10 files changed, 702 insertions, 0 deletions
diff --git a/net-analyzer/ippl/Manifest b/net-analyzer/ippl/Manifest
new file mode 100644
index 000000000000..92ae16ef779e
--- /dev/null
+++ b/net-analyzer/ippl/Manifest
@@ -0,0 +1,12 @@
+AUX ippl-1.4.14-format-warnings.patch 645 SHA256 1f677214697c8fa6a0eb02dedb3a9616eb2c0ad9bcc8b6512e4195c7ecdab3fa SHA512 e3b247d5628883c4bbc5ae24e39bf4ef0910ed15dbcc7a13d586eddbea6ee1dfa5de1c4252c07fa87564da60febbb200f0e78a58cf29547db4b7446eebc73544 WHIRLPOOL 5b24b9cc5b75347ead6fecd28e1806c60a1831fe6439c62701151ec02b930421153bfde670e20bd5f4cb9c511f64df0183dc5035130ce571d5a370af87ce6a83
+AUX ippl-1.4.14-includes.patch 374 SHA256 bffdfaa881cd176d2f6900bf387613485a9fba7b35aee68f8614a26272d7f4ea SHA512 5e7c8ab27770e3f50d09ee7e1f68246828d1b540a87c50c5c1afb3bbbe646af3b3d71369dfe2e41a1f04c306d88b8ef20f2be80edca8c201f7cb6d8c5539dfc9 WHIRLPOOL de8473f766992cec5e3e5a60380e519fa29a91ac79c2c530e5b7443cd117862e8ce81ff972855474a537702ff9dcc0a1a85df964edd97cbd8476d6b7a1698f3a
+AUX ippl-1.4.14-manpage.patch 306 SHA256 c1f1d47ce32c3133430312142e68e62c4aa243eed5afd8273ebe72e36ed04700 SHA512 4dc5b6ad12875c94a5b86ca380aeabb003734aabfd54b97edba20614b449dab35d8ba748e8faeda8a2bf2608158d4dd5c6e34c82b664ddf4fd12710ab81498ef WHIRLPOOL 67363710fc441665fa658b444961317d736214003df2ce0c383bc908afd4f34fdab4a690b797b8a8a5f66d813720557d63ecca3bbf998ad85c02fa2f64e5ca0e
+AUX ippl-1.4.14-noportresolve.patch 10610 SHA256 469f4c308379450c44399fb973c3963a1aa0dafe7dd95d1302a3a992843065ca SHA512 591a0aaaac11f80087e2f7a53a18434c065a2d29ba6a09893f2927edbd9b0622925e5bc441657f283fe4689c21bb669bfdfd71faf900d8ff9309e25885adc7e3 WHIRLPOOL a83593cfe2d126e2293b509510697955826d60560e4677be040d6b357c8f09c95e542a5c50c6c3f13202c5ba05dcd8dbf90ac9c78ff65747c9a2d58f323ff8ce
+AUX ippl-1.4.14-privilege-drop.patch 4289 SHA256 ab6839f5d9c5c74be5a8fa2cf03a236e4bc7b7096c4a5432b52ad78d39334020 SHA512 7b711bd0ac56867a6936035f63b047c1e86fe072f215dcc18eb8dada58d1087964a29b05c1eadef0303d203329a91a053e747c997d78ecd1697788e9f7a15f2f WHIRLPOOL 93cf090cb7e1db232d9979ee570e0b79c071901d8ccf78b8d1773fbec0737b34092d7fed9c279933fe3c013c323d23d0ea0da7ddcc79b0b1f55a560f83eb7fd6
+AUX ippl.rc 573 SHA256 d8c3e9b223974384a51838532010777fc4847207fa19184d708f8e42a8243b3d SHA512 2aadbb7cf33c83addef03e7815dd5d6c6a983ee0b269677d251a3b4550e2c038db4436b03a27024ea5ce12f0ca1eb2b87f33ba267e78f70afb06436119b99396 WHIRLPOOL 35f7e5a5bd5d71c2446112d96dff3d8e6e8d06ddbd41bbe11157e8a6c2b817573246568551aba574ebc2ed676cbc0dc66417b9ddfe030f079932723ae968f452
+DIST ippl-1.4.14.tar.gz 54030 SHA256 e1808c65e498036de2529d053dbaa95ba3f6821e2c7196d4dcbb5039489cfeb4 SHA512 3d71afc3ec7a0420cc9b269bf67dc008a777464c68d233dfbad4ee7a2dd2b960e114500e42866977e31b9dbeee26bbefea937fef8a09aa41cf87f96361ba0088 WHIRLPOOL aeab98a00d31583f19d4c98839f8eef4adbb263e274df2cd4065910e8a05d19e432be235de378e4039abc8465ff4fe8c11fcae1e95aa4e5dd34565acd4169c2a
+EBUILD ippl-1.4.14-r3.ebuild 1164 SHA256 14312ab7486cba9e5d4dd789b8c4585c6150b0c689935b7f6edc21286740d015 SHA512 1d840eb3757d941ba84955d80799425f45732db03151b5b00e45a6cf7e97b84ed7b4c3c017677d99748cb8d88b1b119796acc6ea01c0a5b1938022416fa85c1c WHIRLPOOL 550415122f5440dd515db8c9e426ede5d59b38411f234141f7385b0918088fac7553fd81fbdaa7654067db50fce6c8411707ab0b1560b65b075bdce83ed86720
+EBUILD ippl-1.4.14-r5.ebuild 1133 SHA256 84a34d088fd8451406ae257af59992e6a67549589accbd9c297295be133fdc82 SHA512 6da05595f41493eee312d43f6120ebb961806e949a132a28541d38e0b501305650b51e386bd08f89d709afd4b56a28380eb0014ddb56e274625e84af319669ce WHIRLPOOL 1cf97c60dc3219ad2b2d058765e8319768ee4e13119f2265abe0f324c66b997a1f7999e9b9c8ffbbf7c25aa363e44c699273b520a363c3cc155bdbd3d26e4cdc
+MISC ChangeLog 2822 SHA256 74f48cb11aa4eb8ed3d793bf9a737d759df913e55471017a670d20593ad33603 SHA512 3b8192dd83a7584fc8511dae0f980f9b8f3c8bb5eb6e1574a26ad3fcf3d571115c000e7e5d8515748d3ff882995c444251ef6d81b7aff9ac933827277960cf32 WHIRLPOOL a53cc1f6286a8fd192daab2834cd30b2b14a3bd3c9cdcd9da37b6db10d03fea393d2e15253eba4059abeb382e1601c6d00d970847af6445fab5378422d2d333b
+MISC ChangeLog-2015 4060 SHA256 2ad780985057265fdfe2aa37649897056f11d9e941736a0a5ff692c088b4aab7 SHA512 789900b4dd8e5a897e06b8ecbea08a0621d604df0cf682e4493d5623904c1d9311eefd958b72929751d5e30b4c949e36dae2d9f266dbe0097e0d6d7d6925f98b WHIRLPOOL 3d58be7ab47c86f5c1516f8772173c1e6d5803802c4577cecf6774aa10e6bc039b3a834ea984a5d10c30f6cb65ac52845c023c06d06c8975755546c85963d1fb
+MISC metadata.xml 276 SHA256 d15d6b6bd9ffc8a642c7469d01788ba9158efb4ca27fcf3324d9e52d1b70ec93 SHA512 f0e6c6bc89659e01e157d9bf30d0a2f3fd2d71bc26c8d12489c4a44fc5237159946e25b46e7295ab4676aea63559194977a0b1e76aced31d81cf6387dd0f4250 WHIRLPOOL 26b9e81575f613b751f76234013c30a8da84a1c0dd75c12b8df32706ee753691bbc889a2dec5001cc8c4b05c47aca49ed9fabbb5a6fefed74aaa86d6c3f56cee
diff --git a/net-analyzer/ippl/files/ippl-1.4.14-format-warnings.patch b/net-analyzer/ippl/files/ippl-1.4.14-format-warnings.patch
new file mode 100644
index 000000000000..db6cfcd7e1d0
--- /dev/null
+++ b/net-analyzer/ippl/files/ippl-1.4.14-format-warnings.patch
@@ -0,0 +1,20 @@
+--- a/Source/log.c
++++ b/Source/log.c
+@@ -147,7 +147,7 @@
+   }
+ 
+   if (repeats > 0) {
+-    snprintf(date, 27, asctime(localtime(&last_repeat)));
++    snprintf(date, 27, "%s", asctime(localtime(&last_repeat)));
+     snprintf(repeat_message, 40, "last message repeated %d time(s)\n", repeats);
+     write(fd, date+4, strlen(date)-10);
+     write(fd, " ", 1);
+@@ -155,7 +155,7 @@
+     repeats = 0;
+   }
+ 
+-  snprintf(date, 27, asctime(localtime(&current)));
++  snprintf(date, 27, "%s", asctime(localtime(&current)));
+   write(fd, date+4, strlen(date)-10);
+   write(fd, " ", 1);
+   write(fd, entry, (strlen(entry) < 1023) ? strlen(entry) : 1023 );
diff --git a/net-analyzer/ippl/files/ippl-1.4.14-includes.patch b/net-analyzer/ippl/files/ippl-1.4.14-includes.patch
new file mode 100644
index 000000000000..12b2832fa342
--- /dev/null
+++ b/net-analyzer/ippl/files/ippl-1.4.14-includes.patch
@@ -0,0 +1,20 @@
+--- a/Source/filter.c
++++ b/Source/filter.c
+@@ -22,6 +22,7 @@
+ 
+ #include <stdlib.h>
+ #include <ctype.h>
++#include <string.h> /* memcpy() */
+ 
+ #include <fnmatch.h>
+ 
+--- a/Source/main.c
++++ b/Source/main.c
+@@ -37,6 +37,7 @@
+ #include <pwd.h>
+ #include <stdlib.h>
+ #include <getopt.h>
++#include <grp.h> /* initgroups() */
+ 
+ #include "defines.h"
+ #include "configuration.h"
diff --git a/net-analyzer/ippl/files/ippl-1.4.14-manpage.patch b/net-analyzer/ippl/files/ippl-1.4.14-manpage.patch
new file mode 100644
index 000000000000..d17e5939cdee
--- /dev/null
+++ b/net-analyzer/ippl/files/ippl-1.4.14-manpage.patch
@@ -0,0 +1,15 @@
+patch by Marc Haber <mh+debian-packages@zugschlus.de>
+
+--- a/Docs/ippl.conf.man
++++ b/Docs/ippl.conf.man
+@@ -222,9 +222,7 @@
+ .SS Protocol
+ .PP
+ protocol is one of the supported protocols (see the protocols
+-section), except the
+-.I all
+-keyword, which is not supported.
++section).
+ 
+ .SS Description
+ .PP
diff --git a/net-analyzer/ippl/files/ippl-1.4.14-noportresolve.patch b/net-analyzer/ippl/files/ippl-1.4.14-noportresolve.patch
new file mode 100644
index 000000000000..919623040f7f
--- /dev/null
+++ b/net-analyzer/ippl/files/ippl-1.4.14-noportresolve.patch
@@ -0,0 +1,347 @@
+patch by Marc Haber <mh+debian-packages@zugschlus.de>
+
+--- a/Docs/ippl.conf.man
++++ b/Docs/ippl.conf.man
+@@ -92,6 +92,13 @@
+ .PP
+ By default, IP address resolution is disabled for all the protocols.
+ 
++Ippl by default resolves tcp/udp port numbers to their respective
++service names. If you pass a protocol to the noportresolve option,
++ippl logs the port number instead. This is a Debian specific extension.
++
++By default service resolving is enabled, since this is the behaviour
++of the upstream program.
++
+ .SH LOGGING FORMAT
+ 
+ .BR ippl
+@@ -198,6 +205,12 @@
+ .I noresolve
+ disable IP address resolution.
+ .PP
++.I portresolve
++enable IP service resolution.
++.PP
++.I noportresolve
++disable IP service resolution.
++.PP
+ .I ident
+ use ident logging (only for TCP).
+ .PP
+
+--- a/Source/configuration.c
++++ b/Source/configuration.c
+@@ -60,6 +60,7 @@
+   extern unsigned int dns_expire;
+   extern unsigned short log_protocols;
+   extern unsigned short resolve_protocols;
++  extern unsigned short portresolve_protocols;
+   extern unsigned short icmp_format;
+   extern unsigned short tcp_format;
+   extern unsigned short udp_format;
+@@ -71,6 +72,7 @@
+   dns_expire = DNS_EXPIRE;
+   log_protocols = NONE;
+   resolve_protocols = 0; /* Do not resolve by default */
++  portresolve_protocols = RUN_TCP | RUN_UDP | RUN_ICMP; /* Resolve by default */
+   icmp_format = LOGFORMAT_NORMAL;
+   tcp_format = LOGFORMAT_NORMAL;
+   udp_format = LOGFORMAT_NORMAL;
+
+--- a/Source/filter.c
++++ b/Source/filter.c
+@@ -46,6 +46,7 @@
+ 
+ extern unsigned short use_ident;
+ extern unsigned short resolve_protocols;
++extern unsigned short portresolve_protocols;
+ extern unsigned short icmp_format;
+ extern unsigned short tcp_format;
+ extern unsigned short udp_format;
+@@ -66,7 +67,7 @@
+ #ifdef FILTER_DEBUG
+ void display_info(struct log_info *info, int entries) {
+ 
+-  log.log(log.level_or_fd, "DBG: (e:%d) log:%d ident:%d resolve:%d closing:%d format:%d", entries, info->log, info->ident, info->resolve, info->logclosing, info->logformat);
++  log.log(log.level_or_fd, "DBG: (e:%d) log:%d ident:%d resolve:%d portresolve: %d, closing:%d format:%d", entries, info->log, info->ident, info->resolve, info->portresolve, info->logclosing, info->logformat);
+ }
+ #endif
+ 
+@@ -200,6 +201,19 @@
+       break;
+     }
+   }
++  if (info->portresolve == -1) {
++    switch (protocol) {
++    case IPPROTO_ICMP:
++      info->portresolve = portresolve_protocols & RUN_ICMP;
++      break;
++    case IPPROTO_TCP:
++      info->portresolve = portresolve_protocols & RUN_TCP;
++      break;
++    case IPPROTO_UDP:
++      info->portresolve = portresolve_protocols & RUN_UDP;
++      break;
++    }
++  }
+ }
+ 
+ struct log_info do_log(const __u32 from, const __u32 to, const __u16 type, const __u16 srctype, const short protocol) {
+@@ -244,6 +258,7 @@
+         info.log = p->log;
+         info.ident = p->ident;
+         info.resolve = p->resolve;
++        info.portresolve = p->portresolve;
+         info.logformat = p->logformat;
+         info.logclosing = p->logclosing;
+         set_defaults(protocol, &info);
+@@ -265,6 +280,7 @@
+         info.log = p->log;
+         info.ident = p->ident;
+         info.resolve = p->resolve;
++        info.portresolve = p->portresolve;
+         info.logformat = p->logformat;
+         set_defaults(protocol, &info);
+ #ifdef FILTER_DEBUG
+@@ -280,7 +296,7 @@
+   info.log = TRUE;
+   info.ident = use_ident;
+   info.logclosing = log_closing;
+-  info.logformat = info.resolve = -1;
++  info.logformat = info.resolve = info.portresolve = -1;
+   set_defaults(protocol, &info);
+ 
+ #ifdef FILTER_DEBUG
+
+--- a/Source/filter.h
++++ b/Source/filter.h
+@@ -53,6 +53,7 @@
+ struct filter_entry {
+   short log;		/* TRUE for "log", FALSE for "ignore" */
+   short ident;          /* TRUE if we should use ident */
++  short portresolve;    /* TRUE if we should resolve TCP/UDP services */
+   short resolve;        /* TRUE if we should resolve IP addresses */
+   short logformat;      /* format used to log */
+   short logclosing;     /* TRUE to log closing TCP connections */
+@@ -72,6 +73,7 @@
+   short log;
+   short ident;
+   short resolve;
++  short portresolve;
+   short logclosing;
+   short logformat;
+ };
+
+--- a/Source/ippl.l
++++ b/Source/ippl.l
+@@ -75,6 +75,9 @@
+ [lL][oO][gG][cC][lL][oO][sS][iI][nN][gG] return LOGCLOSING;
+ [nN][oO][lL][oO][gG][cC][lL][oO][sS][iI][nN][gG] return NOLOGCLOSING;
+ 
++[nN][oO][pP][oO][rR][tT][rR][eE][sS][oO][lL][vV][eE] return NOPORTRESOLVE;
++[pP][oO][rR][tT][rR][eE][sS][oO][lL][vV][eE] return PORTRESOLVE;
++
+ [nN][oO][rR][eE][sS][oO][lL][vV][eE] return NORESOLVE;
+ [rR][eE][sS][oO][lL][vV][eE] return RESOLVE;
+ 
+
+--- a/Source/ippl.y
++++ b/Source/ippl.y
+@@ -61,6 +61,7 @@
+ 
+ /* Should name resolving be done? */
+ unsigned short resolve_protocols;
++unsigned short portresolve_protocols;
+ 
+ /* Logging format for each protocol */
+ unsigned short icmp_format;
+@@ -100,7 +101,7 @@
+ %token<stringval> IP HOSTMASK IDENTIFIER FILENAME
+ %token<longval> NUMBER
+ 
+-%token LOGFORMAT DETAILED SHORT NORMAL RESOLVE NORESOLVE IDENT NOIDENT LOGCLOSING NOLOGCLOSING
++%token LOGFORMAT DETAILED SHORT NORMAL RESOLVE NORESOLVE IDENT NOIDENT LOGCLOSING NOLOGCLOSING PORTRESOLVE NOPORTRESOLVE
+ %token RUN RUNAS EXPIRE LOG_IN LOG IGNORE FROM TO TYPE PORT SRCPORT OPTION COMMA
+ %token ICMP TCP UDP ALL
+ 
+@@ -138,6 +139,11 @@
+         | NORESOLVE ProtoList EOL
+           { resolve_protocols &= ~$2; }
+ 
++        | PORTRESOLVE ProtoList EOL
++          { portresolve_protocols |= $2; }
++        | NOPORTRESOLVE ProtoList EOL
++          { portresolve_protocols &= ~$2; }
++
+         | LOGCLOSING EOL
+           { log_closing = TRUE; }
+         | NOLOGCLOSING EOL
+@@ -249,6 +255,7 @@
+             switches.log = -1;
+             switches.ident = use_ident;
+             switches.resolve = -1;
++	    switches.portresolve = -1;
+             switches.logformat = -1;
+             switches.logclosing = log_closing;
+           } 
+@@ -259,6 +266,7 @@
+             $$->ident = switches.ident;
+             $$->logclosing = switches.logclosing;
+             $$->resolve = switches.resolve;
++            $$->portresolve = switches.portresolve;
+             $$->logformat = switches.logformat;
+             $$->protocol = $4.protocol;
+             $$->loginfo = $4.loginfoval;
+@@ -287,6 +295,8 @@
+         | NOIDENT    { switches.ident = FALSE; }
+         | RESOLVE    { switches.resolve = RUN_ICMP | RUN_TCP | RUN_UDP; }
+         | NORESOLVE  { switches.resolve = 0; }
++        | PORTRESOLVE    { switches.portresolve = RUN_ICMP | RUN_TCP | RUN_UDP; }
++        | NOPORTRESOLVE  { switches.portresolve = 0; }
+         | SHORT      { switches.logformat = LOGFORMAT_SHORT; }
+         | NORMAL     { switches.logformat = LOGFORMAT_NORMAL; }
+         | DETAILED   { switches.logformat = LOGFORMAT_DETAILED; }
+
+--- a/Source/main.c
++++ b/Source/main.c
+@@ -48,6 +48,10 @@
+ #include "filter.h"
+ #include "pidfile.h"
+ 
++#ifndef PATH_MAX
++#define PATH_MAX 4096
++#endif
++
+ /* Logging mechanism */
+ struct loginfo log;
+ 
+
+--- a/Source/netutils.c
++++ b/Source/netutils.c
+@@ -237,15 +237,21 @@
+  * Get a service name for a specified protocol
+  */
+ 
+-void service_lookup(char *proto, char *service, __u16 port) {
++void service_lookup(char *proto, char *service, __u16 port, int portresolve) {
+   struct servent *se;
+ 
+   pthread_mutex_lock(&service_mutex);
+-  se = getservbyport(port, proto);
+-  if (se == NULL)
++  if (portresolve)
++  {
++    se = getservbyport(port, proto);
++    if (se == NULL)
++      snprintf(service, SERVICE_LENGTH, "port %d", ntohs(port));
++    else {
++      snprintf(service, SERVICE_LENGTH, "%s", se->s_name);
++    }
++  }
++  else {
+     snprintf(service, SERVICE_LENGTH, "port %d", ntohs(port));
+-  else {
+-    snprintf(service, SERVICE_LENGTH, "%s", se->s_name);
+   }
+   pthread_mutex_unlock(&service_mutex);
+ }
+
+--- a/Source/netutils.h
++++ b/Source/netutils.h
+@@ -53,6 +53,6 @@
+                  const __u32 src_addr, const __u16 src_port,
+                  const __u32 dst_addr, const __u16 dst_port);
+ 
+-void service_lookup(char *proto, char *service, __u16 port);
++void service_lookup(char *proto, char *service, __u16 port, int portresolve);
+ 
+ #endif
+
+--- a/Source/tcp.c
++++ b/Source/tcp.c
+@@ -51,6 +51,7 @@
+ struct loginfo tcp_log;
+ extern struct loginfo log;
+ extern unsigned short resolve_protocols;
++extern unsigned short portresolve_protocols;
+ 
+ /*
+  * Structure of a TCP packet
+@@ -88,7 +89,7 @@
+     *details ='\0';
+     host_print(remote_host, IPHDR.saddr,
+                info.resolve);
+-    service_lookup("tcp", service, TCPHDR.dest);
++    service_lookup("tcp", service, TCPHDR.dest, info.portresolve);
+     if (info.logformat == LOGFORMAT_DETAILED) {
+       get_details(details,
+                   IPHDR.saddr,
+@@ -186,7 +187,7 @@
+     *details ='\0';
+     host_print(remote_host, IPHDR.saddr,
+                info.resolve);
+-    service_lookup("tcp", service, TCPHDR.dest);
++    service_lookup("tcp", service, TCPHDR.dest, info.portresolve);
+     if (info.logformat == LOGFORMAT_DETAILED) {
+       get_details(details,
+                   IPHDR.saddr,
+
+--- a/Source/udp.c
++++ b/Source/udp.c
+@@ -81,7 +81,7 @@
+     *details ='\0';
+     host_print(remote_host, IPHDR.saddr,
+                info.resolve);
+-    service_lookup("udp", service, UDPHDR.dest);
++    service_lookup("udp", service, UDPHDR.dest, info.portresolve);
+     if (info.logformat == LOGFORMAT_DETAILED) {
+       get_details(details,
+                   IPHDR.saddr,
+
+--- a/ippl.conf
++++ b/ippl.conf
+@@ -4,13 +4,15 @@
+ # User used
+ # ---------
+ # Specify the user (declared in /etc/passwd) used to run the
+-# logging threads.
+-#runas nobody
++# logging threads. The ippl process visible in the process table
++# is still running as root! Look in /proc/pid/task to see the threads
++# running as ippl
++runas ippl
+ 
+ # Resolve hostnames?
+ # ------------------
+-# Uncomment the line below to disable DNS lookups
+-#noresolve all
++# Uncomment the line below to enable DNS lookups
++#resolve all
+ 
+ # Use ident?
+ # ----------
+@@ -38,9 +40,14 @@
+ # ----------------
+ run icmp tcp
+ # Uncomment the line below to log UDP traffic.
+-# See ippl.conf(5) for recommandations.
++# See ippl.conf(5) for recommendations.
+ #run udp
+ 
++# Resolve tcp/udp port to service name?
++# -------------------------------------
++# portresolve icmp tcp udp
++# Set noportresolve <protocol-list> to log port numbers instead
++
+ # Logging format
+ # ----------------
+ # If you want to see the destination address, the ports, etc
+@@ -63,6 +70,3 @@
+ # Do not log DNS queries
+ #ignore udp port domain
+ #ignore udp srcport domain
+-
+-# End of configuration
+-# Copyright (C) 1998-1999 Hugo Haas - Etienne Bernard
+
diff --git a/net-analyzer/ippl/files/ippl-1.4.14-privilege-drop.patch b/net-analyzer/ippl/files/ippl-1.4.14-privilege-drop.patch
new file mode 100644
index 000000000000..0f6d03684a93
--- /dev/null
+++ b/net-analyzer/ippl/files/ippl-1.4.14-privilege-drop.patch
@@ -0,0 +1,140 @@
+privilege-drop by Marc Haber <mh+debian-packages@zugschlus.de>
+
+--- a/Source/icmp.c
++++ b/Source/icmp.c
+@@ -39,6 +39,8 @@
+ #include "log.h"
+ #include "filter.h"
+ #include "configuration.h"
++#include <string.h>
++#include <errno.h>
+ 
+ /* Socket */
+ int icmp_socket;
+@@ -296,14 +298,16 @@
+ 
+   icmp_socket = socket(AF_INET, SOCK_RAW, IPPROTO_ICMP);
+   if (icmp_socket <= 0) {
+-	log.log(log.level_or_fd, "FATAL: Unable to open icmp raw socket");
++	int error = errno;
++    	log.log(log.level_or_fd, "FATAL: Unable to open icmp raw socket\nERROR No: %d\nERROR : %s", error, strerror(error));
+     exit(1);
+   }
+ 
+-  setgid(((struct passwd *)nobody)->pw_gid);
++  /* Don't do this here - race conditions will arise */
++  /* setgid(((struct passwd *)nobody)->pw_gid);
+   initgroups(((struct passwd *)nobody)->pw_name,
+ 	     ((struct passwd *)nobody)->pw_gid);
+-  setuid(((struct passwd *)nobody)->pw_uid);
++  setuid(((struct passwd *)nobody)->pw_uid); */
+ 
+   for(;;) {
+     if (read(icmp_socket, (__u8 *) &pkt, ICMP_CAPTURE_LENGTH) == -1) {
+--- a/Source/main.c
++++ b/Source/main.c
+@@ -153,6 +153,17 @@
+     run_thread(&udp_t, log_udp, (void *)account);
+   }
+ 
++  /* Sleep 1 sec to allow the other threads to catchup */
++  /* Not the best way to solve the issue but it works */
++  sleep(1);
++
++  /* Drop privileges */
++
++  setgid(((struct passwd *)account)->pw_gid);
++  initgroups(((struct passwd *)account)->pw_name,
++	     ((struct passwd *)account)->pw_gid);
++  setuid(((struct passwd *)account)->pw_uid);
++
+ }  
+ 
+ 
+@@ -160,8 +171,10 @@
+  * reload_configuration
+  *
+  * Stops the threads and reloads the configuration
++ *
++ * -- DEPRECATED (due to privilege drop cannot reload - needs a restart!)
+  */
+-void reload_configuration() {
++void reload_configuration_DEPRECATED() {
+   extern pthread_mutex_t log_mutex, service_mutex, dns_mutex, r_mux, w_mux;
+   extern pthread_cond_t w_cond;
+   extern int readers;
+@@ -353,8 +366,10 @@
+  * Function executed when we receive a SIHUP signal
+  */
+ void sighup(int sig) {
+-  reload_configuration();
+-  log.log(log.level_or_fd, "IP Protocols Logger: reloaded configuration.");
++  // DEPRECATED - reload_configuration();
++  // log.log(log.level_or_fd, "IP Protocols Logger: reloaded configuration.");
++  log.log(log.level_or_fd, "IP Protocols Logger: reload configuration is unsupported.");
++  die(sig);
+   signal(SIGHUP, sighup);
+ }
+ 
+--- a/Source/tcp.c
++++ b/Source/tcp.c
+@@ -44,6 +44,8 @@
+ #include "filter.h"
+ #include "configuration.h"
+ #include "ident.h"
++#include <errno.h>
++#include <string.h>
+ 
+ /* Socket */
+ int tcp_socket;
+@@ -258,14 +260,16 @@
+ 
+   tcp_socket = socket(AF_INET, SOCK_RAW, IPPROTO_TCP);
+   if (tcp_socket <= 0) {
+-	log.log(log.level_or_fd, "FATAL: Unable to open tcp raw socket");
++  	int error = errno;
++	log.log(log.level_or_fd, "FATAL: Unable to open tcp raw socket\nERROR No: %d\nERROR : %s", error, strerror(error));
+     exit(1);
+   }
+ 
+-  setgid(((struct passwd *)nobody)->pw_gid);
++  /* Don't do this here - race conditions will arise */
++  /* setgid(((struct passwd *)nobody)->pw_gid);
+   initgroups(((struct passwd *)nobody)->pw_name,
+ 	     ((struct passwd *)nobody)->pw_gid);
+-  setuid(((struct passwd *)nobody)->pw_uid);
++  setuid(((struct passwd *)nobody)->pw_uid); */
+ 
+   for(;;) {
+     if (read(tcp_socket, (__u8 *) &pkt, TCP_CAPTURE_LENGTH) == -1) {
+--- a/Source/udp.c
++++ b/Source/udp.c
+@@ -39,6 +39,8 @@
+ #include "filter.h"
+ #include "configuration.h"
+ #include "ident.h"
++#include <errno.h>
++#include <string.h>
+ 
+ /* Socket */
+ int udp_socket;
+@@ -138,14 +140,16 @@
+ 
+   udp_socket = socket(AF_INET, SOCK_RAW, IPPROTO_UDP);
+   if (udp_socket <= 0) {
+-	log.log(log.level_or_fd, "FATAL: Unable to open udp raw socket");
++  	int error = errno;
++	log.log(log.level_or_fd, "FATAL: Unable to open udp raw socket\nERROR No: %d\nERROR : %s", error, strerror(error));
+     exit(1);
+   }
+ 
+-  setgid(((struct passwd *)nobody)->pw_gid);
++  /* Don't do this here - race conditions will arise */
++  /* setgid(((struct passwd *)nobody)->pw_gid);
+   initgroups(((struct passwd *)nobody)->pw_name,
+ 	     ((struct passwd *)nobody)->pw_gid);
+-  setuid(((struct passwd *)nobody)->pw_uid);
++  setuid(((struct passwd *)nobody)->pw_uid); */
+ 
+   for(;;) {
+     if (read(udp_socket, (__u8 *) &pkt, UDP_CAPTURE_LENGTH) == -1) {
diff --git a/net-analyzer/ippl/files/ippl.rc b/net-analyzer/ippl/files/ippl.rc
new file mode 100644
index 000000000000..e16ccfc6c4e3
--- /dev/null
+++ b/net-analyzer/ippl/files/ippl.rc
@@ -0,0 +1,30 @@
+#!/sbin/openrc-run
+# Copyright 1999-2014 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+depend() {
+	need net
+}
+
+checkconfig() {
+	if [ ! -f /etc/ippl.conf ]
+	then
+		eerror "Please create /etc/ippl.conf"
+		return 1
+	fi
+	return 0
+}
+
+start() {
+	checkconfig || return $?
+	ebegin "Starting ippl"
+	start-stop-daemon --start --quiet --pidfile /run/ippl.pid \
+		--exec /usr/sbin/ippl
+	eend $? "Failed to start ippl"
+}
+
+stop() {
+	ebegin "Stopping ippl"
+	start-stop-daemon --stop --quiet --pidfile /run/ippl.pid
+	eend $? "Failed to stop ippl"
+}
diff --git a/net-analyzer/ippl/ippl-1.4.14-r3.ebuild b/net-analyzer/ippl/ippl-1.4.14-r3.ebuild
new file mode 100644
index 000000000000..9f807cd264aa
--- /dev/null
+++ b/net-analyzer/ippl/ippl-1.4.14-r3.ebuild
@@ -0,0 +1,54 @@
+# Copyright 1999-2013 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI="4"
+
+inherit eutils toolchain-funcs user
+
+DESCRIPTION="A daemon which logs TCP/UDP/ICMP packets"
+HOMEPAGE="http://pltplp.net/ippl/"
+SRC_URI="http://pltplp.net/ippl/archive/${P}.tar.gz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="amd64 ~ppc x86"
+IUSE=""
+
+DEPEND="virtual/yacc
+	>=sys-devel/flex-2.5.4a-r4"
+RDEPEND=""
+
+src_prepare() {
+	epatch \
+		"${FILESDIR}"/ippl-1.4.14-noportresolve.patch \
+		"${FILESDIR}"/ippl-1.4.14-manpage.patch \
+		"${FILESDIR}"/ippl-1.4.14-privilege-drop.patch \
+		"${FILESDIR}"/ippl-1.4.14-includes.patch
+	sed -i Source/Makefile.in \
+		-e 's|^LDFLAGS=|&@LDFLAGS@|g' \
+		|| die "sed Source/Makefile.in"
+	sed -i Makefile.in \
+		-e 's|make |$(MAKE) |g' \
+		|| die "sed Makefile.in"
+	# fix for bug #351287
+	sed -i -e '/lex.yy.c/s/ippl.l/& y.tab.c/' Source/Makefile.in \
+		|| die "sed src/Makefile.in"
+	tc-export CC
+}
+
+src_install() {
+	dosbin Source/ippl
+
+	insinto "/etc"
+	doins ippl.conf
+
+	doman Docs/{ippl.8,ippl.conf.5}
+
+	dodoc BUGS CREDITS HISTORY README TODO
+
+	newinitd "${FILESDIR}"/ippl.rc ippl
+}
+
+pkg_postinst() {
+	enewuser ippl
+}
diff --git a/net-analyzer/ippl/ippl-1.4.14-r5.ebuild b/net-analyzer/ippl/ippl-1.4.14-r5.ebuild
new file mode 100644
index 000000000000..e436f03ac433
--- /dev/null
+++ b/net-analyzer/ippl/ippl-1.4.14-r5.ebuild
@@ -0,0 +1,56 @@
+# Copyright 1999-2015 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=5
+inherit eutils toolchain-funcs user
+
+DESCRIPTION="A daemon which logs TCP/UDP/ICMP packets"
+HOMEPAGE="http://pltplp.net/ippl/"
+SRC_URI="http://pltplp.net/ippl/archive/${P}.tar.gz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="amd64 ~ppc x86"
+
+DEPEND="virtual/yacc
+	>=sys-devel/flex-2.5.4a-r4"
+
+src_prepare() {
+	epatch \
+		"${FILESDIR}"/ippl-1.4.14-noportresolve.patch \
+		"${FILESDIR}"/ippl-1.4.14-manpage.patch \
+		"${FILESDIR}"/ippl-1.4.14-privilege-drop.patch \
+		"${FILESDIR}"/ippl-1.4.14-includes.patch \
+		"${FILESDIR}"/ippl-1.4.14-format-warnings.patch
+
+	sed -i Source/Makefile.in \
+		-e 's|^LDFLAGS=|&@LDFLAGS@|g' \
+		|| die
+
+	sed -i Makefile.in \
+		-e 's|make |$(MAKE) |g' \
+		|| die
+
+	# fix for bug #351287
+	sed -i -e '/lex.yy.c/s/ippl.l/& y.tab.c/' Source/Makefile.in \
+		|| die
+
+	tc-export CC
+}
+
+src_install() {
+	dosbin Source/ippl
+
+	insinto "/etc"
+	doins ippl.conf
+
+	doman Docs/{ippl.8,ippl.conf.5}
+
+	dodoc BUGS CREDITS HISTORY README TODO
+
+	newinitd "${FILESDIR}"/ippl.rc ippl
+}
+
+pkg_postinst() {
+	enewuser ippl
+}
diff --git a/net-analyzer/ippl/metadata.xml b/net-analyzer/ippl/metadata.xml
new file mode 100644
index 000000000000..74c2baebb4ec
--- /dev/null
+++ b/net-analyzer/ippl/metadata.xml
@@ -0,0 +1,8 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+<maintainer type="project">
+	<email>netmon@gentoo.org</email>
+	<name>Gentoo network monitoring and analysis project</name>
+</maintainer>
+</pkgmetadata>