd64 ~arm arm64 ppc ~ppc64 ~riscv x86"
-
-BDEPEND="virtual/pkgconfig"
-
-RDEPEND=">=net-firewall/iptables-1.4.7
-	net-libs/libmnl:="
-DEPEND="${RDEPEND}"
-
-DOCS=( ChangeLog INSTALL README UPGRADE )
-
-PATCHES=( "${FILESDIR}"/${PN}-7.4-fix-pkgconfig-dir.patch )
-
-# configurable from outside, e.g. /etc/portage/make.conf
-IP_NF_SET_MAX=${IP_NF_SET_MAX:-256}
-
-BUILD_TARGETS="modules"
-MODULE_NAMES_ARG="kernel/net/netfilter/ipset/:${S}/kernel/net/netfilter/ipset"
-MODULE_NAMES="xt_set(kernel/net/netfilter/ipset/:${S}/kernel/net/netfilter/)"
-MODULE_NAMES+=" em_ipset(kernel/net/sched/:${S}/kernel/net/sched/)"
-for i in ip_set{,_bitmap_{ip{,mac},port},_hash_{ip{,mac,mark,port{,ip,net}},mac,net{,port{,net},iface,net}},_list_set}; do
-	MODULE_NAMES+=" ${i}(${MODULE_NAMES_ARG})"
-done
-
-pkg_setup() {
-	get_version
-	CONFIG_CHECK="NETFILTER"
-	ERROR_NETFILTER="ipset requires NETFILTER support in your kernel."
-	CONFIG_CHECK+=" NETFILTER_NETLINK"
-	ERROR_NETFILTER_NETLINK="ipset requires NETFILTER_NETLINK support in your kernel."
-	# It does still build without NET_NS, but it may be needed in future.
-	#CONFIG_CHECK="${CONFIG_CHECK} NET_NS"
-	#ERROR_NET_NS="ipset requires NET_NS (network namespace) support in your kernel."
-	CONFIG_CHECK+=" !PAX_CONSTIFY_PLUGIN"
-	ERROR_PAX_CONSTIFY_PLUGIN="ipset contains constified variables (#614896)"
-
-	build_modules=0
-	if use modules; then
-		if linux_config_src_exists && linux_chkconfig_builtin "MODULES" ; then
-			if linux_chkconfig_present "IP_NF_SET" || \
-				linux_chkconfig_present "IP_SET"; then #274577
-				eerror "There is IP{,_NF}_SET or NETFILTER_XT_SET support in your kernel."
-				eerror "Please either build ipset with modules USE flag disabled"
-				eerror "or rebuild kernel without IP_SET support and make sure"
-				eerror "there is NO kernel ip_set* modules in /lib/modules/<your_kernel>/... ."
-				die "USE=modules and in-kernel ipset support detected."
-			else
-				einfo "Modular kernel detected. Gonna build kernel modules..."
-				build_modules=1
-			fi
-		else
-			eerror "Nonmodular kernel detected, but USE=modules. Either build"
-			eerror "modular kernel (without IP_SET) or disable USE=modules"
-			die "Nonmodular kernel detected, will not build kernel modules"
-		fi
-	fi
-	[[ ${build_modules} -eq 1 ]] && linux-mod_pkg_setup
-}
-
-src_prepare() {
-	default
-
-	eautoreconf
-}
-
-src_configure() {
-	econf \
-		$(use_with modules kmod) \
-		--disable-static \
-		--with-maxsets=${IP_NF_SET_MAX} \
-		--libdir="${EPREFIX}/$(get_libdir)" \
-		--with-ksource="${KV_DIR}" \
-		--with-kbuild="${KV_OUT_DIR}"
-}
-
-src_compile() {
-	einfo "Building userspace"
-	emake
-
-	if [[ ${build_modules} -eq 1 ]]; then
-		einfo "Building kernel modules"
-		set_arch_to_kernel
-		emake modules
-	fi
-}
-
-src_install() {
-	einfo "Installing userspace"
-	default
-
-	find "${ED}" -name '*.la' -delete || die
-
-	newinitd "${FILESDIR}"/ipset.initd-r4 ${PN}
-	newconfd "${FILESDIR}"/ipset.confd ${PN}
-	systemd_newunit "${FILESDIR}"/ipset.systemd ${PN}.service
-	keepdir /var/lib/ipset
-
-	if [[ ${build_modules} -eq 1 ]]; then
-		einfo "Installing kernel modules"
-		linux-mod_src_install
-	fi
-}
diff --git a/net-firewall/iptables/Manifest b/net-firewall/iptables/Manifest
index a817b8de441b..dba00c9d65f7 100644
--- a/net-firewall/iptables/Manifest
+++ b/net-firewall/iptables/Manifest
@@ -9,6 +9,5 @@ AUX systemd/ip6tables-store.service 243 BLAKE2B 30a0d955998a2a664c6a95b8e559898a
 AUX systemd/iptables-restore.service 400 BLAKE2B cd7f700cf717a2efb6504770308f7dcb90a1968f64cca98ea5e7437cf3cf2a2e8f575e3743ac19eec8738c665f4243f537a101c00d5d1cc94648688d4e240a59 SHA512 8c005e321ad041068f243e4baa6588b24b0ffd69991f2129dfab0a34d0ebaf702ff2be8b7328126c84abdc3bbd300e1c387a690c5f6a002b50b2e9148feeb8ef
 AUX systemd/iptables-store.service 240 BLAKE2B 7ddb4425e63cd41f421767fab25a7b055087fddde5927291b3fce6e0e978f0cb3b734bcacf02f78257eec99274056b69058436a847dcb366f5fb70032e410355 SHA512 a720e92b5571a2c3427101105e95e555f3b72541a53c5daa43e361c99ca28830e9e8dd27dbd7cfed40fbbe289ed180f9be7e0f3b6b0cd19bba022a531815fd5e
 DIST iptables-1.8.7.tar.bz2 717862 BLAKE2B fd4dcff142eaadde2a14ce3eb5e45d41c326752553b52900c77fd2e2a20c0685d0a04b95755995e914df47658834d52216d6465c2ae9cd6abc6eb122b95cc976 SHA512 c0a33fafbf1139157a9f52860938ebedc282a1394a68dcbd58981159379eb525919f999b25925f2cb4d6b18089bd99a94b00b3e73cff5cb0a0e47bdff174ed75
-EBUILD iptables-1.8.7-r2.ebuild 4554 BLAKE2B 79d782f5e3b5129b045429f87de46a6261572b691b5846719f1aadee8acf5a7dc7e37d211584b0288fbdc833a7f71d1181927379a47752d64cfef5c511080853 SHA512 c6941a15d46e545c0391fda901ecf007bf22f4ec56818843306286fc64f37d5dba74c29108b9b000827980b0aec0fe539dfe4df0eb8f1c53579141071c669a94
-EBUILD iptables-1.8.7.ebuild 4681 BLAKE2B 22362cd7bde9dfb826ac9666c86014f153117b9773e3592fdaa1074c85d84db79e4d887e2a2d094e84ad4960db44ef0538805af782c60e568b6f83b55e50b577 SHA512 5b57b5be14dcb8ac5a71ca73ac60737e6b488f61e72a7c1414e0014ad25606f00e13d736c0acfeb294b35b9011b060f02bc3c04790b129f21b6b628a49c0bba8
+EBUILD iptables-1.8.7-r2.ebuild 4561 BLAKE2B f0ce89cf5c49c7856f8702aad182b91abe99ce79b82c6e13194ca7a1499dd0fbe2112189e673aaedfbe0e40a030266e2b5d4bfa2d1b542b5ef744388af7d4dc7 SHA512 8f546a3ddef734f215cb0b9673cbd31b4be90a85ff99299c12f0a19cc053f56a095103e4d9c03d104542a0d978cbaff295074fca147db5f57a75d337fb5ca297
 MISC metadata.xml 1466 BLAKE2B 7378fedb44c6e6d19e508a764ec997911f966beccd40b1f93096ad3343b7cd72f9ca129e67a666c54ca4382348a448597bd607197ffe6b94669d84306c81d127 SHA512 f89038980e81bfceaf872ff1938c47e8ad12060bbe9ff48e0e9ca9dd5acc0196b2261d2b22a156cbfd7be89d1d67448969d39ff9b28efb0896702760afa14842
diff --git a/net-firewall/iptables/iptables-1.8.7-r2.ebuild b/net-firewall/iptables/iptables-1.8.7-r2.ebuild
index 637958ed1f57..42fd108f2606 100644
--- a/net-firewall/iptables/iptables-1.8.7-r2.ebuild
+++ b/net-firewall/iptables/iptables-1.8.7-r2.ebuild
@@ -13,7 +13,7 @@ LICENSE="GPL-2"
 # Subslot reflects PV when libxtables and/or libip*tc was changed
 # the last time.
 SLOT="0/1.8.3"
-KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc x86"
+KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~loong ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc x86"
 IUSE="conntrack netlink nftables pcap static-libs"
 
 BUILD_DEPEND="
diff --git a/net-firewall/iptables/iptables-1.8.7.ebuild b/net-firewall/iptables/iptables-1.8.7.ebuild
deleted file mode 100644
index e81c56c6afe9..000000000000
--- a/net-firewall/iptables/iptables-1.8.7.ebuild
+++ /dev/null
@@ -1,181 +0,0 @@
-# Copyright 1999-2022 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=7
-
-inherit systemd toolchain-funcs autotools flag-o-matic usr-ldscript
-
-DESCRIPTION="Linux kernel (2.4+) firewall, NAT and packet mangling tools"
-HOMEPAGE="https://www.netfilter.org/projects/iptables/"
-SRC_URI="https://www.netfilter.org/projects/iptables/files/${P}.tar.bz2"
-
-LICENSE="GPL-2"
-# Subslot reflects PV when libxtables and/or libip*tc was changed
-# the last time.
-SLOT="0/1.8.3"
-KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc x86"
-IUSE="conntrack ipv6 netlink nftables pcap static-libs"
-
-BUILD_DEPEND="
-	>=app-eselect/eselect-iptables-20200508
-"
-COMMON_DEPEND="
-	conntrack? ( >=net-libs/libnetfilter_conntrack-1.0.6 )
-	netlink? ( net-libs/libnfnetlink )
-	nftables? (
-		>=net-libs/libmnl-1.0:0=
-		>=net-libs/libnftnl-1.1.6:0=
-	)
-	pcap? ( net-libs/libpcap )
-"
-DEPEND="${COMMON_DEPEND}
-	virtual/os-headers
-	>=sys-kernel/linux-headers-4.4:0
-"
-BDEPEND="${BUILD_DEPEND}
-	app-eselect/eselect-iptables
-	virtual/pkgconfig
-	nftables? (
-		sys-devel/flex
-		virtual/yacc
-	)
-"
-RDEPEND="${COMMON_DEPEND}
-	${BUILD_DEPEND}
-	nftables? ( net-misc/ethertypes )
-	!<net-firewall/ebtables-2.0.11-r1
-	!<net-firewall/arptables-0.0.5-r1
-"
-
-PATCHES=(
-	"${FILESDIR}/iptables-1.8.4-no-symlinks.patch"
-	"${FILESDIR}/iptables-1.8.2-link.patch"
-)
-
-src_prepare() {
-	# use the saner headers from the kernel
-	rm include/linux/{kernel,types}.h || die
-
-	default
-	eautoreconf
-}
-
-src_configure() {
-	# Some libs use $(AR) rather than libtool to build #444282
-	tc-export AR
-
-	# Hack around struct mismatches between userland & kernel for some ABIs. #472388
-	use amd64 && [[ ${ABI} == "x32" ]] && append-flags -fpack-struct
-
-	sed -i \
-		-e "/nfnetlink=[01]/s:=[01]:=$(usex netlink 1 0):" \
-		-e "/nfconntrack=[01]/s:=[01]:=$(usex conntrack 1 0):" \
-		configure || die
-
-	local myeconfargs=(
-		--sbindir="${EPREFIX}/sbin"
-		--libexecdir="${EPREFIX}/$(get_libdir)"
-		--enable-devel
-		--enable-shared
-		$(use_enable nftables)
-		$(use_enable pcap bpf-compiler)
-		$(use_enable pcap nfsynproxy)
-		$(use_enable static-libs static)
-		$(use_enable ipv6)
-	)
-	econf "${myeconfargs[@]}"
-}
-
-src_compile() {
-	emake V=1
-}
-
-src_install() {
-	default
-	dodoc INCOMPATIBILITIES iptables/iptables.xslt
-
-	# all the iptables binaries are in /sbin, so might as well
-	# put these small files in with them
-	into /
-	dosbin iptables/iptables-apply
-	dosym iptables-apply /sbin/ip6tables-apply
-	doman iptables/iptables-apply.8
-
-	insinto /usr/include
-	doins include/iptables.h $(use ipv6 && echo include/ip6tables.h)
-	insinto /usr/include/iptables
-	doins include/iptables/internal.h
-
-	keepdir /var/lib/iptables
-	newinitd "${FILESDIR}"/${PN}-r2.init iptables
-	newconfd "${FILESDIR}"/${PN}-r1.confd iptables
-	if use ipv6 ; then
-		keepdir /var/lib/ip6tables
-		dosym iptables /etc/init.d/ip6tables
-		newconfd "${FILESDIR}"/ip6tables-r1.confd ip6tables
-	fi
-
-	if use nftables; then
-		# Bug 647458
-		rm "${ED}"/etc/ethertypes || die
-
-		# Bugs 660886 and 669894
-		rm "${ED}"/sbin/{arptables,ebtables}{,-{save,restore}} || die
-	fi
-
-	systemd_dounit "${FILESDIR}"/systemd/iptables-{re,}store.service
-	if use ipv6 ; then
-		systemd_dounit "${FILESDIR}"/systemd/ip6tables-{re,}store.service
-	fi
-
-	# Move important libs to /lib #332175
-	gen_usr_ldscript -a ip{4,6}tc xtables
-
-	find "${ED}" -type f -name "*.la" -delete || die
-}
-
-pkg_postinst() {
-	local default_iptables="xtables-legacy-multi"
-	if ! eselect iptables show &>/dev/null; then
-		elog "Current iptables implementation is unset, setting to ${default_iptables}"
-		eselect iptables set "${default_iptables}"
-	fi
-
-	if use nftables; then
-		local tables
-		for tables in {arp,eb}tables; do
-			if ! eselect ${tables} show &>/dev/null; then
-				elog "Current ${tables} implementation is unset, setting to ${default_iptables}"
-				eselect ${tables} set xtables-nft-multi
-			fi
-		done
-	fi
-
-	eselect iptables show
-}
-
-pkg_prerm() {
-	if [[ -z ${REPLACED_BY_VERSION} ]]; then
-		elog "Unsetting iptables symlinks before removal"
-		eselect iptables unset
-	fi
-
-	if ! has_version 'net-firewall/ebtables'; then
-		elog "Unsetting ebtables symlinks before removal"
-		eselect ebtables unset
-	elif [[ -z ${REPLACED_BY_VERSION} ]]; then
-		elog "Resetting ebtables symlinks to ebtables-legacy"
-		eselect ebtables set ebtables-legacy
-	fi
-
-	if ! has_version 'net-firewall/arptables'; then
-		elog "Unsetting arptables symlinks before removal"
-		eselect arptables unset
-	elif [[ -z ${REPLACED_BY_VERSION} ]]; then
-		elog "Resetting arptables symlinks to arptables-legacy"
-		eselect arptables set arptables-legacy
-	fi
-
-	# the eselect module failing should not be fatal
-	return 0
-}
diff --git a/net-firewall/nftables/Manifest b/net-firewall/nftables/Manifest
index 395bb1778eb7..142d09b03b70 100644
--- a/net-firewall/nftables/Manifest
+++ b/net-firewall/nftables/Manifest
@@ -10,16 +10,10 @@ AUX nftables-mk.init-r1 1970 BLAKE2B 9ece7da364eac76ef2ac401f4cc3ed558e926e8f07a
 AUX nftables.confd 655 BLAKE2B 5512be1edd43e270941de3d9b66fda69e4afd7c7e6e970b232a044c2fd64f8e50b9b55a4fe670174c3eabf3d176ee0158c1043baec4b76b0802e7e97bc862fcf SHA512 8370abcdc89fcd9da5dc7d1620be6afb4633b8bcd0a8a120b464cc1a7e1fab6f34956c293da3f6d3cbe1f7a2e03038fd0c94a614137ae5657d29ffdb5f3fa144
 AUX nftables.init-r1 2279 BLAKE2B 1c4c28ea5b6a22905b3ec7de8e54726933b579352ecd799b7641384a138ffa2d4a2deb87d84ef5d75a43ae30759f1550d611c2560096bb5083cae9bb834be2bb SHA512 2165223bfd4f300b9cc01f604347fc5167f68515174b0d116b667bd05f4baf8c2f931e482f632975a8be371c2147951d9407f397ea4dbcbac79a6738cbd23015
 AUX systemd/nftables-restore.service 394 BLAKE2B 1c1f358eb2eff789e68c051098c971f11a8df6621c3c919e30a1ec1213f6db822c390609c01827fe9fc75c540effa3e3a7b6f93bd24e16ea19841bbfaab796ed SHA512 18da6a770bb3e94fd6b2c9e6f033450aaff9fe886c8846f780d08a21e2fc884ac078652743b50b3d4ea8c9500f92d272bdd27e2881e438c2b223d40816c100a0
-DIST nftables-0.9.8.tar.bz2 879516 BLAKE2B 5063090d648668f4d5ae6d4be48ebecc65dfd4b525768e94a0d90ceebbee73874c916727be8de633550db71c612d698d88cf93575931362b48d954e6ac275143 SHA512 1c5709825c8b2c13cbed0310658959ecee164c930bc9e2447618a0894598138b9a549d20509c32a5c23ce99e40438df38f9e170cf656ce993d819f365490a180
-DIST nftables-0.9.9.tar.bz2 922624 BLAKE2B 8de2709576a26ca84a8d694f7cb06cad2bb2fb4671ba21ffc32c0d5997e8124ae7cd794dafddf4db48d8a49c280b48b07d2a31b6c18f6647fdb67cfe7f065b61 SHA512 dfdd3ffc0ffc1742ca0494a3f8fac1c7b2fe942849e60d33fc3cb8a51e27bd39e1ccfeda2195191377a32bb5363ea244f4c3e71b4a6d930f33bf87e17a534fab
-DIST nftables-1.0.0.tar.bz2 921053 BLAKE2B ee86a323170433c3ba62f80118947864aac0fe0aaeb48afeb5a116a48782185c83313ef1b5735c7749eb5eccb88f252b444d1ee908be25bdaa4d9c0b833c1dc2 SHA512 33460bef4ee76b7caa44fa5515357127ae84be468448cc838dd31919b6e045ba6195b761118d4c8a4219a9f008c4416542ce784f4daad94f3b44c0626bcdd014
 DIST nftables-1.0.1.tar.bz2 954586 BLAKE2B e406699c96b98495f1b6deeab0233873ce20b43c13c162eafea1e6b371961123a69f3d5e7bd2f1bedfdbe58fed56ba3e2dae962b88657af6f4ab5b3743fb6373 SHA512 a0db4d82725509d2a9c638ba7ba55547ad7b5138a5fe686b0e90260d6a65e060dd72a470969c1d69e945303bd2bfc33b2021d9f4141b88befefddc61b7afe10d
 DIST nftables-1.0.1.tar.bz2.sig 566 BLAKE2B d504987b16b7a8676586ecb3a1ce9588bff972ca54bbb3ce3b0db5288f1fd981e529dccea009bd01a3a96e5199a034956bd43cdeaba67847239a88d458f43f8a SHA512 0884098ceabe7b070e146e47292afd8c80188ea595eaeaadb228307f502dae4a43bf801dea2a25519eaef3c96d567daf40e45c37fabb58db1b2256eb8f256cb0
 DIST nftables-1.0.2.tar.bz2 970781 BLAKE2B 650ae6badb574ff3628d21c8aa99f81e73932dd172b3569618696100bf3853b9a108bf0296dcf9d615ae7c0fbec84b48266299b62cf755d181d19c626f8a3cd4 SHA512 560d23c6e369eafd7b354d29fe73d46154e4a74dec000178c1aea47751fe535d20c4e6bbecd3955eb2b327c7a60b1269e5c6dc5781498546b639fa2d1367a9ca
 DIST nftables-1.0.2.tar.bz2.sig 566 BLAKE2B 5b7a20b28c274a950b718e2e14313772707b6bdc3f4519f747350593c1eb3bfbcf8c5dd9ae7d5aa0488c5cde9af8b58e05349c75e8a8246c5634303a331f9d98 SHA512 9be59d771833ac315fd52cffe7074ed9d49fbf592aec8d94500bbc7cc1f44dcb54b3815c46831a5e7e4c4770901cbdd6b8ffc5aa8d8cb7e064ec1c8453d890f1
-EBUILD nftables-0.9.8-r2.ebuild 4285 BLAKE2B ebc540b040a7d33d614709a469045672598c1e778fdacdcf233e980d3683aed9a59c0e04f929c0bd944bb79e2d89d5d0d41598b1ff446aca1d3b20d59c2b013b SHA512 5a80918c983d31609881fd96671e697abaf86b20f1024d9bbce7e0d4c7996f0f33ed72c4458d9bf73412eea1ecb2570f4983288de7ecc460569ae94e380030de
-EBUILD nftables-0.9.9-r1.ebuild 4553 BLAKE2B 540457437c02723382787e9fdf062845c38286f5cab3419010239c61ed3e6b965cde6365e97c047c07c1ffe75e064a9d26d2cab445cef97e6d1660e67f8e494d SHA512 13d287e808d24645659873d8708c547d91ae52f3a3ea66606b0fc87a9bf7aac4432555fab0dc82896302dabaa90f5df823ed13bc370e28ad5e2491567f88932c
-EBUILD nftables-1.0.0-r1.ebuild 4558 BLAKE2B c341d163bf665694a618c9f8eae1b26be0e67c24ed4db6339651530c2a840f23c9e9aa240e296dd697ae93505e7af11a04ad32b9bde9d53ef93e266e25b70d10 SHA512 e8b30662a5e5c640157a81b0064d598c584b7181d0211eb1ab24049159a0f6ae1672fbd9d4779a75bc3c1a9732d33b0c3f534b2b37cc308af6f574217b5fba69
 EBUILD nftables-1.0.1-r2.ebuild 4966 BLAKE2B 0fac9458f91dccfd3366c3ddfec0d4444329fe1d9358b89a67d52960bba67fc56efd9e5150f9979e5ba85793d05783b1e835acf6fbe3324fddfa0ca0033597b2 SHA512 7d40d118643bc4626b79dd72094aebd1cc8204bf36c4c9a033f4910690e210ee9f3b275312b85942987d87ee171d0ed1abfee05262fd3bc6c4fa0bf7ccbd7e6a
 EBUILD nftables-1.0.2-r1.ebuild 5171 BLAKE2B f7e0d66c8ea79a261f15ca775115f7a1fce74d848fc380ee7a65dbd9290fa04888dd6776c7f2292bf5a5d97c88ba78145eb1dc84d9a3e811f89e2cb9e3b24af3 SHA512 3a94050f5261e522ecdce8da260394e26c3d646c83465f432939234fda6f85c9af30cf6c5f658659b073a254039abf641c9d925896a5b3e770feab467070949b
 EBUILD nftables-9999.ebuild 4938 BLAKE2B cc5caa75ec86c1d6695ddf06d0f84de7d05c0799e7ef1098c2412e19178544f11a82a0f4e4a7ff8d79e3d13675ad1bb46fc929b57c3ae6f2babdfc7aedebb06b SHA512 4f9dd3327fe16acbe36ca674e39c0204534e1eb15564592848d5e79cefbe232e3b46cd75dbfbaefe52433c88e7d59534aaf81b163a70868dec65544cd2a5e9db
diff --git a/net-firewall/nftables/nftables-0.9.8-r2.ebuild b/net-firewall/nftables/nftables-0.9.8-r2.ebuild
deleted file mode 100644
index 58bf1cc65087..000000000000
--- a/net-firewall/nftables/nftables-0.9.8-r2.ebuild
+++ /dev/null
@@ -1,166 +0,0 @@
-# Copyright 1999-2022 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=7
-
-PYTHON_COMPAT=( python3_{7,8,9} )
-
-inherit autotools linux-info python-r1 systemd
-
-DESCRIPTION="Linux kernel (3.13+) firewall, NAT and packet mangling tools"
-HOMEPAGE="https://netfilter.org/projects/nftables/"
-SRC_URI="https://netfilter.org/projects/nftables/files/${P}.tar.bz2"
-
-LICENSE="GPL-2"
-SLOT="0"
-KEYWORDS="amd64 arm arm64 ~ia64 ppc ppc64 sparc x86"
-IUSE="debug doc +gmp json +modern-kernel python +readline static-libs xtables"
-
-RDEPEND="
-	>=net-libs/libmnl-1.0.4:0=
-	>=net-libs/libnftnl-1.1.9:0=
-	gmp? ( dev-libs/gmp:= )
-	json? ( dev-libs/jansson:= )
-	python? ( ${PYTHON_DEPS} )
-	readline? ( sys-libs/readline:= )
-	xtables? ( >=net-firewall/iptables-1.6.1:= )
-"
-
-DEPEND="${RDEPEND}"
-
-BDEPEND="
-	doc? (
-		app-text/asciidoc
-		>=app-text/docbook2X-0.8.8-r4
-	)
-	virtual/pkgconfig
-"
-
-REQUIRED_USE="
-	python? ( ${PYTHON_REQUIRED_USE} )
-"
-
-PATCHES=(
-	"${FILESDIR}/${PN}-0.9.8-slibtool.patch"
-)
-
-python_make() {
-	emake \
-		-C py \
-		abs_builddir="${S}" \
-		DESTDIR="${D}" \
-		PYTHON_BIN="${PYTHON}" \
-		"${@}"
-}
-
-pkg_setup() {
-	if kernel_is ge 3 13; then
-		if use modern-kernel && kernel_is lt 3 18; then
-			eerror "The modern-kernel USE flag requires kernel version 3.18 or newer to work properly."
-		fi
-		CONFIG_CHECK="~NF_TABLES"
-		linux-info_pkg_setup
-	else
-		eerror "This package requires kernel version 3.13 or newer to work properly."
-	fi
-}
-
-src_prepare() {
-	default
-
-	# fix installation path for doc stuff
-	sed '/^pkgsysconfdir/s@${sysconfdir}.*$@${docdir}/skels@' \
-		-i files/nftables/Makefile.am || die
-	sed '/^pkgsysconfdir/s@${sysconfdir}.*$@${docdir}/skels/osf@' \
-		-i files/osf/Makefile.am || die
-
-	eautoreconf
-}
-
-src_configure() {
-	local myeconfargs=(
-		# We handle python separately
-		--disable-python
-		--sbindir="${EPREFIX}"/sbin
-		$(use_enable debug)
-		$(use_enable doc man-doc)
-		$(use_with !gmp mini_gmp)
-		$(use_with json)
-		$(use_with readline cli readline)
-		$(use_enable static-libs static)
-		$(use_with xtables)
-	)
-	econf "${myeconfargs[@]}"
-}
-
-src_compile() {
-	default
-
-	if use python; then
-		python_foreach_impl python_make
-	fi
-}
-
-src_install() {
-	default
-
-	if ! use doc; then
-		pushd doc >/dev/null || die
-		doman *.?
-		popd >/dev/null || die
-	fi
-
-	local mksuffix="$(usex modern-kernel '-mk' '')"
-
-	exeinto /usr/libexec/${PN}
-	newexe "${FILESDIR}"/libexec/${PN}${mksuffix}.sh ${PN}.sh
-	newconfd "${FILESDIR}"/${PN}${mksuffix}.confd ${PN}
-	newinitd "${FILESDIR}"/${PN}${mksuffix}.init-r1 ${PN}
-	keepdir /var/lib/nftables
-
-	systemd_dounit "${FILESDIR}"/systemd/${PN}-restore.service
-
-	if use python ; then
-		python_foreach_impl python_make install
-		python_foreach_impl python_optimize
-	fi
-
-	find "${ED}" -type f -name "*.la" -delete || die
-}
-
-pkg_postinst() {
-	local save_file
-	save_file="${EROOT}/var/lib/nftables/rules-save"
-
-	# In order for the nftables-restore systemd service to start
-	# the save_file must exist.
-	if [[ ! -f "${save_file}" ]]; then
-		( umask 177; touch "${save_file}" )
-	elif [[ $(( "$( stat --printf '%05a' "${save_file}" )" & 07177 )) -ne 0 ]]; then
-		ewarn "Your system has dangerous permissions for ${save_file}"
-		ewarn "It is probably affected by bug #691326."
-		ewarn "You may need to fix the permissions of the file. To do so,"
-		ewarn "you can run the command in the line below as root."
-		ewarn "    'chmod 600 \"${save_file}\"'"
-	fi
-
-	if has_version 'sys-apps/systemd'; then
-		elog "If you wish to enable the firewall rules on boot (on systemd) you"
-		elog "will need to enable the nftables-restore service."
-		elog "    'systemctl enable ${PN}-restore.service'"
-		elog
-		elog "If you are creating firewall rules before the next system restart"
-		elog "the nftables-restore service must be manually started in order to"
-		elog "save those rules on shutdown."
-	fi
-	if has_version 'sys-apps/openrc'; then
-		elog "If you wish to enable the firewall rules on boot (on openrc) you"
-		elog "will need to enable the nftables service."
-		elog "    'rc-update add ${PN} default'"
-		elog
-		elog "If you are creating or updating the firewall rules and wish to save"
-		elog "them to be loaded on the next restart, use the \"save\" functionality"
-		elog "in the init script."
-		elog "    'rc-service ${PN} save'"
-	fi
-}
diff --git a/net-firewall/nftables/nftables-0.9.9-r1.ebuild b/net-firewall/nftables/nftables-0.9.9-r1.ebuild
deleted file mode 100644
index 40d4fbc36744..000000000000
--- a/net-firewall/nftables/nftables-0.9.9-r1.ebuild
+++ /dev/null
@@ -1,179 +0,0 @@
-# Copyright 1999-2022 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=7
-
-PYTHON_COMPAT=( python3_{7..10} )
-
-inherit autotools linux-info python-r1 systemd
-
-DESCRIPTION="Linux kernel (3.13+) firewall, NAT and packet mangling tools"
-HOMEPAGE="https://netfilter.org/projects/nftables/"
-
-if [[ ${PV} =~ ^[9]{4,}$ ]]; then
-	inherit git-r3
-	EGIT_REPO_URI="https://git.netfilter.org/${PN}"
-
-	BDEPEND="
-		sys-devel/bison
-		sys-devel/flex
-	"
-else
-	SRC_URI="https://netfilter.org/projects/nftables/files/${P}.tar.bz2"
-	KEYWORDS="amd64 arm arm64 ~ia64 ppc ~ppc64 ~riscv sparc x86"
-fi
-
-LICENSE="GPL-2"
-SLOT="0/1"
-IUSE="debug doc +gmp json libedit +modern-kernel python +readline static-libs xtables"
-
-RDEPEND="
-	>=net-libs/libmnl-1.0.4:0=
-	>=net-libs/libnftnl-1.2.0:0=
-	gmp? ( dev-libs/gmp:= )
-	json? ( dev-libs/jansson:= )
-	python? ( ${PYTHON_DEPS} )
-	readline? ( sys-libs/readline:= )
-	xtables? ( >=net-firewall/iptables-1.6.1:= )
-"
-
-DEPEND="${RDEPEND}"
-
-BDEPEND+="
-	doc? (
-		app-text/asciidoc
-		>=app-text/docbook2X-0.8.8-r4
-	)
-	virtual/pkgconfig
-"
-
-REQUIRED_USE="
-	python? ( ${PYTHON_REQUIRED_USE} )
-	libedit? ( !readline )
-"
-
-PATCHES=(
-	"${FILESDIR}/${PN}-0.9.8-slibtool.patch"
-)
-
-python_make() {
-	emake \
-		-C py \
-		abs_builddir="${S}" \
-		DESTDIR="${D}" \
-		PYTHON_BIN="${PYTHON}" \
-		"${@}"
-}
-
-pkg_setup() {
-	if kernel_is ge 3 13; then
-		if use modern-kernel && kernel_is lt 3 18; then
-			eerror "The modern-kernel USE flag requires kernel version 3.18 or newer to work properly."
-		fi
-		CONFIG_CHECK="~NF_TABLES"
-		linux-info_pkg_setup
-	else
-		eerror "This package requires kernel version 3.13 or newer to work properly."
-	fi
-}
-
-src_prepare() {
-	default
-
-	# fix installation path for doc stuff
-	sed '/^pkgsysconfdir/s@${sysconfdir}.*$@${docdir}/skels@' \
-		-i files/nftables/Makefile.am || die
-	sed '/^pkgsysconfdir/s@${sysconfdir}.*$@${docdir}/skels/osf@' \
-		-i files/osf/Makefile.am || die
-
-	eautoreconf
-}
-
-src_configure() {
-	local myeconfargs=(
-		# We handle python separately
-		--disable-python
-		--sbindir="${EPREFIX}"/sbin
-		$(use_enable debug)
-		$(use_enable doc man-doc)
-		$(use_with !gmp mini_gmp)
-		$(use_with json)
-		$(use_with libedit cli editline)
-		$(use_with readline cli readline)
-		$(use_enable static-libs static)
-		$(use_with xtables)
-	)
-	econf "${myeconfargs[@]}"
-}
-
-src_compile() {
-	default
-
-	if use python; then
-		python_foreach_impl python_make
-	fi
-}
-
-src_install() {
-	default
-
-	if ! use doc && [[ ! ${PV} =~ ^[9]{4,}$ ]]; then
-		pushd doc >/dev/null || die
-		doman *.?
-		popd >/dev/null || die
-	fi
-
-	local mksuffix="$(usex modern-kernel '-mk' '')"
-
-	exeinto /usr/libexec/${PN}
-	newexe "${FILESDIR}"/libexec/${PN}${mksuffix}.sh ${PN}.sh
-	newconfd "${FILESDIR}"/${PN}${mksuffix}.confd ${PN}
-	newinitd "${FILESDIR}"/${PN}${mksuffix}.init-r1 ${PN}
-	keepdir /var/lib/nftables
-
-	systemd_dounit "${FILESDIR}"/systemd/${PN}-restore.service
-
-	if use python ; then
-		python_foreach_impl python_make install
-		python_foreach_impl python_optimize
-	fi
-
-	find "${ED}" -type f -name "*.la" -delete || die
-}
-
-pkg_postinst() {
-	local save_file
-	save_file="${EROOT}/var/lib/nftables/rules-save"
-
-	# In order for the nftables-restore systemd service to start
-	# the save_file must exist.
-	if [[ ! -f "${save_file}" ]]; then
-		( umask 177; touch "${save_file}" )
-	elif [[ $(( "$( stat --printf '%05a' "${save_file}" )" & 07177 )) -ne 0 ]]; then
-		ewarn "Your system has dangerous permissions for ${save_file}"
-		ewarn "It is probably affected by bug #691326."
-		ewarn "You may need to fix the permissions of the file. To do so,"
-		ewarn "you can run the command in the line below as root."
-		ewarn "    'chmod 600 \"${save_file}\"'"
-	fi
-
-	if has_version 'sys-apps/systemd'; then
-		elog "If you wish to enable the firewall rules on boot (on systemd) you"
-		elog "will need to enable the nftables-restore service."
-		elog "    'systemctl enable ${PN}-restore.service'"
-		elog
-		elog "If you are creating firewall rules before the next system restart"
-		elog "the nftables-restore service must be manually started in order to"
-		elog "save those rules on shutdown."
-	fi
-	if has_version 'sys-apps/openrc'; then
-		elog "If you wish to enable the firewall rules on boot (on openrc) you"
-		elog "will need to enable the nftables service."
-		elog "    'rc-update add ${PN} default'"
-		elog
-		elog "If you are creating or updating the firewall rules and wish to save"
-		elog "them to be loaded on the next restart, use the \"save\" functionality"
-		elog "in the init script."
-		elog "    'rc-service ${PN} save'"
-	fi
-}
diff --git a/net-firewall/nftables/nftables-1.0.0-r1.ebuild b/net-firewall/nftables/nftables-1.0.0-r1.ebuild
deleted file mode 100644
index 31bd6d1de988..000000000000
--- a/net-firewall/nftables/nftables-1.0.0-r1.ebuild
+++ /dev/null
@@ -1,179 +0,0 @@
-# Copyright 1999-2022 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=7
-
-PYTHON_COMPAT=( python3_{7..10} )
-
-inherit autotools linux-info python-r1 systemd
-
-DESCRIPTION="Linux kernel (3.13+) firewall, NAT and packet mangling tools"
-HOMEPAGE="https://netfilter.org/projects/nftables/"
-
-if [[ ${PV} =~ ^[9]{4,}$ ]]; then
-	inherit git-r3
-	EGIT_REPO_URI="https://git.netfilter.org/${PN}"
-
-	BDEPEND="
-		sys-devel/bison
-		sys-devel/flex
-	"
-else
-	SRC_URI="https://netfilter.org/projects/nftables/files/${P}.tar.bz2"
-	KEYWORDS="amd64 arm arm64 ~ia64 ~mips ppc ppc64 ~riscv sparc x86"
-fi
-
-LICENSE="GPL-2"
-SLOT="0/1"
-IUSE="debug doc +gmp json libedit +modern-kernel python +readline static-libs xtables"
-
-RDEPEND="
-	>=net-libs/libmnl-1.0.4:0=
-	>=net-libs/libnftnl-1.2.0:0=
-	gmp? ( dev-libs/gmp:= )
-	json? ( dev-libs/jansson:= )
-	python? ( ${PYTHON_DEPS} )
-	readline? ( sys-libs/readline:= )
-	xtables? ( >=net-firewall/iptables-1.6.1:= )
-"
-
-DEPEND="${RDEPEND}"
-
-BDEPEND+="
-	doc? (
-		app-text/asciidoc
-		>=app-text/docbook2X-0.8.8-r4
-	)
-	virtual/pkgconfig
-"
-
-REQUIRED_USE="
-	python? ( ${PYTHON_REQUIRED_USE} )
-	libedit? ( !readline )
-"
-
-PATCHES=(
-	"${FILESDIR}/${PN}-0.9.8-slibtool.patch"
-)
-
-python_make() {
-	emake \
-		-C py \
-		abs_builddir="${S}" \
-		DESTDIR="${D}" \
-		PYTHON_BIN="${PYTHON}" \
-		"${@}"
-}
-
-pkg_setup() {
-	if kernel_is ge 3 13; then
-		if use modern-kernel && kernel_is lt 3 18; then
-			eerror "The modern-kernel USE flag requires kernel version 3.18 or newer to work properly."
-		fi
-		CONFIG_CHECK="~NF_TABLES"
-		linux-info_pkg_setup
-	else
-		eerror "This package requires kernel version 3.13 or newer to work properly."
-	fi
-}
-
-src_prepare() {
-	default
-
-	# fix installation path for doc stuff
-	sed '/^pkgsysconfdir/s@${sysconfdir}.*$@${docdir}/skels@' \
-		-i files/nftables/Makefile.am || die
-	sed '/^pkgsysconfdir/s@${sysconfdir}.*$@${docdir}/skels/osf@' \
-		-i files/osf/Makefile.am || die
-
-	eautoreconf
-}
-
-src_configure() {
-	local myeconfargs=(
-		# We handle python separately
-		--disable-python
-		--sbindir="${EPREFIX}"/sbin
-		$(use_enable debug)
-		$(use_enable doc man-doc)
-		$(use_with !gmp mini_gmp)
-		$(use_with json)
-		$(use_with libedit cli editline)
-		$(use_with readline cli readline)
-		$(use_enable static-libs static)
-		$(use_with xtables)
-	)
-	econf "${myeconfargs[@]}"
-}
-
-src_compile() {
-	default
-
-	if use python; then
-		python_foreach_impl python_make
-	fi
-}
-
-src_install() {
-	default
-
-	if ! use doc && [[ ! ${PV} =~ ^[9]{4,}$ ]]; then
-		pushd doc >/dev/null || die
-		doman *.?
-		popd >/dev/null || die
-	fi
-
-	local mksuffix="$(usex modern-kernel '-mk' '')"
-
-	exeinto /usr/libexec/${PN}
-	newexe "${FILESDIR}"/libexec/${PN}${mksuffix}.sh ${PN}.sh
-	newconfd "${FILESDIR}"/${PN}${mksuffix}.confd ${PN}
-	newinitd "${FILESDIR}"/${PN}${mksuffix}.init-r1 ${PN}
-	keepdir /var/lib/nftables
-
-	systemd_dounit "${FILESDIR}"/systemd/${PN}-restore.service
-
-	if use python ; then
-		python_foreach_impl python_make install
-		python_foreach_impl python_optimize
-	fi
-
-	find "${ED}" -type f -name "*.la" -delete || die
-}
-
-pkg_postinst() {
-	local save_file
-	save_file="${EROOT}/var/lib/nftables/rules-save"
-
-	# In order for the nftables-restore systemd service to start
-	# the save_file must exist.
-	if [[ ! -f "${save_file}" ]]; then
-		( umask 177; touch "${save_file}" )
-	elif [[ $(( "$( stat --printf '%05a' "${save_file}" )" & 07177 )) -ne 0 ]]; then
-		ewarn "Your system has dangerous permissions for ${save_file}"
-		ewarn "It is probably affected by bug #691326."
-		ewarn "You may need to fix the permissions of the file. To do so,"
-		ewarn "you can run the command in the line below as root."
-		ewarn "    'chmod 600 \"${save_file}\"'"
-	fi
-
-	if has_version 'sys-apps/systemd'; then
-		elog "If you wish to enable the firewall rules on boot (on systemd) you"
-		elog "will need to enable the nftables-restore service."
-		elog "    'systemctl enable ${PN}-restore.service'"
-		elog
-		elog "If you are creating firewall rules before the next system restart"
-		elog "the nftables-restore service must be manually started in order to"
-		elog "save those rules on shutdown."
-	fi
-	if has_version 'sys-apps/openrc'; then
-		elog "If you wish to enable the firewall rules on boot (on openrc) you"
-		elog "will need to enable the nftables service."
-		elog "    'rc-update add ${PN} default'"
-		elog
-		elog "If you are creating or updating the firewall rules and wish to save"
-		elog "them to be loaded on the next restart, use the \"save\" functionality"
-		elog "in the init script."
-		elog "    'rc-service ${PN} save'"
-	fi
-}
diff --git a/net-firewall/xtables-addons/Manifest b/net-firewall/xtables-addons/Manifest
index 10488fbce900..6347c2d354f2 100644
--- a/net-firewall/xtables-addons/Manifest
+++ b/net-firewall/xtables-addons/Manifest
@@ -1,5 +1,7 @@
 DIST xtables-addons-3.13.tar.xz 327104 BLAKE2B 110719a7425060a79df0643ea35cf28ac62af811dde0f6744cf75b632809ff02518366e12ecdf8b017648b85843e689735629fc099b23b21b1999afa3a2e5c69 SHA512 0a9874269dafefe2fc364b41d3f5fb2108ba83dc49457f3aa436b814c8c65fb00f48f664576c8ccf183939edffa854fcf9f9c82a801ac90c0e2b9dc1426e1d85
 DIST xtables-addons-3.18.tar.xz 328624 BLAKE2B 9662773c4bd5464ca789975762233299ca194977d5605a3c5f9a8a5a15f51afa4c33c8c17fd622af301a0f377542b6497eac5ce7e23719d238de5df51a9554b1 SHA512 b334642ce9b6ec3fc775ddbe6b66d70467fdcbfe30dcb165dac203f9d7fcd222dfd8c91e10befa3666bf572115dc75ed32d8ece05ed2947a4ed21d1d09032b8f
+DIST xtables-addons-3.20.tar.xz 333232 BLAKE2B bc6df6d6e56bd539dc649d312fe84a5fe9e4743d6b1f72f3b3bb4689cea91cef9051754d30e530fa3140b877a67b2f84490740e669993669a1ee515d0a434b8d SHA512 0a38c12159dd555a31f24dc5a74d012b27723925df827edffe2343f6b8e61e838b5dc4776bafe37587e9622b9da1e9cd4220e4f576d58e78eb21ad18a419fb2e
 EBUILD xtables-addons-3.13.ebuild 5481 BLAKE2B 8078905df407dc09200aabec0556deca3b1b9eab33dfdeb9ac9894acf6ca8ebf072e6774e2f977249dcdfdcae4c197027eeb0ddd1f45d2cd5e27d1d1a9045346 SHA512 ad14b41519cfd932757d5c9c9773605b9b35ec7ba52d0756c929c10f82a76ea9338bfd3e2bbb55e97034c23b58c917598f77de3dc806db3beceb068f5fd77463
-EBUILD xtables-addons-3.18.ebuild 5489 BLAKE2B b834145377296c8cbbbcce95f2d14505999d9145ebdc400cb8c0f224d7a4088015dbf83dadffd0b79dc8f51b347f65b75b363d710ecd341f95ba28e8e2e0e25e SHA512 9fd8d926a6fe1b47ea16529943666d8d68b1a4e41dce640d9e2324011ef98b51d331fd9afe2a366d6cfb3478bc81d9fd73c34a46f0991612c5fb298ecb108e29
+EBUILD xtables-addons-3.18.ebuild 5487 BLAKE2B 8ccc97f83437616e3b8fff1f4c378b9d4c82cbb23059356721ea4c5b888ed38df03394f2b301fa326a9fe07533a9e54aff5bc99ab5fa2ea1c8239c58b8a463b0 SHA512 0b048826df84585b5022bf6cfa8f10a2b1920502fe5c9e7359a0f7a3de1f26c0c6b7a974373f43f1228ddfd6c53d6f01ccf63c9acb6e1941a3f40bc3e0521b61
+EBUILD xtables-addons-3.20.ebuild 5487 BLAKE2B 14b348f6eefff235df0c7fd513e2bb411ddccc2afeefc67b18794b41351c2c9e5d7beebbbeb1f32a40325ae25e8d6ac630b37c58c8cef99635c922015f2aee8f SHA512 7736a8a92fadfd64cfd358f8bfb975e043345aaa7fc06c4e8b8e030ac1a29411c8b393d8da1349af3d4f34584b79447c757aeb3ef889cbe1ed2e99caf3e678e0
 MISC metadata.xml 776 BLAKE2B bae62741f428da53e6dd8350362c442869e653ee3e71c0e3d2afa49f380ade348f2fe3e26f20fd797253aeb890a242b7bf495a1c228957d89ac36b5471a152f8 SHA512 89ae4d90febd460d0045474928bf826303421eed02e2cb648527e5be1e3c4034fec33aaa05400f6ece7ac3a5f2e380af5f146e342f9a5a387397b2ede49ff3ff
diff --git a/net-firewall/xtables-addons/xtables-addons-3.18.ebuild b/net-firewall/xtables-addons/xtables-addons-3.18.ebuild
index 7ec917766690..e6a368f9d8bc 100644
--- a/net-firewall/xtables-addons/xtables-addons-3.18.ebuild
+++ b/net-firewall/xtables-addons/xtables-addons-3.18.ebuild
@@ -1,4 +1,4 @@
-# Copyright 1999-2021 Gentoo Authors
+# Copyright 1999-2022 Gentoo Authors
 # Distributed under the terms of the GNU General Public License v2
 
 EAPI="7"
@@ -13,7 +13,7 @@ SRC_URI="https://inai.de/files/xtables-addons/${P}.tar.xz"
 
 LICENSE="GPL-2"
 SLOT="0"
-KEYWORDS="~amd64 ~x86"
+KEYWORDS="amd64 x86"
 
 MODULES="quota2 psd pknock lscan length2 ipv4options ipp2p iface gradm geoip fuzzy condition tarpit sysrq proto logmark ipmark echo dnetmap dhcpmac delude chaos account"
 
diff --git a/net-firewall/xtables-addons/xtables-addons-3.20.ebuild b/net-firewall/xtables-addons/xtables-addons-3.20.ebuild
new file mode 100644
index 000000000000..5cbe698ab496
--- /dev/null
+++ b/net-firewall/xtables-addons/xtables-addons-3.20.ebuild
@@ -0,0 +1,189 @@
+# Copyright 1999-2022 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+MODULES_OPTIONAL_USE=modules
+MODULES_OPTIONAL_USE_IUSE_DEFAULT=1
+inherit linux-info linux-mod multilib toolchain-funcs
+
+DESCRIPTION="iptables extensions not yet accepted in the main kernel"
+HOMEPAGE="https://inai.de/projects/xtables-addons/"
+SRC_URI="https://inai.de/files/xtables-addons/${P}.tar.xz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~amd64 ~x86"
+
+MODULES="quota2 psd pknock lscan length2 ipv4options ipp2p iface gradm geoip fuzzy condition tarpit sysrq proto logmark ipmark echo dnetmap dhcpmac delude chaos account"
+
+for mod in ${MODULES}; do
+	IUSE="${IUSE} xtables_addons_${mod}"
+done
+
+DEPEND=">=net-firewall/iptables-1.6.0"
+
+RDEPEND="${DEPEND}
+	xtables_addons_geoip? (
+		app-arch/unzip
+		dev-perl/Net-CIDR-Lite
+		dev-perl/Text-CSV_XS
+		virtual/perl-Getopt-Long
+	)
+"
+
+DEPEND="${DEPEND}
+	virtual/linux-sources"
+
+SKIP_MODULES=""
+
+XA_check4internal_module() {
+	local mod=${1}
+	local version=${3}
+	local kconfigname=${3}
+
+	if use xtables_addons_${mod} && kernel_is -gt ${version}; then
+		ewarn "${kconfigname} should be provided by the kernel. Skipping its build..."
+		if ! linux_chkconfig_present ${kconfigname}; then
+			ewarn "Please enable ${kconfigname} target in your kernel
+			configuration or disable checksum module in ${PN}."
+		fi
+		# SKIP_MODULES in case we need to disable building of everything
+		# like having this USE disabled
+		SKIP_MODULES+=" ${mod}"
+	fi
+}
+
+pkg_setup() {
+	if use modules; then
+		get_version
+		check_modules_supported
+		CONFIG_CHECK="NF_CONNTRACK NF_CONNTRACK_MARK ~CONNECTOR"
+		ERROR_CONNECTOR="Please, enable CONFIG_CONNECTOR if you wish to receive userspace notifications from pknock through netlink/connector"
+		linux-mod_pkg_setup
+
+		if ! linux_chkconfig_present IPV6; then
+			SKIP_IPV6_MODULES="ip6table_rawpost"
+			ewarn "No IPV6 support in kernel. Disabling: ${SKIP_IPV6_MODULES}"
+		fi
+		kernel_is -lt 4 18 && die "${P} requires kernel version >= 4.18"
+	fi
+}
+
+# Helper for maintainer: cheks if all possible MODULES are listed.
+XA_qa_check() {
+	local all_modules
+	all_modules=$(sed -n '/^build_/{s/build_\(.*\)=.*/\L\1/;G;s/\n/ /;s/ $//;h}; ${x;p}' "${S}/mconfig")
+	if [[ ${all_modules} != ${MODULES} ]]; then
+		ewarn "QA: Modules in mconfig differ from \$MODULES in ebuild."
+		ewarn "Please, update MODULES in ebuild."
+		ewarn "'${all_modules}'"
+	fi
+}
+
+# Is there any use flag set?
+XA_has_something_to_build() {
+	local mod
+	for mod in ${MODULES}; do
+		use xtables_addons_${mod} && return
+	done
+
+	eerror "All modules are disabled. What do you want me to build?"
+	eerror "Please, set XTABLES_ADDONS to any combination of"
+	eerror "${MODULES}"
+	die "All modules are disabled."
+}
+
+# Parse Kbuid files and generates list of sources
+XA_get_module_name() {
+	[[ $# != 1 ]] && die "XA_get_sources_for_mod: needs exactly one argument."
+	local mod objdir build_mod sources_list
+	mod=${1}
+	objdir=${S}/extensions
+	# Take modules name from mconfig
+	build_mod=$(sed -n "s/\(build_${mod}\)=.*/\1/Ip" "${S}/mconfig")
+	# strip .o, = and everything before = and print
+	sources_list=$(sed -n "/^obj-[$][{]${build_mod}[}]/\
+		{s:obj-[^+]\+ [+]=[[:space:]]*::;s:[.]o::g;p}" \
+				"${objdir}/Kbuild")
+
+	if [[ -d ${S}/extensions/${sources_list} ]]; then
+		objdir=${S}/extensions/${sources_list}
+		sources_list=$(sed -n "/^obj-m/\
+			{s:obj-[^+]\+ [+]=[[:space:]]*::;s:[.]o::g;p}" \
+				"${objdir}/Kbuild")
+	fi
+	for mod_src in ${sources_list}; do
+		has ${mod_src} ${SKIP_IPV6_MODULES} || \
+			echo " ${mod_src}(xtables_addons:${S}/extensions:${objdir})"
+	done
+}
+
+# Die on modules known to fail on certain kernel version.
+XA_known_failure() {
+	local module_name=$1
+	local KV_max=$2
+
+	if use xtables_addons_${module_name} && kernel_is ge ${KV_max//./ }; then
+		eerror
+		eerror "XTABLES_ADDONS=${module_name} fails to build on linux ${KV_max} or above."
+		eerror "Either remove XTABLES_ADDONS=${module_name} or use an earlier version of the kernel."
+		eerror
+		die
+	fi
+}
+
+src_prepare() {
+	XA_qa_check
+	XA_has_something_to_build
+
+	# Bug #553630#c2.  echo fails on linux-4 and above.
+	# This appears to be fixed, at least as of linux-4.2
+	# XA_known_failure "echo" 4
+
+	local mod module_name
+	if use modules; then
+		MODULE_NAMES="compat_xtables(xtables_addons:${S}/extensions:)"
+	fi
+	for mod in ${MODULES}; do
+		if ! has ${mod} ${SKIP_MODULES} && use xtables_addons_${mod}; then
+			sed "s/\(build_${mod}=\).*/\1m/I" -i mconfig || die
+			if use modules; then
+				for module_name in $(XA_get_module_name ${mod}); do
+					MODULE_NAMES+=" ${module_name}"
+				done
+			fi
+		else
+			sed "s/\(build_${mod}=\).*/\1n/I" -i mconfig || die
+		fi
+	done
+	einfo "${MODULE_NAMES}" # for debugging
+
+	sed -e 's/depmod -a/true/' -i Makefile.in || die
+	sed -e '/^all-local:/{s: modules::}' \
+		-e '/^install-exec-local:/{s: modules_install::}' \
+			-i extensions/Makefile.in || die
+
+	use xtables_addons_geoip || sed  -e '/^SUBDIRS/{s/geoip//}' -i Makefile.in
+
+	eapply_user
+}
+
+src_configure() {
+	set_arch_to_kernel # .. or it'll look for /arch/amd64/Makefile
+	econf --prefix="${EPREFIX}/" \
+		--libexecdir="${EPREFIX}/$(get_libdir)/" \
+		--with-kbuild="${KV_OUT_DIR}"
+}
+
+src_compile() {
+	emake CFLAGS="${CFLAGS}" CC="$(tc-getCC)" V=1
+	use modules && BUILD_PARAMS="V=1" BUILD_TARGETS="modules" linux-mod_src_compile
+}
+
+src_install() {
+	emake DESTDIR="${D}" install
+	use modules && linux-mod_src_install
+	dodoc -r README doc/*
+	find "${ED}" -type f -name '*.la' -exec rm -rf '{}' '+'
+}
author	V3n3RiX <venerix@koprulu.sector>	2022-05-12 16:42:50 +0300
committer	V3n3RiX <venerix@koprulu.sector>	2022-05-12 16:42:50 +0300
commit	752d6256e5204b958b0ef7905675a940b5e9172f (patch)
tree	330d16e6362a49cbed8875a777fe641a43376cd3 /net-firewall
parent	0c100b7dd2b30e75b799d806df4ef899fd98e1ea (diff)