gentoo resync : 14.05.2020

author: V3n3RiX <venerix@redcorelinux.org> 2020-05-14 11:09:11 +0100
committer: V3n3RiX <venerix@redcorelinux.org> 2020-05-14 11:09:11 +0100
commit: deba8115d2c2af26df42966b91ef04ff4dd79cde (patch)
tree: 9a48f42594e1a9e6b2020d5535a784314434d7a7 /net-firewall
parent: 38423c67c8a23f6a1bc42038193182e2da3116eb (diff)
19 files changed, 412 insertions, 522 deletions
diff --git a/net-firewall/Manifest.gz b/net-firewall/Manifest.gz
index 9fc8bf8f0829..f02ac197d99b 100644
--- a/net-firewall/Manifest.gz
+++ b/net-firewall/Manifest.gz
diff --git a/net-firewall/arno-iptables-firewall/Manifest b/net-firewall/arno-iptables-firewall/Manifest
index 2f97d9273f1c..29ba2c7e81d8 100644
--- a/net-firewall/arno-iptables-firewall/Manifest
+++ b/net-firewall/arno-iptables-firewall/Manifest
@@ -2,5 +2,5 @@ AUX arno-iptables-firewall 404 BLAKE2B 20ae4750d99c8edd3edf4f0e96354aa6a3f0df151
 DIST arno-iptables-firewall-2.0.3.tar.gz 139445 BLAKE2B 57dade49a4aaacb1354129efeb5ca013060d51baa8c23dea1fc326e52a693c7137047883ea7bbca6cc3221f70a83f7283123a345e22ceac4bb99d3b43410b65d SHA512 c88a560d4c0a2644dd1ec35e0a6e2b1883e52dc6c71075207c3b98a59964a4be3787620e9414ad5e926bddb9dbc7c2674fd8687828526c35f0fb4a53a05aa929
 DIST arno-iptables-firewall-2.1.0.tar.gz 140015 BLAKE2B 46ff89db6928bd4f86a5b26a06fa1ab2a88ecc5043f6f92543151c3ca6b74d9704c4b7046e1c5e1371e0b5de552e414cbe0524305947b026ec7953f9d779055d SHA512 b59644e78f281dacdd32045254be15dbd31ecb5f2b26d88a3c9bab60aaf19ea879d87127040db5f72292668e22026d982c17d3ad34c83da16720cdbccebdd07f
 EBUILD arno-iptables-firewall-2.0.3.ebuild 2408 BLAKE2B b6dd38e3579c0bea4d84375ae15c5083cd30d980939740d96a9ca625c6d51f47ce47f6bb70a8f556c1823ef57bd5ea76dab6756f7e78adb9e41346cf574ca063 SHA512 be79a37b28a01390c71e7400dc045b4cf5bee5805aae03a94e45989faaa1a279ef1cae89d89f19ad8da16dce7220f7c9772bf8fb8d6ba4a15729e61915a01c18
-EBUILD arno-iptables-firewall-2.1.0.ebuild 2420 BLAKE2B bfc3aceda53a9507273ad47bfa55f7d62e3f503ec13691361861ed2bda5669a4e88462581c85f6d6c3ddf24da4af52dce6164e566fb19f8190e61a83504c4414 SHA512 d93df30e59faae4675e124bc9e4cf7b1dc2f70709d23fa498006092fc45634713d801b9cbd5f56a0bc5d4129c738fcb5bcc938f9d581ae421f651c4e10c4583f
+EBUILD arno-iptables-firewall-2.1.0.ebuild 2418 BLAKE2B 77ce5882577d617dc2187f2144d105301ca11fc0d42ea5f317d08ec9100fe536d450c99b0a9c3fa8dd858b313dab5af64f2c59a928103c603b6ed6c80792e5d5 SHA512 cbe407a4acef1220fcd76117cc4f456f9a30dd729c875803f503baa014fde5f8663f6afe51a7ae2e5be6b39f1b7ab943380a62b86d84814529874ef70bd53ce1
 MISC metadata.xml 515 BLAKE2B c904370936eddef69630141ec61bdfe911a29bdc2425238b2a973ffcb89702183e0e36c42799cfc6cfaae403bdfb5a8fcefa1a576dd6a547a6b161ca9a967464 SHA512 c0d63d340e8fa318e276d3bd2e526dfa2dd5e8d810a75d75301cef8983d5bc851aae90e7f29685f8c2c21c21fadfa1c3d033156d44fb289eb9890465ea49e3bf
diff --git a/net-firewall/arno-iptables-firewall/arno-iptables-firewall-2.1.0.ebuild b/net-firewall/arno-iptables-firewall/arno-iptables-firewall-2.1.0.ebuild
index 6b4973bb283d..e9eecc7f7363 100644
--- a/net-firewall/arno-iptables-firewall/arno-iptables-firewall-2.1.0.ebuild
+++ b/net-firewall/arno-iptables-firewall/arno-iptables-firewall-2.1.0.ebuild
@@ -13,7 +13,7 @@ SRC_URI="https://github.com/${PN}/aif/archive/${MY_PV}.tar.gz -> ${P}.tar.gz"
 
 LICENSE="GPL-2"
 SLOT="0"
-KEYWORDS="~amd64 ~x86"
+KEYWORDS="amd64 x86"
 IUSE="+plugins rsyslog"
 
 DEPEND=""
diff --git a/net-firewall/arptables/Manifest b/net-firewall/arptables/Manifest
index 7455c5b7fce4..98edb0cfec9b 100644
--- a/net-firewall/arptables/Manifest
+++ b/net-firewall/arptables/Manifest
@@ -1,5 +1,6 @@
 DIST arptables-0.0.5.tar.gz 52247 BLAKE2B 860aac1af315f188ecb7f17956f9225c2a9ec007882d102be8edc9fecc9400928f4200e95283f0ecc27c4c3ae0b409887445ed79a330cef2e2d00444db83c01f SHA512 fe7f909b45a1bdc435a8307352fe2dc9c292bb7c6cf4a4d13cc2728f447b3da14a07a4dd6dc25b7872895e4e26561681f1fed25ce517102ae762701bcbcbf104
 DIST arptables-v0.0.4.tar.gz 45380 BLAKE2B a256aa280aa65fae8c5b17477fedb3fed4973e8d76746d5832184858b77111eb22bec63211a1ddfb74d25bdc23b0f237caf5ac7effa85433d0f63c51e23a3ef1 SHA512 bd84e93ab5e0a038753aa17dae9e1f48364f2d2b1492dce2edac117e21edd5aa912be7b9e21bf4fb3698031d2f765a75fa067fe10ce20a1c8951ae7efcc5dbbd
 EBUILD arptables-0.0.4.ebuild 767 BLAKE2B 643669923fb19fe90de6eed8acbba68e113cdd8572c025d694c2672fb053f71837980e88bd0991d7bc55376dbc785d72f1c51e8a2603831dfe4484463f8b7d6c SHA512 8e731f2562f779bb89abacb1de3fb7083959ef7b322c81186273f995f07b0cbbc7f30f5cece5118a4510f9a3914d4800f6b167c26e0098203adde3d02dfea557
+EBUILD arptables-0.0.5-r1.ebuild 1418 BLAKE2B 9c009e742e19d2ce5669bbee94de33d1f8484955b07f1422860c86562c469d446d2fb83a506c296a64b6a3bf617024eb20eb23d9ee1310e47027060d1c0c414c SHA512 7669b3c1c046773ad10dcf87d76a26831b33a2961624ebf38d44cca5b89285d55098c265951404e19832345acbf86d00ea099f482b71e97c9a182a3d3e1a6e5a
 EBUILD arptables-0.0.5.ebuild 857 BLAKE2B d21755c0c819e5fe3e2884bfbffd0b9ec3798a23617c44fced54694d1ad554cc8135b3115e4222558f70d678f6dc21138e68d22ccbca11ce44866b9110f919bb SHA512 cc04fcf591915be667f54bf7a79d51c919d8b69cd58d06d819fd963a6195c65093ca7425a8ea08e789778e1750f3cc370cfcaedf8dc6a7dce5afe0e93b542421
 MISC metadata.xml 335 BLAKE2B 322b571e61e782fd11e8ddabf27e3c58827d150770bcc7f8c512564012d1cd927c5c518491f8546a64a38432ff0ffd1f06f0d52b54fdcd5f6cd96ef13b702de2 SHA512 840c9d22c1e29b4ddfd6b230e293766fb4b6d5cefc9a5839765629fa33adbddbaa3157d12be851e458030406af95c8e3356577fd20c0f876b43153e89ae298df
diff --git a/net-firewall/arptables/arptables-0.0.5-r1.ebuild b/net-firewall/arptables/arptables-0.0.5-r1.ebuild
new file mode 100644
index 000000000000..9bfd2df4fba0
--- /dev/null
+++ b/net-firewall/arptables/arptables-0.0.5-r1.ebuild
@@ -0,0 +1,55 @@
+# Copyright 1999-2020 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+inherit toolchain-funcs
+
+DESCRIPTION="set up, maintain, and inspect the tables of ARP rules in the Linux kernel"
+HOMEPAGE="http://ebtables.sourceforge.net/"
+SRC_URI="ftp://ftp.netfilter.org/pub/${PN}/${P}.tar.gz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~amd64 ~ppc ~x86"
+IUSE=""
+
+BDEPEND=">=app-eselect/eselect-iptables-20200508"
+RDEPEND="${BDEPEND}"
+
+src_compile() {
+	# -O0 does not work and at least -O2 is required, bug #240752
+	emake CC="$(tc-getCC)" COPT_FLAGS="-O2 ${CFLAGS//-O0/-O2}"
+	sed -e 's:__EXEC_PATH__:/sbin:g' \
+		-i arptables-save arptables-restore || die "sed failed"
+}
+
+src_install() {
+	emake \
+		PREFIX="${ED}"/ \
+		LIBDIR="${ED}/$(get_libdir)" \
+		SYSCONFIGDIR="${ED}"/etc \
+		MANDIR="${ED}"/usr/share/man \
+		install
+
+	newman arptables-legacy.8 arptables.8
+}
+
+pkg_postinst() {
+	if ! eselect arptables show &>/dev/null; then
+		elog "Current arptables implementation is unset, setting to ebtables-legacy"
+		eselect arptables set arptables-legacy
+	fi
+
+	eselect arptables show
+}
+
+pkg_prerm() {
+	if [[ -z ${REPLACED_BY_VERSION} ]] && has_version 'net-firewall/iptables[nftables]'; then
+		elog "Resetting arptables symlinks to xtables-nft-multi before removal"
+		eselect arptables set xtables-nft-multi
+	else
+		elog "Unsetting arptables symlinks before removal"
+		eselect arptables unset
+	fi
+}
diff --git a/net-firewall/ebtables/Manifest b/net-firewall/ebtables/Manifest
index 71f2b9f0e4d1..494fcfb529ac 100644
--- a/net-firewall/ebtables/Manifest
+++ b/net-firewall/ebtables/Manifest
@@ -9,5 +9,6 @@ DIST ebtables-v2.0.10-4.tar.gz 103764 BLAKE2B 01995c701c6dbc7495bdf1f0fce61dce51
 EBUILD ebtables-2.0.10.4-r1.ebuild 1914 BLAKE2B 799fe8c074cb8ad34821007296c192345925f66645bcf52f584aabcbac9099f98214a6cf80b1f31e8d55f58ab894d2ba4bd975ff4f710848afa88ade2817749e SHA512 a57f925dae0e290422cd79944963510de853b19b81eacc219aacfdd00f5a456f6b5f18c4cbf71c8d7129f317f33d71709fb6d5d3c5712f11115acd3c1eff93fa
 EBUILD ebtables-2.0.10.4-r2.ebuild 1888 BLAKE2B 59fb0004f531ea9a19e3fd6fcb6d4b11c9345d04e3c5692a8a6028f343e8a4d02b4b9f4a3a0d5bdda280519218b80dfb97726f91c6eb78387521538784f28dc9 SHA512 f3464a20c8b33fb55931efd5fb86e4edece9f3c8243f6b15c008c0d100953385fb6f915073055e9d481b6ba8e12d6a67c96d378783474178aaff112f0f5b3675
 EBUILD ebtables-2.0.10.4.ebuild 1755 BLAKE2B 4801b2df1f8dfa4db9c9ea4fe5fea274487b999247ec48c0c2da6123883dc50b60c85738f4a1fda5d164e05018eafb9b5cc78123a3761c5adcefb729633dc188 SHA512 b4b9dada0a1179c7e3df58fefb49a34f85fcc05b184c003c261f58e6394b5006633bf5a7e9ae7a94fc0b49df82569999e0f59178296e38f6856fa1e72f5d52fa
+EBUILD ebtables-2.0.11-r1.ebuild 2464 BLAKE2B d1ae3b7d191c918fa29f30bd9bba26e1f59f8777ced2dee7830b3228c588ecc4686c30c6d60167295c9cc0a49f9d7b8ea7b25271d145378553434a7a7d79439d SHA512 e37bd81f0c4cbdf7e634742b524253b6c22f79d97a21eec8ce879c9c42249831d226a8a72285d3f3e83af9dffe6dcdc1b835960f7213a1fa8714d27d70a609d5
 EBUILD ebtables-2.0.11.ebuild 2086 BLAKE2B 5a6c010cf562b09b8041f34e8063260da5dce78f2cdabe37596324da534d92481b7e0382c21773dc500a17678899794b415814cf8b968ffb5341e9ba0e63d685 SHA512 45f34debaeecab1f99b3e8ac0073b94a404c09e2aa8911161296b30985d785844ca854939a702172e1a44700a98efb2b1bf9d1c4ac5151a282d02e9604856138
-MISC metadata.xml 426 BLAKE2B 24e49caa32476577c848484c9b0749742b3eed3dfb80b67a6c595abcce49081bfa2d50d37a22624754fa06e76cc9bc4af2ac755a0b9c562d696a32e8dbcf4a2f SHA512 77ff48216c32448cf2e2aa580f0b3afd6de7aa9bda2c2379c89f77282c417d385bb8c3d3218cf6d30021e472163bc8f2b450f0e43d944adb336f49fb695ba231
+MISC metadata.xml 488 BLAKE2B 683d7552083e64daf3e41f9c1e7c53033ac4059a1f3ae248e666001424725f21efb1ec0d35c28492ac80c19998692c00e795818501b0c9f0df1037175b8bda93 SHA512 88d08269d25c3f4a22d89b5774e21c4af048c2e39beba41514780d3dac72494cb39e993becd49b0a73cb9c2d0b2e7e46c7bbe1b3a40fe6d7094431a9fb384f35
diff --git a/net-firewall/ebtables/ebtables-2.0.11-r1.ebuild b/net-firewall/ebtables/ebtables-2.0.11-r1.ebuild
new file mode 100644
index 000000000000..038a8e1204cb
--- /dev/null
+++ b/net-firewall/ebtables/ebtables-2.0.11-r1.ebuild
@@ -0,0 +1,106 @@
+# Copyright 1999-2020 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+inherit toolchain-funcs autotools
+
+MY_PV="$(ver_rs 3 '-' )"
+MY_P="${PN}-${MY_PV}"
+
+DESCRIPTION="Controls Ethernet frame filtering on a Linux bridge, MAC NAT and brouting"
+HOMEPAGE="http://ebtables.sourceforge.net/"
+SRC_URI="ftp://ftp.netfilter.org/pub/${PN}/${MY_P}.tar.gz"
+S="${WORKDIR}/${MY_P}"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~amd64 ~arm ~arm64 ~ppc ~ppc64 ~x86"
+IUSE="+perl static"
+
+BDEPEND=">=app-eselect/eselect-iptables-20200508"
+# The ebtables-save script is written in perl.
+RDEPEND="${BDEPEND}
+	perl? ( dev-lang/perl )
+	net-misc/ethertypes"
+
+PATCHES=(
+	"${FILESDIR}/${PN}-2.0.11-makefile.patch"
+
+	# Enhance ebtables-save to take table names as parameters bug #189315
+	"${FILESDIR}/${PN}-2.0.11-ebt-save.patch"
+
+	# from upstream git
+	"${FILESDIR}/ebtables-2.0.11-remove-stray-atsign.patch"
+)
+
+pkg_setup() {
+	if use static; then
+		ewarn "You've chosen static build which is useful for embedded devices."
+		ewarn "It has no init script. Make sure that's really what you want."
+	fi
+}
+
+src_prepare() {
+	default
+
+	# don't install perl scripts if USE=perl is disabled
+	if ! use perl; then
+		sed -e '/sbin_SCRIPTS/ d' -i Makefile.am || die
+	fi
+
+	eautoreconf
+}
+
+src_configure() {
+	econf \
+		--bindir="/bin" \
+		--sbindir="/sbin" \
+		--libdir=/$(get_libdir)/${PN} \
+		--sysconfdir="/usr/share/doc/${PF}" \
+		$(use_enable static)
+}
+
+src_compile() {
+	emake $(usex static 'static ebtables-legacy.8' '')
+}
+
+src_install() {
+	local -a DOCS=( ChangeLog THANKS )
+
+	if ! use static; then
+		emake DESTDIR="${D}" install
+		keepdir /var/lib/ebtables/
+		newinitd "${FILESDIR}"/ebtables.initd-r1 ebtables
+		newconfd "${FILESDIR}"/ebtables.confd-r1 ebtables
+
+		find "${D}" -name '*.la' -type f -delete || die
+	else
+		into /
+		newsbin static ebtables
+		insinto /etc
+		doins ethertypes
+	fi
+
+	newman ebtables-legacy.8 ebtables.8
+	einstalldocs
+}
+
+pkg_postinst() {
+	if ! eselect ebtables show &>/dev/null; then
+		elog "Current ebtables implementation is unset, setting to ebtables-legacy"
+		eselect ebtables set ebtables-legacy
+	fi
+
+	eselect ebtables show
+}
+
+pkg_prerm() {
+	if [[ -z ${REPLACED_BY_VERSION} ]] && has_version 'net-firewall/iptables[nftables]'; then
+		elog "Resetting ebtables symlinks to xtables-nft-multi before removal"
+		eselect ebtables set xtables-nft-multi
+	else
+		elog "Unsetting ebtables symlinks before removal"
+		eselect ebtables unset
+	fi
+}
diff --git a/net-firewall/ebtables/metadata.xml b/net-firewall/ebtables/metadata.xml
index 16ad142c1527..3386c21e014b 100644
--- a/net-firewall/ebtables/metadata.xml
+++ b/net-firewall/ebtables/metadata.xml
@@ -10,5 +10,6 @@
 	</use>
 	<upstream>
 		<remote-id type="sourceforge">ebtables</remote-id>
+		<remote-id type="cpe">cpe:/a:netfilter:ebtables</remote-id>
 	</upstream>
 </pkgmetadata>
diff --git a/net-firewall/iptables/Manifest b/net-firewall/iptables/Manifest
index 3ef8db9b43ef..013b1c7a975c 100644
--- a/net-firewall/iptables/Manifest
+++ b/net-firewall/iptables/Manifest
@@ -19,6 +19,6 @@ DIST iptables-1.8.4.tar.bz2 704312 BLAKE2B f677bb9ed2c86e6a39953c0565766991e9647
 EBUILD iptables-1.6.1-r3.ebuild 3269 BLAKE2B e4718479b62cc529f17a5f407409053b9cdc8e08d5b72ead86fe447d1fdd96cc31447ed354d4fcbc8005a2d3fa37ef50cebbd454283fc3a0ed1d9abe375412d5 SHA512 9721db9b6c0f908119d19b6b1e3f592810a64e5aa4f3ca7879fa62622e9f34864ecb3f8a0d56f5c61a449b9b9d1545837cbf07c3d05c3d3896a600d79aee7d87
 EBUILD iptables-1.6.2-r2.ebuild 3333 BLAKE2B 21d4bd596b61da1409a797c9883d612f5688ec15e144621028ba11872a184493440d636d998795b74be7f8856b39a184a24f25ac6ff56ff756fe66e3eaefc041 SHA512 6153c18419f192db0b9fccd7827ad41da201d3c25a298f0e2b823a97dd0b3d9bd6fa4dc9987ff62a0b8a0c1265b10ee71170385c2b5c5272c6183c0e21ae41bd
 EBUILD iptables-1.8.3-r1.ebuild 3398 BLAKE2B 0c61459abb1fa45910ac746f1af4527647494305ea8486f9db2935bf281c28928d9af767b781bc6f3d4a4e2c306cc7fafb71d286bb248e3f655a90b98be87d41 SHA512 533f02df18534fbe5ef8751656445cb3114a03697b6d0c06fab1b99ff590ea0ed76adef117e03681c3814633b9fbdb4c84027cf57535a5b285bc2b8c878f820b
-EBUILD iptables-1.8.4-r1.ebuild 3865 BLAKE2B 2c24556afd8268cabdb197dedab571c0111e0865e8e3fa8e736885fa9e99929bb5570d10d25d418d5afaa6107efe3e519a3c2b4a8b97029bcaa26477d1ff4b92 SHA512 7ffc7cef8b2be865b9ceb4b9695b25d4c1edadf446880858620fc0d7d35a2bd372a839695c9a8d5c9439a132b0bf1614740c41eca2862e03b27abe4e996cb677
+EBUILD iptables-1.8.4-r2.ebuild 4741 BLAKE2B 4fa05f1a199fd2a3b2e30f66b4acca958adce358c54058e5f95896940d9e6aa812363b019f1a0200aae6a3d54079c1f5bcf6c97c865311c4df07303a1a9e8472 SHA512 63a9beeea6ec3b2ee1990a96118dc2f7e217f967608c18798c7b1b1bb2a6f165eef09e49369ee9c67bfc45f84048fd5440de19845a766ddff7e634e57f647c72
 EBUILD iptables-1.8.4.ebuild 3298 BLAKE2B 923a2c7b841f3bb1dde876db19837f1eda830f6f0495e9aaf18743af298435f543b9865deb0e1e7942130f2cdaa000717663ae05ec97f721e467cead207480bb SHA512 97ab0f7fd1aa2380246eef249b7a01cbd7aecbd271aebe1b40bd0eee25053a4a813309774412e3308b3ba9d6dc102289c89b3bfc35506a8ad985c31d80a3c078
 MISC metadata.xml 1465 BLAKE2B c60f98672fb6153499b700a436b26b63c0f271c8f8519a3391e486b761ba673c362a7dc5e23b86e3af887270596a1682ea993e643a08215f670f7e3804f095bd SHA512 26bf7e3008dfd705995b15eccaaaa8c79fd488be191570a874b76571a2f9d4648a7c19eb576399ca7bbe849336d7d193f5b6b58a3ff83f87f3c157c53333e987
diff --git a/net-firewall/iptables/iptables-1.8.4-r1.ebuild b/net-firewall/iptables/iptables-1.8.4-r2.ebuild
index 80ef3dd2877b..96799b425fb4 100644
--- a/net-firewall/iptables/iptables-1.8.4-r1.ebuild
+++ b/net-firewall/iptables/iptables-1.8.4-r2.ebuild
@@ -19,8 +19,10 @@ SLOT="0/1.8.3"
 KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86"
 IUSE="conntrack ipv6 netlink nftables pcap static-libs"
 
+BUILD_DEPEND="
+	>=app-eselect/eselect-iptables-20200508
+"
 COMMON_DEPEND="
-	app-eselect/eselect-iptables
 	conntrack? ( >=net-libs/libnetfilter_conntrack-1.0.6 )
 	netlink? ( net-libs/libnfnetlink )
 	nftables? (
@@ -33,7 +35,8 @@ DEPEND="${COMMON_DEPEND}
 	virtual/os-headers
 	>=sys-kernel/linux-headers-4.4:0
 "
-BDEPEND="
+BDEPEND="${BUILD_DEPEND}
+	app-eselect/eselect-iptables
 	virtual/pkgconfig
 	nftables? (
 		sys-devel/flex
@@ -41,7 +44,10 @@ BDEPEND="
 	)
 "
 RDEPEND="${COMMON_DEPEND}
+	${BUILD_DEPEND}
 	nftables? ( net-misc/ethertypes )
+	!<net-firewall/ebtables-2.0.11-r1
+	!<net-firewall/arptables-0.0.5-r1
 "
 
 PATCHES=(
@@ -116,11 +122,8 @@ src_install() {
 		# Bug 647458
 		rm "${ED}"/etc/ethertypes || die
 
-		# Bug 660886
-		rm "${ED}"/sbin/{arptables,ebtables} || die
-
-		# Bug 669894
-		rm "${ED}"/sbin/ebtables-{save,restore} || die
+		# Bugs 660886 and 669894
+		rm "${ED}"/sbin/{arptables,ebtables}{,-{save,restore}} || die
 	fi
 
 	systemd_dounit "${FILESDIR}"/systemd/iptables-{re,}store.service
@@ -139,8 +142,18 @@ pkg_postinst() {
 	if ! eselect iptables show &>/dev/null; then
 		elog "Current iptables implementation is unset, setting to ${default_iptables}"
 		eselect iptables set "${default_iptables}"
-		use ipv6 && eselect iptables set --ipv6 "${default_iptables}"
 	fi
+
+	if use nftables; then
+		local tables
+		for tables in {arp,eb}tables; do
+			if ! eselect ${tables} show &>/dev/null; then
+				elog "Current ${tables} implementation is unset, setting to ${default_iptables}"
+				eselect ${tables} set xtables-nft-multi
+			fi
+		done
+	fi
+
 	eselect iptables show
 }
 
@@ -148,6 +161,22 @@ pkg_prerm() {
 	elog "Unsetting iptables symlinks before removal"
 	eselect iptables unset
 
+	if ! has_version 'net-firewall/ebtables'; then
+		elog "Unsetting ebtables symlinks before removal"
+		eselect ebtables unset
+	elif [[ -z ${REPLACED_BY_VERSION} ]]; then
+		elog "Resetting ebtables symlinks to ebtables-legacy"
+		eselect ebtables set ebtables-legacy
+	fi
+
+	if ! has_version 'net-firewall/arptables'; then
+		elog "Unsetting arptables symlinks before removal"
+		eselect arptables unset
+	elif [[ -z ${REPLACED_BY_VERSION} ]]; then
+		elog "Resetting arptables symlinks to arptables-legacy"
+		eselect arptables set arptables-legacy
+	fi
+
 	# the eselect module failing should not be fatal
 	return 0
 }
diff --git a/net-firewall/nftlb/Manifest b/net-firewall/nftlb/Manifest
new file mode 100644
index 000000000000..b26a0311e8ae
--- /dev/null
+++ b/net-firewall/nftlb/Manifest
@@ -0,0 +1,5 @@
+AUX nftlb-0.6-musl.patch 1887 BLAKE2B fdf12a0f3113e1fff17096195150e387ec44342d67b80d63fff525e8b28222599276bb607b7f21b44953dbeb0f00861b6477b01af24bc990be046b45a169ced5 SHA512 48781ce88c94b7d184764d9b2fb70410310215fe165fa89965293633bc039044e5d34eb10fe382f9d394f36e5960a91efb12c9e7fde24c057ae6ece0f3d75bb9
+AUX nftlb-0.6-tests.patch 1037 BLAKE2B 1b26671d49035bb57bfd5f730d40d756017234413f427a94367d571a47a4959f09389d55b95e46e0512003e0eb3022470feadeee00632d64cf6cfa94097e89b4 SHA512 9c57db285efb5a5e12d1099e4f44de17e70eb137e7fa05f9c678cadf43c7eecaab76fdb7a7815e2a22ccb9fb1d3e5c524496a9a87ff10cb64f4ff50c281889ce
+DIST nftlb-0.6.tar.gz 121216 BLAKE2B 98b69c35070eb733a218ac1b1aaa7816de1e4f149c8447fee298b4cf50c57610c816fb178d4115e1e7af5cea0f5b20df36eb5b79655e0d7c69ff30e363985104 SHA512 95b879cfc187fe94cc6876f4af3fe77795c1e0228850cfb38b95206685d9065076b6905d365da7ec5f92773cf8f72f6e441d9140d9b10b02eaf9b6c862c31006
+EBUILD nftlb-0.6.ebuild 1021 BLAKE2B 28e978c5eaa237691d102184761476ef31fab9a0c986825ae87df87599121774c2d1a95963695b52ce7a130d48c9fbf096339b166b3d57998a4a4e95d6414f25 SHA512 fb3e447387fb311569e56075b04e4a6352ee38eb9a5d8d9b2a2690404cb47cf5ff477002d2a715c047728bc203f9fe08af202e40eb5948809fb292a099d20000
+MISC metadata.xml 255 BLAKE2B 2bb3830b8cec850703f7912f4c22f5b0abeabeed0715222bc56141779d02160773cfd0f85417c553c1cd8f2738bfeb78c56dffb8e648e572019319657646d1ba SHA512 522158915afe67937f81ba572a918a2de8ca1f8591e097da56799c97870d7c44756c1acd8224d63bd3375c2b9ebc0e1ce50816899117948a48065a27804883bf
diff --git a/net-firewall/nftlb/files/nftlb-0.6-musl.patch b/net-firewall/nftlb/files/nftlb-0.6-musl.patch
new file mode 100644
index 000000000000..99990726f05e
--- /dev/null
+++ b/net-firewall/nftlb/files/nftlb-0.6-musl.patch
@@ -0,0 +1,72 @@
+diff --git a/configure.ac b/configure.ac
+index 4e7b0a9..2396857 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -2,6 +2,7 @@ AC_INIT([nftlb], [0.6], [netfilter-devel@vger.kernel.org])
+ 
+ AC_CONFIG_AUX_DIR([build-aux])
+ AC_CONFIG_MACRO_DIR([m4])
++AC_CONFIG_HEADERS([config.h])
+ AM_INIT_AUTOMAKE([-Wall foreign subdir-objects
+         tar-pax no-dist-gzip dist-bzip2 1.6])
+ 
+@@ -25,5 +26,7 @@ AC_CHECK_HEADER([ev.h], [EVENTINC="-include ev.h"],
+ 				 [EVENTINC="-include libev/ev.h"],
+ 				 [AC_MSG_ERROR([ev.h not found])])])
+ 
++AC_CHECK_HEADERS([execinfo.h])
++
+ AC_CONFIG_FILES([Makefile src/Makefile])
+ AC_OUTPUT
+diff --git a/src/main.c b/src/main.c
+index b6b5ec4..b2a080f 100644
+--- a/src/main.c
++++ b/src/main.c
+@@ -18,6 +18,7 @@
+  *   along with this program.  If not, see <http://www.gnu.org/licenses/>.
+  *
+  */
++#include "config.h"
+ 
+ #include <stdio.h>
+ #include <stdlib.h>
+@@ -26,7 +27,10 @@
+ #include <syslog.h>
+ #include <errno.h>
+ #include <unistd.h>
++
++#ifdef HAVE_EXECINFO_H
+ #include <execinfo.h>
++#endif /* HAVE_EXECINFO_H */
+ 
+ #include "config.h"
+ #include "objects.h"
+@@ -85,6 +89,7 @@ static void nftlb_sighandler(int signo)
+ 	exit(EXIT_SUCCESS);
+ }
+ 
++#ifdef HAVE_EXECINFO_H
+ static void nftlb_trace() {
+ 	void *buffer[255];
+ 	char **str;
+@@ -106,6 +111,7 @@ static void nftlb_trace() {
+ 
+ 	exit(EXIT_FAILURE);
+ }
++#endif /* HAVE_EXECINFO_H */
+ 
+ int main(int argc, char *argv[])
+ {
+@@ -157,8 +163,12 @@ int main(int argc, char *argv[])
+ 
+ 	if (signal(SIGINT, nftlb_sighandler) == SIG_ERR ||
+ 	    signal(SIGTERM, nftlb_sighandler) == SIG_ERR ||
++#ifdef HAVE_EXECINFO_H
+ 	    signal(SIGPIPE, SIG_IGN) == SIG_ERR ||
+ 	    signal(SIGSEGV, nftlb_trace) == SIG_ERR) {
++#else
++	    signal(SIGPIPE, SIG_IGN) == SIG_ERR) {
++#endif /* HAVE_EXECINFO_H */
+ 		fprintf(stderr, "Error assigning signals\n");
+ 		syslog(LOG_ERR, "Error assigning signals");
+ 		return EXIT_FAILURE;
diff --git a/net-firewall/nftlb/files/nftlb-0.6-tests.patch b/net-firewall/nftlb/files/nftlb-0.6-tests.patch
new file mode 100644
index 000000000000..05baa7ee03a3
--- /dev/null
+++ b/net-firewall/nftlb/files/nftlb-0.6-tests.patch
@@ -0,0 +1,47 @@
+diff --git a/tests/exec_tests.sh b/tests/exec_tests.sh
+index d96eaa3..b7f812d 100755
+--- a/tests/exec_tests.sh
++++ b/tests/exec_tests.sh
+@@ -33,6 +33,8 @@ fi
+ 
+ echo "-- Executing configuration tests"
+ 
++retval=0
++
+ for test in `ls -d ${TESTS}`; do
+ 	if [[ ! ${test} =~ ^..._ ]]; then
+ 		continue;
+@@ -55,14 +57,16 @@ for test in `ls -d ${TESTS}`; do
+ 
+ 	if [ $statusexec -ne 0 ]; then
+ 		echo -e "\e[31mNFT EXEC ERROR\e[0m"
++		retval=1
+ 		continue;
+ 	fi
+ 
+ 	#~ nftfile=`echo ${file} | awk -F'.' '{ print $1 }'`
+-	$NFTBIN list ruleset > ${reportfile}
++	$NFTBIN list ruleset > ${reportfile} || retval=1
+ 
+ 	if [ ! -f ${outputfile} ]; then
+ 		echo "Dump file doesn't exist"
++		retval=1
+ 		continue;
+ 	fi
+ 
+@@ -74,6 +78,7 @@ for test in `ls -d ${TESTS}`; do
+ 		rm -f ${reportfile}
+ 	else
+ 		echo -e "\e[31mNFT DUMP ERROR\e[0m"
++		retval=1
+ 	fi
+ done
+ 
+@@ -83,4 +88,7 @@ fi
+ 
+ if [ "`grep 'nft command error' /var/log/syslog`" != "" ]; then
+ 	echo -e "\e[33m* command errors found, please check syslog\e[0m"
++	retval=1
+ fi
++
++exit ${retval}
diff --git a/net-firewall/nftlb/metadata.xml b/net-firewall/nftlb/metadata.xml
new file mode 100644
index 000000000000..56cae167d372
--- /dev/null
+++ b/net-firewall/nftlb/metadata.xml
@@ -0,0 +1,8 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+  <maintainer type="person">
+    <email>chutzpah@gentoo.org</email>
+    <name>Patrick McLean</name>
+  </maintainer>
+</pkgmetadata>
diff --git a/net-firewall/nftlb/nftlb-0.6.ebuild b/net-firewall/nftlb/nftlb-0.6.ebuild
new file mode 100644
index 000000000000..99822681780a
--- /dev/null
+++ b/net-firewall/nftlb/nftlb-0.6.ebuild
@@ -0,0 +1,56 @@
+# Copyright 2020 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+inherit linux-info autotools
+
+DESCRIPTION="nftables load balancer"
+HOMEPAGE="https://github.com/zevenet/nftlb"
+SRC_URI="https://github.com/zevenet/${PN}/archive/v${PV}.tar.gz -> ${P}.tar.gz"
+
+LICENSE="AGPL-3"
+SLOT="0"
+KEYWORDS="~amd64 ~x86"
+
+DEPEND="
+	net-firewall/nftables:=[modern-kernel]
+	dev-libs/jansson:=
+	dev-libs/libev:=
+"
+RDEPEND="${DEPEND}"
+
+# tests need root access
+RESTRICT="test"
+
+PATCHES=(
+	"${FILESDIR}/nftlb-0.6-tests.patch"
+	"${FILESDIR}/nftlb-0.6-musl.patch"
+)
+
+pkg_setup() {
+	local CONFIG_CHECK="~NF_TABLES ~NFT_NUMGEN
+		~NFT_HASH ~NF_NAT ~IP_NF_NAT"
+
+	linux-info_pkg_setup
+
+	if kernel_is lt 4 19; then
+		eerror "${PN} requires kernel version 4.19 or newer"
+	fi
+}
+
+src_prepare() {
+	default
+	eautoreconf
+}
+
+src_test() {
+	pushd tests >/dev/null || die
+
+	sed -e "s:/var/log/syslog:\"${T}/tests.log\":" \
+		-i exec_tests.sh || die
+
+	./exec_tests.sh || die "tests failed"
+
+	popd >/dev/null || die
+}
diff --git a/net-firewall/shorewall/Manifest b/net-firewall/shorewall/Manifest
index 4355130f27b0..f109297c87d6 100644
--- a/net-firewall/shorewall/Manifest
+++ b/net-firewall/shorewall/Manifest
@@ -1,6 +1,6 @@
 AUX shorewall-5.2.1-no-gzipped-manpages.patch 1000 BLAKE2B 5e078f3c7e60e490c5efc5f7f3614c3ed1a5e280aea05fc759104b152d8e25d6a7ecb2ac41949b3d3028c3b00632d551ea1515ec5e956d55ed83a9bfc3686db2 SHA512 d38680b5df5533c767a47f81f13dabb9ff1904cdc9823afa45d024243e81ea175bf9b25c6a3df73dd81dedb349e783289a0856203579a042c1c5f39b3bb14c29
 AUX shorewall-core-5.2.1-no-gzipped-manpages.patch 533 BLAKE2B 88513fe65a7fe2a72425c3b1eaa054352f61fac34ebd8c46cb149c9364411e9dd9e69b8821bcac30ec0d32355c0cab53c5d574210a7eb5064e97376b7563d512 SHA512 f8c2bcebcfa157450bed8067ff7f0cc4a5e6f52fb717c8f6c717067020797d10ff9ab123b09a43faf534d10349735bfed82b32ce6530d166e51b7de1082b544c
-AUX shorewall-init-01_remove-ipset-functionality-r1.patch 799 BLAKE2B 5cbf0835d291464eca10356fcfe1de13bc90cf0e3b9869d0daf8e3ad3864a44939774179047cbf5e192f0e294d8e8765c6d7b60a02178c9c149cbda4d3342b83 SHA512 c8686cb9345abd1036a8fdc6cbdaacc21a69df9dc536393a65675a2ae19c9cfb71d71cc66a9776135ad923414bde783f01dfa69600d1cfaafd618fcea65c8dcf
+AUX shorewall-init-01_remove-ipset-functionality-r2.patch 739 BLAKE2B df90808408d4d1416ee44dd9d87dc54c4c3d1a11ffbb1071ede977df8e81726a7e5992e1048461991c9461022647fdd86abfb6b77a1a29abd13e09271ada0db2 SHA512 1338e43636fd0d7f6b9914593ae4aa8bf083ff80ad9800c3094754d33dcfa1ee2352dafc991e5744be5a3cae28b5e0c9f108833b2814f9bbca2ba0e83e8af727
 AUX shorewall-init.confd 152 BLAKE2B b670db8a1da8e37c9d0f856c27ceb9644ec7baebf82e8d053c02a6f133df15a04087340ac430c8dddc57295332834c3e8e1c6fcb994e96e7224452a5a039d1c4 SHA512 105393c3cbdd1820066e41ed941b6a79cafde3196eb723c06ca984fc663370d6902757467339b6b4ebfb8d00167b9f85311b6842dadc564029313eb36f1a389b
 AUX shorewall-init.initd 4357 BLAKE2B 192e36a9e488c510783454852e65e2963e400fcabc96a07201c9cc72e09bcb63171cd56665f4cc9e4b4631202f8bed3d618866bccdaf194dee25814241381739 SHA512 5cb410e0fe0391fd467f212b3e1cf3ec4c7fa3289de2341edbf301ce9087e7cba05a36999a8203d7bce28ac35a429c10bc017a96b750aec1bf257987aec23245
 AUX shorewall-init.readme 1233 BLAKE2B a0603996cba908f3ff101ea82761c5acc279ee590311e7a8cb911bbfc59b6736b74fbf515f65b75eb5c5337fdbc7f23a484b1b5eee3f07964778753b7ceaca03 SHA512 8dbb70cc381b81ae811dcbfbcff63f5de0ba776472107a7d3b53e912fe50f20acb59f5da2aecec5de87ad0513a40fb4b4dfa30b51ff5f4b0da9186504870304a
@@ -15,20 +15,12 @@ AUX shorewall.systemd 568 BLAKE2B 385edad8857f029f691481483cc3e5e5981836254b7b39
 AUX shorewall6-lite.systemd 612 BLAKE2B e658af2b6d399fe527a58201b80997651954df67a18be2465a1099b81f7ed89cc3c63d4ef550521d3b9e3cc995915439e21e1142f46f8df1e44e22b5c29009d5 SHA512 0bd832d4f8857bf9b1c9c776a53739d8666f002d1caab29c976a248916cf1eb5806d6b59dbf7ee8a120a3158b10e6fa6e179e34fe9fa6077a794ffa7d1e06cec
 AUX shorewall6.systemd 577 BLAKE2B 5c755c0105954a34e39e077af0e012d9d6e647715a4b12fbae4fc47f4ae19afd6a63266b3684ddead689b2d4f7450b7a12906258fc86ef33fc36a4dac3771274 SHA512 96b69df246a18e8b7dbfdbe78959da1baa8f2a97eb290853d4040a895f2ae91b97addd2ab4e4e19345960ffe8f1b099442f40ce319b27f0d4d8d7d4780d2e78d
 AUX shorewallrc-r3 2035 BLAKE2B 6f4e4c93cee1f25405cc3ac76958064f1241a325c8b530c30f6dbd94423577d592e88613f463c4b41c1af1db22c7e53512fd8509931bb6527a8da669f2dbe773 SHA512 eaa32bf6baca0d3555db918d6221c7678f5ba67e78bf9dcdc1bf96deded8f64838d3a332226fa6605f0c1ae82e51e0f2c1540fa6188fd9bced22460a631f48a8
-DIST shorewall-5.2.3.7.tar.bz2 579234 BLAKE2B 968d9f23f9d66d1326dfd9c0b989959a1a8449f6dd3230d9191cb3f3be805065fe4d1ab5e7bd679b5da7ebbf625654dc0a878a4ebc6346e51a9d2588102e52b5 SHA512 c0f90d5cbbc6a9cad443b3ecfedda79bee71f79685049c421d8bba3826e5c874c7c31f09f243d3728514684983a27c8d4ac6854b55766fbcf34f6937f8ab28bd
-DIST shorewall-5.2.4.tar.bz2 579480 BLAKE2B 5bbca22cfa11dc482859c2703d54f35f55f1c8db46286c3480879eb47d562358a73412f0ba3ba4af9d3763c838608269a70668daf30accb07314245308f46022 SHA512 2eee8b8e86aef29f646f324dcbd156eae7a687db179361e03172ef4792f2665fd3623830028a748ea3506ffbb2f59afa9f7deba7862643aff7628857aa2ac63c
-DIST shorewall-core-5.2.3.7.tar.bz2 71454 BLAKE2B 3df2b99dfbde169a817f4a5f45876c07dbdcda432763c1227fd86d9f2e2556c639595db9c57f195a404535c72f33ae1211aee080e5df37c342f6ebd4be2a5994 SHA512 e708ee48bc087cef24959b22430c8d8814d5c2f9315988c410e6fa59b4dca9c8b48501fea9515115e760d902d9e9719f33c1310d91a83550030a8768efd18751
-DIST shorewall-core-5.2.4.tar.bz2 71532 BLAKE2B edd3762b39db162775e05d30e3ddeac244ca4375ee74bc1581af85879ddcfda22e6cae7b1357ddf5b0df615a4f5072457b1e34918bde5cb43273b21dd60f76ba SHA512 40add35f175abd62ede0b0b8f84151d7a81d56bcc3d622ed9ac676e382bd33cfee648da205f23ead462b5e6e577784c79ffdcdde5f45c731c6d93c11788d982d
-DIST shorewall-docs-html-5.2.3.7.tar.bz2 4293387 BLAKE2B 6a0ffe8eac171c13961fcf448932b7287cdca3e1da895020d5551d135fe542ca8dba3e0cba7f505ec9a204649dd5fd9849613bbb30d2970a45f321b46aa74ba5 SHA512 19c5bb80f40c9df8262e6ee00908f64d3e2d489c734bdecf6faec5f8d23bf3b6201ed21673900a2906053bc7d59872b7974262caf9883207126a082bbb2cb281
-DIST shorewall-docs-html-5.2.4.tar.bz2 4293639 BLAKE2B c024da5a3fab5f98c0913f294dafd85eced4c259762f5f06d9e98a74ea2e1ac5c0565e027609da472bd911e08027a6524e7cf97e2ec06c70965e5088fa3c331e SHA512 cb3ce47a892e92a032d4f49d693b23ad47ad3a0effb44cb24c0ff86f9b9b75eaa231210369a0ae10789bddedbbfd4c2a8a11bef9695591ef22351570c5abe481
-DIST shorewall-init-5.2.3.7.tar.bz2 35860 BLAKE2B b6046004c246113105206f2a034e0d8930a8283c3431675a2cb5c29b1509619b5d79a03bdf8c1daea085a330344ffe519a0b9d7ec860fdcd3603efd739613d2e SHA512 f3f231923a5d352cb8288d051568d4dbf24ef38122a1d8ae0c158b317c09146d938389597a5f57e9099c7c1b283780357b74f8605ea1e14393a0e3b1fa6b1118
-DIST shorewall-init-5.2.4.tar.bz2 36672 BLAKE2B 9b1d8e4670f2fadca9c3ffb4aade2734ab2714ae86d9b66728595b9e6c222b151be064634ea374767adea4424d578b7f7369acab855a5716e6f8def2f35d7b6f SHA512 7a68eb0c8e40e778123c0ecc60c2210888c1e6c68fd282e0d4f2fb2fdac3f1f00dde521c157520a1edd31ef77fe40e5d15834c5ce7d3d5500ae5fb8d66a6a324
-DIST shorewall-lite-5.2.3.7.tar.bz2 40674 BLAKE2B cf7ed3c81ab3a49556e61f48bdabf828dbb79a4c0a6c431f9ce77a4f15ec33ccbfc6bc5b1e6a942d695795679670bdb3ff22c37c54bcc4cd3552f6117bb4834b SHA512 c83f349f2626fe98a2f968a76fb48de2e7412f95ed0e72c48724cd93fe6e3b480d6cc185b5445434432bbf40ffaef7dbb875c4b5494f7875ce1f96f345314ea6
-DIST shorewall-lite-5.2.4.tar.bz2 41491 BLAKE2B 1cdef18c368d44bf7aae756c2519b3cf8aaa648be0044b6aab22aa6dda989a8a7e51ab77d963f450ab0338ea490ca2629680e1c251e4dbf43594a952a17ded9a SHA512 a222d06e60f889167160cea5107fb534e8c5bec00b42e7027615447875e3ee2513ba1eefd1e14e17ea7c91d08f2e9cfebb1b3fe2bd384f6288961c1258cbb359
-DIST shorewall6-5.2.3.7.tar.bz2 197912 BLAKE2B 20193edb20a6e165cc83391ff36e5601104dbc95f8300d1880253edc451fb086b0b619496cec84f3a6e1ea52c33ebea9de436babeb6517b41688e95eaaa10641 SHA512 45ac97f27569006715156579ca86e9dc580d30f64dabb1557ef25dbb171e76a67251a64e4ff77c8e88017dc2a9e364503c1f565f376312335ca2ac0d961a6043
-DIST shorewall6-5.2.4.tar.bz2 198630 BLAKE2B 4aa511ba5b998835b9aadad3a733b7ea7e4c0940135ae8959895ea499fd5f83e8cad3831560215c41c855f0d02f845ee97b8318af409fa088a98bbd5f3ec7a87 SHA512 b4dce7043b44fc1b84c5f8b07c524b0c9b5a83e06f694646115c448ad1e0407a77613ace99b5866cfa8b7078a98c1aba79a94c094e40453745d6cccc453d8934
-DIST shorewall6-lite-5.2.3.7.tar.bz2 40641 BLAKE2B d1c3720e7fefe6a20a29ab90e65fe9c0a113894c008377734e274177f6759245c056fb2a7e7abf42c7bddd35bd159f8c2ed2e4135edd1dda9d63ad1b596cec8c SHA512 0727a0e709bb206e4905ae8b5b4b39b2d2eb950b8aa03d8593de71a12464422681b5528a8e06a05e91e9bd1bae6a78962da1810ecbc8707e670073c28daccaaa
-DIST shorewall6-lite-5.2.4.tar.bz2 41474 BLAKE2B 123b73281cc4e84f74eef56111af24243eca9706ad03a38cb8bf3763b8645fffdb1847098d33c109b8b481eb66baa9d71a907285cc20ae6094eac9304cf7fd52 SHA512 a2a5f8054e59815e3dc2f3a51f59f29b3880226d5074b78e189e68e6c6f66de44a86791417f088bb4f1d0eead78d2841269cd222450d33b7b5cef1c00b08cfc8
-EBUILD shorewall-5.2.3.7.ebuild 16949 BLAKE2B 9100e4ddbf9669865d7a30c25bbe3308ee817585b520edea55144bcddad6c49f86d3b857b7b5d1af65deee8982b39d1eb67afdc3e9b47d9862f74e39ac7506ab SHA512 b687c39c598af8d21c5b967a9e2dad11632393e800361bd4c293b4ef82e1695ace66afa722d4f2d811965832f3da0014e6cd1e2cc8638838b3ecb8fd62088432
-EBUILD shorewall-5.2.4.ebuild 16955 BLAKE2B 17fe7a10d6c7fd11ece4169246604d8e33864a2a5a9c508a9f150da4034bb4531f5b21d9e6ad9787add150fc371361ed114edd4cd7574baba79c81cc4cc8c002 SHA512 40611e703f784b36a6435e8e2209a8d41268fba1ab6b29ad7ea66a1ad9dae5586a744dd506774baa71fc00296d225d975d7a387567b70ba59dcbf77aa8745956
+DIST shorewall-5.2.4.4.tar.bz2 581085 BLAKE2B 6830f1ce9350534a51b0d79efad07b338c511ab3cc1bf151ac958052c5feb1794d994a71e80ebf1546a76fae1718ebc74abab37fbb4d9362d8b3108133b30354 SHA512 c050af24969c2f18c4c020dfb611edaf9c6a5aa09d1dace502ae99b9aa82d7f217695e8099d6615a9a3c9f6de951f6d8b24621021c48ee2f2095edf9815a8d57
+DIST shorewall-core-5.2.4.4.tar.bz2 73257 BLAKE2B 16b8d3a1d08c9db6a939f946324295063cee71b373bd67dd85d0acb4332502df4b5d9bb932695228ad6d33395c6596e86fd3e77ca59abc99d88bab7e883777c9 SHA512 1868dcd6bad6b0cb5be2c1b0724f076605e7990d0b9dfd19fee06c758b19f2ebcbe18bccaa7a4ea861ceb26038ed07837eecdacdd2a02d0c2a927c732d6bdc30
+DIST shorewall-docs-html-5.2.4.4.tar.bz2 4294159 BLAKE2B 81bb4a9d086f48bf8551be3bc8aff0ed8a0a99d215338f12b711c96115507ea5a7eb567d084db0a93628c4036623a72231f33dd15671e84739d59608268b98c7 SHA512 086096604f5a580906f05b460e1e19df24620b610675a8ec6038c0061199fd6f09cd8aff08f1e8daa8d2898bfaec9db95cf7f4f1397ca9df784d420907b16fac
+DIST shorewall-init-5.2.4.4.tar.bz2 38048 BLAKE2B 01b4664396933ca303d4013d50f290be850dad51142257a7b1f3081cee3baac219feadc96636c732072c6918f83d847eca2107aa094804691500972a90f222fd SHA512 fdab4aa68429144cbffdf41aad78744feb3e9736df0e8d6ed87ed7ac80aebf7078c6ec28646069a71cacc8d9a6738605d59c6b6fb35d8c4d9a1ed8353a71775c
+DIST shorewall-lite-5.2.4.4.tar.bz2 42806 BLAKE2B d6dd5d9268d40fb88ee99be36b359423a6d7785417752f6e9d7245806bf9677963851327dcfd0d5fe81ea54ab11d59a5e64ee4115d41d3a6c8f4ced1e7cda732 SHA512 b81aa04f124435d3bf63d1796cca4db987f56c3e31953386ab7f3aae290058e5f3240b43864753121ed48b3744f8d6ee2dcd5210105dc1ccf5a4f790b3e22092
+DIST shorewall6-5.2.4.4.tar.bz2 199722 BLAKE2B c5c741ea7108e6edbb35190bccea06d04c6a0d1cf5dbae23481e38d3c05155df6bcaf4deb6397d07a1f51ba0b13b18b4ed22349fbe1f6e605d0303486002d876 SHA512 cf212d1c7c8703319a5c6f34ba8629f115b2f03a0713c1b40cf370adad66b671bfd9536a28bc650aba04bf6a6fd7c396788d40c2eb650a006e8f2eb27baf76f8
+DIST shorewall6-lite-5.2.4.4.tar.bz2 42739 BLAKE2B 3f1caa78b12f779bd73716dad78a26544bf99204b96da2fa950c709bbb5d68ac1ee062714d5040d961a2df35b4d22e0b6c8747b36a84bb9a5b6805cb6d0158cd SHA512 4a0c6e939bd8ca239734de64ea0b2a94885f8f14d00e37dce291b2f5aa00384227c16cc0595ef1b038f05d3d42212ace3e9482937c8c072d7e194099ab867646
+EBUILD shorewall-5.2.4.4.ebuild 16949 BLAKE2B 40c143a0265318201ec0d2186b6a1e75c0cf368e87e2544ade3ff7db49b03134434e27d628453692e33fbddaa34ec3bcb42c9375524be92fb1cbda5f37077bc4 SHA512 055dd811b6ea964f3cd44e9d312684438e17b9a5aae7a1dfd60ea863c8537e4bdc9cd80d7a129b9fa23f2483c7943c91ce3adf8ac872bb3b58e3e562654a415b
 MISC metadata.xml 2254 BLAKE2B e9d48407a0f055415070f5b0266ed9f534768f6d17d52b7070de30a037b89dbd08daac40b0ec313b8dfc65ba40ff38dae96c9758b78ec66d100ac8fa6b870d5f SHA512 0a201cf40dd1282b52897f751903baf28a2eb284b94316a45d8af6879f995dde1cdd4a7d474293835a0bde801ce41497bde558a51035a5e3650f0ec098688f33
diff --git a/net-firewall/shorewall/files/shorewall-init-01_remove-ipset-functionality-r1.patch b/net-firewall/shorewall/files/shorewall-init-01_remove-ipset-functionality-r2.patch
index 8b7925d6dceb..92258b1ff23c 100644
--- a/net-firewall/shorewall/files/shorewall-init-01_remove-ipset-functionality-r1.patch
+++ b/net-firewall/shorewall/files/shorewall-init-01_remove-ipset-functionality-r2.patch
@@ -1,18 +1,17 @@
-diff -rupN old/shorewall-init-5.1.7/shorewall-init new/shorewall-init-5.1.7/shorewall-init
---- old/shorewall-init-5.1.7/shorewall-init	2017-09-18 18:28:43.000000000 +0200
-+++ new/shorewall-init-5.1.7/shorewall-init	2017-09-23 15:46:03.489914459 +0200
-@@ -80,10 +80,6 @@ shorewall_start () {
- 	fi
-     done
+--- a/shorewall-init-5.2.4.3/shorewall-init
++++ b/shorewall-init-5.2.4.3/shorewall-init
+@@ -68,10 +68,6 @@ shorewall_init_start () {
+ 
+     printf "Initializing \"Shorewall-based firewalls\": "
  
 -    if [ -n "$SAVE_IPSETS" -a -f "$SAVE_IPSETS" ]; then
 -	ipset -R < "$SAVE_IPSETS"
 -    fi
 -
-     return 0
- }
- 
-@@ -101,15 +97,6 @@ shorewall_stop () {
+     for PRODUCT in $PRODUCTS; do
+ 	if setstatedir; then
+ 	    #
+@@ -109,15 +105,6 @@ shorewall_init_stop () {
  	fi
      done
  
diff --git a/net-firewall/shorewall/shorewall-5.2.3.7.ebuild b/net-firewall/shorewall/shorewall-5.2.4.4.ebuild
index ab98fa113074..c6f9c3e5bed0 100644
--- a/net-firewall/shorewall/shorewall-5.2.3.7.ebuild
+++ b/net-firewall/shorewall/shorewall-5.2.4.4.ebuild
@@ -249,7 +249,7 @@ src_prepare() {
 		eprefixify "${S}"/${MY_PN_INIT}/init.gentoo.sh
 
 		pushd "${S}"/${MY_PN_INIT} &>/dev/null || die
-		eapply -p2 "${FILESDIR}"/shorewall-init-01_remove-ipset-functionality-r1.patch
+		eapply -p2 "${FILESDIR}"/shorewall-init-01_remove-ipset-functionality-r2.patch
 		popd &>/dev/null || die
 	fi
 
diff --git a/net-firewall/shorewall/shorewall-5.2.4.ebuild b/net-firewall/shorewall/shorewall-5.2.4.ebuild
deleted file mode 100644
index 9f77b3406b11..000000000000
--- a/net-firewall/shorewall/shorewall-5.2.4.ebuild
+++ /dev/null
@@ -1,482 +0,0 @@
-# Copyright 1999-2020 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI="7"
-
-inherit linux-info prefix systemd
-
-DESCRIPTION='A high-level tool for configuring Netfilter'
-HOMEPAGE="https://shorewall.org/"
-LICENSE="GPL-2"
-SLOT="0"
-IUSE="doc +init +ipv4 ipv6 lite4 lite6 selinux"
-
-MY_PV=${PV/_rc/-RC}
-MY_PV=${MY_PV/_beta/-Beta}
-MY_P=${PN}-${MY_PV}
-
-MY_MAJOR_RELEASE_NUMBER=$(ver_cut 1-2)
-MY_MAJORMINOR_RELEASE_NUMBER=$(ver_cut 1-3)
-
-# shorewall
-MY_PN_IPV4=Shorewall
-MY_P_IPV4=${MY_PN_IPV4/#S/s}-${MY_PV}
-
-# shorewall6
-MY_PN_IPV6=Shorewall6
-MY_P_IPV6=${MY_PN_IPV6/#S/s}-${MY_PV}
-
-# shorewall-lite
-MY_PN_LITE4=Shorewall-lite
-MY_P_LITE4=${MY_PN_LITE4/#S/s}-${MY_PV}
-
-# shorewall6-lite
-MY_PN_LITE6=Shorewall6-lite
-MY_P_LITE6=${MY_PN_LITE6/#S/s}-${MY_PV}
-
-# shorewall-init
-MY_PN_INIT=Shorewall-init
-MY_P_INIT=${MY_PN_INIT/#S/s}-${MY_PV}
-
-# shorewall-core
-MY_PN_CORE=Shorewall-core
-MY_P_CORE=${MY_PN_CORE/#S/s}-${MY_PV}
-
-# shorewall-docs-html
-MY_PN_DOCS=Shorewall-docs-html
-MY_P_DOCS=${MY_PN_DOCS/#S/s}-${MY_PV}
-
-# Upstream URL schema:
-# Beta:    $MIRROR/pub/shorewall/development/4.6/shorewall-4.6.4-Beta2/shorewall-4.6.4-Beta2.tar.bz2
-# RC:      $MIRROR/pub/shorewall/development/4.6/shorewall-4.6.4-RC1/shorewall-4.6.4-RC1.tar.bz2
-# Release: $MIRROR/pub/shorewall/4.6/shorewall-4.6.3/shorewall-4.6.3.3.tar.bz2
-
-MY_URL_PREFIX=
-MY_URL_SUFFIX=
-if [[ ${MY_PV} = *-Beta* ]] || [[ ${MY_PV} = *-RC* ]]; then
-	MY_URL_PREFIX='development/'
-
-	if [[ ${MY_PV} = *-Beta* ]] ; then
-		MY_URL_SUFFIX="-Beta${MY_PV##*-Beta}"
-	elif [[ ${MY_PV} = *-RC* ]] ; then
-		MY_URL_SUFFIX="-RC${MY_PV##*-RC}"
-	fi
-
-	# Cleaning up temporary variables
-	unset _tmp_last_index
-	unset _tmp_suffix
-else
-	KEYWORDS="~alpha ~amd64 ~hppa ~ppc ~ppc64 ~sparc ~x86"
-fi
-
-SRC_URI="
-	https://shorewall.org/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall-core-${MY_PV}.tar.bz2
-	ipv4? ( https://shorewall.org/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall-${MY_PV}.tar.bz2 )
-	ipv6? ( https://shorewall.org/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall6-${MY_PV}.tar.bz2 )
-	lite4? ( https://shorewall.org/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall-lite-${MY_PV}.tar.bz2 )
-	lite6? ( https://shorewall.org/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall6-lite-${MY_PV}.tar.bz2 )
-	init? ( https://shorewall.org/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall-init-${MY_PV}.tar.bz2 )
-	doc? ( https://shorewall.org/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/${MY_P_DOCS}.tar.bz2 )
-"
-
-# - Shorewall6 requires Shorewall
-# - Installing Shorewall-init or just the documentation doesn't make any sense,
-#   that's why we force the user to select at least one "real" Shorewall product
-#
-# See https://shorewall.org/download.htm#Which
-REQUIRED_USE="
-	ipv6? ( ipv4 )
-	|| ( ipv4 lite4 lite6 )
-"
-
-# No build dependencies! Just plain shell scripts...
-DEPEND=""
-
-RDEPEND="
-	>=net-firewall/iptables-1.4.20
-	>=sys-apps/iproute2-3.8.0[-minimal]
-	>=sys-devel/bc-1.06.95
-	ipv4? (
-		>=dev-lang/perl-5.16
-		virtual/perl-Digest-SHA
-	)
-	ipv6? (
-		>=dev-perl/Socket6-0.230.0
-		>=net-firewall/iptables-1.4.20[ipv6]
-		>=sys-apps/iproute2-3.8.0[ipv6]
-	)
-	lite6? (
-		>=net-firewall/iptables-1.4.20[ipv6]
-		>=sys-apps/iproute2-3.8.0[ipv6]
-	)
-	init? ( >=sys-apps/coreutils-8.20 )
-	selinux? ( >=sec-policy/selinux-shorewall-2.20161023-r3 )
-	!net-firewall/shorewall-core
-	!net-firewall/shorewall6
-	!net-firewall/shorewall-lite
-	!net-firewall/shorewall6-lite
-	!net-firewall/shorewall-init
-	!<sys-apps/systemd-214
-"
-
-S=${WORKDIR}
-
-pkg_pretend() {
-	local CONFIG_CHECK="~NF_CONNTRACK"
-
-	local WARNING_CONNTRACK="Without NF_CONNTRACK support, you will be unable"
-	local WARNING_CONNTRACK+=" to run any shorewall-based firewall on the local system."
-
-	# kernel >=4.19 has unified NF_CONNTRACK module, bug 671176
-	if kernel_is -lt 4 19; then
-		if use ipv4 || use lite4; then
-			CONFIG_CHECK="${CONFIG_CHECK} ~NF_CONNTRACK_IPV4"
-
-			local WARNING_CONNTRACK_IPV4="Without NF_CONNTRACK_IPV4 support, you will"
-			local WARNING_CONNTRACK_IPV4+=" be unable to run any shorewall-based IPv4 firewall on the local system."
-		fi
-
-		if use ipv6 || use lite6; then
-			CONFIG_CHECK="${CONFIG_CHECK} ~NF_CONNTRACK_IPV6"
-
-			local WARNING_CONNTRACK_IPV6="Without NF_CONNTRACK_IPV6 support, you will"
-			local WARNING_CONNTRACK_IPV6+=" be unable to run any shorewall-based IPv6 firewall on the local system."
-		fi
-	fi
-
-	check_extra_config
-}
-
-pkg_setup() {
-	if [[ -n "${DIGEST}" ]]; then
-		einfo "Unsetting environment variable \"DIGEST\" to prevent conflicts with package's \"install.sh\" script ..."
-		unset DIGEST
-	fi
-}
-
-src_prepare() {
-	# We are moving each unpacked source from MY_P_* to MY_PN_*.
-	# This allows us to use patches from upstream and keeps epatch_user working
-
-	einfo "Preparing shorewallrc ..."
-	cp "${FILESDIR}"/shorewallrc-r3 "${S}"/shorewallrc.gentoo || die "Copying shorewallrc failed"
-	eprefixify "${S}"/shorewallrc.gentoo
-	sed -i \
-		-e "s|SERVICEDIR=tbs|SERVICEDIR=$(systemd_get_systemunitdir)|" \
-		"${S}"/shorewallrc.gentoo || die "Failed to update shorewallrc"
-
-	# shorewall-core
-	mv "${S}"/${MY_P_CORE} "${S}"/${MY_PN_CORE} || die "Failed to move '${S}/${MY_P_CORE}' to '${S}/${MY_PN_CORE}'"
-	ebegin "Applying Gentoo-specific changes to ${MY_P_CORE} ..."
-	ln -s ../shorewallrc.gentoo ${MY_PN_CORE}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo"
-	eend 0
-
-	pushd "${S}"/${MY_PN_CORE} &>/dev/null || die
-	eapply "${FILESDIR}"/shorewall-core-5.2.1-no-gzipped-manpages.patch
-	popd &>/dev/null || die
-
-	# shorewall
-	if use ipv4; then
-		mv "${S}"/${MY_P_IPV4} "${S}"/${MY_PN_IPV4} || die "Failed to move '${S}/${MY_P_IPV4}' to '${S}/${MY_PN_IPV4}'"
-		ebegin "Applying Gentoo-specific changes to ${MY_P_IPV4}"
-		ln -s ../shorewallrc.gentoo ${MY_PN_IPV4}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo"
-		cp "${FILESDIR}"/shorewall.confd-r1 "${S}"/${MY_PN_IPV4}/default.gentoo || die "Copying shorewall.confd-r1 failed"
-		cp "${FILESDIR}"/shorewall.initd-r3 "${S}"/${MY_PN_IPV4}/init.gentoo.sh || die "Copying shorewall.initd-r2 failed"
-		cp "${FILESDIR}"/shorewall.systemd "${S}"/${MY_PN_IPV4}/gentoo.service || die "Copying shorewall.systemd failed"
-		eend 0
-
-		pushd "${S}"/${MY_PN_IPV4} &>/dev/null || die
-		eapply "${FILESDIR}"/shorewall-5.2.1-no-gzipped-manpages.patch
-		popd &>/dev/null || die
-	fi
-
-	# shorewall6
-	if use ipv6; then
-		mv "${S}"/${MY_P_IPV6} "${S}"/${MY_PN_IPV6} || die "Failed to move '${S}/${MY_P_IPV6}' to '${S}/${MY_PN_IPV6}'"
-		ebegin "Applying Gentoo-specific changes to ${MY_P_IPV6}"
-		ln -s ../shorewallrc.gentoo ${MY_PN_IPV6}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo"
-		cp "${FILESDIR}"/shorewall.confd-r1 "${S}"/${MY_PN_IPV6}/default.gentoo || die "Copying shorewall.confd-r1 failed"
-		cp "${FILESDIR}"/shorewall.initd-r3 "${S}"/${MY_PN_IPV6}/init.gentoo.sh || die "Copying shorewall.initd-r2 failed"
-		cp "${FILESDIR}"/shorewall6.systemd "${S}"/${MY_PN_IPV6}/gentoo.service || die "Copying shorewall6.systemd failed"
-		eend 0
-
-		pushd "${S}"/${MY_PN_IPV6} &>/dev/null || die
-		eapply "${FILESDIR}"/shorewall-5.2.1-no-gzipped-manpages.patch
-		popd &>/dev/null || die
-	fi
-
-	# shorewall-lite
-	if use lite4; then
-		mv "${S}"/${MY_P_LITE4} "${S}"/${MY_PN_LITE4} || die "Failed to move '${S}/${MY_P_LITE4}' to '${S}/${MY_PN_LITE4}'"
-		ebegin "Applying Gentoo-specific changes to ${MY_P_LITE4}"
-		ln -s ../shorewallrc.gentoo ${MY_PN_LITE4}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo"
-		cp "${FILESDIR}"/shorewall-lite.confd-r1 "${S}"/${MY_PN_LITE4}/default.gentoo || die "Copying shorewall-lite.confd-r1 failed"
-		cp "${FILESDIR}"/shorewall-lite.initd-r3 "${S}"/${MY_PN_LITE4}/init.gentoo.sh || die "Copying shorewall-lite.initd-r2 failed"
-		cp "${FILESDIR}"/shorewall-lite.systemd "${S}"/${MY_PN_LITE4}/gentoo.service || die "Copying shorewall-lite.systemd failed"
-		eend 0
-
-		pushd "${S}"/${MY_PN_LITE4} &>/dev/null || die
-		eapply "${FILESDIR}"/shorewall-lite-5.2.1-no-gzipped-manpages.patch
-		popd &>/dev/null || die
-	fi
-
-	# shorewall6-lite
-	if use lite6; then
-		mv "${S}"/${MY_P_LITE6} "${S}"/${MY_PN_LITE6} || die "Failed to move '${S}/${MY_P_LITE6}' to '${S}/${MY_PN_LITE6}'"
-		ebegin "Applying Gentoo-specific changes to ${MY_P_LITE6}"
-		ln -s ../shorewallrc.gentoo ${MY_PN_LITE6}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo"
-		cp "${FILESDIR}"/shorewall-lite.confd-r1 "${S}"/${MY_PN_LITE6}/default.gentoo || die "Copying shorewall-lite.confd-r1 failed"
-		cp "${FILESDIR}"/shorewall-lite.initd-r3 "${S}"/${MY_PN_LITE6}/init.gentoo.sh || die "Copying shorewall-lite.initd-r2 failed"
-		cp "${FILESDIR}"/shorewall6-lite.systemd "${S}"/${MY_PN_LITE6}/gentoo.service || die "Copying shorewall6-lite.systemd failed"
-		eend 0
-
-		pushd "${S}"/${MY_PN_LITE6} &>/dev/null || die
-		eapply "${FILESDIR}"/shorewall-lite-5.2.1-no-gzipped-manpages.patch
-		popd &>/dev/null || die
-	fi
-
-	# shorewall-init
-	if use init; then
-		mv "${S}"/${MY_P_INIT} "${S}"/${MY_PN_INIT} || die "Failed to move '${S}/${MY_P_INIT}' to '${S}/${MY_PN_INIT}'"
-		ebegin "Applying Gentoo-specific changes to ${MY_P_INIT}"
-		ln -s ../shorewallrc.gentoo ${MY_PN_INIT}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo"
-		cp "${FILESDIR}"/shorewall-init.confd "${S}"/${MY_PN_INIT}/default.gentoo || die "Copying shorewall-init.confd failed"
-		cp "${FILESDIR}"/shorewall-init.initd "${S}"/${MY_PN_INIT}/init.gentoo.sh || die "Copying shorewall-init.initd failed"
-		cp "${FILESDIR}"/shorewall-init.systemd "${S}"/${MY_PN_INIT}/gentoo.service || die "Copying shorewall-init.systemd failed"
-		cp "${FILESDIR}"/shorewall-init.readme "${S}"/${MY_PN_INIT}/shorewall-init.README.Gentoo.txt || die "Copying shorewall-init.systemd failed"
-		eend 0
-
-		eprefixify "${S}"/${MY_PN_INIT}/init.gentoo.sh
-
-		pushd "${S}"/${MY_PN_INIT} &>/dev/null || die
-		eapply -p2 "${FILESDIR}"/shorewall-init-01_remove-ipset-functionality-r1.patch
-		popd &>/dev/null || die
-	fi
-
-	# shorewall-docs-html
-	if use doc; then
-		mv "${S}"/${MY_P_DOCS} "${S}"/${MY_PN_DOCS} || die "Failed to move '${S}/${MY_P_DOCS}' to '${S}/${MY_PN_DOCS}'"
-	fi
-
-	eapply_user
-}
-
-src_configure() {
-	:;
-}
-
-src_compile() {
-	:;
-}
-
-src_install() {
-	# shorewall-core
-	einfo "Installing ${MY_P_CORE} ..."
-	DESTDIR="${ED}" ${MY_PN_CORE}/install.sh shorewallrc.gentoo || die "${MY_PN_CORE}/install.sh failed"
-	dodoc "${S}"/${MY_PN_CORE}/changelog.txt "${S}"/${MY_PN_CORE}/releasenotes.txt
-
-	# shorewall
-	if use ipv4; then
-		einfo "Installing ${MY_P_IPV4} ..."
-		DESTDIR="${ED}" ${MY_PN_IPV4}/install.sh shorewallrc.gentoo || die "${MY_PN_IPV4}/install.sh failed"
-		keepdir /var/lib/shorewall
-
-		if use doc; then
-			dodoc -r "${S}"/${MY_PN_IPV4}/Samples
-		fi
-	fi
-
-	# shorewall6
-	if use ipv6; then
-		einfo "Installing ${MY_P_IPV6} ..."
-		DESTDIR="${ED}" ${MY_PN_IPV6}/install.sh shorewallrc.gentoo || die "${MY_PN_IPV6}/install.sh failed"
-		keepdir /var/lib/shorewall6
-
-		if use doc; then
-			dodoc -r "${S}"/${MY_PN_IPV6}/Samples6
-		fi
-	fi
-
-	# shorewall-lite
-	if use lite4; then
-		einfo "Installing ${MY_P_LITE4} ..."
-		DESTDIR="${ED}" ${MY_PN_LITE4}/install.sh shorewallrc.gentoo || die "${MY_PN_LITE4}/install.sh failed"
-		keepdir /var/lib/shorewall-lite
-	fi
-
-	# shorewall6-lite
-	if use lite6; then
-		einfo "Installing ${MY_P_LITE6} ..."
-		DESTDIR="${ED}" ${MY_PN_LITE6}/install.sh shorewallrc.gentoo || die "${MY_PN_LITE6}/install.sh failed"
-		keepdir /var/lib/shorewall6-lite
-	fi
-
-	# shorewall-init
-	if use init; then
-		einfo "Installing ${MY_P_INIT} ..."
-		DESTDIR="${ED}" ${MY_PN_INIT}/install.sh shorewallrc.gentoo || die "${MY_PN_INIT}/install.sh failed"
-		dodoc "${S}"/${MY_PN_INIT}/shorewall-init.README.Gentoo.txt
-
-		if [[ -f "${ED}/etc/logrotate.d/shorewall-init" ]]; then
-			# On Gentoo, shorewall-init will not create shorewall-ifupdown.log,
-			# so we don't need a logrotate configuration file for shorewall-init
-			einfo "Removing unused \"${ED}/etc/logrotate.d/shorewall-init\" ..."
-			rm -rf "${ED}"/etc/logrotate.d/shorewall-init || die "Removing \"${ED}/etc/logrotate.d/shorewall-init\" failed"
-		fi
-
-		if [[ -d "${ED}/etc/NetworkManager" ]]; then
-			# On Gentoo, we don't support NetworkManager
-			# so we don't need this folder at all
-			einfo "Removing unused \"${ED}/etc/NetworkManager\" ..."
-			rm -rf "${ED}"/etc/NetworkManager || die "Removing \"${ED}/etc/NetworkManager\" failed"
-		fi
-
-		if [[ -f "${ED}/usr/share/shorewall-init/ifupdown" ]]; then
-			# This script isn't supported on Gentoo
-			rm -rf "${ED}"/usr/share/shorewall-init/ifupdown || die "Removing \"${ED}/usr/share/shorewall-init/ifupdown\" failed"
-		fi
-	fi
-
-	if use doc; then
-		einfo "Installing ${MY_P_DOCS} ..."
-		docinto html && dodoc -r "${S}"/${MY_PN_DOCS}/*
-	fi
-}
-
-pkg_postinst() {
-	if [[ -z "${REPLACING_VERSIONS}" ]]; then
-		# This is a new installation
-
-		# Show first steps for shorewall/shorewall6
-		local _PRODUCTS=""
-		if use ipv4; then
-			_PRODUCTS="shorewall"
-
-			if use ipv6; then
-				_PRODUCTS="${_PRODUCTS}/shorewall6"
-			fi
-		fi
-
-		if [[ -n "${_PRODUCTS}" ]]; then
-			elog "Before you can use ${_PRODUCTS}, you need to edit its configuration in:"
-			elog ""
-			elog "  /etc/shorewall/shorewall.conf"
-
-			if use ipv6; then
-				elog "  /etc/shorewall6/shorewall6.conf"
-			fi
-
-			elog ""
-			elog "To activate your shorewall-based firewall on system start, please add ${_PRODUCTS} to your default runlevel:"
-			elog ""
-			elog "  # rc-update add shorewall default"
-
-			if use ipv6; then
-				elog "  # rc-update add shorewall6 default"
-			fi
-		fi
-
-		# Show first steps for shorewall-lite/shorewall6-lite
-		_PRODUCTS=""
-		if use lite4; then
-			_PRODUCTS="shorewall-lite"
-		fi
-
-		if use lite6; then
-			if [[ -z "${_PRODUCTS}" ]]; then
-				_PRODUCTS="shorewall6-lite"
-			else
-				_PRODUCTS="${_PRODUCTS}/shorewall6-lite"
-			fi
-		fi
-
-		if [[ -n "${_PRODUCTS}" ]]; then
-			if use ipv4; then
-				elog ""
-			fi
-
-			elog "Before you can use ${_PRODUCTS}, you need to provide a configuration, which you can"
-			elog "create using ${CATEGORY}/shorewall (with \"ipv4\" and or \"ipv6\" USE flag)."
-			elog ""
-			elog "To read more about ${_PRODUCTS}, please visit"
-			elog "  https://shorewall.org/CompiledPrograms.html"
-			elog ""
-			elog "To activate your shorewall-lite-based firewall on system start, please add ${PRODUCTS} to your default runlevel:"
-			elog ""
-
-			if use lite4; then
-				elog "  # rc-update add shorewall-lite default"
-			fi
-
-			if use lite6; then
-				elog "  # rc-update add shorewall6-lite default"
-			fi
-		fi
-
-		if use init; then
-			elog ""
-			elog "To secure your system on boot, please add shorewall-init to your boot runlevel:"
-			elog ""
-			elog "  # rc-update add shorewall-init boot"
-			elog ""
-			elog "and review \$PRODUCTS in"
-			elog ""
-			elog "  /etc/conf.d/shorewall-init"
-		fi
-
-	fi
-
-	local v
-	for v in ${REPLACING_VERSIONS}; do
-		if ! version_is_at_least ${MY_MAJOR_RELEASE_NUMBER} ${v}; then
-			# This is an upgrade
-
-			elog "You are upgrading from a previous major version. It is highly recommended that you read"
-			elog ""
-			elog "  - /usr/share/doc/shorewall*/releasenotes.tx*"
-			elog "  - https://shorewall.org/Shorewall-5.html#idm214"
-
-			if use ipv4; then
-				elog ""
-				elog "You can auto-migrate your configuration using"
-				elog ""
-				elog "  # shorewall update -A"
-
-				if use ipv6; then
-					elog "  # shorewall6 update -A"
-				fi
-
-				elog ""
-				elog "*after* you have merged the changed files using one of the configuration"
-				elog "files update tools of your choice (dispatch-conf, etc-update...)."
-
-				elog ""
-				elog "But if you are not familiar with the \"shorewall[6] update\" command,"
-				elog "please read the shorewall[6] man page first."
-			fi
-
-			# Show this elog only once
-			break
-		fi
-	done
-
-	if ! use init; then
-		elog ""
-		elog "Consider emerging ${CATEGORY}/${PN} with USE flag \"init\" to secure your system on boot"
-		elog "before your shorewall-based firewall is ready to start."
-		elog ""
-		elog "To read more about shorewall-init, please visit"
-		elog "  https://shorewall.org/Shorewall-init.html"
-	fi
-
-	if ! has_version "net-firewall/conntrack-tools"; then
-		elog ""
-		elog "Your Shorewall firewall can utilize \"conntrack\" from the \"net-firewall/conntrack-tools\""
-		elog "package. if you want to use this feature, you need to install \"net-firewall/conntrack-tools\"!"
-	fi
-
-	if ! has_version "dev-perl/Devel-NYTProf"; then
-		elog ""
-		elog "If you want to profile your Shorewall firewall you need to install \"dev-perl/Devel-NYTProf\"!"
-	fi
-}
author	V3n3RiX <venerix@redcorelinux.org>	2020-05-14 11:09:11 +0100
committer	V3n3RiX <venerix@redcorelinux.org>	2020-05-14 11:09:11 +0100
commit	deba8115d2c2af26df42966b91ef04ff4dd79cde (patch)
tree	9a48f42594e1a9e6b2020d5535a784314434d7a7 /net-firewall
parent	38423c67c8a23f6a1bc42038193182e2da3116eb (diff)