diff -rupN original/net-firewall/shorewall/files/4.5.21.7/10-releasenotes.patch new/net-firewall/shorewall/files/4.5.21.7/10-releasenotes.patch
--- original/net-firewall/shorewall/files/4.5.21.7/10-releasenotes.patch 1970-01-01 01:00:00.000000000 +0100
+++ new/net-firewall/shorewall/files/4.5.21.7/10-releasenotes.patch 2014-03-09 14:41:32.340832287 +0100
@@ -0,0 +1,13 @@
+This patch will update the version number in the release notes.
+
+See http://thread.gmane.org/gmane.comp.security.shorewall/30808
+
+--- shorewall-4.5.21.7.old/releasenotes.txt 2014-03-08 16:35:39.000000000 +0100
++++ shorewall-4.5.21.7/releasenotes.txt 2014-03-09 14:38:19.503337459 +0100
+@@ -1,5 +1,5 @@
+ ----------------------------------------------------------------------------
+- S H O R E W A L L 4 . 5 . 2 1 . 6
++ S H O R E W A L L 4 . 5 . 2 1 . 7
+ ------------------------------------
+ M a r c h 0 8 , 2 0 1 4
+ ----------------------------------------------------------------------------
diff -rupN original/net-firewall/shorewall/files/4.5.21.7/shorewall.confd new/net-firewall/shorewall/files/4.5.21.7/shorewall.confd
--- original/net-firewall/shorewall/files/4.5.21.7/shorewall.confd 1970-01-01 01:00:00.000000000 +0100
+++ new/net-firewall/shorewall/files/4.5.21.7/shorewall.confd 2013-11-14 19:31:48.000000000 +0100
@@ -0,0 +1,15 @@
+# Global start/restart/stop options
+#
+OPTIONS=""
+
+# Start options
+#
+STARTOPTIONS=""
+
+# Stop options
+#
+STOPOPTIONS=""
+
+# Restart options
+#
+RESTARTOPTIONS=""
diff -rupN original/net-firewall/shorewall/files/4.5.21.7/shorewall.initd new/net-firewall/shorewall/files/4.5.21.7/shorewall.initd
--- original/net-firewall/shorewall/files/4.5.21.7/shorewall.initd 1970-01-01 01:00:00.000000000 +0100
+++ new/net-firewall/shorewall/files/4.5.21.7/shorewall.initd 2013-11-14 19:31:48.000000000 +0100
@@ -0,0 +1,107 @@
+#!/sbin/runscript
+# Copyright 1999-2013 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: $
+
+description='The Shoreline Firewall, more commonly known as "Shorewall", is'
+description="${description} a high-level tool for configuring Netfilter."
+
+extra_commands="check clear"
+extra_started_commands="refresh reset"
+
+description_check="Checks if the configuration will compile or not."
+
+description_clear="Clear will remove all rules and chains installed by"
+description_clear="${description_clear} Shorewall. The firewall is then"
+description_clear="${description_clear} wide open and unprotected."
+
+description_refresh="The mangle table will be refreshed along with the"
+description_refresh="${description_refresh} blacklist chain (if any)."
+
+description_reset="All the packet and byte counters in the firewall are reset."
+
+depend() {
+ need net
+ provide firewall
+ after ulogd
+}
+
+status() {
+ local _retval
+ /sbin/shorewall status 1>/dev/null
+ _retval=$?
+ if [ ${_retval} = '0' ]; then
+ einfo 'status: started'
+ mark_service_started "${SVCNAME}"
+ return 0
+ else
+ einfo 'status: stopped'
+ mark_service_stopped "${SVCNAME}"
+ return 3
+ fi
+}
+
+start() {
+ ebegin "Starting shorewall"
+ /sbin/shorewall ${OPTIONS} start ${STARTOPTIONS} 1>/dev/null
+ eend $?
+}
+
+stop() {
+ ebegin "Stopping shorewall"
+ /sbin/shorewall ${OPTIONS} stop ${STOPOPTIONS} 1>/dev/null
+ eend $?
+}
+
+restart() {
+ # shorewall comes with its own control script that includes a
+ # restart function, so refrain from calling svc_stop/svc_start
+ # here. Note that this comment is required to fix bug 55576;
+ # runscript.sh greps this script... (09 Jul 2004 agriffis)
+
+ ebegin "Restarting shorewall"
+ /sbin/shorewall status 1>/dev/null
+ if [ $? != 0 ] ; then
+ svc_start
+ else
+ /sbin/shorewall ${OPTIONS} restart ${RESTARTOPTIONS} 1>/dev/null
+ fi
+ eend $?
+}
+
+clear() {
+ # clear will remove all the rules and bring the system to an unfirewalled
+ # state. (21 Nov 2004 eldad)
+
+ ebegin "Clearing all shorewall rules and setting policy to ACCEPT"
+ /sbin/shorewall ${OPTIONS} clear 1>/dev/null
+ eend $?
+}
+
+reset() {
+ # reset the packet and byte counters in the firewall
+
+ ebegin "Resetting the packet and byte counters in shorewall"
+ /sbin/shorewall ${OPTIONS} reset 1>/dev/null
+ eend $?
+}
+
+refresh() {
+ # refresh the rules involving the broadcast addresses of firewall
+ # interfaces, the black list, traffic control rules and
+ # ECN control rules
+
+ ebegin "Refreshing shorewall rules"
+ /sbin/shorewall ${OPTIONS} refresh 1>/dev/null
+ eend $?
+}
+
+check() {
+ # perform cursory validation of the zones, interfaces, hosts, rules
+ # and policy files. CAUTION: does not parse and validate the generated
+ # iptables commands.
+
+ ebegin "Checking shorewall configuration"
+ /sbin/shorewall ${OPTIONS} check 1>/dev/null
+ eend $?
+}
diff -rupN original/net-firewall/shorewall/files/4.5.21.7/shorewallrc new/net-firewall/shorewall/files/4.5.21.7/shorewallrc
--- original/net-firewall/shorewall/files/4.5.21.7/shorewallrc 1970-01-01 01:00:00.000000000 +0100
+++ new/net-firewall/shorewall/files/4.5.21.7/shorewallrc 2013-11-14 19:31:48.000000000 +0100
@@ -0,0 +1,23 @@
+#
+# Gentoo Shorewall 4.5 rc file
+#
+BUILD= #Default is to detect the build system
+HOST=gentoo #Gentoo GNU Linux
+PREFIX=@GENTOO_PORTAGE_EPREFIX@/usr #Top-level directory for shared files, libraries, etc.
+SHAREDIR=${PREFIX}/share #Directory for arch-neutral files.
+LIBEXECDIR=${PREFIX}/share #Directory for executable scripts.
+PERLLIBDIR=${PREFIX}/share/shorewall #Directory to install Shorewall Perl module directory
+CONFDIR=@GENTOO_PORTAGE_EPREFIX@/etc #Directory where subsystem configurations are installed
+SBINDIR=@GENTOO_PORTAGE_EPREFIX@/sbin #Directory where system administration programs are installed
+MANDIR=${PREFIX}/share/man #Directory where manpages are installed.
+INITDIR=${CONFDIR}/init.d #Directory where SysV init scripts are installed.
+INITFILE=${PRODUCT} #Name of the product's installed SysV init script
+INITSOURCE=init.gentoo.sh #Name of the distributed file to be installed as the SysV init script
+ANNOTATED= #If non-zero, annotated configuration files are installed
+SYSTEMD=@GENTOO_PORTAGE_EPREFIX@/usr/lib/systemd/system #Directory where .service files are installed (systems running systemd only)
+SERVICEFILE=gentoo.service #Name of the distributed file to be installed as systemd service file
+SYSCONFFILE=default.gentoo #Name of the distributed file to be installed in $SYSCONFDIR
+SYSCONFDIR=${CONFDIR}/conf.d #Directory where SysV init parameter files are installed
+SPARSE= #If non-empty, only install $PRODUCT/$PRODUCT.conf in $CONFDIR
+VARLIB=@GENTOO_PORTAGE_EPREFIX@/var/lib #Directory where product variable data is stored.
+VARDIR=${VARLIB}/${PRODUCT} #Directory where product variable data is stored.
diff -rupN original/net-firewall/shorewall/files/4.5.21.7/shorewall.systemd new/net-firewall/shorewall/files/4.5.21.7/shorewall.systemd
--- original/net-firewall/shorewall/files/4.5.21.7/shorewall.systemd 1970-01-01 01:00:00.000000000 +0100
+++ new/net-firewall/shorewall/files/4.5.21.7/shorewall.systemd 2013-11-14 19:31:48.000000000 +0100
@@ -0,0 +1,17 @@
+#
+# The Shoreline Firewall (Shorewall) Packet Filtering Firewall - V4.5
+#
+[Unit]
+Description=Shorewall IPv4 firewall
+Documentation=man:shorewall(8) http://www.shorewall.net/Documentation_Index.html
+After=network.target
+
+[Service]
+Type=oneshot
+RemainAfterExit=yes
+EnvironmentFile=/etc/conf.d/shorewall
+ExecStart=/sbin/shorewall $OPTIONS start $STARTOPTIONS
+ExecStop=/sbin/shorewall $OPTIONS stop $STOPOPTIONS
+
+[Install]
+WantedBy=multi-user.target
diff -rupN original/net-firewall/shorewall/metadata.xml new/net-firewall/shorewall/metadata.xml
--- original/net-firewall/shorewall/metadata.xml 1970-01-01 01:00:00.000000000 +0100
+++ new/net-firewall/shorewall/metadata.xml 2013-11-14 19:31:48.000000000 +0100
@@ -0,0 +1,10 @@
+
+
+
+ netmon
+ proxy-maintainers
+
+ whissi@whissi.de
+ Thomas D. (Whissi)
+
+
diff -rupN original/net-firewall/shorewall/shorewall-4.5.21.7.ebuild new/net-firewall/shorewall/shorewall-4.5.21.7.ebuild
--- original/net-firewall/shorewall/shorewall-4.5.21.7.ebuild 1970-01-01 01:00:00.000000000 +0100
+++ new/net-firewall/shorewall/shorewall-4.5.21.7.ebuild 2014-03-09 14:42:39.548048365 +0100
@@ -0,0 +1,118 @@
+# Copyright 1999-2013 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: $
+
+EAPI="5"
+
+inherit eutils linux-info prefix systemd versionator
+
+MY_URL_PREFIX=
+case ${P} in
+ *_beta* | \
+ *_rc*)
+ MY_URL_PREFIX='development/'
+ ;;
+esac
+
+MY_PV=${PV/_rc/-RC}
+MY_PV=${MY_PV/_beta/-Beta}
+MY_P=${PN}-${MY_PV}
+MY_P_DOCS=shorewall-docs-html-${MY_PV}
+
+MY_MAJOR_RELEASE_NUMBER=$(get_version_component_range 1-2)
+MY_MAJORMINOR_RELEASE_NUMBER=$(get_version_component_range 1-3)
+
+DESCRIPTION='The Shoreline Firewall, commonly known as Shorewall, is'
+DESCRIPTION+=' a high-level tool for configuring Netfilter.'
+HOMEPAGE="http://www.shorewall.net/"
+SRC_URI="
+ http://www1.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}/${MY_P}.tar.bz2
+ doc? ( http://www1.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}/${MY_P_DOCS}.tar.bz2 )
+"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~hppa ~ppc ~ppc64 ~sparc ~x86"
+IUSE="doc"
+
+DEPEND="
+ >=dev-lang/perl-5.10
+ virtual/perl-Digest-SHA
+ =net-firewall/shorewall-core-${PVR}
+"
+RDEPEND="
+ ${DEPEND}
+ >=net-firewall/iptables-1.4.20
+ >=sys-apps/iproute2-3.8.0[-minimal]
+ >=sys-devel/bc-1.06.95
+"
+
+S=${WORKDIR}/${MY_P}
+
+pkg_pretend() {
+ local CONFIG_CHECK="~NF_CONNTRACK ~NF_CONNTRACK_IPV4"
+
+ local WARNING_CONNTRACK="Without NF_CONNTRACK support, you will be unable"
+ local WARNING_CONNTRACK+=" to run ${PN} on the local system."
+
+ local WARNING_CONNTRACK_IPV4="Without NF_CONNTRACK_IPV4 support, you will"
+ local WARNING_CONNTRACK_IPV4+=" be unable to run ${PN} on the local system."
+
+ check_extra_config
+}
+
+src_prepare() {
+ epatch "${FILESDIR}"/${PVR}/10-releasenotes.patch
+
+ cp "${FILESDIR}"/${PVR}/shorewallrc "${S}"/shorewallrc.gentoo || die "Copying shorewallrc failed"
+ eprefixify "${S}"/shorewallrc.gentoo
+
+ cp "${FILESDIR}"/${PVR}/${PN}.confd "${S}"/default.gentoo || die "Copying ${PN}.confd failed"
+ cp "${FILESDIR}"/${PVR}/${PN}.initd "${S}"/init.gentoo.sh || die "Copying ${PN}.initd failed"
+ cp "${FILESDIR}"/${PVR}/${PN}.systemd "${S}"/gentoo.service || die "Copying ${PN}.systemd failed"
+
+ epatch_user
+}
+
+src_configure() {
+ :;
+}
+
+src_compile() {
+ :;
+}
+
+src_install() {
+ keepdir /var/lib/${PN}
+
+ DESTDIR="${D}" ./install.sh shorewallrc.gentoo || die "install.sh failed"
+
+ dodoc changelog.txt releasenotes.txt
+ if use doc; then
+ dodoc -r Samples
+ cd "${WORKDIR}"/${MY_P_DOCS}
+ dohtml -r *
+ fi
+}
+
+pkg_postinst() {
+ if [[ -z "${REPLACING_VERSIONS}" ]]; then
+ # This is a new installation
+ elog "Before you can use ${PN}, you need to edit its configuration in:"
+ elog ""
+ elog " ${EPREFIX}/etc/${PN}/${PN}.conf"
+ elog ""
+ elog "To activate ${PN} on system start, please add ${PN} to your default runlevel:"
+ elog ""
+ elog " # rc-update add ${PN} default"
+ fi
+
+ if ! has_version ${CATEGORY}/shorewall-init; then
+ elog ""
+ elog "Starting with shorewall-4.5.21.2, Gentoo also offers ${CATEGORY}/shorewall-init,"
+ elog "which we recommend to install, to protect your firewall at system boot."
+ elog ""
+ elog "To read more about shorewall-init, please visit"
+ elog " http://www.shorewall.net/Shorewall-init.html"
+ fi
+}
diff -rupN original/net-firewall/shorewall6/files/4.5.21.7/10-releasenotes.patch new/net-firewall/shorewall6/files/4.5.21.7/10-releasenotes.patch
--- original/net-firewall/shorewall6/files/4.5.21.7/10-releasenotes.patch 1970-01-01 01:00:00.000000000 +0100
+++ new/net-firewall/shorewall6/files/4.5.21.7/10-releasenotes.patch 2014-03-09 14:47:30.128941064 +0100
@@ -0,0 +1,13 @@
+This patch will update the version number in the release notes.
+
+See http://thread.gmane.org/gmane.comp.security.shorewall/30808
+
+--- shorewall6-4.5.21.7.old/releasenotes.txt 2014-03-08 16:35:39.000000000 +0100
++++ shorewall6-4.5.21.7/releasenotes.txt 2014-03-09 14:38:19.503337459 +0100
+@@ -1,5 +1,5 @@
+ ----------------------------------------------------------------------------
+- S H O R E W A L L 4 . 5 . 2 1 . 6
++ S H O R E W A L L 4 . 5 . 2 1 . 7
+ ------------------------------------
+ M a r c h 0 8 , 2 0 1 4
+ ----------------------------------------------------------------------------
diff -rupN original/net-firewall/shorewall6/files/4.5.21.7/shorewall6.confd new/net-firewall/shorewall6/files/4.5.21.7/shorewall6.confd
--- original/net-firewall/shorewall6/files/4.5.21.7/shorewall6.confd 1970-01-01 01:00:00.000000000 +0100
+++ new/net-firewall/shorewall6/files/4.5.21.7/shorewall6.confd 2013-11-14 19:31:48.000000000 +0100
@@ -0,0 +1,15 @@
+# Global start/restart/stop options
+#
+OPTIONS=""
+
+# Start options
+#
+STARTOPTIONS=""
+
+# Stop options
+#
+STOPOPTIONS=""
+
+# Restart options
+#
+RESTARTOPTIONS=""
diff -rupN original/net-firewall/shorewall6/files/4.5.21.7/shorewall6.initd new/net-firewall/shorewall6/files/4.5.21.7/shorewall6.initd
--- original/net-firewall/shorewall6/files/4.5.21.7/shorewall6.initd 1970-01-01 01:00:00.000000000 +0100
+++ new/net-firewall/shorewall6/files/4.5.21.7/shorewall6.initd 2013-11-14 19:31:48.000000000 +0100
@@ -0,0 +1,107 @@
+#!/sbin/runscript
+# Copyright 1999-2013 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: $
+
+description='The Shoreline Firewall 6, more commonly known as "Shorewall6", is'
+description="${description} a high-level tool for configuring Netfilter."
+
+extra_commands="check clear"
+extra_started_commands="refresh reset"
+
+description_check="Checks if the configuration will compile or not."
+
+description_clear="Clear will remove all rules and chains installed by"
+description_clear="${description_clear} Shorewall6. The firewall is then"
+description_clear="${description_clear} wide open and unprotected."
+
+description_refresh="The mangle table will be refreshed along with the"
+description_refresh="${description_refresh} blacklist chain (if any)."
+
+description_reset="All the packet and byte counters in the firewall are reset."
+
+depend() {
+ need net
+ provide firewall
+ after ulogd
+}
+
+status() {
+ local _retval
+ /sbin/shorewall6 status 1>/dev/null
+ _retval=$?
+ if [ ${_retval} = '0' ]; then
+ einfo 'status: started'
+ mark_service_started "${SVCNAME}"
+ return 0
+ else
+ einfo 'status: stopped'
+ mark_service_stopped "${SVCNAME}"
+ return 3
+ fi
+}
+
+start() {
+ ebegin "Starting shorewall6"
+ /sbin/shorewall6 ${OPTIONS} start ${STARTOPTIONS} 1>/dev/null
+ eend $?
+}
+
+stop() {
+ ebegin "Stopping shorewall6"
+ /sbin/shorewall6 ${OPTIONS} stop ${STOPOPTIONS} 1>/dev/null
+ eend $?
+}
+
+restart() {
+ # shorewall comes with its own control script that includes a
+ # restart function, so refrain from calling svc_stop/svc_start
+ # here. Note that this comment is required to fix bug 55576;
+ # runscript.sh greps this script... (09 Jul 2004 agriffis)
+
+ ebegin "Restarting shorewall6"
+ /sbin/shorewall6 status 1>/dev/null
+ if [ $? != 0 ] ; then
+ svc_start
+ else
+ /sbin/shorewall6 ${OPTIONS} restart ${RESTARTOPTIONS} 1>/dev/null
+ fi
+ eend $?
+}
+
+clear() {
+ # clear will remove all the rules and bring the system to an unfirewalled
+ # state. (21 Nov 2004 eldad)
+
+ ebegin "Clearing all shorewall rules and setting policy to ACCEPT"
+ /sbin/shorewall6 ${OPTIONS} clear 1>/dev/null
+ eend $?
+}
+
+reset() {
+ # reset the packet and byte counters in the firewall
+
+ ebegin "Resetting the packet and byte counters in shorewall6"
+ /sbin/shorewall6 ${OPTIONS} reset 1>/dev/null
+ eend $?
+}
+
+refresh() {
+ # refresh the rules involving the broadcast addresses of firewall
+ # interfaces, the black list, traffic control rules and
+ # ECN control rules
+
+ ebegin "Refreshing shorewall6 rules"
+ /sbin/shorewall6 ${OPTIONS} refresh 1>/dev/null
+ eend $?
+}
+
+check() {
+ # perform cursory validation of the zones, interfaces, hosts, rules
+ # and policy files. CAUTION: does not parse and validate the generated
+ # iptables commands.
+
+ ebegin "Checking shorewall6 configuration"
+ /sbin/shorewall6 ${OPTIONS} check 1>/dev/null
+ eend $?
+}
diff -rupN original/net-firewall/shorewall6/files/4.5.21.7/shorewall6.systemd new/net-firewall/shorewall6/files/4.5.21.7/shorewall6.systemd
--- original/net-firewall/shorewall6/files/4.5.21.7/shorewall6.systemd 1970-01-01 01:00:00.000000000 +0100
+++ new/net-firewall/shorewall6/files/4.5.21.7/shorewall6.systemd 2013-11-14 19:31:48.000000000 +0100
@@ -0,0 +1,17 @@
+#
+# The Shoreline Firewall 6 (Shorewall6) Packet Filtering Firewall - V4.5
+#
+[Unit]
+Description=Shorewall IPv6 firewall
+Documentation=man:shorewall6(8) http://www.shorewall.net/Documentation_Index.html
+After=network.target
+
+[Service]
+Type=oneshot
+RemainAfterExit=yes
+EnvironmentFile=/etc/conf.d/shorewall6
+ExecStart=/sbin/shorewall6 $OPTIONS start $STARTOPTIONS
+ExecStop=/sbin/shorewall6 $OPTIONS stop $STOPOPTIONS
+
+[Install]
+WantedBy=multi-user.target
diff -rupN original/net-firewall/shorewall6/files/4.5.21.7/shorewallrc new/net-firewall/shorewall6/files/4.5.21.7/shorewallrc
--- original/net-firewall/shorewall6/files/4.5.21.7/shorewallrc 1970-01-01 01:00:00.000000000 +0100
+++ new/net-firewall/shorewall6/files/4.5.21.7/shorewallrc 2013-11-14 19:31:48.000000000 +0100
@@ -0,0 +1,23 @@
+#
+# Gentoo Shorewall 4.5 rc file
+#
+BUILD= #Default is to detect the build system
+HOST=gentoo #Gentoo GNU Linux
+PREFIX=@GENTOO_PORTAGE_EPREFIX@/usr #Top-level directory for shared files, libraries, etc.
+SHAREDIR=${PREFIX}/share #Directory for arch-neutral files.
+LIBEXECDIR=${PREFIX}/share #Directory for executable scripts.
+PERLLIBDIR=${PREFIX}/share/shorewall #Directory to install Shorewall Perl module directory
+CONFDIR=@GENTOO_PORTAGE_EPREFIX@/etc #Directory where subsystem configurations are installed
+SBINDIR=@GENTOO_PORTAGE_EPREFIX@/sbin #Directory where system administration programs are installed
+MANDIR=${PREFIX}/share/man #Directory where manpages are installed.
+INITDIR=${CONFDIR}/init.d #Directory where SysV init scripts are installed.
+INITFILE=${PRODUCT} #Name of the product's installed SysV init script
+INITSOURCE=init.gentoo.sh #Name of the distributed file to be installed as the SysV init script
+ANNOTATED= #If non-zero, annotated configuration files are installed
+SYSTEMD=@GENTOO_PORTAGE_EPREFIX@/usr/lib/systemd/system #Directory where .service files are installed (systems running systemd only)
+SERVICEFILE=gentoo.service #Name of the distributed file to be installed as systemd service file
+SYSCONFFILE=default.gentoo #Name of the distributed file to be installed in $SYSCONFDIR
+SYSCONFDIR=${CONFDIR}/conf.d #Directory where SysV init parameter files are installed
+SPARSE= #If non-empty, only install $PRODUCT/$PRODUCT.conf in $CONFDIR
+VARLIB=@GENTOO_PORTAGE_EPREFIX@/var/lib #Directory where product variable data is stored.
+VARDIR=${VARLIB}/${PRODUCT} #Directory where product variable data is stored.
diff -rupN original/net-firewall/shorewall6/metadata.xml new/net-firewall/shorewall6/metadata.xml
--- original/net-firewall/shorewall6/metadata.xml 1970-01-01 01:00:00.000000000 +0100
+++ new/net-firewall/shorewall6/metadata.xml 2013-11-14 19:31:48.000000000 +0100
@@ -0,0 +1,10 @@
+
+
+
+ netmon
+ proxy-maintainers
+
+ whissi@whissi.de
+ Thomas D. (Whissi)
+
+
diff -rupN original/net-firewall/shorewall6/shorewall6-4.5.21.7.ebuild new/net-firewall/shorewall6/shorewall6-4.5.21.7.ebuild
--- original/net-firewall/shorewall6/shorewall6-4.5.21.7.ebuild 1970-01-01 01:00:00.000000000 +0100
+++ new/net-firewall/shorewall6/shorewall6-4.5.21.7.ebuild 2014-03-09 14:46:24.824745862 +0100
@@ -0,0 +1,114 @@
+# Copyright 1999-2013 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: $
+
+EAPI="5"
+
+inherit eutils linux-info prefix systemd versionator
+
+MY_URL_PREFIX=
+case ${P} in
+ *_beta* | \
+ *_rc*)
+ MY_URL_PREFIX='development/'
+ ;;
+esac
+
+MY_PV=${PV/_rc/-RC}
+MY_PV=${MY_PV/_beta/-Beta}
+MY_P=${PN}-${MY_PV}
+MY_P_DOCS=shorewall-docs-html-${MY_PV}
+
+MY_MAJOR_RELEASE_NUMBER=$(get_version_component_range 1-2)
+MY_MAJORMINOR_RELEASE_NUMBER=$(get_version_component_range 1-3)
+
+DESCRIPTION='The Shoreline Firewall, commonly known as Shorewall,'
+DESCRIPTION+=' IPv6 component.'
+HOMEPAGE="http://www.shorewall.net/"
+SRC_URI="
+ http://www1.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}/${MY_P}.tar.bz2
+ doc? ( http://www1.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}/${MY_P_DOCS}.tar.bz2 )
+"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~hppa ~ppc ~ppc64 ~sparc ~x86"
+IUSE="doc"
+
+DEPEND="=net-firewall/shorewall-${PVR}"
+RDEPEND="
+ ${DEPEND}
+ >=net-firewall/iptables-1.4.20[ipv6]
+ >=sys-apps/iproute2-3.8.0[-minimal]
+ >=dev-perl/Socket6-0.230.0
+"
+
+S=${WORKDIR}/${MY_P}
+
+pkg_pretend() {
+ local CONFIG_CHECK="~NF_CONNTRACK ~NF_CONNTRACK_IPV6"
+
+ local WARNING_CONNTRACK="Without NF_CONNTRACK support, you will be unable"
+ local WARNING_CONNTRACK+=" to run ${PN} on the local system."
+
+ local WARNING_CONNTRACK_IPV6="Without NF_CONNTRACK_IPV6 support, you will"
+ local WARNING_CONNTRACK_IPV6+=" be unable to run ${PN} on the local system."
+
+ check_extra_config
+}
+
+src_prepare() {
+ epatch "${FILESDIR}"/${PVR}/10-releasenotes.patch
+
+ cp "${FILESDIR}"/${PVR}/shorewallrc "${S}"/shorewallrc.gentoo || die "Copying shorewallrc failed"
+ eprefixify "${S}"/shorewallrc.gentoo
+
+ cp "${FILESDIR}"/${PVR}/${PN}.confd "${S}"/default.gentoo || die "Copying ${PN}.confd failed"
+ cp "${FILESDIR}"/${PVR}/${PN}.initd "${S}"/init.gentoo.sh || die "Copying ${PN}.initd failed"
+ cp "${FILESDIR}"/${PVR}/${PN}.systemd "${S}"/gentoo.service || die "Copying ${PN}.systemd failed"
+
+ epatch_user
+}
+
+src_configure() {
+ :;
+}
+
+src_compile() {
+ :;
+}
+
+src_install() {
+ keepdir /var/lib/${PN}
+
+ DESTDIR="${D}" ./install.sh shorewallrc.gentoo || die "install.sh failed"
+
+ dodoc changelog.txt releasenotes.txt
+ if use doc; then
+ dodoc -r Samples6
+ cd "${WORKDIR}"/${MY_P_DOCS}
+ dohtml -r *
+ fi
+}
+
+pkg_postinst() {
+ if [[ -z "${REPLACING_VERSIONS}" ]]; then
+ # This is a new installation
+ elog "Before you can use ${PN}, you need to edit its configuration in:"
+ elog ""
+ elog " ${EPREFIX}/etc/${PN}/${PN}.conf"
+ elog ""
+ elog "To activate ${PN} on system start, please add ${PN} to your default runlevel:"
+ elog ""
+ elog " # rc-update add ${PN} default"
+ fi
+
+ if ! has_version ${CATEGORY}/shorewall-init; then
+ elog ""
+ elog "Starting with shorewall6-4.5.21.2, Gentoo also offers ${CATEGORY}/shorewall-init,"
+ elog "which we recommend to install, to protect your firewall at system boot."
+ elog ""
+ elog "To read more about shorewall-init, please visit"
+ elog " http://www.shorewall.net/Shorewall-init.html"
+ fi
+}
diff -rupN original/net-firewall/shorewall6-lite/files/4.5.21.7/10-releasenotes.patch new/net-firewall/shorewall6-lite/files/4.5.21.7/10-releasenotes.patch
--- original/net-firewall/shorewall6-lite/files/4.5.21.7/10-releasenotes.patch 1970-01-01 01:00:00.000000000 +0100
+++ new/net-firewall/shorewall6-lite/files/4.5.21.7/10-releasenotes.patch 2014-03-09 14:48:41.311151510 +0100
@@ -0,0 +1,13 @@
+This patch will update the version number in the release notes.
+
+See http://thread.gmane.org/gmane.comp.security.shorewall/30808
+
+--- shorewall6-lite-4.5.21.7.old/releasenotes.txt 2014-03-08 16:35:39.000000000 +0100
++++ shorewall6-lite-4.5.21.7/releasenotes.txt 2014-03-09 14:38:19.503337459 +0100
+@@ -1,5 +1,5 @@
+ ----------------------------------------------------------------------------
+- S H O R E W A L L 4 . 5 . 2 1 . 6
++ S H O R E W A L L 4 . 5 . 2 1 . 7
+ ------------------------------------
+ M a r c h 0 8 , 2 0 1 4
+ ----------------------------------------------------------------------------
diff -rupN original/net-firewall/shorewall6-lite/files/4.5.21.7/shorewall6-lite.confd new/net-firewall/shorewall6-lite/files/4.5.21.7/shorewall6-lite.confd
--- original/net-firewall/shorewall6-lite/files/4.5.21.7/shorewall6-lite.confd 1970-01-01 01:00:00.000000000 +0100
+++ new/net-firewall/shorewall6-lite/files/4.5.21.7/shorewall6-lite.confd 2013-11-14 19:31:48.000000000 +0100
@@ -0,0 +1,15 @@
+# Global start/restart/stop options
+#
+OPTIONS=""
+
+# Start options
+#
+STARTOPTIONS=""
+
+# Stop options
+#
+STOPOPTIONS=""
+
+# Restart options
+#
+RESTARTOPTIONS=""
diff -rupN original/net-firewall/shorewall6-lite/files/4.5.21.7/shorewall6-lite.initd new/net-firewall/shorewall6-lite/files/4.5.21.7/shorewall6-lite.initd
--- original/net-firewall/shorewall6-lite/files/4.5.21.7/shorewall6-lite.initd 1970-01-01 01:00:00.000000000 +0100
+++ new/net-firewall/shorewall6-lite/files/4.5.21.7/shorewall6-lite.initd 2013-11-14 19:31:48.000000000 +0100
@@ -0,0 +1,82 @@
+#!/sbin/runscript
+# Copyright 1999-2013 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: $
+
+description='The Shoreline Firewall 6 Lite, more commonly known as "Shorewall6 Lite", is'
+description="${description} a high-level tool for configuring Netfilter."
+
+extra_commands="clear"
+extra_started_commands="reset"
+
+description_clear="Clear will remove all rules and chains installed by"
+description_clear="${description_clear} Shorewall6 Lite. The firewall is"
+description_clear="${description_clear} then wide open and unprotected."
+
+description_reset="All the packet and byte counters in the firewall are reset."
+
+depend() {
+ need net
+ provide firewall
+ after ulogd
+}
+
+status() {
+ local _retval
+ /sbin/shorewall6-lite status 1>/dev/null
+ _retval=$?
+ if [ ${_retval} = '0' ]; then
+ einfo 'status: started'
+ mark_service_started "${SVCNAME}"
+ return 0
+ else
+ einfo 'status: stopped'
+ mark_service_stopped "${SVCNAME}"
+ return 3
+ fi
+}
+
+start() {
+ ebegin "Starting shorewall6-lite"
+ /sbin/shorewall6-lite ${OPTIONS} start ${STARTOPTIONS} 1>/dev/null
+ eend $?
+}
+
+stop() {
+ ebegin "Stopping shorewall6-lite"
+ /sbin/shorewall6-lite ${OPTIONS} stop ${STOPOPTIONS} 1>/dev/null
+ eend $?
+}
+
+restart() {
+ # shorewall comes with its own control script that includes a
+ # restart function, so refrain from calling svc_stop/svc_start
+ # here. Note that this comment is required to fix bug 55576;
+ # runscript.sh greps this script... (09 Jul 2004 agriffis)
+
+ ebegin "Restarting shorewall6-lite"
+ /sbin/shorewall6-lite status 1>/dev/null
+ if [ $? != 0 ] ; then
+ svc_start
+ else
+ /sbin/shorewall6-lite ${OPTIONS} restart ${RESTARTOPTIONS} 1>/dev/null
+ fi
+ eend $?
+}
+
+clear() {
+ # clear will remove all the rules and bring the system to an unfirewalled
+ # state. (21 Nov 2004 eldad)
+
+ ebegin "Clearing all shorewall6-lite rules and setting policy to ACCEPT"
+ /sbin/shorewall6-lite ${OPTIONS} clear 1>/dev/null
+ eend $?
+}
+
+reset() {
+ # reset the packet and byte counters in the firewall
+
+ ebegin "Resetting the packet and byte counters in shorewall6-lite"
+ /sbin/shorewall6-lite ${OPTIONS} reset 1>/dev/null
+ eend $?
+}
diff -rupN original/net-firewall/shorewall6-lite/files/4.5.21.7/shorewall6-lite.systemd new/net-firewall/shorewall6-lite/files/4.5.21.7/shorewall6-lite.systemd
--- original/net-firewall/shorewall6-lite/files/4.5.21.7/shorewall6-lite.systemd 1970-01-01 01:00:00.000000000 +0100
+++ new/net-firewall/shorewall6-lite/files/4.5.21.7/shorewall6-lite.systemd 2013-11-14 19:31:48.000000000 +0100
@@ -0,0 +1,17 @@
+#
+# The Shoreline Firewall 6 Lite (Shorewall6-Lite) Packet Filtering Firewall - V4.5
+#
+[Unit]
+Description=Shorewall IPv6 firewall lite
+Documentation=man:shorewall6-lite(8) http://www.shorewall.net/Documentation_Index.html
+After=network.target
+
+[Service]
+Type=oneshot
+RemainAfterExit=yes
+EnvironmentFile=/etc/conf.d/shorewall6-lite
+ExecStart=/sbin/shorewall6-lite $OPTIONS start $STARTOPTIONS
+ExecStop=/sbin/shorewall6-lite $OPTIONS stop $STOPOPTIONS
+
+[Install]
+WantedBy=multi-user.target
diff -rupN original/net-firewall/shorewall6-lite/files/4.5.21.7/shorewallrc new/net-firewall/shorewall6-lite/files/4.5.21.7/shorewallrc
--- original/net-firewall/shorewall6-lite/files/4.5.21.7/shorewallrc 1970-01-01 01:00:00.000000000 +0100
+++ new/net-firewall/shorewall6-lite/files/4.5.21.7/shorewallrc 2013-11-14 19:31:48.000000000 +0100
@@ -0,0 +1,23 @@
+#
+# Gentoo Shorewall 4.5 rc file
+#
+BUILD= #Default is to detect the build system
+HOST=gentoo #Gentoo GNU Linux
+PREFIX=@GENTOO_PORTAGE_EPREFIX@/usr #Top-level directory for shared files, libraries, etc.
+SHAREDIR=${PREFIX}/share #Directory for arch-neutral files.
+LIBEXECDIR=${PREFIX}/share #Directory for executable scripts.
+PERLLIBDIR=${PREFIX}/share/shorewall #Directory to install Shorewall Perl module directory
+CONFDIR=@GENTOO_PORTAGE_EPREFIX@/etc #Directory where subsystem configurations are installed
+SBINDIR=@GENTOO_PORTAGE_EPREFIX@/sbin #Directory where system administration programs are installed
+MANDIR=${PREFIX}/share/man #Directory where manpages are installed.
+INITDIR=${CONFDIR}/init.d #Directory where SysV init scripts are installed.
+INITFILE=${PRODUCT} #Name of the product's installed SysV init script
+INITSOURCE=init.gentoo.sh #Name of the distributed file to be installed as the SysV init script
+ANNOTATED= #If non-zero, annotated configuration files are installed
+SYSTEMD=@GENTOO_PORTAGE_EPREFIX@/usr/lib/systemd/system #Directory where .service files are installed (systems running systemd only)
+SERVICEFILE=gentoo.service #Name of the distributed file to be installed as systemd service file
+SYSCONFFILE=default.gentoo #Name of the distributed file to be installed in $SYSCONFDIR
+SYSCONFDIR=${CONFDIR}/conf.d #Directory where SysV init parameter files are installed
+SPARSE= #If non-empty, only install $PRODUCT/$PRODUCT.conf in $CONFDIR
+VARLIB=@GENTOO_PORTAGE_EPREFIX@/var/lib #Directory where product variable data is stored.
+VARDIR=${VARLIB}/${PRODUCT} #Directory where product variable data is stored.
diff -rupN original/net-firewall/shorewall6-lite/metadata.xml new/net-firewall/shorewall6-lite/metadata.xml
--- original/net-firewall/shorewall6-lite/metadata.xml 1970-01-01 01:00:00.000000000 +0100
+++ new/net-firewall/shorewall6-lite/metadata.xml 2013-11-14 19:31:48.000000000 +0100
@@ -0,0 +1,10 @@
+
+
+
+ netmon
+ proxy-maintainers
+
+ whissi@whissi.de
+ Thomas D. (Whissi)
+
+
diff -rupN original/net-firewall/shorewall6-lite/shorewall6-lite-4.5.21.7.ebuild new/net-firewall/shorewall6-lite/shorewall6-lite-4.5.21.7.ebuild
--- original/net-firewall/shorewall6-lite/shorewall6-lite-4.5.21.7.ebuild 1970-01-01 01:00:00.000000000 +0100
+++ new/net-firewall/shorewall6-lite/shorewall6-lite-4.5.21.7.ebuild 2014-03-09 14:48:21.196090292 +0100
@@ -0,0 +1,109 @@
+# Copyright 1999-2013 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: $
+
+EAPI="5"
+
+inherit eutils linux-info prefix systemd versionator
+
+MY_URL_PREFIX=
+case ${P} in
+ *_beta* | \
+ *_rc*)
+ MY_URL_PREFIX='development/'
+ ;;
+esac
+
+MY_PV=${PV/_rc/-RC}
+MY_PV=${MY_PV/_beta/-Beta}
+MY_P=${PN}-${MY_PV}
+MY_P_DOCS=shorewall-docs-html-${MY_PV}
+
+MY_MAJOR_RELEASE_NUMBER=$(get_version_component_range 1-2)
+MY_MAJORMINOR_RELEASE_NUMBER=$(get_version_component_range 1-3)
+
+DESCRIPTION="An iptables-based firewall whose config is handled by a normal Shorewall6."
+HOMEPAGE="http://www.shorewall.net/"
+SRC_URI="
+ http://www1.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}/${MY_P}.tar.bz2
+ doc? ( http://www1.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}/${MY_P_DOCS}.tar.bz2 )
+"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~hppa ~ppc ~ppc64 ~sparc ~x86"
+IUSE="doc"
+
+DEPEND="=net-firewall/shorewall-core-${PVR}"
+RDEPEND="
+ ${DEPEND}
+ >=net-firewall/iptables-1.4.20[ipv6]
+ >=sys-apps/iproute2-3.8.0[-minimal]
+ >=dev-perl/Socket6-0.230.0
+"
+
+S=${WORKDIR}/${MY_P}
+
+pkg_pretend() {
+ local CONFIG_CHECK="~NF_CONNTRACK ~NF_CONNTRACK_IPV6"
+
+ local ERROR_CONNTRACK="${PN} requires NF_CONNTRACK support."
+
+ local ERROR_CONNTRACK_IPV6="${PN} requires NF_CONNTRACK_IPV6 support."
+
+ check_extra_config
+}
+
+src_prepare() {
+ epatch "${FILESDIR}"/${PVR}/10-releasenotes.patch
+
+ cp "${FILESDIR}"/${PVR}/shorewallrc "${S}"/shorewallrc.gentoo || die "Copying shorewallrc failed"
+ eprefixify "${S}"/shorewallrc.gentoo
+
+ cp "${FILESDIR}"/${PVR}/${PN}.confd "${S}"/default.gentoo || die "Copying ${PN}.confd failed"
+ cp "${FILESDIR}"/${PVR}/${PN}.initd "${S}"/init.gentoo.sh || die "Copying ${PN}.initd failed"
+ cp "${FILESDIR}"/${PVR}/${PN}.systemd "${S}"/gentoo.service || die "Copying ${PN}.systemd failed"
+
+ epatch_user
+}
+
+src_configure() {
+ :;
+}
+
+src_compile() {
+ :;
+}
+
+src_install() {
+ keepdir /var/lib/${PN}
+
+ DESTDIR="${D}" ./install.sh shorewallrc.gentoo || die "install.sh failed"
+
+ dodoc changelog.txt releasenotes.txt
+ if use doc; then
+ cd "${WORKDIR}/${MY_P_DOCS}"
+ dohtml -r *
+ fi
+}
+
+pkg_postinst() {
+ if [[ -z "${REPLACING_VERSIONS}" ]]; then
+ # This is a new installation
+ elog "Before you can use ${PN}, you need to provide a configuration, which you can"
+ elog "create using ${CATEGORY}/shorewall6 (the full version, including the compiler)."
+ elog ""
+ elog "To activate ${PN} on system start, please add ${PN} to your default runlevel:"
+ elog ""
+ elog " # rc-update add ${PN} default"
+ fi
+
+ if ! has_version ${CATEGORY}/shorewall-init; then
+ elog ""
+ elog "Starting with shorewall6-lite-4.5.21.2, Gentoo also offers ${CATEGORY}/shorewall-init,"
+ elog "which we recommend to install, to protect your firewall at system boot."
+ elog ""
+ elog "To read more about shorewall-init, please visit"
+ elog " http://www.shorewall.net/Shorewall-init.html"
+ fi
+}
diff -rupN original/net-firewall/shorewall-core/files/4.5.21.7/10-releasenotes.patch new/net-firewall/shorewall-core/files/4.5.21.7/10-releasenotes.patch
--- original/net-firewall/shorewall-core/files/4.5.21.7/10-releasenotes.patch 1970-01-01 01:00:00.000000000 +0100
+++ new/net-firewall/shorewall-core/files/4.5.21.7/10-releasenotes.patch 2014-03-09 14:52:29.128918103 +0100
@@ -0,0 +1,13 @@
+This patch will update the version number in the release notes.
+
+See http://thread.gmane.org/gmane.comp.security.shorewall/30808
+
+--- shorewall-core-4.5.21.7.old/releasenotes.txt 2014-03-08 16:35:39.000000000 +0100
++++ shorewall-core-4.5.21.7/releasenotes.txt 2014-03-09 14:38:19.503337459 +0100
+@@ -1,5 +1,5 @@
+ ----------------------------------------------------------------------------
+- S H O R E W A L L 4 . 5 . 2 1 . 6
++ S H O R E W A L L 4 . 5 . 2 1 . 7
+ ------------------------------------
+ M a r c h 0 8 , 2 0 1 4
+ ----------------------------------------------------------------------------
diff -rupN original/net-firewall/shorewall-core/files/4.5.21.7/shorewallrc new/net-firewall/shorewall-core/files/4.5.21.7/shorewallrc
--- original/net-firewall/shorewall-core/files/4.5.21.7/shorewallrc 1970-01-01 01:00:00.000000000 +0100
+++ new/net-firewall/shorewall-core/files/4.5.21.7/shorewallrc 2013-11-14 19:31:48.000000000 +0100
@@ -0,0 +1,23 @@
+#
+# Gentoo Shorewall 4.5 rc file
+#
+BUILD= #Default is to detect the build system
+HOST=gentoo #Gentoo GNU Linux
+PREFIX=@GENTOO_PORTAGE_EPREFIX@/usr #Top-level directory for shared files, libraries, etc.
+SHAREDIR=${PREFIX}/share #Directory for arch-neutral files.
+LIBEXECDIR=${PREFIX}/share #Directory for executable scripts.
+PERLLIBDIR=${PREFIX}/share/shorewall #Directory to install Shorewall Perl module directory
+CONFDIR=@GENTOO_PORTAGE_EPREFIX@/etc #Directory where subsystem configurations are installed
+SBINDIR=@GENTOO_PORTAGE_EPREFIX@/sbin #Directory where system administration programs are installed
+MANDIR=${PREFIX}/share/man #Directory where manpages are installed.
+INITDIR=${CONFDIR}/init.d #Directory where SysV init scripts are installed.
+INITFILE=${PRODUCT} #Name of the product's installed SysV init script
+INITSOURCE=init.gentoo.sh #Name of the distributed file to be installed as the SysV init script
+ANNOTATED= #If non-zero, annotated configuration files are installed
+SYSTEMD=@GENTOO_PORTAGE_EPREFIX@/usr/lib/systemd/system #Directory where .service files are installed (systems running systemd only)
+SERVICEFILE=gentoo.service #Name of the distributed file to be installed as systemd service file
+SYSCONFFILE=default.gentoo #Name of the distributed file to be installed in $SYSCONFDIR
+SYSCONFDIR=${CONFDIR}/conf.d #Directory where SysV init parameter files are installed
+SPARSE= #If non-empty, only install $PRODUCT/$PRODUCT.conf in $CONFDIR
+VARLIB=@GENTOO_PORTAGE_EPREFIX@/var/lib #Directory where product variable data is stored.
+VARDIR=${VARLIB}/${PRODUCT} #Directory where product variable data is stored.
diff -rupN original/net-firewall/shorewall-core/metadata.xml new/net-firewall/shorewall-core/metadata.xml
--- original/net-firewall/shorewall-core/metadata.xml 1970-01-01 01:00:00.000000000 +0100
+++ new/net-firewall/shorewall-core/metadata.xml 2013-11-14 19:31:48.000000000 +0100
@@ -0,0 +1,10 @@
+
+
+
+ netmon
+ proxy-maintainers
+
+ whissi@whissi.de
+ Thomas D. (Whissi)
+
+
diff -rupN original/net-firewall/shorewall-core/shorewall-core-4.5.21.7.ebuild new/net-firewall/shorewall-core/shorewall-core-4.5.21.7.ebuild
--- original/net-firewall/shorewall-core/shorewall-core-4.5.21.7.ebuild 1970-01-01 01:00:00.000000000 +0100
+++ new/net-firewall/shorewall-core/shorewall-core-4.5.21.7.ebuild 2014-03-09 14:52:47.224977227 +0100
@@ -0,0 +1,76 @@
+# Copyright 1999-2013 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: $
+
+EAPI="5"
+
+inherit eutils prefix versionator
+
+MY_URL_PREFIX=
+case ${P} in
+ *_beta* | \
+ *_rc*)
+ MY_URL_PREFIX='development/'
+ ;;
+esac
+
+MY_PV=${PV/_rc/-RC}
+MY_PV=${MY_PV/_beta/-Beta}
+MY_P=${PN}-${MY_PV}
+
+MY_MAJOR_RELEASE_NUMBER=$(get_version_component_range 1-2)
+MY_MAJORMINOR_RELEASE_NUMBER=$(get_version_component_range 1-3)
+
+DESCRIPTION="Core libraries of shorewall / shorewall(6)-lite"
+HOMEPAGE="http://www.shorewall.net/"
+SRC_URI="http://www1.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}/${MY_P}.tar.bz2"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~hppa ~ppc ~ppc64 ~sparc ~x86"
+IUSE="selinux"
+
+DEPEND="
+ >=dev-lang/perl-5.10
+ virtual/perl-Digest-SHA
+ !=sec-policy/selinux-shorewall-2.20130424-r2 )
+"
+RDEPEND="
+ ${DEPEND}
+ >=net-firewall/iptables-1.4.20
+ >=sys-apps/iproute2-3.8.0[-minimal]
+ >=sys-devel/bc-1.06.95
+ >=sys-apps/coreutils-8.20
+"
+
+DOCS=( changelog.txt releasenotes.txt )
+
+S=${WORKDIR}/${PN}-${MY_PV}
+
+src_prepare() {
+ epatch "${FILESDIR}"/${PVR}/10-releasenotes.patch
+
+ cp "${FILESDIR}"/${PVR}/shorewallrc "${S}"/shorewallrc.gentoo || die "Copying shorewallrc failed"
+ eprefixify "${S}"/shorewallrc.gentoo
+
+ epatch_user
+}
+
+src_configure() {
+ :;
+}
+
+src_install() {
+ DESTDIR="${D}" ./install.sh shorewallrc.gentoo || die "install.sh failed"
+ default
+}
+
+pkg_postinst() {
+ if ! has_version sys-apps/net-tools; then
+ elog "It is recommended to install sys-apps/net-tools which will provide the"
+ elog "the 'arp' utility which will give you a better 'shorewall-lite dump' output:"
+ elog ""
+ elog " # emerge sys-apps/net-tools"
+ fi
+}
diff -rupN original/net-firewall/shorewall-init/files/4.5.21.7/01_Remove-ipset-functionality.patch new/net-firewall/shorewall-init/files/4.5.21.7/01_Remove-ipset-functionality.patch
--- original/net-firewall/shorewall-init/files/4.5.21.7/01_Remove-ipset-functionality.patch 1970-01-01 01:00:00.000000000 +0100
+++ new/net-firewall/shorewall-init/files/4.5.21.7/01_Remove-ipset-functionality.patch 2013-11-14 19:31:48.000000000 +0100
@@ -0,0 +1,27 @@
+--- shorewall-init.old 2013-09-08 23:25:36.364924304 +0200
++++ shorewall-init 2013-09-08 23:29:27.418736392 +0200
+@@ -79,10 +79,6 @@
+ fi
+ done
+
+- if [ -n "$SAVE_IPSETS" -a -f "$SAVE_IPSETS" ]; then
+- ipset -R < "$SAVE_IPSETS"
+- fi
+-
+ return 0
+ }
+
+@@ -100,13 +96,6 @@
+ fi
+ done
+
+- if [ -n "$SAVE_IPSETS" ]; then
+- mkdir -p $(dirname "$SAVE_IPSETS")
+- if ipset -S > "${SAVE_IPSETS}.tmp"; then
+- grep -qE -- '^(-N|create )' "${SAVE_IPSETS}.tmp" && mv -f "${SAVE_IPSETS}.tmp" "$SAVE_IPSETS"
+- fi
+- fi
+-
+ return 0
+ }
+
diff -rupN original/net-firewall/shorewall-init/files/4.5.21.7/10-releasenotes.patch new/net-firewall/shorewall-init/files/4.5.21.7/10-releasenotes.patch
--- original/net-firewall/shorewall-init/files/4.5.21.7/10-releasenotes.patch 1970-01-01 01:00:00.000000000 +0100
+++ new/net-firewall/shorewall-init/files/4.5.21.7/10-releasenotes.patch 2014-03-09 14:53:59.661210348 +0100
@@ -0,0 +1,13 @@
+This patch will update the version number in the release notes.
+
+See http://thread.gmane.org/gmane.comp.security.shorewall/30808
+
+--- shorewall-init-4.5.21.7.old/releasenotes.txt 2014-03-08 16:35:39.000000000 +0100
++++ shorewall-init-4.5.21.7/releasenotes.txt 2014-03-09 14:38:19.503337459 +0100
+@@ -1,5 +1,5 @@
+ ----------------------------------------------------------------------------
+- S H O R E W A L L 4 . 5 . 2 1 . 6
++ S H O R E W A L L 4 . 5 . 2 1 . 7
+ ------------------------------------
+ M a r c h 0 8 , 2 0 1 4
+ ----------------------------------------------------------------------------
diff -rupN original/net-firewall/shorewall-init/files/4.5.21.7/README.Gentoo.txt new/net-firewall/shorewall-init/files/4.5.21.7/README.Gentoo.txt
--- original/net-firewall/shorewall-init/files/4.5.21.7/README.Gentoo.txt 1970-01-01 01:00:00.000000000 +0100
+++ new/net-firewall/shorewall-init/files/4.5.21.7/README.Gentoo.txt 2013-11-14 19:31:48.000000000 +0100
@@ -0,0 +1,30 @@
+shorewall-init from upstream offers two features (taken from [1]):
+
+ 1. It can 'close' the firewall before the network interfaces are
+ brought up during boot.
+
+ 2. It can change the firewall state as the result of interfaces
+ being brought up or taken down.
+
+On Gentoo we only support the first feature -- the firewall lockdown during
+boot.
+
+We do not support the second feature, because Gentoo doesn't support a
+if-{up,down}.d folder like other distributions do. If you would want to use
+such a feature, you would have to add a custom action to /etc/conf.d/net
+(please refer to the Gentoo Linux Handbook [2] for more information).
+If you are able to add your custom {pre,post}{up,down} action, your are
+also able to specify what shorewall{6,-lite,6-lite} should do, so there is
+no need for upstream's scripts in Gentoo.
+
+If you disagree with us, feel free to open a bug [3] and contribute your
+solution for Gentoo.
+
+Upstream's original init script also supports saving and restoring of
+ipsets. Please use the init script from net-firewall/ipset if you need
+such a feature.
+
+
+[1] http://www.shorewall.net/Shorewall-init.html
+[2] http://www.gentoo.org/doc/en/handbook/handbook-x86.xml?part=4&chap=5
+[3] https://bugs.gentoo.org
diff -rupN original/net-firewall/shorewall-init/files/4.5.21.7/shorewall-init.confd new/net-firewall/shorewall-init/files/4.5.21.7/shorewall-init.confd
--- original/net-firewall/shorewall-init/files/4.5.21.7/shorewall-init.confd 1970-01-01 01:00:00.000000000 +0100
+++ new/net-firewall/shorewall-init/files/4.5.21.7/shorewall-init.confd 2013-11-14 19:31:48.000000000 +0100
@@ -0,0 +1,9 @@
+# List the Shorewall products that Shorewall-init is to
+# initialize (space-separated list).
+#
+# Sample: PRODUCTS="shorewall shorewall6-lite"
+#
+PRODUCTS=""
+
+# Startup options - set verbosity to 0 (minimal reporting)
+OPTIONS="-V0"
diff -rupN original/net-firewall/shorewall-init/files/4.5.21.7/shorewall-init.initd new/net-firewall/shorewall-init/files/4.5.21.7/shorewall-init.initd
--- original/net-firewall/shorewall-init/files/4.5.21.7/shorewall-init.initd 1970-01-01 01:00:00.000000000 +0100
+++ new/net-firewall/shorewall-init/files/4.5.21.7/shorewall-init.initd 2013-11-14 19:31:48.000000000 +0100
@@ -0,0 +1,196 @@
+#!/sbin/runscript
+# Copyright 1999-2013 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: $
+
+SHOREWALLRC_FILE="@GENTOO_PORTAGE_EPREFIX@/usr/share/shorewall/shorewallrc"
+CONFIG_FILE="@GENTOO_PORTAGE_EPREFIX@/etc/conf.d/${SVCNAME}"
+
+description="Puts Shorewall in a safe state at boot time"
+description="${description} prior to bringing up the network."
+
+required_files="$SHOREWALLRC_FILE"
+
+depend() {
+ need localmount
+ before net
+ after bootmisc ipset tmpfiles.setup ulogd
+}
+
+
+. $SHOREWALLRC_FILE
+
+checkconfig() {
+ local PRODUCT=
+
+ if [ -z "${VARLIB}" ]; then
+ eerror "\"VARLIB\" isn't defined or empty! Please check" \
+ "\"${SHOREWALLRC_FILE}\"."
+
+
+ return 1
+ fi
+
+ if [ -z "${PRODUCTS}" ]; then
+ eerror "${SVCNAME} isn't configured! Please check" \
+ "\"${CONFIG_FILE}\"."
+
+
+ return 1
+ fi
+
+ for PRODUCT in ${PRODUCTS}; do
+ if [ ! -x ${SBINDIR}/${PRODUCT} ]; then
+ eerror "Invalid product \"${PRODUCT}\" specified" \
+ "in \"${CONFIG_FILE}\"!"
+ eerror "Maybe \"${PRODUCT}\" isn't installed?"
+
+
+ return 1
+ fi
+ done
+
+
+ return 0
+}
+
+check_firewall_script() {
+ if [ ! -x ${STATEDIR}/firewall ]; then
+ if [ ${PRODUCT} = shorewall -o ${PRODUCT} = shorewall6 ]; then
+ ebegin "Creating \"${STATEDIR}/firewall\""
+ ${SBINDIR}/${PRODUCT} compile 1>/dev/null
+ eend $?
+ else
+ eerror "\"${PRODUCT}\" isn't configured!"
+ eerror "Please go to your 'administrative system'" \
+ "and deploy the compiled firewall" \
+ "configuration for this system."
+
+
+ return 1
+ fi
+ fi
+
+
+ return 0
+}
+
+is_allowed_to_be_executed() {
+ # This is not a real service. shorewall-init is an intermediate
+ # script to put your Shorewall-based firewall into a safe state
+ # at boot time prior to bringing up the network.
+ # Please read /usr/share/doc/shorewall-init-*/README.gentoo.gz
+ # for more information.
+ # When your system is up, there is no need to call shorewall-init.
+ # Please call shorewall{,6,-lite,6-lite} directly. That's the
+ # reason why we are preventing start, stop or restart here.
+
+ local PRODUCT=
+
+ if [ "${RC_RUNLEVEL}" != "boot" -a "${RC_CMD}" = "start" ]; then
+ # Starting shorewall-init is only allowed at boot time
+ eerror "This is a boot service, which can only be started" \
+ "at boot."
+ eerror "If you want to get your shorewall-based firewall" \
+ "into the same safe boot state again, run"
+ eerror ""
+ eindent
+ for PRODUCT in ${PRODUCTS}; do
+ eerror "/etc/init.d/${PRODUCT} stop"
+ done
+ eoutdent
+ eerror ""
+ eerror "Yes, \"stop\" and not start."
+ eerror ""
+ return 1
+ fi
+
+ if [ "${RC_RUNLEVEL}" != "shutdown" -a "${RC_CMD}" = "stop" ]; then
+ # Stopping shorewall-init is only allowed at shutdown
+ eerror "This is a boot service, which cannot be stopped."
+ eerror "If you really want to stop your Shorewall-based" \
+ "firewall the same way this service would stop" \
+ "Shorewall at shutdown, please run"
+ eerror ""
+ eindent
+ for PRODUCT in ${PRODUCTS}; do
+ eerror "/etc/init.d/${PRODUCT} clear"
+ done
+ eoutdent
+ eerror ""
+ eerror "Keep in mind that this will clear (=bring down)" \
+ "your firewall!"
+ eerror ""
+ return 1
+ fi
+
+ if [ "${RC_CMD}" = "restart" ]; then
+ eerror "This is a boot service, which cannot be restarted."
+ eerror "If you want to restart any of your Shorewall-based" \
+ "firewalls, run"
+ eerror ""
+ eindent
+ for PRODUCT in ${PRODUCTS}; do
+ eerror "/etc/init.d/${PRODUCT} restart"
+ done
+ eoutdent
+ eerror ""
+ return 1
+ fi
+
+
+ return 0
+}
+
+set_statedir() {
+ STATEDIR=
+ local VARDIR=
+
+ if [ -f ${CONFDIR}/${PRODUCT}/vardir ]; then
+ STATEDIR=$( . ${CONFDIR}/${PRODUCT}/vardir && echo ${VARDIR} )
+ fi
+
+ [ ! -n "${STATEDIR}" ] && STATEDIR=${VARLIB}/${PRODUCT}
+}
+
+start_pre() {
+ checkconfig || return 1
+
+ is_allowed_to_be_executed || return 1
+}
+
+start() {
+ local PRODUCT=
+ local STATEDIR=
+
+ for PRODUCT in ${PRODUCTS}; do
+ set_statedir
+
+ check_firewall_script || return 1
+
+ ebegin "Initializing \"${PRODUCT}\""
+ ${STATEDIR}/firewall stop 1>/dev/null
+ eend $?
+ done
+}
+
+stop_pre() {
+ checkconfig || return 1
+
+ is_allowed_to_be_executed || return 1
+}
+
+stop() {
+ local PRODUCT=
+ local STATEDIR=
+
+ for PRODUCT in ${PRODUCTS}; do
+ set_statedir
+
+ check_firewall_script || return 1
+
+ ebegin "Clearing \"${PRODUCT}\""
+ ${STATEDIR}/firewall clear 1>/dev/null
+ eend $?
+ done
+}
diff -rupN original/net-firewall/shorewall-init/files/4.5.21.7/shorewall-init.systemd new/net-firewall/shorewall-init/files/4.5.21.7/shorewall-init.systemd
--- original/net-firewall/shorewall-init/files/4.5.21.7/shorewall-init.systemd 1970-01-01 01:00:00.000000000 +0100
+++ new/net-firewall/shorewall-init/files/4.5.21.7/shorewall-init.systemd 2013-11-14 19:31:48.000000000 +0100
@@ -0,0 +1,16 @@
+#
+# The Shoreline Firewall (Shorewall) Packet Filtering Firewall - V4.5
+#
+[Unit]
+Description=shorewall-init
+Documentation=http://www.shorewall.net/Shorewall-init.html
+Before=network.target
+
+[Service]
+Type=oneshot
+RemainAfterExit=yes
+ExecStart=/sbin/shorewall-init start
+ExecStop=/sbin/shorewall-init stop
+
+[Install]
+WantedBy=multi-user.target
diff -rupN original/net-firewall/shorewall-init/files/4.5.21.7/shorewallrc new/net-firewall/shorewall-init/files/4.5.21.7/shorewallrc
--- original/net-firewall/shorewall-init/files/4.5.21.7/shorewallrc 1970-01-01 01:00:00.000000000 +0100
+++ new/net-firewall/shorewall-init/files/4.5.21.7/shorewallrc 2013-11-14 19:31:48.000000000 +0100
@@ -0,0 +1,23 @@
+#
+# Gentoo Shorewall 4.5 rc file
+#
+BUILD= #Default is to detect the build system
+HOST=gentoo #Gentoo GNU Linux
+PREFIX=@GENTOO_PORTAGE_EPREFIX@/usr #Top-level directory for shared files, libraries, etc.
+SHAREDIR=${PREFIX}/share #Directory for arch-neutral files.
+LIBEXECDIR=${PREFIX}/share #Directory for executable scripts.
+PERLLIBDIR=${PREFIX}/share/shorewall #Directory to install Shorewall Perl module directory
+CONFDIR=@GENTOO_PORTAGE_EPREFIX@/etc #Directory where subsystem configurations are installed
+SBINDIR=@GENTOO_PORTAGE_EPREFIX@/sbin #Directory where system administration programs are installed
+MANDIR=${PREFIX}/share/man #Directory where manpages are installed.
+INITDIR=${CONFDIR}/init.d #Directory where SysV init scripts are installed.
+INITFILE=${PRODUCT} #Name of the product's installed SysV init script
+INITSOURCE=init.gentoo.sh #Name of the distributed file to be installed as the SysV init script
+ANNOTATED= #If non-zero, annotated configuration files are installed
+SYSTEMD=@GENTOO_PORTAGE_EPREFIX@/usr/lib/systemd/system #Directory where .service files are installed (systems running systemd only)
+SERVICEFILE=gentoo.service #Name of the distributed file to be installed as systemd service file
+SYSCONFFILE=default.gentoo #Name of the distributed file to be installed in $SYSCONFDIR
+SYSCONFDIR=${CONFDIR}/conf.d #Directory where SysV init parameter files are installed
+SPARSE= #If non-empty, only install $PRODUCT/$PRODUCT.conf in $CONFDIR
+VARLIB=@GENTOO_PORTAGE_EPREFIX@/var/lib #Directory where product variable data is stored.
+VARDIR=${VARLIB}/${PRODUCT} #Directory where product variable data is stored.
diff -rupN original/net-firewall/shorewall-init/metadata.xml new/net-firewall/shorewall-init/metadata.xml
--- original/net-firewall/shorewall-init/metadata.xml 1970-01-01 01:00:00.000000000 +0100
+++ new/net-firewall/shorewall-init/metadata.xml 2013-11-14 19:31:48.000000000 +0100
@@ -0,0 +1,10 @@
+
+
+
+ netmon
+ proxy-maintainers
+
+ whissi@whissi.de
+ Thomas D. (Whissi)
+
+
diff -rupN original/net-firewall/shorewall-init/shorewall-init-4.5.21.7.ebuild new/net-firewall/shorewall-init/shorewall-init-4.5.21.7.ebuild
--- original/net-firewall/shorewall-init/shorewall-init-4.5.21.7.ebuild 1970-01-01 01:00:00.000000000 +0100
+++ new/net-firewall/shorewall-init/shorewall-init-4.5.21.7.ebuild 2014-03-09 14:56:59.816776754 +0100
@@ -0,0 +1,105 @@
+# Copyright 1999-2013 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: $
+
+EAPI="5"
+
+inherit eutils versionator prefix
+
+MY_URL_PREFIX=
+case ${P} in
+ *_beta* | \
+ *_rc*)
+ MY_URL_PREFIX='development/'
+ ;;
+esac
+
+MY_PV=${PV/_rc/-RC}
+MY_PV=${MY_PV/_beta/-Beta}
+MY_P=${PN}-${MY_PV}
+
+MY_MAJOR_RELEASE_NUMBER=$(get_version_component_range 1-2)
+MY_MAJORMINOR_RELEASE_NUMBER=$(get_version_component_range 1-3)
+
+DESCRIPTION="Component to secure a Shorewall-protected system at boot time prior to bringing up the network."
+HOMEPAGE="http://www.shorewall.net/"
+SRC_URI="http://www1.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}/${MY_P}.tar.bz2"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~hppa ~ppc ~ppc64 ~sparc ~x86"
+IUSE=""
+
+DEPEND=">=sys-apps/coreutils-8.20"
+RDEPEND="
+ ${DEPEND}
+ || ( =net-firewall/shorewall-${PVR} =net-firewall/shorewall6-${PVR} =net-firewall/shorewall-lite-${PVR} =net-firewall/shorewall6-lite-${PVR} )
+"
+
+S=${WORKDIR}/${MY_P}
+
+src_prepare() {
+ cp "${FILESDIR}"/${PVR}/shorewallrc "${S}"/shorewallrc.gentoo || die "Copying shorewallrc failed"
+ eprefixify "${S}"/shorewallrc.gentoo
+
+ cp "${FILESDIR}"/${PVR}/${PN}.confd "${S}"/default.gentoo || die "Copying ${PN}.confd failed"
+
+ cp "${FILESDIR}"/${PVR}/${PN}.initd "${S}"/init.gentoo.sh || die "Copying ${PN}.initd failed"
+ eprefixify "${S}"/init.gentoo.sh
+
+ cp "${FILESDIR}"/${PVR}/${PN}.systemd "${S}"/gentoo.service || die "Copying ${PN}.systemd failed"
+
+ epatch "${FILESDIR}"/${PVR}/01_Remove-ipset-functionality.patch
+ epatch "${FILESDIR}"/${PVR}/10-releasenotes.patch
+ epatch_user
+}
+
+src_configure() {
+ :;
+}
+
+src_compile() {
+ :;
+}
+
+src_install() {
+ DESTDIR="${D}" ./install.sh shorewallrc.gentoo || die "install.sh failed"
+
+ if [ -d "${D}/etc/logrotate.d" ]; then
+ # On Gentoo, shorewall-init will not create shorewall-ifupdown.log,
+ # so we don't need a logrotate folder at all
+ rm -rf "${D}"/etc/logrotate.d
+ fi
+
+ if [ -d "${D}/etc/NetworkManager" ]; then
+ # On Gentoo, we don't support NetworkManager
+ # so we don't need these folder at all
+ rm -rf "${D}"/etc/NetworkManager
+ fi
+
+ if [ -f "${D}/usr/share/shorewall-init/ifupdown" ]; then
+ # This script won't work on Gentoo
+ rm -rf "${D}"/usr/share/shorewall-init/ifupdown
+ fi
+
+ dodoc changelog.txt releasenotes.txt "${FILESDIR}"/${PVR}/README.Gentoo.txt
+}
+
+pkg_postinst() {
+ if [[ -z "${REPLACING_VERSIONS}" ]]; then
+ # This is a new installation
+ elog "Before you can use ${PN}, you need to edit its configuration in:"
+ elog ""
+ elog " ${EPREFIX}/etc/conf.d/${PN}"
+ elog ""
+ elog "To use ${PN}, please add ${PN} to your boot runlevel:"
+ elog ""
+ elog " # rc-update add ${PN} boot"
+ elog ""
+ ewarn "Notice:"
+ ewarn "${PN} is more like a start script than a service."
+ ewarn "Therefore you cannot start or stop ${PN} at default runlevel."
+ ewarn ""
+ ewarn "For more information read ${EPREFIX}/usr/share/doc/${PF}/README.Gentoo.txt.bz2"
+ fi
+}
diff -rupN original/net-firewall/shorewall-lite/files/4.5.21.7/10-releasenotes.patch new/net-firewall/shorewall-lite/files/4.5.21.7/10-releasenotes.patch
--- original/net-firewall/shorewall-lite/files/4.5.21.7/10-releasenotes.patch 1970-01-01 01:00:00.000000000 +0100
+++ new/net-firewall/shorewall-lite/files/4.5.21.7/10-releasenotes.patch 2014-03-09 14:50:28.053515856 +0100
@@ -0,0 +1,13 @@
+This patch will update the version number in the release notes.
+
+See http://thread.gmane.org/gmane.comp.security.shorewall/30808
+
+--- shorewall-lite-4.5.21.7.old/releasenotes.txt 2014-03-08 16:35:39.000000000 +0100
++++ shorewall-lite-4.5.21.7/releasenotes.txt 2014-03-09 14:38:19.503337459 +0100
+@@ -1,5 +1,5 @@
+ ----------------------------------------------------------------------------
+- S H O R E W A L L 4 . 5 . 2 1 . 6
++ S H O R E W A L L 4 . 5 . 2 1 . 7
+ ------------------------------------
+ M a r c h 0 8 , 2 0 1 4
+ ----------------------------------------------------------------------------
diff -rupN original/net-firewall/shorewall-lite/files/4.5.21.7/shorewall-lite.confd new/net-firewall/shorewall-lite/files/4.5.21.7/shorewall-lite.confd
--- original/net-firewall/shorewall-lite/files/4.5.21.7/shorewall-lite.confd 1970-01-01 01:00:00.000000000 +0100
+++ new/net-firewall/shorewall-lite/files/4.5.21.7/shorewall-lite.confd 2013-11-14 19:31:48.000000000 +0100
@@ -0,0 +1,15 @@
+# Global start/restart/stop options
+#
+OPTIONS=""
+
+# Start options
+#
+STARTOPTIONS=""
+
+# Stop options
+#
+STOPOPTIONS=""
+
+# Restart options
+#
+RESTARTOPTIONS=""
diff -rupN original/net-firewall/shorewall-lite/files/4.5.21.7/shorewall-lite.initd new/net-firewall/shorewall-lite/files/4.5.21.7/shorewall-lite.initd
--- original/net-firewall/shorewall-lite/files/4.5.21.7/shorewall-lite.initd 1970-01-01 01:00:00.000000000 +0100
+++ new/net-firewall/shorewall-lite/files/4.5.21.7/shorewall-lite.initd 2013-11-14 19:31:48.000000000 +0100
@@ -0,0 +1,82 @@
+#!/sbin/runscript
+# Copyright 1999-2013 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: $
+
+description='The Shoreline Firewall Lite, more commonly known as "Shorewall Lite", is'
+description="${description} a high-level tool for configuring Netfilter."
+
+extra_commands="clear"
+extra_started_commands="reset"
+
+description_clear="Clear will remove all rules and chains installed by"
+description_clear="${description_clear} Shorewall Lite. The firewall is"
+description_clear="${description_clear} then wide open and unprotected."
+
+description_reset="All the packet and byte counters in the firewall are reset."
+
+depend() {
+ need net
+ provide firewall
+ after ulogd
+}
+
+status() {
+ local _retval
+ /sbin/shorewall-lite status 1>/dev/null
+ _retval=$?
+ if [ ${_retval} = '0' ]; then
+ einfo 'status: started'
+ mark_service_started "${SVCNAME}"
+ return 0
+ else
+ einfo 'status: stopped'
+ mark_service_stopped "${SVCNAME}"
+ return 3
+ fi
+}
+
+start() {
+ ebegin "Starting shorewall-lite"
+ /sbin/shorewall-lite ${OPTIONS} start ${STARTOPTIONS} 1>/dev/null
+ eend $?
+}
+
+stop() {
+ ebegin "Stopping shorewall-lite"
+ /sbin/shorewall-lite ${OPTIONS} stop ${STOPOPTIONS} 1>/dev/null
+ eend $?
+}
+
+restart() {
+ # shorewall comes with its own control script that includes a
+ # restart function, so refrain from calling svc_stop/svc_start
+ # here. Note that this comment is required to fix bug 55576;
+ # runscript.sh greps this script... (09 Jul 2004 agriffis)
+
+ ebegin "Restarting shorewall-lite"
+ /sbin/shorewall-lite status 1>/dev/null
+ if [ $? != 0 ] ; then
+ svc_start
+ else
+ /sbin/shorewall-lite ${OPTIONS} restart ${RESTARTOPTIONS} 1>/dev/null
+ fi
+ eend $?
+}
+
+clear() {
+ # clear will remove all the rules and bring the system to an unfirewalled
+ # state. (21 Nov 2004 eldad)
+
+ ebegin "Clearing all shorewall-lite rules and setting policy to ACCEPT"
+ /sbin/shorewall-lite ${OPTIONS} clear 1>/dev/null
+ eend $?
+}
+
+reset() {
+ # reset the packet and byte counters in the firewall
+
+ ebegin "Resetting the packet and byte counters in shorewall-lite"
+ /sbin/shorewall-lite ${OPTIONS} reset 1>/dev/null
+ eend $?
+}
diff -rupN original/net-firewall/shorewall-lite/files/4.5.21.7/shorewall-lite.systemd new/net-firewall/shorewall-lite/files/4.5.21.7/shorewall-lite.systemd
--- original/net-firewall/shorewall-lite/files/4.5.21.7/shorewall-lite.systemd 1970-01-01 01:00:00.000000000 +0100
+++ new/net-firewall/shorewall-lite/files/4.5.21.7/shorewall-lite.systemd 2013-11-14 19:31:48.000000000 +0100
@@ -0,0 +1,17 @@
+#
+# The Shoreline Firewall Lite (Shorewall-Lite) Packet Filtering Firewall - V4.5
+#
+[Unit]
+Description=Shorewall IPv4 firewall lite
+Documentation=man:shorewall-lite(8) http://www.shorewall.net/Documentation_Index.html
+After=network.target
+
+[Service]
+Type=oneshot
+RemainAfterExit=yes
+EnvironmentFile=/etc/conf.d/shorewall-lite
+ExecStart=/sbin/shorewall-lite $OPTIONS start $STARTOPTIONS
+ExecStop=/sbin/shorewall-lite $OPTIONS stop $STOPOPTIONS
+
+[Install]
+WantedBy=multi-user.target
diff -rupN original/net-firewall/shorewall-lite/files/4.5.21.7/shorewallrc new/net-firewall/shorewall-lite/files/4.5.21.7/shorewallrc
--- original/net-firewall/shorewall-lite/files/4.5.21.7/shorewallrc 1970-01-01 01:00:00.000000000 +0100
+++ new/net-firewall/shorewall-lite/files/4.5.21.7/shorewallrc 2013-11-14 19:31:48.000000000 +0100
@@ -0,0 +1,23 @@
+#
+# Gentoo Shorewall 4.5 rc file
+#
+BUILD= #Default is to detect the build system
+HOST=gentoo #Gentoo GNU Linux
+PREFIX=@GENTOO_PORTAGE_EPREFIX@/usr #Top-level directory for shared files, libraries, etc.
+SHAREDIR=${PREFIX}/share #Directory for arch-neutral files.
+LIBEXECDIR=${PREFIX}/share #Directory for executable scripts.
+PERLLIBDIR=${PREFIX}/share/shorewall #Directory to install Shorewall Perl module directory
+CONFDIR=@GENTOO_PORTAGE_EPREFIX@/etc #Directory where subsystem configurations are installed
+SBINDIR=@GENTOO_PORTAGE_EPREFIX@/sbin #Directory where system administration programs are installed
+MANDIR=${PREFIX}/share/man #Directory where manpages are installed.
+INITDIR=${CONFDIR}/init.d #Directory where SysV init scripts are installed.
+INITFILE=${PRODUCT} #Name of the product's installed SysV init script
+INITSOURCE=init.gentoo.sh #Name of the distributed file to be installed as the SysV init script
+ANNOTATED= #If non-zero, annotated configuration files are installed
+SYSTEMD=@GENTOO_PORTAGE_EPREFIX@/usr/lib/systemd/system #Directory where .service files are installed (systems running systemd only)
+SERVICEFILE=gentoo.service #Name of the distributed file to be installed as systemd service file
+SYSCONFFILE=default.gentoo #Name of the distributed file to be installed in $SYSCONFDIR
+SYSCONFDIR=${CONFDIR}/conf.d #Directory where SysV init parameter files are installed
+SPARSE= #If non-empty, only install $PRODUCT/$PRODUCT.conf in $CONFDIR
+VARLIB=@GENTOO_PORTAGE_EPREFIX@/var/lib #Directory where product variable data is stored.
+VARDIR=${VARLIB}/${PRODUCT} #Directory where product variable data is stored.
diff -rupN original/net-firewall/shorewall-lite/metadata.xml new/net-firewall/shorewall-lite/metadata.xml
--- original/net-firewall/shorewall-lite/metadata.xml 1970-01-01 01:00:00.000000000 +0100
+++ new/net-firewall/shorewall-lite/metadata.xml 2013-11-14 19:31:48.000000000 +0100
@@ -0,0 +1,10 @@
+
+
+
+ netmon
+ proxy-maintainers
+
+ whissi@whissi.de
+ Thomas D. (Whissi)
+
+
diff -rupN original/net-firewall/shorewall-lite/shorewall-lite-4.5.21.7.ebuild new/net-firewall/shorewall-lite/shorewall-lite-4.5.21.7.ebuild
--- original/net-firewall/shorewall-lite/shorewall-lite-4.5.21.7.ebuild 1970-01-01 01:00:00.000000000 +0100
+++ new/net-firewall/shorewall-lite/shorewall-lite-4.5.21.7.ebuild 2014-03-09 14:50:59.783623313 +0100
@@ -0,0 +1,108 @@
+# Copyright 1999-2013 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: $
+
+EAPI="5"
+
+inherit eutils linux-info prefix systemd versionator
+
+MY_URL_PREFIX=
+case ${P} in
+ *_beta* | \
+ *_rc*)
+ MY_URL_PREFIX='development/'
+ ;;
+esac
+
+MY_PV=${PV/_rc/-RC}
+MY_PV=${MY_PV/_beta/-Beta}
+MY_P=${PN}-${MY_PV}
+MY_P_DOCS=shorewall-docs-html-${MY_PV}
+
+MY_MAJOR_RELEASE_NUMBER=$(get_version_component_range 1-2)
+MY_MAJORMINOR_RELEASE_NUMBER=$(get_version_component_range 1-3)
+
+DESCRIPTION="An iptables-based firewall whose config is handled by a normal Shorewall."
+HOMEPAGE="http://www.shorewall.net/"
+SRC_URI="
+ http://www1.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}/${MY_P}.tar.bz2
+ doc? ( http://www1.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}/${MY_P_DOCS}.tar.bz2 )
+"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~hppa ~ppc ~ppc64 ~sparc ~x86"
+IUSE="doc"
+
+DEPEND="=net-firewall/shorewall-core-${PVR}"
+RDEPEND="
+ ${DEPEND}
+ >=net-firewall/iptables-1.4.20
+ >=sys-apps/iproute2-3.8.0[-minimal]
+"
+
+S=${WORKDIR}/${MY_P}
+
+pkg_pretend() {
+ local CONFIG_CHECK="~NF_CONNTRACK ~NF_CONNTRACK_IPV4"
+
+ local ERROR_CONNTRACK="${PN} requires NF_CONNTRACK support."
+
+ local ERROR_CONNTRACK_IPV4="${PN} requires NF_CONNTRACK_IPV4 support."
+
+ check_extra_config
+}
+
+src_prepare() {
+ epatch "${FILESDIR}"/${PVR}/10-releasenotes.patch
+
+ cp "${FILESDIR}"/${PVR}/shorewallrc "${S}"/shorewallrc.gentoo || die "Copying shorewallrc failed"
+ eprefixify "${S}"/shorewallrc.gentoo
+
+ cp "${FILESDIR}"/${PVR}/${PN}.confd "${S}"/default.gentoo || die "Copying ${PN}.confd failed"
+ cp "${FILESDIR}"/${PVR}/${PN}.initd "${S}"/init.gentoo.sh || die "Copying ${PN}.initd failed"
+ cp "${FILESDIR}"/${PVR}/${PN}.systemd "${S}"/gentoo.service || die "Copying ${PN}.systemd failed"
+
+ epatch_user
+}
+
+src_configure() {
+ :;
+}
+
+src_compile() {
+ :;
+}
+
+src_install() {
+ keepdir /var/lib/${PN}
+
+ DESTDIR="${D}" ./install.sh shorewallrc.gentoo || die "install.sh failed"
+
+ dodoc changelog.txt releasenotes.txt
+ if use doc; then
+ cd "${WORKDIR}/${MY_P_DOCS}"
+ dohtml -r *
+ fi
+}
+
+pkg_postinst() {
+ if [[ -z "${REPLACING_VERSIONS}" ]]; then
+ # This is a new installation
+ elog "Before you can use ${PN}, you need to provide a configuration, which you can"
+ elog "create using ${CATEGORY}/shorewall (the full version, including the compiler)."
+ elog ""
+ elog "To activate ${PN} on system start, please add ${PN} to your default runlevel:"
+ elog ""
+ elog " # rc-update add ${PN} default"
+ fi
+
+ if ! has_version ${CATEGORY}/shorewall-init; then
+ elog ""
+ elog "Starting with shorewall-lite-4.5.21.2, Gentoo also offers ${CATEGORY}/shorewall-init,"
+ elog "which we recommend to install, to protect your firewall at system boot."
+ elog ""
+ elog "To read more about shorewall-init, please visit"
+ elog " http://www.shorewall.net/Shorewall-init.html"
+ fi
+}