reinit the tree, so we can have metadata

5 files changed, 543 insertions, 0 deletions

diff --git a/net-misc/stone/Manifest b/net-misc/stone/Manifest
new file mode 100644
index 000000000000..cf1edfc5f8f2
--- /dev/null
+++ b/net-misc/stone/Manifest
@@ -0,0 +1,7 @@
+AUX stone-2.3e-makefile.patch 551 SHA256 ca9cb87e0e6411b48b84c099adc57b729ae9d778ba7506c6dee2f57aabd6a98c SHA512 ab9051fc87046484c755830f1803b1ac9ceca5c0fdc00e09f690eae538d7cd7611049fcad4100c43cf996dacea2eb57360778eb91aa40b76b697a217e105c18c WHIRLPOOL 7bea2b8781ad93689b5d0c4ad2f2497f95723f3f17d31449e04616bf45bb1dad7b710e6a0df0131c41ce4321e5fdfaed561ec1826f8845624e45eee76164c438
+AUX stone.man 15094 SHA256 d45b4e0bfc06e86a12aba7dfaecdb5a0485ddc473a6dadc32c4e2956c5d8a9b4 SHA512 9ee8f9c95d6dffcd15b872bc40f1b58f3bd476ba93a61e404d2204b14d72f986683b98375aa195b4d3da8f31000d4c3c5b1c6e35a55ffbf3bda3a0f2b346d806 WHIRLPOOL cd108cf7e640d4d4ae9b169a2c44fee28c632f0088e18a65812c5091b27ecd82bedbacc6b743a2b1a5ad899ffc51c97b7ba5dfb7338159c4d4cb1a3f896e97d7
+DIST stone-2.3e.tar.gz 92587 SHA256 b2b664ee6771847672e078e7870e56b886be70d9ff3d7b20d0b3d26ee950c670 SHA512 a0cccc123222c4fb4c1b2f031fc4d039f39e77691adc9f1df367d99bef8524738265350d1056c926c5f216236d2db25f31d14e9bec297b1bb4ea17e217c4983b WHIRLPOOL f73f5dd7d91f0d0e68065b0dd20adf50865c5081f1628154d9bf4b5c8c11fe9aa2355e7cc4dc6409f241325f509af4e5f1dd7eaf690eecca794c191dfa72028a
+EBUILD stone-2.3e-r1.ebuild 845 SHA256 78a0e40563ac920065b834aedd2226251e79682241ca939fdea67a7fef9c87b3 SHA512 fdd8c255e1f846fa3bfe4fe940e06fa4c54f6e02da8749b39781032aa0f0029576ca2827fd3929871d4b749e66190db774026213b08040db4a05173b9f01f6cf WHIRLPOOL 30158a2cc93726c708dbf24cb6dbcd6f9edd043b44d6defda04b1dd2093c6273d1cc13072b7b7fc2e105d17a69d61d0446cf0015e25e3637a57544a71b5ff0e4
+MISC ChangeLog 2574 SHA256 7322466089e07b7f2a2d884ab43794d30ddea15f573aa5407dde2357ce282860 SHA512 33f2843945b0daccfd70a8967ebe4f904e80220153e147fbb32d98f2b409659c2db036905b96b6c7aa282eec0e05b3f86151c73ee6f19c3854c761efb1db25fd WHIRLPOOL 29fbc9736b4711e8124753cb5df683d59812a6a943b7d9e853474afad9cb493e8ebecabc20ce4b1884d32806ac0762ae3dfbe6fe65a3575ce932811b7b1aab76
+MISC ChangeLog-2015 3329 SHA256 0bda3001956c13dce789f10a56c207fb68c9ac1cbf9edc9064f42c32320b988d SHA512 bcf669a866639c32366a6df27410c0116306e67294da96eb2a4573a25c5a33a8ced2fe29082adc0dd206172740bc8a126671fdce7ef95e179feda031561b9d38 WHIRLPOOL 17464e5b1f08f53044a5ea695d579a9c46333275ebddff3690f608f7b9255be09f6b71f99896cc8d05635161748550709e74ef0ebf6ed151725b95c5d8f4ad18
+MISC metadata.xml 358 SHA256 0840f50c7583246c8cf79ebb72a4b1336db309f62365cefbce0adf5e67c3b3d1 SHA512 25b8605a017689b08da8641f389cbb5c5c43908a71614382576c3adce13325edd4d550bc0216c48de625d117a011a5d2c7276c8edb59057affd42ab0af8ce148 WHIRLPOOL 0c33beff147cbf14cd9c2b48eedc168664aa058106b9e87aa2a5d72334c24390653dd4d27c5404c049ffbdce74d2697611c1052421b09e98e65d402e38b8c0d4
diff --git a/net-misc/stone/files/stone-2.3e-makefile.patch b/net-misc/stone/files/stone-2.3e-makefile.patch
new file mode 100644
index 000000000000..5df2b6868a24
--- /dev/null
+++ b/net-misc/stone/files/stone-2.3e-makefile.patch
@@ -0,0 +1,20 @@
+--- Makefile.orig	2013-02-20 17:45:36.000000000 +0400
++++ Makefile	2013-02-20 17:47:19.323650328 +0400
+@@ -19,8 +19,6 @@
+ # -DWINDOWS	Windows95/98/NT
+ # -DNT_SERVICE	WindowsNT/2000 native service
+ 
+-CFLAGS=		# -g
+-
+ SSL=		/usr/local/ssl
+ SSL_FLAGS=	-DUSE_SSL
+ SSL_LIBS=	-lssl -lcrypto
+@@ -60,7 +58,7 @@
+ 	@echo "*** md5c.c is contained in RFC1321"
+ 
+ stone: stone.c
+-	$(CC) $(CFLAGS) $(FLAGS) -o $@ $? $(LIBS)
++	$(CC) $(CFLAGS) $(FLAGS) ${LDFLAGS} -o $@ $? $(LIBS)
+ 
+ pop_stone: $(POP_LIBS)
+ 	$(MAKE) FLAGS="$(POP_FLAGS)" LIBS="$(POP_LIBS)" $(TARGET)
diff --git a/net-misc/stone/files/stone.man b/net-misc/stone/files/stone.man
new file mode 100644
index 000000000000..fa10c6eef18f
--- /dev/null
+++ b/net-misc/stone/files/stone.man
@@ -0,0 +1,464 @@
+.\" Roff format skeleton provided by Taketo Kabe <kabe@sra-tohoku.co.jp>
+.TH stone 1 "version 2.3"
+.
+.SH NAME
+stone \- Simple Repeater
+.
+.SH SYNOPSIS
+.B "stone [-C \fIfile\fP] [-P \fIcommand\fP] [-Q \fIoptions\fP] [-N] [-d] [-p] [-n]"
+.br
+.B "      [-u \fImax\fP] [-f \fIn\fP] [-l] [-L \fIfile\fP] [-a \fIfile\fP] [-i \fIfile\fP]"
+.br
+.B "      [-X \fIn\fP] [-T \fIn\fP] [-r]"
+.br
+.B "      [-x \fIport\fP[,\fIport\fP][-\fIport\fP]... \fIxhost\fP... --]"
+.br
+.B "      [-s \fIsend\fP \fIexpect\fP... --]"
+.br
+.B "      [-b [\fIvar\fP=\fIval\fP]... \fIn\fP \fImaster\fP:\fIport\fP \fIbackup\fP:\fIport\fP]"
+.br
+.B "      [-B \fIhost\fP:\fIport\fP \fIhost1\fP:\fIport1\fP... --]"
+.br
+.B "      [-I \fIhost\fP]"
+.br
+.B "      [-o \fIn\fP] [-g \fIn\fP] [-t \fIdir\fP] [-D] [-c \fIdir\fP]"
+.br
+.B "      [-q \fISSL\fP] [-z \fISSL\fP]"
+.br
+.B "      [-M install \fIname\fP] [-M remove \fIname\fP]"
+.br
+.B "      \fIst\fP [-- \fIst\fP]..."
+.
+.SH DESCRIPTION
+\fBStone\fP is a TCP & UDP repeater in the application layer.  It repeats TCP
+and UDP from inside to outside of a firewall, or from outside to inside.
+.P
+\fBStone\fP has following features:
+.
+.TP
+.B 1. Stone supports Win32.
+Formerly, UNIX machines are used as firewalls, but recently
+WindowsNT machines are used, too.  You can easily run \fBstone\fP on
+WindowsNT and Windows95.  Of course, available on Linux,
+FreeBSD, BSD/OS, SunOS, Solaris, HP-UX and so on.
+.
+.TP
+.B 2. Simple.
+\fBStone\fP's source code is only 8000 lines long (written in C
+language), so you can minimize the risk of security
+holes.
+.
+.TP
+.B 3. Stone supports SSL.
+Using OpenSSL (\fIhttp://www.openssl.org/\fP), \fBstone\fP can
+encrypt/decrypt.  Client verifications, and server verifications
+are also supported.  \fBStone\fP can send a substring of the subject
+of the certificate to the destination.
+.
+.TP
+.B 4. Stone is a http proxy.
+\fBStone\fP can also be a tiny http proxy.
+.
+.TP
+.B 5. POP -> APOP conversion.
+With \fBstone\fP and a mailer that does not support APOP, you can
+access to an APOP server.
+.
+.TP
+.B 6. Stone supports IPv6.
+\fBStone\fP can convert IP and IPv6 each other.  With \fBstone\fP, you can
+use IP-only software on IPv6 network.
+.
+.SH OPTIONS
+If the \fB-C\fP \fIfile\fP flag is used, the program read these
+options and \fIst\fPs from the configuration file \fIfile\fP.
+If the \fB-P\fP \fIcommand\fP flag is used, the program executes
+specified pre-processor to read the configuration file.  \fB-Q\fP \fIoptions\fP
+can be used to pass options to the pre-processor.  If the \fB-N\fP
+flag is used, \fBstone\fP will terminate after parsing options
+and configuration file without opening the ports.
+.P
+If the \fB-d\fP flag is used, then increase the debug level.  If
+the \fB-p\fP flag is used, data repeated by \fBstone\fP are dumped.  If
+the \fB-n\fP is used, IP addresses and service port numbers are
+shown instead of host names and service names.
+.P
+If the \fB-u\fP \fImax\fP flag (\fImax\fP is integer) is used, the
+program memorize \fImax\fP UDP sources simultaneously.  The default value
+is 100. If the
+\fB-f\fP \fIn\fP flag (\fIn\fP is integer) is used, the program spawn
+\fIn\fP child processes. The default behavior is not to spawn any child processes.
+.P
+If the \fB-l\fP flag is used, the program sends error messages to
+the syslog instead of stderr.  If the \fB-L\fP \fIfile\fP (\fIfile\fP
+is a file name) flag is used, the program writes error messages
+to the file.  If the \fB-a\fP \fIfile\fP flag is used, the program
+writes accounting to the file.  If the \fB-i\fP \fIfile\fP flag is
+used, the program writes its process ID to the file.
+.P
+The \fB-X\fP \fIn\fP flag alters the buffer size of the repeater.
+The default value is 1000 bytes. If
+the \fB-T\fP \fIn\fP is used, the timeout of TCP sessions can be
+specified to \fIn\fP sec.  Default: 600 (10 min).  The \fB-r\fP flag is
+used, SO_REUSEADDR is set on the socket of \fIst\fP .
+.P
+Using the \fB-x\fP \fIport\fP[,\fIport\fP][-\fIport\fP]... \fIxhost\fP... \fB--\FP flag,
+the http proxy (described later) can only connect to
+\fIxhost\fP:\fIport\fP.  If more than one \fB-x\fP ... \fB--\fI flags are
+designated, the posterior one whose \fIport\fP list matches the
+connecting port.  If the \fB-x\fP \fB--\fP is used, prior \fB-x\fP flags
+are ignored.
+.P
+The \fB-b\fP \fIn\fP \fImaster\fP:\fIport\fP \fIbackup\fP:\fIport\fP flag designates
+the backup destination for \fImaster\fP:\fIport\fP.  The program checks
+every \fIn\fP seconds whether \fImaster\fP:\fIport\fP is connectable, using
+the health check script defined by \fB-s\fP flag described below.
+If not, the backup is used instead.  Alternative \fIhost\fP can be
+checked, using host=\fIhost\fP and alternative \fIport\fP, using
+port=\fIport\fP.
+.P
+The \fB-s\fP \fIsend\fP \fIexpect\fP... \fB--\fP flag defines the health check
+script.  Sending \fIsend\fP, then checks whether the response match
+the regular expression \fIexpect\fP.
+.P
+The \fB-B\fP \fIhost\fP:\fIport\fP \fIhost1\fP:\fIport1\fP... \fB--\fP is for the
+destination group.  If the destination of \fIst\fP is \fIhost\fP:\fIport\fP,
+the program chooses a destination randomly from the group.  The
+destination \fIhost\fP:\fIport\fP that is designated by \fB-b\fP flag and
+turned out unhealthy, is excluded from the group.
+.P
+The \fB-I\fP \fIhost\fP designates the interface used as the source
+address of the connection to the desctination.
+.P
+If the \fB-o\fP \fIn\fP or \fB-g\fP \fIn\fP flag is used, the program set
+its uid or gid to \fIn\fP respectively.  If the \fB-t\fP \fIdir\fP
+flag (\fIdir\fP is a directory) is used, the program change its
+root to the directory.  If the \fB-D\fP flas is used, \fBstone\fP runs
+as a daemon. The \fB-c\fP \fIdir\fP flag designates the
+directory for core dump.
+.P
+The \fB-M\fP install \fIname\fP and the \fB-M\fP remove \fIname\fP flags are
+for NT service.  \fIname\fP is the service name.  Start the
+service using the command: net start \fIname\fP.  To install \fBstone\fP
+service as the name \fIrepeater\fP, for example:
+.P
+.RS
+C:\\>\fBstone -M install \fIrepeater\fB -C \fIC:\\stone.cfg\fR
+.br
+C:\\>\fBnet start \fIrepeater\fR
+.RE
+.P
+The \fB-q\fP \FISSL\FP and the \fB-z\fP \FISSL\FP flags are for SSL
+encryption.  The \fB-q\fP \FISSL\FP is for the client mode, that is,
+when \fBstone\fP connects to the other SSL server as a SSL client.
+The \fB-z\fP \FISSL\FP if for the server mode, that is, when other SSL
+clients connect to the \fBstone\fP.
+.P
+\FISSL\FP is one of the following.
+.P
+.PD 0
+.IP default 15
+reset SSL options to the default.
+Using multiple \fIst\fP, different SSL options can
+be designated for each \fIst\fP.
+.IP verbose
+verbose mode.
+.IP verify
+require SSL certificate to the peer.
+.IP verify,once
+request a client certificate on the initial TLS/SSL
+handshake. (\fB-z\fP only)
+.IP verify,ifany
+The certificate returned (if any) is checked. (\fB-z\fP only)
+.IP verify,none
+never request SSL certificate to the peer.
+.IP crl_check
+lookup CRLs.
+.IP crl_check_all
+lookup CRLs for whole chain.
+.IP uniq
+if the serial number of peer's SSL certificate
+is different from the previous session, deny it.
+.IP re\fIn\fP=\fIregex\fP
+The certificate of the peer must satisfy the
+\fIregex\fP.  \fIn\fP is the depth.  re0 means the subject
+of the certificate, and re1 means the issure.
+The maximum of \fIn\fP is 9.
+.IP depth=\fIn\fP
+The maximum of the certificate chain.
+If the peer's certificate exceeds \fIn\fP, the
+verification fails.  The maximum of \fIn\fP is 9.
+.IP tls1
+Just use TLSv1 protocol.
+.IP ssl3
+Just use SSLv3 protocol.
+.IP ssl2
+Just use SSLv2 protocol.
+.IP no_tls1
+Turn off TLSv1 protocol.
+.IP no_ssl3
+Turn off SSLv3 protocol.
+.IP no_ssl2
+Turn off SSLv2 protocol.
+.IP bugs
+Switch on all SSL implementation bug workarounds.
+.IP serverpref
+Use server's cipher preferences (only SSLv2).
+.IP sid_ctx=\fIstr\fP
+Set session ID context.
+.IP passfile=\fIfile\fP
+The filename of the file containing password of the key
+.IP key=\fIfile\fP
+The filename of the secret key of the certificate.
+.IP cert=\fIfile\fP
+The filename of the certificate.
+.IP CAfile=\fIfile\fP
+The filename of the certificate of the CA.
+.IP CApath=\fIdir\fP
+The directory of the certificate files.
+.IP pfx=\fIfile\fP
+The filename of the PKCS#12 bag.
+.IP cipher=\fIlist\fP
+The list of ciphers.
+.IP lb\fIn\fP=\fIm\fP
+change the destination according to the
+certificate of the peer.  The number calculated
+from the matched string to the \fIn\fPth ( ... ) in
+the ``regex'' of SSL options (mod \fIm\fP) is used
+to select the destination from the destination
+group defined by \fB-B\fP flag.
+.PD
+.P
+\fIst\fP is one of the following.  Multiple \fIst\fP can be
+designated, separated by \fB--\fP.
+.P
+.PD 0
+.IP (1)
+\fIhost\fP:\fIport\fP \fIsport\fP [\fIxhost\fP...]
+.IP (2)
+\fIhost\fP:\fIport\fP \fIshost\fP:\fIsport\fP [\fIxhost\fP...]
+.IP (3)
+proxy \fIsport\fP [\fIxhost\fP...]
+.IP (4)
+\fIhost\fP:\fIport\fP/http \fIrequest\fP [\fIxhost\fP...]
+.IP (5)
+\fIhost\fP:\fIport\fP/proxy \fIheader\fP [\fIxhost\fP...]
+.IP (6)
+health \fIsport\fP [\fIxhost\fP...]
+.PD
+.P
+The program repeats the connection on port \fIsport\fP to the
+other machine \fIhost\fP port \fIport\fP.  If the machine, on
+which the program runs, has two or more interfaces, type (2) can
+be used to repeat the connection on the specified interface
+\fIshost\fP.  You can also specify path name that begins with
+``/'' or ``./'', instead of \fIhost\fP:\fIport\fP so that the
+program handles a unix domain socket.
+.P
+Type (3) is a http proxy.  Specify the machine, on which the
+program runs, and port \fIsport\fP in the http proxy settings of
+your WWW browser.
+Extentions can be added to the ``proxy'' like \fIxhost\fP/\fIext\fP.
+\fIext\fP is:
+.P
+.IP v4only
+limit the destination within IP addresses.
+.IP v6only
+limit the destination within IPv6 addresses.
+.P
+Type (4) relays stream over http request.  \fIrequest\fP is the
+request specified in HTTP 1.0.  In the \fIrequest\fP, \ is
+the escape character, and the following substitution occurs.
+.PP
+.RS 8
+.PD 0
+.IP \\\\n 8
+newline  (0x0A)
+.IP \\\\r
+return   (0x0D)
+.IP \\\\t
+tab      (0x09)
+.IP \\\\\\\\
+\ itself (0x5C)
+.IP \\\\a
+the IP address of the client connecting to the \fBstone\fP.
+.IP \\\\A
+\fIIP address of the client\fP:\fIport number\fP
+.IP \\\\0
+the serial number of peer's SSL certificate.
+.IP "\\\\1 - \\\\9"
+the matched string in the ``regex'' of SSL options.
+.IP \\\\?1\fIthen\fP\\\\:\fIelse\fP\\\\/
+if \1 (\2 - \9 in a similar way) is not null,
+\fIthen\fP, otherwise \fIelse\fP.
+.PD
+.RE
+.P
+Type (5) repeats http request with \fIheader\fP in the top of
+request headers.  The above escapes can be also used.
+.P
+Type (6) designates the port that other programs can check
+whether the \fBstone\fP runs `healthy' or not.  Following commands are
+available to check the \fBstone\fP.
+.P
+.RS 8
+.PD 0
+.IP "HELO \fIany string\fP" 24
+returns the status of the \fBstone\fP
+.IP "LIMIT \fIvar\fP \fIn\fP"
+check the value of \fIvar\fP is
+less than \fIn\fP
+.PD
+.RE
+.P
+\fIvar\fP is one of the following:
+.P
+.RS 8
+.PD 0
+.IP PAIR 16
+the number of ``pair''
+.IP CONN
+the number of ``conn''
+.IP ESTABLISHED
+seconds passed since the last conn established
+.IP READWRITE
+seconds passed since the last read/write
+.IP ASYNC
+the number of threads
+.PD
+.RE
+.P
+The response of the \fBstone\fP is 2xx when normal, or 5xx when
+abnormal on the top of line.
+.P
+If the \fIxhost\fP are used, only machines or its IP addresses
+listed in \fIxhost\fP separated by space character can
+connect to the program and to be repeated.
+.P
+Extentions can be added to the \fIxhost\fP like
+\fIxhost\fP/\fIex\fP,\fIex\fP....  \fIex\fP is:
+.IP \fIm\fP
+You can designate the length of prefix bits of the
+netmask, so that only machines on specified.  In the
+case of class C network 192.168.1.0, for example, use
+``192.168.1.0/24''.
+.IP v4
+\fIxhost\fP is resolved as the IP address.
+.IP v6
+\fIxhost\fP is resolved as the IPv6 address.
+.IP p\fIm\fP
+the data repeated by the program are dumped, only if it
+was connected by the machines specified by \fIxhost\fP.  \fIm\fP
+is the dump mode, equivalent to the number of \fB-p\fP
+options.
+.P
+Use ``!'' instead of ``\fIxhost\fP'', to deny machines by following
+\fIxhost\fP.
+.P
+Extentions can be added to the \fIport\fP like
+\fIport\fP/\fIext\fP,\fIext\fP....  \fIext\fP is:
+.IP udp
+repeats UDP instead of TCP.
+.IP ssl
+forwards with encryption.
+.IP v6
+connects to the destination using IPv6.
+.IP base
+forwards with MIME base64 encoding.
+.P
+Extentions can be added to the \fIsport\fP like
+\fIsport\fP/\fIext\fP,\fIext\fP....  \fIext\fP is:
+.IP udp
+repeats UDP instead of TCP.
+.IP apop
+converts POP to APOP.  The conversion is derived from
+the RSA Data Security, Inc. MD5 Message-Digest Algorithm.
+.IP ssl
+forwards with decryption.
+.IP v6
+accepts connection using IPv6.  If \fIshost\fP is omitted
+like (1), IP is also acceptable.
+.IP v6only
+accepts connection using IPv6 only.  Even if \fIshost\fP is
+omitted like (1), IP is not acceptable.
+.IP base
+forwards with MIME base64 decoding.
+.IP http
+relays stream over http.
+.IP ident
+identifies the owner of the incoming connection
+on the peer using ident protocol (RFC1413).
+.SH EXAMPLES
+.PD 0
+.IP \fIouter\fP\^:
+a machine in the outside of the firewall
+.IP \fIinner\fP\^:
+a machine in the inside of the firewall
+.IP \fIfwall\fP\^:
+the firewall on which the \fBstone\fP is executed
+.PD
+.TP
+\fBstone \fIouter\fB:telnet 10023\fR
+Repeats the telnet protocol to \fIouter\fP.
+Run telnet fwall 10023 on \fIinner\fR.
+.TP
+\fBstone \fIouter\fB:domain/udp domain/udp\fR
+Repeats the DNS query to \fIouter\fP.
+Run \fBnslookup -\fP \fIfwall\fP on \fIinner\fP.
+.TP
+\fBstone \fIouter\fB:ntp/udp ntp/udp\fR
+Repeats the NTP to \fIouter\fP.
+Run \fBntpdate \fIfwall\fR on \fIinner\fP.
+.TP
+\fBstone localhost:http 443/ssl\fR
+Make WWW server that supports https.
+Access \fBhttps://\fIfwall\fB/\fR using a WWW browser.
+.TP
+\fBstone localhost:telnet 10023/ssl\fR
+Make telnet server that supports SSL.
+Run \fBSSLtelnet -z ssl \fIfwall\fB 10023\fR on \fIinner\fP.
+.TP
+\fBstone proxy 8080\fR
+http proxy
+.TP
+\fBstone\fP \fIouter\fB:110/apop 110\fR
+connect to \fIinner\fP:pop using a mailer that does not
+support APOP.
+.PP
+Where \fIfwall\fP is a http proxy (port 8080):
+.TP
+\fBstone \fIfwall\fB:8080/http 10023 'POST http://\fIouter\fB:8023 HTTP/1.0'\fR
+.br
+.ns
+.TP
+\fBstone localhost:telnet 8023/http
+.nf
+Run \fBstone\fPs on \fIinner\fP and \fIouter\fP respectively.
+Relays stream over http.
+.TP
+\fBstone \fIfwall\fB:8080/proxy 9080 \'Proxy-Authorization: Basic \fIc2VuZ29rdTpoaXJvYWtp\fB\'\fR
+for browser that does not support proxy authorization.
+.fi
+.
+.SH HOMEPAGE
+The official homepage of \fBstone\fP is:
+.br
+\fIhttp://www.gcd.org/sengoku/stone/\fP
+.
+.SH COPYRIGHT
+All rights about this program \fBstone\fP are reserved by the
+original author, Hiroaki Sengoku.  The program is free software;
+you can redistribute it and/or modify it under the terms of the
+\fIGNU IGeneral Public License (GPL)\fP.  Furthermore you can link it
+with openssl.
+.
+.SH NO WARRANTY
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY.
+.
+.SH AUTHOR
+.nf
+Hiroaki Sengoku
+sengoku@gcd.org
+http://www.gcd.org/sengoku/
+.fi
diff --git a/net-misc/stone/metadata.xml b/net-misc/stone/metadata.xml
new file mode 100644
index 000000000000..fde75b04e631
--- /dev/null
+++ b/net-misc/stone/metadata.xml
@@ -0,0 +1,6 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+<!-- maintainer-needed -->
+<longdescription>Stone is a TCP/IP packet repeater in the application layer.  It repeats TCP and UDP packets from inside to outside of a firewall, or from outside to inside.</longdescription>
+</pkgmetadata>
diff --git a/net-misc/stone/stone-2.3e-r1.ebuild b/net-misc/stone/stone-2.3e-r1.ebuild
new file mode 100644
index 000000000000..6e1111841a3d
--- /dev/null
+++ b/net-misc/stone/stone-2.3e-r1.ebuild
@@ -0,0 +1,46 @@
+# Copyright 1999-2013 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=5
+
+inherit eutils flag-o-matic toolchain-funcs
+
+DESCRIPTION="A simple TCP/IP packet repeater"
+HOMEPAGE="http://www.gcd.org/sengoku/stone/"
+SRC_URI="http://www.gcd.org/sengoku/stone/${P}.tar.gz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="amd64 ppc ~sparc x86"
+IUSE="ssl"
+
+DEPEND="ssl? ( dev-libs/openssl )"
+RDEPEND="${DEPEND}"
+
+S="${WORKDIR}/${PN}-2.3d-2.3.2.7"
+
+PATCHES=( "${FILESDIR}/${P}-makefile.patch" ) # bug #337879
+
+src_prepare() {
+	tc-export CC
+	append-cflags "-D_GNU_SOURCE"
+
+	epatch "${PATCHES[@]}"
+	epatch_user
+}
+
+src_compile() {
+	local myargs
+	if use ssl ; then
+		myargs="SSL=/usr linux-ssl"
+	else
+		myargs="linux"
+	fi
+	emake ${myargs}
+}
+
+src_install() {
+	dobin stone
+	newman "${FILESDIR}/${PN}.man" "${PN}.1"
+	dodoc README*
+}