[gentoo-commits] repo/gentoo:master commit in: net-firewall/shorewall/files/, net-firewall/shorewall/

[gentoo-commits] repo/gentoo:master commit in: net-firewall/shorewall/files/, net-firewall/shorewall/

[Ian Delaney]

commit:     fe00c3bc1b28a3d98881d8fe82e4206129fc8e3b
Author:     Ian Delaney <idella4 <AT> gentoo <DOT> org>
AuthorDate: Sun Oct 18 02:43:46 2015 +0000
Commit:     Ian Delaney <idella4 <AT> gentoo <DOT> org>
CommitDate: Sun Oct 18 02:45:33 2015 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=fe00c3bc

net-firewall/shorewall: bump to -5.0.1

patches submitted by proxy maintainer via gentoo bug & pull request;
dropped 'rc_need="net"', files moved from
$FILESDIR/$MAJOR_VERSION to $FILESDIR

Gentoo bug:	#563088
Pull request:	https://github.com/gentoo/gentoo/pull/241

Package-Manager: portage-2.2.20.1

 net-firewall/shorewall/Manifest                    |   7 +
 ...rewall-init-01_remove-ipset-functionality.patch |  28 ++
 net-firewall/shorewall/files/shorewall-init.confd  |   6 +
 net-firewall/shorewall/files/shorewall-init.initd  | 192 +++++++++
 net-firewall/shorewall/files/shorewall-init.readme |  30 ++
 .../shorewall/files/shorewall-init.systemd         |  18 +
 net-firewall/shorewall/files/shorewall-lite.confd  |  15 +
 net-firewall/shorewall/files/shorewall-lite.initd  |  73 ++++
 .../shorewall/files/shorewall-lite.systemd         |  20 +
 net-firewall/shorewall/files/shorewall.confd       |  15 +
 net-firewall/shorewall/files/shorewall.initd       |  98 +++++
 net-firewall/shorewall/files/shorewall.systemd     |  20 +
 net-firewall/shorewall/files/shorewall6-lite.confd |  15 +
 net-firewall/shorewall/files/shorewall6-lite.initd |  83 ++++
 .../shorewall/files/shorewall6-lite.systemd        |  20 +
 net-firewall/shorewall/files/shorewall6.confd      |  15 +
 net-firewall/shorewall/files/shorewall6.initd      | 108 +++++
 net-firewall/shorewall/files/shorewall6.systemd    |  20 +
 net-firewall/shorewall/files/shorewallrc           |  23 ++
 net-firewall/shorewall/shorewall-5.0.1.ebuild      | 447 +++++++++++++++++++++
 20 files changed, 1253 insertions(+)

diff --git a/net-firewall/shorewall/Manifest b/net-firewall/shorewall/Manifest
index 7d2576f..461f8bb 100644
--- a/net-firewall/shorewall/Manifest
+++ b/net-firewall/shorewall/Manifest
@@ -3,23 +3,30 @@ DIST shorewall-4.5.21.9.tar.bz2 489618 SHA256 a1fc41abcba3181235e217a5da53bb25d1
 DIST shorewall-4.6.10.1.tar.bz2 496061 SHA256 de527474f5bac6bf59678321c604748c48efe28a897d339a2187a45e3efed8ef SHA512 a5ef4783ff04b6faaa2e25d1da57ca3c46860960859dad5cd3b8d3cb252626b1db39c35767b226333f10db7b08b0fb18c0c09cd4eaf14586cb02b1a4259b571d WHIRLPOOL 26ebb72e769d5ca7489f718cabdb1f9cfb78e2acd514329c7036edcafe27f159ffa4cdadeeb1cee43619f748474fcc7a614011147976abb14cf627503a542e3f
 DIST shorewall-4.6.13.1.tar.bz2 498949 SHA256 fc2c390fecbc0c78d5cd648596abc1edb1d338d748b4a0605695c3141e24d35e SHA512 1b8e0a008660a8b66bcc77bb92f110fbdc04a0925d6f19bb01a6e798baa907f5ca4f6f60851c861963ab49b1a0b2ae652d4d1234fcf18ab56325ebcc66fbefb1 WHIRLPOOL 6c2a63a5c547d429c3d9c5d05683d8c4a2bdc662f58b7b8e7ae197053a13c06ad1c0ae9fcd0face2601d05a7becfaf0948e0765ff22e5dbeace0176e77e4bad6
 DIST shorewall-4.6.13.tar.bz2 500076 SHA256 fc4530d891da22d9efaa4339f10ebde27133bef9fe8c6e93abc701991f8b30ba SHA512 5018d34a15784870c521614a725baa05ea8df5e11e11d0177d01fc3012ed006f25b6a2afaf20cbae7b1c189ea841cc5ad2764067af0513f8378b316645524b48 WHIRLPOOL a6fef96deed7f7ad7bdc0273de88c15f77b901ec27905af474399b3b86fd8b6cdfe92556ae2314feaa73cd525960b56d986ce426225f7779e9235ccdc9f7248c
+DIST shorewall-5.0.1.tar.bz2 477174 SHA256 1b5147d5ecb1ccf950785c239a6b6db47fa694cde229ad7d4eaea2e3fcc2a4ee SHA512 1eb1d1d4fb5f750a93af61462b789e5c725ab960a3512e5363aab8a3d4ca9823ed3dd3e189222ed782321edbb9f28230446b7cae3156ab0e86d6fe584c2ba253 WHIRLPOOL f24be9f60e10937f760c316c74d7d854541df2c1f0d019dcefa128c27bdfbe71b5fc72201dc750671adc61667923c3138350d00210cfe5d2112308b4bf1df7fc
 DIST shorewall-core-4.6.10.1.tar.bz2 58247 SHA256 5af804f39f4480685e995080dc8913d4af61af70d5a478dd00bbf0593851b44d SHA512 1028e0bf950aecbc77c6c263ab8351fb8ff90b6077a0d6bf7c0d882559f5d8644ce0f2c6aec6dd3614d90a319277763460909e345e1e004cf8ea1f548e369284 WHIRLPOOL 0a0834eb355e05679b5809a18dd0749c6c06ac3130a9ab375587c7e6134042c01762775ac136f0396c051f4ac4b2f379141d111760929a42da6f00656a96e120
 DIST shorewall-core-4.6.13.1.tar.bz2 61749 SHA256 d06a4c1050578013c6e37468f0a803fd129f1ac95b6ea5ab8af80f3eb0739539 SHA512 8db64a150101368ad50075f7ed97e2ceecf0d974ae1d0d61f6bc8dd967ff8f222265c543dfbe8f1217d90b21d93398669cc3d6e06a2b2c706c25347b27f13868 WHIRLPOOL 493f9a739388d3ecfe5fc9d04414c272d09a6eade8f236e21ec773b7df423844d2b9b427a297c9fa842ef22e7c491427d74e83dbc0aa267b16c20c1aff8525ed
 DIST shorewall-core-4.6.13.tar.bz2 61679 SHA256 e31dd55c8df37ee2168c5aa9843f9c2727f6a31a98634445e0c10990360665a4 SHA512 2c769f2f77ee51357f92daa1fe3f794fd3e3b537f0686a004809767340ad7bdd922be2580760cdbb834e8c80f53e9d5329ef86ee741520870c242452b1e44f30 WHIRLPOOL 90668efd2db2f09bf40934206b3124666b96157f085dfabc17ff2c2d65ebb8f348db6727516fced866d16eb4d44aa0ea9d6d91ed907593785788c6cdb50f10dc
+DIST shorewall-core-5.0.1.tar.bz2 45988 SHA256 fd2c764f34f02b923ad4a2c5b4017b9b96df2c6886710254f2e2771e3b007a0b SHA512 a65965d272190ff4e32022a5ba21eaabfedfde50ffa1c2d100892f1b3796a5908641f5fe40e3c66f9d0bd7666217ba046e61a89368a41d8dc9eaee7db2efa4cf WHIRLPOOL 8366b0d423dc38349e795e65dace67e7c851a00335b49da1c8308796e9ff5c9544c76375d00c8c521ade30b21ccc91e874382c89691cf11927624fc42fd1a434
 DIST shorewall-docs-html-4.5.21.10.tar.bz2 4146174 SHA256 cdbc5f3654f7cfb6f0c3b3750a7174df8fa0590dfe34df055300140b3eb13192 SHA512 94852cc094d6a485cacc4023a2819431f1bfd80b8cbcab29981c422fdff9dfee90697ae8a9bda7ded3a8be03db516bdd5f4bcc4b83e7d01bc433a8c88d23731a WHIRLPOOL 6f02d0e3255dd1e31a43193f67f9b957546a6ae574631e61364f81244bee887e7f21c38f412fa21cde77b3d89aaf0e14e43909683db0c9c32edeb455c20b998e
 DIST shorewall-docs-html-4.5.21.9.tar.bz2 4146065 SHA256 9056c22b8232d8276cc53a6eb74940bab42a250c670cb5baa42c75cfb89efdef SHA512 48b2c692ba59b7ec74307909e43a95104e212c9b8e21af7f0dd9f3438ac4f24a6fd2bcc6517966681517aef03beaa8faf03efd74406966d97b68cb416be8551b WHIRLPOOL f68cba7ecaf8c541e58d26c157914bff2d90cd9deae30af7323ca69c68d028217133f53e597bf383191aee83fab29203d233b3cd1e75e4cf08d9e17308dc25e4
 DIST shorewall-docs-html-4.6.10.1.tar.bz2 4185752 SHA256 eeaec18b7f8663f0b836b76d140d3fad7871075de90f18ccc7b9fbda1538a787 SHA512 1bf1b3f5745d54af3af5f9bb6417c661e2bde8028d699aed4c4fcbe7cf301b8eadfed7be5e9bfdd677659c362d1e757eee13cd1b497a0c6837c179883c33e3a8 WHIRLPOOL 937fc4f76174f615de86eaa08690ebbe42f658154320d3e9972cbb0bcaa461e11fdaf5390f517f5d2f905aa5996ecb7399ca07d1767f647a49d33b1220e8d547
 DIST shorewall-docs-html-4.6.13.1.tar.bz2 4280904 SHA256 ded94cd41022855bbb20e3a5a579f82515fea8eb3d6b7ea110e491a5cc654804 SHA512 0f6090a428ead0c5ccfca020776a93c6c69de7043b947c129ca9fba8289919448af4b5c6a2a65dc9317df2979688f86873dc0ff6a04ba6e9a14b26f183872f33 WHIRLPOOL 4cf65fd2e4afcf40d7e7fdaab43002551f7af4bba6a12466d7dab87d5df5cbcf5ed80d3238ec6cf77e59f7587056adc4450db4765a2ef47e9bcf2641cf38407a
 DIST shorewall-docs-html-4.6.13.tar.bz2 4280790 SHA256 2fdc3d5aa2d998831b66ed2ebf257a581924ef9b5ef1a5a2d18511aeb6f46d3d SHA512 40b3db8e8ca022ee47f928fac512f28dff7da597d19dbf9d19f5d706764d01aa09ff348df37be40a8551a7e6fae9a8b1be7e1321de7f581af4e7217ad6e3bc64 WHIRLPOOL e639126f0b16ad332bf115ccd773e7b32b1b9a0c7bda78cf072096a466d4e78d2a404f2ec923cd1acc152481a01cd90affa9af25496ee136555cc55ed1156a31
+DIST shorewall-docs-html-5.0.1.tar.bz2 4274054 SHA256 c43f847ae2b106c7966b3aeb6a4221c0b9b3d5219e35b485b84d70f2e84ff8d9 SHA512 1bb264ba0166204c77588a7741388af2ac3091c305331f962b333c3adf725a055bf2b15974d0f6007ff93f4112a387937668b815acff3ca19ee2cc36d36a827f WHIRLPOOL e200846eff4e467b9cbec7097e9d69c4f039bfe0e5a8e8ff193f077ab7e92c4d9c41458b8041a6be27e4afe9e06b1809a54b0d1797c38bc7d62d933173812edf
 DIST shorewall-init-4.6.10.1.tar.bz2 37674 SHA256 c3948dbe48230358eb4d5a370a44b247f4a6e6f28b1c4853be23d9abda79f6ba SHA512 71507a9c27f9a8286f82567f731714fe5a6f5b21f1f3f27f3a3ba9171301361948bef9824a9a45445d65f74039c4dca3ffc83e74a6ffd33783d1528ad581578e WHIRLPOOL 23c886b1015c6430d819d3010b8cdc587d88054f55b8092238438310562affdaead265a40a74dd888d1c939367afafa0ebecfe8946ceb202bab126ca2232cd97
 DIST shorewall-init-4.6.13.1.tar.bz2 40718 SHA256 35684f1955eed65d897f5c51a74b9bf431a839cdeabc9ca7b37109d7b47a9d95 SHA512 f6b5d6e59eb3e4f4408b68bee69dacd3e5b00b3d0628b4b0f6408342bd05b279efc3962c0b294e37b8e6c719442232e73e348f048534916f97e3f40fb3a598d5 WHIRLPOOL 05c774194b33e1ffecec42e756851d3a9bd6764a13b280f63737dca53efe4223cea081b42e4f1a205062baaa3fac62a92b490b1402a6cd0ada637f98bea1b690
 DIST shorewall-init-4.6.13.tar.bz2 40574 SHA256 a1ebf757ccf5b455220daf80af71d23dd6290d9bcd9440da2058bdf6fcfcd768 SHA512 63092ad30f4528e96ca8a12e0e76ef702446a9b61c880455f13ab9ce86c953a3cc3c3f05a04fff9df1a93cad8d01ffd2b846281a7f46a3d9000e5cd3c908051e WHIRLPOOL cf78de19cdcf6c0de23a3259509a95382aaac554a827cca4a031ce4c1ef3b57e7ccaa65c40daadea53dc4433ad819416cafb215aff7088b8eecfeecb1ab7983b
+DIST shorewall-init-5.0.1.tar.bz2 25161 SHA256 ab2e2cfbe87fb4503d7b587ca3072e70b649f4a3a2a1e16651d801181390acfe SHA512 fb4d1764311bd3d244315c3f33d2881c9d78501102a619b389bc439c306e12871e65e7cc8fef25ce45e44b88bafd57798feb5c6cc3f988ad1ff1125d8c002db3 WHIRLPOOL ec6277fe1c881bc8ad55fa92e70676972228a13ca95a6c36ef2b5cf5e87d280d87ee5a743b98002e26be8b90a51a79d786abe3fdb72bfe5ab4ee08f3aa25d43f
 DIST shorewall-lite-4.6.10.1.tar.bz2 53535 SHA256 9944da74b9496fe29afe6ebab8f4a37cfb24a6a701282231dd6916831e064c38 SHA512 79347ae6c62e8f039efb2a21b10fd33d08831b6595b64fb4806cc5fd812216d295b73c859db775c0c19cd7c8bdfe67f21042db0d0b47ba47ab6b430d1d522659 WHIRLPOOL 593b8872ea0ff95c5847c51c9c3c312329017cbd7e96efcd39bf1a41a32ef3e99a29deb797a4260422d1bfd86ef4ca72b25024b7d2f5e4e17464df1f3f25571a
 DIST shorewall-lite-4.6.13.1.tar.bz2 56534 SHA256 639213a42c424def670a8b54ce13f0fe007aa9ff97e2beb8cb1cd98deb3fba2f SHA512 0fd3ac13e09dc4975d8a186a536b02420e00374376e3d8b903d6a69cb542de88a303bbe5d3e44831ef8d3ef3fd9ba0a34f19c89803d3ff4b622a366338cf7453 WHIRLPOOL 640541b5bb1c92d3fcb23ec970094200257af5b55a4a71be47a854be781d3e29d8354ea03d79b28fc654f3cab49c1e6de16ee01b3a02a61f0299a0a9bb4b5255
 DIST shorewall-lite-4.6.13.tar.bz2 56490 SHA256 b73707abeb7d9911cae12c8280c014ed4189bd181e8e45f341d9b786b2f22b82 SHA512 c19aaaec6f31efd1afc2cc8e00d341b6135bb5a3b019a3f4a050ec43e4c1f5e4f8d68b00ec29a41201bd8e37a39c4b37348ddef575a1771cc6e6f80024db027c WHIRLPOOL eef127d2c8b76e2846490c916ddfd95692f13f362fd8a522f4b14fe47aec3c91a18a96935db46f5f6bdeb148ce9b1287c99bb4cb4e8292d74812c3ac677a9b41
+DIST shorewall-lite-5.0.1.tar.bz2 41893 SHA256 591fc40ca5af74f4a0d50a9aa7413e3c6311b4eeb46f36b72e2bf90ee392ed53 SHA512 9debace6a1202ff5b438078e8a0e47033fe13a563ea26fa6b163b55a3355eec31d1b89a1bdae071a6da8f3c4130b669eadd3b91073a366cfe8b9b31f3eb6fcc7 WHIRLPOOL 921cc0643b62ab5a068f8b0c276a971f7361d3cb59851ba96328afc95558cf3a85cd4bf3589c098b070474df18d9f5704e592ae0e51e6485c67804512e5bc009
 DIST shorewall6-4.6.10.1.tar.bz2 231553 SHA256 1a2e303e9361fccf393ebfe512cf8d770b522f6b65a0a125a5e4aa0b28dd6e0c SHA512 acb678bd84e68d72f5dafd00d03feedefc8b954f7df9a4e6d57c70647ad2b046f7145c7b5de729d8bf1258a036587a687ee41170add2a50a411675be61de7d3d WHIRLPOOL a3451ff58bc32f4d720f5b8c6db226ac924cf0179084f351b7b35773f011c1b0b5feff2e9544a7b198995d297637e210b80adfb483db198e186b24a1954d2cc1
 DIST shorewall6-4.6.13.1.tar.bz2 235114 SHA256 561887394a04532e06ebdf153aa60c6eaf176349f59a7a30e2c1d31aa48ba4eb SHA512 0700255da06c48577227439b3b358f4693a4e1e4c311f39079686c16b573e5bc4efd251160f69c1e6fc3daa8a503b2ede8fe44d51c93a9abd89431fd85081d72 WHIRLPOOL 9bcdf5b7a0c0a79143b3d451f7b362d41290ad641ab92b92abcfdda0fe15903ff2a225fc3571abe7c9c12e4b6ac34d054adf46372d94acfe997579a931a2979b
 DIST shorewall6-4.6.13.tar.bz2 235132 SHA256 dceb2de20460cd2015297925529fc95feb7bfc156465ef907dead663213a5994 SHA512 91184afc3b42b2b9d9ae679f9061964d79fd8320ff95eb8ab040dd2e2b144a2b546ba458c19a432992924b51c560cd04bff5750634b41f367f40314f8e3399a4 WHIRLPOOL d9a87edccc3d59146d3bcb97264b2a8c1c540b79885e76309ec8cfb9c73f0ce0332f9abc92574c5eb4812a000bede85ca28f5b144ceeb39af52f28cb9571a2a6
+DIST shorewall6-5.0.1.tar.bz2 220973 SHA256 466b6486cb992385443e46158afab60d669e6e5f774f68b0754d2b394feaf740 SHA512 0af72641961eb9b86e679a7456968a807e72ff296bcee28a8fcc60c1c8254a8b1b4d9c8ca22949f02705cb022622d9435a66a65ac35948ca49b419e410665823 WHIRLPOOL c72368da11227f2a1cc2b061e329314f06517617a322fbe2394a3a94fd11c7dab00ed86e657f74c344732cfc4217cfa5cf7af424f5c751632523bbcf7c45bef1
 DIST shorewall6-lite-4.6.10.1.tar.bz2 52669 SHA256 ce19583541f5eb39acad33099af087d030374d467eb64aa4415ac9b18e65c5a8 SHA512 a33ab4b2397864329f35e6352606b13d04fb8ada17777c98d75bc685411bcf9453bf452d3a0b6699c537081483347c542bdfa547d71ca4c0c41967ccd755fd2e WHIRLPOOL ff3ef6e3ad68f69f47e71553061e845ed125735c1c6986180835397c8148386349a0317debf592917ec5ed0734c3af461c5161d9a061c6b8a6ff5c81d52743f0
 DIST shorewall6-lite-4.6.13.1.tar.bz2 55723 SHA256 33a95315f4b976a4fe003f084c3f4363761a076c758c05c6a211a884fe6a63c5 SHA512 6c240fc31bf07e8c52aae3285cf22e7b2fefe846898bea02514157cffbedb930a7cf6a12a4ef473b1713ef8c524b7a48b916f0ffff37477c4ac94afb72397e11 WHIRLPOOL c9b99295ee498e9be3ae7d2a947153828653c931fba90527ecb05254c1fccb1981f800894b31786bcfab50cffdc2dd7e91964e70e43ab67a2d3d0954303b35a3
 DIST shorewall6-lite-4.6.13.tar.bz2 55646 SHA256 9da8d4e29d867ba96aaaa9c0854e385e26b107aa0e5babbc5b1ffd36327cb413 SHA512 e826778478532f32155514e47aad35e2bace38933f5c4ccded67d058acba0766ef6687cc8bcdef6ba4ee1e629af7b5e8d11a77c5a8bb67d4fdc0b0167dadb731 WHIRLPOOL 9a6bba924e24f400d46afb0e13760ee4ed2e690c35e4364f652e4c252f9930d5710eed30e51ff5f312bff6bd56130321c49d0a8ea893c789122bd412c6c79993
+DIST shorewall6-lite-5.0.1.tar.bz2 41039 SHA256 fec8bc38fff94f0f5375992038eee83fb395a232b7cad83e1cf215a5d3388061 SHA512 1dc6f0681e429998880b90ca6e877bdeb4bfdf2c68036026db88aa55efdeaff27c59e4829597da938b0ee0e395278e744e98f7a41eabe536f7e6a1bea38850d3 WHIRLPOOL c5dcb398c353500f76ab6f555e387639d09f122ad792d40021958971c0dcf8e44cf16a4e443697574eecbc63eee2dc1d465aec1b86f6b9784b1a832c018ef3a0

diff --git a/net-firewall/shorewall/files/shorewall-init-01_remove-ipset-functionality.patch b/net-firewall/shorewall/files/shorewall-init-01_remove-ipset-functionality.patch
new file mode 100644
index 0000000..8b60eb2
--- /dev/null
+++ b/net-firewall/shorewall/files/shorewall-init-01_remove-ipset-functionality.patch
@@ -0,0 +1,28 @@
+diff -rupN old/shorewall-init-4.6.10.1/shorewall-init new/shorewall-init-4.6.10.1/shorewall-init
+--- old/shorewall-init-4.6.10.1/shorewall-init	2015-06-09 20:02:00.000000000 +0200
++++ new/shorewall-init-4.6.10.1/shorewall-init	2015-06-14 17:16:17.396424059 +0200
+@@ -78,10 +78,6 @@ shorewall_start () {
+ 	fi
+     done
+ 
+-    if [ -n "$SAVE_IPSETS" -a -f "$SAVE_IPSETS" ]; then
+-	ipset -R < "$SAVE_IPSETS"
+-    fi
+-
+     return 0
+ }
+ 
+@@ -99,13 +95,6 @@ shorewall_stop () {
+ 	fi
+     done
+ 
+-    if [ -n "$SAVE_IPSETS" ]; then
+-	mkdir -p $(dirname "$SAVE_IPSETS")
+-	if ipset -S > "${SAVE_IPSETS}.tmp"; then
+-	    grep -qE -- '^(-N|create )' "${SAVE_IPSETS}.tmp" && mv -f "${SAVE_IPSETS}.tmp" "$SAVE_IPSETS"
+-	fi
+-    fi
+-
+     return 0
+ }
+ 

diff --git a/net-firewall/shorewall/files/shorewall-init.confd b/net-firewall/shorewall/files/shorewall-init.confd
new file mode 100644
index 0000000..1b126be
--- /dev/null
+++ b/net-firewall/shorewall/files/shorewall-init.confd
@@ -0,0 +1,6 @@
+# List the Shorewall products Shorewall-init should
+# initialize (space-separated list).
+#
+# Sample: PRODUCTS="shorewall shorewall6-lite"
+#
+PRODUCTS=""

diff --git a/net-firewall/shorewall/files/shorewall-init.initd b/net-firewall/shorewall/files/shorewall-init.initd
new file mode 100644
index 0000000..837d609
--- /dev/null
+++ b/net-firewall/shorewall/files/shorewall-init.initd
@@ -0,0 +1,192 @@
+#!/sbin/runscript
+# Copyright 1999-2015 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+SHOREWALLRC_FILE="@GENTOO_PORTAGE_EPREFIX@/usr/share/shorewall/shorewallrc"
+CONFIG_FILE="@GENTOO_PORTAGE_EPREFIX@/etc/conf.d/${SVCNAME}"
+
+description="Puts Shorewall in a safe state at boot time"
+description="${description} prior to bringing up the network."
+
+required_files="$SHOREWALLRC_FILE"
+
+depend() {
+	need localmount
+	before net
+	after bootmisc ipset tmpfiles.setup ulogd
+}
+
+
+. $SHOREWALLRC_FILE
+
+checkconfig() {
+	local PRODUCT=
+
+	if [ -z "${VARLIB}" ]; then
+		eerror "\"VARLIB\" isn't defined or empty! Please check" \
+			"\"${SHOREWALLRC_FILE}\"."
+
+		return 1
+	fi
+
+	if [ -z "${PRODUCTS}" ]; then
+		eerror "${SVCNAME} isn't configured! Please check" \
+			"\"${CONFIG_FILE}\"."
+
+		return 1
+	fi
+
+	for PRODUCT in ${PRODUCTS}; do
+		if [ ! -x ${SBINDIR}/${PRODUCT} ]; then
+			eerror "Invalid product \"${PRODUCT}\" specified" \
+				"in \"${CONFIG_FILE}\"!"
+			eerror "Maybe \"${PRODUCT}\" isn't installed?"
+
+			return 1
+		fi
+	done
+
+	return 0
+}
+
+check_firewall_script() {
+	if [ ${PRODUCT} = shorewall -o ${PRODUCT} = shorewall6 ]; then
+		ebegin "Checking \"${STATEDIR}/firewall\""
+		${SBINDIR}/${PRODUCT} compile -c 1>/dev/null
+		eend $?
+	fi
+
+	if [ ! -x ${STATEDIR}/firewall ]; then
+		eerror "\"${PRODUCT}\" isn't configured!"
+
+		if [ ${PRODUCT} = shorewall-lite -o ${PRODUCT} = shorewall6-lite ]; then
+			eerror "Please go to your 'administrative system'" \
+				"and deploy the compiled firewall" \
+				"configuration for this system."
+		fi
+
+		return 1
+	fi
+
+	return 0
+}
+
+is_allowed_to_be_executed() {
+	# This is not a real service. shorewall-init is an intermediate
+	# script to put your Shorewall-based firewall into a safe state
+	# at boot time prior to bringing up the network.
+	# Please read /usr/share/doc/shorewall-init-*/README.gentoo.gz
+	# for more information.
+	# When your system is up, there is no need to call shorewall-init.
+	# Please call shorewall{,6,-lite,6-lite} directly. That's the
+	# reason why we are preventing start, stop or restart here.
+
+	local PRODUCT=
+
+	if [ "${RC_RUNLEVEL}" != "boot" -a "${RC_CMD}" = "start" ]; then
+		# Starting shorewall-init is only allowed at boot time
+		eerror "This is a boot service, which can only be started" \
+			"at boot."
+		eerror "If you want to get your shorewall-based firewall" \
+			"into the same safe boot state again, run"
+		eerror ""
+		eindent
+		for PRODUCT in ${PRODUCTS}; do
+			eerror "/etc/init.d/${PRODUCT} stop"
+		done
+		eoutdent
+		eerror ""
+		eerror "Yes, \"stop\" and not start."
+		eerror ""
+		return 1
+	fi
+
+	if [ "${RC_RUNLEVEL}" != "shutdown" -a "${RC_CMD}" = "stop" ]; then
+		# Stopping shorewall-init is only allowed at shutdown
+		eerror "This is a boot service, which cannot be stopped."
+		eerror "If you really want to stop your Shorewall-based" \
+			"firewall the same way this service would stop" \
+			"Shorewall at shutdown, please run"
+		eerror ""
+		eindent
+		for PRODUCT in ${PRODUCTS}; do
+			eerror "/etc/init.d/${PRODUCT} clear"
+		done
+		eoutdent
+		eerror ""
+		eerror "Keep in mind that this will clear (=bring down)" \
+			"your firewall!"
+		eerror ""
+		return 1
+	fi
+
+	if [ "${RC_CMD}" = "restart" ]; then
+		eerror "This is a boot service, which cannot be restarted."
+		eerror "If you want to restart any of your Shorewall-based" \
+			"firewalls, run"
+		eerror ""
+		eindent
+		for PRODUCT in ${PRODUCTS}; do
+			eerror "/etc/init.d/${PRODUCT} restart"
+		done
+		eoutdent
+		eerror ""
+		return 1
+	fi
+
+	return 0
+}
+
+set_statedir() {
+	STATEDIR=
+	local VARDIR=
+
+	if [ -f ${CONFDIR}/${PRODUCT}/vardir ]; then
+		STATEDIR=$( . ${CONFDIR}/${PRODUCT}/vardir && echo ${VARDIR} )
+	fi
+
+	[ ! -n "${STATEDIR}" ] && STATEDIR=${VARLIB}/${PRODUCT}
+}
+
+start_pre() {
+	checkconfig || return 1
+
+	is_allowed_to_be_executed || return 1
+}
+
+start() {
+	local PRODUCT=
+	local STATEDIR=
+
+	for PRODUCT in ${PRODUCTS}; do
+		set_statedir
+
+		check_firewall_script || return 1
+
+		ebegin "Initializing \"${PRODUCT}\""
+		${STATEDIR}/firewall stop 1>/dev/null
+		eend $?
+	done
+}
+
+stop_pre() {
+	checkconfig || return 1
+
+	is_allowed_to_be_executed || return 1
+}
+
+stop() {
+	local PRODUCT=
+	local STATEDIR=
+
+	for PRODUCT in ${PRODUCTS}; do
+		set_statedir
+
+		check_firewall_script || return 1
+
+		ebegin "Clearing \"${PRODUCT}\""
+		${STATEDIR}/firewall clear 1>/dev/null
+		eend $?
+	done
+}

diff --git a/net-firewall/shorewall/files/shorewall-init.readme b/net-firewall/shorewall/files/shorewall-init.readme
new file mode 100644
index 0000000..f7b13fe
--- /dev/null
+++ b/net-firewall/shorewall/files/shorewall-init.readme
@@ -0,0 +1,30 @@
+shorewall-init from upstream offers two features (taken from [1]):
+
+	1. It can 'close' the firewall before the network interfaces are
+	   brought up during boot.
+	
+	2. It can change the firewall state as the result of interfaces
+	   being brought up or taken down.
+
+On Gentoo we only support the first feature -- the firewall lockdown during
+boot.
+
+We do not support the second feature, because Gentoo doesn't support a
+if-{up,down}.d folder like other distributions do. If you would want to use
+such a feature, you would have to add a custom action to /etc/conf.d/net
+(please refer to the Gentoo Linux Handbook [2] for more information).
+If you are able to add your custom {pre,post}{up,down} action, your are
+also able to specify what shorewall{6,-lite,6-lite} should do, so there is
+no need for upstream's scripts in Gentoo.
+
+If you disagree with us, feel free to open a bug [3] and contribute your
+solution for Gentoo.
+
+Upstream's original init script also supports saving and restoring of
+ipsets. Please use the init script from net-firewall/ipset if you need
+such a feature.
+
+
+[1] http://www.shorewall.net/Shorewall-init.html
+[2] http://www.gentoo.org/doc/en/handbook/handbook-x86.xml?part=4&chap=5
+[3] https://bugs.gentoo.org

diff --git a/net-firewall/shorewall/files/shorewall-init.systemd b/net-firewall/shorewall/files/shorewall-init.systemd
new file mode 100644
index 0000000..2b46958
--- /dev/null
+++ b/net-firewall/shorewall/files/shorewall-init.systemd
@@ -0,0 +1,18 @@
+#
+#	The Shoreline Firewall (Shorewall) Packet Filtering Firewall - V5.0
+#
+[Unit]
+Description=shorewall-init
+Documentation=http://www.shorewall.net/Shorewall-init.html
+Before=network-pre.target
+Wants=network-pre.target
+
+[Service]
+Type=oneshot
+RemainAfterExit=yes
+StandardOutput=syslog
+ExecStart=/sbin/shorewall-init start
+ExecStop=/sbin/shorewall-init stop
+
+[Install]
+WantedBy=basic.target

diff --git a/net-firewall/shorewall/files/shorewall-lite.confd b/net-firewall/shorewall/files/shorewall-lite.confd
new file mode 100644
index 0000000..0e419b8
--- /dev/null
+++ b/net-firewall/shorewall/files/shorewall-lite.confd
@@ -0,0 +1,15 @@
+# Global start/restart/stop options
+#
+OPTIONS="-tvv"
+
+# Start options
+#
+STARTOPTIONS=""
+
+# Stop options
+#
+STOPOPTIONS=""
+
+# Restart options
+#
+RESTARTOPTIONS=""

diff --git a/net-firewall/shorewall/files/shorewall-lite.initd b/net-firewall/shorewall/files/shorewall-lite.initd
new file mode 100644
index 0000000..c981a19
--- /dev/null
+++ b/net-firewall/shorewall/files/shorewall-lite.initd
@@ -0,0 +1,73 @@
+#!/sbin/runscript
+# Copyright 1999-2015 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+description='The Shoreline Firewall Lite, more commonly known as "Shorewall Lite", is'
+description="${description} a high-level tool for configuring Netfilter."
+
+extra_commands="clear"
+extra_started_commands="reset"
+
+description_clear="Clear will remove all rules and chains installed by"
+description_clear="${description_clear} Shorewall Lite. The firewall is"
+description_clear="${description_clear} then wide open and unprotected."
+
+description_reset="All the packet and byte counters in the firewall are reset."
+
+command="/usr/sbin/shorewall-lite"
+
+depend() {
+	provide firewall
+	after ulogd
+}
+
+status() {
+	local _retval
+	${command} status 1>/dev/null
+	_retval=$?
+	if [ ${_retval} = '0' ]; then
+		einfo 'status: started'
+		mark_service_started "${SVCNAME}"
+		return 0
+	else
+		einfo 'status: stopped'	
+		mark_service_stopped "${SVCNAME}"
+		return 3
+	fi
+}
+
+start() {
+	ebegin "Starting shorewall-lite"
+	${command} ${OPTIONS} start ${STARTOPTIONS} 1>/dev/null
+	eend $?
+}
+
+stop() {
+	ebegin "Stopping shorewall-lite"
+	${command} ${OPTIONS} stop ${STOPOPTIONS} 1>/dev/null
+	eend $?
+}
+
+restart() {
+	ebegin "Restarting shorewall-lite"
+	${command} status 1>/dev/null
+	if [ $? != 0 ] ; then
+		svc_start
+	else
+		${command} ${OPTIONS} restart ${RESTARTOPTIONS} 1>/dev/null
+	fi
+	eend $?
+}
+
+clear() {
+	ebegin "Clearing all shorewall-lite rules and setting policy to ACCEPT"
+	${command} ${OPTIONS} clear 1>/dev/null
+	eend $?
+}
+
+reset() {
+	ebegin "Resetting the packet and byte counters in shorewall-lite"
+	${command} ${OPTIONS} reset 1>/dev/null
+	eend $?
+}

diff --git a/net-firewall/shorewall/files/shorewall-lite.systemd b/net-firewall/shorewall/files/shorewall-lite.systemd
new file mode 100644
index 0000000..a9d66e7
--- /dev/null
+++ b/net-firewall/shorewall/files/shorewall-lite.systemd
@@ -0,0 +1,20 @@
+#
+#	The Shoreline Firewall Lite (Shorewall-Lite) Packet Filtering Firewall - V5.0
+#
+[Unit]
+Description=Shorewall IPv4 firewall lite
+Documentation=man:shorewall-lite(8) http://www.shorewall.net/Documentation_Index.html
+Wants=network-online.target
+After=network-online.target
+Conflicts=iptables.service firewalld.service iptables-restore.service
+
+[Service]
+Type=oneshot
+RemainAfterExit=yes
+EnvironmentFile=/etc/conf.d/shorewall-lite
+StandardOutput=syslog
+ExecStart=/sbin/shorewall-lite $OPTIONS start $STARTOPTIONS
+ExecStop=/sbin/shorewall-lite $OPTIONS stop $STOPOPTIONS
+
+[Install]
+WantedBy=basic.target

diff --git a/net-firewall/shorewall/files/shorewall.confd b/net-firewall/shorewall/files/shorewall.confd
new file mode 100644
index 0000000..0e419b8
--- /dev/null
+++ b/net-firewall/shorewall/files/shorewall.confd
@@ -0,0 +1,15 @@
+# Global start/restart/stop options
+#
+OPTIONS="-tvv"
+
+# Start options
+#
+STARTOPTIONS=""
+
+# Stop options
+#
+STOPOPTIONS=""
+
+# Restart options
+#
+RESTARTOPTIONS=""

diff --git a/net-firewall/shorewall/files/shorewall.initd b/net-firewall/shorewall/files/shorewall.initd
new file mode 100644
index 0000000..95c1d0f
--- /dev/null
+++ b/net-firewall/shorewall/files/shorewall.initd
@@ -0,0 +1,98 @@
+#!/sbin/runscript
+# Copyright 1999-2015 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+description='The Shoreline Firewall, more commonly known as "Shorewall", is'
+description="${description} a high-level tool for configuring Netfilter."
+
+extra_commands="check clear"
+extra_started_commands="refresh reset"
+
+description_check="Checks if the configuration will compile or not."
+
+description_clear="Clear will remove all rules and chains installed by"
+description_clear="${description_clear} Shorewall. The firewall is then"
+description_clear="${description_clear} wide open and unprotected."
+
+description_refresh="The mangle table will be refreshed along with the"
+description_refresh="${description_refresh} blacklist chain (if any)."
+
+description_reset="All the packet and byte counters in the firewall are reset."
+
+command="/usr/sbin/shorewall"
+
+depend() {
+	provide firewall
+	after ulogd
+}
+
+status() {
+	local _retval
+	${command} status 1>/dev/null
+	_retval=$?
+	if [ ${_retval} = '0' ]; then
+		einfo 'status: started'
+		mark_service_started "${SVCNAME}"
+		return 0
+	else
+		einfo 'status: stopped'	
+		mark_service_stopped "${SVCNAME}"
+		return 3
+	fi
+}
+
+start() {
+	ebegin "Starting shorewall"
+	${command} ${OPTIONS} start ${STARTOPTIONS} 1>/dev/null
+	eend $? 
+}
+
+stop() {
+	ebegin "Stopping shorewall"
+	${command} ${OPTIONS} stop ${STOPOPTIONS} 1>/dev/null
+	eend $?
+}
+
+restart() {
+	ebegin "Restarting shorewall"
+	${command} status 1>/dev/null
+	if [ $? != 0 ] ; then
+		svc_start
+	else
+		${command} ${OPTIONS} restart ${RESTARTOPTIONS} 1>/dev/null
+	fi
+	eend $?
+}
+
+clear() {
+	ebegin "Clearing all shorewall rules and setting policy to ACCEPT"
+	${command} ${OPTIONS} clear 1>/dev/null
+	eend $?
+}
+
+reset() {
+	ebegin "Resetting the packet and byte counters in shorewall"
+	${command} ${OPTIONS} reset 1>/dev/null
+	eend $?
+}
+
+refresh() {
+	# refresh the rules involving the broadcast addresses of firewall 
+	# interfaces, the black list, traffic control rules and 
+	# ECN control rules
+
+	ebegin "Refreshing shorewall rules"
+	${command} ${OPTIONS} refresh 1>/dev/null
+	eend $?
+}
+
+check() {
+	# perform cursory validation of the zones, interfaces, hosts, rules
+	# and policy files. CAUTION: does not parse and validate the generated 
+	# iptables commands.
+
+	ebegin "Checking shorewall configuration"
+	${command} ${OPTIONS} check 1>/dev/null
+	eend $?
+}

diff --git a/net-firewall/shorewall/files/shorewall.systemd b/net-firewall/shorewall/files/shorewall.systemd
new file mode 100644
index 0000000..0844178
--- /dev/null
+++ b/net-firewall/shorewall/files/shorewall.systemd
@@ -0,0 +1,20 @@
+#
+#	The Shoreline Firewall (Shorewall) Packet Filtering Firewall - V5.0
+#
+[Unit]
+Description=Shorewall IPv4 firewall
+Documentation=man:shorewall(8) http://www.shorewall.net/Documentation_Index.html
+Wants=network-online.target
+After=network-online.target
+Conflicts=iptables.service firewalld.service iptables-restore.service
+
+[Service]
+Type=oneshot
+RemainAfterExit=yes
+EnvironmentFile=/etc/conf.d/shorewall
+StandardOutput=syslog
+ExecStart=/sbin/shorewall $OPTIONS start $STARTOPTIONS
+ExecStop=/sbin/shorewall $OPTIONS stop $STOPOPTIONS
+
+[Install]
+WantedBy=basic.target

diff --git a/net-firewall/shorewall/files/shorewall6-lite.confd b/net-firewall/shorewall/files/shorewall6-lite.confd
new file mode 100644
index 0000000..0e419b8
--- /dev/null
+++ b/net-firewall/shorewall/files/shorewall6-lite.confd
@@ -0,0 +1,15 @@
+# Global start/restart/stop options
+#
+OPTIONS="-tvv"
+
+# Start options
+#
+STARTOPTIONS=""
+
+# Stop options
+#
+STOPOPTIONS=""
+
+# Restart options
+#
+RESTARTOPTIONS=""

diff --git a/net-firewall/shorewall/files/shorewall6-lite.initd b/net-firewall/shorewall/files/shorewall6-lite.initd
new file mode 100644
index 0000000..8eb0ace
--- /dev/null
+++ b/net-firewall/shorewall/files/shorewall6-lite.initd
@@ -0,0 +1,83 @@
+#!/sbin/runscript
+# Copyright 1999-2015 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+description='The Shoreline Firewall 6 Lite, more commonly known as "Shorewall6 Lite", is'
+description="${description} a high-level tool for configuring Netfilter."
+
+extra_commands="clear"
+extra_started_commands="reset"
+
+description_clear="Clear will remove all rules and chains installed by"
+description_clear="${description_clear} Shorewall6 Lite. The firewall is"
+description_clear="${description_clear} then wide open and unprotected."
+
+description_reset="All the packet and byte counters in the firewall are reset."
+
+command="/usr/sbin/shorewall6-lite"
+
+depend() {
+	provide firewall
+	after ulogd
+}
+
+status() {
+	local _retval
+	${command} status 1>/dev/null
+	_retval=$?
+	if [ ${_retval} = '0' ]; then
+		einfo 'status: started'
+		mark_service_started "${SVCNAME}"
+		return 0
+	else
+		einfo 'status: stopped'	
+		mark_service_stopped "${SVCNAME}"
+		return 3
+	fi
+}
+
+start() {
+	ebegin "Starting shorewall6-lite"
+	${command} ${OPTIONS} start ${STARTOPTIONS} 1>/dev/null
+	eend $? 
+}
+
+stop() {
+	ebegin "Stopping shorewall6-lite"
+	${command} ${OPTIONS} stop ${STOPOPTIONS} 1>/dev/null
+	eend $?
+}
+
+restart() {
+	# shorewall comes with its own control script that includes a
+	# restart function, so refrain from calling svc_stop/svc_start
+	# here.  Note that this comment is required to fix bug 55576;
+	# runscript.sh greps this script...  (09 Jul 2004 agriffis)
+
+	ebegin "Restarting shorewall6-lite"
+	${command} status 1>/dev/null
+	if [ $? != 0 ] ; then
+		svc_start
+	else
+		${command} ${OPTIONS} restart ${RESTARTOPTIONS} 1>/dev/null
+	fi
+	eend $?
+}
+
+clear() {
+	# clear will remove all the rules and bring the system to an unfirewalled
+	# state. (21 Nov 2004 eldad)
+
+	ebegin "Clearing all shorewall6-lite rules and setting policy to ACCEPT"
+	${command} ${OPTIONS} clear 1>/dev/null
+	eend $?
+}
+
+reset() {
+	# reset the packet and byte counters in the firewall
+
+	ebegin "Resetting the packet and byte counters in shorewall6-lite"
+	${command} ${OPTIONS} reset 1>/dev/null
+	eend $?
+}

diff --git a/net-firewall/shorewall/files/shorewall6-lite.systemd b/net-firewall/shorewall/files/shorewall6-lite.systemd
new file mode 100644
index 0000000..5ca1a0d
--- /dev/null
+++ b/net-firewall/shorewall/files/shorewall6-lite.systemd
@@ -0,0 +1,20 @@
+#
+#	The Shoreline Firewall 6 Lite (Shorewall6-Lite) Packet Filtering Firewall - V5.0
+#
+[Unit]
+Description=Shorewall IPv6 firewall lite
+Documentation=man:shorewall6-lite(8) http://www.shorewall.net/Documentation_Index.html
+Wants=network-online.target
+After=network-online.target
+Conflicts=ip6tables.service firewalld.service ip6tables-restore.service
+
+[Service]
+Type=oneshot
+RemainAfterExit=yes
+EnvironmentFile=/etc/conf.d/shorewall6-lite
+StandardOutput=syslog
+ExecStart=/sbin/shorewall6-lite $OPTIONS start $STARTOPTIONS
+ExecStop=/sbin/shorewall6-lite $OPTIONS stop $STOPOPTIONS
+
+[Install]
+WantedBy=basic.target

diff --git a/net-firewall/shorewall/files/shorewall6.confd b/net-firewall/shorewall/files/shorewall6.confd
new file mode 100644
index 0000000..210eec1
--- /dev/null
+++ b/net-firewall/shorewall/files/shorewall6.confd
@@ -0,0 +1,15 @@
+# Global start/restart/stop options
+# 
+OPTIONS="-tvv"
+
+# Start options
+# 
+STARTOPTIONS=""
+
+# Stop options
+# 
+STOPOPTIONS=""
+
+# Restart options
+# 
+RESTARTOPTIONS=""

diff --git a/net-firewall/shorewall/files/shorewall6.initd b/net-firewall/shorewall/files/shorewall6.initd
new file mode 100644
index 0000000..3826ae0
--- /dev/null
+++ b/net-firewall/shorewall/files/shorewall6.initd
@@ -0,0 +1,108 @@
+#!/sbin/runscript
+# Copyright 1999-2015 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+description='The Shoreline Firewall 6, more commonly known as "Shorewall6", is'
+description="${description} a high-level tool for configuring Netfilter."
+
+extra_commands="check clear"
+extra_started_commands="refresh reset"
+
+description_check="Checks if the configuration will compile or not."
+
+description_clear="Clear will remove all rules and chains installed by"
+description_clear="${description_clear} Shorewall6. The firewall is then"
+description_clear="${description_clear} wide open and unprotected."
+
+description_refresh="The mangle table will be refreshed along with the"
+description_refresh="${description_refresh} blacklist chain (if any)."
+
+description_reset="All the packet and byte counters in the firewall are reset."
+
+command="/usr/sbin/shorewall6"
+
+depend() {
+	provide firewall
+	after ulogd
+}
+
+status() {
+	local _retval
+	${command} status 1>/dev/null
+	_retval=$?
+	if [ ${_retval} = '0' ]; then
+		einfo 'status: started'
+		mark_service_started "${SVCNAME}"
+		return 0
+	else
+		einfo 'status: stopped'	
+		mark_service_stopped "${SVCNAME}"
+		return 3
+	fi
+}
+
+start() {
+	ebegin "Starting shorewall6"
+	${command} ${OPTIONS} start ${STARTOPTIONS} 1>/dev/null
+	eend $? 
+}
+
+stop() {
+	ebegin "Stopping shorewall6"
+	${command} ${OPTIONS} stop ${STOPOPTIONS} 1>/dev/null
+	eend $?
+}
+
+restart() {
+	# shorewall comes with its own control script that includes a
+	# restart function, so refrain from calling svc_stop/svc_start
+	# here.  Note that this comment is required to fix bug 55576;
+	# runscript.sh greps this script...  (09 Jul 2004 agriffis)
+
+	ebegin "Restarting shorewall6"
+	${command} status 1>/dev/null
+	if [ $? != 0 ] ; then
+		svc_start
+	else
+		${command} ${OPTIONS} restart ${RESTARTOPTIONS} 1>/dev/null
+	fi
+	eend $?
+}
+
+clear() {
+	# clear will remove all the rules and bring the system to an unfirewalled
+	# state. (21 Nov 2004 eldad)
+
+	ebegin "Clearing all shorewall rules and setting policy to ACCEPT"
+	${command} ${OPTIONS} clear 1>/dev/null
+	eend $?
+}
+
+reset() {
+	# reset the packet and byte counters in the firewall
+
+	ebegin "Resetting the packet and byte counters in shorewall6"
+	${command} ${OPTIONS} reset 1>/dev/null
+	eend $?
+}
+
+refresh() {
+	# refresh the rules involving the broadcast addresses of firewall 
+	# interfaces, the black list, traffic control rules and 
+	# ECN control rules
+
+	ebegin "Refreshing shorewall6 rules"
+	${command} ${OPTIONS} refresh 1>/dev/null
+	eend $?
+}
+
+check() {
+	# perform cursory validation of the zones, interfaces, hosts, rules
+	# and policy files. CAUTION: does not parse and validate the generated 
+	# iptables commands.
+
+	ebegin "Checking shorewall6 configuration"
+	${command} ${OPTIONS} check 1>/dev/null
+	eend $?
+}

diff --git a/net-firewall/shorewall/files/shorewall6.systemd b/net-firewall/shorewall/files/shorewall6.systemd
new file mode 100644
index 0000000..182c71b
--- /dev/null
+++ b/net-firewall/shorewall/files/shorewall6.systemd
@@ -0,0 +1,20 @@
+#
+#	The Shoreline Firewall 6 (Shorewall6) Packet Filtering Firewall - V5.0
+#
+[Unit]
+Description=Shorewall IPv6 firewall
+Documentation=man:shorewall6(8) http://www.shorewall.net/Documentation_Index.html
+Wants=network-online.target
+After=network-online.target
+Conflicts=ip6tables.service firewalld.service ip6tables-restore.service
+
+[Service]
+Type=oneshot
+RemainAfterExit=yes
+EnvironmentFile=/etc/conf.d/shorewall6
+StandardOutput=syslog
+ExecStart=/sbin/shorewall6 $OPTIONS start $STARTOPTIONS
+ExecStop=/sbin/shorewall6 $OPTIONS stop $STOPOPTIONS
+
+[Install]
+WantedBy=basic.target

diff --git a/net-firewall/shorewall/files/shorewallrc b/net-firewall/shorewall/files/shorewallrc
new file mode 100644
index 0000000..53e7200
--- /dev/null
+++ b/net-firewall/shorewall/files/shorewallrc
@@ -0,0 +1,23 @@
+#
+# Gentoo Shorewall 5.0 rc file
+#
+BUILD=gentoo                            #Default is to detect the build system
+HOST=gentoo                             #Gentoo GNU Linux
+PREFIX=@GENTOO_PORTAGE_EPREFIX@/usr                             #Top-level directory for shared files, libraries, etc.
+SHAREDIR=${PREFIX}/share                #Directory for arch-neutral files.
+LIBEXECDIR=${PREFIX}/share              #Directory for executable scripts.
+PERLLIBDIR=${PREFIX}/share/shorewall    #Directory to install Shorewall Perl module directory
+CONFDIR=@GENTOO_PORTAGE_EPREFIX@/etc                            #Directory where subsystem configurations are installed
+SBINDIR=${PREFIX}/sbin                  #Directory where system administration programs are installed
+MANDIR=${PREFIX}/share/man              #Directory where manpages are installed.
+INITDIR=${CONFDIR}/init.d               #Directory where SysV init scripts are installed.
+INITFILE=${PRODUCT}                     #Name of the product's installed SysV init script
+INITSOURCE=init.gentoo.sh               #Name of the distributed file to be installed as the SysV init script
+ANNOTATED=                              #If non-zero, annotated configuration files are installed
+SERVICEDIR=@GENTOO_PORTAGE_EPREFIX@/usr/lib/systemd/system      #Directory where .service files are installed (systems running systemd only)
+SERVICEFILE=gentoo.service              #Name of the distributed file to be installed as systemd service file
+SYSCONFFILE=default.gentoo              #Name of the distributed file to be installed in $SYSCONFDIR
+SYSCONFDIR=${CONFDIR}/conf.d            #Directory where SysV init parameter files are installed
+SPARSE=                                 #If non-empty, only install $PRODUCT/$PRODUCT.conf in $CONFDIR
+VARLIB=@GENTOO_PORTAGE_EPREFIX@/var/lib                         #Directory where product variable data is stored.
+VARDIR=${VARLIB}/${PRODUCT}             #Directory where product variable data is stored.

diff --git a/net-firewall/shorewall/shorewall-5.0.1.ebuild b/net-firewall/shorewall/shorewall-5.0.1.ebuild
new file mode 100644
index 0000000..66ba2b7
--- /dev/null
+++ b/net-firewall/shorewall/shorewall-5.0.1.ebuild
@@ -0,0 +1,447 @@
+# Copyright 1999-2015 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI="5"
+
+inherit eutils linux-info prefix systemd versionator
+
+DESCRIPTION='The Shoreline Firewall, commonly known as Shorewall, is'
+DESCRIPTION+=' a high-level tool for configuring Netfilter'
+HOMEPAGE="http://www.shorewall.net/"
+LICENSE="GPL-2"
+SLOT="0"
+IUSE="doc +init +ipv4 ipv6 lite4 lite6"
+
+MY_PV=${PV/_rc/-RC}
+MY_PV=${MY_PV/_beta/-Beta}
+MY_P=${PN}-${MY_PV}
+
+MY_MAJOR_RELEASE_NUMBER=$(get_version_component_range 1-2)
+MY_MAJORMINOR_RELEASE_NUMBER=$(get_version_component_range 1-3)
+
+# shorewall
+MY_PN_IPV4=Shorewall
+MY_P_IPV4=${MY_PN_IPV4/#S/s}-${MY_PV}
+
+# shorewall6
+MY_PN_IPV6=Shorewall6
+MY_P_IPV6=${MY_PN_IPV6/#S/s}-${MY_PV}
+
+# shorewall-lite
+MY_PN_LITE4=Shorewall-lite
+MY_P_LITE4=${MY_PN_LITE4/#S/s}-${MY_PV}
+
+# shorewall6-lite
+MY_PN_LITE6=Shorewall6-lite
+MY_P_LITE6=${MY_PN_LITE6/#S/s}-${MY_PV}
+
+# shorewall-init
+MY_PN_INIT=Shorewall-init
+MY_P_INIT=${MY_PN_INIT/#S/s}-${MY_PV}
+
+# shorewall-core
+MY_PN_CORE=Shorewall-core
+MY_P_CORE=${MY_PN_CORE/#S/s}-${MY_PV}
+
+# shorewall-docs-html
+MY_PN_DOCS=Shorewall-docs-html
+MY_P_DOCS=${MY_PN_DOCS/#S/s}-${MY_PV}
+
+# Upstream URL schema:
+# Beta:    $MIRROR/pub/shorewall/development/4.6/shorewall-4.6.4-Beta2/shorewall-4.6.4-Beta2.tar.bz2
+# RC:      $MIRROR/pub/shorewall/development/4.6/shorewall-4.6.4-RC1/shorewall-4.6.4-RC1.tar.bz2
+# Release: $MIRROR/pub/shorewall/4.6/shorewall-4.6.3/shorewall-4.6.3.3.tar.bz2
+
+MY_URL_PREFIX=
+MY_URL_SUFFIX=
+if [[ ${MY_PV} = *-Beta* ]] || [[ ${MY_PV} = *-RC* ]]; then
+	MY_URL_PREFIX='development/'
+
+	_tmp_last_index=$(($(get_last_version_component_index ${MY_PV})+1))
+	_tmp_suffix=$(get_version_component_range ${_tmp_last_index} ${MY_PV})
+	if [[ ${_tmp_suffix} = *Beta* ]] || [[ ${_tmp_suffix} = *RC* ]]; then
+		MY_URL_SUFFIX="-${_tmp_suffix}"
+	fi
+
+	# Cleaning up temporary variables
+	unset _tmp_last_index
+	unset _tmp_suffix
+else
+	KEYWORDS="~alpha ~amd64 ~hppa ~ppc ~ppc64 ~sparc ~x86"
+fi
+
+SRC_URI="
+	http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall-core-${MY_PV}.tar.bz2
+	ipv4? ( http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall-${MY_PV}.tar.bz2 )
+	ipv6? ( http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall6-${MY_PV}.tar.bz2 )
+	lite4? ( http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall-lite-${MY_PV}.tar.bz2 )
+	lite6? ( http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall6-lite-${MY_PV}.tar.bz2 )
+	init? ( http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall-init-${MY_PV}.tar.bz2 )
+	doc? ( http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/${MY_P_DOCS}.tar.bz2 )
+"
+
+# - Shorewall6 requires Shorewall
+# - Installing Shorewall-init or just the documentation doesn't make any sense,
+#   that's why we force the user to select at least one "real" Shorewall product
+#
+# See http://shorewall.net/download.htm#Which
+REQUIRED_USE="
+	ipv6? ( ipv4 )
+	|| ( ipv4 lite4 lite6 )
+"
+
+# No build dependencies! Just plain shell scripts...
+DEPEND=""
+
+RDEPEND="
+	>=net-firewall/iptables-1.4.20
+	>=sys-apps/iproute2-3.8.0[-minimal]
+	>=sys-devel/bc-1.06.95
+	ipv4? (
+		>=dev-lang/perl-5.16
+		virtual/perl-Digest-SHA
+	)
+	ipv6? (
+		>=dev-perl/Socket6-0.230.0
+		>=net-firewall/iptables-1.4.20[ipv6]
+		>=sys-apps/iproute2-3.8.0[ipv6]
+	)
+	lite6? (
+		>=net-firewall/iptables-1.4.20[ipv6]
+		>=sys-apps/iproute2-3.8.0[ipv6]
+	)
+	init? ( >=sys-apps/coreutils-8.20 )
+	!net-firewall/shorewall-core
+	!net-firewall/shorewall6
+	!net-firewall/shorewall-lite
+	!net-firewall/shorewall6-lite
+	!net-firewall/shorewall-init
+	!<sys-apps/systemd-214
+"
+
+S=${WORKDIR}
+
+pkg_pretend() {
+	local CONFIG_CHECK="~NF_CONNTRACK"
+
+	local WARNING_CONNTRACK="Without NF_CONNTRACK support, you will be unable"
+	local WARNING_CONNTRACK+=" to run any shorewall-based firewall on the local system."
+
+	if use ipv4 || use lite4; then
+		CONFIG_CHECK="${CONFIG_CHECK} ~NF_CONNTRACK_IPV4"
+
+		local WARNING_CONNTRACK_IPV4="Without NF_CONNTRACK_IPV4 support, you will"
+		local WARNING_CONNTRACK_IPV4+=" be unable to run any shorewall-based IPv4 firewall on the local system."
+	fi
+
+	if use ipv6 || use lite6; then
+		CONFIG_CHECK="${CONFIG_CHECK} ~NF_CONNTRACK_IPV6"
+
+		local WARNING_CONNTRACK_IPV6="Without NF_CONNTRACK_IPV6 support, you will"
+		local WARNING_CONNTRACK_IPV6+=" be unable to run any shorewall-based IPv6 firewall on the local system."
+	fi
+
+	check_extra_config
+}
+
+pkg_setup() {
+	if [ -n "${DIGEST}" ]; then
+		einfo "Unsetting environment variable \"DIGEST\" to prevent conflicts with package's \"install.sh\" script ..."
+		unset DIGEST
+	fi
+}
+
+src_prepare() {
+	# We are moving each unpacked source from MY_P_* to MY_PN_*.
+	# This allows us to use patches from upstream and keeps epatch_user working
+
+	einfo "Preparing shorewallrc ..."
+	cp "${FILESDIR}"/shorewallrc "${S}"/shorewallrc.gentoo || die "Copying shorewallrc failed"
+	eprefixify "${S}"/shorewallrc.gentoo
+
+	# shorewall-core
+	mv "${S}"/${MY_P_CORE} "${S}"/${MY_PN_CORE} || die "Failed to move '${S}/${MY_P_CORE}' to '${S}/${MY_PN_CORE}'"
+	ebegin "Applying Gentoo-specific changes to ${MY_P_CORE} ..."
+	ln -s ../shorewallrc.gentoo ${MY_PN_CORE}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo"
+	eend 0
+
+	# shorewall
+	if use ipv4; then
+		mv "${S}"/${MY_P_IPV4} "${S}"/${MY_PN_IPV4} || die "Failed to move '${S}/${MY_P_IPV4}' to '${S}/${MY_PN_IPV4}'"
+		ebegin "Applying Gentoo-specific changes to ${MY_P_IPV4}"
+		ln -s ../shorewallrc.gentoo ${MY_PN_IPV4}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo"
+		cp "${FILESDIR}"/shorewall.confd "${S}"/${MY_PN_IPV4}/default.gentoo || die "Copying shorewall.confd failed"
+		cp "${FILESDIR}"/shorewall.initd "${S}"/${MY_PN_IPV4}/init.gentoo.sh || die "Copying shorewall.initd failed"
+		cp "${FILESDIR}"/shorewall.systemd "${S}"/${MY_PN_IPV4}/gentoo.service || die "Copying shorewall.systemd failed"
+		eend 0
+	fi
+
+	# shorewall6
+	if use ipv6; then
+		mv "${S}"/${MY_P_IPV6} "${S}"/${MY_PN_IPV6} || die "Failed to move '${S}/${MY_P_IPV6}' to '${S}/${MY_PN_IPV6}'"
+		ebegin "Applying Gentoo-specific changes to ${MY_P_IPV6}"
+		ln -s ../shorewallrc.gentoo ${MY_PN_IPV6}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo"
+		cp "${FILESDIR}"/shorewall6.confd "${S}"/${MY_PN_IPV6}/default.gentoo || die "Copying shorewall6.confd failed"
+		cp "${FILESDIR}"/shorewall6.initd "${S}"/${MY_PN_IPV6}/init.gentoo.sh || die "Copying shorewall6.initd failed"
+		cp "${FILESDIR}"/shorewall6.systemd "${S}"/${MY_PN_IPV6}/gentoo.service || die "Copying shorewall6.systemd failed"
+		eend 0
+	fi
+
+	# shorewall-lite
+	if use lite4; then
+		mv "${S}"/${MY_P_LITE4} "${S}"/${MY_PN_LITE4} || die "Failed to move '${S}/${MY_P_LITE4}' to '${S}/${MY_PN_LITE4}'"
+		ebegin "Applying Gentoo-specific changes to ${MY_P_LITE4}"
+		ln -s ../shorewallrc.gentoo ${MY_PN_LITE4}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo"
+		cp "${FILESDIR}"/shorewall-lite.confd "${S}"/${MY_PN_LITE4}/default.gentoo || die "Copying shorewall-lite.confd failed"
+		cp "${FILESDIR}"/shorewall-lite.initd "${S}"/${MY_PN_LITE4}/init.gentoo.sh || die "Copying shorewall-lite.initd failed"
+		cp "${FILESDIR}"/shorewall-lite.systemd "${S}"/${MY_PN_LITE4}/gentoo.service || die "Copying shorewall-lite.systemd failed"
+		eend 0
+	fi
+
+	# shorewall6-lite
+	if use lite6; then
+		mv "${S}"/${MY_P_LITE6} "${S}"/${MY_PN_LITE6} || die "Failed to move '${S}/${MY_P_LITE6}' to '${S}/${MY_PN_LITE6}'"
+		ebegin "Applying Gentoo-specific changes to ${MY_P_LITE6}"
+		ln -s ../shorewallrc.gentoo ${MY_PN_LITE6}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo"
+		cp "${FILESDIR}"/shorewall6-lite.confd "${S}"/${MY_PN_LITE6}/default.gentoo || die "Copying shorewall6-lite.confd failed"
+		cp "${FILESDIR}"/shorewall6-lite.initd "${S}"/${MY_PN_LITE6}/init.gentoo.sh || die "Copying shorewall6-lite.initd failed"
+		cp "${FILESDIR}"/shorewall6-lite.systemd "${S}"/${MY_PN_LITE6}/gentoo.service || die "Copying shorewall6-lite.systemd failed"
+		eend 0
+	fi
+
+	# shorewall-init
+	if use init; then
+		mv "${S}"/${MY_P_INIT} "${S}"/${MY_PN_INIT} || die "Failed to move '${S}/${MY_P_INIT}' to '${S}/${MY_PN_INIT}'"
+		ebegin "Applying Gentoo-specific changes to ${MY_P_INIT}"
+		ln -s ../shorewallrc.gentoo ${MY_PN_INIT}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo"
+		cp "${FILESDIR}"/shorewall-init.confd "${S}"/${MY_PN_INIT}/default.gentoo || die "Copying shorewall-init.confd failed"
+		cp "${FILESDIR}"/shorewall-init.initd "${S}"/${MY_PN_INIT}/init.gentoo.sh || die "Copying shorewall-init.initd failed"
+		cp "${FILESDIR}"/shorewall-init.systemd "${S}"/${MY_PN_INIT}/gentoo.service || die "Copying shorewall-init.systemd failed"
+		cp "${FILESDIR}"/shorewall-init.readme "${S}"/${MY_PN_INIT}/shorewall-init.README.Gentoo.txt || die "Copying shorewall-init.systemd failed"
+		eend 0
+
+		eprefixify "${S}"/${MY_PN_INIT}/init.gentoo.sh
+
+		cd "${S}"/${MY_PN_INIT}
+		epatch "${FILESDIR}"/shorewall-init-01_remove-ipset-functionality.patch
+		cd "${S}"
+	fi
+
+	# shorewall-docs-html
+	if use doc; then
+		mv "${S}"/${MY_P_DOCS} "${S}"/${MY_PN_DOCS} || die "Failed to move '${S}/${MY_P_DOCS}' to '${S}/${MY_PN_DOCS}'"
+	fi
+
+	epatch_user
+}
+
+src_configure() {
+	:;
+}
+
+src_compile() {
+	:;
+}
+
+src_install() {
+	# shorewall-core
+	einfo "Installing ${MY_P_CORE} ..."
+	DESTDIR="${D%/}" ${MY_PN_CORE}/install.sh shorewallrc.gentoo || die "${MY_PN_CORE}/install.sh failed"
+	dodoc "${S}"/${MY_PN_CORE}/changelog.txt "${S}"/${MY_PN_CORE}/releasenotes.txt
+
+	# shorewall
+	if use ipv4; then
+		einfo "Installing ${MY_P_IPV4} ..."
+		keepdir /var/lib/shorewall
+		DESTDIR="${D%/}" ${MY_PN_IPV4}/install.sh shorewallrc.gentoo || die "${MY_PN_IPV4}/install.sh failed"
+
+		if use doc; then
+			dodoc -r "${S}"/${MY_PN_IPV4}/Samples
+		fi
+	fi
+
+	# shorewall6
+	if use ipv6; then
+		einfo "Installing ${MY_P_IPV6} ..."
+		keepdir /var/lib/shorewall6
+		DESTDIR="${D%/}" ${MY_PN_IPV6}/install.sh shorewallrc.gentoo || die "${MY_PN_IPV6}/install.sh failed"
+
+		if use doc; then
+			dodoc -r "${S}"/${MY_PN_IPV6}/Samples6
+		fi
+	fi
+
+	# shorewall-lite
+	if use lite4; then
+		einfo "Installing ${MY_P_LITE4} ..."
+		keepdir /var/lib/shorewall-lite
+		DESTDIR="${D%/}" ${MY_PN_LITE4}/install.sh shorewallrc.gentoo || die "${MY_PN_LITE4}/install.sh failed"
+	fi
+
+	# shorewall6-lite
+	if use lite6; then
+		einfo "Installing ${MY_P_LITE6} ..."
+		keepdir /var/lib/shorewall6-lite
+		DESTDIR="${D%/}" ${MY_PN_LITE6}/install.sh shorewallrc.gentoo || die "${MY_PN_LITE6}/install.sh failed"
+	fi
+
+	# shorewall-init
+	if use init; then
+		einfo "Installing ${MY_P_INIT} ..."
+		DESTDIR="${D%/}" ${MY_PN_INIT}/install.sh shorewallrc.gentoo || die "${MY_PN_INIT}/install.sh failed"
+		dodoc "${S}"/${MY_PN_INIT}/shorewall-init.README.Gentoo.txt
+
+		if [ -f "${D}etc/logrotate.d/shorewall-init" ]; then
+			# On Gentoo, shorewall-init will not create shorewall-ifupdown.log,
+			# so we don't need a logrotate configuration file for shorewall-init
+			einfo "Removing unused \"${D}etc/logrotate.d/shorewall-init\" ..."
+			rm -rf "${D}"etc/logrotate.d/shorewall-init || die "Removing \"${D}etc/logrotate.d/shorewall-init\" failed"
+		fi
+
+		if [ -d "${D}etc/NetworkManager" ]; then
+			# On Gentoo, we don't support NetworkManager
+			# so we don't need this folder at all
+			einfo "Removing unused \"${D}etc/NetworkManager\" ..."
+			rm -rf "${D}"etc/NetworkManager || die "Removing \"${D}etc/NetworkManager\" failed"
+		fi
+
+		if [ -f "${D}usr/share/shorewall-init/ifupdown" ]; then
+			# This script isn't supported on Gentoo
+			rm -rf "${D}"usr/share/shorewall-init/ifupdown || die "Removing \"${D}usr/share/shorewall-init/ifupdown\" failed"
+		fi
+	fi
+
+	if use doc; then
+		einfo "Installing ${MY_P_DOCS} ..."
+		dohtml -r "${S}"/${MY_PN_DOCS}
+	fi
+}
+
+pkg_postinst() {
+	if [[ -z "${REPLACING_VERSIONS}" ]]; then
+		# This is a new installation
+
+		# Show first steps for shorewall/shorewall6
+		local _PRODUCTS=""
+		if use ipv4; then
+			_PRODUCTS="shorewall"
+
+			if use ipv6; then
+				_PRODUCTS="${_PRODUCTS}/shorewall6"
+			fi
+		fi
+
+		if [[ -n "${_PRODUCTS}" ]]; then
+			elog "Before you can use ${_PRODUCTS}, you need to edit its configuration in:"
+			elog ""
+			elog "  /etc/shorewall/shorewall.conf"
+
+			if use ipv6; then
+				elog "  /etc/shorewall6/shorewall6.conf"
+			fi
+
+			elog ""
+			elog "To activate your shorewall-based firewall on system start, please add ${_PRODUCTS} to your default runlevel:"
+			elog ""
+			elog "  # rc-update add shorewall default"
+
+			if use ipv6; then
+				elog "  # rc-update add shorewall6 default"
+			fi
+		fi
+
+		# Show first steps for shorewall-lite/shorewall6-lite
+		_PRODUCTS=""
+		if use lite4; then
+			_PRODUCTS="shorewall-lite"
+		fi
+
+		if use lite6; then
+			if [[ -z "${_PRODUCTS}" ]]; then
+				_PRODUCTS="shorewall6-lite"
+			else
+				_PRODUCTS="${_PRODUCTS}/shorewall6-lite"
+			fi
+		fi
+
+		if [[ -n "${_PRODUCTS}" ]]; then
+			if use ipv4; then
+				elog ""
+			fi
+
+			elog "Before you can use ${_PRODUCTS}, you need to provide a configuration, which you can"
+			elog "create using ${CATEGORY}/shorewall (with \"ipv4\" and or \"ipv6\" USE flag)."
+			elog ""
+			elog "To read more about ${_PRODUCTS}, please visit"
+			elog "  http://shorewall.net/CompiledPrograms.html"
+			elog ""
+			elog "To activate your shorewall-lite-based firewall on system start, please add ${PRODUCTS} to your default runlevel:"
+			elog ""
+
+			if use lite4; then
+				elog "  # rc-update add shorewall-lite default"
+			fi
+
+			if use lite6; then
+				elog "  # rc-update add shorewall6-lite default"
+			fi
+		fi
+
+		if use init; then
+			elog ""
+			elog "To secure your system on boot, please add shorewall-init to your boot runlevel:"
+			elog ""
+			elog "  # rc-update add shorewall-init boot"
+			elog ""
+			elog "and review \$PRODUCTS in"
+			elog ""
+			elog "  /etc/conf.d/shorewall-init"
+		fi
+
+	fi
+
+	if [[ -n "${REPLACING_VERSIONS}" && ${REPLACING_VERSIONS} < ${MY_MAJOR_RELEASE_NUMBER} ]]; then
+		# This is an upgrade
+
+		elog "You are upgrading from a previous major version. It is highly recommended that you read"
+		elog ""
+		elog "  - /usr/share/doc/shorewall*/releasenotes.tx*"
+		elog "  - http://shorewall.net/upgrade_issues.htm#idp8704902640"
+
+		if use ipv4; then
+			elog ""
+			elog "You can auto-migrate your configuration using"
+			elog ""
+			elog "  # shorewall update -A"
+
+			if use ipv6; then
+				elog "  # shorewall6 update -A"
+			fi
+
+			elog ""
+			elog "But if you are not familiar with the \"shorewall[6] update\" command,"
+			elog "please read the shorewall[6] man page first."
+		fi
+	fi
+
+	if ! use init; then
+		elog ""
+		elog "Consider emerging ${CATEGORY}/${PN} with USE flag \"init\" to secure your system on boot"
+		elog "before your shorewall-based firewall is ready to start."
+		elog ""
+		elog "To read more about shorewall-init, please visit"
+		elog "  http://www.shorewall.net/Shorewall-init.html"
+	fi
+
+	if ! has_version "net-firewall/conntrack-tools"; then
+		elog ""
+		elog "Your Shorewall firewall can utilize \"conntrack\" from the \"net-firewall/conntrack-tools\""
+		elog "package. if you want to use this feature, you need to install \"net-firewall/conntrack-tools\"!"
+	fi
+
+	if ! has_version "dev-perl/Devel-NYTProf"; then
+		elog ""
+		elog "If you want to profile your Shorewall firewall you need to install \"dev-perl/Devel-NYTProf\"!"
+	fi
+}

[gentoo-commits] repo/gentoo:master commit in: net-firewall/shorewall/files/, net-firewall/shorewall/

[Ian Delaney]

commit:     098d7c9931e31aeab8b1f1dac651b4060b13e55c
Author:     Thomas D <whissi <AT> whissi <DOT> de>
AuthorDate: Mon Apr 25 23:12:43 2016 +0000
Commit:     Ian Delaney <idella4 <AT> gentoo <DOT> org>
CommitDate: Tue Apr 26 08:49:42 2016 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=098d7c99

net-firewall/shorewall: Bump to v5.0.8

- "reload" action added to runscripts (#580632)

Package-Manager: portage-2.2.28
Closes: https://github.com/gentoo/gentoo/pull/1354

Signed-off-by: Ian Delaney <idella4 <AT> gentoo.org>

 net-firewall/shorewall/Manifest                    |   7 +
 .../shorewall/files/shorewall-lite.confd-r1        |  19 +
 .../shorewall/files/shorewall-lite.initd-r1        |  83 ++++
 net-firewall/shorewall/files/shorewall.confd-r1    |  19 +
 net-firewall/shorewall/files/shorewall.initd-r1    | 108 +++++
 .../shorewall/files/shorewall6-lite.confd-r1       |  19 +
 .../shorewall/files/shorewall6-lite.initd-r1       |  93 +++++
 net-firewall/shorewall/files/shorewall6.confd-r1   |  19 +
 net-firewall/shorewall/files/shorewall6.initd-r1   | 118 ++++++
 net-firewall/shorewall/shorewall-5.0.8.ebuild      | 446 +++++++++++++++++++++
 10 files changed, 931 insertions(+)

diff --git a/net-firewall/shorewall/Manifest b/net-firewall/shorewall/Manifest
index 659efd4..8610ecd 100644
--- a/net-firewall/shorewall/Manifest
+++ b/net-firewall/shorewall/Manifest
@@ -1,14 +1,21 @@
 DIST shorewall-5.0.4.tar.bz2 482227 SHA256 34a4ab3e4ded052cb563a280f07f350616db913ded124bfceb39adb325f1ce0a SHA512 7912d46e794b4facf29d290370a5cbad83a568873d8aca1b6efe7856c1420a7da882957d16bd4d376d9e7c69accb5263bfa0dd73af06f3c85eab41a0e244c362 WHIRLPOOL eb7351b01c9a3c709179eb6e21d6bb54935a11c066fb31588a1b90c9a089eac7e2d8387006f436c2a68c1618847f5ea69c65e8233240a8d3c8352e0a4d685dc9
 DIST shorewall-5.0.7.2.tar.bz2 488554 SHA256 f88746e8fbce315e333855120c9c7bc0390ddd170696a8059bfe0a7c94887c50 SHA512 31fc0c2c1498eb67a311dd181340bdabb90170e16240a9cf4fb85d08773bbb33f6f857e9229133d98100d39e7c1a1b9c39118749094f65382698155d897ec7f1 WHIRLPOOL af78482e9b9909eda84b4dfc831a13219073c38db4d324d32a593b7be5829f7be8eba733db42dfdb6d5e86d638c8462c2b755bc5ba2f210c1ccd0cedfe369918
+DIST shorewall-5.0.8.tar.bz2 497396 SHA256 a1a598a3bb73793de245841ff54fae01cc2e29e006a4f4c09f04f16be4c41f54 SHA512 b0ad03aa86f1c5d607026db37fe3fb6ba335d29dd596770ef1b4b338b8afa5916062c07372427d44e8cdbd7e59183b3a73f4b531a869cc1dd4025f72ae5fc945 WHIRLPOOL 6e5643b094199a5bfa8da253e1348547525449b74f22ddfc5fa75fd504f456e914a56122a040532b460632ce43e178f28c22174ac000e724f43a2523c572819b
 DIST shorewall-core-5.0.4.tar.bz2 50604 SHA256 ea80b9e1854033c723a5321fc920b35aa0ebb0dea3721a47cee616aa3b92ed9f SHA512 1db3b7a44bf2f99d1a9c6775c798285bbc9a4bec5a340a10fd762600c01486f90d305297247cceb451616e852d9deb89163a43082e06f9eadad75cdd5d480a21 WHIRLPOOL bb4cea303c7ea1190ec3788f9e7cab4f0febf88ab5047c18adbe9e88476c5ebe569bd3ead6105131a61ac6c31bdab6d3192383e1709847e637220f223a8875b9
 DIST shorewall-core-5.0.7.2.tar.bz2 53796 SHA256 97f984261ca24e11e0ce4ab8c6ee2bb7f877dad9ed5b3df292bc6a6336e50b4c SHA512 7d76fede69e1cd218e574087cdf609b8fce6997a0f904151f2f514558d1664008a5e7516e1d97a912fe028c95a4d313c3db8e180745c99b5e15b28d25a67ccf6 WHIRLPOOL 0be39a6b9db6c561d5d2bd5e192b77d81a59c9236dcd3595a2d9b03af00e7df06b8f9e7aeedc03f9226714c987b1e812fb053e472099649bc0f1295943ac1459
+DIST shorewall-core-5.0.8.tar.bz2 57121 SHA256 1cd2449e4f86a23c518d180c9c802fa77400d33f0a2945b4434d89407167ecad SHA512 901673f76a65d7039abbad6d8b8553d9a1751dcc7559d25f0f798135121a52b4c25159b7ef4c95affdba6ed92e6a37d7d39928468e6a7737eaa78acb365c8a32 WHIRLPOOL df60d7ecb7422d5dd81c0a9b487bc7a4b15a1384c5a2ba262d9a8041262fec048d27d72c03dedfbe7a3b310b2708d40412d355dd70eeba7427eb5f43a3d44edf
 DIST shorewall-docs-html-5.0.4.tar.bz2 4263406 SHA256 501d76f53d6e638aaa14ab60718fa173ef0c3a7756e325326288c353d2845707 SHA512 7e35191fbd5a1b7f0172880fa03ce95f4ac13da3a481c4c2cace83380bcacd23809c56ea12876e55c6d2371a4c88ba44d6a8a600c83481156294ff1a2a48c0e4 WHIRLPOOL 347666e97898ea19af93aef3fb2852b1453791038fa534bb5cad8e96acff75460cb5527389b726f7e09d4721a7b171ca9d2171ac5704f8fa50e172d7ac403929
 DIST shorewall-docs-html-5.0.7.2.tar.bz2 4269013 SHA256 cf25f6f3db125ccdb45a27252f9896c338078b4d7c5dc2c73fda1edb5887c103 SHA512 11239c5d271b6e71aaa15880a1ed56566c1ce30b100c00a25e49279d0a9d07bd86484a43a4810a0904b84264a44c3cc65f0b12ec579ab0c953db26af3d8ed152 WHIRLPOOL 34f579be4799e8b5c17edc4b4b7a245bc7e6519a03226156fdc56f73abb6912d9a2b71c404b36ffd2458d4ab37a7a5ad1cc1622d3d2cc139204a3279c6a5b503
+DIST shorewall-docs-html-5.0.8.tar.bz2 4270299 SHA256 8646627ce8a4ceb8e0800e82c8a62facf5e4c8240b6fded00d4fed4516a275d1 SHA512 a820a3e0a2e6d95b8f349e66bd7ed8d27d7155801494042d6732b16cd93ad7f7e1a76a62b32335a62e98eb9528b49f16e11a4b2fe7bc0d9d8064a270cbd52d4f WHIRLPOOL 358b5948d3bb9912e8634e025003a969ecd546b7552e149c5e779844446a107f66a662c381f393d43a6d3cf241dafd8299341ae9ef56fb3ff37ca7277608deb8
 DIST shorewall-init-5.0.4.tar.bz2 29902 SHA256 97c99c9e68f2546139f26f1f713e1a3377754e53bf2ba0d8f431469aed47ee9c SHA512 67a66ba6db64a320192f5affa38fb779c1f7d7b915523fe82e4dc8a79bb6590b8da62979f9108ba3f56beef05c1cddb5bb2ffea21317e516c2d8a380a5117567 WHIRLPOOL b4f7875ed0f52d8667135dc7204b1a570dec351a7d3fb42a37618af3d54b808355b4479bfb3421d29d4ab808aeae37cd3f1d12b66046f96ec80f776e796d86c7
 DIST shorewall-init-5.0.7.2.tar.bz2 32525 SHA256 82b56c01e427e4806c4590b854adfe71feff4bed33185ec7be0310d8e8ae4991 SHA512 6ea2e2379d9baaca0730797f4d7f896f7350965cb203b8c322edc9e47bf0ce8966fd0d0ae5a01f50e5acc3a2578089bfe262e5567428aa13923e68cededda4b9 WHIRLPOOL de074623c93a43ca586a87f5ddae184ec2ce41a3a225f88aa0c92d0311e20cfd4c4b0c5a152bf8c9ca1daa0b159a306aeb321b960082000e99552704c34f9d1b
+DIST shorewall-init-5.0.8.tar.bz2 35665 SHA256 953a1ed63bcb36e2ecbe98813c85e4bae90f3dfadd4a4d034544b5eec113af4e SHA512 bc20cee91140e39c7cfcbf8b08c4dc3f19ce3cb76df62d7321a41679af007a2c4da49b6fff160a3cc4fb909a7cbb984157ad78e156df1c6094812f66cb549d2d WHIRLPOOL c56dace686dbe2e29123854374ed350cea0a399389577d7c8c2cc68a5534da6145a8b22819d53f1f4a42cee2e020085cac2544a20d3889476980a9fb4f062884
 DIST shorewall-lite-5.0.4.tar.bz2 46454 SHA256 23ac0c1b5f8f1650e6a03a70022b3de0c705fb4257c56d0f84d823b0a10f659d SHA512 8f29c4318de4464eaaaab81096e6290abb0c5d148b043dda70f2f38b21823338e093766dd6fcf0d8924a8a7cd3dd84b5c253fdae421982bc2f9ada13a38db7ba WHIRLPOOL 271b9605e97b1f2c5891cae9c30b4b56b8e07e69f1effbc277d784d781cb35f33f1f3c8e2bcbae0e7ae0e6fe092937573cdbf7c9adea498212007b4db7a5ee95
 DIST shorewall-lite-5.0.7.2.tar.bz2 48465 SHA256 7511a2f721c10e42628fe4dab1d8ce0c4499a76ad1ecb071a59575513f6b3d74 SHA512 d49fe0419da71ac492f2b48e142e353a09de746c5b842cf9f90added2e9e7578b1542d71c1f99251cbfd469bda73cd6fe151d45d71b38055365d5d36e67a806d WHIRLPOOL 8a0ff4aa17a2ab635488456f9bbd50d32a714dea56370b8cefe8938a5d12c16f906c24e0de8680251e5827038ea45f2c1bef1b477b1ffec76e2d4ff9c3703cc4
+DIST shorewall-lite-5.0.8.tar.bz2 51897 SHA256 42c2a2f7c81bfab47371748e8e5230bbac7bd5985372dce64071e695f9d8746a SHA512 7a2497a768102c331fda410206c77ef9e57b012eb6932ed519caf036b7cd8ae110bad536175db0339024c4d8aaa77b682a2b816358a3268e15018371c4fd69b8 WHIRLPOOL 4738355687e05ca133a6f9d7c3b467567cd49a8124bee4d12ec04981e38642555911b7249a9e161d22e6c1b64f221fea202141f7fcd05be8ea973cf78bc1900d
 DIST shorewall6-5.0.4.tar.bz2 221062 SHA256 86b939f5a27e464d2d4928b66ba145c30c299bc90fd19802817d8a013cfc1fff SHA512 cc38b44fd4af38981d2a7acff11be4f481683f5d6227ed072a2147650ff20fbafdf2bdca63f66b330c11cabf521484f6d860ad1dc426f1d952d94643ff3d63dc WHIRLPOOL 2e0abbcd7e308f2523907be285c77a257a37aa70b81af0d356de53cd6e330305ca66be6972ab53954d0b02ada9fc6b5176b928db8f4a9ee588410c81dce55792
 DIST shorewall6-5.0.7.2.tar.bz2 222450 SHA256 cf78fb9c75e65315502a56b963baf81afec0563d5e2e7bf5e7461c0a0772a29a SHA512 d052185ef2edcf0c4c81de41c52ff4db5b31649ae14847791b87a99e644b9a0a3026aeaa09bdd7d90687eeca5e86938af400574c31e6f44255fdf045b6716505 WHIRLPOOL 4b0779d7870700a62f614deb7a359add26520d6d989dfbe9c6feb0f027073d53752f0bc604008a2e9dfc5d719521fb25bef1967eea1b92d88efb151bb6b574f4
+DIST shorewall6-5.0.8.tar.bz2 224839 SHA256 564fb305c8d816d9e2b5a2487b68b80e34049144b8499931767a647d8bbd2192 SHA512 7d0eeac59c965cb4599b0fb42bdc8791ad29f284de9635a96df0c1e27bbdf69a35c501b72b4787380176c97fbbbdcd22a1a6b113c24344f296ec6b2438d2f77f WHIRLPOOL 47dc867b7c84db50cae87aeed79ba2c0f954841a5d593e76ca3c3caa0547ff1dd3e9e433a649cb655e8c1ad876faa518cd04fbf7daeb7be3f9d89625bfd2c77d
 DIST shorewall6-lite-5.0.4.tar.bz2 45573 SHA256 ea578f90bdb5b797c5604a4490ce90437bb4fbc1384f99ef131b2a6415ce6cfe SHA512 eb85ba4cc7992acb0667c735593cceb958ffa06fedd101a6c987078cbfb8509a7b979c92147dfbc4be58a00a2042a20d88873ba6048038ba5c6c8695487c3a85 WHIRLPOOL b040e1850f30103642d83a93467bb21d31a22a1e2c3759677720f0efc613d43759a278536f6304968fba208121f91a151df1b64f9dec6aaae3859f04a2da8215
 DIST shorewall6-lite-5.0.7.2.tar.bz2 47869 SHA256 3351ec654e7c65c5f0e6865b604d04f8fd164ff10af892aa0e586282dbd8def1 SHA512 75003fba3d2dc6e3b4eea27b21574c893d1759de2db1b008fff2de233d90159c4221cc1018a693745f7786702049cfe21636d12e80c02aedd2cdc904599bda5b WHIRLPOOL 1129bcae9878fe0f2b34944fd0b10f117160c617be79d837da056c0fd50f6f5f1b0855707b014618a7a8db41a6ab59e30707e468dfed9ff6f1ca9437dce05833
+DIST shorewall6-lite-5.0.8.tar.bz2 51351 SHA256 970b738ac1d3f6c7ca64769fde7daedd855dfb4ce000127f48bb6a352e28c184 SHA512 bc4fa6cb635b25856764009a7d10cf9d38d3df820ee291658a38c8014491baa407476ff5f5955168b84090ee6c8fdaf2718ea77dacdf15abd5c862f0e2e6eed6 WHIRLPOOL 8cabd7086f0fe593dea29ace8fedcff7078a9ce5c07b314c104c53d758962a3f344a46268e814516ebd03a225b4296d0b381b676c9d52fe94ce2afa5557bf5da

diff --git a/net-firewall/shorewall/files/shorewall-lite.confd-r1 b/net-firewall/shorewall/files/shorewall-lite.confd-r1
new file mode 100644
index 0000000..daef305
--- /dev/null
+++ b/net-firewall/shorewall/files/shorewall-lite.confd-r1
@@ -0,0 +1,19 @@
+# Global start/restart/stop options
+#
+OPTIONS="-tvv"
+
+# Start options
+#
+STARTOPTIONS=""
+
+# Stop options
+#
+STOPOPTIONS=""
+
+# Reload options
+#
+RELOADOPTIONS=""
+
+# Restart options
+#
+RESTARTOPTIONS=""

diff --git a/net-firewall/shorewall/files/shorewall-lite.initd-r1 b/net-firewall/shorewall/files/shorewall-lite.initd-r1
new file mode 100644
index 0000000..f6dbccd
--- /dev/null
+++ b/net-firewall/shorewall/files/shorewall-lite.initd-r1
@@ -0,0 +1,83 @@
+#!/sbin/openrc-run
+# Copyright 1999-2016 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+description='The Shoreline Firewall Lite, more commonly known as "Shorewall Lite", is'
+description="${description} a high-level tool for configuring Netfilter."
+
+extra_commands="clear"
+extra_started_commands="reload reset"
+
+description_clear="Clear will remove all rules and chains installed by"
+description_clear="${description_clear} Shorewall Lite. The firewall is"
+description_clear="${description_clear} then wide open and unprotected."
+
+description_reload="Reload is similar to \"${RC_SERVICE} start\" except that it assumes"
+description_reload="${description_reload} that the firewall is already started."
+description_reload="${description_reload} Existing connections are maintained."
+
+description_reset="All the packet and byte counters in the firewall are reset."
+
+command="/usr/sbin/shorewall-lite"
+
+depend() {
+	provide firewall
+	after ulogd
+}
+
+status() {
+	local _retval
+	${command} status 1>/dev/null
+	_retval=$?
+	if [ ${_retval} = '0' ]; then
+		einfo 'status: started'
+		mark_service_started "${SVCNAME}"
+		return 0
+	else
+		einfo 'status: stopped'	
+		mark_service_stopped "${SVCNAME}"
+		return 3
+	fi
+}
+
+start() {
+	ebegin "Starting shorewall-lite"
+	${command} ${OPTIONS} start ${STARTOPTIONS} 1>/dev/null
+	eend $?
+}
+
+stop() {
+	ebegin "Stopping shorewall-lite"
+	${command} ${OPTIONS} stop ${STOPOPTIONS} 1>/dev/null
+	eend $?
+}
+
+restart() {
+	ebegin "Restarting shorewall-lite"
+	${command} status 1>/dev/null
+	if [ $? != 0 ] ; then
+		svc_start
+	else
+		${command} ${OPTIONS} restart ${RESTARTOPTIONS} 1>/dev/null
+	fi
+	eend $?
+}
+
+reload() {
+	ebegin "Reloading shorewall-lite"
+	${command} ${OPTIONS} reload ${RELOADOPTIONS} 1>/dev/null
+	eend $?
+}
+
+clear() {
+	ebegin "Clearing all shorewall-lite rules and setting policy to ACCEPT"
+	${command} ${OPTIONS} clear 1>/dev/null
+	eend $?
+}
+
+reset() {
+	ebegin "Resetting the packet and byte counters in shorewall-lite"
+	${command} ${OPTIONS} reset 1>/dev/null
+	eend $?
+}

diff --git a/net-firewall/shorewall/files/shorewall.confd-r1 b/net-firewall/shorewall/files/shorewall.confd-r1
new file mode 100644
index 0000000..daef305
--- /dev/null
+++ b/net-firewall/shorewall/files/shorewall.confd-r1
@@ -0,0 +1,19 @@
+# Global start/restart/stop options
+#
+OPTIONS="-tvv"
+
+# Start options
+#
+STARTOPTIONS=""
+
+# Stop options
+#
+STOPOPTIONS=""
+
+# Reload options
+#
+RELOADOPTIONS=""
+
+# Restart options
+#
+RESTARTOPTIONS=""

diff --git a/net-firewall/shorewall/files/shorewall.initd-r1 b/net-firewall/shorewall/files/shorewall.initd-r1
new file mode 100644
index 0000000..74cadf2
--- /dev/null
+++ b/net-firewall/shorewall/files/shorewall.initd-r1
@@ -0,0 +1,108 @@
+#!/sbin/openrc-run
+# Copyright 1999-2016 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+description='The Shoreline Firewall, more commonly known as "Shorewall", is'
+description="${description} a high-level tool for configuring Netfilter."
+
+extra_commands="check clear"
+extra_started_commands="refresh reload reset"
+
+description_check="Checks if the configuration will compile or not."
+
+description_clear="Clear will remove all rules and chains installed by"
+description_clear="${description_clear} Shorewall. The firewall is then"
+description_clear="${description_clear} wide open and unprotected."
+
+description_refresh="The mangle table will be refreshed along with the"
+description_refresh="${description_refresh} blacklist chain (if any)."
+
+description_reload="Reload is similar to \"${RC_SERVICE} start\" except that it assumes"
+description_reload="${description_reload} that the firewall is already started."
+description_reload="${description_reload} Existing connections are maintained."
+
+description_reset="All the packet and byte counters in the firewall are reset."
+
+command="/usr/sbin/shorewall"
+
+depend() {
+	provide firewall
+	after ulogd
+}
+
+status() {
+	local _retval
+	${command} status 1>/dev/null
+	_retval=$?
+	if [ ${_retval} = '0' ]; then
+		einfo 'status: started'
+		mark_service_started "${SVCNAME}"
+		return 0
+	else
+		einfo 'status: stopped'	
+		mark_service_stopped "${SVCNAME}"
+		return 3
+	fi
+}
+
+start() {
+	ebegin "Starting shorewall"
+	${command} ${OPTIONS} start ${STARTOPTIONS} 1>/dev/null
+	eend $? 
+}
+
+stop() {
+	ebegin "Stopping shorewall"
+	${command} ${OPTIONS} stop ${STOPOPTIONS} 1>/dev/null
+	eend $?
+}
+
+restart() {
+	ebegin "Restarting shorewall"
+	${command} status 1>/dev/null
+	if [ $? != 0 ] ; then
+		svc_start
+	else
+		${command} ${OPTIONS} restart ${RESTARTOPTIONS} 1>/dev/null
+	fi
+	eend $?
+}
+
+clear() {
+	ebegin "Clearing all shorewall rules and setting policy to ACCEPT"
+	${command} ${OPTIONS} clear 1>/dev/null
+	eend $?
+}
+
+reload() {
+	ebegin "Reloading shorewall"
+	${command} ${OPTIONS} reload ${RELOADOPTIONS} 1>/dev/null
+	eend $?
+}
+
+reset() {
+	ebegin "Resetting the packet and byte counters in shorewall"
+	${command} ${OPTIONS} reset 1>/dev/null
+	eend $?
+}
+
+refresh() {
+	# refresh the rules involving the broadcast addresses of firewall
+	# interfaces, the black list, traffic control rules and
+	# ECN control rules
+
+	ebegin "Refreshing shorewall rules"
+	${command} ${OPTIONS} refresh 1>/dev/null
+	eend $?
+}
+
+check() {
+	# perform cursory validation of the zones, interfaces, hosts, rules
+	# and policy files. CAUTION: does not parse and validate the generated
+	# iptables commands.
+
+	ebegin "Checking shorewall configuration"
+	${command} ${OPTIONS} check 1>/dev/null
+	eend $?
+}

diff --git a/net-firewall/shorewall/files/shorewall6-lite.confd-r1 b/net-firewall/shorewall/files/shorewall6-lite.confd-r1
new file mode 100644
index 0000000..daef305
--- /dev/null
+++ b/net-firewall/shorewall/files/shorewall6-lite.confd-r1
@@ -0,0 +1,19 @@
+# Global start/restart/stop options
+#
+OPTIONS="-tvv"
+
+# Start options
+#
+STARTOPTIONS=""
+
+# Stop options
+#
+STOPOPTIONS=""
+
+# Reload options
+#
+RELOADOPTIONS=""
+
+# Restart options
+#
+RESTARTOPTIONS=""

diff --git a/net-firewall/shorewall/files/shorewall6-lite.initd-r1 b/net-firewall/shorewall/files/shorewall6-lite.initd-r1
new file mode 100644
index 0000000..8bca1e1
--- /dev/null
+++ b/net-firewall/shorewall/files/shorewall6-lite.initd-r1
@@ -0,0 +1,93 @@
+#!/sbin/openrc-run
+# Copyright 1999-2016 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+description='The Shoreline Firewall 6 Lite, more commonly known as "Shorewall6 Lite", is'
+description="${description} a high-level tool for configuring Netfilter."
+
+extra_commands="clear"
+extra_started_commands="reload reset"
+
+description_clear="Clear will remove all rules and chains installed by"
+description_clear="${description_clear} Shorewall6 Lite. The firewall is"
+description_clear="${description_clear} then wide open and unprotected."
+
+description_reload="Reload is similar to \"${RC_SERVICE} start\" except that it assumes"
+description_reload="${description_reload} that the firewall is already started."
+description_reload="${description_reload} Existing connections are maintained."
+
+description_reset="All the packet and byte counters in the firewall are reset."
+
+command="/usr/sbin/shorewall6-lite"
+
+depend() {
+	provide firewall
+	after ulogd
+}
+
+status() {
+	local _retval
+	${command} status 1>/dev/null
+	_retval=$?
+	if [ ${_retval} = '0' ]; then
+		einfo 'status: started'
+		mark_service_started "${SVCNAME}"
+		return 0
+	else
+		einfo 'status: stopped'	
+		mark_service_stopped "${SVCNAME}"
+		return 3
+	fi
+}
+
+start() {
+	ebegin "Starting shorewall6-lite"
+	${command} ${OPTIONS} start ${STARTOPTIONS} 1>/dev/null
+	eend $?
+}
+
+stop() {
+	ebegin "Stopping shorewall6-lite"
+	${command} ${OPTIONS} stop ${STOPOPTIONS} 1>/dev/null
+	eend $?
+}
+
+restart() {
+	# shorewall comes with its own control script that includes a
+	# restart function, so refrain from calling svc_stop/svc_start
+	# here.  Note that this comment is required to fix bug 55576;
+	# runscript.sh greps this script...  (09 Jul 2004 agriffis)
+
+	ebegin "Restarting shorewall6-lite"
+	${command} status 1>/dev/null
+	if [ $? != 0 ] ; then
+		svc_start
+	else
+		${command} ${OPTIONS} restart ${RESTARTOPTIONS} 1>/dev/null
+	fi
+	eend $?
+}
+
+clear() {
+	# clear will remove all the rules and bring the system to an unfirewalled
+	# state. (21 Nov 2004 eldad)
+
+	ebegin "Clearing all shorewall6-lite rules and setting policy to ACCEPT"
+	${command} ${OPTIONS} clear 1>/dev/null
+	eend $?
+}
+
+reload() {
+	ebegin "Reloading shorewall6-lite"
+	${command} ${OPTIONS} reload ${RELOADOPTIONS} 1>/dev/null
+	eend $?
+}
+
+reset() {
+	# reset the packet and byte counters in the firewall
+
+	ebegin "Resetting the packet and byte counters in shorewall6-lite"
+	${command} ${OPTIONS} reset 1>/dev/null
+	eend $?
+}

diff --git a/net-firewall/shorewall/files/shorewall6.confd-r1 b/net-firewall/shorewall/files/shorewall6.confd-r1
new file mode 100644
index 0000000..f372685
--- /dev/null
+++ b/net-firewall/shorewall/files/shorewall6.confd-r1
@@ -0,0 +1,19 @@
+# Global start/restart/stop options
+# 
+OPTIONS="-tvv"
+
+# Start options
+# 
+STARTOPTIONS=""
+
+# Stop options
+# 
+STOPOPTIONS=""
+
+# Reload options
+#
+RELOADOPTIONS=""
+
+# Restart options
+# 
+RESTARTOPTIONS=""

diff --git a/net-firewall/shorewall/files/shorewall6.initd-r1 b/net-firewall/shorewall/files/shorewall6.initd-r1
new file mode 100644
index 0000000..c725a28
--- /dev/null
+++ b/net-firewall/shorewall/files/shorewall6.initd-r1
@@ -0,0 +1,118 @@
+#!/sbin/openrc-run
+# Copyright 1999-2016 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+description='The Shoreline Firewall 6, more commonly known as "Shorewall6", is'
+description="${description} a high-level tool for configuring Netfilter."
+
+extra_commands="check clear"
+extra_started_commands="refresh reload reset"
+
+description_check="Checks if the configuration will compile or not."
+
+description_clear="Clear will remove all rules and chains installed by"
+description_clear="${description_clear} Shorewall6. The firewall is then"
+description_clear="${description_clear} wide open and unprotected."
+
+description_refresh="The mangle table will be refreshed along with the"
+description_refresh="${description_refresh} blacklist chain (if any)."
+
+description_reload="Reload is similar to \"${RC_SERVICE} start\" except that it assumes"
+description_reload="${description_reload} that the firewall is already started."
+description_reload="${description_reload} Existing connections are maintained."
+
+description_reset="All the packet and byte counters in the firewall are reset."
+
+command="/usr/sbin/shorewall6"
+
+depend() {
+	provide firewall
+	after ulogd
+}
+
+status() {
+	local _retval
+	${command} status 1>/dev/null
+	_retval=$?
+	if [ ${_retval} = '0' ]; then
+		einfo 'status: started'
+		mark_service_started "${SVCNAME}"
+		return 0
+	else
+		einfo 'status: stopped'	
+		mark_service_stopped "${SVCNAME}"
+		return 3
+	fi
+}
+
+start() {
+	ebegin "Starting shorewall6"
+	${command} ${OPTIONS} start ${STARTOPTIONS} 1>/dev/null
+	eend $? 
+}
+
+stop() {
+	ebegin "Stopping shorewall6"
+	${command} ${OPTIONS} stop ${STOPOPTIONS} 1>/dev/null
+	eend $?
+}
+
+restart() {
+	# shorewall comes with its own control script that includes a
+	# restart function, so refrain from calling svc_stop/svc_start
+	# here.  Note that this comment is required to fix bug 55576;
+	# runscript.sh greps this script...  (09 Jul 2004 agriffis)
+
+	ebegin "Restarting shorewall6"
+	${command} status 1>/dev/null
+	if [ $? != 0 ] ; then
+		svc_start
+	else
+		${command} ${OPTIONS} restart ${RESTARTOPTIONS} 1>/dev/null
+	fi
+	eend $?
+}
+
+clear() {
+	# clear will remove all the rules and bring the system to an unfirewalled
+	# state. (21 Nov 2004 eldad)
+
+	ebegin "Clearing all shorewall rules and setting policy to ACCEPT"
+	${command} ${OPTIONS} clear 1>/dev/null
+	eend $?
+}
+
+reload() {
+	ebegin "Reloading shorewall6"
+	${command} ${OPTIONS} reload ${RELOADOPTIONS} 1>/dev/null
+	eend $?
+}
+
+reset() {
+	# reset the packet and byte counters in the firewall
+
+	ebegin "Resetting the packet and byte counters in shorewall6"
+	${command} ${OPTIONS} reset 1>/dev/null
+	eend $?
+}
+
+refresh() {
+	# refresh the rules involving the broadcast addresses of firewall
+	# interfaces, the black list, traffic control rules and
+	# ECN control rules
+
+	ebegin "Refreshing shorewall6 rules"
+	${command} ${OPTIONS} refresh 1>/dev/null
+	eend $?
+}
+
+check() {
+	# perform cursory validation of the zones, interfaces, hosts, rules
+	# and policy files. CAUTION: does not parse and validate the generated
+	# iptables commands.
+
+	ebegin "Checking shorewall6 configuration"
+	${command} ${OPTIONS} check 1>/dev/null
+	eend $?
+}

diff --git a/net-firewall/shorewall/shorewall-5.0.8.ebuild b/net-firewall/shorewall/shorewall-5.0.8.ebuild
new file mode 100644
index 0000000..96d62a2
--- /dev/null
+++ b/net-firewall/shorewall/shorewall-5.0.8.ebuild
@@ -0,0 +1,446 @@
+# Copyright 1999-2016 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI=6
+
+inherit linux-info prefix systemd versionator
+
+DESCRIPTION='A high-level tool for configuring Netfilter'
+HOMEPAGE="http://www.shorewall.net/"
+LICENSE="GPL-2"
+SLOT="0"
+IUSE="doc +init +ipv4 ipv6 lite4 lite6"
+
+MY_PV=${PV/_rc/-RC}
+MY_PV=${MY_PV/_beta/-Beta}
+MY_P=${PN}-${MY_PV}
+
+MY_MAJOR_RELEASE_NUMBER=$(get_version_component_range 1-2)
+MY_MAJORMINOR_RELEASE_NUMBER=$(get_version_component_range 1-3)
+
+# shorewall
+MY_PN_IPV4=Shorewall
+MY_P_IPV4=${MY_PN_IPV4/#S/s}-${MY_PV}
+
+# shorewall6
+MY_PN_IPV6=Shorewall6
+MY_P_IPV6=${MY_PN_IPV6/#S/s}-${MY_PV}
+
+# shorewall-lite
+MY_PN_LITE4=Shorewall-lite
+MY_P_LITE4=${MY_PN_LITE4/#S/s}-${MY_PV}
+
+# shorewall6-lite
+MY_PN_LITE6=Shorewall6-lite
+MY_P_LITE6=${MY_PN_LITE6/#S/s}-${MY_PV}
+
+# shorewall-init
+MY_PN_INIT=Shorewall-init
+MY_P_INIT=${MY_PN_INIT/#S/s}-${MY_PV}
+
+# shorewall-core
+MY_PN_CORE=Shorewall-core
+MY_P_CORE=${MY_PN_CORE/#S/s}-${MY_PV}
+
+# shorewall-docs-html
+MY_PN_DOCS=Shorewall-docs-html
+MY_P_DOCS=${MY_PN_DOCS/#S/s}-${MY_PV}
+
+# Upstream URL schema:
+# Beta:    $MIRROR/pub/shorewall/development/4.6/shorewall-4.6.4-Beta2/shorewall-4.6.4-Beta2.tar.bz2
+# RC:      $MIRROR/pub/shorewall/development/4.6/shorewall-4.6.4-RC1/shorewall-4.6.4-RC1.tar.bz2
+# Release: $MIRROR/pub/shorewall/4.6/shorewall-4.6.3/shorewall-4.6.3.3.tar.bz2
+
+MY_URL_PREFIX=
+MY_URL_SUFFIX=
+if [[ ${MY_PV} = *-Beta* ]] || [[ ${MY_PV} = *-RC* ]]; then
+	MY_URL_PREFIX='development/'
+
+	_tmp_last_index=$(($(get_last_version_component_index ${MY_PV})+1))
+	_tmp_suffix=$(get_version_component_range ${_tmp_last_index} ${MY_PV})
+	if [[ ${_tmp_suffix} = *Beta* ]] || [[ ${_tmp_suffix} = *RC* ]]; then
+		MY_URL_SUFFIX="-${_tmp_suffix}"
+	fi
+
+	# Cleaning up temporary variables
+	unset _tmp_last_index
+	unset _tmp_suffix
+else
+	KEYWORDS="~alpha ~amd64 ~hppa ~ppc ~ppc64 ~sparc ~x86"
+fi
+
+SRC_URI="
+	http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall-core-${MY_PV}.tar.bz2
+	ipv4? ( http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall-${MY_PV}.tar.bz2 )
+	ipv6? ( http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall6-${MY_PV}.tar.bz2 )
+	lite4? ( http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall-lite-${MY_PV}.tar.bz2 )
+	lite6? ( http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall6-lite-${MY_PV}.tar.bz2 )
+	init? ( http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall-init-${MY_PV}.tar.bz2 )
+	doc? ( http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/${MY_P_DOCS}.tar.bz2 )
+"
+
+# - Shorewall6 requires Shorewall
+# - Installing Shorewall-init or just the documentation doesn't make any sense,
+#   that's why we force the user to select at least one "real" Shorewall product
+#
+# See http://shorewall.net/download.htm#Which
+REQUIRED_USE="
+	ipv6? ( ipv4 )
+	|| ( ipv4 lite4 lite6 )
+"
+
+# No build dependencies! Just plain shell scripts...
+DEPEND=""
+
+RDEPEND="
+	>=net-firewall/iptables-1.4.20
+	>=sys-apps/iproute2-3.8.0[-minimal]
+	>=sys-devel/bc-1.06.95
+	ipv4? (
+		>=dev-lang/perl-5.16
+		virtual/perl-Digest-SHA
+	)
+	ipv6? (
+		>=dev-perl/Socket6-0.230.0
+		>=net-firewall/iptables-1.4.20[ipv6]
+		>=sys-apps/iproute2-3.8.0[ipv6]
+	)
+	lite6? (
+		>=net-firewall/iptables-1.4.20[ipv6]
+		>=sys-apps/iproute2-3.8.0[ipv6]
+	)
+	init? ( >=sys-apps/coreutils-8.20 )
+	!net-firewall/shorewall-core
+	!net-firewall/shorewall6
+	!net-firewall/shorewall-lite
+	!net-firewall/shorewall6-lite
+	!net-firewall/shorewall-init
+	!<sys-apps/systemd-214
+"
+
+S=${WORKDIR}
+
+pkg_pretend() {
+	local CONFIG_CHECK="~NF_CONNTRACK"
+
+	local WARNING_CONNTRACK="Without NF_CONNTRACK support, you will be unable"
+	local WARNING_CONNTRACK+=" to run any shorewall-based firewall on the local system."
+
+	if use ipv4 || use lite4; then
+		CONFIG_CHECK="${CONFIG_CHECK} ~NF_CONNTRACK_IPV4"
+
+		local WARNING_CONNTRACK_IPV4="Without NF_CONNTRACK_IPV4 support, you will"
+		local WARNING_CONNTRACK_IPV4+=" be unable to run any shorewall-based IPv4 firewall on the local system."
+	fi
+
+	if use ipv6 || use lite6; then
+		CONFIG_CHECK="${CONFIG_CHECK} ~NF_CONNTRACK_IPV6"
+
+		local WARNING_CONNTRACK_IPV6="Without NF_CONNTRACK_IPV6 support, you will"
+		local WARNING_CONNTRACK_IPV6+=" be unable to run any shorewall-based IPv6 firewall on the local system."
+	fi
+
+	check_extra_config
+}
+
+pkg_setup() {
+	if [ -n "${DIGEST}" ]; then
+		einfo "Unsetting environment variable \"DIGEST\" to prevent conflicts with package's \"install.sh\" script ..."
+		unset DIGEST
+	fi
+}
+
+src_prepare() {
+	# We are moving each unpacked source from MY_P_* to MY_PN_*.
+	# This allows us to use patches from upstream and keeps epatch_user working
+
+	einfo "Preparing shorewallrc ..."
+	cp "${FILESDIR}"/shorewallrc "${S}"/shorewallrc.gentoo || die "Copying shorewallrc failed"
+	eprefixify "${S}"/shorewallrc.gentoo
+
+	# shorewall-core
+	mv "${S}"/${MY_P_CORE} "${S}"/${MY_PN_CORE} || die "Failed to move '${S}/${MY_P_CORE}' to '${S}/${MY_PN_CORE}'"
+	ebegin "Applying Gentoo-specific changes to ${MY_P_CORE} ..."
+	ln -s ../shorewallrc.gentoo ${MY_PN_CORE}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo"
+	eend 0
+
+	# shorewall
+	if use ipv4; then
+		mv "${S}"/${MY_P_IPV4} "${S}"/${MY_PN_IPV4} || die "Failed to move '${S}/${MY_P_IPV4}' to '${S}/${MY_PN_IPV4}'"
+		ebegin "Applying Gentoo-specific changes to ${MY_P_IPV4}"
+		ln -s ../shorewallrc.gentoo ${MY_PN_IPV4}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo"
+		cp "${FILESDIR}"/shorewall.confd-r1 "${S}"/${MY_PN_IPV4}/default.gentoo || die "Copying shorewall.confd-r1 failed"
+		cp "${FILESDIR}"/shorewall.initd-r1 "${S}"/${MY_PN_IPV4}/init.gentoo.sh || die "Copying shorewall.initd-r1 failed"
+		cp "${FILESDIR}"/shorewall.systemd "${S}"/${MY_PN_IPV4}/gentoo.service || die "Copying shorewall.systemd failed"
+		eend 0
+	fi
+
+	# shorewall6
+	if use ipv6; then
+		mv "${S}"/${MY_P_IPV6} "${S}"/${MY_PN_IPV6} || die "Failed to move '${S}/${MY_P_IPV6}' to '${S}/${MY_PN_IPV6}'"
+		ebegin "Applying Gentoo-specific changes to ${MY_P_IPV6}"
+		ln -s ../shorewallrc.gentoo ${MY_PN_IPV6}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo"
+		cp "${FILESDIR}"/shorewall6.confd-r1 "${S}"/${MY_PN_IPV6}/default.gentoo || die "Copying shorewall6.confd-r1 failed"
+		cp "${FILESDIR}"/shorewall6.initd-r1 "${S}"/${MY_PN_IPV6}/init.gentoo.sh || die "Copying shorewall6.initd-r1 failed"
+		cp "${FILESDIR}"/shorewall6.systemd "${S}"/${MY_PN_IPV6}/gentoo.service || die "Copying shorewall6.systemd failed"
+		eend 0
+	fi
+
+	# shorewall-lite
+	if use lite4; then
+		mv "${S}"/${MY_P_LITE4} "${S}"/${MY_PN_LITE4} || die "Failed to move '${S}/${MY_P_LITE4}' to '${S}/${MY_PN_LITE4}'"
+		ebegin "Applying Gentoo-specific changes to ${MY_P_LITE4}"
+		ln -s ../shorewallrc.gentoo ${MY_PN_LITE4}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo"
+		cp "${FILESDIR}"/shorewall-lite.confd-r1 "${S}"/${MY_PN_LITE4}/default.gentoo || die "Copying shorewall-lite.confd-r1 failed"
+		cp "${FILESDIR}"/shorewall-lite.initd-r1 "${S}"/${MY_PN_LITE4}/init.gentoo.sh || die "Copying shorewall-lite.initd-r1 failed"
+		cp "${FILESDIR}"/shorewall-lite.systemd "${S}"/${MY_PN_LITE4}/gentoo.service || die "Copying shorewall-lite.systemd failed"
+		eend 0
+	fi
+
+	# shorewall6-lite
+	if use lite6; then
+		mv "${S}"/${MY_P_LITE6} "${S}"/${MY_PN_LITE6} || die "Failed to move '${S}/${MY_P_LITE6}' to '${S}/${MY_PN_LITE6}'"
+		ebegin "Applying Gentoo-specific changes to ${MY_P_LITE6}"
+		ln -s ../shorewallrc.gentoo ${MY_PN_LITE6}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo"
+		cp "${FILESDIR}"/shorewall6-lite.confd-r1 "${S}"/${MY_PN_LITE6}/default.gentoo || die "Copying shorewall6-lite.confd-r1 failed"
+		cp "${FILESDIR}"/shorewall6-lite.initd-r1 "${S}"/${MY_PN_LITE6}/init.gentoo.sh || die "Copying shorewall6-lite.initd-r1 failed"
+		cp "${FILESDIR}"/shorewall6-lite.systemd "${S}"/${MY_PN_LITE6}/gentoo.service || die "Copying shorewall6-lite.systemd failed"
+		eend 0
+	fi
+
+	# shorewall-init
+	if use init; then
+		mv "${S}"/${MY_P_INIT} "${S}"/${MY_PN_INIT} || die "Failed to move '${S}/${MY_P_INIT}' to '${S}/${MY_PN_INIT}'"
+		ebegin "Applying Gentoo-specific changes to ${MY_P_INIT}"
+		ln -s ../shorewallrc.gentoo ${MY_PN_INIT}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo"
+		cp "${FILESDIR}"/shorewall-init.confd "${S}"/${MY_PN_INIT}/default.gentoo || die "Copying shorewall-init.confd failed"
+		cp "${FILESDIR}"/shorewall-init.initd "${S}"/${MY_PN_INIT}/init.gentoo.sh || die "Copying shorewall-init.initd failed"
+		cp "${FILESDIR}"/shorewall-init.systemd "${S}"/${MY_PN_INIT}/gentoo.service || die "Copying shorewall-init.systemd failed"
+		cp "${FILESDIR}"/shorewall-init.readme "${S}"/${MY_PN_INIT}/shorewall-init.README.Gentoo.txt || die "Copying shorewall-init.systemd failed"
+		eend 0
+
+		eprefixify "${S}"/${MY_PN_INIT}/init.gentoo.sh
+
+		cd "${S}"/${MY_PN_INIT}
+		eapply -p2 "${FILESDIR}"/shorewall-init-01_remove-ipset-functionality.patch
+		cd "${S}"
+	fi
+
+	# shorewall-docs-html
+	if use doc; then
+		mv "${S}"/${MY_P_DOCS} "${S}"/${MY_PN_DOCS} || die "Failed to move '${S}/${MY_P_DOCS}' to '${S}/${MY_PN_DOCS}'"
+	fi
+
+	eapply_user
+}
+
+src_configure() {
+	:;
+}
+
+src_compile() {
+	:;
+}
+
+src_install() {
+	# shorewall-core
+	einfo "Installing ${MY_P_CORE} ..."
+	DESTDIR="${D%/}" ${MY_PN_CORE}/install.sh shorewallrc.gentoo || die "${MY_PN_CORE}/install.sh failed"
+	dodoc "${S}"/${MY_PN_CORE}/changelog.txt "${S}"/${MY_PN_CORE}/releasenotes.txt
+
+	# shorewall
+	if use ipv4; then
+		einfo "Installing ${MY_P_IPV4} ..."
+		keepdir /var/lib/shorewall
+		DESTDIR="${D%/}" ${MY_PN_IPV4}/install.sh shorewallrc.gentoo || die "${MY_PN_IPV4}/install.sh failed"
+
+		if use doc; then
+			dodoc -r "${S}"/${MY_PN_IPV4}/Samples
+		fi
+	fi
+
+	# shorewall6
+	if use ipv6; then
+		einfo "Installing ${MY_P_IPV6} ..."
+		keepdir /var/lib/shorewall6
+		DESTDIR="${D%/}" ${MY_PN_IPV6}/install.sh shorewallrc.gentoo || die "${MY_PN_IPV6}/install.sh failed"
+
+		if use doc; then
+			dodoc -r "${S}"/${MY_PN_IPV6}/Samples6
+		fi
+	fi
+
+	# shorewall-lite
+	if use lite4; then
+		einfo "Installing ${MY_P_LITE4} ..."
+		keepdir /var/lib/shorewall-lite
+		DESTDIR="${D%/}" ${MY_PN_LITE4}/install.sh shorewallrc.gentoo || die "${MY_PN_LITE4}/install.sh failed"
+	fi
+
+	# shorewall6-lite
+	if use lite6; then
+		einfo "Installing ${MY_P_LITE6} ..."
+		keepdir /var/lib/shorewall6-lite
+		DESTDIR="${D%/}" ${MY_PN_LITE6}/install.sh shorewallrc.gentoo || die "${MY_PN_LITE6}/install.sh failed"
+	fi
+
+	# shorewall-init
+	if use init; then
+		einfo "Installing ${MY_P_INIT} ..."
+		DESTDIR="${D%/}" ${MY_PN_INIT}/install.sh shorewallrc.gentoo || die "${MY_PN_INIT}/install.sh failed"
+		dodoc "${S}"/${MY_PN_INIT}/shorewall-init.README.Gentoo.txt
+
+		if [ -f "${D}etc/logrotate.d/shorewall-init" ]; then
+			# On Gentoo, shorewall-init will not create shorewall-ifupdown.log,
+			# so we don't need a logrotate configuration file for shorewall-init
+			einfo "Removing unused \"${D}etc/logrotate.d/shorewall-init\" ..."
+			rm -rf "${D}"etc/logrotate.d/shorewall-init || die "Removing \"${D}etc/logrotate.d/shorewall-init\" failed"
+		fi
+
+		if [ -d "${D}etc/NetworkManager" ]; then
+			# On Gentoo, we don't support NetworkManager
+			# so we don't need this folder at all
+			einfo "Removing unused \"${D}etc/NetworkManager\" ..."
+			rm -rf "${D}"etc/NetworkManager || die "Removing \"${D}etc/NetworkManager\" failed"
+		fi
+
+		if [ -f "${D}usr/share/shorewall-init/ifupdown" ]; then
+			# This script isn't supported on Gentoo
+			rm -rf "${D}"usr/share/shorewall-init/ifupdown || die "Removing \"${D}usr/share/shorewall-init/ifupdown\" failed"
+		fi
+	fi
+
+	if use doc; then
+		einfo "Installing ${MY_P_DOCS} ..."
+		docinto html && dodoc -r "${S}"/${MY_PN_DOCS}/*
+	fi
+}
+
+pkg_postinst() {
+	if [[ -z "${REPLACING_VERSIONS}" ]]; then
+		# This is a new installation
+
+		# Show first steps for shorewall/shorewall6
+		local _PRODUCTS=""
+		if use ipv4; then
+			_PRODUCTS="shorewall"
+
+			if use ipv6; then
+				_PRODUCTS="${_PRODUCTS}/shorewall6"
+			fi
+		fi
+
+		if [[ -n "${_PRODUCTS}" ]]; then
+			elog "Before you can use ${_PRODUCTS}, you need to edit its configuration in:"
+			elog ""
+			elog "  /etc/shorewall/shorewall.conf"
+
+			if use ipv6; then
+				elog "  /etc/shorewall6/shorewall6.conf"
+			fi
+
+			elog ""
+			elog "To activate your shorewall-based firewall on system start, please add ${_PRODUCTS} to your default runlevel:"
+			elog ""
+			elog "  # rc-update add shorewall default"
+
+			if use ipv6; then
+				elog "  # rc-update add shorewall6 default"
+			fi
+		fi
+
+		# Show first steps for shorewall-lite/shorewall6-lite
+		_PRODUCTS=""
+		if use lite4; then
+			_PRODUCTS="shorewall-lite"
+		fi
+
+		if use lite6; then
+			if [[ -z "${_PRODUCTS}" ]]; then
+				_PRODUCTS="shorewall6-lite"
+			else
+				_PRODUCTS="${_PRODUCTS}/shorewall6-lite"
+			fi
+		fi
+
+		if [[ -n "${_PRODUCTS}" ]]; then
+			if use ipv4; then
+				elog ""
+			fi
+
+			elog "Before you can use ${_PRODUCTS}, you need to provide a configuration, which you can"
+			elog "create using ${CATEGORY}/shorewall (with \"ipv4\" and or \"ipv6\" USE flag)."
+			elog ""
+			elog "To read more about ${_PRODUCTS}, please visit"
+			elog "  http://shorewall.net/CompiledPrograms.html"
+			elog ""
+			elog "To activate your shorewall-lite-based firewall on system start, please add ${PRODUCTS} to your default runlevel:"
+			elog ""
+
+			if use lite4; then
+				elog "  # rc-update add shorewall-lite default"
+			fi
+
+			if use lite6; then
+				elog "  # rc-update add shorewall6-lite default"
+			fi
+		fi
+
+		if use init; then
+			elog ""
+			elog "To secure your system on boot, please add shorewall-init to your boot runlevel:"
+			elog ""
+			elog "  # rc-update add shorewall-init boot"
+			elog ""
+			elog "and review \$PRODUCTS in"
+			elog ""
+			elog "  /etc/conf.d/shorewall-init"
+		fi
+
+	fi
+
+	if [[ -n "${REPLACING_VERSIONS}" && ${REPLACING_VERSIONS} < ${MY_MAJOR_RELEASE_NUMBER} ]]; then
+		# This is an upgrade
+
+		elog "You are upgrading from a previous major version. It is highly recommended that you read"
+		elog ""
+		elog "  - /usr/share/doc/shorewall*/releasenotes.tx*"
+		elog "  - http://shorewall.net/upgrade_issues.htm#idp8704902640"
+
+		if use ipv4; then
+			elog ""
+			elog "You can auto-migrate your configuration using"
+			elog ""
+			elog "  # shorewall update -A"
+
+			if use ipv6; then
+				elog "  # shorewall6 update -A"
+			fi
+
+			elog ""
+			elog "But if you are not familiar with the \"shorewall[6] update\" command,"
+			elog "please read the shorewall[6] man page first."
+		fi
+	fi
+
+	if ! use init; then
+		elog ""
+		elog "Consider emerging ${CATEGORY}/${PN} with USE flag \"init\" to secure your system on boot"
+		elog "before your shorewall-based firewall is ready to start."
+		elog ""
+		elog "To read more about shorewall-init, please visit"
+		elog "  http://www.shorewall.net/Shorewall-init.html"
+	fi
+
+	if ! has_version "net-firewall/conntrack-tools"; then
+		elog ""
+		elog "Your Shorewall firewall can utilize \"conntrack\" from the \"net-firewall/conntrack-tools\""
+		elog "package. if you want to use this feature, you need to install \"net-firewall/conntrack-tools\"!"
+	fi
+
+	if ! has_version "dev-perl/Devel-NYTProf"; then
+		elog ""
+		elog "If you want to profile your Shorewall firewall you need to install \"dev-perl/Devel-NYTProf\"!"
+	fi
+}

[gentoo-commits] repo/gentoo:master commit in: net-firewall/shorewall/files/, net-firewall/shorewall/

[Thomas Deutschmann]

commit:     19fe301db4dae2ca679d9a5bb730429caca3c2e1
Author:     Thomas Deutschmann <whissi <AT> gentoo <DOT> org>
AuthorDate: Thu Nov  9 18:52:52 2017 +0000
Commit:     Thomas Deutschmann <whissi <AT> gentoo <DOT> org>
CommitDate: Thu Nov  9 18:53:07 2017 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=19fe301d

net-firewall/shorewall: Cleanup old

Package-Manager: Portage-2.3.13, Repoman-2.3.4

 net-firewall/shorewall/Manifest                    |  28 --
 ...rewall-init-01_remove-ipset-functionality.patch |  28 --
 net-firewall/shorewall/shorewall-5.1.5.2.ebuild    | 456 ---------------------
 net-firewall/shorewall/shorewall-5.1.6.1.ebuild    | 456 ---------------------
 net-firewall/shorewall/shorewall-5.1.7.1.ebuild    | 456 ---------------------
 net-firewall/shorewall/shorewall-5.1.7.ebuild      | 456 ---------------------
 6 files changed, 1880 deletions(-)

diff --git a/net-firewall/shorewall/Manifest b/net-firewall/shorewall/Manifest
index ceb33398388..a6890552d1f 100644
--- a/net-firewall/shorewall/Manifest
+++ b/net-firewall/shorewall/Manifest
@@ -1,42 +1,14 @@
-DIST shorewall-5.1.5.2.tar.bz2 520374 SHA256 ca33a7bc9c590638575edb8a530b76a9b0bd844877bef7df7c23646e839e137b SHA512 aed35f0a00944d70bb2bdab195f151e3770e73dabe07a59c1b6dd7fce5147866c73d44325df9ded475c37b258cf7c31c8d1348c58476fadd5b98217b7f0b3888 WHIRLPOOL ac0489f4ec152ff57a6da6be2c86b0fe45281ad9bb09e3fd53aba11b94252bb44ec5a71f069e2541b5c4912922fcfbbbce6004804c395e17929c78465a0cd102
-DIST shorewall-5.1.6.1.tar.bz2 522476 SHA256 90702872726c30434ef87c19be1742ae5f04b4e0b1f9ee7761810b618b38a05e SHA512 604ee6150add87a5c121e863ec3d65f454b6ae1724236c80c08e2ce3365512966126f9d28d07c7e6a273d5626e02e5625015f91f6a7166b830f6ccb667f731ba WHIRLPOOL f0e70c3949e9f9b59a5f5a19ee1023ecc6dc2ece2e420245f67fa2d7197939bc1197402366d8a560d7e29231accd5ea1456a005df30c7deaa82f25e01375ff2a
-DIST shorewall-5.1.7.1.tar.bz2 523943 SHA256 386223522c12c5279ec522efed137e3f1b5f638e396bbdef3e3d077104f8c053 SHA512 14ff5d4a19d355d489a6dd4ebdd1901112b8ac0cfdba1e0903ff9ac775fa02e3b923294b200dae1fb3113c7b7d43673b28877cf6dab8a07a844cb31b42393137 WHIRLPOOL 8717e3902fefcca580e189be80647caf39c76d1a0097f3d4e9ef5e2ff9f8c71b5a02e2b472d26abe57ce2f243b9ebba197a6fcbf84d566a7f49ff357f74e81a7
 DIST shorewall-5.1.7.2.tar.bz2 524263 SHA256 e7c4cde2d04894ddf6e8dd8a8f96e96e04574181807cfe9f78915fa0dfc836e4 SHA512 05599609b50189e300cd71eda6876ac5e8878a2d2ab7c1635afc1b79f1ab3c9bc92c1ac1758aa8996d10bb37783d1fa29c76adaa879ec93bc12669c3dbdbed9b WHIRLPOOL a2fcc48c9c51161c4a2ec692fa29215824a412056fdc15203892e6a9752c2239722462be89f26c4e7374ceb0131ba35df87847a3f16329438c57ec8f8dec0208
-DIST shorewall-5.1.7.tar.bz2 523676 SHA256 d19e6461fee8e497d3d569d69b4e0fed7736870171dd15ad8287e48facb25be0 SHA512 24f8dff494ee39926cb25680f62b2cd9073ab80b249ab57af5419af2211fc964d64e0bafb651879ba519677e0f844d5617cefe09f769369572c9c1a00149bce6 WHIRLPOOL 503fbf422b3888073cc64cdc4ba43c90a376b139252df3c146266d7da238b3aad92c1d778f5d1e8a45e4b9f1e6255e5c623c1b0530be68e95b184f7d56d0d21e
 DIST shorewall-5.1.8.1.tar.bz2 524305 SHA256 0ba4f22394d988a5714637444c248e542d5897e41ab5770907edf38e422fe2ff SHA512 3dfacf35134c4831db057bb11d11b10d0e8cd0eb0edf28f64a02a3970ebb33e9a2e2d1cc943432a14c7fa34779e812e704d43c8e6f1070bca30fcc470c7a215c WHIRLPOOL 0e549aa6d28d79ec8b9f448c2c5ef0a10a0ad930249d6be31e86ea9bf33501ac7ee544a628e408406018efaa5b80cdccd6e29f68ede9b506428fbf143deab733
-DIST shorewall-core-5.1.5.2.tar.bz2 77435 SHA256 24ca9c2e506cadda1fcbf621b376db0ebb3f3802cecc53d1518753a9cb77d450 SHA512 d4e0ef22d288e6addc2ce41813f2bab56fa142893ea495ef59dd1a636995e2a71e88477c38cac1004f055a7333ab0db27a334ca586b88558d6b781966712bff2 WHIRLPOOL 526495ae9a13a2e0dfc6dc7fffec0a7f8dd1be111be35ff2356bcf403c12c7e76993c82b2cb5b76541fa613856b23a5499b86a7a72b52062e7a21bd3b61e9082
-DIST shorewall-core-5.1.6.1.tar.bz2 78891 SHA256 31b48d50ce9a6b256739679c03ea4c6c219149b34201e6637f0ed2ccc6dd3530 SHA512 090425813791bc78531a46c493a54cadc3ac6106963c87abb3c48f0863267f71bccad644209f2893f9f1ec06057595242f12fbd59312c7e8dd932f0c3bc29236 WHIRLPOOL c255fd892a299fe8ef56a923b4c8511df2cbc21ce8821f90257b2e9a1fd66a20ec2a5070365dc7a6b43e40c0b0645c845b122a67b4dbc6e71e8a9f1de919b13b
-DIST shorewall-core-5.1.7.1.tar.bz2 79801 SHA256 482d2d283cc891c7746c8f44cf745e7d54615f65e9eb67874a5c1d548f15c5ba SHA512 5a11a5f85518df3b57b77e16f8b8c7ff7b169a86d87ce21beb764e5a3e9651d1d07f4d5fe50ed0c15c22b7bd608aaca8aced9c0b892d7f50c712195fa22c77a9 WHIRLPOOL 62e6d98a376f90219b47b24432cf81f8654bed04b899136efedf0931b97543f9cdb6cd7459ea168a525c24477197fa0b61f5a21e0aadfc42893e42777983a4c4
 DIST shorewall-core-5.1.7.2.tar.bz2 80213 SHA256 c1f78229d9633ea6b35ec067c9724003e2929a39ae54ccd8e6875776d155cd70 SHA512 73c547d6985f17f5c2f2fe4a846a7db76fe514edbc03b7b2f191b437405ac6175cbe3dba615839bb46658031f7cd74ce26221cac42869818e5131b1836d43951 WHIRLPOOL e58a64514f50b375670908cea228610abab9bdb7a8300d04a3c728a70b662da144711e09124fa6149e61c941d165f93a65d162cedbc739eb670ddad4d86f76ff
-DIST shorewall-core-5.1.7.tar.bz2 79711 SHA256 c94baf58a61b79407fbaea84a6439d323b17d02912dd81838f7b5ed07ccf1340 SHA512 91836595a3f0df8db6d26eeef47207e94364748e55762de771340ed368ea10be2c445680a57a2864fdfa68b35da18ee256cc0f8dcf6c53494c39f09da8ae829d WHIRLPOOL 4fd47f0b46c2881917561b9234acc38548fb9d4a1ef1e2f706a8eaceeb1d44aa0753a93fecddb7ebc80be9e19c20fdd853c22ca2ab7ae21e092aba7e60921b58
 DIST shorewall-core-5.1.8.1.tar.bz2 81130 SHA256 0caca8dbd969e88f3f875789b3ac31985a19d39916efe15f69766a6ddd8d97ac SHA512 480003ff87da59ea64cabc3fc15e12bef44180fcc47b71f9a08c225484dc401080271ddf2834574ca46992973f9d3567ddd14d977b670c48a453eb435c356ab6 WHIRLPOOL 173dee8d7e3cc89d092c844a040f75924c860a2c8b9a97fda21cac20ee9160c98597c54c830061ecc866f51b3d22fd78513ce06f39e176662bbf26133ac2d421
-DIST shorewall-docs-html-5.1.5.2.tar.bz2 4218574 SHA256 18a601050b6fcf6b5839ead037e96ee28ae85eb34262d7d614183cbee6169ef5 SHA512 a66161a601f5417bde8612a154c3886dbf81985e127955bbec213dcaa0e4778b2a3aabbf1dcf257d36db0806b5822bce5fa11a555da36427abbf0deb8f6f1501 WHIRLPOOL d8607b0c7ea3b7bd7b685e99895867f9e37bc2a0c8a5520a59311696fc0e2817452e36865c08e7b758a72fd9a546bf5ef6a47f4098f993cf8c95ad4e1f426dd8
-DIST shorewall-docs-html-5.1.6.1.tar.bz2 4218958 SHA256 db1d61b013f035a2e7d515f483d789fa160fe7a250e12e9efec5a79fb2ef1144 SHA512 c620209dd6fd9f044088e11e1adf8bee5c481bb27db76bfae5f42fae242dc139526cc457507251d5d00e55a652b358aa7ac3586ec10e28210e00f75932007277 WHIRLPOOL 36936c55029db3875f1a14014eb2c25845412f74bec22205a24919faa34c8b447539bbaa29189ed547bd63989ba20d1c4376fc5fd4d02d4c227f10d733fc0835
-DIST shorewall-docs-html-5.1.7.1.tar.bz2 4219011 SHA256 4f7c5d85945aff85ba4287d0afd63fa476afae0f3b22ed1cdc661cf18f963001 SHA512 af1c97e4e23ba9a80963161124e26ee322b8ef8900457c5e98a34e8af795d3122bb3b54cf026148543e33c7045827d51d07b3af913d9472646e07bda339695c3 WHIRLPOOL b29a81f77a006aaaf8ea1881925dcdb102219d67657c529f733b996011743118a9c743a4496db673fd38a25c114703529698d1986f562be70c73ac47f25095d5
 DIST shorewall-docs-html-5.1.7.2.tar.bz2 4218919 SHA256 348e9bf9c97e97aa3f8f425e30da9f6c89d2b7c5a035a21ac4c3e792ef33ac95 SHA512 b9c85d228b65ecf6b9e29ba316b8cf878a06832bc94f62e2ca8793c02c95bae7be934dd45dc572b31d8e4cff00e1092c8c8681d7c1fc4759c5700a1b8f868f55 WHIRLPOOL 01c51b28a9bcbed7e9a8d257ef01ecc113ba0ad095fce02d6fc17b3b341fd5d340281dfe1db0699ae1ff81e990f9413436d9fa0920846ae9f4b4298a483bede3
-DIST shorewall-docs-html-5.1.7.tar.bz2 4218629 SHA256 81a9906479bab465e61b420cc9904487ccb490f10bcaef4a5487ec5ff46a1428 SHA512 c24351701983c8b0e6b429094084cbfec1360eaaf4cae8c58b3513c3783957ae1b16a5b0443f07b6ccb4cbf5726324b7670f07dfe5fe1b0e58ec127d305baa4e WHIRLPOOL a31f6822011fb90e4e6b00f20f7f604a4cb4a6f67fc2563754bfb447a2fb2a09a86001412d3d47190f6ce388bdc321ec99fc32fd23015566fe0381f8a1f6a4c2
 DIST shorewall-docs-html-5.1.8.1.tar.bz2 4212495 SHA256 cf7aafa3b9c990205ceda790ecb006a6b17c5d0aea4d223a8da708f34fd91bd1 SHA512 665cc93d62bff6e18517ef959990fea6608de8246068a09f3548b855cafe08a9a6a7722a92bf8a2890889a0041ec5cb0647abe4f3afcaec857e309f2d33d6fd4 WHIRLPOOL 36e6099e5bd2790dc3952ba06c8f8e84737f505557a912fa0b58b2d603d66ba75aa2a14c4e8611d7186a44650d689cbfb5ec4012e0069732130e2d602f2e0e9f
-DIST shorewall-init-5.1.5.2.tar.bz2 32646 SHA256 1ae9771f20ca3ede897fe0ee4443d65011dde37d6ecc146150ba22c980b6f272 SHA512 de67e167bbdd5e2860e01fb55f07b695011ce7473b98b374f605263eb0aa66e7de645cd7716526ecbf01bf8b65fb5e08294c85bf55ec45b54b78f1b66e80565c WHIRLPOOL d1f1d05b384b63b087e48afa90ded85e333d1ca1d8e90196de2540c8705239f55326ffa5d421f6c03e651e6d7076e18786ab47009c09f31de2cc6fe13910ac36
-DIST shorewall-init-5.1.6.1.tar.bz2 34153 SHA256 ad20b348e32f6cc332521b07ef89a891978453e56cfe7fbe916d1f83ae594194 SHA512 f6ea4aad0c0da6da8436dcb27441088cefd8312e37cc6d62187fd8210790b2be5452cc06f1823f1958c53cdec2e4b14abc5be31a7c029739838f5bbc6d143a00 WHIRLPOOL b5d6f01c5670a60a3471f1fffbd341ca914c20d39516ad5bf63693c7ebda882c0fa572d5839f28ef94d40a95216a1b13573b470fe14676f0421aebde62769fd6
-DIST shorewall-init-5.1.7.1.tar.bz2 35144 SHA256 e814448295918102fd83da6286925c59fc3387a211d9cf0e808509613e9b571b SHA512 dfbab688e60475e6e69279f4c48ce7492227ca3d541b171f2e4308793d7b6bd46cce7899a6ad0f1c48e817db576ddf3dea9d826d36ff5745f8f84c98cc6317f7 WHIRLPOOL d58ffd4fb4f643a6692f080f512b2be86bab43fe7701555408ecd5c34ead78374d960a6c6528579a7e68db53fdaa9bd7d1201f51a3bc3c0a4e6fee532bcea858
 DIST shorewall-init-5.1.7.2.tar.bz2 35347 SHA256 f47900550045901a38a96fbcad6e401f86cc53ba0a94c44e1b3903b0e6358609 SHA512 9f295da51cbfe7c2fa3aab4029b18ff4bb9c4834d852e2a4cc3770fbed6eae79797000053ad7097ba831e01f710bf4c030d1f3b0cda93cb8da3dc3befa6ae0f4 WHIRLPOOL 1d47c4211959193334e921a82fe50b2cfb353ac6f3635bb96d1b8500a8dacaf2ddf2d62f96874dd3c2d9f4dd9d7e7f689fee4254b528bf1fe92a47fff5d8cca5
-DIST shorewall-init-5.1.7.tar.bz2 34955 SHA256 c0a0218d209846cde2581ecc93d70eb8ae26bea976647db2f1fa887140f10811 SHA512 3951b24a0e992c45021d5e79d5ab4a1480559ba321c4c5c57b40068373bb4b14f45edf525e9cc384657167330ef8f6cec46374c84a8dcc7fb641a88e27e40a4d WHIRLPOOL f319cf109987cf627794d60beabcf988a2cb2a54abacdd84a46e60344960ed9371adeb6367fd3318ebe9e24a562a199a3ed98edca31a1e992757ab2db252f58e
 DIST shorewall-init-5.1.8.1.tar.bz2 36268 SHA256 c2007f45efae58235c445e53cdab0ebef559adcdc6a84ac09125f1e57081c27d SHA512 67d9e7f7dda5615c826eae784c30ed36dfed0e7b0f7bd95088082f401998eb989ac9e39ab528300f075a1d6f4ad2eb3a7dcbfac5c785db79dc154821e2c5e86a WHIRLPOOL b82dab99fc44e27e6c1f420ea6512f4560f497f2df03d14e01d06c7661d8f6166539f2b6798ffa56ac85eec556411826c1ade182adeb9aea75ca60d56e7b6cfe
-DIST shorewall-lite-5.1.5.2.tar.bz2 38424 SHA256 acf092c051ce4e19b0aa67b1828511ec446006133c4451d9c13f60275025a397 SHA512 300793d3a123ab63cde988667a53e931adf7f40e6987bb5b57a60376502ad4ec46316e45bc0c589f82f3fb118ee6f78a0646f7aa5ef522791eea10e7ff2430da WHIRLPOOL 2a8b775d87601cb4e792fe817e0d2e7eaaf6b162eb9ed762081ec502239d1dc33d3843e9742b532d582939dc143561de617246aeb27a83448625bc4935d78505
-DIST shorewall-lite-5.1.6.1.tar.bz2 39930 SHA256 64424e0c69aff83fc02a73db5b1c7ee10fb916d317c027987ba40c8aff6ddd8f SHA512 69cfca2e703680238b32c8ffe3431a9267625faa3a03bed28593f0b0e8a5accc7d58ef4b91b77f87fc44e09f279d41e0302094e1d5255fc3ed1f6fc51863c07b WHIRLPOOL cb993586c09297aeaf8a37cbde8afa99f93687b62b1a5551e70e10ffa9633ba67077dc9323af583293c7e1d07b0ba558d2b1a124709fef147021bf9c5cffee9e
-DIST shorewall-lite-5.1.7.1.tar.bz2 40847 SHA256 7e9f09a34eca462f58aaf3f43326a830d924d3868b6cb82a3d1f27875aee128c SHA512 5422c3a0fd53d37d615a81d1bc2273042ca1011ae64f357c295fb81b49962ab8a51343a7eb71819018fb6f1f3c9045b27a6b289974ad3bd436d8c85f24c5da63 WHIRLPOOL bf3baba44eda3457af584e0dcbe1e312dd2d890c9650523856b43a93f747b7ce0677ea0c5320ab51d1c4f733a5c4951505eae19223b4a9aeeaf5673a7eb6567f
 DIST shorewall-lite-5.1.7.2.tar.bz2 41048 SHA256 e5f4f97031ef81ef599391279e18c26762f3db6dffc5fee33f3e93f37d92618c SHA512 385b072f93015259b6bb57a07c62815ac27c858c63254cd968240761a230e8b781207ee9f1cc9e6caab43e8f12c60e42cfcbaa6f938c964184b14e5d360bee83 WHIRLPOOL fe88d3f7df02164fe17f141dc1dfce9f082688ee133f93e8af63b4046981cf879560bff4a148fc21739f84d76bf3eda58906bf280fda81fc8bbec5f21f277535
-DIST shorewall-lite-5.1.7.tar.bz2 40648 SHA256 c55d2077bfc72f50bd49457984060d9cc0cabdefa26674662f8a68ccf1aad65f SHA512 a6ac156496aa52ff4bcaa4f6b72b3e0bcb93876a029a54f81989fd3d02ef2fbc9ebf870731912080c59e5f3afd56ebffc17fcaaf30716ad65693b72130e05500 WHIRLPOOL 974815a3ea8032638905da17fbc7f46441cb73cc4660f57f733fcd571a4ea606658db00c98518e914fe681a67effe19e5e681e0b1afccd5986bff7b6d86d68cb
 DIST shorewall-lite-5.1.8.1.tar.bz2 41954 SHA256 2efc424c1d4f737618f91864ba8e618328605514965e497660ee0ac9020b6048 SHA512 2e6716a8a7dc38e9b6b9abb85d14216b0ed4f63c8e360ac98ff5b40d0a9708cd0dbdc870c41693c135c959d1000f6880eabf7b0c4002ccd52c0e98f1ad3e1ccb WHIRLPOOL 7cc3ca69dd3aee3cc10bf85847d9d999e3539d4a31a029fb37e5c3f14c017f60b6a054c0eb41a799c02484cdb2ea8db193f14597f5bf7b31dce8bf15c45e5989
-DIST shorewall6-5.1.5.2.tar.bz2 188754 SHA256 c215a762ebb9c0a35be7463e1a2db2397ee1c01ab32c2224528f8de4a5ac9ac6 SHA512 1dbb7304f1f349ceb84a34c397a8c12e4fc5e9bdcd001d72881dbf76dda37e8e8448419f00c705e430f5f2e57cf3a7f9dc834cde6119d18cbeabf9d5a0e67e35 WHIRLPOOL 0daf72a3755b83b1ac3c6d90911149410cb9918f9ad312bd16f90c900880e32e852f5cb89791fdd68f14c1ae2389a365a23b94f430e227c687ab820d1b6d7619
-DIST shorewall6-5.1.6.1.tar.bz2 191131 SHA256 4732c560aa9166b35fbefaeecf6dcedf9f5224e1f56a739b3b1d30724af3affc SHA512 a26acc30f81c7419d9cbb8fd9f0a95c4647e4247b5f4f6232fc414abdba85c85ad8b127f441137cffa1dd88e7bebfba8a785416f54df36f77a36a50b4971b0f1 WHIRLPOOL a9cbe284762ee8af930808c8bb25931860ea9014e00c5b1f2d99ae48ffd31fa96a92dd0bb7ab43bbc44a7d02c5e8e5c334d938db3414b1c0e7069175f04fe026
-DIST shorewall6-5.1.7.1.tar.bz2 191749 SHA256 d950eb1acdffa5d6af19f4f9cc81c76e293c75af26f847452ca53401f9d7093b SHA512 fdea35fb2b6d9e7418d2c2d9124a3c05e42080240aa6e2faa23ef004e2b4ef7e1a05f965d6cdf1c3b224a7c226724a3f2e68b597c026d3b8abdc0326cb545b2a WHIRLPOOL 2dcff81b201b601ad5d5dab38a39344f3dffcfc2e90fe8b39ef31b4f3070295871cc87b5b17e3f9651c9131c1df4702413cb8735d4953088f6df99a8a01ce568
 DIST shorewall6-5.1.7.2.tar.bz2 192087 SHA256 8cddd2baafe71ebfd9aa691400bc320ab0672791f5d8f1e82067d91c3586deba SHA512 2ce5beb6be5ce9a5f9b1f116468f2834188938c5893ca2a9fdc7d76ab43ed487a7dd59cca5a8098ecee06274c1c359543ff57f2d3efa5e4ed8fc728702f6a689 WHIRLPOOL db5b3569689d3dd05e82316e9d7851f72e18b7df1a84b768bf6ceb546bf470843d31834a0e3d5a40e6c83597b65633efc9507eb75709a66f1c1d7223162792c2
-DIST shorewall6-5.1.7.tar.bz2 191614 SHA256 624fe000c881a75109f65f5fb11480a2f997b06237db546e51aeee2ed49dd10d SHA512 9423d6a141c61e1ca5546fd21e5db145c917d6e6825805ff404f5531449a0125f8288d0954e101231fa4d0a521e6db3993b4b312caba3188e41bc579eef350c3 WHIRLPOOL 7635d78eecf9f3e13b98e0577dff7687be34abdbeb8eee7d152ef1a0610dd9e82bf18024185ffe14caaa47053b809307e47b2aa111f7d03a8595a35d7c297ccf
 DIST shorewall6-5.1.8.1.tar.bz2 193412 SHA256 fde5b7a9eb0d4241ef3dfb8392b93f86a974c76cec8b05bd946bc12f509aca8e SHA512 9f4518444a8982eaaa9cd218742e4ab27b31e9b8799b4e483e30708bf13d68b444562f8cac6e98c170281d91c5bcb7730cb0f559146cd09e3b99a45dba68ef86 WHIRLPOOL 688e3f2a8538cc0a59d017a3e92c3a8d90a0372037bf8a0e7da2abb58d572fcb0b467f2149d330eb8eaa9d7fc8aefbe83411e55bd235ccd220601549392b097f
-DIST shorewall6-lite-5.1.5.2.tar.bz2 38137 SHA256 0b65ef615be93f921af6d8c11f702f2c46ba18d989fe12fe048732c53cf841de SHA512 e8961abdb7c105820d8420f623cbff72af33e2d35701bb0f81f2fad5364e91b88d5d1317d4ffc8e00c3b32d50c96f6c0dccda20cd981c5f6cc7aaf1662af8d27 WHIRLPOOL d3b04c2c6e9f3a10b8bbc0da1e5691dc3e428501ee52547e548eed05b14d54aec243111f711cb66ecc734efe5217dffa0230b1045296f90a60da88c390ba33bf
-DIST shorewall6-lite-5.1.6.1.tar.bz2 39636 SHA256 a25a1430a09d797991f0028f76f5252b86ef898801fc8eb3e6c8ca695d1d2a98 SHA512 eb059a1d991e72cd7b4522ddecb5557918803b5ce8c79552919d7c2798aaab96548b2dea5950f9c3311091950307496c034d63f5389f745b6282074d20d9afbc WHIRLPOOL 2ffae1f3afafcf576d11265562f9f22e6d58061b509d9ef7fceb57980b1d8c8a598efd39aaec5e3bdbff4004a39741eccb0fec8ed0417ff9f36a09e417bb9047
-DIST shorewall6-lite-5.1.7.1.tar.bz2 40514 SHA256 a199a395ce4d23081338955c68fbf657c25e972b2656ef370544854074fa672c SHA512 a8fd7e33d1558fbebb53d1dc19c3784aac2d6095e1404c44030cd513cee5a6330632c50e86eedb0a6773b67acc77ca0d2fb26352c3f784abc8ac936d6f96c437 WHIRLPOOL 0276cbf74644205042dff963124e655fb8f0e14aca31f5550833f95ae84f1b569be77473324e8603b523d5dc67a0de74d6459b8634c2519af6eb5fc84276992e
 DIST shorewall6-lite-5.1.7.2.tar.bz2 40737 SHA256 bf22e67559ebdeff464cd910b97578a4c82f5fcc87bc77aeeb9fb4a5ca2a71be SHA512 9125d4380b91f0bcaaedfef6bd5ba89ada0391bf322cd1a00deb239eebc2e818a994844a653daa2e8784bb21ad7ed51798fcaa129e28da08c66de4163fe13bdc WHIRLPOOL 12c5e8036ae08d312ee52af40157f7ad8c18e0ccc8475845b22a3ce7647a73105b8a2f9034851f3e547ed6c47b2a7f0ef566de6dc96a19a20b1da429cd90a170
-DIST shorewall6-lite-5.1.7.tar.bz2 40346 SHA256 2fa19a4c5046c05e4e5cf28d4b50dab0061f05f2a17cb0f8fd265812276cb975 SHA512 6e118b2fa369aa42dfade55b3b4c8855b3d950fd664c5cf2c22539c99e2065e8924e86970ea0f17b7b8930d1c28220bc425ef4329222f0c11feb872ba0145eb9 WHIRLPOOL 2f5be4d88e48e4ef535e60e050343ef78b2c4fdfa9918e79947e43107d3e8d46272c7c6f1134f4762b48894a9334daed2ddef4fa3843cf4670be54b9bb799714
 DIST shorewall6-lite-5.1.8.1.tar.bz2 41671 SHA256 7f1b99465df8f6bc47e0bc40e413b9323a5a9d0b2576709fd28366f0af5b852e SHA512 b10f503d179094095f8d5f1844c59ae678a304685fc9ed684dc92ba20f50416afba1da8a77bee1a15de4f328d1f3ffb977926361f814982737b6380e3dc6a1ec WHIRLPOOL d0994b703132e9909f75bfbbac194d901ad97d9d9b3147d900ec642dc69cfa815133c228215082def21d43c2d7707fbb554d65e6b410b0766dc419129d6c323a

diff --git a/net-firewall/shorewall/files/shorewall-init-01_remove-ipset-functionality.patch b/net-firewall/shorewall/files/shorewall-init-01_remove-ipset-functionality.patch
deleted file mode 100644
index 8b60eb245fc..00000000000
--- a/net-firewall/shorewall/files/shorewall-init-01_remove-ipset-functionality.patch
+++ /dev/null
@@ -1,28 +0,0 @@
-diff -rupN old/shorewall-init-4.6.10.1/shorewall-init new/shorewall-init-4.6.10.1/shorewall-init
---- old/shorewall-init-4.6.10.1/shorewall-init	2015-06-09 20:02:00.000000000 +0200
-+++ new/shorewall-init-4.6.10.1/shorewall-init	2015-06-14 17:16:17.396424059 +0200
-@@ -78,10 +78,6 @@ shorewall_start () {
- 	fi
-     done
- 
--    if [ -n "$SAVE_IPSETS" -a -f "$SAVE_IPSETS" ]; then
--	ipset -R < "$SAVE_IPSETS"
--    fi
--
-     return 0
- }
- 
-@@ -99,13 +95,6 @@ shorewall_stop () {
- 	fi
-     done
- 
--    if [ -n "$SAVE_IPSETS" ]; then
--	mkdir -p $(dirname "$SAVE_IPSETS")
--	if ipset -S > "${SAVE_IPSETS}.tmp"; then
--	    grep -qE -- '^(-N|create )' "${SAVE_IPSETS}.tmp" && mv -f "${SAVE_IPSETS}.tmp" "$SAVE_IPSETS"
--	fi
--    fi
--
-     return 0
- }
- 

diff --git a/net-firewall/shorewall/shorewall-5.1.5.2.ebuild b/net-firewall/shorewall/shorewall-5.1.5.2.ebuild
deleted file mode 100644
index 20be5c54927..00000000000
--- a/net-firewall/shorewall/shorewall-5.1.5.2.ebuild
+++ /dev/null
@@ -1,456 +0,0 @@
-# Copyright 1999-2017 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI="6"
-
-inherit linux-info prefix systemd versionator
-
-DESCRIPTION='A high-level tool for configuring Netfilter'
-HOMEPAGE="http://www.shorewall.net/"
-LICENSE="GPL-2"
-SLOT="0"
-IUSE="doc +init +ipv4 ipv6 lite4 lite6 selinux"
-
-MY_PV=${PV/_rc/-RC}
-MY_PV=${MY_PV/_beta/-Beta}
-MY_P=${PN}-${MY_PV}
-
-MY_MAJOR_RELEASE_NUMBER=$(get_version_component_range 1-2)
-MY_MAJORMINOR_RELEASE_NUMBER=$(get_version_component_range 1-3)
-
-# shorewall
-MY_PN_IPV4=Shorewall
-MY_P_IPV4=${MY_PN_IPV4/#S/s}-${MY_PV}
-
-# shorewall6
-MY_PN_IPV6=Shorewall6
-MY_P_IPV6=${MY_PN_IPV6/#S/s}-${MY_PV}
-
-# shorewall-lite
-MY_PN_LITE4=Shorewall-lite
-MY_P_LITE4=${MY_PN_LITE4/#S/s}-${MY_PV}
-
-# shorewall6-lite
-MY_PN_LITE6=Shorewall6-lite
-MY_P_LITE6=${MY_PN_LITE6/#S/s}-${MY_PV}
-
-# shorewall-init
-MY_PN_INIT=Shorewall-init
-MY_P_INIT=${MY_PN_INIT/#S/s}-${MY_PV}
-
-# shorewall-core
-MY_PN_CORE=Shorewall-core
-MY_P_CORE=${MY_PN_CORE/#S/s}-${MY_PV}
-
-# shorewall-docs-html
-MY_PN_DOCS=Shorewall-docs-html
-MY_P_DOCS=${MY_PN_DOCS/#S/s}-${MY_PV}
-
-# Upstream URL schema:
-# Beta:    $MIRROR/pub/shorewall/development/4.6/shorewall-4.6.4-Beta2/shorewall-4.6.4-Beta2.tar.bz2
-# RC:      $MIRROR/pub/shorewall/development/4.6/shorewall-4.6.4-RC1/shorewall-4.6.4-RC1.tar.bz2
-# Release: $MIRROR/pub/shorewall/4.6/shorewall-4.6.3/shorewall-4.6.3.3.tar.bz2
-
-MY_URL_PREFIX=
-MY_URL_SUFFIX=
-if [[ ${MY_PV} = *-Beta* ]] || [[ ${MY_PV} = *-RC* ]]; then
-	MY_URL_PREFIX='development/'
-
-	_tmp_last_index=$(($(get_last_version_component_index ${MY_PV})+1))
-	_tmp_suffix=$(get_version_component_range ${_tmp_last_index} ${MY_PV})
-	if [[ ${_tmp_suffix} = *Beta* ]] || [[ ${_tmp_suffix} = *RC* ]]; then
-		MY_URL_SUFFIX="-${_tmp_suffix}"
-	fi
-
-	# Cleaning up temporary variables
-	unset _tmp_last_index
-	unset _tmp_suffix
-else
-	KEYWORDS="alpha amd64 hppa ppc ppc64 sparc x86"
-fi
-
-SRC_URI="
-	http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall-core-${MY_PV}.tar.bz2
-	ipv4? ( http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall-${MY_PV}.tar.bz2 )
-	ipv6? ( http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall6-${MY_PV}.tar.bz2 )
-	lite4? ( http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall-lite-${MY_PV}.tar.bz2 )
-	lite6? ( http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall6-lite-${MY_PV}.tar.bz2 )
-	init? ( http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall-init-${MY_PV}.tar.bz2 )
-	doc? ( http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/${MY_P_DOCS}.tar.bz2 )
-"
-
-# - Shorewall6 requires Shorewall
-# - Installing Shorewall-init or just the documentation doesn't make any sense,
-#   that's why we force the user to select at least one "real" Shorewall product
-#
-# See http://shorewall.net/download.htm#Which
-REQUIRED_USE="
-	ipv6? ( ipv4 )
-	|| ( ipv4 lite4 lite6 )
-"
-
-# No build dependencies! Just plain shell scripts...
-DEPEND=""
-
-RDEPEND="
-	>=net-firewall/iptables-1.4.20
-	>=sys-apps/iproute2-3.8.0[-minimal]
-	>=sys-devel/bc-1.06.95
-	ipv4? (
-		>=dev-lang/perl-5.16
-		virtual/perl-Digest-SHA
-	)
-	ipv6? (
-		>=dev-perl/Socket6-0.230.0
-		>=net-firewall/iptables-1.4.20[ipv6]
-		>=sys-apps/iproute2-3.8.0[ipv6]
-	)
-	lite6? (
-		>=net-firewall/iptables-1.4.20[ipv6]
-		>=sys-apps/iproute2-3.8.0[ipv6]
-	)
-	init? ( >=sys-apps/coreutils-8.20 )
-	selinux? ( >=sec-policy/selinux-shorewall-2.20161023-r3 )
-	!net-firewall/shorewall-core
-	!net-firewall/shorewall6
-	!net-firewall/shorewall-lite
-	!net-firewall/shorewall6-lite
-	!net-firewall/shorewall-init
-	!<sys-apps/systemd-214
-"
-
-S=${WORKDIR}
-
-pkg_pretend() {
-	local CONFIG_CHECK="~NF_CONNTRACK"
-
-	local WARNING_CONNTRACK="Without NF_CONNTRACK support, you will be unable"
-	local WARNING_CONNTRACK+=" to run any shorewall-based firewall on the local system."
-
-	if use ipv4 || use lite4; then
-		CONFIG_CHECK="${CONFIG_CHECK} ~NF_CONNTRACK_IPV4"
-
-		local WARNING_CONNTRACK_IPV4="Without NF_CONNTRACK_IPV4 support, you will"
-		local WARNING_CONNTRACK_IPV4+=" be unable to run any shorewall-based IPv4 firewall on the local system."
-	fi
-
-	if use ipv6 || use lite6; then
-		CONFIG_CHECK="${CONFIG_CHECK} ~NF_CONNTRACK_IPV6"
-
-		local WARNING_CONNTRACK_IPV6="Without NF_CONNTRACK_IPV6 support, you will"
-		local WARNING_CONNTRACK_IPV6+=" be unable to run any shorewall-based IPv6 firewall on the local system."
-	fi
-
-	check_extra_config
-}
-
-pkg_setup() {
-	if [[ -n "${DIGEST}" ]]; then
-		einfo "Unsetting environment variable \"DIGEST\" to prevent conflicts with package's \"install.sh\" script ..."
-		unset DIGEST
-	fi
-}
-
-src_prepare() {
-	# We are moving each unpacked source from MY_P_* to MY_PN_*.
-	# This allows us to use patches from upstream and keeps epatch_user working
-
-	einfo "Preparing shorewallrc ..."
-	cp "${FILESDIR}"/shorewallrc-r1 "${S}"/shorewallrc.gentoo || die "Copying shorewallrc failed"
-	eprefixify "${S}"/shorewallrc.gentoo
-
-	# shorewall-core
-	mv "${S}"/${MY_P_CORE} "${S}"/${MY_PN_CORE} || die "Failed to move '${S}/${MY_P_CORE}' to '${S}/${MY_PN_CORE}'"
-	ebegin "Applying Gentoo-specific changes to ${MY_P_CORE} ..."
-	ln -s ../shorewallrc.gentoo ${MY_PN_CORE}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo"
-	eend 0
-
-	# shorewall
-	if use ipv4; then
-		mv "${S}"/${MY_P_IPV4} "${S}"/${MY_PN_IPV4} || die "Failed to move '${S}/${MY_P_IPV4}' to '${S}/${MY_PN_IPV4}'"
-		ebegin "Applying Gentoo-specific changes to ${MY_P_IPV4}"
-		ln -s ../shorewallrc.gentoo ${MY_PN_IPV4}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo"
-		cp "${FILESDIR}"/shorewall.confd-r1 "${S}"/${MY_PN_IPV4}/default.gentoo || die "Copying shorewall.confd-r1 failed"
-		cp "${FILESDIR}"/shorewall.initd-r2 "${S}"/${MY_PN_IPV4}/init.gentoo.sh || die "Copying shorewall.initd-r2 failed"
-		cp "${FILESDIR}"/shorewall.systemd "${S}"/${MY_PN_IPV4}/gentoo.service || die "Copying shorewall.systemd failed"
-		eend 0
-	fi
-
-	# shorewall6
-	if use ipv6; then
-		mv "${S}"/${MY_P_IPV6} "${S}"/${MY_PN_IPV6} || die "Failed to move '${S}/${MY_P_IPV6}' to '${S}/${MY_PN_IPV6}'"
-		ebegin "Applying Gentoo-specific changes to ${MY_P_IPV6}"
-		ln -s ../shorewallrc.gentoo ${MY_PN_IPV6}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo"
-		cp "${FILESDIR}"/shorewall.confd-r1 "${S}"/${MY_PN_IPV6}/default.gentoo || die "Copying shorewall.confd-r1 failed"
-		cp "${FILESDIR}"/shorewall.initd-r2 "${S}"/${MY_PN_IPV6}/init.gentoo.sh || die "Copying shorewall.initd-r2 failed"
-		cp "${FILESDIR}"/shorewall6.systemd "${S}"/${MY_PN_IPV6}/gentoo.service || die "Copying shorewall6.systemd failed"
-		eend 0
-	fi
-
-	# shorewall-lite
-	if use lite4; then
-		mv "${S}"/${MY_P_LITE4} "${S}"/${MY_PN_LITE4} || die "Failed to move '${S}/${MY_P_LITE4}' to '${S}/${MY_PN_LITE4}'"
-		ebegin "Applying Gentoo-specific changes to ${MY_P_LITE4}"
-		ln -s ../shorewallrc.gentoo ${MY_PN_LITE4}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo"
-		cp "${FILESDIR}"/shorewall-lite.confd-r1 "${S}"/${MY_PN_LITE4}/default.gentoo || die "Copying shorewall-lite.confd-r1 failed"
-		cp "${FILESDIR}"/shorewall-lite.initd-r2 "${S}"/${MY_PN_LITE4}/init.gentoo.sh || die "Copying shorewall-lite.initd-r2 failed"
-		cp "${FILESDIR}"/shorewall-lite.systemd "${S}"/${MY_PN_LITE4}/gentoo.service || die "Copying shorewall-lite.systemd failed"
-		eend 0
-	fi
-
-	# shorewall6-lite
-	if use lite6; then
-		mv "${S}"/${MY_P_LITE6} "${S}"/${MY_PN_LITE6} || die "Failed to move '${S}/${MY_P_LITE6}' to '${S}/${MY_PN_LITE6}'"
-		ebegin "Applying Gentoo-specific changes to ${MY_P_LITE6}"
-		ln -s ../shorewallrc.gentoo ${MY_PN_LITE6}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo"
-		cp "${FILESDIR}"/shorewall-lite.confd-r1 "${S}"/${MY_PN_LITE6}/default.gentoo || die "Copying shorewall-lite.confd-r1 failed"
-		cp "${FILESDIR}"/shorewall-lite.initd-r2 "${S}"/${MY_PN_LITE6}/init.gentoo.sh || die "Copying shorewall-lite.initd-r2 failed"
-		cp "${FILESDIR}"/shorewall6-lite.systemd "${S}"/${MY_PN_LITE6}/gentoo.service || die "Copying shorewall6-lite.systemd failed"
-		eend 0
-	fi
-
-	# shorewall-init
-	if use init; then
-		mv "${S}"/${MY_P_INIT} "${S}"/${MY_PN_INIT} || die "Failed to move '${S}/${MY_P_INIT}' to '${S}/${MY_PN_INIT}'"
-		ebegin "Applying Gentoo-specific changes to ${MY_P_INIT}"
-		ln -s ../shorewallrc.gentoo ${MY_PN_INIT}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo"
-		cp "${FILESDIR}"/shorewall-init.confd "${S}"/${MY_PN_INIT}/default.gentoo || die "Copying shorewall-init.confd failed"
-		cp "${FILESDIR}"/shorewall-init.initd "${S}"/${MY_PN_INIT}/init.gentoo.sh || die "Copying shorewall-init.initd failed"
-		cp "${FILESDIR}"/shorewall-init.systemd "${S}"/${MY_PN_INIT}/gentoo.service || die "Copying shorewall-init.systemd failed"
-		cp "${FILESDIR}"/shorewall-init.readme "${S}"/${MY_PN_INIT}/shorewall-init.README.Gentoo.txt || die "Copying shorewall-init.systemd failed"
-		eend 0
-
-		eprefixify "${S}"/${MY_PN_INIT}/init.gentoo.sh
-
-		cd "${S}"/${MY_PN_INIT} || die
-		eapply -p2 "${FILESDIR}"/shorewall-init-01_remove-ipset-functionality.patch
-		cd "${S}" || die
-	fi
-
-	# shorewall-docs-html
-	if use doc; then
-		mv "${S}"/${MY_P_DOCS} "${S}"/${MY_PN_DOCS} || die "Failed to move '${S}/${MY_P_DOCS}' to '${S}/${MY_PN_DOCS}'"
-	fi
-
-	eapply_user
-}
-
-src_configure() {
-	:;
-}
-
-src_compile() {
-	:;
-}
-
-src_install() {
-	# shorewall-core
-	einfo "Installing ${MY_P_CORE} ..."
-	DESTDIR="${D%/}" ${MY_PN_CORE}/install.sh shorewallrc.gentoo || die "${MY_PN_CORE}/install.sh failed"
-	dodoc "${S}"/${MY_PN_CORE}/changelog.txt "${S}"/${MY_PN_CORE}/releasenotes.txt
-
-	# shorewall
-	if use ipv4; then
-		einfo "Installing ${MY_P_IPV4} ..."
-		keepdir /var/lib/shorewall
-		DESTDIR="${D%/}" ${MY_PN_IPV4}/install.sh shorewallrc.gentoo || die "${MY_PN_IPV4}/install.sh failed"
-
-		if use doc; then
-			dodoc -r "${S}"/${MY_PN_IPV4}/Samples
-		fi
-	fi
-
-	# shorewall6
-	if use ipv6; then
-		einfo "Installing ${MY_P_IPV6} ..."
-		keepdir /var/lib/shorewall6
-		DESTDIR="${D%/}" ${MY_PN_IPV6}/install.sh shorewallrc.gentoo || die "${MY_PN_IPV6}/install.sh failed"
-
-		if use doc; then
-			dodoc -r "${S}"/${MY_PN_IPV6}/Samples6
-		fi
-	fi
-
-	# shorewall-lite
-	if use lite4; then
-		einfo "Installing ${MY_P_LITE4} ..."
-		keepdir /var/lib/shorewall-lite
-		DESTDIR="${D%/}" ${MY_PN_LITE4}/install.sh shorewallrc.gentoo || die "${MY_PN_LITE4}/install.sh failed"
-	fi
-
-	# shorewall6-lite
-	if use lite6; then
-		einfo "Installing ${MY_P_LITE6} ..."
-		keepdir /var/lib/shorewall6-lite
-		DESTDIR="${D%/}" ${MY_PN_LITE6}/install.sh shorewallrc.gentoo || die "${MY_PN_LITE6}/install.sh failed"
-	fi
-
-	# shorewall-init
-	if use init; then
-		einfo "Installing ${MY_P_INIT} ..."
-		DESTDIR="${D%/}" ${MY_PN_INIT}/install.sh shorewallrc.gentoo || die "${MY_PN_INIT}/install.sh failed"
-		dodoc "${S}"/${MY_PN_INIT}/shorewall-init.README.Gentoo.txt
-
-		if [[ -f "${D}etc/logrotate.d/shorewall-init" ]]; then
-			# On Gentoo, shorewall-init will not create shorewall-ifupdown.log,
-			# so we don't need a logrotate configuration file for shorewall-init
-			einfo "Removing unused \"${D}etc/logrotate.d/shorewall-init\" ..."
-			rm -rf "${D}"etc/logrotate.d/shorewall-init || die "Removing \"${D}etc/logrotate.d/shorewall-init\" failed"
-		fi
-
-		if [[ -d "${D}etc/NetworkManager" ]]; then
-			# On Gentoo, we don't support NetworkManager
-			# so we don't need this folder at all
-			einfo "Removing unused \"${D}etc/NetworkManager\" ..."
-			rm -rf "${D}"etc/NetworkManager || die "Removing \"${D}etc/NetworkManager\" failed"
-		fi
-
-		if [[ -f "${D}usr/share/shorewall-init/ifupdown" ]]; then
-			# This script isn't supported on Gentoo
-			rm -rf "${D}"usr/share/shorewall-init/ifupdown || die "Removing \"${D}usr/share/shorewall-init/ifupdown\" failed"
-		fi
-	fi
-
-	if use doc; then
-		einfo "Installing ${MY_P_DOCS} ..."
-		docinto html && dodoc -r "${S}"/${MY_PN_DOCS}/*
-	fi
-}
-
-pkg_postinst() {
-	if [[ -z "${REPLACING_VERSIONS}" ]]; then
-		# This is a new installation
-
-		# Show first steps for shorewall/shorewall6
-		local _PRODUCTS=""
-		if use ipv4; then
-			_PRODUCTS="shorewall"
-
-			if use ipv6; then
-				_PRODUCTS="${_PRODUCTS}/shorewall6"
-			fi
-		fi
-
-		if [[ -n "${_PRODUCTS}" ]]; then
-			elog "Before you can use ${_PRODUCTS}, you need to edit its configuration in:"
-			elog ""
-			elog "  /etc/shorewall/shorewall.conf"
-
-			if use ipv6; then
-				elog "  /etc/shorewall6/shorewall6.conf"
-			fi
-
-			elog ""
-			elog "To activate your shorewall-based firewall on system start, please add ${_PRODUCTS} to your default runlevel:"
-			elog ""
-			elog "  # rc-update add shorewall default"
-
-			if use ipv6; then
-				elog "  # rc-update add shorewall6 default"
-			fi
-		fi
-
-		# Show first steps for shorewall-lite/shorewall6-lite
-		_PRODUCTS=""
-		if use lite4; then
-			_PRODUCTS="shorewall-lite"
-		fi
-
-		if use lite6; then
-			if [[ -z "${_PRODUCTS}" ]]; then
-				_PRODUCTS="shorewall6-lite"
-			else
-				_PRODUCTS="${_PRODUCTS}/shorewall6-lite"
-			fi
-		fi
-
-		if [[ -n "${_PRODUCTS}" ]]; then
-			if use ipv4; then
-				elog ""
-			fi
-
-			elog "Before you can use ${_PRODUCTS}, you need to provide a configuration, which you can"
-			elog "create using ${CATEGORY}/shorewall (with \"ipv4\" and or \"ipv6\" USE flag)."
-			elog ""
-			elog "To read more about ${_PRODUCTS}, please visit"
-			elog "  http://shorewall.net/CompiledPrograms.html"
-			elog ""
-			elog "To activate your shorewall-lite-based firewall on system start, please add ${PRODUCTS} to your default runlevel:"
-			elog ""
-
-			if use lite4; then
-				elog "  # rc-update add shorewall-lite default"
-			fi
-
-			if use lite6; then
-				elog "  # rc-update add shorewall6-lite default"
-			fi
-		fi
-
-		if use init; then
-			elog ""
-			elog "To secure your system on boot, please add shorewall-init to your boot runlevel:"
-			elog ""
-			elog "  # rc-update add shorewall-init boot"
-			elog ""
-			elog "and review \$PRODUCTS in"
-			elog ""
-			elog "  /etc/conf.d/shorewall-init"
-		fi
-
-	fi
-
-	local v
-	for v in ${REPLACING_VERSIONS}; do
-		if ! version_is_at_least ${MY_MAJOR_RELEASE_NUMBER} ${v}; then
-			# This is an upgrade
-
-			elog "You are upgrading from a previous major version. It is highly recommended that you read"
-			elog ""
-			elog "  - /usr/share/doc/shorewall*/releasenotes.tx*"
-			elog "  - http://shorewall.net/Shorewall-5.html#idp51151872"
-
-			if use ipv4; then
-				elog ""
-				elog "You can auto-migrate your configuration using"
-				elog ""
-				elog "  # shorewall update -A"
-
-				if use ipv6; then
-					elog "  # shorewall6 update -A"
-				fi
-
-				elog ""
-				elog "*after* you have merged the changed files using one of the configuration"
-				elog "files update tools of your choice (dispatch-conf, etc-update...)."
-
-				elog ""
-				elog "But if you are not familiar with the \"shorewall[6] update\" command,"
-				elog "please read the shorewall[6] man page first."
-			fi
-
-			# Show this elog only once
-			break
-		fi
-	done
-
-	if ! use init; then
-		elog ""
-		elog "Consider emerging ${CATEGORY}/${PN} with USE flag \"init\" to secure your system on boot"
-		elog "before your shorewall-based firewall is ready to start."
-		elog ""
-		elog "To read more about shorewall-init, please visit"
-		elog "  http://www.shorewall.net/Shorewall-init.html"
-	fi
-
-	if ! has_version "net-firewall/conntrack-tools"; then
-		elog ""
-		elog "Your Shorewall firewall can utilize \"conntrack\" from the \"net-firewall/conntrack-tools\""
-		elog "package. if you want to use this feature, you need to install \"net-firewall/conntrack-tools\"!"
-	fi
-
-	if ! has_version "dev-perl/Devel-NYTProf"; then
-		elog ""
-		elog "If you want to profile your Shorewall firewall you need to install \"dev-perl/Devel-NYTProf\"!"
-	fi
-}

diff --git a/net-firewall/shorewall/shorewall-5.1.6.1.ebuild b/net-firewall/shorewall/shorewall-5.1.6.1.ebuild
deleted file mode 100644
index ea2ef11ce09..00000000000
--- a/net-firewall/shorewall/shorewall-5.1.6.1.ebuild
+++ /dev/null
@@ -1,456 +0,0 @@
-# Copyright 1999-2017 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI="6"
-
-inherit linux-info prefix systemd versionator
-
-DESCRIPTION='A high-level tool for configuring Netfilter'
-HOMEPAGE="http://www.shorewall.net/"
-LICENSE="GPL-2"
-SLOT="0"
-IUSE="doc +init +ipv4 ipv6 lite4 lite6 selinux"
-
-MY_PV=${PV/_rc/-RC}
-MY_PV=${MY_PV/_beta/-Beta}
-MY_P=${PN}-${MY_PV}
-
-MY_MAJOR_RELEASE_NUMBER=$(get_version_component_range 1-2)
-MY_MAJORMINOR_RELEASE_NUMBER=$(get_version_component_range 1-3)
-
-# shorewall
-MY_PN_IPV4=Shorewall
-MY_P_IPV4=${MY_PN_IPV4/#S/s}-${MY_PV}
-
-# shorewall6
-MY_PN_IPV6=Shorewall6
-MY_P_IPV6=${MY_PN_IPV6/#S/s}-${MY_PV}
-
-# shorewall-lite
-MY_PN_LITE4=Shorewall-lite
-MY_P_LITE4=${MY_PN_LITE4/#S/s}-${MY_PV}
-
-# shorewall6-lite
-MY_PN_LITE6=Shorewall6-lite
-MY_P_LITE6=${MY_PN_LITE6/#S/s}-${MY_PV}
-
-# shorewall-init
-MY_PN_INIT=Shorewall-init
-MY_P_INIT=${MY_PN_INIT/#S/s}-${MY_PV}
-
-# shorewall-core
-MY_PN_CORE=Shorewall-core
-MY_P_CORE=${MY_PN_CORE/#S/s}-${MY_PV}
-
-# shorewall-docs-html
-MY_PN_DOCS=Shorewall-docs-html
-MY_P_DOCS=${MY_PN_DOCS/#S/s}-${MY_PV}
-
-# Upstream URL schema:
-# Beta:    $MIRROR/pub/shorewall/development/4.6/shorewall-4.6.4-Beta2/shorewall-4.6.4-Beta2.tar.bz2
-# RC:      $MIRROR/pub/shorewall/development/4.6/shorewall-4.6.4-RC1/shorewall-4.6.4-RC1.tar.bz2
-# Release: $MIRROR/pub/shorewall/4.6/shorewall-4.6.3/shorewall-4.6.3.3.tar.bz2
-
-MY_URL_PREFIX=
-MY_URL_SUFFIX=
-if [[ ${MY_PV} = *-Beta* ]] || [[ ${MY_PV} = *-RC* ]]; then
-	MY_URL_PREFIX='development/'
-
-	_tmp_last_index=$(($(get_last_version_component_index ${MY_PV})+1))
-	_tmp_suffix=$(get_version_component_range ${_tmp_last_index} ${MY_PV})
-	if [[ ${_tmp_suffix} = *Beta* ]] || [[ ${_tmp_suffix} = *RC* ]]; then
-		MY_URL_SUFFIX="-${_tmp_suffix}"
-	fi
-
-	# Cleaning up temporary variables
-	unset _tmp_last_index
-	unset _tmp_suffix
-else
-	KEYWORDS="~alpha ~amd64 ~hppa ~ppc ~ppc64 ~sparc ~x86"
-fi
-
-SRC_URI="
-	http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall-core-${MY_PV}.tar.bz2
-	ipv4? ( http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall-${MY_PV}.tar.bz2 )
-	ipv6? ( http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall6-${MY_PV}.tar.bz2 )
-	lite4? ( http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall-lite-${MY_PV}.tar.bz2 )
-	lite6? ( http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall6-lite-${MY_PV}.tar.bz2 )
-	init? ( http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall-init-${MY_PV}.tar.bz2 )
-	doc? ( http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/${MY_P_DOCS}.tar.bz2 )
-"
-
-# - Shorewall6 requires Shorewall
-# - Installing Shorewall-init or just the documentation doesn't make any sense,
-#   that's why we force the user to select at least one "real" Shorewall product
-#
-# See http://shorewall.net/download.htm#Which
-REQUIRED_USE="
-	ipv6? ( ipv4 )
-	|| ( ipv4 lite4 lite6 )
-"
-
-# No build dependencies! Just plain shell scripts...
-DEPEND=""
-
-RDEPEND="
-	>=net-firewall/iptables-1.4.20
-	>=sys-apps/iproute2-3.8.0[-minimal]
-	>=sys-devel/bc-1.06.95
-	ipv4? (
-		>=dev-lang/perl-5.16
-		virtual/perl-Digest-SHA
-	)
-	ipv6? (
-		>=dev-perl/Socket6-0.230.0
-		>=net-firewall/iptables-1.4.20[ipv6]
-		>=sys-apps/iproute2-3.8.0[ipv6]
-	)
-	lite6? (
-		>=net-firewall/iptables-1.4.20[ipv6]
-		>=sys-apps/iproute2-3.8.0[ipv6]
-	)
-	init? ( >=sys-apps/coreutils-8.20 )
-	selinux? ( >=sec-policy/selinux-shorewall-2.20161023-r3 )
-	!net-firewall/shorewall-core
-	!net-firewall/shorewall6
-	!net-firewall/shorewall-lite
-	!net-firewall/shorewall6-lite
-	!net-firewall/shorewall-init
-	!<sys-apps/systemd-214
-"
-
-S=${WORKDIR}
-
-pkg_pretend() {
-	local CONFIG_CHECK="~NF_CONNTRACK"
-
-	local WARNING_CONNTRACK="Without NF_CONNTRACK support, you will be unable"
-	local WARNING_CONNTRACK+=" to run any shorewall-based firewall on the local system."
-
-	if use ipv4 || use lite4; then
-		CONFIG_CHECK="${CONFIG_CHECK} ~NF_CONNTRACK_IPV4"
-
-		local WARNING_CONNTRACK_IPV4="Without NF_CONNTRACK_IPV4 support, you will"
-		local WARNING_CONNTRACK_IPV4+=" be unable to run any shorewall-based IPv4 firewall on the local system."
-	fi
-
-	if use ipv6 || use lite6; then
-		CONFIG_CHECK="${CONFIG_CHECK} ~NF_CONNTRACK_IPV6"
-
-		local WARNING_CONNTRACK_IPV6="Without NF_CONNTRACK_IPV6 support, you will"
-		local WARNING_CONNTRACK_IPV6+=" be unable to run any shorewall-based IPv6 firewall on the local system."
-	fi
-
-	check_extra_config
-}
-
-pkg_setup() {
-	if [[ -n "${DIGEST}" ]]; then
-		einfo "Unsetting environment variable \"DIGEST\" to prevent conflicts with package's \"install.sh\" script ..."
-		unset DIGEST
-	fi
-}
-
-src_prepare() {
-	# We are moving each unpacked source from MY_P_* to MY_PN_*.
-	# This allows us to use patches from upstream and keeps epatch_user working
-
-	einfo "Preparing shorewallrc ..."
-	cp "${FILESDIR}"/shorewallrc-r1 "${S}"/shorewallrc.gentoo || die "Copying shorewallrc failed"
-	eprefixify "${S}"/shorewallrc.gentoo
-
-	# shorewall-core
-	mv "${S}"/${MY_P_CORE} "${S}"/${MY_PN_CORE} || die "Failed to move '${S}/${MY_P_CORE}' to '${S}/${MY_PN_CORE}'"
-	ebegin "Applying Gentoo-specific changes to ${MY_P_CORE} ..."
-	ln -s ../shorewallrc.gentoo ${MY_PN_CORE}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo"
-	eend 0
-
-	# shorewall
-	if use ipv4; then
-		mv "${S}"/${MY_P_IPV4} "${S}"/${MY_PN_IPV4} || die "Failed to move '${S}/${MY_P_IPV4}' to '${S}/${MY_PN_IPV4}'"
-		ebegin "Applying Gentoo-specific changes to ${MY_P_IPV4}"
-		ln -s ../shorewallrc.gentoo ${MY_PN_IPV4}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo"
-		cp "${FILESDIR}"/shorewall.confd-r1 "${S}"/${MY_PN_IPV4}/default.gentoo || die "Copying shorewall.confd-r1 failed"
-		cp "${FILESDIR}"/shorewall.initd-r2 "${S}"/${MY_PN_IPV4}/init.gentoo.sh || die "Copying shorewall.initd-r2 failed"
-		cp "${FILESDIR}"/shorewall.systemd "${S}"/${MY_PN_IPV4}/gentoo.service || die "Copying shorewall.systemd failed"
-		eend 0
-	fi
-
-	# shorewall6
-	if use ipv6; then
-		mv "${S}"/${MY_P_IPV6} "${S}"/${MY_PN_IPV6} || die "Failed to move '${S}/${MY_P_IPV6}' to '${S}/${MY_PN_IPV6}'"
-		ebegin "Applying Gentoo-specific changes to ${MY_P_IPV6}"
-		ln -s ../shorewallrc.gentoo ${MY_PN_IPV6}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo"
-		cp "${FILESDIR}"/shorewall.confd-r1 "${S}"/${MY_PN_IPV6}/default.gentoo || die "Copying shorewall.confd-r1 failed"
-		cp "${FILESDIR}"/shorewall.initd-r2 "${S}"/${MY_PN_IPV6}/init.gentoo.sh || die "Copying shorewall.initd-r2 failed"
-		cp "${FILESDIR}"/shorewall6.systemd "${S}"/${MY_PN_IPV6}/gentoo.service || die "Copying shorewall6.systemd failed"
-		eend 0
-	fi
-
-	# shorewall-lite
-	if use lite4; then
-		mv "${S}"/${MY_P_LITE4} "${S}"/${MY_PN_LITE4} || die "Failed to move '${S}/${MY_P_LITE4}' to '${S}/${MY_PN_LITE4}'"
-		ebegin "Applying Gentoo-specific changes to ${MY_P_LITE4}"
-		ln -s ../shorewallrc.gentoo ${MY_PN_LITE4}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo"
-		cp "${FILESDIR}"/shorewall-lite.confd-r1 "${S}"/${MY_PN_LITE4}/default.gentoo || die "Copying shorewall-lite.confd-r1 failed"
-		cp "${FILESDIR}"/shorewall-lite.initd-r2 "${S}"/${MY_PN_LITE4}/init.gentoo.sh || die "Copying shorewall-lite.initd-r2 failed"
-		cp "${FILESDIR}"/shorewall-lite.systemd "${S}"/${MY_PN_LITE4}/gentoo.service || die "Copying shorewall-lite.systemd failed"
-		eend 0
-	fi
-
-	# shorewall6-lite
-	if use lite6; then
-		mv "${S}"/${MY_P_LITE6} "${S}"/${MY_PN_LITE6} || die "Failed to move '${S}/${MY_P_LITE6}' to '${S}/${MY_PN_LITE6}'"
-		ebegin "Applying Gentoo-specific changes to ${MY_P_LITE6}"
-		ln -s ../shorewallrc.gentoo ${MY_PN_LITE6}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo"
-		cp "${FILESDIR}"/shorewall-lite.confd-r1 "${S}"/${MY_PN_LITE6}/default.gentoo || die "Copying shorewall-lite.confd-r1 failed"
-		cp "${FILESDIR}"/shorewall-lite.initd-r2 "${S}"/${MY_PN_LITE6}/init.gentoo.sh || die "Copying shorewall-lite.initd-r2 failed"
-		cp "${FILESDIR}"/shorewall6-lite.systemd "${S}"/${MY_PN_LITE6}/gentoo.service || die "Copying shorewall6-lite.systemd failed"
-		eend 0
-	fi
-
-	# shorewall-init
-	if use init; then
-		mv "${S}"/${MY_P_INIT} "${S}"/${MY_PN_INIT} || die "Failed to move '${S}/${MY_P_INIT}' to '${S}/${MY_PN_INIT}'"
-		ebegin "Applying Gentoo-specific changes to ${MY_P_INIT}"
-		ln -s ../shorewallrc.gentoo ${MY_PN_INIT}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo"
-		cp "${FILESDIR}"/shorewall-init.confd "${S}"/${MY_PN_INIT}/default.gentoo || die "Copying shorewall-init.confd failed"
-		cp "${FILESDIR}"/shorewall-init.initd "${S}"/${MY_PN_INIT}/init.gentoo.sh || die "Copying shorewall-init.initd failed"
-		cp "${FILESDIR}"/shorewall-init.systemd "${S}"/${MY_PN_INIT}/gentoo.service || die "Copying shorewall-init.systemd failed"
-		cp "${FILESDIR}"/shorewall-init.readme "${S}"/${MY_PN_INIT}/shorewall-init.README.Gentoo.txt || die "Copying shorewall-init.systemd failed"
-		eend 0
-
-		eprefixify "${S}"/${MY_PN_INIT}/init.gentoo.sh
-
-		cd "${S}"/${MY_PN_INIT} || die
-		eapply -p2 "${FILESDIR}"/shorewall-init-01_remove-ipset-functionality.patch
-		cd "${S}" || die
-	fi
-
-	# shorewall-docs-html
-	if use doc; then
-		mv "${S}"/${MY_P_DOCS} "${S}"/${MY_PN_DOCS} || die "Failed to move '${S}/${MY_P_DOCS}' to '${S}/${MY_PN_DOCS}'"
-	fi
-
-	eapply_user
-}
-
-src_configure() {
-	:;
-}
-
-src_compile() {
-	:;
-}
-
-src_install() {
-	# shorewall-core
-	einfo "Installing ${MY_P_CORE} ..."
-	DESTDIR="${D%/}" ${MY_PN_CORE}/install.sh shorewallrc.gentoo || die "${MY_PN_CORE}/install.sh failed"
-	dodoc "${S}"/${MY_PN_CORE}/changelog.txt "${S}"/${MY_PN_CORE}/releasenotes.txt
-
-	# shorewall
-	if use ipv4; then
-		einfo "Installing ${MY_P_IPV4} ..."
-		keepdir /var/lib/shorewall
-		DESTDIR="${D%/}" ${MY_PN_IPV4}/install.sh shorewallrc.gentoo || die "${MY_PN_IPV4}/install.sh failed"
-
-		if use doc; then
-			dodoc -r "${S}"/${MY_PN_IPV4}/Samples
-		fi
-	fi
-
-	# shorewall6
-	if use ipv6; then
-		einfo "Installing ${MY_P_IPV6} ..."
-		keepdir /var/lib/shorewall6
-		DESTDIR="${D%/}" ${MY_PN_IPV6}/install.sh shorewallrc.gentoo || die "${MY_PN_IPV6}/install.sh failed"
-
-		if use doc; then
-			dodoc -r "${S}"/${MY_PN_IPV6}/Samples6
-		fi
-	fi
-
-	# shorewall-lite
-	if use lite4; then
-		einfo "Installing ${MY_P_LITE4} ..."
-		keepdir /var/lib/shorewall-lite
-		DESTDIR="${D%/}" ${MY_PN_LITE4}/install.sh shorewallrc.gentoo || die "${MY_PN_LITE4}/install.sh failed"
-	fi
-
-	# shorewall6-lite
-	if use lite6; then
-		einfo "Installing ${MY_P_LITE6} ..."
-		keepdir /var/lib/shorewall6-lite
-		DESTDIR="${D%/}" ${MY_PN_LITE6}/install.sh shorewallrc.gentoo || die "${MY_PN_LITE6}/install.sh failed"
-	fi
-
-	# shorewall-init
-	if use init; then
-		einfo "Installing ${MY_P_INIT} ..."
-		DESTDIR="${D%/}" ${MY_PN_INIT}/install.sh shorewallrc.gentoo || die "${MY_PN_INIT}/install.sh failed"
-		dodoc "${S}"/${MY_PN_INIT}/shorewall-init.README.Gentoo.txt
-
-		if [[ -f "${D}etc/logrotate.d/shorewall-init" ]]; then
-			# On Gentoo, shorewall-init will not create shorewall-ifupdown.log,
-			# so we don't need a logrotate configuration file for shorewall-init
-			einfo "Removing unused \"${D}etc/logrotate.d/shorewall-init\" ..."
-			rm -rf "${D}"etc/logrotate.d/shorewall-init || die "Removing \"${D}etc/logrotate.d/shorewall-init\" failed"
-		fi
-
-		if [[ -d "${D}etc/NetworkManager" ]]; then
-			# On Gentoo, we don't support NetworkManager
-			# so we don't need this folder at all
-			einfo "Removing unused \"${D}etc/NetworkManager\" ..."
-			rm -rf "${D}"etc/NetworkManager || die "Removing \"${D}etc/NetworkManager\" failed"
-		fi
-
-		if [[ -f "${D}usr/share/shorewall-init/ifupdown" ]]; then
-			# This script isn't supported on Gentoo
-			rm -rf "${D}"usr/share/shorewall-init/ifupdown || die "Removing \"${D}usr/share/shorewall-init/ifupdown\" failed"
-		fi
-	fi
-
-	if use doc; then
-		einfo "Installing ${MY_P_DOCS} ..."
-		docinto html && dodoc -r "${S}"/${MY_PN_DOCS}/*
-	fi
-}
-
-pkg_postinst() {
-	if [[ -z "${REPLACING_VERSIONS}" ]]; then
-		# This is a new installation
-
-		# Show first steps for shorewall/shorewall6
-		local _PRODUCTS=""
-		if use ipv4; then
-			_PRODUCTS="shorewall"
-
-			if use ipv6; then
-				_PRODUCTS="${_PRODUCTS}/shorewall6"
-			fi
-		fi
-
-		if [[ -n "${_PRODUCTS}" ]]; then
-			elog "Before you can use ${_PRODUCTS}, you need to edit its configuration in:"
-			elog ""
-			elog "  /etc/shorewall/shorewall.conf"
-
-			if use ipv6; then
-				elog "  /etc/shorewall6/shorewall6.conf"
-			fi
-
-			elog ""
-			elog "To activate your shorewall-based firewall on system start, please add ${_PRODUCTS} to your default runlevel:"
-			elog ""
-			elog "  # rc-update add shorewall default"
-
-			if use ipv6; then
-				elog "  # rc-update add shorewall6 default"
-			fi
-		fi
-
-		# Show first steps for shorewall-lite/shorewall6-lite
-		_PRODUCTS=""
-		if use lite4; then
-			_PRODUCTS="shorewall-lite"
-		fi
-
-		if use lite6; then
-			if [[ -z "${_PRODUCTS}" ]]; then
-				_PRODUCTS="shorewall6-lite"
-			else
-				_PRODUCTS="${_PRODUCTS}/shorewall6-lite"
-			fi
-		fi
-
-		if [[ -n "${_PRODUCTS}" ]]; then
-			if use ipv4; then
-				elog ""
-			fi
-
-			elog "Before you can use ${_PRODUCTS}, you need to provide a configuration, which you can"
-			elog "create using ${CATEGORY}/shorewall (with \"ipv4\" and or \"ipv6\" USE flag)."
-			elog ""
-			elog "To read more about ${_PRODUCTS}, please visit"
-			elog "  http://shorewall.net/CompiledPrograms.html"
-			elog ""
-			elog "To activate your shorewall-lite-based firewall on system start, please add ${PRODUCTS} to your default runlevel:"
-			elog ""
-
-			if use lite4; then
-				elog "  # rc-update add shorewall-lite default"
-			fi
-
-			if use lite6; then
-				elog "  # rc-update add shorewall6-lite default"
-			fi
-		fi
-
-		if use init; then
-			elog ""
-			elog "To secure your system on boot, please add shorewall-init to your boot runlevel:"
-			elog ""
-			elog "  # rc-update add shorewall-init boot"
-			elog ""
-			elog "and review \$PRODUCTS in"
-			elog ""
-			elog "  /etc/conf.d/shorewall-init"
-		fi
-
-	fi
-
-	local v
-	for v in ${REPLACING_VERSIONS}; do
-		if ! version_is_at_least ${MY_MAJOR_RELEASE_NUMBER} ${v}; then
-			# This is an upgrade
-
-			elog "You are upgrading from a previous major version. It is highly recommended that you read"
-			elog ""
-			elog "  - /usr/share/doc/shorewall*/releasenotes.tx*"
-			elog "  - http://shorewall.net/Shorewall-5.html#idp51151872"
-
-			if use ipv4; then
-				elog ""
-				elog "You can auto-migrate your configuration using"
-				elog ""
-				elog "  # shorewall update -A"
-
-				if use ipv6; then
-					elog "  # shorewall6 update -A"
-				fi
-
-				elog ""
-				elog "*after* you have merged the changed files using one of the configuration"
-				elog "files update tools of your choice (dispatch-conf, etc-update...)."
-
-				elog ""
-				elog "But if you are not familiar with the \"shorewall[6] update\" command,"
-				elog "please read the shorewall[6] man page first."
-			fi
-
-			# Show this elog only once
-			break
-		fi
-	done
-
-	if ! use init; then
-		elog ""
-		elog "Consider emerging ${CATEGORY}/${PN} with USE flag \"init\" to secure your system on boot"
-		elog "before your shorewall-based firewall is ready to start."
-		elog ""
-		elog "To read more about shorewall-init, please visit"
-		elog "  http://www.shorewall.net/Shorewall-init.html"
-	fi
-
-	if ! has_version "net-firewall/conntrack-tools"; then
-		elog ""
-		elog "Your Shorewall firewall can utilize \"conntrack\" from the \"net-firewall/conntrack-tools\""
-		elog "package. if you want to use this feature, you need to install \"net-firewall/conntrack-tools\"!"
-	fi
-
-	if ! has_version "dev-perl/Devel-NYTProf"; then
-		elog ""
-		elog "If you want to profile your Shorewall firewall you need to install \"dev-perl/Devel-NYTProf\"!"
-	fi
-}

diff --git a/net-firewall/shorewall/shorewall-5.1.7.1.ebuild b/net-firewall/shorewall/shorewall-5.1.7.1.ebuild
deleted file mode 100644
index 3b7545ca47d..00000000000
--- a/net-firewall/shorewall/shorewall-5.1.7.1.ebuild
+++ /dev/null
@@ -1,456 +0,0 @@
-# Copyright 1999-2017 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI="6"
-
-inherit linux-info prefix systemd versionator
-
-DESCRIPTION='A high-level tool for configuring Netfilter'
-HOMEPAGE="http://www.shorewall.net/"
-LICENSE="GPL-2"
-SLOT="0"
-IUSE="doc +init +ipv4 ipv6 lite4 lite6 selinux"
-
-MY_PV=${PV/_rc/-RC}
-MY_PV=${MY_PV/_beta/-Beta}
-MY_P=${PN}-${MY_PV}
-
-MY_MAJOR_RELEASE_NUMBER=$(get_version_component_range 1-2)
-MY_MAJORMINOR_RELEASE_NUMBER=$(get_version_component_range 1-3)
-
-# shorewall
-MY_PN_IPV4=Shorewall
-MY_P_IPV4=${MY_PN_IPV4/#S/s}-${MY_PV}
-
-# shorewall6
-MY_PN_IPV6=Shorewall6
-MY_P_IPV6=${MY_PN_IPV6/#S/s}-${MY_PV}
-
-# shorewall-lite
-MY_PN_LITE4=Shorewall-lite
-MY_P_LITE4=${MY_PN_LITE4/#S/s}-${MY_PV}
-
-# shorewall6-lite
-MY_PN_LITE6=Shorewall6-lite
-MY_P_LITE6=${MY_PN_LITE6/#S/s}-${MY_PV}
-
-# shorewall-init
-MY_PN_INIT=Shorewall-init
-MY_P_INIT=${MY_PN_INIT/#S/s}-${MY_PV}
-
-# shorewall-core
-MY_PN_CORE=Shorewall-core
-MY_P_CORE=${MY_PN_CORE/#S/s}-${MY_PV}
-
-# shorewall-docs-html
-MY_PN_DOCS=Shorewall-docs-html
-MY_P_DOCS=${MY_PN_DOCS/#S/s}-${MY_PV}
-
-# Upstream URL schema:
-# Beta:    $MIRROR/pub/shorewall/development/4.6/shorewall-4.6.4-Beta2/shorewall-4.6.4-Beta2.tar.bz2
-# RC:      $MIRROR/pub/shorewall/development/4.6/shorewall-4.6.4-RC1/shorewall-4.6.4-RC1.tar.bz2
-# Release: $MIRROR/pub/shorewall/4.6/shorewall-4.6.3/shorewall-4.6.3.3.tar.bz2
-
-MY_URL_PREFIX=
-MY_URL_SUFFIX=
-if [[ ${MY_PV} = *-Beta* ]] || [[ ${MY_PV} = *-RC* ]]; then
-	MY_URL_PREFIX='development/'
-
-	_tmp_last_index=$(($(get_last_version_component_index ${MY_PV})+1))
-	_tmp_suffix=$(get_version_component_range ${_tmp_last_index} ${MY_PV})
-	if [[ ${_tmp_suffix} = *Beta* ]] || [[ ${_tmp_suffix} = *RC* ]]; then
-		MY_URL_SUFFIX="-${_tmp_suffix}"
-	fi
-
-	# Cleaning up temporary variables
-	unset _tmp_last_index
-	unset _tmp_suffix
-else
-	KEYWORDS="~alpha ~amd64 ~hppa ~ppc ~ppc64 ~sparc ~x86"
-fi
-
-SRC_URI="
-	http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall-core-${MY_PV}.tar.bz2
-	ipv4? ( http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall-${MY_PV}.tar.bz2 )
-	ipv6? ( http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall6-${MY_PV}.tar.bz2 )
-	lite4? ( http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall-lite-${MY_PV}.tar.bz2 )
-	lite6? ( http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall6-lite-${MY_PV}.tar.bz2 )
-	init? ( http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall-init-${MY_PV}.tar.bz2 )
-	doc? ( http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/${MY_P_DOCS}.tar.bz2 )
-"
-
-# - Shorewall6 requires Shorewall
-# - Installing Shorewall-init or just the documentation doesn't make any sense,
-#   that's why we force the user to select at least one "real" Shorewall product
-#
-# See http://shorewall.net/download.htm#Which
-REQUIRED_USE="
-	ipv6? ( ipv4 )
-	|| ( ipv4 lite4 lite6 )
-"
-
-# No build dependencies! Just plain shell scripts...
-DEPEND=""
-
-RDEPEND="
-	>=net-firewall/iptables-1.4.20
-	>=sys-apps/iproute2-3.8.0[-minimal]
-	>=sys-devel/bc-1.06.95
-	ipv4? (
-		>=dev-lang/perl-5.16
-		virtual/perl-Digest-SHA
-	)
-	ipv6? (
-		>=dev-perl/Socket6-0.230.0
-		>=net-firewall/iptables-1.4.20[ipv6]
-		>=sys-apps/iproute2-3.8.0[ipv6]
-	)
-	lite6? (
-		>=net-firewall/iptables-1.4.20[ipv6]
-		>=sys-apps/iproute2-3.8.0[ipv6]
-	)
-	init? ( >=sys-apps/coreutils-8.20 )
-	selinux? ( >=sec-policy/selinux-shorewall-2.20161023-r3 )
-	!net-firewall/shorewall-core
-	!net-firewall/shorewall6
-	!net-firewall/shorewall-lite
-	!net-firewall/shorewall6-lite
-	!net-firewall/shorewall-init
-	!<sys-apps/systemd-214
-"
-
-S=${WORKDIR}
-
-pkg_pretend() {
-	local CONFIG_CHECK="~NF_CONNTRACK"
-
-	local WARNING_CONNTRACK="Without NF_CONNTRACK support, you will be unable"
-	local WARNING_CONNTRACK+=" to run any shorewall-based firewall on the local system."
-
-	if use ipv4 || use lite4; then
-		CONFIG_CHECK="${CONFIG_CHECK} ~NF_CONNTRACK_IPV4"
-
-		local WARNING_CONNTRACK_IPV4="Without NF_CONNTRACK_IPV4 support, you will"
-		local WARNING_CONNTRACK_IPV4+=" be unable to run any shorewall-based IPv4 firewall on the local system."
-	fi
-
-	if use ipv6 || use lite6; then
-		CONFIG_CHECK="${CONFIG_CHECK} ~NF_CONNTRACK_IPV6"
-
-		local WARNING_CONNTRACK_IPV6="Without NF_CONNTRACK_IPV6 support, you will"
-		local WARNING_CONNTRACK_IPV6+=" be unable to run any shorewall-based IPv6 firewall on the local system."
-	fi
-
-	check_extra_config
-}
-
-pkg_setup() {
-	if [[ -n "${DIGEST}" ]]; then
-		einfo "Unsetting environment variable \"DIGEST\" to prevent conflicts with package's \"install.sh\" script ..."
-		unset DIGEST
-	fi
-}
-
-src_prepare() {
-	# We are moving each unpacked source from MY_P_* to MY_PN_*.
-	# This allows us to use patches from upstream and keeps epatch_user working
-
-	einfo "Preparing shorewallrc ..."
-	cp "${FILESDIR}"/shorewallrc-r1 "${S}"/shorewallrc.gentoo || die "Copying shorewallrc failed"
-	eprefixify "${S}"/shorewallrc.gentoo
-
-	# shorewall-core
-	mv "${S}"/${MY_P_CORE} "${S}"/${MY_PN_CORE} || die "Failed to move '${S}/${MY_P_CORE}' to '${S}/${MY_PN_CORE}'"
-	ebegin "Applying Gentoo-specific changes to ${MY_P_CORE} ..."
-	ln -s ../shorewallrc.gentoo ${MY_PN_CORE}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo"
-	eend 0
-
-	# shorewall
-	if use ipv4; then
-		mv "${S}"/${MY_P_IPV4} "${S}"/${MY_PN_IPV4} || die "Failed to move '${S}/${MY_P_IPV4}' to '${S}/${MY_PN_IPV4}'"
-		ebegin "Applying Gentoo-specific changes to ${MY_P_IPV4}"
-		ln -s ../shorewallrc.gentoo ${MY_PN_IPV4}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo"
-		cp "${FILESDIR}"/shorewall.confd-r1 "${S}"/${MY_PN_IPV4}/default.gentoo || die "Copying shorewall.confd-r1 failed"
-		cp "${FILESDIR}"/shorewall.initd-r2 "${S}"/${MY_PN_IPV4}/init.gentoo.sh || die "Copying shorewall.initd-r2 failed"
-		cp "${FILESDIR}"/shorewall.systemd "${S}"/${MY_PN_IPV4}/gentoo.service || die "Copying shorewall.systemd failed"
-		eend 0
-	fi
-
-	# shorewall6
-	if use ipv6; then
-		mv "${S}"/${MY_P_IPV6} "${S}"/${MY_PN_IPV6} || die "Failed to move '${S}/${MY_P_IPV6}' to '${S}/${MY_PN_IPV6}'"
-		ebegin "Applying Gentoo-specific changes to ${MY_P_IPV6}"
-		ln -s ../shorewallrc.gentoo ${MY_PN_IPV6}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo"
-		cp "${FILESDIR}"/shorewall.confd-r1 "${S}"/${MY_PN_IPV6}/default.gentoo || die "Copying shorewall.confd-r1 failed"
-		cp "${FILESDIR}"/shorewall.initd-r2 "${S}"/${MY_PN_IPV6}/init.gentoo.sh || die "Copying shorewall.initd-r2 failed"
-		cp "${FILESDIR}"/shorewall6.systemd "${S}"/${MY_PN_IPV6}/gentoo.service || die "Copying shorewall6.systemd failed"
-		eend 0
-	fi
-
-	# shorewall-lite
-	if use lite4; then
-		mv "${S}"/${MY_P_LITE4} "${S}"/${MY_PN_LITE4} || die "Failed to move '${S}/${MY_P_LITE4}' to '${S}/${MY_PN_LITE4}'"
-		ebegin "Applying Gentoo-specific changes to ${MY_P_LITE4}"
-		ln -s ../shorewallrc.gentoo ${MY_PN_LITE4}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo"
-		cp "${FILESDIR}"/shorewall-lite.confd-r1 "${S}"/${MY_PN_LITE4}/default.gentoo || die "Copying shorewall-lite.confd-r1 failed"
-		cp "${FILESDIR}"/shorewall-lite.initd-r2 "${S}"/${MY_PN_LITE4}/init.gentoo.sh || die "Copying shorewall-lite.initd-r2 failed"
-		cp "${FILESDIR}"/shorewall-lite.systemd "${S}"/${MY_PN_LITE4}/gentoo.service || die "Copying shorewall-lite.systemd failed"
-		eend 0
-	fi
-
-	# shorewall6-lite
-	if use lite6; then
-		mv "${S}"/${MY_P_LITE6} "${S}"/${MY_PN_LITE6} || die "Failed to move '${S}/${MY_P_LITE6}' to '${S}/${MY_PN_LITE6}'"
-		ebegin "Applying Gentoo-specific changes to ${MY_P_LITE6}"
-		ln -s ../shorewallrc.gentoo ${MY_PN_LITE6}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo"
-		cp "${FILESDIR}"/shorewall-lite.confd-r1 "${S}"/${MY_PN_LITE6}/default.gentoo || die "Copying shorewall-lite.confd-r1 failed"
-		cp "${FILESDIR}"/shorewall-lite.initd-r2 "${S}"/${MY_PN_LITE6}/init.gentoo.sh || die "Copying shorewall-lite.initd-r2 failed"
-		cp "${FILESDIR}"/shorewall6-lite.systemd "${S}"/${MY_PN_LITE6}/gentoo.service || die "Copying shorewall6-lite.systemd failed"
-		eend 0
-	fi
-
-	# shorewall-init
-	if use init; then
-		mv "${S}"/${MY_P_INIT} "${S}"/${MY_PN_INIT} || die "Failed to move '${S}/${MY_P_INIT}' to '${S}/${MY_PN_INIT}'"
-		ebegin "Applying Gentoo-specific changes to ${MY_P_INIT}"
-		ln -s ../shorewallrc.gentoo ${MY_PN_INIT}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo"
-		cp "${FILESDIR}"/shorewall-init.confd "${S}"/${MY_PN_INIT}/default.gentoo || die "Copying shorewall-init.confd failed"
-		cp "${FILESDIR}"/shorewall-init.initd "${S}"/${MY_PN_INIT}/init.gentoo.sh || die "Copying shorewall-init.initd failed"
-		cp "${FILESDIR}"/shorewall-init.systemd "${S}"/${MY_PN_INIT}/gentoo.service || die "Copying shorewall-init.systemd failed"
-		cp "${FILESDIR}"/shorewall-init.readme "${S}"/${MY_PN_INIT}/shorewall-init.README.Gentoo.txt || die "Copying shorewall-init.systemd failed"
-		eend 0
-
-		eprefixify "${S}"/${MY_PN_INIT}/init.gentoo.sh
-
-		cd "${S}"/${MY_PN_INIT} || die
-		eapply -p2 "${FILESDIR}"/shorewall-init-01_remove-ipset-functionality-r1.patch
-		cd "${S}" || die
-	fi
-
-	# shorewall-docs-html
-	if use doc; then
-		mv "${S}"/${MY_P_DOCS} "${S}"/${MY_PN_DOCS} || die "Failed to move '${S}/${MY_P_DOCS}' to '${S}/${MY_PN_DOCS}'"
-	fi
-
-	eapply_user
-}
-
-src_configure() {
-	:;
-}
-
-src_compile() {
-	:;
-}
-
-src_install() {
-	# shorewall-core
-	einfo "Installing ${MY_P_CORE} ..."
-	DESTDIR="${D%/}" ${MY_PN_CORE}/install.sh shorewallrc.gentoo || die "${MY_PN_CORE}/install.sh failed"
-	dodoc "${S}"/${MY_PN_CORE}/changelog.txt "${S}"/${MY_PN_CORE}/releasenotes.txt
-
-	# shorewall
-	if use ipv4; then
-		einfo "Installing ${MY_P_IPV4} ..."
-		keepdir /var/lib/shorewall
-		DESTDIR="${D%/}" ${MY_PN_IPV4}/install.sh shorewallrc.gentoo || die "${MY_PN_IPV4}/install.sh failed"
-
-		if use doc; then
-			dodoc -r "${S}"/${MY_PN_IPV4}/Samples
-		fi
-	fi
-
-	# shorewall6
-	if use ipv6; then
-		einfo "Installing ${MY_P_IPV6} ..."
-		keepdir /var/lib/shorewall6
-		DESTDIR="${D%/}" ${MY_PN_IPV6}/install.sh shorewallrc.gentoo || die "${MY_PN_IPV6}/install.sh failed"
-
-		if use doc; then
-			dodoc -r "${S}"/${MY_PN_IPV6}/Samples6
-		fi
-	fi
-
-	# shorewall-lite
-	if use lite4; then
-		einfo "Installing ${MY_P_LITE4} ..."
-		keepdir /var/lib/shorewall-lite
-		DESTDIR="${D%/}" ${MY_PN_LITE4}/install.sh shorewallrc.gentoo || die "${MY_PN_LITE4}/install.sh failed"
-	fi
-
-	# shorewall6-lite
-	if use lite6; then
-		einfo "Installing ${MY_P_LITE6} ..."
-		keepdir /var/lib/shorewall6-lite
-		DESTDIR="${D%/}" ${MY_PN_LITE6}/install.sh shorewallrc.gentoo || die "${MY_PN_LITE6}/install.sh failed"
-	fi
-
-	# shorewall-init
-	if use init; then
-		einfo "Installing ${MY_P_INIT} ..."
-		DESTDIR="${D%/}" ${MY_PN_INIT}/install.sh shorewallrc.gentoo || die "${MY_PN_INIT}/install.sh failed"
-		dodoc "${S}"/${MY_PN_INIT}/shorewall-init.README.Gentoo.txt
-
-		if [[ -f "${D}etc/logrotate.d/shorewall-init" ]]; then
-			# On Gentoo, shorewall-init will not create shorewall-ifupdown.log,
-			# so we don't need a logrotate configuration file for shorewall-init
-			einfo "Removing unused \"${D}etc/logrotate.d/shorewall-init\" ..."
-			rm -rf "${D}"etc/logrotate.d/shorewall-init || die "Removing \"${D}etc/logrotate.d/shorewall-init\" failed"
-		fi
-
-		if [[ -d "${D}etc/NetworkManager" ]]; then
-			# On Gentoo, we don't support NetworkManager
-			# so we don't need this folder at all
-			einfo "Removing unused \"${D}etc/NetworkManager\" ..."
-			rm -rf "${D}"etc/NetworkManager || die "Removing \"${D}etc/NetworkManager\" failed"
-		fi
-
-		if [[ -f "${D}usr/share/shorewall-init/ifupdown" ]]; then
-			# This script isn't supported on Gentoo
-			rm -rf "${D}"usr/share/shorewall-init/ifupdown || die "Removing \"${D}usr/share/shorewall-init/ifupdown\" failed"
-		fi
-	fi
-
-	if use doc; then
-		einfo "Installing ${MY_P_DOCS} ..."
-		docinto html && dodoc -r "${S}"/${MY_PN_DOCS}/*
-	fi
-}
-
-pkg_postinst() {
-	if [[ -z "${REPLACING_VERSIONS}" ]]; then
-		# This is a new installation
-
-		# Show first steps for shorewall/shorewall6
-		local _PRODUCTS=""
-		if use ipv4; then
-			_PRODUCTS="shorewall"
-
-			if use ipv6; then
-				_PRODUCTS="${_PRODUCTS}/shorewall6"
-			fi
-		fi
-
-		if [[ -n "${_PRODUCTS}" ]]; then
-			elog "Before you can use ${_PRODUCTS}, you need to edit its configuration in:"
-			elog ""
-			elog "  /etc/shorewall/shorewall.conf"
-
-			if use ipv6; then
-				elog "  /etc/shorewall6/shorewall6.conf"
-			fi
-
-			elog ""
-			elog "To activate your shorewall-based firewall on system start, please add ${_PRODUCTS} to your default runlevel:"
-			elog ""
-			elog "  # rc-update add shorewall default"
-
-			if use ipv6; then
-				elog "  # rc-update add shorewall6 default"
-			fi
-		fi
-
-		# Show first steps for shorewall-lite/shorewall6-lite
-		_PRODUCTS=""
-		if use lite4; then
-			_PRODUCTS="shorewall-lite"
-		fi
-
-		if use lite6; then
-			if [[ -z "${_PRODUCTS}" ]]; then
-				_PRODUCTS="shorewall6-lite"
-			else
-				_PRODUCTS="${_PRODUCTS}/shorewall6-lite"
-			fi
-		fi
-
-		if [[ -n "${_PRODUCTS}" ]]; then
-			if use ipv4; then
-				elog ""
-			fi
-
-			elog "Before you can use ${_PRODUCTS}, you need to provide a configuration, which you can"
-			elog "create using ${CATEGORY}/shorewall (with \"ipv4\" and or \"ipv6\" USE flag)."
-			elog ""
-			elog "To read more about ${_PRODUCTS}, please visit"
-			elog "  http://shorewall.net/CompiledPrograms.html"
-			elog ""
-			elog "To activate your shorewall-lite-based firewall on system start, please add ${PRODUCTS} to your default runlevel:"
-			elog ""
-
-			if use lite4; then
-				elog "  # rc-update add shorewall-lite default"
-			fi
-
-			if use lite6; then
-				elog "  # rc-update add shorewall6-lite default"
-			fi
-		fi
-
-		if use init; then
-			elog ""
-			elog "To secure your system on boot, please add shorewall-init to your boot runlevel:"
-			elog ""
-			elog "  # rc-update add shorewall-init boot"
-			elog ""
-			elog "and review \$PRODUCTS in"
-			elog ""
-			elog "  /etc/conf.d/shorewall-init"
-		fi
-
-	fi
-
-	local v
-	for v in ${REPLACING_VERSIONS}; do
-		if ! version_is_at_least ${MY_MAJOR_RELEASE_NUMBER} ${v}; then
-			# This is an upgrade
-
-			elog "You are upgrading from a previous major version. It is highly recommended that you read"
-			elog ""
-			elog "  - /usr/share/doc/shorewall*/releasenotes.tx*"
-			elog "  - http://shorewall.net/Shorewall-5.html#idp51151872"
-
-			if use ipv4; then
-				elog ""
-				elog "You can auto-migrate your configuration using"
-				elog ""
-				elog "  # shorewall update -A"
-
-				if use ipv6; then
-					elog "  # shorewall6 update -A"
-				fi
-
-				elog ""
-				elog "*after* you have merged the changed files using one of the configuration"
-				elog "files update tools of your choice (dispatch-conf, etc-update...)."
-
-				elog ""
-				elog "But if you are not familiar with the \"shorewall[6] update\" command,"
-				elog "please read the shorewall[6] man page first."
-			fi
-
-			# Show this elog only once
-			break
-		fi
-	done
-
-	if ! use init; then
-		elog ""
-		elog "Consider emerging ${CATEGORY}/${PN} with USE flag \"init\" to secure your system on boot"
-		elog "before your shorewall-based firewall is ready to start."
-		elog ""
-		elog "To read more about shorewall-init, please visit"
-		elog "  http://www.shorewall.net/Shorewall-init.html"
-	fi
-
-	if ! has_version "net-firewall/conntrack-tools"; then
-		elog ""
-		elog "Your Shorewall firewall can utilize \"conntrack\" from the \"net-firewall/conntrack-tools\""
-		elog "package. if you want to use this feature, you need to install \"net-firewall/conntrack-tools\"!"
-	fi
-
-	if ! has_version "dev-perl/Devel-NYTProf"; then
-		elog ""
-		elog "If you want to profile your Shorewall firewall you need to install \"dev-perl/Devel-NYTProf\"!"
-	fi
-}

diff --git a/net-firewall/shorewall/shorewall-5.1.7.ebuild b/net-firewall/shorewall/shorewall-5.1.7.ebuild
deleted file mode 100644
index 3b7545ca47d..00000000000
--- a/net-firewall/shorewall/shorewall-5.1.7.ebuild
+++ /dev/null
@@ -1,456 +0,0 @@
-# Copyright 1999-2017 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI="6"
-
-inherit linux-info prefix systemd versionator
-
-DESCRIPTION='A high-level tool for configuring Netfilter'
-HOMEPAGE="http://www.shorewall.net/"
-LICENSE="GPL-2"
-SLOT="0"
-IUSE="doc +init +ipv4 ipv6 lite4 lite6 selinux"
-
-MY_PV=${PV/_rc/-RC}
-MY_PV=${MY_PV/_beta/-Beta}
-MY_P=${PN}-${MY_PV}
-
-MY_MAJOR_RELEASE_NUMBER=$(get_version_component_range 1-2)
-MY_MAJORMINOR_RELEASE_NUMBER=$(get_version_component_range 1-3)
-
-# shorewall
-MY_PN_IPV4=Shorewall
-MY_P_IPV4=${MY_PN_IPV4/#S/s}-${MY_PV}
-
-# shorewall6
-MY_PN_IPV6=Shorewall6
-MY_P_IPV6=${MY_PN_IPV6/#S/s}-${MY_PV}
-
-# shorewall-lite
-MY_PN_LITE4=Shorewall-lite
-MY_P_LITE4=${MY_PN_LITE4/#S/s}-${MY_PV}
-
-# shorewall6-lite
-MY_PN_LITE6=Shorewall6-lite
-MY_P_LITE6=${MY_PN_LITE6/#S/s}-${MY_PV}
-
-# shorewall-init
-MY_PN_INIT=Shorewall-init
-MY_P_INIT=${MY_PN_INIT/#S/s}-${MY_PV}
-
-# shorewall-core
-MY_PN_CORE=Shorewall-core
-MY_P_CORE=${MY_PN_CORE/#S/s}-${MY_PV}
-
-# shorewall-docs-html
-MY_PN_DOCS=Shorewall-docs-html
-MY_P_DOCS=${MY_PN_DOCS/#S/s}-${MY_PV}
-
-# Upstream URL schema:
-# Beta:    $MIRROR/pub/shorewall/development/4.6/shorewall-4.6.4-Beta2/shorewall-4.6.4-Beta2.tar.bz2
-# RC:      $MIRROR/pub/shorewall/development/4.6/shorewall-4.6.4-RC1/shorewall-4.6.4-RC1.tar.bz2
-# Release: $MIRROR/pub/shorewall/4.6/shorewall-4.6.3/shorewall-4.6.3.3.tar.bz2
-
-MY_URL_PREFIX=
-MY_URL_SUFFIX=
-if [[ ${MY_PV} = *-Beta* ]] || [[ ${MY_PV} = *-RC* ]]; then
-	MY_URL_PREFIX='development/'
-
-	_tmp_last_index=$(($(get_last_version_component_index ${MY_PV})+1))
-	_tmp_suffix=$(get_version_component_range ${_tmp_last_index} ${MY_PV})
-	if [[ ${_tmp_suffix} = *Beta* ]] || [[ ${_tmp_suffix} = *RC* ]]; then
-		MY_URL_SUFFIX="-${_tmp_suffix}"
-	fi
-
-	# Cleaning up temporary variables
-	unset _tmp_last_index
-	unset _tmp_suffix
-else
-	KEYWORDS="~alpha ~amd64 ~hppa ~ppc ~ppc64 ~sparc ~x86"
-fi
-
-SRC_URI="
-	http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall-core-${MY_PV}.tar.bz2
-	ipv4? ( http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall-${MY_PV}.tar.bz2 )
-	ipv6? ( http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall6-${MY_PV}.tar.bz2 )
-	lite4? ( http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall-lite-${MY_PV}.tar.bz2 )
-	lite6? ( http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall6-lite-${MY_PV}.tar.bz2 )
-	init? ( http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall-init-${MY_PV}.tar.bz2 )
-	doc? ( http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/${MY_P_DOCS}.tar.bz2 )
-"
-
-# - Shorewall6 requires Shorewall
-# - Installing Shorewall-init or just the documentation doesn't make any sense,
-#   that's why we force the user to select at least one "real" Shorewall product
-#
-# See http://shorewall.net/download.htm#Which
-REQUIRED_USE="
-	ipv6? ( ipv4 )
-	|| ( ipv4 lite4 lite6 )
-"
-
-# No build dependencies! Just plain shell scripts...
-DEPEND=""
-
-RDEPEND="
-	>=net-firewall/iptables-1.4.20
-	>=sys-apps/iproute2-3.8.0[-minimal]
-	>=sys-devel/bc-1.06.95
-	ipv4? (
-		>=dev-lang/perl-5.16
-		virtual/perl-Digest-SHA
-	)
-	ipv6? (
-		>=dev-perl/Socket6-0.230.0
-		>=net-firewall/iptables-1.4.20[ipv6]
-		>=sys-apps/iproute2-3.8.0[ipv6]
-	)
-	lite6? (
-		>=net-firewall/iptables-1.4.20[ipv6]
-		>=sys-apps/iproute2-3.8.0[ipv6]
-	)
-	init? ( >=sys-apps/coreutils-8.20 )
-	selinux? ( >=sec-policy/selinux-shorewall-2.20161023-r3 )
-	!net-firewall/shorewall-core
-	!net-firewall/shorewall6
-	!net-firewall/shorewall-lite
-	!net-firewall/shorewall6-lite
-	!net-firewall/shorewall-init
-	!<sys-apps/systemd-214
-"
-
-S=${WORKDIR}
-
-pkg_pretend() {
-	local CONFIG_CHECK="~NF_CONNTRACK"
-
-	local WARNING_CONNTRACK="Without NF_CONNTRACK support, you will be unable"
-	local WARNING_CONNTRACK+=" to run any shorewall-based firewall on the local system."
-
-	if use ipv4 || use lite4; then
-		CONFIG_CHECK="${CONFIG_CHECK} ~NF_CONNTRACK_IPV4"
-
-		local WARNING_CONNTRACK_IPV4="Without NF_CONNTRACK_IPV4 support, you will"
-		local WARNING_CONNTRACK_IPV4+=" be unable to run any shorewall-based IPv4 firewall on the local system."
-	fi
-
-	if use ipv6 || use lite6; then
-		CONFIG_CHECK="${CONFIG_CHECK} ~NF_CONNTRACK_IPV6"
-
-		local WARNING_CONNTRACK_IPV6="Without NF_CONNTRACK_IPV6 support, you will"
-		local WARNING_CONNTRACK_IPV6+=" be unable to run any shorewall-based IPv6 firewall on the local system."
-	fi
-
-	check_extra_config
-}
-
-pkg_setup() {
-	if [[ -n "${DIGEST}" ]]; then
-		einfo "Unsetting environment variable \"DIGEST\" to prevent conflicts with package's \"install.sh\" script ..."
-		unset DIGEST
-	fi
-}
-
-src_prepare() {
-	# We are moving each unpacked source from MY_P_* to MY_PN_*.
-	# This allows us to use patches from upstream and keeps epatch_user working
-
-	einfo "Preparing shorewallrc ..."
-	cp "${FILESDIR}"/shorewallrc-r1 "${S}"/shorewallrc.gentoo || die "Copying shorewallrc failed"
-	eprefixify "${S}"/shorewallrc.gentoo
-
-	# shorewall-core
-	mv "${S}"/${MY_P_CORE} "${S}"/${MY_PN_CORE} || die "Failed to move '${S}/${MY_P_CORE}' to '${S}/${MY_PN_CORE}'"
-	ebegin "Applying Gentoo-specific changes to ${MY_P_CORE} ..."
-	ln -s ../shorewallrc.gentoo ${MY_PN_CORE}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo"
-	eend 0
-
-	# shorewall
-	if use ipv4; then
-		mv "${S}"/${MY_P_IPV4} "${S}"/${MY_PN_IPV4} || die "Failed to move '${S}/${MY_P_IPV4}' to '${S}/${MY_PN_IPV4}'"
-		ebegin "Applying Gentoo-specific changes to ${MY_P_IPV4}"
-		ln -s ../shorewallrc.gentoo ${MY_PN_IPV4}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo"
-		cp "${FILESDIR}"/shorewall.confd-r1 "${S}"/${MY_PN_IPV4}/default.gentoo || die "Copying shorewall.confd-r1 failed"
-		cp "${FILESDIR}"/shorewall.initd-r2 "${S}"/${MY_PN_IPV4}/init.gentoo.sh || die "Copying shorewall.initd-r2 failed"
-		cp "${FILESDIR}"/shorewall.systemd "${S}"/${MY_PN_IPV4}/gentoo.service || die "Copying shorewall.systemd failed"
-		eend 0
-	fi
-
-	# shorewall6
-	if use ipv6; then
-		mv "${S}"/${MY_P_IPV6} "${S}"/${MY_PN_IPV6} || die "Failed to move '${S}/${MY_P_IPV6}' to '${S}/${MY_PN_IPV6}'"
-		ebegin "Applying Gentoo-specific changes to ${MY_P_IPV6}"
-		ln -s ../shorewallrc.gentoo ${MY_PN_IPV6}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo"
-		cp "${FILESDIR}"/shorewall.confd-r1 "${S}"/${MY_PN_IPV6}/default.gentoo || die "Copying shorewall.confd-r1 failed"
-		cp "${FILESDIR}"/shorewall.initd-r2 "${S}"/${MY_PN_IPV6}/init.gentoo.sh || die "Copying shorewall.initd-r2 failed"
-		cp "${FILESDIR}"/shorewall6.systemd "${S}"/${MY_PN_IPV6}/gentoo.service || die "Copying shorewall6.systemd failed"
-		eend 0
-	fi
-
-	# shorewall-lite
-	if use lite4; then
-		mv "${S}"/${MY_P_LITE4} "${S}"/${MY_PN_LITE4} || die "Failed to move '${S}/${MY_P_LITE4}' to '${S}/${MY_PN_LITE4}'"
-		ebegin "Applying Gentoo-specific changes to ${MY_P_LITE4}"
-		ln -s ../shorewallrc.gentoo ${MY_PN_LITE4}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo"
-		cp "${FILESDIR}"/shorewall-lite.confd-r1 "${S}"/${MY_PN_LITE4}/default.gentoo || die "Copying shorewall-lite.confd-r1 failed"
-		cp "${FILESDIR}"/shorewall-lite.initd-r2 "${S}"/${MY_PN_LITE4}/init.gentoo.sh || die "Copying shorewall-lite.initd-r2 failed"
-		cp "${FILESDIR}"/shorewall-lite.systemd "${S}"/${MY_PN_LITE4}/gentoo.service || die "Copying shorewall-lite.systemd failed"
-		eend 0
-	fi
-
-	# shorewall6-lite
-	if use lite6; then
-		mv "${S}"/${MY_P_LITE6} "${S}"/${MY_PN_LITE6} || die "Failed to move '${S}/${MY_P_LITE6}' to '${S}/${MY_PN_LITE6}'"
-		ebegin "Applying Gentoo-specific changes to ${MY_P_LITE6}"
-		ln -s ../shorewallrc.gentoo ${MY_PN_LITE6}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo"
-		cp "${FILESDIR}"/shorewall-lite.confd-r1 "${S}"/${MY_PN_LITE6}/default.gentoo || die "Copying shorewall-lite.confd-r1 failed"
-		cp "${FILESDIR}"/shorewall-lite.initd-r2 "${S}"/${MY_PN_LITE6}/init.gentoo.sh || die "Copying shorewall-lite.initd-r2 failed"
-		cp "${FILESDIR}"/shorewall6-lite.systemd "${S}"/${MY_PN_LITE6}/gentoo.service || die "Copying shorewall6-lite.systemd failed"
-		eend 0
-	fi
-
-	# shorewall-init
-	if use init; then
-		mv "${S}"/${MY_P_INIT} "${S}"/${MY_PN_INIT} || die "Failed to move '${S}/${MY_P_INIT}' to '${S}/${MY_PN_INIT}'"
-		ebegin "Applying Gentoo-specific changes to ${MY_P_INIT}"
-		ln -s ../shorewallrc.gentoo ${MY_PN_INIT}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo"
-		cp "${FILESDIR}"/shorewall-init.confd "${S}"/${MY_PN_INIT}/default.gentoo || die "Copying shorewall-init.confd failed"
-		cp "${FILESDIR}"/shorewall-init.initd "${S}"/${MY_PN_INIT}/init.gentoo.sh || die "Copying shorewall-init.initd failed"
-		cp "${FILESDIR}"/shorewall-init.systemd "${S}"/${MY_PN_INIT}/gentoo.service || die "Copying shorewall-init.systemd failed"
-		cp "${FILESDIR}"/shorewall-init.readme "${S}"/${MY_PN_INIT}/shorewall-init.README.Gentoo.txt || die "Copying shorewall-init.systemd failed"
-		eend 0
-
-		eprefixify "${S}"/${MY_PN_INIT}/init.gentoo.sh
-
-		cd "${S}"/${MY_PN_INIT} || die
-		eapply -p2 "${FILESDIR}"/shorewall-init-01_remove-ipset-functionality-r1.patch
-		cd "${S}" || die
-	fi
-
-	# shorewall-docs-html
-	if use doc; then
-		mv "${S}"/${MY_P_DOCS} "${S}"/${MY_PN_DOCS} || die "Failed to move '${S}/${MY_P_DOCS}' to '${S}/${MY_PN_DOCS}'"
-	fi
-
-	eapply_user
-}
-
-src_configure() {
-	:;
-}
-
-src_compile() {
-	:;
-}
-
-src_install() {
-	# shorewall-core
-	einfo "Installing ${MY_P_CORE} ..."
-	DESTDIR="${D%/}" ${MY_PN_CORE}/install.sh shorewallrc.gentoo || die "${MY_PN_CORE}/install.sh failed"
-	dodoc "${S}"/${MY_PN_CORE}/changelog.txt "${S}"/${MY_PN_CORE}/releasenotes.txt
-
-	# shorewall
-	if use ipv4; then
-		einfo "Installing ${MY_P_IPV4} ..."
-		keepdir /var/lib/shorewall
-		DESTDIR="${D%/}" ${MY_PN_IPV4}/install.sh shorewallrc.gentoo || die "${MY_PN_IPV4}/install.sh failed"
-
-		if use doc; then
-			dodoc -r "${S}"/${MY_PN_IPV4}/Samples
-		fi
-	fi
-
-	# shorewall6
-	if use ipv6; then
-		einfo "Installing ${MY_P_IPV6} ..."
-		keepdir /var/lib/shorewall6
-		DESTDIR="${D%/}" ${MY_PN_IPV6}/install.sh shorewallrc.gentoo || die "${MY_PN_IPV6}/install.sh failed"
-
-		if use doc; then
-			dodoc -r "${S}"/${MY_PN_IPV6}/Samples6
-		fi
-	fi
-
-	# shorewall-lite
-	if use lite4; then
-		einfo "Installing ${MY_P_LITE4} ..."
-		keepdir /var/lib/shorewall-lite
-		DESTDIR="${D%/}" ${MY_PN_LITE4}/install.sh shorewallrc.gentoo || die "${MY_PN_LITE4}/install.sh failed"
-	fi
-
-	# shorewall6-lite
-	if use lite6; then
-		einfo "Installing ${MY_P_LITE6} ..."
-		keepdir /var/lib/shorewall6-lite
-		DESTDIR="${D%/}" ${MY_PN_LITE6}/install.sh shorewallrc.gentoo || die "${MY_PN_LITE6}/install.sh failed"
-	fi
-
-	# shorewall-init
-	if use init; then
-		einfo "Installing ${MY_P_INIT} ..."
-		DESTDIR="${D%/}" ${MY_PN_INIT}/install.sh shorewallrc.gentoo || die "${MY_PN_INIT}/install.sh failed"
-		dodoc "${S}"/${MY_PN_INIT}/shorewall-init.README.Gentoo.txt
-
-		if [[ -f "${D}etc/logrotate.d/shorewall-init" ]]; then
-			# On Gentoo, shorewall-init will not create shorewall-ifupdown.log,
-			# so we don't need a logrotate configuration file for shorewall-init
-			einfo "Removing unused \"${D}etc/logrotate.d/shorewall-init\" ..."
-			rm -rf "${D}"etc/logrotate.d/shorewall-init || die "Removing \"${D}etc/logrotate.d/shorewall-init\" failed"
-		fi
-
-		if [[ -d "${D}etc/NetworkManager" ]]; then
-			# On Gentoo, we don't support NetworkManager
-			# so we don't need this folder at all
-			einfo "Removing unused \"${D}etc/NetworkManager\" ..."
-			rm -rf "${D}"etc/NetworkManager || die "Removing \"${D}etc/NetworkManager\" failed"
-		fi
-
-		if [[ -f "${D}usr/share/shorewall-init/ifupdown" ]]; then
-			# This script isn't supported on Gentoo
-			rm -rf "${D}"usr/share/shorewall-init/ifupdown || die "Removing \"${D}usr/share/shorewall-init/ifupdown\" failed"
-		fi
-	fi
-
-	if use doc; then
-		einfo "Installing ${MY_P_DOCS} ..."
-		docinto html && dodoc -r "${S}"/${MY_PN_DOCS}/*
-	fi
-}
-
-pkg_postinst() {
-	if [[ -z "${REPLACING_VERSIONS}" ]]; then
-		# This is a new installation
-
-		# Show first steps for shorewall/shorewall6
-		local _PRODUCTS=""
-		if use ipv4; then
-			_PRODUCTS="shorewall"
-
-			if use ipv6; then
-				_PRODUCTS="${_PRODUCTS}/shorewall6"
-			fi
-		fi
-
-		if [[ -n "${_PRODUCTS}" ]]; then
-			elog "Before you can use ${_PRODUCTS}, you need to edit its configuration in:"
-			elog ""
-			elog "  /etc/shorewall/shorewall.conf"
-
-			if use ipv6; then
-				elog "  /etc/shorewall6/shorewall6.conf"
-			fi
-
-			elog ""
-			elog "To activate your shorewall-based firewall on system start, please add ${_PRODUCTS} to your default runlevel:"
-			elog ""
-			elog "  # rc-update add shorewall default"
-
-			if use ipv6; then
-				elog "  # rc-update add shorewall6 default"
-			fi
-		fi
-
-		# Show first steps for shorewall-lite/shorewall6-lite
-		_PRODUCTS=""
-		if use lite4; then
-			_PRODUCTS="shorewall-lite"
-		fi
-
-		if use lite6; then
-			if [[ -z "${_PRODUCTS}" ]]; then
-				_PRODUCTS="shorewall6-lite"
-			else
-				_PRODUCTS="${_PRODUCTS}/shorewall6-lite"
-			fi
-		fi
-
-		if [[ -n "${_PRODUCTS}" ]]; then
-			if use ipv4; then
-				elog ""
-			fi
-
-			elog "Before you can use ${_PRODUCTS}, you need to provide a configuration, which you can"
-			elog "create using ${CATEGORY}/shorewall (with \"ipv4\" and or \"ipv6\" USE flag)."
-			elog ""
-			elog "To read more about ${_PRODUCTS}, please visit"
-			elog "  http://shorewall.net/CompiledPrograms.html"
-			elog ""
-			elog "To activate your shorewall-lite-based firewall on system start, please add ${PRODUCTS} to your default runlevel:"
-			elog ""
-
-			if use lite4; then
-				elog "  # rc-update add shorewall-lite default"
-			fi
-
-			if use lite6; then
-				elog "  # rc-update add shorewall6-lite default"
-			fi
-		fi
-
-		if use init; then
-			elog ""
-			elog "To secure your system on boot, please add shorewall-init to your boot runlevel:"
-			elog ""
-			elog "  # rc-update add shorewall-init boot"
-			elog ""
-			elog "and review \$PRODUCTS in"
-			elog ""
-			elog "  /etc/conf.d/shorewall-init"
-		fi
-
-	fi
-
-	local v
-	for v in ${REPLACING_VERSIONS}; do
-		if ! version_is_at_least ${MY_MAJOR_RELEASE_NUMBER} ${v}; then
-			# This is an upgrade
-
-			elog "You are upgrading from a previous major version. It is highly recommended that you read"
-			elog ""
-			elog "  - /usr/share/doc/shorewall*/releasenotes.tx*"
-			elog "  - http://shorewall.net/Shorewall-5.html#idp51151872"
-
-			if use ipv4; then
-				elog ""
-				elog "You can auto-migrate your configuration using"
-				elog ""
-				elog "  # shorewall update -A"
-
-				if use ipv6; then
-					elog "  # shorewall6 update -A"
-				fi
-
-				elog ""
-				elog "*after* you have merged the changed files using one of the configuration"
-				elog "files update tools of your choice (dispatch-conf, etc-update...)."
-
-				elog ""
-				elog "But if you are not familiar with the \"shorewall[6] update\" command,"
-				elog "please read the shorewall[6] man page first."
-			fi
-
-			# Show this elog only once
-			break
-		fi
-	done
-
-	if ! use init; then
-		elog ""
-		elog "Consider emerging ${CATEGORY}/${PN} with USE flag \"init\" to secure your system on boot"
-		elog "before your shorewall-based firewall is ready to start."
-		elog ""
-		elog "To read more about shorewall-init, please visit"
-		elog "  http://www.shorewall.net/Shorewall-init.html"
-	fi
-
-	if ! has_version "net-firewall/conntrack-tools"; then
-		elog ""
-		elog "Your Shorewall firewall can utilize \"conntrack\" from the \"net-firewall/conntrack-tools\""
-		elog "package. if you want to use this feature, you need to install \"net-firewall/conntrack-tools\"!"
-	fi
-
-	if ! has_version "dev-perl/Devel-NYTProf"; then
-		elog ""
-		elog "If you want to profile your Shorewall firewall you need to install \"dev-perl/Devel-NYTProf\"!"
-	fi
-}

[gentoo-commits] repo/gentoo:master commit in: net-firewall/shorewall/files/, net-firewall/shorewall/

[Thomas Deutschmann]

commit:     fee0ed60a3e76c9d0ce7e3d8a21e495cd2444ef8
Author:     Thomas Deutschmann <whissi <AT> gentoo <DOT> org>
AuthorDate: Sun Dec 31 00:26:59 2017 +0000
Commit:     Thomas Deutschmann <whissi <AT> gentoo <DOT> org>
CommitDate: Sun Dec 31 00:28:01 2017 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=fee0ed60

net-firewall/shorewall: Rev bump to limit find search depth

Link: https://sourceforge.net/p/shorewall/mailman/message/36172339/
Package-Manager: Portage-2.3.19, Repoman-2.3.6

 .../files/shorewall-5.1.10.1-fix-find.patch         | 21 +++++++++++++++++++++
 ....10.1-r1.ebuild => shorewall-5.1.10.1-r2.ebuild} |  1 +
 2 files changed, 22 insertions(+)

diff --git a/net-firewall/shorewall/files/shorewall-5.1.10.1-fix-find.patch b/net-firewall/shorewall/files/shorewall-5.1.10.1-fix-find.patch
new file mode 100644
index 00000000000..2850d12297f
--- /dev/null
+++ b/net-firewall/shorewall/files/shorewall-5.1.10.1-fix-find.patch
@@ -0,0 +1,21 @@
+commit 4e5b98d3d928579bc3530893ceaf166337ea8e22
+Author: Tom Eastep <teastep@shorewall.net>
+Date:   Fri Dec 29 15:32:05 2017 -0800
+
+    Only search files in each CONFIG_PATH directory - no recursion
+    
+    Signed-off-by: Tom Eastep <teastep@shorewall.net>
+
+diff --git a/Shorewall/lib.cli-std b/Shorewall/lib.cli-std
+index 6f220aa3d..95eafdf65 100644
+--- a/shorewall-5.1.10.1/lib.cli-std
++++ b/shorewall-5.1.10.1/lib.cli-std
+@@ -386,7 +386,7 @@ uptodate() {
+     IFS=':'
+ 
+     for dir in $g_shorewalldir $CONFIG_PATH; do
+-	if [ -n "$(find ${dir} -newer $1)" ]; then
++	if [ -n "$(find ${dir} -mindepth 1 -maxdepth 1 -newer $1)" ]; then
+ 	    IFS="$ifs"
+ 	    return 1;
+ 	fi

diff --git a/net-firewall/shorewall/shorewall-5.1.10.1-r1.ebuild b/net-firewall/shorewall/shorewall-5.1.10.1-r2.ebuild
similarity index 99%
rename from net-firewall/shorewall/shorewall-5.1.10.1-r1.ebuild
rename to net-firewall/shorewall/shorewall-5.1.10.1-r2.ebuild
index 3b7545ca47d..ffef283075d 100644
--- a/net-firewall/shorewall/shorewall-5.1.10.1-r1.ebuild
+++ b/net-firewall/shorewall/shorewall-5.1.10.1-r2.ebuild
@@ -164,6 +164,7 @@ src_prepare() {
 	ebegin "Applying Gentoo-specific changes to ${MY_P_CORE} ..."
 	ln -s ../shorewallrc.gentoo ${MY_PN_CORE}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo"
 	eend 0
+	eapply "${FILESDIR}"/${PN}-5.1.10.1-fix-find.patch
 
 	# shorewall
 	if use ipv4; then

[gentoo-commits] repo/gentoo:master commit in: net-firewall/shorewall/files/, net-firewall/shorewall/

[Thomas Deutschmann]

commit:     9ee1f98ead42a042008d0e44dd8f5eb9aecde3a8
Author:     Thomas Deutschmann <whissi <AT> gentoo <DOT> org>
AuthorDate: Tue May  8 07:56:47 2018 +0000
Commit:     Thomas Deutschmann <whissi <AT> gentoo <DOT> org>
CommitDate: Tue May  8 07:57:07 2018 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=9ee1f98e

net-firewall/shorewall: drop old

Package-Manager: Portage-2.3.34, Repoman-2.3.9

 net-firewall/shorewall/Manifest                    |   7 -
 .../files/shorewall-5.2.0.1-AUTOMAKE-SAVE.patch    |  47 ---
 .../shorewall/files/shorewall-5.2.0.1-YESNO.patch  |  46 --
 net-firewall/shorewall/shorewall-5.2.0.1.ebuild    | 462 ---------------------
 4 files changed, 562 deletions(-)

diff --git a/net-firewall/shorewall/Manifest b/net-firewall/shorewall/Manifest
index 5f035c376f1..f3201993340 100644
--- a/net-firewall/shorewall/Manifest
+++ b/net-firewall/shorewall/Manifest
@@ -1,21 +1,14 @@
 DIST shorewall-5.1.12.4.tar.bz2 555854 BLAKE2B 697fb7dbe4217b3a8d7230b3d79cec94f33ff69975b9f52477def8424e2ed9c79614e5aff4a40e31c2c0c69bc32f88c40810b7b1e5381037df1cf225b8bf97ec SHA512 25038865df0b3a4d1bcdb14b58108cd0f42e8738c3415ef2ce6fcbf3b15fc651fa90ce6adcfc3c67d6e0dd18709c4862a3ca18f1976e6c96567db6cdae86e000
-DIST shorewall-5.2.0.1.tar.bz2 535180 BLAKE2B 4e7e1d1f43b1bd5a9e683d6ab4e0dde5201dce0616c66c38b518838210bcc69c31a5bb586933ac3d83f8852704166cb7376dd07d8ee4d74e777c483a5178db34 SHA512 9896836e709f728a2320c805cae588dbea37621587bbb0f11937be911c80d0302f63a230642089cdb9839cc55f16b67341392c5d76a71406e0cfadb7b99b4cc5
 DIST shorewall-5.2.0.2.tar.bz2 537374 BLAKE2B 650b3f23307be51b3a4ce75dcdfb3024ab476b5b5a2119b92181a8fc304ea6c4d1bdad342163eff4ea797d6dd18de0c0f1cf26d4de1e48f5fb0b384c25c85edf SHA512 e80525599956316fbd1421fce95e2e6adc0a2992ef1791b3d4d5a339100859c34396e19ee4f00f430f5808fc160c09e6f7a7f4f619bbbe21422524f1daaa1849
 DIST shorewall-core-5.1.12.4.tar.bz2 86548 BLAKE2B 8384c2f8ec673db3f0fed04af702e1967d41133f3a066ba09cbd58199654878d4d6c73730a933525304d68f7834c80d5c2a2452a4dd6faa71e2580deadf3189e SHA512 f77ae4080fa81a3259ab620ba7615c4188e6bec0244e898702dc641aacd8ac54160331e270b3708d818bfa9452cf96014868199a48c28f15c50d128365cb62e6
-DIST shorewall-core-5.2.0.1.tar.bz2 74523 BLAKE2B b4b204a9802a3fd0a69498acd7bb52a0fe0010a38df6feca5c98f15150e3924346911862745950269af60dd4ee2102a8e935a5c8d9f26edc8e726203bb8c3df2 SHA512 ebb184b33ade8111b961679c3aa90907ddc23410c17dd1fe49848425c465725a5f4c24f6bfbd158e759df6f651046db30120310a3edd7e594399721770cc9471
 DIST shorewall-core-5.2.0.2.tar.bz2 75108 BLAKE2B 2523d3fbdb0755c9c14195dedd0a4db2329b96a1ac5bde1eed1f0bb5623f89e18fab641d84074999b3058f73da75c9d306d372e02fac0bd735b0247256dad123 SHA512 1a6b94d25a09eeb464e4e35dee6e10a505d9fe271f034bc92763bed5c7bae44f88de68321f4b21bef4ef6e199d746d24fb4be077c676f96d9c84d8dfd453f370
 DIST shorewall-docs-html-5.1.12.4.tar.bz2 4281202 BLAKE2B 51624bf6a36766fa8f1aad9600885dc2b92f656ef3a7bc6cf3704a33d2e014af590bbe1621793bd77d291baa3441a0f493c27f838159ccbb15b0684ab26f4bef SHA512 e1592137013b463a7cbd28c7354f51b36460c054d55e1819198b72c600ccbdc8b3fee4bab33d7a71466397338bd38e0aa6312f1c182e79052f249c51d1017dc1
-DIST shorewall-docs-html-5.2.0.1.tar.bz2 4294859 BLAKE2B 317d1e014f94e040154617a355619317efed4c318e14a6c2a6cfabeb1ee2c5fb0bf49a7e9a80ca8ffbd5828798d33617fdcf18af0bc6ec8333a2a1b8231136c1 SHA512 52c5af9c682bbb233be3e779a45f7d09ca874849e6a118271bf90d6791cceaa31740dee8cdfd08a50807565fb9f8d6191ca1096ab31d1419b7088668c349c71c
 DIST shorewall-docs-html-5.2.0.2.tar.bz2 4294083 BLAKE2B 3ce667e656359f7d2f27bd03a47f2eae9f407a04f7b2921ad7099729164c40b3a88b2651052c3b28a3ab404953bef811da499f6acd4eb432648bf6d727124a20 SHA512 751f2c426e8abe9a5af396df39d4b67ccf674113b4b595916c6d44c14ace67f82ae2ffc84500b25d2876f0356b02c96383068d54fa97804afe464d2d5eccba31
 DIST shorewall-init-5.1.12.4.tar.bz2 41541 BLAKE2B 149b31b2ffd37c64cfc69de7d2d3a39824ce427a98a84f4e96af02aad9e04f0973f862ea0b158245a1d806504dc0dac9a5a554776d9533a7c88dbf6c096d4d07 SHA512 971f0a7a25f49c289e9c9d6d564e05b7f2675d271ef95c15b06a4a4e878a74c5b13a1ea80411014a5130f53267df6691042b313c423db193b9cd6cde172ed359
-DIST shorewall-init-5.2.0.1.tar.bz2 29381 BLAKE2B 6c0c937a8fd7499ce07f9ef0f1ef07c892e3d0585e2d29506377ca311ffa5939160aa62bd4e9602d346bfec2698865228ba69cdfbf6229520288485ced1e7f39 SHA512 ce9ba1a8bec5823650022f80db70b60930fa4b5c65462e4e8317f71ee467f75ff3af2b658c1d3bbe0cb7cb41acd4226cb2cfb657afde1375740c737f4528256f
 DIST shorewall-init-5.2.0.2.tar.bz2 29749 BLAKE2B c70067951d458bc54434214dc2b4764c0c52aca457a21c4c77d3ae6cc0586fc5ce325549f7a5df9c18c255113e7d71a4f687a6a72fc81528b7611a3edacab864 SHA512 1fef0feea7e36d2f12373e64d898129e2e49c66f3f182fad950f5aced6615ff2b59cea66c1d2c475e9a781c0faf50541642c71e69dda68fa41ab86509134b511
 DIST shorewall-lite-5.1.12.4.tar.bz2 47209 BLAKE2B ca39daa7a864b86cd9075f8604d053984ef8c451285520c568b83171163513bdbe7f910b21638f4f69e716d4bdbb4f148856b02dbe83392789d8b962669374e1 SHA512 1bcdb90fccc634103ff190be9a058abf1b5158d562702c8c1ad51e8edebc2939271f3279bcb0fd8ff7389ea175387ce5a090a0d9e5655524a11203b5c0d55604
-DIST shorewall-lite-5.2.0.1.tar.bz2 35244 BLAKE2B b4983c21bb46c684adecb4d771839bc4a31a6737827e68944e75752fc4296aa458f24f9cdba46f19d09308634b00368e7fe5ec7a6417c1348cc083f7d8d437c0 SHA512 5562c41993a6047b5a334ab26d296df836976749da24796f005e12afc1e987b4f784ec25ffe176c81b8e9f129930c91a5869335d15eca649bb7a03c214b700ad
 DIST shorewall-lite-5.2.0.2.tar.bz2 35577 BLAKE2B 462480b73a4cb70e2c09f7b1c4607cc748d1ff5d6ca511b2076edd7872865442ede343e3b26be2c46665a1c6beed5290584ccf0da6f93bc62ea1da1faf90abb3 SHA512 eb68b4b2b92a87c80f80b950bb5c2fc4f035f7650d786e4999d262bb21e2a5ee439e804aee4b3b0fb187b086ba4d899725a031f38d4138bec151969f9a874663
 DIST shorewall6-5.1.12.4.tar.bz2 197179 BLAKE2B 1c120388d0b8eafdbf6ec2fb64a8cc3e1e301dd109bb03f5dcfce60c534489210f669327eaa07bac5fbc7497e39c9167586f02017318ce9a2b054b4a39e4ae50 SHA512 9ff09b093f641452d3c5d615163336c903c74d4133cd620982760df6b8ee3acc704c460adb5db52b109f768d623152e47617c7d05742c2e6f19527c34eec9a61
-DIST shorewall6-5.2.0.1.tar.bz2 184727 BLAKE2B ff9502e2ff84af146ba42cbfe4a7e383e6e2c56f43cd53c21085908660c672d8e579fd8615f841a202bb6bd796d434f7a462d684e45496880599902a3a3a0acb SHA512 dd34968d2e074e0460aeb562a2c4ab857e6c9a680d4d9f41cf006bfddfffc647d472693401c6a8f03da25af2f1117ae61c640fa7db099af3e5b5cd27be74ecef
 DIST shorewall6-5.2.0.2.tar.bz2 186161 BLAKE2B 97414d6c8d3c6cf9100330ff6d9be9808f9aa354ab4c535429b8593dba0d5f328469bd42e928f33f66ba40a0e91dfcc45d47d2b405a6ccdc814fb1e2c9a977dc SHA512 ec551998f04cd9b1ac0c791cbdc45068b402d5be89e2fd0e1a6eb95b288b339ed49c23bac73e81f324e8c277b66772d2ef5b11aed7a4b085a5ed0047fb96b1da
 DIST shorewall6-lite-5.1.12.4.tar.bz2 46902 BLAKE2B 6e9bad615833beacbb0d4b779dc8479cad73c1964bc2220541419b99a7fc8dd1b57ca42d61d6ef708460beffa65106166dbd5c60a90ce7f4cdf60ce3a879defb SHA512 95b5b96b3744bd1a499d00b4f98d71b264369752e6fd9ede21717657785833d1124b97434fe33457bc6f80026b204eb9306d73af9eb8abf23840291ecc1caf32
-DIST shorewall6-lite-5.2.0.1.tar.bz2 34931 BLAKE2B 94155a21be8d8aba07d9742b2d92428285588dbf33f1b522644dd7be4a05dd25b93ad4d3bbc3fd147f544a7d9ce8bf01dbadaee642bcb014f43aef6ba61f1596 SHA512 dc2f1c61efd8673335b117771baf8cec2145b5afc4a6b74b80834daa321f22475e2ec9baa23358c5e2d4787b5ec1cc092b17617cdfe9a921bd0075328eb0cdd5
 DIST shorewall6-lite-5.2.0.2.tar.bz2 35311 BLAKE2B bb25abc719c776571273219df6a3ba89ffe2553efbb4e93755b3deabce9f34851024f72d5ab328ee9caa55ab3744e35f08013ae8fda19c480e6d907e7257f8fe SHA512 2c39805d17cd8d9710d175d583958cc25ac0f78351a36c36ff57e7a9c8db87bd64ddf5c27352c916d42db2a26864cb9e96f83e5b1677e24964e67315dc2fb086

diff --git a/net-firewall/shorewall/files/shorewall-5.2.0.1-AUTOMAKE-SAVE.patch b/net-firewall/shorewall/files/shorewall-5.2.0.1-AUTOMAKE-SAVE.patch
deleted file mode 100644
index 2927d4c17ab..00000000000
--- a/net-firewall/shorewall/files/shorewall-5.2.0.1-AUTOMAKE-SAVE.patch
+++ /dev/null
@@ -1,47 +0,0 @@
-diff --git a/Shorewall-core/lib.cli b/Shorewall-core/lib.cli
-index 0e2de1525..60499180d 100644
---- a/Shorewall-core/lib.cli
-+++ b/Shorewall-core/lib.cli
-@@ -1201,11 +1201,17 @@ show_saves_command() {
-     echo
- 
-     for f in ${VARDIR}/*-iptables; do
--	fn=$(basename $f)
--	fn=${fn%-iptables}
--	mtime=$(ls -lt $f | tail -n 1 | cut -d ' ' -f '6 7 8' )
--	[ $fn = "$RESTOREFILE" ] && fn="$fn (default)"
--	echo "   $mtime ${fn%-iptables}"
-+	case $f in
-+	    *\**)
-+	        ;;
-+	    *)
-+		fn=$(basename $f)
-+		fn=${fn%-iptables}
-+		mtime=$(ls -lt $f | tail -n 1 | cut -d ' ' -f '6 7 8' )
-+		[ $fn = "$RESTOREFILE" ] && fn="$fn (default)"
-+		echo "   $mtime ${fn%-iptables}"
-+		;;
-+	esac
-     done
- 
-     echo
-diff --git a/Shorewall/lib.cli-std b/Shorewall/lib.cli-std
-index 2d8c7df67..46c932335 100644
---- a/Shorewall/lib.cli-std
-+++ b/Shorewall/lib.cli-std
-@@ -412,10 +412,14 @@ uptodate() {
- 	    elif  [ -n "$(${find} ${dir} -maxdepth $AUTOMAKE -type f -newer $1 -print)" ]; then
- 		return 1;
- 	    fi
--	elif [ $AUTOMAKE = recursive ]; then
-+	elif [ "$AUTOMAKE" = recursive ]; then
- 	    if [ -n "$(${find} ${dir} -newer $1 -print -quit)" ]; then
- 		return 1;
- 	    fi
-+	elif [ -z "$AUTOMAKE" ]; then
-+	    if [ -n "$(${find} ${dir} -maxdepth 1 -type f -newer $1 -print -quit)" ]; then
-+		return 1;
-+	    fi
- 	elif [ -n "$(${find} ${dir} -maxdepth $AUTOMAKE -type f -newer $1 -print -quit)" ]; then
- 	    return 1;
- 	fi

diff --git a/net-firewall/shorewall/files/shorewall-5.2.0.1-YESNO.patch b/net-firewall/shorewall/files/shorewall-5.2.0.1-YESNO.patch
deleted file mode 100644
index 91791e01c4d..00000000000
--- a/net-firewall/shorewall/files/shorewall-5.2.0.1-YESNO.patch
+++ /dev/null
@@ -1,46 +0,0 @@
-diff --git a/Shorewall/lib.cli-std b/Shorewall/lib.cli-std
-index 9896e18d4..2d8c7df67 100644
---- a/Shorewall/lib.cli-std
-+++ b/Shorewall/lib.cli-std
-@@ -1063,6 +1063,41 @@ restart_command() {
-     return $rc
- }
- 
-+read_yesno_with_timeout() {
-+    local timeout
-+    timeout=${1:-60}
-+
-+    case $timeout in
-+	*s)
-+	    ;;
-+	*m)
-+	    timeout=$((${timeout%m} * 60))
-+	    ;;
-+	*h)
-+	    timeout=$((${timeout%h} * 3600))
-+	    ;;
-+    esac
-+
-+    read -t $timeout yn 2> /dev/null
-+    if [ $? -eq 2 ]
-+    then
-+	# read doesn't support timeout
-+	test -x /bin/bash || return 2 # bash is not installed so the feature is not available
-+	/bin/bash -c "read -t $timeout yn ; if [ \"\$yn\" == \"y\" ] ; then exit 0 ; else exit 1 ; fi" # invoke bash and use its version of read
-+	return $?
-+    else
-+	# read supports timeout
-+	case "$yn" in
-+	    y|Y)
-+		return 0
-+		;;
-+	    *)
-+		return 1
-+		;;
-+	esac
-+    fi
-+}
-+
- #
- # Safe-start/safe-reload/safe-restart Command Executor
- #

diff --git a/net-firewall/shorewall/shorewall-5.2.0.1.ebuild b/net-firewall/shorewall/shorewall-5.2.0.1.ebuild
deleted file mode 100644
index ef57ddf2042..00000000000
--- a/net-firewall/shorewall/shorewall-5.2.0.1.ebuild
+++ /dev/null
@@ -1,462 +0,0 @@
-# Copyright 1999-2018 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI="6"
-
-inherit linux-info prefix systemd versionator
-
-DESCRIPTION='A high-level tool for configuring Netfilter'
-HOMEPAGE="http://www.shorewall.net/"
-LICENSE="GPL-2"
-SLOT="0"
-IUSE="doc +init +ipv4 ipv6 lite4 lite6 selinux"
-
-MY_PV=${PV/_rc/-RC}
-MY_PV=${MY_PV/_beta/-Beta}
-MY_P=${PN}-${MY_PV}
-
-MY_MAJOR_RELEASE_NUMBER=$(get_version_component_range 1-2)
-MY_MAJORMINOR_RELEASE_NUMBER=$(get_version_component_range 1-3)
-
-# shorewall
-MY_PN_IPV4=Shorewall
-MY_P_IPV4=${MY_PN_IPV4/#S/s}-${MY_PV}
-
-# shorewall6
-MY_PN_IPV6=Shorewall6
-MY_P_IPV6=${MY_PN_IPV6/#S/s}-${MY_PV}
-
-# shorewall-lite
-MY_PN_LITE4=Shorewall-lite
-MY_P_LITE4=${MY_PN_LITE4/#S/s}-${MY_PV}
-
-# shorewall6-lite
-MY_PN_LITE6=Shorewall6-lite
-MY_P_LITE6=${MY_PN_LITE6/#S/s}-${MY_PV}
-
-# shorewall-init
-MY_PN_INIT=Shorewall-init
-MY_P_INIT=${MY_PN_INIT/#S/s}-${MY_PV}
-
-# shorewall-core
-MY_PN_CORE=Shorewall-core
-MY_P_CORE=${MY_PN_CORE/#S/s}-${MY_PV}
-
-# shorewall-docs-html
-MY_PN_DOCS=Shorewall-docs-html
-MY_P_DOCS=${MY_PN_DOCS/#S/s}-${MY_PV}
-
-# Upstream URL schema:
-# Beta:    $MIRROR/pub/shorewall/development/4.6/shorewall-4.6.4-Beta2/shorewall-4.6.4-Beta2.tar.bz2
-# RC:      $MIRROR/pub/shorewall/development/4.6/shorewall-4.6.4-RC1/shorewall-4.6.4-RC1.tar.bz2
-# Release: $MIRROR/pub/shorewall/4.6/shorewall-4.6.3/shorewall-4.6.3.3.tar.bz2
-
-MY_URL_PREFIX=
-MY_URL_SUFFIX=
-if [[ ${MY_PV} = *-Beta* ]] || [[ ${MY_PV} = *-RC* ]]; then
-	MY_URL_PREFIX='development/'
-
-	_tmp_last_index=$(($(get_last_version_component_index ${MY_PV})+1))
-	_tmp_suffix=$(get_version_component_range ${_tmp_last_index} ${MY_PV})
-	if [[ ${_tmp_suffix} = *Beta* ]] || [[ ${_tmp_suffix} = *RC* ]]; then
-		MY_URL_SUFFIX="-${_tmp_suffix}"
-	fi
-
-	# Cleaning up temporary variables
-	unset _tmp_last_index
-	unset _tmp_suffix
-else
-	KEYWORDS="~alpha ~amd64 ~hppa ~ppc ~ppc64 ~sparc ~x86"
-fi
-
-SRC_URI="
-	http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall-core-${MY_PV}.tar.bz2
-	ipv4? ( http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall-${MY_PV}.tar.bz2 )
-	ipv6? ( http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall6-${MY_PV}.tar.bz2 )
-	lite4? ( http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall-lite-${MY_PV}.tar.bz2 )
-	lite6? ( http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall6-lite-${MY_PV}.tar.bz2 )
-	init? ( http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall-init-${MY_PV}.tar.bz2 )
-	doc? ( http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/${MY_P_DOCS}.tar.bz2 )
-"
-
-# - Shorewall6 requires Shorewall
-# - Installing Shorewall-init or just the documentation doesn't make any sense,
-#   that's why we force the user to select at least one "real" Shorewall product
-#
-# See http://shorewall.net/download.htm#Which
-REQUIRED_USE="
-	ipv6? ( ipv4 )
-	|| ( ipv4 lite4 lite6 )
-"
-
-# No build dependencies! Just plain shell scripts...
-DEPEND=""
-
-RDEPEND="
-	>=net-firewall/iptables-1.4.20
-	>=sys-apps/iproute2-3.8.0[-minimal]
-	>=sys-devel/bc-1.06.95
-	ipv4? (
-		>=dev-lang/perl-5.16
-		virtual/perl-Digest-SHA
-	)
-	ipv6? (
-		>=dev-perl/Socket6-0.230.0
-		>=net-firewall/iptables-1.4.20[ipv6]
-		>=sys-apps/iproute2-3.8.0[ipv6]
-	)
-	lite6? (
-		>=net-firewall/iptables-1.4.20[ipv6]
-		>=sys-apps/iproute2-3.8.0[ipv6]
-	)
-	init? ( >=sys-apps/coreutils-8.20 )
-	selinux? ( >=sec-policy/selinux-shorewall-2.20161023-r3 )
-	!net-firewall/shorewall-core
-	!net-firewall/shorewall6
-	!net-firewall/shorewall-lite
-	!net-firewall/shorewall6-lite
-	!net-firewall/shorewall-init
-	!<sys-apps/systemd-214
-"
-
-S=${WORKDIR}
-
-pkg_pretend() {
-	local CONFIG_CHECK="~NF_CONNTRACK"
-
-	local WARNING_CONNTRACK="Without NF_CONNTRACK support, you will be unable"
-	local WARNING_CONNTRACK+=" to run any shorewall-based firewall on the local system."
-
-	if use ipv4 || use lite4; then
-		CONFIG_CHECK="${CONFIG_CHECK} ~NF_CONNTRACK_IPV4"
-
-		local WARNING_CONNTRACK_IPV4="Without NF_CONNTRACK_IPV4 support, you will"
-		local WARNING_CONNTRACK_IPV4+=" be unable to run any shorewall-based IPv4 firewall on the local system."
-	fi
-
-	if use ipv6 || use lite6; then
-		CONFIG_CHECK="${CONFIG_CHECK} ~NF_CONNTRACK_IPV6"
-
-		local WARNING_CONNTRACK_IPV6="Without NF_CONNTRACK_IPV6 support, you will"
-		local WARNING_CONNTRACK_IPV6+=" be unable to run any shorewall-based IPv6 firewall on the local system."
-	fi
-
-	check_extra_config
-}
-
-pkg_setup() {
-	if [[ -n "${DIGEST}" ]]; then
-		einfo "Unsetting environment variable \"DIGEST\" to prevent conflicts with package's \"install.sh\" script ..."
-		unset DIGEST
-	fi
-}
-
-src_prepare() {
-	# We are moving each unpacked source from MY_P_* to MY_PN_*.
-	# This allows us to use patches from upstream and keeps epatch_user working
-
-	einfo "Preparing shorewallrc ..."
-	cp "${FILESDIR}"/shorewallrc-r3 "${S}"/shorewallrc.gentoo || die "Copying shorewallrc failed"
-	eprefixify "${S}"/shorewallrc.gentoo
-	sed -i \
-		-e "s|SERVICEDIR=tbs|SERVICEDIR=$(systemd_get_systemunitdir)|" \
-		"${S}"/shorewallrc.gentoo || die "Failed to update shorewallrc"
-
-	# shorewall-core
-	mv "${S}"/${MY_P_CORE} "${S}"/${MY_PN_CORE} || die "Failed to move '${S}/${MY_P_CORE}' to '${S}/${MY_PN_CORE}'"
-	ebegin "Applying Gentoo-specific changes to ${MY_P_CORE} ..."
-	ln -s ../shorewallrc.gentoo ${MY_PN_CORE}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo"
-	eend 0
-
-	# shorewall
-	if use ipv4; then
-		mv "${S}"/${MY_P_IPV4} "${S}"/${MY_PN_IPV4} || die "Failed to move '${S}/${MY_P_IPV4}' to '${S}/${MY_PN_IPV4}'"
-		ebegin "Applying Gentoo-specific changes to ${MY_P_IPV4}"
-		ln -s ../shorewallrc.gentoo ${MY_PN_IPV4}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo"
-		cp "${FILESDIR}"/shorewall.confd-r1 "${S}"/${MY_PN_IPV4}/default.gentoo || die "Copying shorewall.confd-r1 failed"
-		cp "${FILESDIR}"/shorewall.initd-r3 "${S}"/${MY_PN_IPV4}/init.gentoo.sh || die "Copying shorewall.initd-r2 failed"
-		cp "${FILESDIR}"/shorewall.systemd "${S}"/${MY_PN_IPV4}/gentoo.service || die "Copying shorewall.systemd failed"
-		eend 0
-
-		eapply "${FILESDIR}"/shorewall-5.2.0.1-YESNO.patch
-		eapply "${FILESDIR}"/shorewall-5.2.0.1-AUTOMAKE-SAVE.patch
-	fi
-
-	# shorewall6
-	if use ipv6; then
-		mv "${S}"/${MY_P_IPV6} "${S}"/${MY_PN_IPV6} || die "Failed to move '${S}/${MY_P_IPV6}' to '${S}/${MY_PN_IPV6}'"
-		ebegin "Applying Gentoo-specific changes to ${MY_P_IPV6}"
-		ln -s ../shorewallrc.gentoo ${MY_PN_IPV6}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo"
-		cp "${FILESDIR}"/shorewall.confd-r1 "${S}"/${MY_PN_IPV6}/default.gentoo || die "Copying shorewall.confd-r1 failed"
-		cp "${FILESDIR}"/shorewall.initd-r3 "${S}"/${MY_PN_IPV6}/init.gentoo.sh || die "Copying shorewall.initd-r2 failed"
-		cp "${FILESDIR}"/shorewall6.systemd "${S}"/${MY_PN_IPV6}/gentoo.service || die "Copying shorewall6.systemd failed"
-		eend 0
-	fi
-
-	# shorewall-lite
-	if use lite4; then
-		mv "${S}"/${MY_P_LITE4} "${S}"/${MY_PN_LITE4} || die "Failed to move '${S}/${MY_P_LITE4}' to '${S}/${MY_PN_LITE4}'"
-		ebegin "Applying Gentoo-specific changes to ${MY_P_LITE4}"
-		ln -s ../shorewallrc.gentoo ${MY_PN_LITE4}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo"
-		cp "${FILESDIR}"/shorewall-lite.confd-r1 "${S}"/${MY_PN_LITE4}/default.gentoo || die "Copying shorewall-lite.confd-r1 failed"
-		cp "${FILESDIR}"/shorewall-lite.initd-r3 "${S}"/${MY_PN_LITE4}/init.gentoo.sh || die "Copying shorewall-lite.initd-r2 failed"
-		cp "${FILESDIR}"/shorewall-lite.systemd "${S}"/${MY_PN_LITE4}/gentoo.service || die "Copying shorewall-lite.systemd failed"
-		eend 0
-	fi
-
-	# shorewall6-lite
-	if use lite6; then
-		mv "${S}"/${MY_P_LITE6} "${S}"/${MY_PN_LITE6} || die "Failed to move '${S}/${MY_P_LITE6}' to '${S}/${MY_PN_LITE6}'"
-		ebegin "Applying Gentoo-specific changes to ${MY_P_LITE6}"
-		ln -s ../shorewallrc.gentoo ${MY_PN_LITE6}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo"
-		cp "${FILESDIR}"/shorewall-lite.confd-r1 "${S}"/${MY_PN_LITE6}/default.gentoo || die "Copying shorewall-lite.confd-r1 failed"
-		cp "${FILESDIR}"/shorewall-lite.initd-r3 "${S}"/${MY_PN_LITE6}/init.gentoo.sh || die "Copying shorewall-lite.initd-r2 failed"
-		cp "${FILESDIR}"/shorewall6-lite.systemd "${S}"/${MY_PN_LITE6}/gentoo.service || die "Copying shorewall6-lite.systemd failed"
-		eend 0
-	fi
-
-	# shorewall-init
-	if use init; then
-		mv "${S}"/${MY_P_INIT} "${S}"/${MY_PN_INIT} || die "Failed to move '${S}/${MY_P_INIT}' to '${S}/${MY_PN_INIT}'"
-		ebegin "Applying Gentoo-specific changes to ${MY_P_INIT}"
-		ln -s ../shorewallrc.gentoo ${MY_PN_INIT}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo"
-		cp "${FILESDIR}"/shorewall-init.confd "${S}"/${MY_PN_INIT}/default.gentoo || die "Copying shorewall-init.confd failed"
-		cp "${FILESDIR}"/shorewall-init.initd "${S}"/${MY_PN_INIT}/init.gentoo.sh || die "Copying shorewall-init.initd failed"
-		cp "${FILESDIR}"/shorewall-init.systemd "${S}"/${MY_PN_INIT}/gentoo.service || die "Copying shorewall-init.systemd failed"
-		cp "${FILESDIR}"/shorewall-init.readme "${S}"/${MY_PN_INIT}/shorewall-init.README.Gentoo.txt || die "Copying shorewall-init.systemd failed"
-		eend 0
-
-		eprefixify "${S}"/${MY_PN_INIT}/init.gentoo.sh
-
-		cd "${S}"/${MY_PN_INIT} || die
-		eapply -p2 "${FILESDIR}"/shorewall-init-01_remove-ipset-functionality-r1.patch
-		cd "${S}" || die
-	fi
-
-	# shorewall-docs-html
-	if use doc; then
-		mv "${S}"/${MY_P_DOCS} "${S}"/${MY_PN_DOCS} || die "Failed to move '${S}/${MY_P_DOCS}' to '${S}/${MY_PN_DOCS}'"
-	fi
-
-	eapply_user
-}
-
-src_configure() {
-	:;
-}
-
-src_compile() {
-	:;
-}
-
-src_install() {
-	# shorewall-core
-	einfo "Installing ${MY_P_CORE} ..."
-	DESTDIR="${D%/}" ${MY_PN_CORE}/install.sh shorewallrc.gentoo || die "${MY_PN_CORE}/install.sh failed"
-	dodoc "${S}"/${MY_PN_CORE}/changelog.txt "${S}"/${MY_PN_CORE}/releasenotes.txt
-
-	# shorewall
-	if use ipv4; then
-		einfo "Installing ${MY_P_IPV4} ..."
-		DESTDIR="${D%/}" ${MY_PN_IPV4}/install.sh shorewallrc.gentoo || die "${MY_PN_IPV4}/install.sh failed"
-		keepdir /var/lib/shorewall
-
-		if use doc; then
-			dodoc -r "${S}"/${MY_PN_IPV4}/Samples
-		fi
-	fi
-
-	# shorewall6
-	if use ipv6; then
-		einfo "Installing ${MY_P_IPV6} ..."
-		DESTDIR="${D%/}" ${MY_PN_IPV6}/install.sh shorewallrc.gentoo || die "${MY_PN_IPV6}/install.sh failed"
-		keepdir /var/lib/shorewall6
-
-		if use doc; then
-			dodoc -r "${S}"/${MY_PN_IPV6}/Samples6
-		fi
-	fi
-
-	# shorewall-lite
-	if use lite4; then
-		einfo "Installing ${MY_P_LITE4} ..."
-		DESTDIR="${D%/}" ${MY_PN_LITE4}/install.sh shorewallrc.gentoo || die "${MY_PN_LITE4}/install.sh failed"
-		keepdir /var/lib/shorewall-lite
-	fi
-
-	# shorewall6-lite
-	if use lite6; then
-		einfo "Installing ${MY_P_LITE6} ..."
-		DESTDIR="${D%/}" ${MY_PN_LITE6}/install.sh shorewallrc.gentoo || die "${MY_PN_LITE6}/install.sh failed"
-		keepdir /var/lib/shorewall6-lite
-	fi
-
-	# shorewall-init
-	if use init; then
-		einfo "Installing ${MY_P_INIT} ..."
-		DESTDIR="${D%/}" ${MY_PN_INIT}/install.sh shorewallrc.gentoo || die "${MY_PN_INIT}/install.sh failed"
-		dodoc "${S}"/${MY_PN_INIT}/shorewall-init.README.Gentoo.txt
-
-		if [[ -f "${D}etc/logrotate.d/shorewall-init" ]]; then
-			# On Gentoo, shorewall-init will not create shorewall-ifupdown.log,
-			# so we don't need a logrotate configuration file for shorewall-init
-			einfo "Removing unused \"${D}etc/logrotate.d/shorewall-init\" ..."
-			rm -rf "${D}"etc/logrotate.d/shorewall-init || die "Removing \"${D}etc/logrotate.d/shorewall-init\" failed"
-		fi
-
-		if [[ -d "${D}etc/NetworkManager" ]]; then
-			# On Gentoo, we don't support NetworkManager
-			# so we don't need this folder at all
-			einfo "Removing unused \"${D}etc/NetworkManager\" ..."
-			rm -rf "${D}"etc/NetworkManager || die "Removing \"${D}etc/NetworkManager\" failed"
-		fi
-
-		if [[ -f "${D}usr/share/shorewall-init/ifupdown" ]]; then
-			# This script isn't supported on Gentoo
-			rm -rf "${D}"usr/share/shorewall-init/ifupdown || die "Removing \"${D}usr/share/shorewall-init/ifupdown\" failed"
-		fi
-	fi
-
-	if use doc; then
-		einfo "Installing ${MY_P_DOCS} ..."
-		docinto html && dodoc -r "${S}"/${MY_PN_DOCS}/*
-	fi
-}
-
-pkg_postinst() {
-	if [[ -z "${REPLACING_VERSIONS}" ]]; then
-		# This is a new installation
-
-		# Show first steps for shorewall/shorewall6
-		local _PRODUCTS=""
-		if use ipv4; then
-			_PRODUCTS="shorewall"
-
-			if use ipv6; then
-				_PRODUCTS="${_PRODUCTS}/shorewall6"
-			fi
-		fi
-
-		if [[ -n "${_PRODUCTS}" ]]; then
-			elog "Before you can use ${_PRODUCTS}, you need to edit its configuration in:"
-			elog ""
-			elog "  /etc/shorewall/shorewall.conf"
-
-			if use ipv6; then
-				elog "  /etc/shorewall6/shorewall6.conf"
-			fi
-
-			elog ""
-			elog "To activate your shorewall-based firewall on system start, please add ${_PRODUCTS} to your default runlevel:"
-			elog ""
-			elog "  # rc-update add shorewall default"
-
-			if use ipv6; then
-				elog "  # rc-update add shorewall6 default"
-			fi
-		fi
-
-		# Show first steps for shorewall-lite/shorewall6-lite
-		_PRODUCTS=""
-		if use lite4; then
-			_PRODUCTS="shorewall-lite"
-		fi
-
-		if use lite6; then
-			if [[ -z "${_PRODUCTS}" ]]; then
-				_PRODUCTS="shorewall6-lite"
-			else
-				_PRODUCTS="${_PRODUCTS}/shorewall6-lite"
-			fi
-		fi
-
-		if [[ -n "${_PRODUCTS}" ]]; then
-			if use ipv4; then
-				elog ""
-			fi
-
-			elog "Before you can use ${_PRODUCTS}, you need to provide a configuration, which you can"
-			elog "create using ${CATEGORY}/shorewall (with \"ipv4\" and or \"ipv6\" USE flag)."
-			elog ""
-			elog "To read more about ${_PRODUCTS}, please visit"
-			elog "  http://shorewall.net/CompiledPrograms.html"
-			elog ""
-			elog "To activate your shorewall-lite-based firewall on system start, please add ${PRODUCTS} to your default runlevel:"
-			elog ""
-
-			if use lite4; then
-				elog "  # rc-update add shorewall-lite default"
-			fi
-
-			if use lite6; then
-				elog "  # rc-update add shorewall6-lite default"
-			fi
-		fi
-
-		if use init; then
-			elog ""
-			elog "To secure your system on boot, please add shorewall-init to your boot runlevel:"
-			elog ""
-			elog "  # rc-update add shorewall-init boot"
-			elog ""
-			elog "and review \$PRODUCTS in"
-			elog ""
-			elog "  /etc/conf.d/shorewall-init"
-		fi
-
-	fi
-
-	local v
-	for v in ${REPLACING_VERSIONS}; do
-		if ! version_is_at_least ${MY_MAJOR_RELEASE_NUMBER} ${v}; then
-			# This is an upgrade
-
-			elog "You are upgrading from a previous major version. It is highly recommended that you read"
-			elog ""
-			elog "  - /usr/share/doc/shorewall*/releasenotes.tx*"
-			elog "  - http://shorewall.net/Shorewall-5.html#idm214"
-
-			if use ipv4; then
-				elog ""
-				elog "You can auto-migrate your configuration using"
-				elog ""
-				elog "  # shorewall update -A"
-
-				if use ipv6; then
-					elog "  # shorewall6 update -A"
-				fi
-
-				elog ""
-				elog "*after* you have merged the changed files using one of the configuration"
-				elog "files update tools of your choice (dispatch-conf, etc-update...)."
-
-				elog ""
-				elog "But if you are not familiar with the \"shorewall[6] update\" command,"
-				elog "please read the shorewall[6] man page first."
-			fi
-
-			# Show this elog only once
-			break
-		fi
-	done
-
-	if ! use init; then
-		elog ""
-		elog "Consider emerging ${CATEGORY}/${PN} with USE flag \"init\" to secure your system on boot"
-		elog "before your shorewall-based firewall is ready to start."
-		elog ""
-		elog "To read more about shorewall-init, please visit"
-		elog "  http://www.shorewall.net/Shorewall-init.html"
-	fi
-
-	if ! has_version "net-firewall/conntrack-tools"; then
-		elog ""
-		elog "Your Shorewall firewall can utilize \"conntrack\" from the \"net-firewall/conntrack-tools\""
-		elog "package. if you want to use this feature, you need to install \"net-firewall/conntrack-tools\"!"
-	fi
-
-	if ! has_version "dev-perl/Devel-NYTProf"; then
-		elog ""
-		elog "If you want to profile your Shorewall firewall you need to install \"dev-perl/Devel-NYTProf\"!"
-	fi
-}

[gentoo-commits] repo/gentoo:master commit in: net-firewall/shorewall/files/, net-firewall/shorewall/

[Thomas Deutschmann]

commit:     73ac8bf55325475ae98cf3eca128388f73f15649
Author:     Thomas Deutschmann <whissi <AT> gentoo <DOT> org>
AuthorDate: Thu Jun  7 00:01:27 2018 +0000
Commit:     Thomas Deutschmann <whissi <AT> gentoo <DOT> org>
CommitDate: Thu Jun  7 00:01:27 2018 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=73ac8bf5

net-firewall/shorewall: drop old

Package-Manager: Portage-2.3.40, Repoman-2.3.9

 net-firewall/shorewall/Manifest                    |  21 -
 .../shorewall/files/shorewall-lite.initd-r2        |  90 ----
 net-firewall/shorewall/files/shorewall.initd-r2    | 107 -----
 net-firewall/shorewall/files/shorewallrc-r2        |  24 --
 net-firewall/shorewall/shorewall-5.1.12.4.ebuild   | 459 ---------------------
 net-firewall/shorewall/shorewall-5.2.0.2.ebuild    | 459 ---------------------
 net-firewall/shorewall/shorewall-5.2.0.3.ebuild    | 459 ---------------------
 7 files changed, 1619 deletions(-)

diff --git a/net-firewall/shorewall/Manifest b/net-firewall/shorewall/Manifest
index ad42f46bf1c..df74226f872 100644
--- a/net-firewall/shorewall/Manifest
+++ b/net-firewall/shorewall/Manifest
@@ -1,28 +1,7 @@
-DIST shorewall-5.1.12.4.tar.bz2 555854 BLAKE2B 697fb7dbe4217b3a8d7230b3d79cec94f33ff69975b9f52477def8424e2ed9c79614e5aff4a40e31c2c0c69bc32f88c40810b7b1e5381037df1cf225b8bf97ec SHA512 25038865df0b3a4d1bcdb14b58108cd0f42e8738c3415ef2ce6fcbf3b15fc651fa90ce6adcfc3c67d6e0dd18709c4862a3ca18f1976e6c96567db6cdae86e000
-DIST shorewall-5.2.0.2.tar.bz2 537374 BLAKE2B 650b3f23307be51b3a4ce75dcdfb3024ab476b5b5a2119b92181a8fc304ea6c4d1bdad342163eff4ea797d6dd18de0c0f1cf26d4de1e48f5fb0b384c25c85edf SHA512 e80525599956316fbd1421fce95e2e6adc0a2992ef1791b3d4d5a339100859c34396e19ee4f00f430f5808fc160c09e6f7a7f4f619bbbe21422524f1daaa1849
-DIST shorewall-5.2.0.3.tar.bz2 538053 BLAKE2B 1488177b2151c90790cc3f1d9dd186e502189cc483a908e477adf878d52feb423e4a64c7a39470555ac06329124f01fd5918dd4d0b404f0435ab3ad34be0bd18 SHA512 37ae7d0ea9ebb86f75cf9a4572ee84118aba87b2690c76457f76313502a3abd96b5f5b700d7c650d98db7f0655d8f2ba0a0fece269613bb153fa3a2f6158b05b
 DIST shorewall-5.2.0.4.tar.bz2 538938 BLAKE2B 1df68e166f5f443f120b9f45010da005b3d86a51d09c059d0886a2735c6d27c1568ae0422998f001deb48c512cb9fed23cbad423754682b06e9a4b5176b45cef SHA512 b44622972d4b4ffcde9d7da57d3994279f3962bb2d2e13892d7d77453da502527ab89cb59fb6692341b5d166cb7a3e31909df31dc21c758707eff29f3ab2c9a0
-DIST shorewall-core-5.1.12.4.tar.bz2 86548 BLAKE2B 8384c2f8ec673db3f0fed04af702e1967d41133f3a066ba09cbd58199654878d4d6c73730a933525304d68f7834c80d5c2a2452a4dd6faa71e2580deadf3189e SHA512 f77ae4080fa81a3259ab620ba7615c4188e6bec0244e898702dc641aacd8ac54160331e270b3708d818bfa9452cf96014868199a48c28f15c50d128365cb62e6
-DIST shorewall-core-5.2.0.2.tar.bz2 75108 BLAKE2B 2523d3fbdb0755c9c14195dedd0a4db2329b96a1ac5bde1eed1f0bb5623f89e18fab641d84074999b3058f73da75c9d306d372e02fac0bd735b0247256dad123 SHA512 1a6b94d25a09eeb464e4e35dee6e10a505d9fe271f034bc92763bed5c7bae44f88de68321f4b21bef4ef6e199d746d24fb4be077c676f96d9c84d8dfd453f370
-DIST shorewall-core-5.2.0.3.tar.bz2 75625 BLAKE2B fd8ae63da974088958ffb4a0a9b3d740556f60e1f73b50614af1fd337cf0c715cbd79f003085df1d6a2e1ad1203b8f322aea56e4808dbc920c3c09ef7011a4d5 SHA512 c67f0c64272c03650d4c3a727bcc0f9fc5771eb10e8b914e0c4709b4fda5ee1bea98a6e2a84eb43ee44a41005d8b05bf869ec7c61be582d3b82936f33a6d3d0a
 DIST shorewall-core-5.2.0.4.tar.bz2 76022 BLAKE2B 58602e01f7a7b6e6853c847fa38bfff2fbeb57ea68ffd124f9e556b0137bef65bfe25c8b7c70f0d6fc7b21dab7e82401985a08f0a1a8c4ca6159cbfd1862712c SHA512 bfd21f249fa3b7a952bf9aeead91eac0f7db6c2f3c386e9d2aca9645916b8a799ce58ac7b6edb93d0b934d224824f9cd94b8db63a0b35a260051209613561bf4
-DIST shorewall-docs-html-5.1.12.4.tar.bz2 4281202 BLAKE2B 51624bf6a36766fa8f1aad9600885dc2b92f656ef3a7bc6cf3704a33d2e014af590bbe1621793bd77d291baa3441a0f493c27f838159ccbb15b0684ab26f4bef SHA512 e1592137013b463a7cbd28c7354f51b36460c054d55e1819198b72c600ccbdc8b3fee4bab33d7a71466397338bd38e0aa6312f1c182e79052f249c51d1017dc1
-DIST shorewall-docs-html-5.2.0.2.tar.bz2 4294083 BLAKE2B 3ce667e656359f7d2f27bd03a47f2eae9f407a04f7b2921ad7099729164c40b3a88b2651052c3b28a3ab404953bef811da499f6acd4eb432648bf6d727124a20 SHA512 751f2c426e8abe9a5af396df39d4b67ccf674113b4b595916c6d44c14ace67f82ae2ffc84500b25d2876f0356b02c96383068d54fa97804afe464d2d5eccba31
-DIST shorewall-docs-html-5.2.0.3.tar.bz2 4295064 BLAKE2B a4913ac5138a2ee1c0c8640a7e2ea4e40bd4324aee0ffd6d4b228b41065d4d4e9e55ef0d600fd93dca8cb3ee73aeb2df196496d68dd11b40b23ce7c96ec0f9d6 SHA512 1e887b7eb0c4d0a78be7857a537f7cfa1307b43feed6396c5db289de5a2ea13547e25311bdd1e1dd48cd460e12ff71ce1520f1ec0feab87753f10cfeb45873c1
 DIST shorewall-docs-html-5.2.0.4.tar.bz2 4294681 BLAKE2B b6e975ddefae5dc7fd0a9be58c6fd231e828ed8e18e2405202766068b37796c075785c2cc05f25bc9decc50fbdfc01bad8d8f929b90592aa2e8cc040719e3cf1 SHA512 2685161f9d25cf745831f603129c4e9a33a264118698392f589e481a76bcb082dad14c9be6dc57c29441eb9807d842e5f08b3483e1e03099f0059f10ea907d91
-DIST shorewall-init-5.1.12.4.tar.bz2 41541 BLAKE2B 149b31b2ffd37c64cfc69de7d2d3a39824ce427a98a84f4e96af02aad9e04f0973f862ea0b158245a1d806504dc0dac9a5a554776d9533a7c88dbf6c096d4d07 SHA512 971f0a7a25f49c289e9c9d6d564e05b7f2675d271ef95c15b06a4a4e878a74c5b13a1ea80411014a5130f53267df6691042b313c423db193b9cd6cde172ed359
-DIST shorewall-init-5.2.0.2.tar.bz2 29749 BLAKE2B c70067951d458bc54434214dc2b4764c0c52aca457a21c4c77d3ae6cc0586fc5ce325549f7a5df9c18c255113e7d71a4f687a6a72fc81528b7611a3edacab864 SHA512 1fef0feea7e36d2f12373e64d898129e2e49c66f3f182fad950f5aced6615ff2b59cea66c1d2c475e9a781c0faf50541642c71e69dda68fa41ab86509134b511
-DIST shorewall-init-5.2.0.3.tar.bz2 30209 BLAKE2B 93e80935fd659b073e85ea0281f749a8bfebcc752e8fb1134af21a0bf262c7a7ba0f96ed8ce2aba37b592cd4bfef0a8e714dce25c3e1af9529c4acafe52502cd SHA512 988342ba1755373ecc89bf139eb6ca7a3fb78081a84e510a2827d174129bb24e06cb36fb474f9cce1056879997bc641152da18d8feb57429686a88e8cc1c8b9d
 DIST shorewall-init-5.2.0.4.tar.bz2 30526 BLAKE2B a8ac5bf7e650a58d87b608321e0ed40d8b73ed675d5b5b64ff5859149f04aca507d7a83ff6ca9c7801c84fb416d22fdc930199731a9134ef529b29cf1ec01a67 SHA512 c4e2bcf5a2f7b8fae30773a930ac7433cc8678f7bb52958ecd92a4ce5f0a78041e45578bd47e01ad72fe9fc1a3cbcda2995bd9379cc90917a31b3f676c12beb6
-DIST shorewall-lite-5.1.12.4.tar.bz2 47209 BLAKE2B ca39daa7a864b86cd9075f8604d053984ef8c451285520c568b83171163513bdbe7f910b21638f4f69e716d4bdbb4f148856b02dbe83392789d8b962669374e1 SHA512 1bcdb90fccc634103ff190be9a058abf1b5158d562702c8c1ad51e8edebc2939271f3279bcb0fd8ff7389ea175387ce5a090a0d9e5655524a11203b5c0d55604
-DIST shorewall-lite-5.2.0.2.tar.bz2 35577 BLAKE2B 462480b73a4cb70e2c09f7b1c4607cc748d1ff5d6ca511b2076edd7872865442ede343e3b26be2c46665a1c6beed5290584ccf0da6f93bc62ea1da1faf90abb3 SHA512 eb68b4b2b92a87c80f80b950bb5c2fc4f035f7650d786e4999d262bb21e2a5ee439e804aee4b3b0fb187b086ba4d899725a031f38d4138bec151969f9a874663
-DIST shorewall-lite-5.2.0.3.tar.bz2 36011 BLAKE2B 42e362eb8a17c8115ae3afd5985a367b51abda853466d204de033a064b7cdf9967596d10eb064fa61378c5292661bc884face83ab1f54cf30526e978c562346f SHA512 d76a63e8a1ab7701c91d5344f7dbe29f3cc3f10ca7b5f7886573e41f828f53e5a50af94004abbe01ab2a52551a86b25f4bce74f867cc8b5a0d9b28ec10ba7ae4
 DIST shorewall-lite-5.2.0.4.tar.bz2 36307 BLAKE2B ad95e4f640ae1f05936dd5dbc87e4acaf6dd576bd6704f650c8bfdc437284f0c121563427f89dbe5de4e19f543f3e182ff0d5a333da8c8416aae24994ac52ed0 SHA512 55bb514d9446c953de0453b8016105ed2471420d2ca6346cbd986f03cec5e713a1d27d5e08ddc6cf54cd6e5f936cf9a826eac622596480374929f41c062e8803
-DIST shorewall6-5.1.12.4.tar.bz2 197179 BLAKE2B 1c120388d0b8eafdbf6ec2fb64a8cc3e1e301dd109bb03f5dcfce60c534489210f669327eaa07bac5fbc7497e39c9167586f02017318ce9a2b054b4a39e4ae50 SHA512 9ff09b093f641452d3c5d615163336c903c74d4133cd620982760df6b8ee3acc704c460adb5db52b109f768d623152e47617c7d05742c2e6f19527c34eec9a61
-DIST shorewall6-5.2.0.2.tar.bz2 186161 BLAKE2B 97414d6c8d3c6cf9100330ff6d9be9808f9aa354ab4c535429b8593dba0d5f328469bd42e928f33f66ba40a0e91dfcc45d47d2b405a6ccdc814fb1e2c9a977dc SHA512 ec551998f04cd9b1ac0c791cbdc45068b402d5be89e2fd0e1a6eb95b288b339ed49c23bac73e81f324e8c277b66772d2ef5b11aed7a4b085a5ed0047fb96b1da
-DIST shorewall6-5.2.0.3.tar.bz2 185097 BLAKE2B dcbb3d42f257a2ed4c9f8e1f5185651700a7735d509c0f2a213608fb4c854c50c7330969f370449df62d5c95c9bbff609f955aafe472208940f83ddfe4da50db SHA512 ef14ac0759afe95a27c0a3a6217d884c0d95636cbee342c24c49ccc77f4538c2175a91866f96d7e79c992ab062d9a7a3e005a4580aaf4ccfe5ff524062bde8df
 DIST shorewall6-5.2.0.4.tar.bz2 186267 BLAKE2B 4076c94596e462d4f150d734700d400db90ca1d0bd788152e5421d581890cf28d7e6546d2ac0c604625cdf25771415229b2a3324153ec5439cddfcab73464ae5 SHA512 e8989b5c6fcc1162f42e884cdb0fff47baed61b69c39b8bbdaf78b246f95ee0bf6690fce3a6ae14eff2bf48d64b762b170d67462dc685f594dfd70a2e3720a01
-DIST shorewall6-lite-5.1.12.4.tar.bz2 46902 BLAKE2B 6e9bad615833beacbb0d4b779dc8479cad73c1964bc2220541419b99a7fc8dd1b57ca42d61d6ef708460beffa65106166dbd5c60a90ce7f4cdf60ce3a879defb SHA512 95b5b96b3744bd1a499d00b4f98d71b264369752e6fd9ede21717657785833d1124b97434fe33457bc6f80026b204eb9306d73af9eb8abf23840291ecc1caf32
-DIST shorewall6-lite-5.2.0.2.tar.bz2 35311 BLAKE2B bb25abc719c776571273219df6a3ba89ffe2553efbb4e93755b3deabce9f34851024f72d5ab328ee9caa55ab3744e35f08013ae8fda19c480e6d907e7257f8fe SHA512 2c39805d17cd8d9710d175d583958cc25ac0f78351a36c36ff57e7a9c8db87bd64ddf5c27352c916d42db2a26864cb9e96f83e5b1677e24964e67315dc2fb086
-DIST shorewall6-lite-5.2.0.3.tar.bz2 35704 BLAKE2B bad1f19cb53258a33bb8bc15cc4bab24c00a2fe1d63b95859565466ef549726efa70ce8ba9e8aa6317eaae3106e32c0ad41bc92d34e111011b66382476a2dda6 SHA512 272f47172267d5b31a2fe46fdae20cf18215a2ec9833eb634eced80d3f0e40a99d7dff8ae856f536bce425392ab9b4aaa7f7e19eb55958224f9f1c0769c72069
 DIST shorewall6-lite-5.2.0.4.tar.bz2 36035 BLAKE2B edbdee2b979c0d2144e358b6e8b52808578923498c0da4f906ed6aa8460153879dd5f8b4cf98da4bcecc90a6a776d39ef17492881c093a018ccdc5b86e0c0bab SHA512 c212ba3f6bacab1b26bbc5c13a2bac2f1f796c7fa3d442f398c91ff367f242a9562ff2191b9b678e82d07a96c2dc39a0109d30417154e6cfd4f2c4c6e31b616f

diff --git a/net-firewall/shorewall/files/shorewall-lite.initd-r2 b/net-firewall/shorewall/files/shorewall-lite.initd-r2
deleted file mode 100644
index b319a0e7af2..00000000000
--- a/net-firewall/shorewall/files/shorewall-lite.initd-r2
+++ /dev/null
@@ -1,90 +0,0 @@
-#!/sbin/openrc-run
-# Copyright 1999-2016 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-
-if [ "${RC_SVCNAME}" = "shorewall6-lite" ]; then
-	PRODUCT_NAME="Shorewall6-Lite"
-	command="/usr/sbin/shorewall6-lite"
-else
-	PRODUCT_NAME="Shorewall-Lite"
-	command="/usr/sbin/shorewall-lite"
-fi
-
-description="The Shoreline Firewall Lite, more commonly known as \"${PRODUCT_NAME}\", is"
-description="${description} a high-level tool for configuring Netfilter."
-
-extra_commands="clear"
-extra_started_commands="reload reset"
-
-description_clear="Clear will remove all rules and chains installed by"
-description_clear="${description_clear} ${PRODUCT_NAME}. The firewall is"
-description_clear="${description_clear} then wide open and unprotected."
-
-description_reload="Reload is similar to \"${RC_SERVICE} start\" except that it assumes"
-description_reload="${description_reload} that the firewall is already started."
-description_reload="${description_reload} Existing connections are maintained."
-
-description_reset="All the packet and byte counters in the firewall are reset."
-
-depend() {
-	provide firewall
-	after ulogd
-}
-
-clear() {
-	ebegin "Clearing all ${RC_SVCNAME} rules and setting policy to ACCEPT"
-	${command} ${OPTIONS} clear 1>/dev/null
-	eend $?
-}
-
-reload() {
-	ebegin "Reloading ${RC_SVCNAME}"
-	${command} ${OPTIONS} reload ${RELOADOPTIONS} 1>/dev/null
-	eend $?
-}
-
-reset() {
-	ebegin "Resetting the packet and byte counters in ${RC_SVCNAME}"
-	${command} ${OPTIONS} reset 1>/dev/null
-	eend $?
-}
-
-restart() {
-	local _retval
-	ebegin "Restarting ${RC_SVCNAME}"
-	${command} status 1>/dev/null
-	_retval=$?
-	if [ ${_retval} = '0' ]; then
-		svc_start
-	else
-		${command} ${OPTIONS} restart ${RESTARTOPTIONS} 1>/dev/null
-	fi
-	eend $?
-}
-
-start() {
-	ebegin "Starting ${RC_SVCNAME}"
-	${command} ${OPTIONS} start ${STARTOPTIONS} 1>/dev/null
-	eend $?
-}
-
-status() {
-	local _retval
-	${command} status 1>/dev/null
-	_retval=$?
-	if [ ${_retval} = '0' ]; then
-		einfo 'status: started'
-		mark_service_started "${SVCNAME}"
-		return 0
-	else
-		einfo 'status: stopped'
-		mark_service_stopped "${SVCNAME}"
-		return 3
-	fi
-}
-
-stop() {
-	ebegin "Stopping ${RC_SVCNAME}"
-	${command} ${OPTIONS} stop ${STOPOPTIONS} 1>/dev/null
-	eend $?
-}

diff --git a/net-firewall/shorewall/files/shorewall.initd-r2 b/net-firewall/shorewall/files/shorewall.initd-r2
deleted file mode 100644
index 4826610e221..00000000000
--- a/net-firewall/shorewall/files/shorewall.initd-r2
+++ /dev/null
@@ -1,107 +0,0 @@
-#!/sbin/openrc-run
-# Copyright 1999-2016 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-
-if [ "${RC_SVCNAME}" = "shorewall6" ]; then
-	PRODUCT_NAME="Shorewall6"
-	command="/usr/sbin/shorewall6"
-else
-	PRODUCT_NAME="Shorewall"
-	command="/usr/sbin/shorewall"
-fi
-
-description="The Shoreline Firewall, more commonly known as \"${PRODUCT_NAME}\", is"
-description="${description} a high-level tool for configuring Netfilter."
-
-extra_commands="check clear"
-extra_started_commands="refresh reload reset"
-
-description_check="Checks if the configuration will compile or not."
-
-description_clear="Clear will remove all rules and chains installed by"
-description_clear="${description_clear} ${PRODUCT_NAME}. The firewall is then"
-description_clear="${description_clear} wide open and unprotected."
-
-description_refresh="The mangle table will be refreshed along with the"
-description_refresh="${description_refresh} blacklist chain (if any)."
-
-description_reload="Reload is similar to \"${RC_SERVICE} start\" except that it assumes"
-description_reload="${description_reload} that the firewall is already started."
-description_reload="${description_reload} Existing connections are maintained."
-
-description_reset="All the packet and byte counters in the firewall are reset."
-
-depend() {
-	provide firewall
-	after ulogd
-}
-
-check() {
-	ebegin "Checking ${RC_SVCNAME} configuration"
-	${command} ${OPTIONS} check 1>/dev/null
-	eend $?
-}
-
-clear() {
-	ebegin "Clearing all ${RC_SVCNAME} rules and setting policy to ACCEPT"
-	${command} ${OPTIONS} clear 1>/dev/null
-	eend $?
-}
-
-refresh() {
-	ebegin "Refreshing ${RC_SVCNAME} rules"
-	${command} ${OPTIONS} refresh 1>/dev/null
-	eend $?
-}
-
-reload() {
-	ebegin "Reloading ${RC_SVCNAME}"
-	${command} ${OPTIONS} reload ${RELOADOPTIONS} 1>/dev/null
-	eend $?
-}
-
-reset() {
-	ebegin "Resetting the packet and byte counters in ${RC_SVCNAME}"
-	${command} ${OPTIONS} reset 1>/dev/null
-	eend $?
-}
-
-restart() {
-	local _retval
-	ebegin "Restarting ${RC_SVCNAME}"
-	${command} status 1>/dev/null
-	_retval=$?
-	if [ ${_retval} = '0' ]; then
-		svc_start
-	else
-		${command} ${OPTIONS} restart ${RESTARTOPTIONS} 1>/dev/null
-	fi
-	eend $?
-}
-
-start() {
-	ebegin "Starting ${RC_SVCNAME}"
-	${command} ${OPTIONS} start ${STARTOPTIONS} 1>/dev/null
-	eend $?
-}
-
-status() {
-	local _retval
-	${command} status 1>/dev/null
-	_retval=$?
-	if [ ${_retval} = '0' ]; then
-		einfo 'status: started'
-		mark_service_started "${SVCNAME}"
-		return 0
-	else
-		einfo 'status: stopped'
-		mark_service_stopped "${SVCNAME}"
-		return 3
-	fi
-}
-
-stop() {
-	ebegin "Stopping ${RC_SVCNAME}"
-	${command} ${OPTIONS} stop ${STOPOPTIONS} 1>/dev/null
-	eend $?
-}

diff --git a/net-firewall/shorewall/files/shorewallrc-r2 b/net-firewall/shorewall/files/shorewallrc-r2
deleted file mode 100644
index ecc21a23875..00000000000
--- a/net-firewall/shorewall/files/shorewallrc-r2
+++ /dev/null
@@ -1,24 +0,0 @@
-#
-# Gentoo Shorewall 5.1 rc file
-#
-BUILD=gentoo                            #Default is to detect the build system
-HOST=gentoo                             #Gentoo GNU Linux
-PREFIX=@GENTOO_PORTAGE_EPREFIX@/usr                             #Top-level directory for shared files, libraries, etc.
-SHAREDIR=${PREFIX}/share                #Directory for arch-neutral files.
-LIBEXECDIR=${PREFIX}/share              #Directory for executable scripts.
-PERLLIBDIR=${PREFIX}/share/shorewall    #Directory to install Shorewall Perl module directory
-CONFDIR=@GENTOO_PORTAGE_EPREFIX@/etc                            #Directory where subsystem configurations are installed
-SBINDIR=${PREFIX}/sbin                  #Directory where system administration programs are installed
-MANDIR=${PREFIX}/share/man              #Directory where manpages are installed.
-INITDIR=${CONFDIR}/init.d               #Directory where SysV init scripts are installed.
-INITFILE=${PRODUCT}                     #Name of the product's installed SysV init script
-INITSOURCE=init.gentoo.sh               #Name of the distributed file to be installed as the SysV init script
-ANNOTATED=                              #If non-zero, annotated configuration files are installed
-SERVICEDIR=tbs          #Directory where .service files are installed (systems running systemd only)
-SERVICEFILE=gentoo.service              #Name of the distributed file to be installed as systemd service file
-SYSCONFFILE=default.gentoo              #Name of the distributed file to be installed in $SYSCONFDIR
-SYSCONFDIR=${CONFDIR}/conf.d            #Directory where SysV init parameter files are installed
-SPARSE=                                 #If non-empty, only install $PRODUCT/$PRODUCT.conf in $CONFDIR
-VARLIB=@GENTOO_PORTAGE_EPREFIX@/var/lib                         #Directory where product variable data is stored.
-VARDIR=${VARLIB}/${PRODUCT}             #Directory where product variable data is stored.
-DEFAULT_PAGER=${PAGER}                  #Pager to use if none specified in shorewall[6].conf

diff --git a/net-firewall/shorewall/shorewall-5.1.12.4.ebuild b/net-firewall/shorewall/shorewall-5.1.12.4.ebuild
deleted file mode 100644
index d7c5285f28b..00000000000
--- a/net-firewall/shorewall/shorewall-5.1.12.4.ebuild
+++ /dev/null
@@ -1,459 +0,0 @@
-# Copyright 1999-2018 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI="6"
-
-inherit linux-info prefix systemd versionator
-
-DESCRIPTION='A high-level tool for configuring Netfilter'
-HOMEPAGE="http://www.shorewall.net/"
-LICENSE="GPL-2"
-SLOT="0"
-IUSE="doc +init +ipv4 ipv6 lite4 lite6 selinux"
-
-MY_PV=${PV/_rc/-RC}
-MY_PV=${MY_PV/_beta/-Beta}
-MY_P=${PN}-${MY_PV}
-
-MY_MAJOR_RELEASE_NUMBER=$(get_version_component_range 1-2)
-MY_MAJORMINOR_RELEASE_NUMBER=$(get_version_component_range 1-3)
-
-# shorewall
-MY_PN_IPV4=Shorewall
-MY_P_IPV4=${MY_PN_IPV4/#S/s}-${MY_PV}
-
-# shorewall6
-MY_PN_IPV6=Shorewall6
-MY_P_IPV6=${MY_PN_IPV6/#S/s}-${MY_PV}
-
-# shorewall-lite
-MY_PN_LITE4=Shorewall-lite
-MY_P_LITE4=${MY_PN_LITE4/#S/s}-${MY_PV}
-
-# shorewall6-lite
-MY_PN_LITE6=Shorewall6-lite
-MY_P_LITE6=${MY_PN_LITE6/#S/s}-${MY_PV}
-
-# shorewall-init
-MY_PN_INIT=Shorewall-init
-MY_P_INIT=${MY_PN_INIT/#S/s}-${MY_PV}
-
-# shorewall-core
-MY_PN_CORE=Shorewall-core
-MY_P_CORE=${MY_PN_CORE/#S/s}-${MY_PV}
-
-# shorewall-docs-html
-MY_PN_DOCS=Shorewall-docs-html
-MY_P_DOCS=${MY_PN_DOCS/#S/s}-${MY_PV}
-
-# Upstream URL schema:
-# Beta:    $MIRROR/pub/shorewall/development/4.6/shorewall-4.6.4-Beta2/shorewall-4.6.4-Beta2.tar.bz2
-# RC:      $MIRROR/pub/shorewall/development/4.6/shorewall-4.6.4-RC1/shorewall-4.6.4-RC1.tar.bz2
-# Release: $MIRROR/pub/shorewall/4.6/shorewall-4.6.3/shorewall-4.6.3.3.tar.bz2
-
-MY_URL_PREFIX=
-MY_URL_SUFFIX=
-if [[ ${MY_PV} = *-Beta* ]] || [[ ${MY_PV} = *-RC* ]]; then
-	MY_URL_PREFIX='development/'
-
-	_tmp_last_index=$(($(get_last_version_component_index ${MY_PV})+1))
-	_tmp_suffix=$(get_version_component_range ${_tmp_last_index} ${MY_PV})
-	if [[ ${_tmp_suffix} = *Beta* ]] || [[ ${_tmp_suffix} = *RC* ]]; then
-		MY_URL_SUFFIX="-${_tmp_suffix}"
-	fi
-
-	# Cleaning up temporary variables
-	unset _tmp_last_index
-	unset _tmp_suffix
-else
-	KEYWORDS="alpha amd64 hppa ppc ppc64 sparc x86"
-fi
-
-SRC_URI="
-	http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall-core-${MY_PV}.tar.bz2
-	ipv4? ( http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall-${MY_PV}.tar.bz2 )
-	ipv6? ( http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall6-${MY_PV}.tar.bz2 )
-	lite4? ( http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall-lite-${MY_PV}.tar.bz2 )
-	lite6? ( http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall6-lite-${MY_PV}.tar.bz2 )
-	init? ( http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall-init-${MY_PV}.tar.bz2 )
-	doc? ( http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/${MY_P_DOCS}.tar.bz2 )
-"
-
-# - Shorewall6 requires Shorewall
-# - Installing Shorewall-init or just the documentation doesn't make any sense,
-#   that's why we force the user to select at least one "real" Shorewall product
-#
-# See http://shorewall.net/download.htm#Which
-REQUIRED_USE="
-	ipv6? ( ipv4 )
-	|| ( ipv4 lite4 lite6 )
-"
-
-# No build dependencies! Just plain shell scripts...
-DEPEND=""
-
-RDEPEND="
-	>=net-firewall/iptables-1.4.20
-	>=sys-apps/iproute2-3.8.0[-minimal]
-	>=sys-devel/bc-1.06.95
-	ipv4? (
-		>=dev-lang/perl-5.16
-		virtual/perl-Digest-SHA
-	)
-	ipv6? (
-		>=dev-perl/Socket6-0.230.0
-		>=net-firewall/iptables-1.4.20[ipv6]
-		>=sys-apps/iproute2-3.8.0[ipv6]
-	)
-	lite6? (
-		>=net-firewall/iptables-1.4.20[ipv6]
-		>=sys-apps/iproute2-3.8.0[ipv6]
-	)
-	init? ( >=sys-apps/coreutils-8.20 )
-	selinux? ( >=sec-policy/selinux-shorewall-2.20161023-r3 )
-	!net-firewall/shorewall-core
-	!net-firewall/shorewall6
-	!net-firewall/shorewall-lite
-	!net-firewall/shorewall6-lite
-	!net-firewall/shorewall-init
-	!<sys-apps/systemd-214
-"
-
-S=${WORKDIR}
-
-pkg_pretend() {
-	local CONFIG_CHECK="~NF_CONNTRACK"
-
-	local WARNING_CONNTRACK="Without NF_CONNTRACK support, you will be unable"
-	local WARNING_CONNTRACK+=" to run any shorewall-based firewall on the local system."
-
-	if use ipv4 || use lite4; then
-		CONFIG_CHECK="${CONFIG_CHECK} ~NF_CONNTRACK_IPV4"
-
-		local WARNING_CONNTRACK_IPV4="Without NF_CONNTRACK_IPV4 support, you will"
-		local WARNING_CONNTRACK_IPV4+=" be unable to run any shorewall-based IPv4 firewall on the local system."
-	fi
-
-	if use ipv6 || use lite6; then
-		CONFIG_CHECK="${CONFIG_CHECK} ~NF_CONNTRACK_IPV6"
-
-		local WARNING_CONNTRACK_IPV6="Without NF_CONNTRACK_IPV6 support, you will"
-		local WARNING_CONNTRACK_IPV6+=" be unable to run any shorewall-based IPv6 firewall on the local system."
-	fi
-
-	check_extra_config
-}
-
-pkg_setup() {
-	if [[ -n "${DIGEST}" ]]; then
-		einfo "Unsetting environment variable \"DIGEST\" to prevent conflicts with package's \"install.sh\" script ..."
-		unset DIGEST
-	fi
-}
-
-src_prepare() {
-	# We are moving each unpacked source from MY_P_* to MY_PN_*.
-	# This allows us to use patches from upstream and keeps epatch_user working
-
-	einfo "Preparing shorewallrc ..."
-	cp "${FILESDIR}"/shorewallrc-r2 "${S}"/shorewallrc.gentoo || die "Copying shorewallrc failed"
-	eprefixify "${S}"/shorewallrc.gentoo
-	sed -i \
-		-e "s|SERVICEDIR=tbs|SERVICEDIR=$(systemd_get_systemunitdir)|" \
-		"${S}"/shorewallrc.gentoo || die "Failed to update shorewallrc"
-
-	# shorewall-core
-	mv "${S}"/${MY_P_CORE} "${S}"/${MY_PN_CORE} || die "Failed to move '${S}/${MY_P_CORE}' to '${S}/${MY_PN_CORE}'"
-	ebegin "Applying Gentoo-specific changes to ${MY_P_CORE} ..."
-	ln -s ../shorewallrc.gentoo ${MY_PN_CORE}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo"
-	eend 0
-
-	# shorewall
-	if use ipv4; then
-		mv "${S}"/${MY_P_IPV4} "${S}"/${MY_PN_IPV4} || die "Failed to move '${S}/${MY_P_IPV4}' to '${S}/${MY_PN_IPV4}'"
-		ebegin "Applying Gentoo-specific changes to ${MY_P_IPV4}"
-		ln -s ../shorewallrc.gentoo ${MY_PN_IPV4}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo"
-		cp "${FILESDIR}"/shorewall.confd-r1 "${S}"/${MY_PN_IPV4}/default.gentoo || die "Copying shorewall.confd-r1 failed"
-		cp "${FILESDIR}"/shorewall.initd-r2 "${S}"/${MY_PN_IPV4}/init.gentoo.sh || die "Copying shorewall.initd-r2 failed"
-		cp "${FILESDIR}"/shorewall.systemd "${S}"/${MY_PN_IPV4}/gentoo.service || die "Copying shorewall.systemd failed"
-		eend 0
-	fi
-
-	# shorewall6
-	if use ipv6; then
-		mv "${S}"/${MY_P_IPV6} "${S}"/${MY_PN_IPV6} || die "Failed to move '${S}/${MY_P_IPV6}' to '${S}/${MY_PN_IPV6}'"
-		ebegin "Applying Gentoo-specific changes to ${MY_P_IPV6}"
-		ln -s ../shorewallrc.gentoo ${MY_PN_IPV6}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo"
-		cp "${FILESDIR}"/shorewall.confd-r1 "${S}"/${MY_PN_IPV6}/default.gentoo || die "Copying shorewall.confd-r1 failed"
-		cp "${FILESDIR}"/shorewall.initd-r2 "${S}"/${MY_PN_IPV6}/init.gentoo.sh || die "Copying shorewall.initd-r2 failed"
-		cp "${FILESDIR}"/shorewall6.systemd "${S}"/${MY_PN_IPV6}/gentoo.service || die "Copying shorewall6.systemd failed"
-		eend 0
-	fi
-
-	# shorewall-lite
-	if use lite4; then
-		mv "${S}"/${MY_P_LITE4} "${S}"/${MY_PN_LITE4} || die "Failed to move '${S}/${MY_P_LITE4}' to '${S}/${MY_PN_LITE4}'"
-		ebegin "Applying Gentoo-specific changes to ${MY_P_LITE4}"
-		ln -s ../shorewallrc.gentoo ${MY_PN_LITE4}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo"
-		cp "${FILESDIR}"/shorewall-lite.confd-r1 "${S}"/${MY_PN_LITE4}/default.gentoo || die "Copying shorewall-lite.confd-r1 failed"
-		cp "${FILESDIR}"/shorewall-lite.initd-r2 "${S}"/${MY_PN_LITE4}/init.gentoo.sh || die "Copying shorewall-lite.initd-r2 failed"
-		cp "${FILESDIR}"/shorewall-lite.systemd "${S}"/${MY_PN_LITE4}/gentoo.service || die "Copying shorewall-lite.systemd failed"
-		eend 0
-	fi
-
-	# shorewall6-lite
-	if use lite6; then
-		mv "${S}"/${MY_P_LITE6} "${S}"/${MY_PN_LITE6} || die "Failed to move '${S}/${MY_P_LITE6}' to '${S}/${MY_PN_LITE6}'"
-		ebegin "Applying Gentoo-specific changes to ${MY_P_LITE6}"
-		ln -s ../shorewallrc.gentoo ${MY_PN_LITE6}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo"
-		cp "${FILESDIR}"/shorewall-lite.confd-r1 "${S}"/${MY_PN_LITE6}/default.gentoo || die "Copying shorewall-lite.confd-r1 failed"
-		cp "${FILESDIR}"/shorewall-lite.initd-r2 "${S}"/${MY_PN_LITE6}/init.gentoo.sh || die "Copying shorewall-lite.initd-r2 failed"
-		cp "${FILESDIR}"/shorewall6-lite.systemd "${S}"/${MY_PN_LITE6}/gentoo.service || die "Copying shorewall6-lite.systemd failed"
-		eend 0
-	fi
-
-	# shorewall-init
-	if use init; then
-		mv "${S}"/${MY_P_INIT} "${S}"/${MY_PN_INIT} || die "Failed to move '${S}/${MY_P_INIT}' to '${S}/${MY_PN_INIT}'"
-		ebegin "Applying Gentoo-specific changes to ${MY_P_INIT}"
-		ln -s ../shorewallrc.gentoo ${MY_PN_INIT}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo"
-		cp "${FILESDIR}"/shorewall-init.confd "${S}"/${MY_PN_INIT}/default.gentoo || die "Copying shorewall-init.confd failed"
-		cp "${FILESDIR}"/shorewall-init.initd "${S}"/${MY_PN_INIT}/init.gentoo.sh || die "Copying shorewall-init.initd failed"
-		cp "${FILESDIR}"/shorewall-init.systemd "${S}"/${MY_PN_INIT}/gentoo.service || die "Copying shorewall-init.systemd failed"
-		cp "${FILESDIR}"/shorewall-init.readme "${S}"/${MY_PN_INIT}/shorewall-init.README.Gentoo.txt || die "Copying shorewall-init.systemd failed"
-		eend 0
-
-		eprefixify "${S}"/${MY_PN_INIT}/init.gentoo.sh
-
-		cd "${S}"/${MY_PN_INIT} || die
-		eapply -p2 "${FILESDIR}"/shorewall-init-01_remove-ipset-functionality-r1.patch
-		cd "${S}" || die
-	fi
-
-	# shorewall-docs-html
-	if use doc; then
-		mv "${S}"/${MY_P_DOCS} "${S}"/${MY_PN_DOCS} || die "Failed to move '${S}/${MY_P_DOCS}' to '${S}/${MY_PN_DOCS}'"
-	fi
-
-	eapply_user
-}
-
-src_configure() {
-	:;
-}
-
-src_compile() {
-	:;
-}
-
-src_install() {
-	# shorewall-core
-	einfo "Installing ${MY_P_CORE} ..."
-	DESTDIR="${D%/}" ${MY_PN_CORE}/install.sh shorewallrc.gentoo || die "${MY_PN_CORE}/install.sh failed"
-	dodoc "${S}"/${MY_PN_CORE}/changelog.txt "${S}"/${MY_PN_CORE}/releasenotes.txt
-
-	# shorewall
-	if use ipv4; then
-		einfo "Installing ${MY_P_IPV4} ..."
-		DESTDIR="${D%/}" ${MY_PN_IPV4}/install.sh shorewallrc.gentoo || die "${MY_PN_IPV4}/install.sh failed"
-		keepdir /var/lib/shorewall
-
-		if use doc; then
-			dodoc -r "${S}"/${MY_PN_IPV4}/Samples
-		fi
-	fi
-
-	# shorewall6
-	if use ipv6; then
-		einfo "Installing ${MY_P_IPV6} ..."
-		DESTDIR="${D%/}" ${MY_PN_IPV6}/install.sh shorewallrc.gentoo || die "${MY_PN_IPV6}/install.sh failed"
-		keepdir /var/lib/shorewall6
-
-		if use doc; then
-			dodoc -r "${S}"/${MY_PN_IPV6}/Samples6
-		fi
-	fi
-
-	# shorewall-lite
-	if use lite4; then
-		einfo "Installing ${MY_P_LITE4} ..."
-		DESTDIR="${D%/}" ${MY_PN_LITE4}/install.sh shorewallrc.gentoo || die "${MY_PN_LITE4}/install.sh failed"
-		keepdir /var/lib/shorewall-lite
-	fi
-
-	# shorewall6-lite
-	if use lite6; then
-		einfo "Installing ${MY_P_LITE6} ..."
-		DESTDIR="${D%/}" ${MY_PN_LITE6}/install.sh shorewallrc.gentoo || die "${MY_PN_LITE6}/install.sh failed"
-		keepdir /var/lib/shorewall6-lite
-	fi
-
-	# shorewall-init
-	if use init; then
-		einfo "Installing ${MY_P_INIT} ..."
-		DESTDIR="${D%/}" ${MY_PN_INIT}/install.sh shorewallrc.gentoo || die "${MY_PN_INIT}/install.sh failed"
-		dodoc "${S}"/${MY_PN_INIT}/shorewall-init.README.Gentoo.txt
-
-		if [[ -f "${D}etc/logrotate.d/shorewall-init" ]]; then
-			# On Gentoo, shorewall-init will not create shorewall-ifupdown.log,
-			# so we don't need a logrotate configuration file for shorewall-init
-			einfo "Removing unused \"${D}etc/logrotate.d/shorewall-init\" ..."
-			rm -rf "${D}"etc/logrotate.d/shorewall-init || die "Removing \"${D}etc/logrotate.d/shorewall-init\" failed"
-		fi
-
-		if [[ -d "${D}etc/NetworkManager" ]]; then
-			# On Gentoo, we don't support NetworkManager
-			# so we don't need this folder at all
-			einfo "Removing unused \"${D}etc/NetworkManager\" ..."
-			rm -rf "${D}"etc/NetworkManager || die "Removing \"${D}etc/NetworkManager\" failed"
-		fi
-
-		if [[ -f "${D}usr/share/shorewall-init/ifupdown" ]]; then
-			# This script isn't supported on Gentoo
-			rm -rf "${D}"usr/share/shorewall-init/ifupdown || die "Removing \"${D}usr/share/shorewall-init/ifupdown\" failed"
-		fi
-	fi
-
-	if use doc; then
-		einfo "Installing ${MY_P_DOCS} ..."
-		docinto html && dodoc -r "${S}"/${MY_PN_DOCS}/*
-	fi
-}
-
-pkg_postinst() {
-	if [[ -z "${REPLACING_VERSIONS}" ]]; then
-		# This is a new installation
-
-		# Show first steps for shorewall/shorewall6
-		local _PRODUCTS=""
-		if use ipv4; then
-			_PRODUCTS="shorewall"
-
-			if use ipv6; then
-				_PRODUCTS="${_PRODUCTS}/shorewall6"
-			fi
-		fi
-
-		if [[ -n "${_PRODUCTS}" ]]; then
-			elog "Before you can use ${_PRODUCTS}, you need to edit its configuration in:"
-			elog ""
-			elog "  /etc/shorewall/shorewall.conf"
-
-			if use ipv6; then
-				elog "  /etc/shorewall6/shorewall6.conf"
-			fi
-
-			elog ""
-			elog "To activate your shorewall-based firewall on system start, please add ${_PRODUCTS} to your default runlevel:"
-			elog ""
-			elog "  # rc-update add shorewall default"
-
-			if use ipv6; then
-				elog "  # rc-update add shorewall6 default"
-			fi
-		fi
-
-		# Show first steps for shorewall-lite/shorewall6-lite
-		_PRODUCTS=""
-		if use lite4; then
-			_PRODUCTS="shorewall-lite"
-		fi
-
-		if use lite6; then
-			if [[ -z "${_PRODUCTS}" ]]; then
-				_PRODUCTS="shorewall6-lite"
-			else
-				_PRODUCTS="${_PRODUCTS}/shorewall6-lite"
-			fi
-		fi
-
-		if [[ -n "${_PRODUCTS}" ]]; then
-			if use ipv4; then
-				elog ""
-			fi
-
-			elog "Before you can use ${_PRODUCTS}, you need to provide a configuration, which you can"
-			elog "create using ${CATEGORY}/shorewall (with \"ipv4\" and or \"ipv6\" USE flag)."
-			elog ""
-			elog "To read more about ${_PRODUCTS}, please visit"
-			elog "  http://shorewall.net/CompiledPrograms.html"
-			elog ""
-			elog "To activate your shorewall-lite-based firewall on system start, please add ${PRODUCTS} to your default runlevel:"
-			elog ""
-
-			if use lite4; then
-				elog "  # rc-update add shorewall-lite default"
-			fi
-
-			if use lite6; then
-				elog "  # rc-update add shorewall6-lite default"
-			fi
-		fi
-
-		if use init; then
-			elog ""
-			elog "To secure your system on boot, please add shorewall-init to your boot runlevel:"
-			elog ""
-			elog "  # rc-update add shorewall-init boot"
-			elog ""
-			elog "and review \$PRODUCTS in"
-			elog ""
-			elog "  /etc/conf.d/shorewall-init"
-		fi
-
-	fi
-
-	local v
-	for v in ${REPLACING_VERSIONS}; do
-		if ! version_is_at_least ${MY_MAJOR_RELEASE_NUMBER} ${v}; then
-			# This is an upgrade
-
-			elog "You are upgrading from a previous major version. It is highly recommended that you read"
-			elog ""
-			elog "  - /usr/share/doc/shorewall*/releasenotes.tx*"
-			elog "  - http://shorewall.net/Shorewall-5.html#idp51151872"
-
-			if use ipv4; then
-				elog ""
-				elog "You can auto-migrate your configuration using"
-				elog ""
-				elog "  # shorewall update -A"
-
-				if use ipv6; then
-					elog "  # shorewall6 update -A"
-				fi
-
-				elog ""
-				elog "*after* you have merged the changed files using one of the configuration"
-				elog "files update tools of your choice (dispatch-conf, etc-update...)."
-
-				elog ""
-				elog "But if you are not familiar with the \"shorewall[6] update\" command,"
-				elog "please read the shorewall[6] man page first."
-			fi
-
-			# Show this elog only once
-			break
-		fi
-	done
-
-	if ! use init; then
-		elog ""
-		elog "Consider emerging ${CATEGORY}/${PN} with USE flag \"init\" to secure your system on boot"
-		elog "before your shorewall-based firewall is ready to start."
-		elog ""
-		elog "To read more about shorewall-init, please visit"
-		elog "  http://www.shorewall.net/Shorewall-init.html"
-	fi
-
-	if ! has_version "net-firewall/conntrack-tools"; then
-		elog ""
-		elog "Your Shorewall firewall can utilize \"conntrack\" from the \"net-firewall/conntrack-tools\""
-		elog "package. if you want to use this feature, you need to install \"net-firewall/conntrack-tools\"!"
-	fi
-
-	if ! has_version "dev-perl/Devel-NYTProf"; then
-		elog ""
-		elog "If you want to profile your Shorewall firewall you need to install \"dev-perl/Devel-NYTProf\"!"
-	fi
-}

diff --git a/net-firewall/shorewall/shorewall-5.2.0.2.ebuild b/net-firewall/shorewall/shorewall-5.2.0.2.ebuild
deleted file mode 100644
index a7f7766988a..00000000000
--- a/net-firewall/shorewall/shorewall-5.2.0.2.ebuild
+++ /dev/null
@@ -1,459 +0,0 @@
-# Copyright 1999-2018 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI="6"
-
-inherit linux-info prefix systemd versionator
-
-DESCRIPTION='A high-level tool for configuring Netfilter'
-HOMEPAGE="http://www.shorewall.net/"
-LICENSE="GPL-2"
-SLOT="0"
-IUSE="doc +init +ipv4 ipv6 lite4 lite6 selinux"
-
-MY_PV=${PV/_rc/-RC}
-MY_PV=${MY_PV/_beta/-Beta}
-MY_P=${PN}-${MY_PV}
-
-MY_MAJOR_RELEASE_NUMBER=$(get_version_component_range 1-2)
-MY_MAJORMINOR_RELEASE_NUMBER=$(get_version_component_range 1-3)
-
-# shorewall
-MY_PN_IPV4=Shorewall
-MY_P_IPV4=${MY_PN_IPV4/#S/s}-${MY_PV}
-
-# shorewall6
-MY_PN_IPV6=Shorewall6
-MY_P_IPV6=${MY_PN_IPV6/#S/s}-${MY_PV}
-
-# shorewall-lite
-MY_PN_LITE4=Shorewall-lite
-MY_P_LITE4=${MY_PN_LITE4/#S/s}-${MY_PV}
-
-# shorewall6-lite
-MY_PN_LITE6=Shorewall6-lite
-MY_P_LITE6=${MY_PN_LITE6/#S/s}-${MY_PV}
-
-# shorewall-init
-MY_PN_INIT=Shorewall-init
-MY_P_INIT=${MY_PN_INIT/#S/s}-${MY_PV}
-
-# shorewall-core
-MY_PN_CORE=Shorewall-core
-MY_P_CORE=${MY_PN_CORE/#S/s}-${MY_PV}
-
-# shorewall-docs-html
-MY_PN_DOCS=Shorewall-docs-html
-MY_P_DOCS=${MY_PN_DOCS/#S/s}-${MY_PV}
-
-# Upstream URL schema:
-# Beta:    $MIRROR/pub/shorewall/development/4.6/shorewall-4.6.4-Beta2/shorewall-4.6.4-Beta2.tar.bz2
-# RC:      $MIRROR/pub/shorewall/development/4.6/shorewall-4.6.4-RC1/shorewall-4.6.4-RC1.tar.bz2
-# Release: $MIRROR/pub/shorewall/4.6/shorewall-4.6.3/shorewall-4.6.3.3.tar.bz2
-
-MY_URL_PREFIX=
-MY_URL_SUFFIX=
-if [[ ${MY_PV} = *-Beta* ]] || [[ ${MY_PV} = *-RC* ]]; then
-	MY_URL_PREFIX='development/'
-
-	_tmp_last_index=$(($(get_last_version_component_index ${MY_PV})+1))
-	_tmp_suffix=$(get_version_component_range ${_tmp_last_index} ${MY_PV})
-	if [[ ${_tmp_suffix} = *Beta* ]] || [[ ${_tmp_suffix} = *RC* ]]; then
-		MY_URL_SUFFIX="-${_tmp_suffix}"
-	fi
-
-	# Cleaning up temporary variables
-	unset _tmp_last_index
-	unset _tmp_suffix
-else
-	KEYWORDS="~alpha ~amd64 ~hppa ~ppc ~ppc64 ~sparc ~x86"
-fi
-
-SRC_URI="
-	http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall-core-${MY_PV}.tar.bz2
-	ipv4? ( http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall-${MY_PV}.tar.bz2 )
-	ipv6? ( http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall6-${MY_PV}.tar.bz2 )
-	lite4? ( http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall-lite-${MY_PV}.tar.bz2 )
-	lite6? ( http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall6-lite-${MY_PV}.tar.bz2 )
-	init? ( http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall-init-${MY_PV}.tar.bz2 )
-	doc? ( http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/${MY_P_DOCS}.tar.bz2 )
-"
-
-# - Shorewall6 requires Shorewall
-# - Installing Shorewall-init or just the documentation doesn't make any sense,
-#   that's why we force the user to select at least one "real" Shorewall product
-#
-# See http://shorewall.net/download.htm#Which
-REQUIRED_USE="
-	ipv6? ( ipv4 )
-	|| ( ipv4 lite4 lite6 )
-"
-
-# No build dependencies! Just plain shell scripts...
-DEPEND=""
-
-RDEPEND="
-	>=net-firewall/iptables-1.4.20
-	>=sys-apps/iproute2-3.8.0[-minimal]
-	>=sys-devel/bc-1.06.95
-	ipv4? (
-		>=dev-lang/perl-5.16
-		virtual/perl-Digest-SHA
-	)
-	ipv6? (
-		>=dev-perl/Socket6-0.230.0
-		>=net-firewall/iptables-1.4.20[ipv6]
-		>=sys-apps/iproute2-3.8.0[ipv6]
-	)
-	lite6? (
-		>=net-firewall/iptables-1.4.20[ipv6]
-		>=sys-apps/iproute2-3.8.0[ipv6]
-	)
-	init? ( >=sys-apps/coreutils-8.20 )
-	selinux? ( >=sec-policy/selinux-shorewall-2.20161023-r3 )
-	!net-firewall/shorewall-core
-	!net-firewall/shorewall6
-	!net-firewall/shorewall-lite
-	!net-firewall/shorewall6-lite
-	!net-firewall/shorewall-init
-	!<sys-apps/systemd-214
-"
-
-S=${WORKDIR}
-
-pkg_pretend() {
-	local CONFIG_CHECK="~NF_CONNTRACK"
-
-	local WARNING_CONNTRACK="Without NF_CONNTRACK support, you will be unable"
-	local WARNING_CONNTRACK+=" to run any shorewall-based firewall on the local system."
-
-	if use ipv4 || use lite4; then
-		CONFIG_CHECK="${CONFIG_CHECK} ~NF_CONNTRACK_IPV4"
-
-		local WARNING_CONNTRACK_IPV4="Without NF_CONNTRACK_IPV4 support, you will"
-		local WARNING_CONNTRACK_IPV4+=" be unable to run any shorewall-based IPv4 firewall on the local system."
-	fi
-
-	if use ipv6 || use lite6; then
-		CONFIG_CHECK="${CONFIG_CHECK} ~NF_CONNTRACK_IPV6"
-
-		local WARNING_CONNTRACK_IPV6="Without NF_CONNTRACK_IPV6 support, you will"
-		local WARNING_CONNTRACK_IPV6+=" be unable to run any shorewall-based IPv6 firewall on the local system."
-	fi
-
-	check_extra_config
-}
-
-pkg_setup() {
-	if [[ -n "${DIGEST}" ]]; then
-		einfo "Unsetting environment variable \"DIGEST\" to prevent conflicts with package's \"install.sh\" script ..."
-		unset DIGEST
-	fi
-}
-
-src_prepare() {
-	# We are moving each unpacked source from MY_P_* to MY_PN_*.
-	# This allows us to use patches from upstream and keeps epatch_user working
-
-	einfo "Preparing shorewallrc ..."
-	cp "${FILESDIR}"/shorewallrc-r3 "${S}"/shorewallrc.gentoo || die "Copying shorewallrc failed"
-	eprefixify "${S}"/shorewallrc.gentoo
-	sed -i \
-		-e "s|SERVICEDIR=tbs|SERVICEDIR=$(systemd_get_systemunitdir)|" \
-		"${S}"/shorewallrc.gentoo || die "Failed to update shorewallrc"
-
-	# shorewall-core
-	mv "${S}"/${MY_P_CORE} "${S}"/${MY_PN_CORE} || die "Failed to move '${S}/${MY_P_CORE}' to '${S}/${MY_PN_CORE}'"
-	ebegin "Applying Gentoo-specific changes to ${MY_P_CORE} ..."
-	ln -s ../shorewallrc.gentoo ${MY_PN_CORE}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo"
-	eend 0
-
-	# shorewall
-	if use ipv4; then
-		mv "${S}"/${MY_P_IPV4} "${S}"/${MY_PN_IPV4} || die "Failed to move '${S}/${MY_P_IPV4}' to '${S}/${MY_PN_IPV4}'"
-		ebegin "Applying Gentoo-specific changes to ${MY_P_IPV4}"
-		ln -s ../shorewallrc.gentoo ${MY_PN_IPV4}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo"
-		cp "${FILESDIR}"/shorewall.confd-r1 "${S}"/${MY_PN_IPV4}/default.gentoo || die "Copying shorewall.confd-r1 failed"
-		cp "${FILESDIR}"/shorewall.initd-r3 "${S}"/${MY_PN_IPV4}/init.gentoo.sh || die "Copying shorewall.initd-r2 failed"
-		cp "${FILESDIR}"/shorewall.systemd "${S}"/${MY_PN_IPV4}/gentoo.service || die "Copying shorewall.systemd failed"
-		eend 0
-	fi
-
-	# shorewall6
-	if use ipv6; then
-		mv "${S}"/${MY_P_IPV6} "${S}"/${MY_PN_IPV6} || die "Failed to move '${S}/${MY_P_IPV6}' to '${S}/${MY_PN_IPV6}'"
-		ebegin "Applying Gentoo-specific changes to ${MY_P_IPV6}"
-		ln -s ../shorewallrc.gentoo ${MY_PN_IPV6}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo"
-		cp "${FILESDIR}"/shorewall.confd-r1 "${S}"/${MY_PN_IPV6}/default.gentoo || die "Copying shorewall.confd-r1 failed"
-		cp "${FILESDIR}"/shorewall.initd-r3 "${S}"/${MY_PN_IPV6}/init.gentoo.sh || die "Copying shorewall.initd-r2 failed"
-		cp "${FILESDIR}"/shorewall6.systemd "${S}"/${MY_PN_IPV6}/gentoo.service || die "Copying shorewall6.systemd failed"
-		eend 0
-	fi
-
-	# shorewall-lite
-	if use lite4; then
-		mv "${S}"/${MY_P_LITE4} "${S}"/${MY_PN_LITE4} || die "Failed to move '${S}/${MY_P_LITE4}' to '${S}/${MY_PN_LITE4}'"
-		ebegin "Applying Gentoo-specific changes to ${MY_P_LITE4}"
-		ln -s ../shorewallrc.gentoo ${MY_PN_LITE4}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo"
-		cp "${FILESDIR}"/shorewall-lite.confd-r1 "${S}"/${MY_PN_LITE4}/default.gentoo || die "Copying shorewall-lite.confd-r1 failed"
-		cp "${FILESDIR}"/shorewall-lite.initd-r3 "${S}"/${MY_PN_LITE4}/init.gentoo.sh || die "Copying shorewall-lite.initd-r2 failed"
-		cp "${FILESDIR}"/shorewall-lite.systemd "${S}"/${MY_PN_LITE4}/gentoo.service || die "Copying shorewall-lite.systemd failed"
-		eend 0
-	fi
-
-	# shorewall6-lite
-	if use lite6; then
-		mv "${S}"/${MY_P_LITE6} "${S}"/${MY_PN_LITE6} || die "Failed to move '${S}/${MY_P_LITE6}' to '${S}/${MY_PN_LITE6}'"
-		ebegin "Applying Gentoo-specific changes to ${MY_P_LITE6}"
-		ln -s ../shorewallrc.gentoo ${MY_PN_LITE6}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo"
-		cp "${FILESDIR}"/shorewall-lite.confd-r1 "${S}"/${MY_PN_LITE6}/default.gentoo || die "Copying shorewall-lite.confd-r1 failed"
-		cp "${FILESDIR}"/shorewall-lite.initd-r3 "${S}"/${MY_PN_LITE6}/init.gentoo.sh || die "Copying shorewall-lite.initd-r2 failed"
-		cp "${FILESDIR}"/shorewall6-lite.systemd "${S}"/${MY_PN_LITE6}/gentoo.service || die "Copying shorewall6-lite.systemd failed"
-		eend 0
-	fi
-
-	# shorewall-init
-	if use init; then
-		mv "${S}"/${MY_P_INIT} "${S}"/${MY_PN_INIT} || die "Failed to move '${S}/${MY_P_INIT}' to '${S}/${MY_PN_INIT}'"
-		ebegin "Applying Gentoo-specific changes to ${MY_P_INIT}"
-		ln -s ../shorewallrc.gentoo ${MY_PN_INIT}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo"
-		cp "${FILESDIR}"/shorewall-init.confd "${S}"/${MY_PN_INIT}/default.gentoo || die "Copying shorewall-init.confd failed"
-		cp "${FILESDIR}"/shorewall-init.initd "${S}"/${MY_PN_INIT}/init.gentoo.sh || die "Copying shorewall-init.initd failed"
-		cp "${FILESDIR}"/shorewall-init.systemd "${S}"/${MY_PN_INIT}/gentoo.service || die "Copying shorewall-init.systemd failed"
-		cp "${FILESDIR}"/shorewall-init.readme "${S}"/${MY_PN_INIT}/shorewall-init.README.Gentoo.txt || die "Copying shorewall-init.systemd failed"
-		eend 0
-
-		eprefixify "${S}"/${MY_PN_INIT}/init.gentoo.sh
-
-		cd "${S}"/${MY_PN_INIT} || die
-		eapply -p2 "${FILESDIR}"/shorewall-init-01_remove-ipset-functionality-r1.patch
-		cd "${S}" || die
-	fi
-
-	# shorewall-docs-html
-	if use doc; then
-		mv "${S}"/${MY_P_DOCS} "${S}"/${MY_PN_DOCS} || die "Failed to move '${S}/${MY_P_DOCS}' to '${S}/${MY_PN_DOCS}'"
-	fi
-
-	eapply_user
-}
-
-src_configure() {
-	:;
-}
-
-src_compile() {
-	:;
-}
-
-src_install() {
-	# shorewall-core
-	einfo "Installing ${MY_P_CORE} ..."
-	DESTDIR="${D%/}" ${MY_PN_CORE}/install.sh shorewallrc.gentoo || die "${MY_PN_CORE}/install.sh failed"
-	dodoc "${S}"/${MY_PN_CORE}/changelog.txt "${S}"/${MY_PN_CORE}/releasenotes.txt
-
-	# shorewall
-	if use ipv4; then
-		einfo "Installing ${MY_P_IPV4} ..."
-		DESTDIR="${D%/}" ${MY_PN_IPV4}/install.sh shorewallrc.gentoo || die "${MY_PN_IPV4}/install.sh failed"
-		keepdir /var/lib/shorewall
-
-		if use doc; then
-			dodoc -r "${S}"/${MY_PN_IPV4}/Samples
-		fi
-	fi
-
-	# shorewall6
-	if use ipv6; then
-		einfo "Installing ${MY_P_IPV6} ..."
-		DESTDIR="${D%/}" ${MY_PN_IPV6}/install.sh shorewallrc.gentoo || die "${MY_PN_IPV6}/install.sh failed"
-		keepdir /var/lib/shorewall6
-
-		if use doc; then
-			dodoc -r "${S}"/${MY_PN_IPV6}/Samples6
-		fi
-	fi
-
-	# shorewall-lite
-	if use lite4; then
-		einfo "Installing ${MY_P_LITE4} ..."
-		DESTDIR="${D%/}" ${MY_PN_LITE4}/install.sh shorewallrc.gentoo || die "${MY_PN_LITE4}/install.sh failed"
-		keepdir /var/lib/shorewall-lite
-	fi
-
-	# shorewall6-lite
-	if use lite6; then
-		einfo "Installing ${MY_P_LITE6} ..."
-		DESTDIR="${D%/}" ${MY_PN_LITE6}/install.sh shorewallrc.gentoo || die "${MY_PN_LITE6}/install.sh failed"
-		keepdir /var/lib/shorewall6-lite
-	fi
-
-	# shorewall-init
-	if use init; then
-		einfo "Installing ${MY_P_INIT} ..."
-		DESTDIR="${D%/}" ${MY_PN_INIT}/install.sh shorewallrc.gentoo || die "${MY_PN_INIT}/install.sh failed"
-		dodoc "${S}"/${MY_PN_INIT}/shorewall-init.README.Gentoo.txt
-
-		if [[ -f "${D}etc/logrotate.d/shorewall-init" ]]; then
-			# On Gentoo, shorewall-init will not create shorewall-ifupdown.log,
-			# so we don't need a logrotate configuration file for shorewall-init
-			einfo "Removing unused \"${D}etc/logrotate.d/shorewall-init\" ..."
-			rm -rf "${D}"etc/logrotate.d/shorewall-init || die "Removing \"${D}etc/logrotate.d/shorewall-init\" failed"
-		fi
-
-		if [[ -d "${D}etc/NetworkManager" ]]; then
-			# On Gentoo, we don't support NetworkManager
-			# so we don't need this folder at all
-			einfo "Removing unused \"${D}etc/NetworkManager\" ..."
-			rm -rf "${D}"etc/NetworkManager || die "Removing \"${D}etc/NetworkManager\" failed"
-		fi
-
-		if [[ -f "${D}usr/share/shorewall-init/ifupdown" ]]; then
-			# This script isn't supported on Gentoo
-			rm -rf "${D}"usr/share/shorewall-init/ifupdown || die "Removing \"${D}usr/share/shorewall-init/ifupdown\" failed"
-		fi
-	fi
-
-	if use doc; then
-		einfo "Installing ${MY_P_DOCS} ..."
-		docinto html && dodoc -r "${S}"/${MY_PN_DOCS}/*
-	fi
-}
-
-pkg_postinst() {
-	if [[ -z "${REPLACING_VERSIONS}" ]]; then
-		# This is a new installation
-
-		# Show first steps for shorewall/shorewall6
-		local _PRODUCTS=""
-		if use ipv4; then
-			_PRODUCTS="shorewall"
-
-			if use ipv6; then
-				_PRODUCTS="${_PRODUCTS}/shorewall6"
-			fi
-		fi
-
-		if [[ -n "${_PRODUCTS}" ]]; then
-			elog "Before you can use ${_PRODUCTS}, you need to edit its configuration in:"
-			elog ""
-			elog "  /etc/shorewall/shorewall.conf"
-
-			if use ipv6; then
-				elog "  /etc/shorewall6/shorewall6.conf"
-			fi
-
-			elog ""
-			elog "To activate your shorewall-based firewall on system start, please add ${_PRODUCTS} to your default runlevel:"
-			elog ""
-			elog "  # rc-update add shorewall default"
-
-			if use ipv6; then
-				elog "  # rc-update add shorewall6 default"
-			fi
-		fi
-
-		# Show first steps for shorewall-lite/shorewall6-lite
-		_PRODUCTS=""
-		if use lite4; then
-			_PRODUCTS="shorewall-lite"
-		fi
-
-		if use lite6; then
-			if [[ -z "${_PRODUCTS}" ]]; then
-				_PRODUCTS="shorewall6-lite"
-			else
-				_PRODUCTS="${_PRODUCTS}/shorewall6-lite"
-			fi
-		fi
-
-		if [[ -n "${_PRODUCTS}" ]]; then
-			if use ipv4; then
-				elog ""
-			fi
-
-			elog "Before you can use ${_PRODUCTS}, you need to provide a configuration, which you can"
-			elog "create using ${CATEGORY}/shorewall (with \"ipv4\" and or \"ipv6\" USE flag)."
-			elog ""
-			elog "To read more about ${_PRODUCTS}, please visit"
-			elog "  http://shorewall.net/CompiledPrograms.html"
-			elog ""
-			elog "To activate your shorewall-lite-based firewall on system start, please add ${PRODUCTS} to your default runlevel:"
-			elog ""
-
-			if use lite4; then
-				elog "  # rc-update add shorewall-lite default"
-			fi
-
-			if use lite6; then
-				elog "  # rc-update add shorewall6-lite default"
-			fi
-		fi
-
-		if use init; then
-			elog ""
-			elog "To secure your system on boot, please add shorewall-init to your boot runlevel:"
-			elog ""
-			elog "  # rc-update add shorewall-init boot"
-			elog ""
-			elog "and review \$PRODUCTS in"
-			elog ""
-			elog "  /etc/conf.d/shorewall-init"
-		fi
-
-	fi
-
-	local v
-	for v in ${REPLACING_VERSIONS}; do
-		if ! version_is_at_least ${MY_MAJOR_RELEASE_NUMBER} ${v}; then
-			# This is an upgrade
-
-			elog "You are upgrading from a previous major version. It is highly recommended that you read"
-			elog ""
-			elog "  - /usr/share/doc/shorewall*/releasenotes.tx*"
-			elog "  - http://shorewall.net/Shorewall-5.html#idm214"
-
-			if use ipv4; then
-				elog ""
-				elog "You can auto-migrate your configuration using"
-				elog ""
-				elog "  # shorewall update -A"
-
-				if use ipv6; then
-					elog "  # shorewall6 update -A"
-				fi
-
-				elog ""
-				elog "*after* you have merged the changed files using one of the configuration"
-				elog "files update tools of your choice (dispatch-conf, etc-update...)."
-
-				elog ""
-				elog "But if you are not familiar with the \"shorewall[6] update\" command,"
-				elog "please read the shorewall[6] man page first."
-			fi
-
-			# Show this elog only once
-			break
-		fi
-	done
-
-	if ! use init; then
-		elog ""
-		elog "Consider emerging ${CATEGORY}/${PN} with USE flag \"init\" to secure your system on boot"
-		elog "before your shorewall-based firewall is ready to start."
-		elog ""
-		elog "To read more about shorewall-init, please visit"
-		elog "  http://www.shorewall.net/Shorewall-init.html"
-	fi
-
-	if ! has_version "net-firewall/conntrack-tools"; then
-		elog ""
-		elog "Your Shorewall firewall can utilize \"conntrack\" from the \"net-firewall/conntrack-tools\""
-		elog "package. if you want to use this feature, you need to install \"net-firewall/conntrack-tools\"!"
-	fi
-
-	if ! has_version "dev-perl/Devel-NYTProf"; then
-		elog ""
-		elog "If you want to profile your Shorewall firewall you need to install \"dev-perl/Devel-NYTProf\"!"
-	fi
-}

diff --git a/net-firewall/shorewall/shorewall-5.2.0.3.ebuild b/net-firewall/shorewall/shorewall-5.2.0.3.ebuild
deleted file mode 100644
index a7f7766988a..00000000000
--- a/net-firewall/shorewall/shorewall-5.2.0.3.ebuild
+++ /dev/null
@@ -1,459 +0,0 @@
-# Copyright 1999-2018 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI="6"
-
-inherit linux-info prefix systemd versionator
-
-DESCRIPTION='A high-level tool for configuring Netfilter'
-HOMEPAGE="http://www.shorewall.net/"
-LICENSE="GPL-2"
-SLOT="0"
-IUSE="doc +init +ipv4 ipv6 lite4 lite6 selinux"
-
-MY_PV=${PV/_rc/-RC}
-MY_PV=${MY_PV/_beta/-Beta}
-MY_P=${PN}-${MY_PV}
-
-MY_MAJOR_RELEASE_NUMBER=$(get_version_component_range 1-2)
-MY_MAJORMINOR_RELEASE_NUMBER=$(get_version_component_range 1-3)
-
-# shorewall
-MY_PN_IPV4=Shorewall
-MY_P_IPV4=${MY_PN_IPV4/#S/s}-${MY_PV}
-
-# shorewall6
-MY_PN_IPV6=Shorewall6
-MY_P_IPV6=${MY_PN_IPV6/#S/s}-${MY_PV}
-
-# shorewall-lite
-MY_PN_LITE4=Shorewall-lite
-MY_P_LITE4=${MY_PN_LITE4/#S/s}-${MY_PV}
-
-# shorewall6-lite
-MY_PN_LITE6=Shorewall6-lite
-MY_P_LITE6=${MY_PN_LITE6/#S/s}-${MY_PV}
-
-# shorewall-init
-MY_PN_INIT=Shorewall-init
-MY_P_INIT=${MY_PN_INIT/#S/s}-${MY_PV}
-
-# shorewall-core
-MY_PN_CORE=Shorewall-core
-MY_P_CORE=${MY_PN_CORE/#S/s}-${MY_PV}
-
-# shorewall-docs-html
-MY_PN_DOCS=Shorewall-docs-html
-MY_P_DOCS=${MY_PN_DOCS/#S/s}-${MY_PV}
-
-# Upstream URL schema:
-# Beta:    $MIRROR/pub/shorewall/development/4.6/shorewall-4.6.4-Beta2/shorewall-4.6.4-Beta2.tar.bz2
-# RC:      $MIRROR/pub/shorewall/development/4.6/shorewall-4.6.4-RC1/shorewall-4.6.4-RC1.tar.bz2
-# Release: $MIRROR/pub/shorewall/4.6/shorewall-4.6.3/shorewall-4.6.3.3.tar.bz2
-
-MY_URL_PREFIX=
-MY_URL_SUFFIX=
-if [[ ${MY_PV} = *-Beta* ]] || [[ ${MY_PV} = *-RC* ]]; then
-	MY_URL_PREFIX='development/'
-
-	_tmp_last_index=$(($(get_last_version_component_index ${MY_PV})+1))
-	_tmp_suffix=$(get_version_component_range ${_tmp_last_index} ${MY_PV})
-	if [[ ${_tmp_suffix} = *Beta* ]] || [[ ${_tmp_suffix} = *RC* ]]; then
-		MY_URL_SUFFIX="-${_tmp_suffix}"
-	fi
-
-	# Cleaning up temporary variables
-	unset _tmp_last_index
-	unset _tmp_suffix
-else
-	KEYWORDS="~alpha ~amd64 ~hppa ~ppc ~ppc64 ~sparc ~x86"
-fi
-
-SRC_URI="
-	http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall-core-${MY_PV}.tar.bz2
-	ipv4? ( http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall-${MY_PV}.tar.bz2 )
-	ipv6? ( http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall6-${MY_PV}.tar.bz2 )
-	lite4? ( http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall-lite-${MY_PV}.tar.bz2 )
-	lite6? ( http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall6-lite-${MY_PV}.tar.bz2 )
-	init? ( http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall-init-${MY_PV}.tar.bz2 )
-	doc? ( http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/${MY_P_DOCS}.tar.bz2 )
-"
-
-# - Shorewall6 requires Shorewall
-# - Installing Shorewall-init or just the documentation doesn't make any sense,
-#   that's why we force the user to select at least one "real" Shorewall product
-#
-# See http://shorewall.net/download.htm#Which
-REQUIRED_USE="
-	ipv6? ( ipv4 )
-	|| ( ipv4 lite4 lite6 )
-"
-
-# No build dependencies! Just plain shell scripts...
-DEPEND=""
-
-RDEPEND="
-	>=net-firewall/iptables-1.4.20
-	>=sys-apps/iproute2-3.8.0[-minimal]
-	>=sys-devel/bc-1.06.95
-	ipv4? (
-		>=dev-lang/perl-5.16
-		virtual/perl-Digest-SHA
-	)
-	ipv6? (
-		>=dev-perl/Socket6-0.230.0
-		>=net-firewall/iptables-1.4.20[ipv6]
-		>=sys-apps/iproute2-3.8.0[ipv6]
-	)
-	lite6? (
-		>=net-firewall/iptables-1.4.20[ipv6]
-		>=sys-apps/iproute2-3.8.0[ipv6]
-	)
-	init? ( >=sys-apps/coreutils-8.20 )
-	selinux? ( >=sec-policy/selinux-shorewall-2.20161023-r3 )
-	!net-firewall/shorewall-core
-	!net-firewall/shorewall6
-	!net-firewall/shorewall-lite
-	!net-firewall/shorewall6-lite
-	!net-firewall/shorewall-init
-	!<sys-apps/systemd-214
-"
-
-S=${WORKDIR}
-
-pkg_pretend() {
-	local CONFIG_CHECK="~NF_CONNTRACK"
-
-	local WARNING_CONNTRACK="Without NF_CONNTRACK support, you will be unable"
-	local WARNING_CONNTRACK+=" to run any shorewall-based firewall on the local system."
-
-	if use ipv4 || use lite4; then
-		CONFIG_CHECK="${CONFIG_CHECK} ~NF_CONNTRACK_IPV4"
-
-		local WARNING_CONNTRACK_IPV4="Without NF_CONNTRACK_IPV4 support, you will"
-		local WARNING_CONNTRACK_IPV4+=" be unable to run any shorewall-based IPv4 firewall on the local system."
-	fi
-
-	if use ipv6 || use lite6; then
-		CONFIG_CHECK="${CONFIG_CHECK} ~NF_CONNTRACK_IPV6"
-
-		local WARNING_CONNTRACK_IPV6="Without NF_CONNTRACK_IPV6 support, you will"
-		local WARNING_CONNTRACK_IPV6+=" be unable to run any shorewall-based IPv6 firewall on the local system."
-	fi
-
-	check_extra_config
-}
-
-pkg_setup() {
-	if [[ -n "${DIGEST}" ]]; then
-		einfo "Unsetting environment variable \"DIGEST\" to prevent conflicts with package's \"install.sh\" script ..."
-		unset DIGEST
-	fi
-}
-
-src_prepare() {
-	# We are moving each unpacked source from MY_P_* to MY_PN_*.
-	# This allows us to use patches from upstream and keeps epatch_user working
-
-	einfo "Preparing shorewallrc ..."
-	cp "${FILESDIR}"/shorewallrc-r3 "${S}"/shorewallrc.gentoo || die "Copying shorewallrc failed"
-	eprefixify "${S}"/shorewallrc.gentoo
-	sed -i \
-		-e "s|SERVICEDIR=tbs|SERVICEDIR=$(systemd_get_systemunitdir)|" \
-		"${S}"/shorewallrc.gentoo || die "Failed to update shorewallrc"
-
-	# shorewall-core
-	mv "${S}"/${MY_P_CORE} "${S}"/${MY_PN_CORE} || die "Failed to move '${S}/${MY_P_CORE}' to '${S}/${MY_PN_CORE}'"
-	ebegin "Applying Gentoo-specific changes to ${MY_P_CORE} ..."
-	ln -s ../shorewallrc.gentoo ${MY_PN_CORE}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo"
-	eend 0
-
-	# shorewall
-	if use ipv4; then
-		mv "${S}"/${MY_P_IPV4} "${S}"/${MY_PN_IPV4} || die "Failed to move '${S}/${MY_P_IPV4}' to '${S}/${MY_PN_IPV4}'"
-		ebegin "Applying Gentoo-specific changes to ${MY_P_IPV4}"
-		ln -s ../shorewallrc.gentoo ${MY_PN_IPV4}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo"
-		cp "${FILESDIR}"/shorewall.confd-r1 "${S}"/${MY_PN_IPV4}/default.gentoo || die "Copying shorewall.confd-r1 failed"
-		cp "${FILESDIR}"/shorewall.initd-r3 "${S}"/${MY_PN_IPV4}/init.gentoo.sh || die "Copying shorewall.initd-r2 failed"
-		cp "${FILESDIR}"/shorewall.systemd "${S}"/${MY_PN_IPV4}/gentoo.service || die "Copying shorewall.systemd failed"
-		eend 0
-	fi
-
-	# shorewall6
-	if use ipv6; then
-		mv "${S}"/${MY_P_IPV6} "${S}"/${MY_PN_IPV6} || die "Failed to move '${S}/${MY_P_IPV6}' to '${S}/${MY_PN_IPV6}'"
-		ebegin "Applying Gentoo-specific changes to ${MY_P_IPV6}"
-		ln -s ../shorewallrc.gentoo ${MY_PN_IPV6}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo"
-		cp "${FILESDIR}"/shorewall.confd-r1 "${S}"/${MY_PN_IPV6}/default.gentoo || die "Copying shorewall.confd-r1 failed"
-		cp "${FILESDIR}"/shorewall.initd-r3 "${S}"/${MY_PN_IPV6}/init.gentoo.sh || die "Copying shorewall.initd-r2 failed"
-		cp "${FILESDIR}"/shorewall6.systemd "${S}"/${MY_PN_IPV6}/gentoo.service || die "Copying shorewall6.systemd failed"
-		eend 0
-	fi
-
-	# shorewall-lite
-	if use lite4; then
-		mv "${S}"/${MY_P_LITE4} "${S}"/${MY_PN_LITE4} || die "Failed to move '${S}/${MY_P_LITE4}' to '${S}/${MY_PN_LITE4}'"
-		ebegin "Applying Gentoo-specific changes to ${MY_P_LITE4}"
-		ln -s ../shorewallrc.gentoo ${MY_PN_LITE4}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo"
-		cp "${FILESDIR}"/shorewall-lite.confd-r1 "${S}"/${MY_PN_LITE4}/default.gentoo || die "Copying shorewall-lite.confd-r1 failed"
-		cp "${FILESDIR}"/shorewall-lite.initd-r3 "${S}"/${MY_PN_LITE4}/init.gentoo.sh || die "Copying shorewall-lite.initd-r2 failed"
-		cp "${FILESDIR}"/shorewall-lite.systemd "${S}"/${MY_PN_LITE4}/gentoo.service || die "Copying shorewall-lite.systemd failed"
-		eend 0
-	fi
-
-	# shorewall6-lite
-	if use lite6; then
-		mv "${S}"/${MY_P_LITE6} "${S}"/${MY_PN_LITE6} || die "Failed to move '${S}/${MY_P_LITE6}' to '${S}/${MY_PN_LITE6}'"
-		ebegin "Applying Gentoo-specific changes to ${MY_P_LITE6}"
-		ln -s ../shorewallrc.gentoo ${MY_PN_LITE6}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo"
-		cp "${FILESDIR}"/shorewall-lite.confd-r1 "${S}"/${MY_PN_LITE6}/default.gentoo || die "Copying shorewall-lite.confd-r1 failed"
-		cp "${FILESDIR}"/shorewall-lite.initd-r3 "${S}"/${MY_PN_LITE6}/init.gentoo.sh || die "Copying shorewall-lite.initd-r2 failed"
-		cp "${FILESDIR}"/shorewall6-lite.systemd "${S}"/${MY_PN_LITE6}/gentoo.service || die "Copying shorewall6-lite.systemd failed"
-		eend 0
-	fi
-
-	# shorewall-init
-	if use init; then
-		mv "${S}"/${MY_P_INIT} "${S}"/${MY_PN_INIT} || die "Failed to move '${S}/${MY_P_INIT}' to '${S}/${MY_PN_INIT}'"
-		ebegin "Applying Gentoo-specific changes to ${MY_P_INIT}"
-		ln -s ../shorewallrc.gentoo ${MY_PN_INIT}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo"
-		cp "${FILESDIR}"/shorewall-init.confd "${S}"/${MY_PN_INIT}/default.gentoo || die "Copying shorewall-init.confd failed"
-		cp "${FILESDIR}"/shorewall-init.initd "${S}"/${MY_PN_INIT}/init.gentoo.sh || die "Copying shorewall-init.initd failed"
-		cp "${FILESDIR}"/shorewall-init.systemd "${S}"/${MY_PN_INIT}/gentoo.service || die "Copying shorewall-init.systemd failed"
-		cp "${FILESDIR}"/shorewall-init.readme "${S}"/${MY_PN_INIT}/shorewall-init.README.Gentoo.txt || die "Copying shorewall-init.systemd failed"
-		eend 0
-
-		eprefixify "${S}"/${MY_PN_INIT}/init.gentoo.sh
-
-		cd "${S}"/${MY_PN_INIT} || die
-		eapply -p2 "${FILESDIR}"/shorewall-init-01_remove-ipset-functionality-r1.patch
-		cd "${S}" || die
-	fi
-
-	# shorewall-docs-html
-	if use doc; then
-		mv "${S}"/${MY_P_DOCS} "${S}"/${MY_PN_DOCS} || die "Failed to move '${S}/${MY_P_DOCS}' to '${S}/${MY_PN_DOCS}'"
-	fi
-
-	eapply_user
-}
-
-src_configure() {
-	:;
-}
-
-src_compile() {
-	:;
-}
-
-src_install() {
-	# shorewall-core
-	einfo "Installing ${MY_P_CORE} ..."
-	DESTDIR="${D%/}" ${MY_PN_CORE}/install.sh shorewallrc.gentoo || die "${MY_PN_CORE}/install.sh failed"
-	dodoc "${S}"/${MY_PN_CORE}/changelog.txt "${S}"/${MY_PN_CORE}/releasenotes.txt
-
-	# shorewall
-	if use ipv4; then
-		einfo "Installing ${MY_P_IPV4} ..."
-		DESTDIR="${D%/}" ${MY_PN_IPV4}/install.sh shorewallrc.gentoo || die "${MY_PN_IPV4}/install.sh failed"
-		keepdir /var/lib/shorewall
-
-		if use doc; then
-			dodoc -r "${S}"/${MY_PN_IPV4}/Samples
-		fi
-	fi
-
-	# shorewall6
-	if use ipv6; then
-		einfo "Installing ${MY_P_IPV6} ..."
-		DESTDIR="${D%/}" ${MY_PN_IPV6}/install.sh shorewallrc.gentoo || die "${MY_PN_IPV6}/install.sh failed"
-		keepdir /var/lib/shorewall6
-
-		if use doc; then
-			dodoc -r "${S}"/${MY_PN_IPV6}/Samples6
-		fi
-	fi
-
-	# shorewall-lite
-	if use lite4; then
-		einfo "Installing ${MY_P_LITE4} ..."
-		DESTDIR="${D%/}" ${MY_PN_LITE4}/install.sh shorewallrc.gentoo || die "${MY_PN_LITE4}/install.sh failed"
-		keepdir /var/lib/shorewall-lite
-	fi
-
-	# shorewall6-lite
-	if use lite6; then
-		einfo "Installing ${MY_P_LITE6} ..."
-		DESTDIR="${D%/}" ${MY_PN_LITE6}/install.sh shorewallrc.gentoo || die "${MY_PN_LITE6}/install.sh failed"
-		keepdir /var/lib/shorewall6-lite
-	fi
-
-	# shorewall-init
-	if use init; then
-		einfo "Installing ${MY_P_INIT} ..."
-		DESTDIR="${D%/}" ${MY_PN_INIT}/install.sh shorewallrc.gentoo || die "${MY_PN_INIT}/install.sh failed"
-		dodoc "${S}"/${MY_PN_INIT}/shorewall-init.README.Gentoo.txt
-
-		if [[ -f "${D}etc/logrotate.d/shorewall-init" ]]; then
-			# On Gentoo, shorewall-init will not create shorewall-ifupdown.log,
-			# so we don't need a logrotate configuration file for shorewall-init
-			einfo "Removing unused \"${D}etc/logrotate.d/shorewall-init\" ..."
-			rm -rf "${D}"etc/logrotate.d/shorewall-init || die "Removing \"${D}etc/logrotate.d/shorewall-init\" failed"
-		fi
-
-		if [[ -d "${D}etc/NetworkManager" ]]; then
-			# On Gentoo, we don't support NetworkManager
-			# so we don't need this folder at all
-			einfo "Removing unused \"${D}etc/NetworkManager\" ..."
-			rm -rf "${D}"etc/NetworkManager || die "Removing \"${D}etc/NetworkManager\" failed"
-		fi
-
-		if [[ -f "${D}usr/share/shorewall-init/ifupdown" ]]; then
-			# This script isn't supported on Gentoo
-			rm -rf "${D}"usr/share/shorewall-init/ifupdown || die "Removing \"${D}usr/share/shorewall-init/ifupdown\" failed"
-		fi
-	fi
-
-	if use doc; then
-		einfo "Installing ${MY_P_DOCS} ..."
-		docinto html && dodoc -r "${S}"/${MY_PN_DOCS}/*
-	fi
-}
-
-pkg_postinst() {
-	if [[ -z "${REPLACING_VERSIONS}" ]]; then
-		# This is a new installation
-
-		# Show first steps for shorewall/shorewall6
-		local _PRODUCTS=""
-		if use ipv4; then
-			_PRODUCTS="shorewall"
-
-			if use ipv6; then
-				_PRODUCTS="${_PRODUCTS}/shorewall6"
-			fi
-		fi
-
-		if [[ -n "${_PRODUCTS}" ]]; then
-			elog "Before you can use ${_PRODUCTS}, you need to edit its configuration in:"
-			elog ""
-			elog "  /etc/shorewall/shorewall.conf"
-
-			if use ipv6; then
-				elog "  /etc/shorewall6/shorewall6.conf"
-			fi
-
-			elog ""
-			elog "To activate your shorewall-based firewall on system start, please add ${_PRODUCTS} to your default runlevel:"
-			elog ""
-			elog "  # rc-update add shorewall default"
-
-			if use ipv6; then
-				elog "  # rc-update add shorewall6 default"
-			fi
-		fi
-
-		# Show first steps for shorewall-lite/shorewall6-lite
-		_PRODUCTS=""
-		if use lite4; then
-			_PRODUCTS="shorewall-lite"
-		fi
-
-		if use lite6; then
-			if [[ -z "${_PRODUCTS}" ]]; then
-				_PRODUCTS="shorewall6-lite"
-			else
-				_PRODUCTS="${_PRODUCTS}/shorewall6-lite"
-			fi
-		fi
-
-		if [[ -n "${_PRODUCTS}" ]]; then
-			if use ipv4; then
-				elog ""
-			fi
-
-			elog "Before you can use ${_PRODUCTS}, you need to provide a configuration, which you can"
-			elog "create using ${CATEGORY}/shorewall (with \"ipv4\" and or \"ipv6\" USE flag)."
-			elog ""
-			elog "To read more about ${_PRODUCTS}, please visit"
-			elog "  http://shorewall.net/CompiledPrograms.html"
-			elog ""
-			elog "To activate your shorewall-lite-based firewall on system start, please add ${PRODUCTS} to your default runlevel:"
-			elog ""
-
-			if use lite4; then
-				elog "  # rc-update add shorewall-lite default"
-			fi
-
-			if use lite6; then
-				elog "  # rc-update add shorewall6-lite default"
-			fi
-		fi
-
-		if use init; then
-			elog ""
-			elog "To secure your system on boot, please add shorewall-init to your boot runlevel:"
-			elog ""
-			elog "  # rc-update add shorewall-init boot"
-			elog ""
-			elog "and review \$PRODUCTS in"
-			elog ""
-			elog "  /etc/conf.d/shorewall-init"
-		fi
-
-	fi
-
-	local v
-	for v in ${REPLACING_VERSIONS}; do
-		if ! version_is_at_least ${MY_MAJOR_RELEASE_NUMBER} ${v}; then
-			# This is an upgrade
-
-			elog "You are upgrading from a previous major version. It is highly recommended that you read"
-			elog ""
-			elog "  - /usr/share/doc/shorewall*/releasenotes.tx*"
-			elog "  - http://shorewall.net/Shorewall-5.html#idm214"
-
-			if use ipv4; then
-				elog ""
-				elog "You can auto-migrate your configuration using"
-				elog ""
-				elog "  # shorewall update -A"
-
-				if use ipv6; then
-					elog "  # shorewall6 update -A"
-				fi
-
-				elog ""
-				elog "*after* you have merged the changed files using one of the configuration"
-				elog "files update tools of your choice (dispatch-conf, etc-update...)."
-
-				elog ""
-				elog "But if you are not familiar with the \"shorewall[6] update\" command,"
-				elog "please read the shorewall[6] man page first."
-			fi
-
-			# Show this elog only once
-			break
-		fi
-	done
-
-	if ! use init; then
-		elog ""
-		elog "Consider emerging ${CATEGORY}/${PN} with USE flag \"init\" to secure your system on boot"
-		elog "before your shorewall-based firewall is ready to start."
-		elog ""
-		elog "To read more about shorewall-init, please visit"
-		elog "  http://www.shorewall.net/Shorewall-init.html"
-	fi
-
-	if ! has_version "net-firewall/conntrack-tools"; then
-		elog ""
-		elog "Your Shorewall firewall can utilize \"conntrack\" from the \"net-firewall/conntrack-tools\""
-		elog "package. if you want to use this feature, you need to install \"net-firewall/conntrack-tools\"!"
-	fi
-
-	if ! has_version "dev-perl/Devel-NYTProf"; then
-		elog ""
-		elog "If you want to profile your Shorewall firewall you need to install \"dev-perl/Devel-NYTProf\"!"
-	fi
-}

[gentoo-commits] repo/gentoo:master commit in: net-firewall/shorewall/files/, net-firewall/shorewall/

[Thomas Deutschmann]

commit:     fec9c6797e5c1d6b0234577d7973b896351fce87
Author:     Thomas Deutschmann <whissi <AT> gentoo <DOT> org>
AuthorDate: Sun Oct  7 16:01:27 2018 +0000
Commit:     Thomas Deutschmann <whissi <AT> gentoo <DOT> org>
CommitDate: Sun Oct  7 16:02:20 2018 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=fec9c679

net-firewall/shorewall: bump to v5.2.1

Package-Manager: Portage-2.3.50, Repoman-2.3.11
Signed-off-by: Thomas Deutschmann <whissi <AT> gentoo.org>

 net-firewall/shorewall/Manifest                    |   7 +
 .../shorewall-5.2.1-no-gzipped-manpages.patch      |  28 ++
 .../shorewall-core-5.2.1-no-gzipped-manpages.patch |  16 +
 .../shorewall-lite-5.2.1-no-gzipped-manpages.patch |  26 ++
 net-firewall/shorewall/shorewall-5.2.1.ebuild      | 479 +++++++++++++++++++++
 5 files changed, 556 insertions(+)

diff --git a/net-firewall/shorewall/Manifest b/net-firewall/shorewall/Manifest
index 5dc17102042..65b3e1bc59e 100644
--- a/net-firewall/shorewall/Manifest
+++ b/net-firewall/shorewall/Manifest
@@ -1,7 +1,14 @@
 DIST shorewall-5.2.0.5.tar.bz2 539666 BLAKE2B df4f8680ee29a773f584a1210b40a7047be1a590490a01617b26b71840e488f569ebcf268ba2f6199fb10671925356c4e187a5219ed7784672f6d14b2e90f580 SHA512 8299e0f40ad96c09eceb9460c6088e694e50b7a1b81a16395426466c666eb21dc23236c1ee6cc6047c05ad4a4ba43aac33fc7cb05f5784bf27ac81e5fa4e9059
+DIST shorewall-5.2.1.tar.bz2 550552 BLAKE2B c7b77912f644b3ae1a15a366018bc57da72d23342ec9db4ba282c8bc993f4964b3ce6d783448e2e36a6370fd223e1d14f1b27e9cadfa47024a1dda8109419c7f SHA512 2c408196a142a314f72ea4adb4193fa5cf30300529c41661e157e7b69f2d8448a0c25bcd177f25d6f993494b26068edf48cc0fc8e6a526380726baa33a8e11c8
 DIST shorewall-core-5.2.0.5.tar.bz2 76567 BLAKE2B 078520ef3166d689d559f1c08ae417a2bf5c7fdc3618a26f72b244fa14679634752dffaeebafbd84609e33ec7f1856b701abb297077797abcb14d3264a3bfd25 SHA512 640c854a7484e886cd603742d16682456e02c0054c3d6d5f2188bf30e235ac975fc1ce50af500cf4fb99253a1d13c2408cc72aff54f14aa738e1e80b8d07066a
+DIST shorewall-core-5.2.1.tar.bz2 76562 BLAKE2B 6129e90f9cfca9b36221320eb917f3299dd151d366e2b98d546519330cd5c95511d4a1e7b1a4ea2de046aed2d2a72367f8e3039ad288de89178e161cb16eb5a0 SHA512 4ea3fdec0c4ffb57a7e63334aed3479819079936575928b01399a3c2a8515a4ecf1eb19f1e193849480e6ac84f4c7de9e4c84699765684fb2299bf1b5276a3a8
 DIST shorewall-docs-html-5.2.0.5.tar.bz2 4295236 BLAKE2B 8cef99b3535551e1d4ecdf0d3d1c2b3434c0b91c793f0857bc3f22f0020d80cd49b038c7c4f5d15fe23af14869f1736a69b01978403fe94bc5dac261bd2f5e4d SHA512 5fa3ab52580e8f090ab0be9b1796bef65a41d1a9dc5c9501e3daeba22bad7b28b5306aba5b383c654eed5f7d727a7744812034eeb1ad051633a80b2892096c24
+DIST shorewall-docs-html-5.2.1.tar.bz2 4302517 BLAKE2B a38659f9740da36efe3a2bf844b9686a18bb47476388580d02462aec0715afb1d09d20ffb2ee708550f7288fb7bb36ae8e5f23d902bd126bb2a5c496866e49dd SHA512 c67c621c1fea599c5e1987a7847bed187d8d0571e1b6d42c9fc351022de04b47e4f57030f919b85e8c9fef51829e0b04cbbc14e29a0df6f084c765219d46591c
 DIST shorewall-init-5.2.0.5.tar.bz2 30881 BLAKE2B 92617f17553b6df514cbfc72e86597e9859baa641782848763923ff4c650915cd7fb97f0c71b41d525d6a9d5ebbf10e9918d6a8d682c9c4654de3ba40b54c0ce SHA512 0367ad7468d5a9c0c70d31fdd66c05e54cf747dd45dc1bf2e128935c65af8c2508f033ed2945185059214dd81f5a8fb3f122323fd2bb79d2d642997741167371
+DIST shorewall-init-5.2.1.tar.bz2 31705 BLAKE2B 7f6a6b5266d63e3b0fab99a49f342e8172a20f50471fdcebe07a6c62dc36fcf4d96a041870df815aa5ecf2c421b5d7cb1408c0f54f520295611d54a876150294 SHA512 caba4eebcc576bf261327cb7304aedcaaea7325a34e444b4dd9ce60cd545b479271ea9b7049743ac1499485695d7d0f2a37b127a895cb3d200e6dfb41a21fe17
 DIST shorewall-lite-5.2.0.5.tar.bz2 36651 BLAKE2B 192ecda8b04d0330f0a7bced6136f2723d201cd7c30af80b59bfa81f49614d10c900cf5856296ad854287f3c925e5f78f144698674ec7b8d91065072db4ca53e SHA512 b95154f7614eeedde1fc087750372cadd0c0a9618986741e035a9d83c06d2534feb78edaf6a97e2a45788015e6706f8dac3714ca3b22bd068e792458a3f5af40
+DIST shorewall-lite-5.2.1.tar.bz2 37527 BLAKE2B 5a50d66366b5c4c456fd4291d1413923162cfe24f989df00be5f613089d96402430ec6c6780c78ee5e398cd931c964e8d164efefb4d1531cb870ba65040809be SHA512 111f68c2d59b58e7d344e55b293d78fe2013771be9f8399bea88d9699905f3683931668fad23e7efea1fcae9d3c6381bd9f2073c3f208e81cec958ab19b2510e
 DIST shorewall6-5.2.0.5.tar.bz2 185740 BLAKE2B 846a3fc44a9c0a838cf75671ca34e78dd9758eeee0690d994a34615467b241f0c854e3bb9b818bcfd5e96664ab03e14a7c69affc946dffd1357ad744da41f8d5 SHA512 6875074ed8ee5bce40253a6e2633c422d7c2c1bf860a072236d6197cfe949e455b511a1792d822a8f2351254e99880236267ce70fc1150ca68e87f962b6cc265
+DIST shorewall6-5.2.1.tar.bz2 188322 BLAKE2B 5814433b11001f1e00ce3b124b5ec4ca6b1909ec00f966cb5fc93c34207325853249964492eb03f1f3c73cfc9c1b42def9578e507395395dd067f236475215b5 SHA512 b5dd5c4bf014c24a8a8bb4dc38b45dc92749182091b572340e1aef12d0aaeeb1dc436716b449cc1de34c74c6e4d590cc8cbe6b73aa3c614e8c9c37d7fa7a00a6
 DIST shorewall6-lite-5.2.0.5.tar.bz2 36370 BLAKE2B 212cee0313c3bbf08c8d22893c5b62125d0362eb66218dc954bc05d0e082fdb4dab209a05948300394943dcd97f698c1e02310ec54cc88fb72bd24d4383776f7 SHA512 18bcbaf3bd56aaadb8d42610d4868278f42299e5a022ac5732f730b34ed7d97f7cd013f1c9374f0a6afc809250288490d94d2b4e02e4bf5edf2542bff99150e4
+DIST shorewall6-lite-5.2.1.tar.bz2 37244 BLAKE2B 4fcd5a1b65b15a7c4214b079677f6ee3604d1a718fe6a4710d42085434af64bcef9db57135b0c6b0e6678dba6272a4341330e47b8a6917c759e450091c7d1b5a SHA512 ca807bf0d59db09439d80725e6eeafb7795346bd030fe8598dcccc4fc93a57819715c33c73035c1819a9eba93efe69e058be1377fcd9adf135a0a08f6ff3e481

diff --git a/net-firewall/shorewall/files/shorewall-5.2.1-no-gzipped-manpages.patch b/net-firewall/shorewall/files/shorewall-5.2.1-no-gzipped-manpages.patch
new file mode 100644
index 00000000000..386a55dfbad
--- /dev/null
+++ b/net-firewall/shorewall/files/shorewall-5.2.1-no-gzipped-manpages.patch
@@ -0,0 +1,28 @@
+diff --git a/install.sh b/install.sh
+index bd89420..6ad695e 100755
+--- a/install.sh
++++ b/install.sh
+@@ -1179,9 +1179,8 @@ if [ ${PRODUCT} = shorewall ]; then
+     [ -n "$INSTALLD" ] || make_parent_directory ${DESTDIR}${MANDIR}/man5 0755
+ 
+     for f in *.5; do
+-	gzip -9c $f > $f.gz
+-	run_install $INSTALLD  -m 0644 $f.gz ${DESTDIR}${MANDIR}/man5/$f.gz
+-	echo "Man page $f.gz installed to ${DESTDIR}${MANDIR}/man5/$f.gz"
++	run_install $INSTALLD  -m 0644 $f ${DESTDIR}${MANDIR}/man5/$f
++	echo "Man page $f installed to ${DESTDIR}${MANDIR}/man5/$f"
+     done
+ fi
+ 
+@@ -1212,9 +1211,8 @@ fi
+ [ -n "$INSTALLD" ] || make_parent_directory ${DESTDIR}${MANDIR}/man8 0755
+ 
+ for f in *.8; do
+-    gzip -9c $f > $f.gz
+-    run_install $INSTALLD  -m 0644 $f.gz ${DESTDIR}${MANDIR}/man8/$f.gz
+-    echo "Man page $f.gz installed to ${DESTDIR}${MANDIR}/man8/$f.gz"
++    run_install $INSTALLD  -m 0644 $f ${DESTDIR}${MANDIR}/man8/$f
++    echo "Man page $f installed to ${DESTDIR}${MANDIR}/man8/$f"
+ done
+ 
+ cd ..

diff --git a/net-firewall/shorewall/files/shorewall-core-5.2.1-no-gzipped-manpages.patch b/net-firewall/shorewall/files/shorewall-core-5.2.1-no-gzipped-manpages.patch
new file mode 100644
index 00000000000..52ef4104075
--- /dev/null
+++ b/net-firewall/shorewall/files/shorewall-core-5.2.1-no-gzipped-manpages.patch
@@ -0,0 +1,16 @@
+diff --git a/install.sh b/install.sh
+index fd7f8f6..3872cc7 100755
+--- a/install.sh
++++ b/install.sh
+@@ -353,9 +353,8 @@ if [ -n "$MANDIR" ]; then
+     [ -n "$INSTALLD" ] || make_parent_directory ${DESTDIR}${MANDIR}/man8 0755
+ 
+     for f in *.8; do
+-	gzip -9c $f > $f.gz
+-	install_file $f.gz ${DESTDIR}${MANDIR}/man8/$f.gz 0644
+-	echo "Man page $f.gz installed to ${DESTDIR}${MANDIR}/man8/$f.gz"
++	install_file $f ${DESTDIR}${MANDIR}/man8/$f 0644
++	echo "Man page $f installed to ${DESTDIR}${MANDIR}/man8/$f"
+     done
+ 
+     cd ..

diff --git a/net-firewall/shorewall/files/shorewall-lite-5.2.1-no-gzipped-manpages.patch b/net-firewall/shorewall/files/shorewall-lite-5.2.1-no-gzipped-manpages.patch
new file mode 100644
index 00000000000..7f6a91ce4df
--- /dev/null
+++ b/net-firewall/shorewall/files/shorewall-lite-5.2.1-no-gzipped-manpages.patch
@@ -0,0 +1,26 @@
+diff --git a/install.sh b/install.sh
+index f66810a..051b861 100755
+--- a/install.sh
++++ b/install.sh
+@@ -448,17 +448,15 @@ if [ -d manpages -a -n "$MANDIR" ]; then
+     make_parent_directory ${DESTDIR}${MANDIR}/man5 0755
+ 
+     for f in *.5; do
+-	gzip -c $f > $f.gz
+-	install_file $f.gz ${DESTDIR}${MANDIR}/man5/$f.gz 0644
+-	echo "Man page $f.gz installed to ${DESTDIR}${MANDIR}/man5/$f.gz"
++	install_file $f ${DESTDIR}${MANDIR}/man5/$f 0644
++	echo "Man page $f installed to ${DESTDIR}${MANDIR}/man5/$f"
+     done
+ 
+     make_parent_directory ${DESTDIR}${MANDIR}/man8 0755
+ 
+     for f in *.8; do
+-	gzip -c $f > $f.gz
+-	install_file $f.gz ${DESTDIR}${MANDIR}/man8/$f.gz 0644
+-	echo "Man page $f.gz installed to ${DESTDIR}${MANDIR}/man8/$f.gz"
++	install_file $f ${DESTDIR}${MANDIR}/man8/$f 0644
++	echo "Man page $f installed to ${DESTDIR}${MANDIR}/man8/$f"
+     done
+ 
+     cd ..

diff --git a/net-firewall/shorewall/shorewall-5.2.1.ebuild b/net-firewall/shorewall/shorewall-5.2.1.ebuild
new file mode 100644
index 00000000000..1666426f5c3
--- /dev/null
+++ b/net-firewall/shorewall/shorewall-5.2.1.ebuild
@@ -0,0 +1,479 @@
+# Copyright 1999-2018 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI="6"
+
+inherit linux-info prefix systemd versionator
+
+DESCRIPTION='A high-level tool for configuring Netfilter'
+HOMEPAGE="http://www.shorewall.net/"
+LICENSE="GPL-2"
+SLOT="0"
+IUSE="doc +init +ipv4 ipv6 lite4 lite6 selinux"
+
+MY_PV=${PV/_rc/-RC}
+MY_PV=${MY_PV/_beta/-Beta}
+MY_P=${PN}-${MY_PV}
+
+MY_MAJOR_RELEASE_NUMBER=$(get_version_component_range 1-2)
+MY_MAJORMINOR_RELEASE_NUMBER=$(get_version_component_range 1-3)
+
+# shorewall
+MY_PN_IPV4=Shorewall
+MY_P_IPV4=${MY_PN_IPV4/#S/s}-${MY_PV}
+
+# shorewall6
+MY_PN_IPV6=Shorewall6
+MY_P_IPV6=${MY_PN_IPV6/#S/s}-${MY_PV}
+
+# shorewall-lite
+MY_PN_LITE4=Shorewall-lite
+MY_P_LITE4=${MY_PN_LITE4/#S/s}-${MY_PV}
+
+# shorewall6-lite
+MY_PN_LITE6=Shorewall6-lite
+MY_P_LITE6=${MY_PN_LITE6/#S/s}-${MY_PV}
+
+# shorewall-init
+MY_PN_INIT=Shorewall-init
+MY_P_INIT=${MY_PN_INIT/#S/s}-${MY_PV}
+
+# shorewall-core
+MY_PN_CORE=Shorewall-core
+MY_P_CORE=${MY_PN_CORE/#S/s}-${MY_PV}
+
+# shorewall-docs-html
+MY_PN_DOCS=Shorewall-docs-html
+MY_P_DOCS=${MY_PN_DOCS/#S/s}-${MY_PV}
+
+# Upstream URL schema:
+# Beta:    $MIRROR/pub/shorewall/development/4.6/shorewall-4.6.4-Beta2/shorewall-4.6.4-Beta2.tar.bz2
+# RC:      $MIRROR/pub/shorewall/development/4.6/shorewall-4.6.4-RC1/shorewall-4.6.4-RC1.tar.bz2
+# Release: $MIRROR/pub/shorewall/4.6/shorewall-4.6.3/shorewall-4.6.3.3.tar.bz2
+
+MY_URL_PREFIX=
+MY_URL_SUFFIX=
+if [[ ${MY_PV} = *-Beta* ]] || [[ ${MY_PV} = *-RC* ]]; then
+	MY_URL_PREFIX='development/'
+
+	_tmp_last_index=$(($(get_last_version_component_index ${MY_PV})+1))
+	_tmp_suffix=$(get_version_component_range ${_tmp_last_index} ${MY_PV})
+	if [[ ${_tmp_suffix} = *Beta* ]] || [[ ${_tmp_suffix} = *RC* ]]; then
+		MY_URL_SUFFIX="-${_tmp_suffix}"
+	fi
+
+	# Cleaning up temporary variables
+	unset _tmp_last_index
+	unset _tmp_suffix
+else
+	KEYWORDS="~alpha ~amd64 ~hppa ~ppc ~ppc64 ~sparc ~x86"
+fi
+
+SRC_URI="
+	http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall-core-${MY_PV}.tar.bz2
+	ipv4? ( http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall-${MY_PV}.tar.bz2 )
+	ipv6? ( http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall6-${MY_PV}.tar.bz2 )
+	lite4? ( http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall-lite-${MY_PV}.tar.bz2 )
+	lite6? ( http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall6-lite-${MY_PV}.tar.bz2 )
+	init? ( http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall-init-${MY_PV}.tar.bz2 )
+	doc? ( http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/${MY_P_DOCS}.tar.bz2 )
+"
+
+# - Shorewall6 requires Shorewall
+# - Installing Shorewall-init or just the documentation doesn't make any sense,
+#   that's why we force the user to select at least one "real" Shorewall product
+#
+# See http://shorewall.net/download.htm#Which
+REQUIRED_USE="
+	ipv6? ( ipv4 )
+	|| ( ipv4 lite4 lite6 )
+"
+
+# No build dependencies! Just plain shell scripts...
+DEPEND=""
+
+RDEPEND="
+	>=net-firewall/iptables-1.4.20
+	>=sys-apps/iproute2-3.8.0[-minimal]
+	>=sys-devel/bc-1.06.95
+	ipv4? (
+		>=dev-lang/perl-5.16
+		virtual/perl-Digest-SHA
+	)
+	ipv6? (
+		>=dev-perl/Socket6-0.230.0
+		>=net-firewall/iptables-1.4.20[ipv6]
+		>=sys-apps/iproute2-3.8.0[ipv6]
+	)
+	lite6? (
+		>=net-firewall/iptables-1.4.20[ipv6]
+		>=sys-apps/iproute2-3.8.0[ipv6]
+	)
+	init? ( >=sys-apps/coreutils-8.20 )
+	selinux? ( >=sec-policy/selinux-shorewall-2.20161023-r3 )
+	!net-firewall/shorewall-core
+	!net-firewall/shorewall6
+	!net-firewall/shorewall-lite
+	!net-firewall/shorewall6-lite
+	!net-firewall/shorewall-init
+	!<sys-apps/systemd-214
+"
+
+S=${WORKDIR}
+
+pkg_pretend() {
+	local CONFIG_CHECK="~NF_CONNTRACK"
+
+	local WARNING_CONNTRACK="Without NF_CONNTRACK support, you will be unable"
+	local WARNING_CONNTRACK+=" to run any shorewall-based firewall on the local system."
+
+	if use ipv4 || use lite4; then
+		CONFIG_CHECK="${CONFIG_CHECK} ~NF_CONNTRACK_IPV4"
+
+		local WARNING_CONNTRACK_IPV4="Without NF_CONNTRACK_IPV4 support, you will"
+		local WARNING_CONNTRACK_IPV4+=" be unable to run any shorewall-based IPv4 firewall on the local system."
+	fi
+
+	if use ipv6 || use lite6; then
+		CONFIG_CHECK="${CONFIG_CHECK} ~NF_CONNTRACK_IPV6"
+
+		local WARNING_CONNTRACK_IPV6="Without NF_CONNTRACK_IPV6 support, you will"
+		local WARNING_CONNTRACK_IPV6+=" be unable to run any shorewall-based IPv6 firewall on the local system."
+	fi
+
+	check_extra_config
+}
+
+pkg_setup() {
+	if [[ -n "${DIGEST}" ]]; then
+		einfo "Unsetting environment variable \"DIGEST\" to prevent conflicts with package's \"install.sh\" script ..."
+		unset DIGEST
+	fi
+}
+
+src_prepare() {
+	# We are moving each unpacked source from MY_P_* to MY_PN_*.
+	# This allows us to use patches from upstream and keeps epatch_user working
+
+	einfo "Preparing shorewallrc ..."
+	cp "${FILESDIR}"/shorewallrc-r3 "${S}"/shorewallrc.gentoo || die "Copying shorewallrc failed"
+	eprefixify "${S}"/shorewallrc.gentoo
+	sed -i \
+		-e "s|SERVICEDIR=tbs|SERVICEDIR=$(systemd_get_systemunitdir)|" \
+		"${S}"/shorewallrc.gentoo || die "Failed to update shorewallrc"
+
+	# shorewall-core
+	mv "${S}"/${MY_P_CORE} "${S}"/${MY_PN_CORE} || die "Failed to move '${S}/${MY_P_CORE}' to '${S}/${MY_PN_CORE}'"
+	ebegin "Applying Gentoo-specific changes to ${MY_P_CORE} ..."
+	ln -s ../shorewallrc.gentoo ${MY_PN_CORE}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo"
+	eend 0
+
+	pushd "${S}"/${MY_PN_CORE} &>/dev/null || die
+	eapply "${FILESDIR}"/shorewall-core-5.2.1-no-gzipped-manpages.patch
+	popd &>/dev/null || die
+
+	# shorewall
+	if use ipv4; then
+		mv "${S}"/${MY_P_IPV4} "${S}"/${MY_PN_IPV4} || die "Failed to move '${S}/${MY_P_IPV4}' to '${S}/${MY_PN_IPV4}'"
+		ebegin "Applying Gentoo-specific changes to ${MY_P_IPV4}"
+		ln -s ../shorewallrc.gentoo ${MY_PN_IPV4}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo"
+		cp "${FILESDIR}"/shorewall.confd-r1 "${S}"/${MY_PN_IPV4}/default.gentoo || die "Copying shorewall.confd-r1 failed"
+		cp "${FILESDIR}"/shorewall.initd-r3 "${S}"/${MY_PN_IPV4}/init.gentoo.sh || die "Copying shorewall.initd-r2 failed"
+		cp "${FILESDIR}"/shorewall.systemd "${S}"/${MY_PN_IPV4}/gentoo.service || die "Copying shorewall.systemd failed"
+		eend 0
+
+		pushd "${S}"/${MY_PN_IPV4} &>/dev/null || die
+		eapply "${FILESDIR}"/shorewall-5.2.1-no-gzipped-manpages.patch
+		popd &>/dev/null || die
+	fi
+
+	# shorewall6
+	if use ipv6; then
+		mv "${S}"/${MY_P_IPV6} "${S}"/${MY_PN_IPV6} || die "Failed to move '${S}/${MY_P_IPV6}' to '${S}/${MY_PN_IPV6}'"
+		ebegin "Applying Gentoo-specific changes to ${MY_P_IPV6}"
+		ln -s ../shorewallrc.gentoo ${MY_PN_IPV6}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo"
+		cp "${FILESDIR}"/shorewall.confd-r1 "${S}"/${MY_PN_IPV6}/default.gentoo || die "Copying shorewall.confd-r1 failed"
+		cp "${FILESDIR}"/shorewall.initd-r3 "${S}"/${MY_PN_IPV6}/init.gentoo.sh || die "Copying shorewall.initd-r2 failed"
+		cp "${FILESDIR}"/shorewall6.systemd "${S}"/${MY_PN_IPV6}/gentoo.service || die "Copying shorewall6.systemd failed"
+		eend 0
+
+		pushd "${S}"/${MY_PN_IPV6} &>/dev/null || die
+		eapply "${FILESDIR}"/shorewall-5.2.1-no-gzipped-manpages.patch
+		popd &>/dev/null || die
+	fi
+
+	# shorewall-lite
+	if use lite4; then
+		mv "${S}"/${MY_P_LITE4} "${S}"/${MY_PN_LITE4} || die "Failed to move '${S}/${MY_P_LITE4}' to '${S}/${MY_PN_LITE4}'"
+		ebegin "Applying Gentoo-specific changes to ${MY_P_LITE4}"
+		ln -s ../shorewallrc.gentoo ${MY_PN_LITE4}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo"
+		cp "${FILESDIR}"/shorewall-lite.confd-r1 "${S}"/${MY_PN_LITE4}/default.gentoo || die "Copying shorewall-lite.confd-r1 failed"
+		cp "${FILESDIR}"/shorewall-lite.initd-r3 "${S}"/${MY_PN_LITE4}/init.gentoo.sh || die "Copying shorewall-lite.initd-r2 failed"
+		cp "${FILESDIR}"/shorewall-lite.systemd "${S}"/${MY_PN_LITE4}/gentoo.service || die "Copying shorewall-lite.systemd failed"
+		eend 0
+
+		pushd "${S}"/${MY_PN_LITE4} &>/dev/null || die
+		eapply "${FILESDIR}"/shorewall-lite-5.2.1-no-gzipped-manpages.patch
+		popd &>/dev/null || die
+	fi
+
+	# shorewall6-lite
+	if use lite6; then
+		mv "${S}"/${MY_P_LITE6} "${S}"/${MY_PN_LITE6} || die "Failed to move '${S}/${MY_P_LITE6}' to '${S}/${MY_PN_LITE6}'"
+		ebegin "Applying Gentoo-specific changes to ${MY_P_LITE6}"
+		ln -s ../shorewallrc.gentoo ${MY_PN_LITE6}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo"
+		cp "${FILESDIR}"/shorewall-lite.confd-r1 "${S}"/${MY_PN_LITE6}/default.gentoo || die "Copying shorewall-lite.confd-r1 failed"
+		cp "${FILESDIR}"/shorewall-lite.initd-r3 "${S}"/${MY_PN_LITE6}/init.gentoo.sh || die "Copying shorewall-lite.initd-r2 failed"
+		cp "${FILESDIR}"/shorewall6-lite.systemd "${S}"/${MY_PN_LITE6}/gentoo.service || die "Copying shorewall6-lite.systemd failed"
+		eend 0
+
+		pushd "${S}"/${MY_PN_LITE6} &>/dev/null || die
+		eapply "${FILESDIR}"/shorewall-lite-5.2.1-no-gzipped-manpages.patch
+		popd &>/dev/null || die
+	fi
+
+	# shorewall-init
+	if use init; then
+		mv "${S}"/${MY_P_INIT} "${S}"/${MY_PN_INIT} || die "Failed to move '${S}/${MY_P_INIT}' to '${S}/${MY_PN_INIT}'"
+		ebegin "Applying Gentoo-specific changes to ${MY_P_INIT}"
+		ln -s ../shorewallrc.gentoo ${MY_PN_INIT}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo"
+		cp "${FILESDIR}"/shorewall-init.confd "${S}"/${MY_PN_INIT}/default.gentoo || die "Copying shorewall-init.confd failed"
+		cp "${FILESDIR}"/shorewall-init.initd "${S}"/${MY_PN_INIT}/init.gentoo.sh || die "Copying shorewall-init.initd failed"
+		cp "${FILESDIR}"/shorewall-init.systemd "${S}"/${MY_PN_INIT}/gentoo.service || die "Copying shorewall-init.systemd failed"
+		cp "${FILESDIR}"/shorewall-init.readme "${S}"/${MY_PN_INIT}/shorewall-init.README.Gentoo.txt || die "Copying shorewall-init.systemd failed"
+		eend 0
+
+		eprefixify "${S}"/${MY_PN_INIT}/init.gentoo.sh
+
+		pushd "${S}"/${MY_PN_INIT} &>/dev/null || die
+		eapply -p2 "${FILESDIR}"/shorewall-init-01_remove-ipset-functionality-r1.patch
+		popd &>/dev/null || die
+	fi
+
+	# shorewall-docs-html
+	if use doc; then
+		mv "${S}"/${MY_P_DOCS} "${S}"/${MY_PN_DOCS} || die "Failed to move '${S}/${MY_P_DOCS}' to '${S}/${MY_PN_DOCS}'"
+	fi
+
+	eapply_user
+}
+
+src_configure() {
+	:;
+}
+
+src_compile() {
+	:;
+}
+
+src_install() {
+	# shorewall-core
+	einfo "Installing ${MY_P_CORE} ..."
+	DESTDIR="${D%/}" ${MY_PN_CORE}/install.sh shorewallrc.gentoo || die "${MY_PN_CORE}/install.sh failed"
+	dodoc "${S}"/${MY_PN_CORE}/changelog.txt "${S}"/${MY_PN_CORE}/releasenotes.txt
+
+	# shorewall
+	if use ipv4; then
+		einfo "Installing ${MY_P_IPV4} ..."
+		DESTDIR="${D%/}" ${MY_PN_IPV4}/install.sh shorewallrc.gentoo || die "${MY_PN_IPV4}/install.sh failed"
+		keepdir /var/lib/shorewall
+
+		if use doc; then
+			dodoc -r "${S}"/${MY_PN_IPV4}/Samples
+		fi
+	fi
+
+	# shorewall6
+	if use ipv6; then
+		einfo "Installing ${MY_P_IPV6} ..."
+		DESTDIR="${D%/}" ${MY_PN_IPV6}/install.sh shorewallrc.gentoo || die "${MY_PN_IPV6}/install.sh failed"
+		keepdir /var/lib/shorewall6
+
+		if use doc; then
+			dodoc -r "${S}"/${MY_PN_IPV6}/Samples6
+		fi
+	fi
+
+	# shorewall-lite
+	if use lite4; then
+		einfo "Installing ${MY_P_LITE4} ..."
+		DESTDIR="${D%/}" ${MY_PN_LITE4}/install.sh shorewallrc.gentoo || die "${MY_PN_LITE4}/install.sh failed"
+		keepdir /var/lib/shorewall-lite
+	fi
+
+	# shorewall6-lite
+	if use lite6; then
+		einfo "Installing ${MY_P_LITE6} ..."
+		DESTDIR="${D%/}" ${MY_PN_LITE6}/install.sh shorewallrc.gentoo || die "${MY_PN_LITE6}/install.sh failed"
+		keepdir /var/lib/shorewall6-lite
+	fi
+
+	# shorewall-init
+	if use init; then
+		einfo "Installing ${MY_P_INIT} ..."
+		DESTDIR="${D%/}" ${MY_PN_INIT}/install.sh shorewallrc.gentoo || die "${MY_PN_INIT}/install.sh failed"
+		dodoc "${S}"/${MY_PN_INIT}/shorewall-init.README.Gentoo.txt
+
+		if [[ -f "${D}etc/logrotate.d/shorewall-init" ]]; then
+			# On Gentoo, shorewall-init will not create shorewall-ifupdown.log,
+			# so we don't need a logrotate configuration file for shorewall-init
+			einfo "Removing unused \"${D}etc/logrotate.d/shorewall-init\" ..."
+			rm -rf "${D}"etc/logrotate.d/shorewall-init || die "Removing \"${D}etc/logrotate.d/shorewall-init\" failed"
+		fi
+
+		if [[ -d "${D}etc/NetworkManager" ]]; then
+			# On Gentoo, we don't support NetworkManager
+			# so we don't need this folder at all
+			einfo "Removing unused \"${D}etc/NetworkManager\" ..."
+			rm -rf "${D}"etc/NetworkManager || die "Removing \"${D}etc/NetworkManager\" failed"
+		fi
+
+		if [[ -f "${D}usr/share/shorewall-init/ifupdown" ]]; then
+			# This script isn't supported on Gentoo
+			rm -rf "${D}"usr/share/shorewall-init/ifupdown || die "Removing \"${D}usr/share/shorewall-init/ifupdown\" failed"
+		fi
+	fi
+
+	if use doc; then
+		einfo "Installing ${MY_P_DOCS} ..."
+		docinto html && dodoc -r "${S}"/${MY_PN_DOCS}/*
+	fi
+}
+
+pkg_postinst() {
+	if [[ -z "${REPLACING_VERSIONS}" ]]; then
+		# This is a new installation
+
+		# Show first steps for shorewall/shorewall6
+		local _PRODUCTS=""
+		if use ipv4; then
+			_PRODUCTS="shorewall"
+
+			if use ipv6; then
+				_PRODUCTS="${_PRODUCTS}/shorewall6"
+			fi
+		fi
+
+		if [[ -n "${_PRODUCTS}" ]]; then
+			elog "Before you can use ${_PRODUCTS}, you need to edit its configuration in:"
+			elog ""
+			elog "  /etc/shorewall/shorewall.conf"
+
+			if use ipv6; then
+				elog "  /etc/shorewall6/shorewall6.conf"
+			fi
+
+			elog ""
+			elog "To activate your shorewall-based firewall on system start, please add ${_PRODUCTS} to your default runlevel:"
+			elog ""
+			elog "  # rc-update add shorewall default"
+
+			if use ipv6; then
+				elog "  # rc-update add shorewall6 default"
+			fi
+		fi
+
+		# Show first steps for shorewall-lite/shorewall6-lite
+		_PRODUCTS=""
+		if use lite4; then
+			_PRODUCTS="shorewall-lite"
+		fi
+
+		if use lite6; then
+			if [[ -z "${_PRODUCTS}" ]]; then
+				_PRODUCTS="shorewall6-lite"
+			else
+				_PRODUCTS="${_PRODUCTS}/shorewall6-lite"
+			fi
+		fi
+
+		if [[ -n "${_PRODUCTS}" ]]; then
+			if use ipv4; then
+				elog ""
+			fi
+
+			elog "Before you can use ${_PRODUCTS}, you need to provide a configuration, which you can"
+			elog "create using ${CATEGORY}/shorewall (with \"ipv4\" and or \"ipv6\" USE flag)."
+			elog ""
+			elog "To read more about ${_PRODUCTS}, please visit"
+			elog "  http://shorewall.net/CompiledPrograms.html"
+			elog ""
+			elog "To activate your shorewall-lite-based firewall on system start, please add ${PRODUCTS} to your default runlevel:"
+			elog ""
+
+			if use lite4; then
+				elog "  # rc-update add shorewall-lite default"
+			fi
+
+			if use lite6; then
+				elog "  # rc-update add shorewall6-lite default"
+			fi
+		fi
+
+		if use init; then
+			elog ""
+			elog "To secure your system on boot, please add shorewall-init to your boot runlevel:"
+			elog ""
+			elog "  # rc-update add shorewall-init boot"
+			elog ""
+			elog "and review \$PRODUCTS in"
+			elog ""
+			elog "  /etc/conf.d/shorewall-init"
+		fi
+
+	fi
+
+	local v
+	for v in ${REPLACING_VERSIONS}; do
+		if ! version_is_at_least ${MY_MAJOR_RELEASE_NUMBER} ${v}; then
+			# This is an upgrade
+
+			elog "You are upgrading from a previous major version. It is highly recommended that you read"
+			elog ""
+			elog "  - /usr/share/doc/shorewall*/releasenotes.tx*"
+			elog "  - http://shorewall.net/Shorewall-5.html#idm214"
+
+			if use ipv4; then
+				elog ""
+				elog "You can auto-migrate your configuration using"
+				elog ""
+				elog "  # shorewall update -A"
+
+				if use ipv6; then
+					elog "  # shorewall6 update -A"
+				fi
+
+				elog ""
+				elog "*after* you have merged the changed files using one of the configuration"
+				elog "files update tools of your choice (dispatch-conf, etc-update...)."
+
+				elog ""
+				elog "But if you are not familiar with the \"shorewall[6] update\" command,"
+				elog "please read the shorewall[6] man page first."
+			fi
+
+			# Show this elog only once
+			break
+		fi
+	done
+
+	if ! use init; then
+		elog ""
+		elog "Consider emerging ${CATEGORY}/${PN} with USE flag \"init\" to secure your system on boot"
+		elog "before your shorewall-based firewall is ready to start."
+		elog ""
+		elog "To read more about shorewall-init, please visit"
+		elog "  http://www.shorewall.net/Shorewall-init.html"
+	fi
+
+	if ! has_version "net-firewall/conntrack-tools"; then
+		elog ""
+		elog "Your Shorewall firewall can utilize \"conntrack\" from the \"net-firewall/conntrack-tools\""
+		elog "package. if you want to use this feature, you need to install \"net-firewall/conntrack-tools\"!"
+	fi
+
+	if ! has_version "dev-perl/Devel-NYTProf"; then
+		elog ""
+		elog "If you want to profile your Shorewall firewall you need to install \"dev-perl/Devel-NYTProf\"!"
+	fi
+}

[gentoo-commits] repo/gentoo:master commit in: net-firewall/shorewall/files/, net-firewall/shorewall/

[Thomas Deutschmann]

commit:     bc799db9019371d64eedd4c4e1ec430455de2323
Author:     Thomas Deutschmann <whissi <AT> gentoo <DOT> org>
AuthorDate: Tue Apr 28 22:37:54 2020 +0000
Commit:     Thomas Deutschmann <whissi <AT> gentoo <DOT> org>
CommitDate: Tue Apr 28 23:00:43 2020 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=bc799db9

net-firewall/shorewall: bump to v5.2.4.3

Package-Manager: Portage-2.3.99, Repoman-2.3.22
Signed-off-by: Thomas Deutschmann <whissi <AT> gentoo.org>

 net-firewall/shorewall/Manifest                    |   7 +
 ...all-init-01_remove-ipset-functionality-r2.patch |  29 ++
 net-firewall/shorewall/shorewall-5.2.4.3.ebuild    | 482 +++++++++++++++++++++
 3 files changed, 518 insertions(+)

diff --git a/net-firewall/shorewall/Manifest b/net-firewall/shorewall/Manifest
index fa732cee324..8838edf4288 100644
--- a/net-firewall/shorewall/Manifest
+++ b/net-firewall/shorewall/Manifest
@@ -1,14 +1,21 @@
 DIST shorewall-5.2.3.7.tar.bz2 579234 BLAKE2B 968d9f23f9d66d1326dfd9c0b989959a1a8449f6dd3230d9191cb3f3be805065fe4d1ab5e7bd679b5da7ebbf625654dc0a878a4ebc6346e51a9d2588102e52b5 SHA512 c0f90d5cbbc6a9cad443b3ecfedda79bee71f79685049c421d8bba3826e5c874c7c31f09f243d3728514684983a27c8d4ac6854b55766fbcf34f6937f8ab28bd
+DIST shorewall-5.2.4.3.tar.bz2 581048 BLAKE2B 3d7af20eed72ebb88bfd4958d6421127f2084988f382f9ee9f56fc402dcf257d93cc9c525a2648d4ff12bd5f4f2f437623da146bcc9732a4f33f6342fd80f3b6 SHA512 a162a2c97b4bee35a7cb2d47c68ab6698bad77a20f976bd35264e4bf7a27c86acc55f95d7fb1022bc2956883d3539db1421b6112c222581ec80009e31a824b22
 DIST shorewall-5.2.4.tar.bz2 579480 BLAKE2B 5bbca22cfa11dc482859c2703d54f35f55f1c8db46286c3480879eb47d562358a73412f0ba3ba4af9d3763c838608269a70668daf30accb07314245308f46022 SHA512 2eee8b8e86aef29f646f324dcbd156eae7a687db179361e03172ef4792f2665fd3623830028a748ea3506ffbb2f59afa9f7deba7862643aff7628857aa2ac63c
 DIST shorewall-core-5.2.3.7.tar.bz2 71454 BLAKE2B 3df2b99dfbde169a817f4a5f45876c07dbdcda432763c1227fd86d9f2e2556c639595db9c57f195a404535c72f33ae1211aee080e5df37c342f6ebd4be2a5994 SHA512 e708ee48bc087cef24959b22430c8d8814d5c2f9315988c410e6fa59b4dca9c8b48501fea9515115e760d902d9e9719f33c1310d91a83550030a8768efd18751
+DIST shorewall-core-5.2.4.3.tar.bz2 73000 BLAKE2B 642a15ba63be8a530072881dc6baa9693103c5592f2203648768aebd997cfb0af252801175121426fa07098180de9d81f79ce0bee059ac74b26ed6048c9c421f SHA512 67e3ab499cf5859875e78bc7869e2697de5564775eb33c3090387f7816a18a3059bc2632e70409e2327e7ab8b1ac311d7c8b0694b9c43f22853478b45b0110f6
 DIST shorewall-core-5.2.4.tar.bz2 71532 BLAKE2B edd3762b39db162775e05d30e3ddeac244ca4375ee74bc1581af85879ddcfda22e6cae7b1357ddf5b0df615a4f5072457b1e34918bde5cb43273b21dd60f76ba SHA512 40add35f175abd62ede0b0b8f84151d7a81d56bcc3d622ed9ac676e382bd33cfee648da205f23ead462b5e6e577784c79ffdcdde5f45c731c6d93c11788d982d
 DIST shorewall-docs-html-5.2.3.7.tar.bz2 4293387 BLAKE2B 6a0ffe8eac171c13961fcf448932b7287cdca3e1da895020d5551d135fe542ca8dba3e0cba7f505ec9a204649dd5fd9849613bbb30d2970a45f321b46aa74ba5 SHA512 19c5bb80f40c9df8262e6ee00908f64d3e2d489c734bdecf6faec5f8d23bf3b6201ed21673900a2906053bc7d59872b7974262caf9883207126a082bbb2cb281
+DIST shorewall-docs-html-5.2.4.3.tar.bz2 4294125 BLAKE2B 79a81237fdafc4030b5aa9d85f10c584467389d16382120758c3bc3f5143eaaf8482424a56c5e5b827a23ac170d899a244b19e41f7c0035fb841b6f9846dfe0d SHA512 0b0e955ee91059702d081600a138aefa3a7bbc731cf7e302864a23d52015208216a7ab0d1ff2915e30a8eb2af49bd4fd74509c0e61b2779d6b49f9243a024d07
 DIST shorewall-docs-html-5.2.4.tar.bz2 4293639 BLAKE2B c024da5a3fab5f98c0913f294dafd85eced4c259762f5f06d9e98a74ea2e1ac5c0565e027609da472bd911e08027a6524e7cf97e2ec06c70965e5088fa3c331e SHA512 cb3ce47a892e92a032d4f49d693b23ad47ad3a0effb44cb24c0ff86f9b9b75eaa231210369a0ae10789bddedbbfd4c2a8a11bef9695591ef22351570c5abe481
 DIST shorewall-init-5.2.3.7.tar.bz2 35860 BLAKE2B b6046004c246113105206f2a034e0d8930a8283c3431675a2cb5c29b1509619b5d79a03bdf8c1daea085a330344ffe519a0b9d7ec860fdcd3603efd739613d2e SHA512 f3f231923a5d352cb8288d051568d4dbf24ef38122a1d8ae0c158b317c09146d938389597a5f57e9099c7c1b283780357b74f8605ea1e14393a0e3b1fa6b1118
+DIST shorewall-init-5.2.4.3.tar.bz2 37979 BLAKE2B 5d66b1274c68919e733419a18de22fb79c522225bffc22f25b38d2853edb8ae0884a9a1eae21516f934cdf5624e4992e10f35df05a7db6b2456df45fd0593002 SHA512 18abcea821cb8fa1524a65df60394402577d52e384c1b4384a4ba742252936c286ae80d93fe374c6180559f50d301687a972d650c41425cdd4e1ac8960448acf
 DIST shorewall-init-5.2.4.tar.bz2 36672 BLAKE2B 9b1d8e4670f2fadca9c3ffb4aade2734ab2714ae86d9b66728595b9e6c222b151be064634ea374767adea4424d578b7f7369acab855a5716e6f8def2f35d7b6f SHA512 7a68eb0c8e40e778123c0ecc60c2210888c1e6c68fd282e0d4f2fb2fdac3f1f00dde521c157520a1edd31ef77fe40e5d15834c5ce7d3d5500ae5fb8d66a6a324
 DIST shorewall-lite-5.2.3.7.tar.bz2 40674 BLAKE2B cf7ed3c81ab3a49556e61f48bdabf828dbb79a4c0a6c431f9ce77a4f15ec33ccbfc6bc5b1e6a942d695795679670bdb3ff22c37c54bcc4cd3552f6117bb4834b SHA512 c83f349f2626fe98a2f968a76fb48de2e7412f95ed0e72c48724cd93fe6e3b480d6cc185b5445434432bbf40ffaef7dbb875c4b5494f7875ce1f96f345314ea6
+DIST shorewall-lite-5.2.4.3.tar.bz2 42731 BLAKE2B 2a908fd3822bbe16d2f1176daf8d2ea08d32139c8916f3b4b65a1c7172d8e13fcbfe4175d6acba206f74239634d48c62a12f1446309fe4c5e50a85dc2f8e324e SHA512 859f7246164891287ada09be4a0574c65cf83e870e55af50300bc6a594e1d6a6c02e623cc621d353540b23a7c1ee290c216932d94aaa748e613ac26f592adf1d
 DIST shorewall-lite-5.2.4.tar.bz2 41491 BLAKE2B 1cdef18c368d44bf7aae756c2519b3cf8aaa648be0044b6aab22aa6dda989a8a7e51ab77d963f450ab0338ea490ca2629680e1c251e4dbf43594a952a17ded9a SHA512 a222d06e60f889167160cea5107fb534e8c5bec00b42e7027615447875e3ee2513ba1eefd1e14e17ea7c91d08f2e9cfebb1b3fe2bd384f6288961c1258cbb359
 DIST shorewall6-5.2.3.7.tar.bz2 197912 BLAKE2B 20193edb20a6e165cc83391ff36e5601104dbc95f8300d1880253edc451fb086b0b619496cec84f3a6e1ea52c33ebea9de436babeb6517b41688e95eaaa10641 SHA512 45ac97f27569006715156579ca86e9dc580d30f64dabb1557ef25dbb171e76a67251a64e4ff77c8e88017dc2a9e364503c1f565f376312335ca2ac0d961a6043
+DIST shorewall6-5.2.4.3.tar.bz2 199657 BLAKE2B 86d1d34eb429a56f53b91ce11e60660227ad677b57f8c9d3b0af9b0d8ae85fb4b2dc7e18138026b7579be3e0e09eff728188517e680affbf6f1a20c79596d6eb SHA512 654cbb91c2740412f6213fa988985afb08f9e9450fa2f3fc96c02f50766aa1e22055d9309810cc9744dadfada2ce473343dc114c7daa31f63df83fa7623614f7
 DIST shorewall6-5.2.4.tar.bz2 198630 BLAKE2B 4aa511ba5b998835b9aadad3a733b7ea7e4c0940135ae8959895ea499fd5f83e8cad3831560215c41c855f0d02f845ee97b8318af409fa088a98bbd5f3ec7a87 SHA512 b4dce7043b44fc1b84c5f8b07c524b0c9b5a83e06f694646115c448ad1e0407a77613ace99b5866cfa8b7078a98c1aba79a94c094e40453745d6cccc453d8934
 DIST shorewall6-lite-5.2.3.7.tar.bz2 40641 BLAKE2B d1c3720e7fefe6a20a29ab90e65fe9c0a113894c008377734e274177f6759245c056fb2a7e7abf42c7bddd35bd159f8c2ed2e4135edd1dda9d63ad1b596cec8c SHA512 0727a0e709bb206e4905ae8b5b4b39b2d2eb950b8aa03d8593de71a12464422681b5528a8e06a05e91e9bd1bae6a78962da1810ecbc8707e670073c28daccaaa
+DIST shorewall6-lite-5.2.4.3.tar.bz2 42639 BLAKE2B bd0d37b6e0aafc9585774c6276c25f26d6be96bcde9788ab0bf57792c0085d664144e6f959dea0d20466917636b64145caa45883224027b00e42aef485e4141d SHA512 5d4a7e8116eb7d80517df71fee25962b4844337e644b9afd305614a9426666c350e315050f4a020e88ece0df7ab1fe2a9447781e5dc1c1b845ac5cc64a4332d3
 DIST shorewall6-lite-5.2.4.tar.bz2 41474 BLAKE2B 123b73281cc4e84f74eef56111af24243eca9706ad03a38cb8bf3763b8645fffdb1847098d33c109b8b481eb66baa9d71a907285cc20ae6094eac9304cf7fd52 SHA512 a2a5f8054e59815e3dc2f3a51f59f29b3880226d5074b78e189e68e6c6f66de44a86791417f088bb4f1d0eead78d2841269cd222450d33b7b5cef1c00b08cfc8

diff --git a/net-firewall/shorewall/files/shorewall-init-01_remove-ipset-functionality-r2.patch b/net-firewall/shorewall/files/shorewall-init-01_remove-ipset-functionality-r2.patch
new file mode 100644
index 00000000000..92258b1ff23
--- /dev/null
+++ b/net-firewall/shorewall/files/shorewall-init-01_remove-ipset-functionality-r2.patch
@@ -0,0 +1,29 @@
+--- a/shorewall-init-5.2.4.3/shorewall-init
++++ b/shorewall-init-5.2.4.3/shorewall-init
+@@ -68,10 +68,6 @@ shorewall_init_start () {
+ 
+     printf "Initializing \"Shorewall-based firewalls\": "
+ 
+-    if [ -n "$SAVE_IPSETS" -a -f "$SAVE_IPSETS" ]; then
+-	ipset -R < "$SAVE_IPSETS"
+-    fi
+-
+     for PRODUCT in $PRODUCTS; do
+ 	if setstatedir; then
+ 	    #
+@@ -109,15 +105,6 @@ shorewall_init_stop () {
+ 	fi
+     done
+ 
+-    if [ -n "$SAVE_IPSETS" ]; then
+-	mkdir -p $(dirname "$SAVE_IPSETS")
+-	if ipset -S > "${SAVE_IPSETS}.tmp"; then
+-	    grep -qE -- '^(-N|create )' "${SAVE_IPSETS}.tmp" && mv -f "${SAVE_IPSETS}.tmp" "$SAVE_IPSETS" || rm -f "${SAVE_IPSETS}.tmp"
+-	else
+-	    rm -f "${SAVE_IPSETS}.tmp"
+-	fi
+-    fi
+-
+     return 0
+ }
+ 

diff --git a/net-firewall/shorewall/shorewall-5.2.4.3.ebuild b/net-firewall/shorewall/shorewall-5.2.4.3.ebuild
new file mode 100644
index 00000000000..95a3c0906ea
--- /dev/null
+++ b/net-firewall/shorewall/shorewall-5.2.4.3.ebuild
@@ -0,0 +1,482 @@
+# Copyright 1999-2020 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI="7"
+
+inherit linux-info prefix systemd
+
+DESCRIPTION='A high-level tool for configuring Netfilter'
+HOMEPAGE="https://shorewall.org/"
+LICENSE="GPL-2"
+SLOT="0"
+IUSE="doc +init +ipv4 ipv6 lite4 lite6 selinux"
+
+MY_PV=${PV/_rc/-RC}
+MY_PV=${MY_PV/_beta/-Beta}
+MY_P=${PN}-${MY_PV}
+
+MY_MAJOR_RELEASE_NUMBER=$(ver_cut 1-2)
+MY_MAJORMINOR_RELEASE_NUMBER=$(ver_cut 1-3)
+
+# shorewall
+MY_PN_IPV4=Shorewall
+MY_P_IPV4=${MY_PN_IPV4/#S/s}-${MY_PV}
+
+# shorewall6
+MY_PN_IPV6=Shorewall6
+MY_P_IPV6=${MY_PN_IPV6/#S/s}-${MY_PV}
+
+# shorewall-lite
+MY_PN_LITE4=Shorewall-lite
+MY_P_LITE4=${MY_PN_LITE4/#S/s}-${MY_PV}
+
+# shorewall6-lite
+MY_PN_LITE6=Shorewall6-lite
+MY_P_LITE6=${MY_PN_LITE6/#S/s}-${MY_PV}
+
+# shorewall-init
+MY_PN_INIT=Shorewall-init
+MY_P_INIT=${MY_PN_INIT/#S/s}-${MY_PV}
+
+# shorewall-core
+MY_PN_CORE=Shorewall-core
+MY_P_CORE=${MY_PN_CORE/#S/s}-${MY_PV}
+
+# shorewall-docs-html
+MY_PN_DOCS=Shorewall-docs-html
+MY_P_DOCS=${MY_PN_DOCS/#S/s}-${MY_PV}
+
+# Upstream URL schema:
+# Beta:    $MIRROR/pub/shorewall/development/4.6/shorewall-4.6.4-Beta2/shorewall-4.6.4-Beta2.tar.bz2
+# RC:      $MIRROR/pub/shorewall/development/4.6/shorewall-4.6.4-RC1/shorewall-4.6.4-RC1.tar.bz2
+# Release: $MIRROR/pub/shorewall/4.6/shorewall-4.6.3/shorewall-4.6.3.3.tar.bz2
+
+MY_URL_PREFIX=
+MY_URL_SUFFIX=
+if [[ ${MY_PV} = *-Beta* ]] || [[ ${MY_PV} = *-RC* ]]; then
+	MY_URL_PREFIX='development/'
+
+	if [[ ${MY_PV} = *-Beta* ]] ; then
+		MY_URL_SUFFIX="-Beta${MY_PV##*-Beta}"
+	elif [[ ${MY_PV} = *-RC* ]] ; then
+		MY_URL_SUFFIX="-RC${MY_PV##*-RC}"
+	fi
+
+	# Cleaning up temporary variables
+	unset _tmp_last_index
+	unset _tmp_suffix
+else
+	KEYWORDS="~alpha ~amd64 ~hppa ~ppc ~ppc64 ~sparc ~x86"
+fi
+
+SRC_URI="
+	https://shorewall.org/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall-core-${MY_PV}.tar.bz2
+	ipv4? ( https://shorewall.org/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall-${MY_PV}.tar.bz2 )
+	ipv6? ( https://shorewall.org/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall6-${MY_PV}.tar.bz2 )
+	lite4? ( https://shorewall.org/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall-lite-${MY_PV}.tar.bz2 )
+	lite6? ( https://shorewall.org/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall6-lite-${MY_PV}.tar.bz2 )
+	init? ( https://shorewall.org/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall-init-${MY_PV}.tar.bz2 )
+	doc? ( https://shorewall.org/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/${MY_P_DOCS}.tar.bz2 )
+"
+
+# - Shorewall6 requires Shorewall
+# - Installing Shorewall-init or just the documentation doesn't make any sense,
+#   that's why we force the user to select at least one "real" Shorewall product
+#
+# See https://shorewall.org/download.htm#Which
+REQUIRED_USE="
+	ipv6? ( ipv4 )
+	|| ( ipv4 lite4 lite6 )
+"
+
+# No build dependencies! Just plain shell scripts...
+DEPEND=""
+
+RDEPEND="
+	>=net-firewall/iptables-1.4.20
+	>=sys-apps/iproute2-3.8.0[-minimal]
+	>=sys-devel/bc-1.06.95
+	ipv4? (
+		>=dev-lang/perl-5.16
+		virtual/perl-Digest-SHA
+	)
+	ipv6? (
+		>=dev-perl/Socket6-0.230.0
+		>=net-firewall/iptables-1.4.20[ipv6]
+		>=sys-apps/iproute2-3.8.0[ipv6]
+	)
+	lite6? (
+		>=net-firewall/iptables-1.4.20[ipv6]
+		>=sys-apps/iproute2-3.8.0[ipv6]
+	)
+	init? ( >=sys-apps/coreutils-8.20 )
+	selinux? ( >=sec-policy/selinux-shorewall-2.20161023-r3 )
+	!net-firewall/shorewall-core
+	!net-firewall/shorewall6
+	!net-firewall/shorewall-lite
+	!net-firewall/shorewall6-lite
+	!net-firewall/shorewall-init
+	!<sys-apps/systemd-214
+"
+
+S=${WORKDIR}
+
+pkg_pretend() {
+	local CONFIG_CHECK="~NF_CONNTRACK"
+
+	local WARNING_CONNTRACK="Without NF_CONNTRACK support, you will be unable"
+	local WARNING_CONNTRACK+=" to run any shorewall-based firewall on the local system."
+
+	# kernel >=4.19 has unified NF_CONNTRACK module, bug 671176
+	if kernel_is -lt 4 19; then
+		if use ipv4 || use lite4; then
+			CONFIG_CHECK="${CONFIG_CHECK} ~NF_CONNTRACK_IPV4"
+
+			local WARNING_CONNTRACK_IPV4="Without NF_CONNTRACK_IPV4 support, you will"
+			local WARNING_CONNTRACK_IPV4+=" be unable to run any shorewall-based IPv4 firewall on the local system."
+		fi
+
+		if use ipv6 || use lite6; then
+			CONFIG_CHECK="${CONFIG_CHECK} ~NF_CONNTRACK_IPV6"
+
+			local WARNING_CONNTRACK_IPV6="Without NF_CONNTRACK_IPV6 support, you will"
+			local WARNING_CONNTRACK_IPV6+=" be unable to run any shorewall-based IPv6 firewall on the local system."
+		fi
+	fi
+
+	check_extra_config
+}
+
+pkg_setup() {
+	if [[ -n "${DIGEST}" ]]; then
+		einfo "Unsetting environment variable \"DIGEST\" to prevent conflicts with package's \"install.sh\" script ..."
+		unset DIGEST
+	fi
+}
+
+src_prepare() {
+	# We are moving each unpacked source from MY_P_* to MY_PN_*.
+	# This allows us to use patches from upstream and keeps epatch_user working
+
+	einfo "Preparing shorewallrc ..."
+	cp "${FILESDIR}"/shorewallrc-r3 "${S}"/shorewallrc.gentoo || die "Copying shorewallrc failed"
+	eprefixify "${S}"/shorewallrc.gentoo
+	sed -i \
+		-e "s|SERVICEDIR=tbs|SERVICEDIR=$(systemd_get_systemunitdir)|" \
+		"${S}"/shorewallrc.gentoo || die "Failed to update shorewallrc"
+
+	# shorewall-core
+	mv "${S}"/${MY_P_CORE} "${S}"/${MY_PN_CORE} || die "Failed to move '${S}/${MY_P_CORE}' to '${S}/${MY_PN_CORE}'"
+	ebegin "Applying Gentoo-specific changes to ${MY_P_CORE} ..."
+	ln -s ../shorewallrc.gentoo ${MY_PN_CORE}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo"
+	eend 0
+
+	pushd "${S}"/${MY_PN_CORE} &>/dev/null || die
+	eapply "${FILESDIR}"/shorewall-core-5.2.1-no-gzipped-manpages.patch
+	popd &>/dev/null || die
+
+	# shorewall
+	if use ipv4; then
+		mv "${S}"/${MY_P_IPV4} "${S}"/${MY_PN_IPV4} || die "Failed to move '${S}/${MY_P_IPV4}' to '${S}/${MY_PN_IPV4}'"
+		ebegin "Applying Gentoo-specific changes to ${MY_P_IPV4}"
+		ln -s ../shorewallrc.gentoo ${MY_PN_IPV4}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo"
+		cp "${FILESDIR}"/shorewall.confd-r1 "${S}"/${MY_PN_IPV4}/default.gentoo || die "Copying shorewall.confd-r1 failed"
+		cp "${FILESDIR}"/shorewall.initd-r3 "${S}"/${MY_PN_IPV4}/init.gentoo.sh || die "Copying shorewall.initd-r2 failed"
+		cp "${FILESDIR}"/shorewall.systemd "${S}"/${MY_PN_IPV4}/gentoo.service || die "Copying shorewall.systemd failed"
+		eend 0
+
+		pushd "${S}"/${MY_PN_IPV4} &>/dev/null || die
+		eapply "${FILESDIR}"/shorewall-5.2.1-no-gzipped-manpages.patch
+		popd &>/dev/null || die
+	fi
+
+	# shorewall6
+	if use ipv6; then
+		mv "${S}"/${MY_P_IPV6} "${S}"/${MY_PN_IPV6} || die "Failed to move '${S}/${MY_P_IPV6}' to '${S}/${MY_PN_IPV6}'"
+		ebegin "Applying Gentoo-specific changes to ${MY_P_IPV6}"
+		ln -s ../shorewallrc.gentoo ${MY_PN_IPV6}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo"
+		cp "${FILESDIR}"/shorewall.confd-r1 "${S}"/${MY_PN_IPV6}/default.gentoo || die "Copying shorewall.confd-r1 failed"
+		cp "${FILESDIR}"/shorewall.initd-r3 "${S}"/${MY_PN_IPV6}/init.gentoo.sh || die "Copying shorewall.initd-r2 failed"
+		cp "${FILESDIR}"/shorewall6.systemd "${S}"/${MY_PN_IPV6}/gentoo.service || die "Copying shorewall6.systemd failed"
+		eend 0
+
+		pushd "${S}"/${MY_PN_IPV6} &>/dev/null || die
+		eapply "${FILESDIR}"/shorewall-5.2.1-no-gzipped-manpages.patch
+		popd &>/dev/null || die
+	fi
+
+	# shorewall-lite
+	if use lite4; then
+		mv "${S}"/${MY_P_LITE4} "${S}"/${MY_PN_LITE4} || die "Failed to move '${S}/${MY_P_LITE4}' to '${S}/${MY_PN_LITE4}'"
+		ebegin "Applying Gentoo-specific changes to ${MY_P_LITE4}"
+		ln -s ../shorewallrc.gentoo ${MY_PN_LITE4}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo"
+		cp "${FILESDIR}"/shorewall-lite.confd-r1 "${S}"/${MY_PN_LITE4}/default.gentoo || die "Copying shorewall-lite.confd-r1 failed"
+		cp "${FILESDIR}"/shorewall-lite.initd-r3 "${S}"/${MY_PN_LITE4}/init.gentoo.sh || die "Copying shorewall-lite.initd-r2 failed"
+		cp "${FILESDIR}"/shorewall-lite.systemd "${S}"/${MY_PN_LITE4}/gentoo.service || die "Copying shorewall-lite.systemd failed"
+		eend 0
+
+		pushd "${S}"/${MY_PN_LITE4} &>/dev/null || die
+		eapply "${FILESDIR}"/shorewall-lite-5.2.1-no-gzipped-manpages.patch
+		popd &>/dev/null || die
+	fi
+
+	# shorewall6-lite
+	if use lite6; then
+		mv "${S}"/${MY_P_LITE6} "${S}"/${MY_PN_LITE6} || die "Failed to move '${S}/${MY_P_LITE6}' to '${S}/${MY_PN_LITE6}'"
+		ebegin "Applying Gentoo-specific changes to ${MY_P_LITE6}"
+		ln -s ../shorewallrc.gentoo ${MY_PN_LITE6}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo"
+		cp "${FILESDIR}"/shorewall-lite.confd-r1 "${S}"/${MY_PN_LITE6}/default.gentoo || die "Copying shorewall-lite.confd-r1 failed"
+		cp "${FILESDIR}"/shorewall-lite.initd-r3 "${S}"/${MY_PN_LITE6}/init.gentoo.sh || die "Copying shorewall-lite.initd-r2 failed"
+		cp "${FILESDIR}"/shorewall6-lite.systemd "${S}"/${MY_PN_LITE6}/gentoo.service || die "Copying shorewall6-lite.systemd failed"
+		eend 0
+
+		pushd "${S}"/${MY_PN_LITE6} &>/dev/null || die
+		eapply "${FILESDIR}"/shorewall-lite-5.2.1-no-gzipped-manpages.patch
+		popd &>/dev/null || die
+	fi
+
+	# shorewall-init
+	if use init; then
+		mv "${S}"/${MY_P_INIT} "${S}"/${MY_PN_INIT} || die "Failed to move '${S}/${MY_P_INIT}' to '${S}/${MY_PN_INIT}'"
+		ebegin "Applying Gentoo-specific changes to ${MY_P_INIT}"
+		ln -s ../shorewallrc.gentoo ${MY_PN_INIT}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo"
+		cp "${FILESDIR}"/shorewall-init.confd "${S}"/${MY_PN_INIT}/default.gentoo || die "Copying shorewall-init.confd failed"
+		cp "${FILESDIR}"/shorewall-init.initd "${S}"/${MY_PN_INIT}/init.gentoo.sh || die "Copying shorewall-init.initd failed"
+		cp "${FILESDIR}"/shorewall-init.systemd "${S}"/${MY_PN_INIT}/gentoo.service || die "Copying shorewall-init.systemd failed"
+		cp "${FILESDIR}"/shorewall-init.readme "${S}"/${MY_PN_INIT}/shorewall-init.README.Gentoo.txt || die "Copying shorewall-init.systemd failed"
+		eend 0
+
+		eprefixify "${S}"/${MY_PN_INIT}/init.gentoo.sh
+
+		pushd "${S}"/${MY_PN_INIT} &>/dev/null || die
+		eapply -p2 "${FILESDIR}"/shorewall-init-01_remove-ipset-functionality-r2.patch
+		popd &>/dev/null || die
+	fi
+
+	# shorewall-docs-html
+	if use doc; then
+		mv "${S}"/${MY_P_DOCS} "${S}"/${MY_PN_DOCS} || die "Failed to move '${S}/${MY_P_DOCS}' to '${S}/${MY_PN_DOCS}'"
+	fi
+
+	eapply_user
+}
+
+src_configure() {
+	:;
+}
+
+src_compile() {
+	:;
+}
+
+src_install() {
+	# shorewall-core
+	einfo "Installing ${MY_P_CORE} ..."
+	DESTDIR="${ED}" ${MY_PN_CORE}/install.sh shorewallrc.gentoo || die "${MY_PN_CORE}/install.sh failed"
+	dodoc "${S}"/${MY_PN_CORE}/changelog.txt "${S}"/${MY_PN_CORE}/releasenotes.txt
+
+	# shorewall
+	if use ipv4; then
+		einfo "Installing ${MY_P_IPV4} ..."
+		DESTDIR="${ED}" ${MY_PN_IPV4}/install.sh shorewallrc.gentoo || die "${MY_PN_IPV4}/install.sh failed"
+		keepdir /var/lib/shorewall
+
+		if use doc; then
+			dodoc -r "${S}"/${MY_PN_IPV4}/Samples
+		fi
+	fi
+
+	# shorewall6
+	if use ipv6; then
+		einfo "Installing ${MY_P_IPV6} ..."
+		DESTDIR="${ED}" ${MY_PN_IPV6}/install.sh shorewallrc.gentoo || die "${MY_PN_IPV6}/install.sh failed"
+		keepdir /var/lib/shorewall6
+
+		if use doc; then
+			dodoc -r "${S}"/${MY_PN_IPV6}/Samples6
+		fi
+	fi
+
+	# shorewall-lite
+	if use lite4; then
+		einfo "Installing ${MY_P_LITE4} ..."
+		DESTDIR="${ED}" ${MY_PN_LITE4}/install.sh shorewallrc.gentoo || die "${MY_PN_LITE4}/install.sh failed"
+		keepdir /var/lib/shorewall-lite
+	fi
+
+	# shorewall6-lite
+	if use lite6; then
+		einfo "Installing ${MY_P_LITE6} ..."
+		DESTDIR="${ED}" ${MY_PN_LITE6}/install.sh shorewallrc.gentoo || die "${MY_PN_LITE6}/install.sh failed"
+		keepdir /var/lib/shorewall6-lite
+	fi
+
+	# shorewall-init
+	if use init; then
+		einfo "Installing ${MY_P_INIT} ..."
+		DESTDIR="${ED}" ${MY_PN_INIT}/install.sh shorewallrc.gentoo || die "${MY_PN_INIT}/install.sh failed"
+		dodoc "${S}"/${MY_PN_INIT}/shorewall-init.README.Gentoo.txt
+
+		if [[ -f "${ED}/etc/logrotate.d/shorewall-init" ]]; then
+			# On Gentoo, shorewall-init will not create shorewall-ifupdown.log,
+			# so we don't need a logrotate configuration file for shorewall-init
+			einfo "Removing unused \"${ED}/etc/logrotate.d/shorewall-init\" ..."
+			rm -rf "${ED}"/etc/logrotate.d/shorewall-init || die "Removing \"${ED}/etc/logrotate.d/shorewall-init\" failed"
+		fi
+
+		if [[ -d "${ED}/etc/NetworkManager" ]]; then
+			# On Gentoo, we don't support NetworkManager
+			# so we don't need this folder at all
+			einfo "Removing unused \"${ED}/etc/NetworkManager\" ..."
+			rm -rf "${ED}"/etc/NetworkManager || die "Removing \"${ED}/etc/NetworkManager\" failed"
+		fi
+
+		if [[ -f "${ED}/usr/share/shorewall-init/ifupdown" ]]; then
+			# This script isn't supported on Gentoo
+			rm -rf "${ED}"/usr/share/shorewall-init/ifupdown || die "Removing \"${ED}/usr/share/shorewall-init/ifupdown\" failed"
+		fi
+	fi
+
+	if use doc; then
+		einfo "Installing ${MY_P_DOCS} ..."
+		docinto html && dodoc -r "${S}"/${MY_PN_DOCS}/*
+	fi
+}
+
+pkg_postinst() {
+	if [[ -z "${REPLACING_VERSIONS}" ]]; then
+		# This is a new installation
+
+		# Show first steps for shorewall/shorewall6
+		local _PRODUCTS=""
+		if use ipv4; then
+			_PRODUCTS="shorewall"
+
+			if use ipv6; then
+				_PRODUCTS="${_PRODUCTS}/shorewall6"
+			fi
+		fi
+
+		if [[ -n "${_PRODUCTS}" ]]; then
+			elog "Before you can use ${_PRODUCTS}, you need to edit its configuration in:"
+			elog ""
+			elog "  /etc/shorewall/shorewall.conf"
+
+			if use ipv6; then
+				elog "  /etc/shorewall6/shorewall6.conf"
+			fi
+
+			elog ""
+			elog "To activate your shorewall-based firewall on system start, please add ${_PRODUCTS} to your default runlevel:"
+			elog ""
+			elog "  # rc-update add shorewall default"
+
+			if use ipv6; then
+				elog "  # rc-update add shorewall6 default"
+			fi
+		fi
+
+		# Show first steps for shorewall-lite/shorewall6-lite
+		_PRODUCTS=""
+		if use lite4; then
+			_PRODUCTS="shorewall-lite"
+		fi
+
+		if use lite6; then
+			if [[ -z "${_PRODUCTS}" ]]; then
+				_PRODUCTS="shorewall6-lite"
+			else
+				_PRODUCTS="${_PRODUCTS}/shorewall6-lite"
+			fi
+		fi
+
+		if [[ -n "${_PRODUCTS}" ]]; then
+			if use ipv4; then
+				elog ""
+			fi
+
+			elog "Before you can use ${_PRODUCTS}, you need to provide a configuration, which you can"
+			elog "create using ${CATEGORY}/shorewall (with \"ipv4\" and or \"ipv6\" USE flag)."
+			elog ""
+			elog "To read more about ${_PRODUCTS}, please visit"
+			elog "  https://shorewall.org/CompiledPrograms.html"
+			elog ""
+			elog "To activate your shorewall-lite-based firewall on system start, please add ${PRODUCTS} to your default runlevel:"
+			elog ""
+
+			if use lite4; then
+				elog "  # rc-update add shorewall-lite default"
+			fi
+
+			if use lite6; then
+				elog "  # rc-update add shorewall6-lite default"
+			fi
+		fi
+
+		if use init; then
+			elog ""
+			elog "To secure your system on boot, please add shorewall-init to your boot runlevel:"
+			elog ""
+			elog "  # rc-update add shorewall-init boot"
+			elog ""
+			elog "and review \$PRODUCTS in"
+			elog ""
+			elog "  /etc/conf.d/shorewall-init"
+		fi
+
+	fi
+
+	local v
+	for v in ${REPLACING_VERSIONS}; do
+		if ! version_is_at_least ${MY_MAJOR_RELEASE_NUMBER} ${v}; then
+			# This is an upgrade
+
+			elog "You are upgrading from a previous major version. It is highly recommended that you read"
+			elog ""
+			elog "  - /usr/share/doc/shorewall*/releasenotes.tx*"
+			elog "  - https://shorewall.org/Shorewall-5.html#idm214"
+
+			if use ipv4; then
+				elog ""
+				elog "You can auto-migrate your configuration using"
+				elog ""
+				elog "  # shorewall update -A"
+
+				if use ipv6; then
+					elog "  # shorewall6 update -A"
+				fi
+
+				elog ""
+				elog "*after* you have merged the changed files using one of the configuration"
+				elog "files update tools of your choice (dispatch-conf, etc-update...)."
+
+				elog ""
+				elog "But if you are not familiar with the \"shorewall[6] update\" command,"
+				elog "please read the shorewall[6] man page first."
+			fi
+
+			# Show this elog only once
+			break
+		fi
+	done
+
+	if ! use init; then
+		elog ""
+		elog "Consider emerging ${CATEGORY}/${PN} with USE flag \"init\" to secure your system on boot"
+		elog "before your shorewall-based firewall is ready to start."
+		elog ""
+		elog "To read more about shorewall-init, please visit"
+		elog "  https://shorewall.org/Shorewall-init.html"
+	fi
+
+	if ! has_version "net-firewall/conntrack-tools"; then
+		elog ""
+		elog "Your Shorewall firewall can utilize \"conntrack\" from the \"net-firewall/conntrack-tools\""
+		elog "package. if you want to use this feature, you need to install \"net-firewall/conntrack-tools\"!"
+	fi
+
+	if ! has_version "dev-perl/Devel-NYTProf"; then
+		elog ""
+		elog "If you want to profile your Shorewall firewall you need to install \"dev-perl/Devel-NYTProf\"!"
+	fi
+}