net-firewall/shorewall: Bump to v5.1.7

Package-Manager: Portage-2.3.8, Repoman-2.3.3

3 files changed, 493 insertions, 0 deletions

diff --git a/net-firewall/shorewall/Manifest b/net-firewall/shorewall/Manifest
index 7c2eb82467bb..58e94ee7c988 100644
--- a/net-firewall/shorewall/Manifest
+++ b/net-firewall/shorewall/Manifest
@@ -1,14 +1,21 @@
 DIST shorewall-5.1.5.2.tar.bz2 520374 SHA256 ca33a7bc9c590638575edb8a530b76a9b0bd844877bef7df7c23646e839e137b SHA512 aed35f0a00944d70bb2bdab195f151e3770e73dabe07a59c1b6dd7fce5147866c73d44325df9ded475c37b258cf7c31c8d1348c58476fadd5b98217b7f0b3888 WHIRLPOOL ac0489f4ec152ff57a6da6be2c86b0fe45281ad9bb09e3fd53aba11b94252bb44ec5a71f069e2541b5c4912922fcfbbbce6004804c395e17929c78465a0cd102
 DIST shorewall-5.1.6.1.tar.bz2 522476 SHA256 90702872726c30434ef87c19be1742ae5f04b4e0b1f9ee7761810b618b38a05e SHA512 604ee6150add87a5c121e863ec3d65f454b6ae1724236c80c08e2ce3365512966126f9d28d07c7e6a273d5626e02e5625015f91f6a7166b830f6ccb667f731ba WHIRLPOOL f0e70c3949e9f9b59a5f5a19ee1023ecc6dc2ece2e420245f67fa2d7197939bc1197402366d8a560d7e29231accd5ea1456a005df30c7deaa82f25e01375ff2a
+DIST shorewall-5.1.7.tar.bz2 523676 SHA256 d19e6461fee8e497d3d569d69b4e0fed7736870171dd15ad8287e48facb25be0 SHA512 24f8dff494ee39926cb25680f62b2cd9073ab80b249ab57af5419af2211fc964d64e0bafb651879ba519677e0f844d5617cefe09f769369572c9c1a00149bce6 WHIRLPOOL 503fbf422b3888073cc64cdc4ba43c90a376b139252df3c146266d7da238b3aad92c1d778f5d1e8a45e4b9f1e6255e5c623c1b0530be68e95b184f7d56d0d21e
 DIST shorewall-core-5.1.5.2.tar.bz2 77435 SHA256 24ca9c2e506cadda1fcbf621b376db0ebb3f3802cecc53d1518753a9cb77d450 SHA512 d4e0ef22d288e6addc2ce41813f2bab56fa142893ea495ef59dd1a636995e2a71e88477c38cac1004f055a7333ab0db27a334ca586b88558d6b781966712bff2 WHIRLPOOL 526495ae9a13a2e0dfc6dc7fffec0a7f8dd1be111be35ff2356bcf403c12c7e76993c82b2cb5b76541fa613856b23a5499b86a7a72b52062e7a21bd3b61e9082
 DIST shorewall-core-5.1.6.1.tar.bz2 78891 SHA256 31b48d50ce9a6b256739679c03ea4c6c219149b34201e6637f0ed2ccc6dd3530 SHA512 090425813791bc78531a46c493a54cadc3ac6106963c87abb3c48f0863267f71bccad644209f2893f9f1ec06057595242f12fbd59312c7e8dd932f0c3bc29236 WHIRLPOOL c255fd892a299fe8ef56a923b4c8511df2cbc21ce8821f90257b2e9a1fd66a20ec2a5070365dc7a6b43e40c0b0645c845b122a67b4dbc6e71e8a9f1de919b13b
+DIST shorewall-core-5.1.7.tar.bz2 79711 SHA256 c94baf58a61b79407fbaea84a6439d323b17d02912dd81838f7b5ed07ccf1340 SHA512 91836595a3f0df8db6d26eeef47207e94364748e55762de771340ed368ea10be2c445680a57a2864fdfa68b35da18ee256cc0f8dcf6c53494c39f09da8ae829d WHIRLPOOL 4fd47f0b46c2881917561b9234acc38548fb9d4a1ef1e2f706a8eaceeb1d44aa0753a93fecddb7ebc80be9e19c20fdd853c22ca2ab7ae21e092aba7e60921b58
 DIST shorewall-docs-html-5.1.5.2.tar.bz2 4218574 SHA256 18a601050b6fcf6b5839ead037e96ee28ae85eb34262d7d614183cbee6169ef5 SHA512 a66161a601f5417bde8612a154c3886dbf81985e127955bbec213dcaa0e4778b2a3aabbf1dcf257d36db0806b5822bce5fa11a555da36427abbf0deb8f6f1501 WHIRLPOOL d8607b0c7ea3b7bd7b685e99895867f9e37bc2a0c8a5520a59311696fc0e2817452e36865c08e7b758a72fd9a546bf5ef6a47f4098f993cf8c95ad4e1f426dd8
 DIST shorewall-docs-html-5.1.6.1.tar.bz2 4218958 SHA256 db1d61b013f035a2e7d515f483d789fa160fe7a250e12e9efec5a79fb2ef1144 SHA512 c620209dd6fd9f044088e11e1adf8bee5c481bb27db76bfae5f42fae242dc139526cc457507251d5d00e55a652b358aa7ac3586ec10e28210e00f75932007277 WHIRLPOOL 36936c55029db3875f1a14014eb2c25845412f74bec22205a24919faa34c8b447539bbaa29189ed547bd63989ba20d1c4376fc5fd4d02d4c227f10d733fc0835
+DIST shorewall-docs-html-5.1.7.tar.bz2 4218629 SHA256 81a9906479bab465e61b420cc9904487ccb490f10bcaef4a5487ec5ff46a1428 SHA512 c24351701983c8b0e6b429094084cbfec1360eaaf4cae8c58b3513c3783957ae1b16a5b0443f07b6ccb4cbf5726324b7670f07dfe5fe1b0e58ec127d305baa4e WHIRLPOOL a31f6822011fb90e4e6b00f20f7f604a4cb4a6f67fc2563754bfb447a2fb2a09a86001412d3d47190f6ce388bdc321ec99fc32fd23015566fe0381f8a1f6a4c2
 DIST shorewall-init-5.1.5.2.tar.bz2 32646 SHA256 1ae9771f20ca3ede897fe0ee4443d65011dde37d6ecc146150ba22c980b6f272 SHA512 de67e167bbdd5e2860e01fb55f07b695011ce7473b98b374f605263eb0aa66e7de645cd7716526ecbf01bf8b65fb5e08294c85bf55ec45b54b78f1b66e80565c WHIRLPOOL d1f1d05b384b63b087e48afa90ded85e333d1ca1d8e90196de2540c8705239f55326ffa5d421f6c03e651e6d7076e18786ab47009c09f31de2cc6fe13910ac36
 DIST shorewall-init-5.1.6.1.tar.bz2 34153 SHA256 ad20b348e32f6cc332521b07ef89a891978453e56cfe7fbe916d1f83ae594194 SHA512 f6ea4aad0c0da6da8436dcb27441088cefd8312e37cc6d62187fd8210790b2be5452cc06f1823f1958c53cdec2e4b14abc5be31a7c029739838f5bbc6d143a00 WHIRLPOOL b5d6f01c5670a60a3471f1fffbd341ca914c20d39516ad5bf63693c7ebda882c0fa572d5839f28ef94d40a95216a1b13573b470fe14676f0421aebde62769fd6
+DIST shorewall-init-5.1.7.tar.bz2 34955 SHA256 c0a0218d209846cde2581ecc93d70eb8ae26bea976647db2f1fa887140f10811 SHA512 3951b24a0e992c45021d5e79d5ab4a1480559ba321c4c5c57b40068373bb4b14f45edf525e9cc384657167330ef8f6cec46374c84a8dcc7fb641a88e27e40a4d WHIRLPOOL f319cf109987cf627794d60beabcf988a2cb2a54abacdd84a46e60344960ed9371adeb6367fd3318ebe9e24a562a199a3ed98edca31a1e992757ab2db252f58e
 DIST shorewall-lite-5.1.5.2.tar.bz2 38424 SHA256 acf092c051ce4e19b0aa67b1828511ec446006133c4451d9c13f60275025a397 SHA512 300793d3a123ab63cde988667a53e931adf7f40e6987bb5b57a60376502ad4ec46316e45bc0c589f82f3fb118ee6f78a0646f7aa5ef522791eea10e7ff2430da WHIRLPOOL 2a8b775d87601cb4e792fe817e0d2e7eaaf6b162eb9ed762081ec502239d1dc33d3843e9742b532d582939dc143561de617246aeb27a83448625bc4935d78505
 DIST shorewall-lite-5.1.6.1.tar.bz2 39930 SHA256 64424e0c69aff83fc02a73db5b1c7ee10fb916d317c027987ba40c8aff6ddd8f SHA512 69cfca2e703680238b32c8ffe3431a9267625faa3a03bed28593f0b0e8a5accc7d58ef4b91b77f87fc44e09f279d41e0302094e1d5255fc3ed1f6fc51863c07b WHIRLPOOL cb993586c09297aeaf8a37cbde8afa99f93687b62b1a5551e70e10ffa9633ba67077dc9323af583293c7e1d07b0ba558d2b1a124709fef147021bf9c5cffee9e
+DIST shorewall-lite-5.1.7.tar.bz2 40648 SHA256 c55d2077bfc72f50bd49457984060d9cc0cabdefa26674662f8a68ccf1aad65f SHA512 a6ac156496aa52ff4bcaa4f6b72b3e0bcb93876a029a54f81989fd3d02ef2fbc9ebf870731912080c59e5f3afd56ebffc17fcaaf30716ad65693b72130e05500 WHIRLPOOL 974815a3ea8032638905da17fbc7f46441cb73cc4660f57f733fcd571a4ea606658db00c98518e914fe681a67effe19e5e681e0b1afccd5986bff7b6d86d68cb
 DIST shorewall6-5.1.5.2.tar.bz2 188754 SHA256 c215a762ebb9c0a35be7463e1a2db2397ee1c01ab32c2224528f8de4a5ac9ac6 SHA512 1dbb7304f1f349ceb84a34c397a8c12e4fc5e9bdcd001d72881dbf76dda37e8e8448419f00c705e430f5f2e57cf3a7f9dc834cde6119d18cbeabf9d5a0e67e35 WHIRLPOOL 0daf72a3755b83b1ac3c6d90911149410cb9918f9ad312bd16f90c900880e32e852f5cb89791fdd68f14c1ae2389a365a23b94f430e227c687ab820d1b6d7619
 DIST shorewall6-5.1.6.1.tar.bz2 191131 SHA256 4732c560aa9166b35fbefaeecf6dcedf9f5224e1f56a739b3b1d30724af3affc SHA512 a26acc30f81c7419d9cbb8fd9f0a95c4647e4247b5f4f6232fc414abdba85c85ad8b127f441137cffa1dd88e7bebfba8a785416f54df36f77a36a50b4971b0f1 WHIRLPOOL a9cbe284762ee8af930808c8bb25931860ea9014e00c5b1f2d99ae48ffd31fa96a92dd0bb7ab43bbc44a7d02c5e8e5c334d938db3414b1c0e7069175f04fe026
+DIST shorewall6-5.1.7.tar.bz2 191614 SHA256 624fe000c881a75109f65f5fb11480a2f997b06237db546e51aeee2ed49dd10d SHA512 9423d6a141c61e1ca5546fd21e5db145c917d6e6825805ff404f5531449a0125f8288d0954e101231fa4d0a521e6db3993b4b312caba3188e41bc579eef350c3 WHIRLPOOL 7635d78eecf9f3e13b98e0577dff7687be34abdbeb8eee7d152ef1a0610dd9e82bf18024185ffe14caaa47053b809307e47b2aa111f7d03a8595a35d7c297ccf
 DIST shorewall6-lite-5.1.5.2.tar.bz2 38137 SHA256 0b65ef615be93f921af6d8c11f702f2c46ba18d989fe12fe048732c53cf841de SHA512 e8961abdb7c105820d8420f623cbff72af33e2d35701bb0f81f2fad5364e91b88d5d1317d4ffc8e00c3b32d50c96f6c0dccda20cd981c5f6cc7aaf1662af8d27 WHIRLPOOL d3b04c2c6e9f3a10b8bbc0da1e5691dc3e428501ee52547e548eed05b14d54aec243111f711cb66ecc734efe5217dffa0230b1045296f90a60da88c390ba33bf
 DIST shorewall6-lite-5.1.6.1.tar.bz2 39636 SHA256 a25a1430a09d797991f0028f76f5252b86ef898801fc8eb3e6c8ca695d1d2a98 SHA512 eb059a1d991e72cd7b4522ddecb5557918803b5ce8c79552919d7c2798aaab96548b2dea5950f9c3311091950307496c034d63f5389f745b6282074d20d9afbc WHIRLPOOL 2ffae1f3afafcf576d11265562f9f22e6d58061b509d9ef7fceb57980b1d8c8a598efd39aaec5e3bdbff4004a39741eccb0fec8ed0417ff9f36a09e417bb9047
+DIST shorewall6-lite-5.1.7.tar.bz2 40346 SHA256 2fa19a4c5046c05e4e5cf28d4b50dab0061f05f2a17cb0f8fd265812276cb975 SHA512 6e118b2fa369aa42dfade55b3b4c8855b3d950fd664c5cf2c22539c99e2065e8924e86970ea0f17b7b8930d1c28220bc425ef4329222f0c11feb872ba0145eb9 WHIRLPOOL 2f5be4d88e48e4ef535e60e050343ef78b2c4fdfa9918e79947e43107d3e8d46272c7c6f1134f4762b48894a9334daed2ddef4fa3843cf4670be54b9bb799714
diff --git a/net-firewall/shorewall/files/shorewall-init-01_remove-ipset-functionality-r1.patch b/net-firewall/shorewall/files/shorewall-init-01_remove-ipset-functionality-r1.patch
new file mode 100644
index 000000000000..8b7925d6dceb
--- /dev/null
+++ b/net-firewall/shorewall/files/shorewall-init-01_remove-ipset-functionality-r1.patch
@@ -0,0 +1,30 @@
+diff -rupN old/shorewall-init-5.1.7/shorewall-init new/shorewall-init-5.1.7/shorewall-init
+--- old/shorewall-init-5.1.7/shorewall-init	2017-09-18 18:28:43.000000000 +0200
++++ new/shorewall-init-5.1.7/shorewall-init	2017-09-23 15:46:03.489914459 +0200
+@@ -80,10 +80,6 @@ shorewall_start () {
+ 	fi
+     done
+ 
+-    if [ -n "$SAVE_IPSETS" -a -f "$SAVE_IPSETS" ]; then
+-	ipset -R < "$SAVE_IPSETS"
+-    fi
+-
+     return 0
+ }
+ 
+@@ -101,15 +97,6 @@ shorewall_stop () {
+ 	fi
+     done
+ 
+-    if [ -n "$SAVE_IPSETS" ]; then
+-	mkdir -p $(dirname "$SAVE_IPSETS")
+-	if ipset -S > "${SAVE_IPSETS}.tmp"; then
+-	    grep -qE -- '^(-N|create )' "${SAVE_IPSETS}.tmp" && mv -f "${SAVE_IPSETS}.tmp" "$SAVE_IPSETS" || rm -f "${SAVE_IPSETS}.tmp"
+-	else
+-	    rm -f "${SAVE_IPSETS}.tmp"
+-	fi
+-    fi
+-
+     return 0
+ }
+ 
diff --git a/net-firewall/shorewall/shorewall-5.1.7.ebuild b/net-firewall/shorewall/shorewall-5.1.7.ebuild
new file mode 100644
index 000000000000..3b7545ca47d4
--- /dev/null
+++ b/net-firewall/shorewall/shorewall-5.1.7.ebuild
@@ -0,0 +1,456 @@
+# Copyright 1999-2017 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI="6"
+
+inherit linux-info prefix systemd versionator
+
+DESCRIPTION='A high-level tool for configuring Netfilter'
+HOMEPAGE="http://www.shorewall.net/"
+LICENSE="GPL-2"
+SLOT="0"
+IUSE="doc +init +ipv4 ipv6 lite4 lite6 selinux"
+
+MY_PV=${PV/_rc/-RC}
+MY_PV=${MY_PV/_beta/-Beta}
+MY_P=${PN}-${MY_PV}
+
+MY_MAJOR_RELEASE_NUMBER=$(get_version_component_range 1-2)
+MY_MAJORMINOR_RELEASE_NUMBER=$(get_version_component_range 1-3)
+
+# shorewall
+MY_PN_IPV4=Shorewall
+MY_P_IPV4=${MY_PN_IPV4/#S/s}-${MY_PV}
+
+# shorewall6
+MY_PN_IPV6=Shorewall6
+MY_P_IPV6=${MY_PN_IPV6/#S/s}-${MY_PV}
+
+# shorewall-lite
+MY_PN_LITE4=Shorewall-lite
+MY_P_LITE4=${MY_PN_LITE4/#S/s}-${MY_PV}
+
+# shorewall6-lite
+MY_PN_LITE6=Shorewall6-lite
+MY_P_LITE6=${MY_PN_LITE6/#S/s}-${MY_PV}
+
+# shorewall-init
+MY_PN_INIT=Shorewall-init
+MY_P_INIT=${MY_PN_INIT/#S/s}-${MY_PV}
+
+# shorewall-core
+MY_PN_CORE=Shorewall-core
+MY_P_CORE=${MY_PN_CORE/#S/s}-${MY_PV}
+
+# shorewall-docs-html
+MY_PN_DOCS=Shorewall-docs-html
+MY_P_DOCS=${MY_PN_DOCS/#S/s}-${MY_PV}
+
+# Upstream URL schema:
+# Beta:    $MIRROR/pub/shorewall/development/4.6/shorewall-4.6.4-Beta2/shorewall-4.6.4-Beta2.tar.bz2
+# RC:      $MIRROR/pub/shorewall/development/4.6/shorewall-4.6.4-RC1/shorewall-4.6.4-RC1.tar.bz2
+# Release: $MIRROR/pub/shorewall/4.6/shorewall-4.6.3/shorewall-4.6.3.3.tar.bz2
+
+MY_URL_PREFIX=
+MY_URL_SUFFIX=
+if [[ ${MY_PV} = *-Beta* ]] || [[ ${MY_PV} = *-RC* ]]; then
+	MY_URL_PREFIX='development/'
+
+	_tmp_last_index=$(($(get_last_version_component_index ${MY_PV})+1))
+	_tmp_suffix=$(get_version_component_range ${_tmp_last_index} ${MY_PV})
+	if [[ ${_tmp_suffix} = *Beta* ]] || [[ ${_tmp_suffix} = *RC* ]]; then
+		MY_URL_SUFFIX="-${_tmp_suffix}"
+	fi
+
+	# Cleaning up temporary variables
+	unset _tmp_last_index
+	unset _tmp_suffix
+else
+	KEYWORDS="~alpha ~amd64 ~hppa ~ppc ~ppc64 ~sparc ~x86"
+fi
+
+SRC_URI="
+	http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall-core-${MY_PV}.tar.bz2
+	ipv4? ( http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall-${MY_PV}.tar.bz2 )
+	ipv6? ( http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall6-${MY_PV}.tar.bz2 )
+	lite4? ( http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall-lite-${MY_PV}.tar.bz2 )
+	lite6? ( http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall6-lite-${MY_PV}.tar.bz2 )
+	init? ( http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall-init-${MY_PV}.tar.bz2 )
+	doc? ( http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/${MY_P_DOCS}.tar.bz2 )
+"
+
+# - Shorewall6 requires Shorewall
+# - Installing Shorewall-init or just the documentation doesn't make any sense,
+#   that's why we force the user to select at least one "real" Shorewall product
+#
+# See http://shorewall.net/download.htm#Which
+REQUIRED_USE="
+	ipv6? ( ipv4 )
+	|| ( ipv4 lite4 lite6 )
+"
+
+# No build dependencies! Just plain shell scripts...
+DEPEND=""
+
+RDEPEND="
+	>=net-firewall/iptables-1.4.20
+	>=sys-apps/iproute2-3.8.0[-minimal]
+	>=sys-devel/bc-1.06.95
+	ipv4? (
+		>=dev-lang/perl-5.16
+		virtual/perl-Digest-SHA
+	)
+	ipv6? (
+		>=dev-perl/Socket6-0.230.0
+		>=net-firewall/iptables-1.4.20[ipv6]
+		>=sys-apps/iproute2-3.8.0[ipv6]
+	)
+	lite6? (
+		>=net-firewall/iptables-1.4.20[ipv6]
+		>=sys-apps/iproute2-3.8.0[ipv6]
+	)
+	init? ( >=sys-apps/coreutils-8.20 )
+	selinux? ( >=sec-policy/selinux-shorewall-2.20161023-r3 )
+	!net-firewall/shorewall-core
+	!net-firewall/shorewall6
+	!net-firewall/shorewall-lite
+	!net-firewall/shorewall6-lite
+	!net-firewall/shorewall-init
+	!<sys-apps/systemd-214
+"
+
+S=${WORKDIR}
+
+pkg_pretend() {
+	local CONFIG_CHECK="~NF_CONNTRACK"
+
+	local WARNING_CONNTRACK="Without NF_CONNTRACK support, you will be unable"
+	local WARNING_CONNTRACK+=" to run any shorewall-based firewall on the local system."
+
+	if use ipv4 || use lite4; then
+		CONFIG_CHECK="${CONFIG_CHECK} ~NF_CONNTRACK_IPV4"
+
+		local WARNING_CONNTRACK_IPV4="Without NF_CONNTRACK_IPV4 support, you will"
+		local WARNING_CONNTRACK_IPV4+=" be unable to run any shorewall-based IPv4 firewall on the local system."
+	fi
+
+	if use ipv6 || use lite6; then
+		CONFIG_CHECK="${CONFIG_CHECK} ~NF_CONNTRACK_IPV6"
+
+		local WARNING_CONNTRACK_IPV6="Without NF_CONNTRACK_IPV6 support, you will"
+		local WARNING_CONNTRACK_IPV6+=" be unable to run any shorewall-based IPv6 firewall on the local system."
+	fi
+
+	check_extra_config
+}
+
+pkg_setup() {
+	if [[ -n "${DIGEST}" ]]; then
+		einfo "Unsetting environment variable \"DIGEST\" to prevent conflicts with package's \"install.sh\" script ..."
+		unset DIGEST
+	fi
+}
+
+src_prepare() {
+	# We are moving each unpacked source from MY_P_* to MY_PN_*.
+	# This allows us to use patches from upstream and keeps epatch_user working
+
+	einfo "Preparing shorewallrc ..."
+	cp "${FILESDIR}"/shorewallrc-r1 "${S}"/shorewallrc.gentoo || die "Copying shorewallrc failed"
+	eprefixify "${S}"/shorewallrc.gentoo
+
+	# shorewall-core
+	mv "${S}"/${MY_P_CORE} "${S}"/${MY_PN_CORE} || die "Failed to move '${S}/${MY_P_CORE}' to '${S}/${MY_PN_CORE}'"
+	ebegin "Applying Gentoo-specific changes to ${MY_P_CORE} ..."
+	ln -s ../shorewallrc.gentoo ${MY_PN_CORE}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo"
+	eend 0
+
+	# shorewall
+	if use ipv4; then
+		mv "${S}"/${MY_P_IPV4} "${S}"/${MY_PN_IPV4} || die "Failed to move '${S}/${MY_P_IPV4}' to '${S}/${MY_PN_IPV4}'"
+		ebegin "Applying Gentoo-specific changes to ${MY_P_IPV4}"
+		ln -s ../shorewallrc.gentoo ${MY_PN_IPV4}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo"
+		cp "${FILESDIR}"/shorewall.confd-r1 "${S}"/${MY_PN_IPV4}/default.gentoo || die "Copying shorewall.confd-r1 failed"
+		cp "${FILESDIR}"/shorewall.initd-r2 "${S}"/${MY_PN_IPV4}/init.gentoo.sh || die "Copying shorewall.initd-r2 failed"
+		cp "${FILESDIR}"/shorewall.systemd "${S}"/${MY_PN_IPV4}/gentoo.service || die "Copying shorewall.systemd failed"
+		eend 0
+	fi
+
+	# shorewall6
+	if use ipv6; then
+		mv "${S}"/${MY_P_IPV6} "${S}"/${MY_PN_IPV6} || die "Failed to move '${S}/${MY_P_IPV6}' to '${S}/${MY_PN_IPV6}'"
+		ebegin "Applying Gentoo-specific changes to ${MY_P_IPV6}"
+		ln -s ../shorewallrc.gentoo ${MY_PN_IPV6}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo"
+		cp "${FILESDIR}"/shorewall.confd-r1 "${S}"/${MY_PN_IPV6}/default.gentoo || die "Copying shorewall.confd-r1 failed"
+		cp "${FILESDIR}"/shorewall.initd-r2 "${S}"/${MY_PN_IPV6}/init.gentoo.sh || die "Copying shorewall.initd-r2 failed"
+		cp "${FILESDIR}"/shorewall6.systemd "${S}"/${MY_PN_IPV6}/gentoo.service || die "Copying shorewall6.systemd failed"
+		eend 0
+	fi
+
+	# shorewall-lite
+	if use lite4; then
+		mv "${S}"/${MY_P_LITE4} "${S}"/${MY_PN_LITE4} || die "Failed to move '${S}/${MY_P_LITE4}' to '${S}/${MY_PN_LITE4}'"
+		ebegin "Applying Gentoo-specific changes to ${MY_P_LITE4}"
+		ln -s ../shorewallrc.gentoo ${MY_PN_LITE4}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo"
+		cp "${FILESDIR}"/shorewall-lite.confd-r1 "${S}"/${MY_PN_LITE4}/default.gentoo || die "Copying shorewall-lite.confd-r1 failed"
+		cp "${FILESDIR}"/shorewall-lite.initd-r2 "${S}"/${MY_PN_LITE4}/init.gentoo.sh || die "Copying shorewall-lite.initd-r2 failed"
+		cp "${FILESDIR}"/shorewall-lite.systemd "${S}"/${MY_PN_LITE4}/gentoo.service || die "Copying shorewall-lite.systemd failed"
+		eend 0
+	fi
+
+	# shorewall6-lite
+	if use lite6; then
+		mv "${S}"/${MY_P_LITE6} "${S}"/${MY_PN_LITE6} || die "Failed to move '${S}/${MY_P_LITE6}' to '${S}/${MY_PN_LITE6}'"
+		ebegin "Applying Gentoo-specific changes to ${MY_P_LITE6}"
+		ln -s ../shorewallrc.gentoo ${MY_PN_LITE6}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo"
+		cp "${FILESDIR}"/shorewall-lite.confd-r1 "${S}"/${MY_PN_LITE6}/default.gentoo || die "Copying shorewall-lite.confd-r1 failed"
+		cp "${FILESDIR}"/shorewall-lite.initd-r2 "${S}"/${MY_PN_LITE6}/init.gentoo.sh || die "Copying shorewall-lite.initd-r2 failed"
+		cp "${FILESDIR}"/shorewall6-lite.systemd "${S}"/${MY_PN_LITE6}/gentoo.service || die "Copying shorewall6-lite.systemd failed"
+		eend 0
+	fi
+
+	# shorewall-init
+	if use init; then
+		mv "${S}"/${MY_P_INIT} "${S}"/${MY_PN_INIT} || die "Failed to move '${S}/${MY_P_INIT}' to '${S}/${MY_PN_INIT}'"
+		ebegin "Applying Gentoo-specific changes to ${MY_P_INIT}"
+		ln -s ../shorewallrc.gentoo ${MY_PN_INIT}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo"
+		cp "${FILESDIR}"/shorewall-init.confd "${S}"/${MY_PN_INIT}/default.gentoo || die "Copying shorewall-init.confd failed"
+		cp "${FILESDIR}"/shorewall-init.initd "${S}"/${MY_PN_INIT}/init.gentoo.sh || die "Copying shorewall-init.initd failed"
+		cp "${FILESDIR}"/shorewall-init.systemd "${S}"/${MY_PN_INIT}/gentoo.service || die "Copying shorewall-init.systemd failed"
+		cp "${FILESDIR}"/shorewall-init.readme "${S}"/${MY_PN_INIT}/shorewall-init.README.Gentoo.txt || die "Copying shorewall-init.systemd failed"
+		eend 0
+
+		eprefixify "${S}"/${MY_PN_INIT}/init.gentoo.sh
+
+		cd "${S}"/${MY_PN_INIT} || die
+		eapply -p2 "${FILESDIR}"/shorewall-init-01_remove-ipset-functionality-r1.patch
+		cd "${S}" || die
+	fi
+
+	# shorewall-docs-html
+	if use doc; then
+		mv "${S}"/${MY_P_DOCS} "${S}"/${MY_PN_DOCS} || die "Failed to move '${S}/${MY_P_DOCS}' to '${S}/${MY_PN_DOCS}'"
+	fi
+
+	eapply_user
+}
+
+src_configure() {
+	:;
+}
+
+src_compile() {
+	:;
+}
+
+src_install() {
+	# shorewall-core
+	einfo "Installing ${MY_P_CORE} ..."
+	DESTDIR="${D%/}" ${MY_PN_CORE}/install.sh shorewallrc.gentoo || die "${MY_PN_CORE}/install.sh failed"
+	dodoc "${S}"/${MY_PN_CORE}/changelog.txt "${S}"/${MY_PN_CORE}/releasenotes.txt
+
+	# shorewall
+	if use ipv4; then
+		einfo "Installing ${MY_P_IPV4} ..."
+		keepdir /var/lib/shorewall
+		DESTDIR="${D%/}" ${MY_PN_IPV4}/install.sh shorewallrc.gentoo || die "${MY_PN_IPV4}/install.sh failed"
+
+		if use doc; then
+			dodoc -r "${S}"/${MY_PN_IPV4}/Samples
+		fi
+	fi
+
+	# shorewall6
+	if use ipv6; then
+		einfo "Installing ${MY_P_IPV6} ..."
+		keepdir /var/lib/shorewall6
+		DESTDIR="${D%/}" ${MY_PN_IPV6}/install.sh shorewallrc.gentoo || die "${MY_PN_IPV6}/install.sh failed"
+
+		if use doc; then
+			dodoc -r "${S}"/${MY_PN_IPV6}/Samples6
+		fi
+	fi
+
+	# shorewall-lite
+	if use lite4; then
+		einfo "Installing ${MY_P_LITE4} ..."
+		keepdir /var/lib/shorewall-lite
+		DESTDIR="${D%/}" ${MY_PN_LITE4}/install.sh shorewallrc.gentoo || die "${MY_PN_LITE4}/install.sh failed"
+	fi
+
+	# shorewall6-lite
+	if use lite6; then
+		einfo "Installing ${MY_P_LITE6} ..."
+		keepdir /var/lib/shorewall6-lite
+		DESTDIR="${D%/}" ${MY_PN_LITE6}/install.sh shorewallrc.gentoo || die "${MY_PN_LITE6}/install.sh failed"
+	fi
+
+	# shorewall-init
+	if use init; then
+		einfo "Installing ${MY_P_INIT} ..."
+		DESTDIR="${D%/}" ${MY_PN_INIT}/install.sh shorewallrc.gentoo || die "${MY_PN_INIT}/install.sh failed"
+		dodoc "${S}"/${MY_PN_INIT}/shorewall-init.README.Gentoo.txt
+
+		if [[ -f "${D}etc/logrotate.d/shorewall-init" ]]; then
+			# On Gentoo, shorewall-init will not create shorewall-ifupdown.log,
+			# so we don't need a logrotate configuration file for shorewall-init
+			einfo "Removing unused \"${D}etc/logrotate.d/shorewall-init\" ..."
+			rm -rf "${D}"etc/logrotate.d/shorewall-init || die "Removing \"${D}etc/logrotate.d/shorewall-init\" failed"
+		fi
+
+		if [[ -d "${D}etc/NetworkManager" ]]; then
+			# On Gentoo, we don't support NetworkManager
+			# so we don't need this folder at all
+			einfo "Removing unused \"${D}etc/NetworkManager\" ..."
+			rm -rf "${D}"etc/NetworkManager || die "Removing \"${D}etc/NetworkManager\" failed"
+		fi
+
+		if [[ -f "${D}usr/share/shorewall-init/ifupdown" ]]; then
+			# This script isn't supported on Gentoo
+			rm -rf "${D}"usr/share/shorewall-init/ifupdown || die "Removing \"${D}usr/share/shorewall-init/ifupdown\" failed"
+		fi
+	fi
+
+	if use doc; then
+		einfo "Installing ${MY_P_DOCS} ..."
+		docinto html && dodoc -r "${S}"/${MY_PN_DOCS}/*
+	fi
+}
+
+pkg_postinst() {
+	if [[ -z "${REPLACING_VERSIONS}" ]]; then
+		# This is a new installation
+
+		# Show first steps for shorewall/shorewall6
+		local _PRODUCTS=""
+		if use ipv4; then
+			_PRODUCTS="shorewall"
+
+			if use ipv6; then
+				_PRODUCTS="${_PRODUCTS}/shorewall6"
+			fi
+		fi
+
+		if [[ -n "${_PRODUCTS}" ]]; then
+			elog "Before you can use ${_PRODUCTS}, you need to edit its configuration in:"
+			elog ""
+			elog "  /etc/shorewall/shorewall.conf"
+
+			if use ipv6; then
+				elog "  /etc/shorewall6/shorewall6.conf"
+			fi
+
+			elog ""
+			elog "To activate your shorewall-based firewall on system start, please add ${_PRODUCTS} to your default runlevel:"
+			elog ""
+			elog "  # rc-update add shorewall default"
+
+			if use ipv6; then
+				elog "  # rc-update add shorewall6 default"
+			fi
+		fi
+
+		# Show first steps for shorewall-lite/shorewall6-lite
+		_PRODUCTS=""
+		if use lite4; then
+			_PRODUCTS="shorewall-lite"
+		fi
+
+		if use lite6; then
+			if [[ -z "${_PRODUCTS}" ]]; then
+				_PRODUCTS="shorewall6-lite"
+			else
+				_PRODUCTS="${_PRODUCTS}/shorewall6-lite"
+			fi
+		fi
+
+		if [[ -n "${_PRODUCTS}" ]]; then
+			if use ipv4; then
+				elog ""
+			fi
+
+			elog "Before you can use ${_PRODUCTS}, you need to provide a configuration, which you can"
+			elog "create using ${CATEGORY}/shorewall (with \"ipv4\" and or \"ipv6\" USE flag)."
+			elog ""
+			elog "To read more about ${_PRODUCTS}, please visit"
+			elog "  http://shorewall.net/CompiledPrograms.html"
+			elog ""
+			elog "To activate your shorewall-lite-based firewall on system start, please add ${PRODUCTS} to your default runlevel:"
+			elog ""
+
+			if use lite4; then
+				elog "  # rc-update add shorewall-lite default"
+			fi
+
+			if use lite6; then
+				elog "  # rc-update add shorewall6-lite default"
+			fi
+		fi
+
+		if use init; then
+			elog ""
+			elog "To secure your system on boot, please add shorewall-init to your boot runlevel:"
+			elog ""
+			elog "  # rc-update add shorewall-init boot"
+			elog ""
+			elog "and review \$PRODUCTS in"
+			elog ""
+			elog "  /etc/conf.d/shorewall-init"
+		fi
+
+	fi
+
+	local v
+	for v in ${REPLACING_VERSIONS}; do
+		if ! version_is_at_least ${MY_MAJOR_RELEASE_NUMBER} ${v}; then
+			# This is an upgrade
+
+			elog "You are upgrading from a previous major version. It is highly recommended that you read"
+			elog ""
+			elog "  - /usr/share/doc/shorewall*/releasenotes.tx*"
+			elog "  - http://shorewall.net/Shorewall-5.html#idp51151872"
+
+			if use ipv4; then
+				elog ""
+				elog "You can auto-migrate your configuration using"
+				elog ""
+				elog "  # shorewall update -A"
+
+				if use ipv6; then
+					elog "  # shorewall6 update -A"
+				fi
+
+				elog ""
+				elog "*after* you have merged the changed files using one of the configuration"
+				elog "files update tools of your choice (dispatch-conf, etc-update...)."
+
+				elog ""
+				elog "But if you are not familiar with the \"shorewall[6] update\" command,"
+				elog "please read the shorewall[6] man page first."
+			fi
+
+			# Show this elog only once
+			break
+		fi
+	done
+
+	if ! use init; then
+		elog ""
+		elog "Consider emerging ${CATEGORY}/${PN} with USE flag \"init\" to secure your system on boot"
+		elog "before your shorewall-based firewall is ready to start."
+		elog ""
+		elog "To read more about shorewall-init, please visit"
+		elog "  http://www.shorewall.net/Shorewall-init.html"
+	fi
+
+	if ! has_version "net-firewall/conntrack-tools"; then
+		elog ""
+		elog "Your Shorewall firewall can utilize \"conntrack\" from the \"net-firewall/conntrack-tools\""
+		elog "package. if you want to use this feature, you need to install \"net-firewall/conntrack-tools\"!"
+	fi
+
+	if ! has_version "dev-perl/Devel-NYTProf"; then
+		elog ""
+		elog "If you want to profile your Shorewall firewall you need to install \"dev-perl/Devel-NYTProf\"!"
+	fi
+}