Initial version of shorewall-init; Thanks to Thomas D.

Package-Manager: portage-2.2.7/cvs/Linux x86_64
Manifest-Sign-Key: 0xBB80F419010E3EC3

9 files changed, 430 insertions, 3 deletions

diff --git a/net-firewall/shorewall-init/Manifest b/net-firewall/shorewall-init/Manifest
index 45f50cacea17..681d0c4e2985 100644
--- a/net-firewall/shorewall-init/Manifest
+++ b/net-firewall/shorewall-init/Manifest
@@ -1,10 +1,22 @@
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA256
+
 AUX 4.5.21.2/01_Remove-ipset-functionality.patch 563 SHA256 ed4e8debb0eac40527f4c63df929e84d54bce066f1c7f002cafd9e34b01079ce SHA512 d4b9c4aea7a0d1eea24c6e7f045ce7b61b24969e962fee0f95b28c6fad490eb20c6c6cb568813d0bebf91fa6da22b9de06da03ed5bf7b2284309d0bd7d236394 WHIRLPOOL 1c3cb1f5a3829e317e834fb56a6be9a1d3ed3c63f5e4825875bbb71a85f9db195de09f6b36002e25b477e70ddf57ce6921290c31a001bb6f7036dc6600943708
 AUX 4.5.21.2/README.Gentoo.txt 1233 SHA256 01439a974c15797954f3b9ce8fc7dbd8c81baff79e6a4e81e745416103896ce3 SHA512 8dbb70cc381b81ae811dcbfbcff63f5de0ba776472107a7d3b53e912fe50f20acb59f5da2aecec5de87ad0513a40fb4b4dfa30b51ff5f4b0da9186504870304a WHIRLPOOL a4293a49656253e3d7903b5a067d67b1bffdb1fffb3d92a43a2c32dd8a796998c67ad66beb756b4c45db618ab72b0dbc1bc81f183976c174b483bb4a2401a643
 AUX 4.5.21.2/shorewall-init.confd 230 SHA256 f3845fcdf5e76492c23238a42e03ef028a63841f383213e8d7ba229d4396470a SHA512 c032f7eddded7c29212fa363cb7af7305bdea70e48de45c42747331cd6fd5f3319f3f0d9172f02a33e925d8a1bd6d02a6a27bcaaa3bf6006005873d293577e62 WHIRLPOOL 60057322b80f785924b832d3bdd0a0efc4dcd10358d0589f31cb7a932ecd363b43910f2b2f23c43e66fddc52f563b034fe547ddc43541ef07967e76055f7c3d8
-AUX 4.5.21.2/shorewall-init.initd 4352 SHA256 b1b53f03c2c35b334825be04e53fb5c870d9b1e11479ceda95efaf120bfa59d0 SHA512 ee262cb985d3462eba7107936da8db4e6e51c55cdaa0ee977203a370965be0bbbbdfa8ba045a0a67c22b5680009f656a34ad45f30c78e3146603f6e1705ffc20 WHIRLPOOL 0fc6c7050134e831287a8a13fca79439a00e606e7a6bea8525469d15fd599180780fa3c6609457f996671bd3ec010ea51257058b8d33bcbb85ae9e24d5880064
+AUX 4.5.21.2/shorewall-init.initd 4480 SHA256 130ffae1dc170aa422358d8f4027daa4fb88361e940ef80a1e849a0c64f68f12 SHA512 9b7ccc5ccbfcf7bf606c196698fdc3931e0baec1ee8d3ddf38ff3bac0b77211572d7210d05c7fac3d0c6ba2a763bdde4a781819ee224a882fb00677001093dd3 WHIRLPOOL c52296141c6e86ace70282827900c92da37c03869362ebc0ecfa5420b21a66a3af2eeb93507844f4d387e9ad9509640e4d763832edb66c2159a81e56fd60686b
 AUX 4.5.21.2/shorewall-init.systemd 343 SHA256 54b9800171441271808a4fe01b85d7e6408cfb284b69d88c1abdd9491a5e6921 SHA512 d326933f4ebcc7a6780e64c2a32413d553fb8cfd7d183395efacc7348e30f7e7f62589917025996694f46a4fc31fdca7404dd5de8b8f90e52518f812597451a0 WHIRLPOOL d7ab450c30e10588fcacb19382fecd0a0654ce308275392945148d7353af69a51d20cde8199fafded80098522452ca2a4ff42314d8b63f18e347ca66283c5d90
 AUX 4.5.21.2/shorewallrc 2006 SHA256 1f5a784ccb33ffe50cbacc066f783e1446996a60d99deb473ffbd5a69e9150a6 SHA512 c397c556f56444b08b091f405f2b82d16cf4b4e42d98176bede01ff32f270841fbaa6e0e5f5e7e1e4871ed5a0be22b654ae5c07f728e747449ab5f43025cde9f WHIRLPOOL 1d94b8bc7a9a4ac73480a610be58d4842bf0243f004fd7d5f668eab9be0e02ed3ce58bef9281bb638e5e5d346f47e8a15cc33d9a1e0bba1d642e125923d953e3
 DIST shorewall-init-4.5.21.2.tar.bz2 65230 SHA256 f43125910f1c771afab2ce8daa405ca46c08b53bee3d856d7835154509833883 SHA512 94250a1e5d61bb9ebdfc7148a9aaacd1a6e589beb7916f5417eaf56f153b1d9c64e7d1a399a6ad55c952d7ebfa40bfa22ac4915b1d58a82a76e8da3c6037f3d9 WHIRLPOOL d84112de6b2db88041fabe79043df4b71813221ccd3aac29320ad2619ad6af6c90a547099124ba581a4dce7407adcd17a0abd2afb46cddeccd7fd6f3b820554e
-EBUILD shorewall-init-4.5.21.2.ebuild 2921 SHA256 ff169b324c91c164dcf559aba9a4f7d4b2893e1637e2aae4cf4db2cf93eca067 SHA512 df764d8ea68496a00967c166c6578db475e0811cc55c36125d1d86e6bc44538ad0c8b604c85365a049901306f78beec2d092258a33683eaf199c884518d17755 WHIRLPOOL 2b329bad4ad7743ca1d9efb81c7a21a3c01be00fe613a0b3774440b6b0a80f144b6c7a9cf0a9ea3c4ec2483b886df3f7df81663c18285adff931c13814e46430
-MISC ChangeLog 571 SHA256 cc2725a268f4a333d05f5da3748943f31be15cdc526c4634981cd184f2d76ec2 SHA512 19f0e288f6c0287207988f9f0e3076ca007fd7075f31223ba95efe0316e30bc51f3252cb927a3cb30e606062008a570cb6a25d91f483de8364cbbeb9c1f62c5f WHIRLPOOL 17955a95f060b6ce0f7b470bdffb85809ae28953c120d796d9af6b63da9c9ed90cb5755c145d2b40b9462e512aeb4a969c47a257ff71a90f548a99b4db9db4b5
+EBUILD shorewall-init-4.5.21.2.ebuild 3044 SHA256 8a5529ffc79a8431ca556a8a0a7303f67866f66470f140c979ac05a8aaddd301 SHA512 0582470ea20595b7a10a7759c24dcee47ffed3325e87c817beb350e921e31a2b9f9217c6670fb2047f2e72bf1adb8f4a23db925eeffcfa219997fb7b2b8ff678 WHIRLPOOL de75cfef89d7ba3419486e058130475a891546d347fedba53f4572771be33e619c14a1a8935e4fa02b9e103b8653a07c289fb63a569bd576492b233c0b3338f1
+MISC ChangeLog 673 SHA256 1d9d98f523ea1aff2f03091cf0eda3bd8d377cbeb11a48905ddd63b5230df92e SHA512 5864153993a430dd71baba248df41b92af1a335fdb8f5eaffd03a2295ee841a76dbe7df4031a52ef8a036401038bcd789c4b83a771289a137153b96b26526b56 WHIRLPOOL ae7374053b8a2b404dd2f030dab1baf57e173da354d28b57b19dcd3a7b7e6d295430793f1adaea18892d13d6ad153fef0ad82f1a977c68cffcc56dbbeb827642
 MISC metadata.xml 276 SHA256 c0509cd51ecd918ca2fb54f777ac69644f3df01ad04cb7876421792b1fae7799 SHA512 dd4a0d2c0a0ad7bf3fbea0a0dc1a120ffaa7e36f7ece3c4067f318a4c742f6a37ff5d6ff9b7982c0ba694d12e9f0f33d32f92d5e5da0256d298a6262256373ae WHIRLPOOL 0ade135cd178412b03da32cb792e0db02e984a7fec226452ce18d48044f656be72f98ead7498157ab1f4d5e861ac696e1635f7bc70a9061a6b7e2354bf51ba56
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v2.0.22 (GNU/Linux)
+
+iL4EAREIAGYFAlJsDHhfFIAAAAAALgAoaXNzdWVyLWZwckBub3RhdGlvbnMub3Bl
+bnBncC5maWZ0aGhvcnNlbWFuLm5ldEIwNjQwRkMzRTI1OTEyQUUwM0MwQjVBQUJC
+ODBGNDE5MDEwRTNFQzMACgkQu4D0GQEOPsOivQD+N0yYpux7asHoErMUNU11Bb88
+Bc6sXNaLpq2T5PufhkIA/iL3Rb+l0bMlZZQlZtyLoawMPts+yqq3BaBX5zLnTGnk
+=DONO
+-----END PGP SIGNATURE-----
diff --git a/net-firewall/shorewall-init/files/4.5.21.2/01_Remove-ipset-functionality.patch b/net-firewall/shorewall-init/files/4.5.21.2/01_Remove-ipset-functionality.patch
new file mode 100644
index 000000000000..620e479f92fc
--- /dev/null
+++ b/net-firewall/shorewall-init/files/4.5.21.2/01_Remove-ipset-functionality.patch
@@ -0,0 +1,27 @@
+--- shorewall-init.old	2013-09-08 23:25:36.364924304 +0200
++++ shorewall-init	2013-09-08 23:29:27.418736392 +0200
+@@ -79,10 +79,6 @@
+       fi
+   done
+ 
+-  if [ -n "$SAVE_IPSETS" -a -f "$SAVE_IPSETS" ]; then
+-      ipset -R < "$SAVE_IPSETS"
+-  fi
+-
+   return 0
+ }
+ 
+@@ -100,13 +96,6 @@
+       fi
+   done
+ 
+-  if [ -n "$SAVE_IPSETS" ]; then
+-      mkdir -p $(dirname "$SAVE_IPSETS")
+-      if ipset -S > "${SAVE_IPSETS}.tmp"; then
+-	  grep -qE -- '^(-N|create )' "${SAVE_IPSETS}.tmp" && mv -f "${SAVE_IPSETS}.tmp" "$SAVE_IPSETS"
+-      fi
+-  fi
+-
+   return 0
+ }
+ 
diff --git a/net-firewall/shorewall-init/files/4.5.21.2/README.Gentoo.txt b/net-firewall/shorewall-init/files/4.5.21.2/README.Gentoo.txt
new file mode 100644
index 000000000000..f7b13fed3de6
--- /dev/null
+++ b/net-firewall/shorewall-init/files/4.5.21.2/README.Gentoo.txt
@@ -0,0 +1,30 @@
+shorewall-init from upstream offers two features (taken from [1]):
+
+	1. It can 'close' the firewall before the network interfaces are
+	   brought up during boot.
+	
+	2. It can change the firewall state as the result of interfaces
+	   being brought up or taken down.
+
+On Gentoo we only support the first feature -- the firewall lockdown during
+boot.
+
+We do not support the second feature, because Gentoo doesn't support a
+if-{up,down}.d folder like other distributions do. If you would want to use
+such a feature, you would have to add a custom action to /etc/conf.d/net
+(please refer to the Gentoo Linux Handbook [2] for more information).
+If you are able to add your custom {pre,post}{up,down} action, your are
+also able to specify what shorewall{6,-lite,6-lite} should do, so there is
+no need for upstream's scripts in Gentoo.
+
+If you disagree with us, feel free to open a bug [3] and contribute your
+solution for Gentoo.
+
+Upstream's original init script also supports saving and restoring of
+ipsets. Please use the init script from net-firewall/ipset if you need
+such a feature.
+
+
+[1] http://www.shorewall.net/Shorewall-init.html
+[2] http://www.gentoo.org/doc/en/handbook/handbook-x86.xml?part=4&chap=5
+[3] https://bugs.gentoo.org
diff --git a/net-firewall/shorewall-init/files/4.5.21.2/shorewall-init.confd b/net-firewall/shorewall-init/files/4.5.21.2/shorewall-init.confd
new file mode 100644
index 000000000000..4ca0024579f7
--- /dev/null
+++ b/net-firewall/shorewall-init/files/4.5.21.2/shorewall-init.confd
@@ -0,0 +1,9 @@
+# List the Shorewall products that Shorewall-init is to
+# initialize (space-separated list).
+#
+# Sample: PRODUCTS="shorewall shorewall6-lite"
+#
+PRODUCTS=""
+
+# Startup options - set verbosity to 0 (minimal reporting)
+OPTIONS="-V0"
diff --git a/net-firewall/shorewall-init/files/4.5.21.2/shorewall-init.initd b/net-firewall/shorewall-init/files/4.5.21.2/shorewall-init.initd
new file mode 100644
index 000000000000..b5030439549c
--- /dev/null
+++ b/net-firewall/shorewall-init/files/4.5.21.2/shorewall-init.initd
@@ -0,0 +1,196 @@
+#!/sbin/runscript
+# Copyright 1999-2013 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-firewall/shorewall-init/files/4.5.21.2/shorewall-init.initd,v 1.1 2013/10/26 18:39:51 constanze Exp $
+
+SHOREWALLRC_FILE="@GENTOO_PORTAGE_EPREFIX@/usr/share/shorewall/shorewallrc"
+CONFIG_FILE="@GENTOO_PORTAGE_EPREFIX@/etc/conf.d/${SVCNAME}"
+
+description="Puts Shorewall in a safe state at boot time"
+description="${description} prior to bringing up the network."
+
+required_files="$SHOREWALLRC_FILE"
+
+depend() {
+	need localmount
+	before net
+	after bootmisc ipset tmpfiles.setup ulogd
+}
+
+
+. $SHOREWALLRC_FILE
+
+checkconfig() {
+	local PRODUCT=
+	
+	if [ -z "${VARLIB}" ]; then
+		eerror "\"VARLIB\" isn't defined or empty! Please check" \
+			"\"${SHOREWALLRC_FILE}\"."
+		
+		
+		return 1
+	fi
+	
+	if [ -z "${PRODUCTS}" ]; then
+		eerror "${SVCNAME} isn't configured! Please check" \
+			"\"${CONFIG_FILE}\"."
+		
+		
+		return 1
+	fi
+	
+	for PRODUCT in ${PRODUCTS}; do
+		if [ ! -x ${SBINDIR}/${PRODUCT} ]; then
+			eerror "Invalid product \"${PRODUCT}\" specified" \
+				"in \"${CONFIG_FILE}\"!"
+			eerror "Maybe \"${PRODUCT}\" isn't installed?"
+			
+			
+			return 1
+		fi
+	done
+	
+	
+	return 0
+}
+
+check_firewall_script() {
+	if [ ! -x ${STATEDIR}/firewall ]; then
+		if [ ${PRODUCT} = shorewall -o ${PRODUCT} = shorewall6 ]; then
+			ebegin "Creating \"${STATEDIR}/firewall\""
+			${SBINDIR}/${PRODUCT} compile 1>/dev/null
+			eend $?
+		else
+			eerror "\"${PRODUCT}\" isn't configured!"
+			eerror "Please go to your 'administrative system'" \
+				"and deploy the compiled firewall" \
+				"configuration for this system."
+			
+			
+			return 1
+		fi
+	fi
+	
+	
+	return 0
+}
+
+is_allowed_to_be_executed() {
+	# This is not a real service. shorewall-init is an intermediate
+	# script to put your Shorewall-based firewall into a safe state
+	# at boot time prior to bringing up the network.
+	# Please read /usr/share/doc/shorewall-init-*/README.gentoo.gz
+	# for more information.
+	# When your system is up, there is no need to call shorewall-init.
+	# Please call shorewall{,6,-lite,6-lite} directly. That's the
+	# reason why we are preventing start, stop or restart here.
+	
+	local PRODUCT=
+	
+	if [ "${RC_RUNLEVEL}" != "boot" -a "${RC_CMD}" = "start" ]; then
+		# Starting shorewall-init is only allowed at boot time
+		eerror "This is a boot service, which can only be started" \
+			"at boot."
+		eerror "If you want to get your shorewall-based firewall" \
+			"into the same safe boot state again, run"
+		eerror ""
+		eindent
+		for PRODUCT in ${PRODUCTS}; do
+			eerror "/etc/init.d/${PRODUCT} stop"
+		done
+		eoutdent
+		eerror ""
+		eerror "Yes, \"stop\" and not start."
+		eerror ""
+		return 1
+	fi
+	
+	if [ "${RC_RUNLEVEL}" != "shutdown" -a "${RC_CMD}" = "stop" ]; then
+		# Stopping shorewall-init is only allowed at shutdown
+		eerror "This is a boot service, which cannot be stopped."
+		eerror "If you really want to stop your Shorewall-based" \
+			"firewall the same way this service would stop" \
+			"Shorewall at shutdown, please run"
+		eerror ""
+		eindent
+		for PRODUCT in ${PRODUCTS}; do
+			eerror "/etc/init.d/${PRODUCT} clear"
+		done
+		eoutdent
+		eerror ""
+		eerror "Keep in mind that this will clear (=bring down)" \
+			"your firewall!"
+		eerror ""
+		return 1
+	fi
+	
+	if [ "${RC_CMD}" = "restart" ]; then
+		eerror "This is a boot service, which cannot be restarted."
+		eerror "If you want to restart any of your Shorewall-based" \
+			"firewalls, run"
+		eerror ""
+		eindent
+		for PRODUCT in ${PRODUCTS}; do
+			eerror "/etc/init.d/${PRODUCT} restart"
+		done
+		eoutdent
+		eerror ""
+		return 1
+	fi
+	
+	
+	return 0
+}
+
+set_statedir() {
+	STATEDIR=
+	local VARDIR=
+	
+	if [ -f ${CONFDIR}/${PRODUCT}/vardir ]; then
+		STATEDIR=$( . ${CONFDIR}/${PRODUCT}/vardir && echo ${VARDIR} )
+	fi
+	
+	[ ! -n "${STATEDIR}" ] && STATEDIR=${VARLIB}/${PRODUCT}
+}
+
+start_pre() {
+	checkconfig || return 1
+	
+	is_allowed_to_be_executed || return 1
+}
+
+start() {
+	local PRODUCT=
+	local STATEDIR=
+	
+	for PRODUCT in ${PRODUCTS}; do
+		set_statedir
+		
+		check_firewall_script || return 1
+		
+		ebegin "Initializing \"${PRODUCT}\""
+		${STATEDIR}/firewall stop 1>/dev/null
+		eend $?
+	done
+}
+
+stop_pre() {
+	checkconfig || return 1
+	
+	is_allowed_to_be_executed || return 1
+}
+
+stop() {
+	local PRODUCT=
+	local STATEDIR=
+	
+	for PRODUCT in ${PRODUCTS}; do
+		set_statedir
+		
+		check_firewall_script || return 1
+		
+		ebegin "Clearing \"${PRODUCT}\""
+		${STATEDIR}/firewall clear 1>/dev/null
+		eend $?
+	done
+}
diff --git a/net-firewall/shorewall-init/files/4.5.21.2/shorewall-init.systemd b/net-firewall/shorewall-init/files/4.5.21.2/shorewall-init.systemd
new file mode 100644
index 000000000000..e48a729105b8
--- /dev/null
+++ b/net-firewall/shorewall-init/files/4.5.21.2/shorewall-init.systemd
@@ -0,0 +1,16 @@
+#
+#	The Shoreline Firewall (Shorewall) Packet Filtering Firewall - V4.5
+#
+[Unit]
+Description=shorewall-init
+Documentation=http://www.shorewall.net/Shorewall-init.html
+Before=network.target
+
+[Service]
+Type=oneshot
+RemainAfterExit=yes
+ExecStart=/sbin/shorewall-init start
+ExecStop=/sbin/shorewall-init stop
+
+[Install]
+WantedBy=multi-user.target
diff --git a/net-firewall/shorewall-init/files/4.5.21.2/shorewallrc b/net-firewall/shorewall-init/files/4.5.21.2/shorewallrc
new file mode 100644
index 000000000000..46f5eb9a3603
--- /dev/null
+++ b/net-firewall/shorewall-init/files/4.5.21.2/shorewallrc
@@ -0,0 +1,23 @@
+#
+# Gentoo Shorewall 4.5 rc file
+#
+BUILD=                                  #Default is to detect the build system
+HOST=gentoo                             #Gentoo GNU Linux
+PREFIX=@GENTOO_PORTAGE_EPREFIX@/usr                             #Top-level directory for shared files, libraries, etc.
+SHAREDIR=${PREFIX}/share                #Directory for arch-neutral files.
+LIBEXECDIR=${PREFIX}/share              #Directory for executable scripts.
+PERLLIBDIR=${PREFIX}/share/shorewall    #Directory to install Shorewall Perl module directory
+CONFDIR=@GENTOO_PORTAGE_EPREFIX@/etc                            #Directory where subsystem configurations are installed
+SBINDIR=@GENTOO_PORTAGE_EPREFIX@/sbin                           #Directory where system administration programs are installed
+MANDIR=${PREFIX}/share/man              #Directory where manpages are installed.
+INITDIR=${CONFDIR}/init.d               #Directory where SysV init scripts are installed.
+INITFILE=${PRODUCT}                     #Name of the product's installed SysV init script
+INITSOURCE=init.gentoo.sh               #Name of the distributed file to be installed as the SysV init script
+ANNOTATED=                              #If non-zero, annotated configuration files are installed
+SYSTEMD=@GENTOO_PORTAGE_EPREFIX@/usr/lib/systemd/system         #Directory where .service files are installed (systems running systemd only)
+SERVICEFILE=gentoo.service              #Name of the distributed file to be installed as systemd service file
+SYSCONFFILE=default.gentoo              #Name of the distributed file to be installed in $SYSCONFDIR
+SYSCONFDIR=${CONFDIR}/conf.d            #Directory where SysV init parameter files are installed
+SPARSE=                                 #If non-empty, only install $PRODUCT/$PRODUCT.conf in $CONFDIR
+VARLIB=@GENTOO_PORTAGE_EPREFIX@/var/lib                         #Directory where product variable data is stored.
+VARDIR=${VARLIB}/${PRODUCT}             #Directory where product variable data is stored.
diff --git a/net-firewall/shorewall-init/metadata.xml b/net-firewall/shorewall-init/metadata.xml
new file mode 100644
index 000000000000..03caed7b9582
--- /dev/null
+++ b/net-firewall/shorewall-init/metadata.xml
@@ -0,0 +1,10 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+<herd>netmon</herd>
+<herd>proxy-maintainers</herd>
+<maintainer>
+  <email>whissi@whissi.de</email>
+  <name>Thomas D.</name>
+</maintainer>
+</pkgmetadata>
diff --git a/net-firewall/shorewall-init/shorewall-init-4.5.21.2.ebuild b/net-firewall/shorewall-init/shorewall-init-4.5.21.2.ebuild
new file mode 100644
index 000000000000..d02cc647b3d5
--- /dev/null
+++ b/net-firewall/shorewall-init/shorewall-init-4.5.21.2.ebuild
@@ -0,0 +1,104 @@
+# Copyright 1999-2013 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-firewall/shorewall-init/shorewall-init-4.5.21.2.ebuild,v 1.1 2013/10/26 18:39:51 constanze Exp $
+
+EAPI="5"
+
+inherit eutils versionator prefix
+
+MY_URL_PREFIX=
+case ${P} in
+	*_beta* | \
+	*_rc*)
+		MY_URL_PREFIX='development/'
+		;;
+esac
+
+MY_PV=${PV/_rc/-RC}
+MY_PV=${MY_PV/_beta/-Beta}
+MY_P=${PN}-${MY_PV}
+
+MY_MAJOR_RELEASE_NUMBER=$(get_version_component_range 1-2)
+MY_MAJORMINOR_RELEASE_NUMBER=$(get_version_component_range 1-3)
+
+DESCRIPTION="Component to secure a Shorewall-protected system at boot time prior to bringing up the network."
+HOMEPAGE="http://www.shorewall.net/"
+SRC_URI="http://www1.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}/${MY_P}.tar.bz2"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~hppa ~ppc ~ppc64 ~sparc ~x86"
+IUSE=""
+
+DEPEND="sys-apps/coreutils"
+RDEPEND="
+	${DEPEND}
+	|| ( =net-firewall/shorewall-${PVR} =net-firewall/shorewall6-${PVR} =net-firewall/shorewall-lite-${PVR} =net-firewall/shorewall6-lite-${PVR} )
+"
+
+S=${WORKDIR}/${MY_P}
+
+src_prepare() {
+	cp "${FILESDIR}"/${PVR}/shorewallrc "${S}"/shorewallrc.gentoo || die "Copying shorewallrc failed"
+	eprefixify "${S}"/shorewallrc.gentoo
+
+	cp "${FILESDIR}"/${PVR}/${PN}.confd "${S}"/default.gentoo || die "Copying ${PN}.confd failed"
+
+	cp "${FILESDIR}"/${PVR}/${PN}.initd "${S}"/init.gentoo.sh || die "Copying ${PN}.initd failed"
+	eprefixify "${S}"/init.gentoo.sh
+
+	cp "${FILESDIR}"/${PVR}/${PN}.systemd "${S}"/gentoo.service || die "Copying ${PN}.systemd failed"
+
+	epatch "${FILESDIR}"/${PVR}/01_Remove-ipset-functionality.patch
+	epatch_user
+}
+
+src_configure() {
+	:;
+}
+
+src_compile() {
+	:;
+}
+
+src_install() {
+	DESTDIR="${D}" ./install.sh shorewallrc.gentoo || die "install.sh failed"
+
+	if [ -d "${D}/etc/logrotate.d" ]; then
+		# On Gentoo, shorewall-init will not create shorewall-ifupdown.log,
+		# so we don't need a logrotate folder at all
+		rm -rf "${D}"/etc/logrotate.d
+	fi
+
+	if [ -d "${D}/etc/NetworkManager" ]; then
+		# On Gentoo, we don't support NetworkManager
+		# so we don't need these folder at all
+		rm -rf "${D}"/etc/NetworkManager
+	fi
+
+	if [ -f "${D}/usr/share/shorewall-init/ifupdown" ]; then
+		# This script won't work on Gentoo
+		rm -rf "${D}"/usr/share/shorewall-init/ifupdown
+	fi
+
+	dodoc "${FILESDIR}"/${PVR}/README.Gentoo.txt
+}
+
+pkg_postinst() {
+	if [[ -z "${REPLACING_VERSIONS}" ]]; then
+		# This is a new installation
+		elog "Before you can use ${PN}, you need to edit its configuration in:"
+		elog ""
+		elog "  ${EPREFIX}/etc/conf.d/${PN}"
+		elog ""
+		elog "To use ${PN}, please add ${PN} to your boot runlevel:"
+		elog ""
+		elog "  # rc-update add ${PN} boot"
+		elog ""
+		ewarn "Notice:"
+		ewarn "${PN} is more like a start script than a service."
+		ewarn "Therefore you cannot start or stop ${PN} at default runlevel."
+		ewarn ""
+		ewarn "For more information read ${EPREFIX}/usr/share/doc/${PF}/README.Gentoo.txt.bz2"
+	fi
+}