proj/gentoo: Initial commit

This commit represents a new era for Gentoo:
Storing the gentoo-x86 tree in Git, as converted from CVS.

This commit is the start of the NEW history.
Any historical data is intended to be grafted onto this point.

Creation process:
1. Take final CVS checkout snapshot
2. Remove ALL ChangeLog* files
3. Transform all Manifests to thin
4. Remove empty Manifests
5. Convert all stale $Header$/$Id$ CVS keywords to non-expanded Git $Id$
5.1. Do not touch files with -kb/-ko keyword flags.

Signed-off-by: Robin H. Johnson <robbat2@gentoo.org>
X-Thanks: Alec Warner <antarus@gentoo.org> - did the GSoC 2006 migration tests
X-Thanks: Robin H. Johnson <robbat2@gentoo.org> - infra guy, herding this project
X-Thanks: Nguyen Thai Ngoc Duy <pclouds@gentoo.org> - Former Gentoo developer, wrote Git features for the migration
X-Thanks: Brian Harring <ferringb@gentoo.org> - wrote much python to improve cvs2svn
X-Thanks: Rich Freeman <rich0@gentoo.org> - validation scripts
X-Thanks: Patrick Lauer <patrick@gentoo.org> - Gentoo dev, running new 2014 work in migration
X-Thanks: Michał Górny <mgorny@gentoo.org> - scripts, QA, nagging
X-Thanks: All of other Gentoo developers - many ideas and lots of paint on the bikeshed

10 files changed, 691 insertions, 0 deletions

diff --git a/net-analyzer/ippl/Manifest b/net-analyzer/ippl/Manifest
new file mode 100644
index 000000000000..ca3f0733b6ca
--- /dev/null
+++ b/net-analyzer/ippl/Manifest
@@ -0,0 +1 @@
+DIST ippl-1.4.14.tar.gz 54030 SHA256 e1808c65e498036de2529d053dbaa95ba3f6821e2c7196d4dcbb5039489cfeb4 SHA512 3d71afc3ec7a0420cc9b269bf67dc008a777464c68d233dfbad4ee7a2dd2b960e114500e42866977e31b9dbeee26bbefea937fef8a09aa41cf87f96361ba0088 WHIRLPOOL aeab98a00d31583f19d4c98839f8eef4adbb263e274df2cd4065910e8a05d19e432be235de378e4039abc8465ff4fe8c11fcae1e95aa4e5dd34565acd4169c2a
diff --git a/net-analyzer/ippl/files/ippl-1.4.14-format-warnings.patch b/net-analyzer/ippl/files/ippl-1.4.14-format-warnings.patch
new file mode 100644
index 000000000000..db6cfcd7e1d0
--- /dev/null
+++ b/net-analyzer/ippl/files/ippl-1.4.14-format-warnings.patch
@@ -0,0 +1,20 @@
+--- a/Source/log.c
++++ b/Source/log.c
+@@ -147,7 +147,7 @@
+   }
+ 
+   if (repeats > 0) {
+-    snprintf(date, 27, asctime(localtime(&last_repeat)));
++    snprintf(date, 27, "%s", asctime(localtime(&last_repeat)));
+     snprintf(repeat_message, 40, "last message repeated %d time(s)\n", repeats);
+     write(fd, date+4, strlen(date)-10);
+     write(fd, " ", 1);
+@@ -155,7 +155,7 @@
+     repeats = 0;
+   }
+ 
+-  snprintf(date, 27, asctime(localtime(&current)));
++  snprintf(date, 27, "%s", asctime(localtime(&current)));
+   write(fd, date+4, strlen(date)-10);
+   write(fd, " ", 1);
+   write(fd, entry, (strlen(entry) < 1023) ? strlen(entry) : 1023 );
diff --git a/net-analyzer/ippl/files/ippl-1.4.14-includes.patch b/net-analyzer/ippl/files/ippl-1.4.14-includes.patch
new file mode 100644
index 000000000000..12b2832fa342
--- /dev/null
+++ b/net-analyzer/ippl/files/ippl-1.4.14-includes.patch
@@ -0,0 +1,20 @@
+--- a/Source/filter.c
++++ b/Source/filter.c
+@@ -22,6 +22,7 @@
+ 
+ #include <stdlib.h>
+ #include <ctype.h>
++#include <string.h> /* memcpy() */
+ 
+ #include <fnmatch.h>
+ 
+--- a/Source/main.c
++++ b/Source/main.c
+@@ -37,6 +37,7 @@
+ #include <pwd.h>
+ #include <stdlib.h>
+ #include <getopt.h>
++#include <grp.h> /* initgroups() */
+ 
+ #include "defines.h"
+ #include "configuration.h"
diff --git a/net-analyzer/ippl/files/ippl-1.4.14-manpage.patch b/net-analyzer/ippl/files/ippl-1.4.14-manpage.patch
new file mode 100644
index 000000000000..d17e5939cdee
--- /dev/null
+++ b/net-analyzer/ippl/files/ippl-1.4.14-manpage.patch
@@ -0,0 +1,15 @@
+patch by Marc Haber <mh+debian-packages@zugschlus.de>
+
+--- a/Docs/ippl.conf.man
++++ b/Docs/ippl.conf.man
+@@ -222,9 +222,7 @@
+ .SS Protocol
+ .PP
+ protocol is one of the supported protocols (see the protocols
+-section), except the
+-.I all
+-keyword, which is not supported.
++section).
+ 
+ .SS Description
+ .PP
diff --git a/net-analyzer/ippl/files/ippl-1.4.14-noportresolve.patch b/net-analyzer/ippl/files/ippl-1.4.14-noportresolve.patch
new file mode 100644
index 000000000000..919623040f7f
--- /dev/null
+++ b/net-analyzer/ippl/files/ippl-1.4.14-noportresolve.patch
@@ -0,0 +1,347 @@
+patch by Marc Haber <mh+debian-packages@zugschlus.de>
+
+--- a/Docs/ippl.conf.man
++++ b/Docs/ippl.conf.man
+@@ -92,6 +92,13 @@
+ .PP
+ By default, IP address resolution is disabled for all the protocols.
+ 
++Ippl by default resolves tcp/udp port numbers to their respective
++service names. If you pass a protocol to the noportresolve option,
++ippl logs the port number instead. This is a Debian specific extension.
++
++By default service resolving is enabled, since this is the behaviour
++of the upstream program.
++
+ .SH LOGGING FORMAT
+ 
+ .BR ippl
+@@ -198,6 +205,12 @@
+ .I noresolve
+ disable IP address resolution.
+ .PP
++.I portresolve
++enable IP service resolution.
++.PP
++.I noportresolve
++disable IP service resolution.
++.PP
+ .I ident
+ use ident logging (only for TCP).
+ .PP
+
+--- a/Source/configuration.c
++++ b/Source/configuration.c
+@@ -60,6 +60,7 @@
+   extern unsigned int dns_expire;
+   extern unsigned short log_protocols;
+   extern unsigned short resolve_protocols;
++  extern unsigned short portresolve_protocols;
+   extern unsigned short icmp_format;
+   extern unsigned short tcp_format;
+   extern unsigned short udp_format;
+@@ -71,6 +72,7 @@
+   dns_expire = DNS_EXPIRE;
+   log_protocols = NONE;
+   resolve_protocols = 0; /* Do not resolve by default */
++  portresolve_protocols = RUN_TCP | RUN_UDP | RUN_ICMP; /* Resolve by default */
+   icmp_format = LOGFORMAT_NORMAL;
+   tcp_format = LOGFORMAT_NORMAL;
+   udp_format = LOGFORMAT_NORMAL;
+
+--- a/Source/filter.c
++++ b/Source/filter.c
+@@ -46,6 +46,7 @@
+ 
+ extern unsigned short use_ident;
+ extern unsigned short resolve_protocols;
++extern unsigned short portresolve_protocols;
+ extern unsigned short icmp_format;
+ extern unsigned short tcp_format;
+ extern unsigned short udp_format;
+@@ -66,7 +67,7 @@
+ #ifdef FILTER_DEBUG
+ void display_info(struct log_info *info, int entries) {
+ 
+-  log.log(log.level_or_fd, "DBG: (e:%d) log:%d ident:%d resolve:%d closing:%d format:%d", entries, info->log, info->ident, info->resolve, info->logclosing, info->logformat);
++  log.log(log.level_or_fd, "DBG: (e:%d) log:%d ident:%d resolve:%d portresolve: %d, closing:%d format:%d", entries, info->log, info->ident, info->resolve, info->portresolve, info->logclosing, info->logformat);
+ }
+ #endif
+ 
+@@ -200,6 +201,19 @@
+       break;
+     }
+   }
++  if (info->portresolve == -1) {
++    switch (protocol) {
++    case IPPROTO_ICMP:
++      info->portresolve = portresolve_protocols & RUN_ICMP;
++      break;
++    case IPPROTO_TCP:
++      info->portresolve = portresolve_protocols & RUN_TCP;
++      break;
++    case IPPROTO_UDP:
++      info->portresolve = portresolve_protocols & RUN_UDP;
++      break;
++    }
++  }
+ }
+ 
+ struct log_info do_log(const __u32 from, const __u32 to, const __u16 type, const __u16 srctype, const short protocol) {
+@@ -244,6 +258,7 @@
+         info.log = p->log;
+         info.ident = p->ident;
+         info.resolve = p->resolve;
++        info.portresolve = p->portresolve;
+         info.logformat = p->logformat;
+         info.logclosing = p->logclosing;
+         set_defaults(protocol, &info);
+@@ -265,6 +280,7 @@
+         info.log = p->log;
+         info.ident = p->ident;
+         info.resolve = p->resolve;
++        info.portresolve = p->portresolve;
+         info.logformat = p->logformat;
+         set_defaults(protocol, &info);
+ #ifdef FILTER_DEBUG
+@@ -280,7 +296,7 @@
+   info.log = TRUE;
+   info.ident = use_ident;
+   info.logclosing = log_closing;
+-  info.logformat = info.resolve = -1;
++  info.logformat = info.resolve = info.portresolve = -1;
+   set_defaults(protocol, &info);
+ 
+ #ifdef FILTER_DEBUG
+
+--- a/Source/filter.h
++++ b/Source/filter.h
+@@ -53,6 +53,7 @@
+ struct filter_entry {
+   short log;		/* TRUE for "log", FALSE for "ignore" */
+   short ident;          /* TRUE if we should use ident */
++  short portresolve;    /* TRUE if we should resolve TCP/UDP services */
+   short resolve;        /* TRUE if we should resolve IP addresses */
+   short logformat;      /* format used to log */
+   short logclosing;     /* TRUE to log closing TCP connections */
+@@ -72,6 +73,7 @@
+   short log;
+   short ident;
+   short resolve;
++  short portresolve;
+   short logclosing;
+   short logformat;
+ };
+
+--- a/Source/ippl.l
++++ b/Source/ippl.l
+@@ -75,6 +75,9 @@
+ [lL][oO][gG][cC][lL][oO][sS][iI][nN][gG] return LOGCLOSING;
+ [nN][oO][lL][oO][gG][cC][lL][oO][sS][iI][nN][gG] return NOLOGCLOSING;
+ 
++[nN][oO][pP][oO][rR][tT][rR][eE][sS][oO][lL][vV][eE] return NOPORTRESOLVE;
++[pP][oO][rR][tT][rR][eE][sS][oO][lL][vV][eE] return PORTRESOLVE;
++
+ [nN][oO][rR][eE][sS][oO][lL][vV][eE] return NORESOLVE;
+ [rR][eE][sS][oO][lL][vV][eE] return RESOLVE;
+ 
+
+--- a/Source/ippl.y
++++ b/Source/ippl.y
+@@ -61,6 +61,7 @@
+ 
+ /* Should name resolving be done? */
+ unsigned short resolve_protocols;
++unsigned short portresolve_protocols;
+ 
+ /* Logging format for each protocol */
+ unsigned short icmp_format;
+@@ -100,7 +101,7 @@
+ %token<stringval> IP HOSTMASK IDENTIFIER FILENAME
+ %token<longval> NUMBER
+ 
+-%token LOGFORMAT DETAILED SHORT NORMAL RESOLVE NORESOLVE IDENT NOIDENT LOGCLOSING NOLOGCLOSING
++%token LOGFORMAT DETAILED SHORT NORMAL RESOLVE NORESOLVE IDENT NOIDENT LOGCLOSING NOLOGCLOSING PORTRESOLVE NOPORTRESOLVE
+ %token RUN RUNAS EXPIRE LOG_IN LOG IGNORE FROM TO TYPE PORT SRCPORT OPTION COMMA
+ %token ICMP TCP UDP ALL
+ 
+@@ -138,6 +139,11 @@
+         | NORESOLVE ProtoList EOL
+           { resolve_protocols &= ~$2; }
+ 
++        | PORTRESOLVE ProtoList EOL
++          { portresolve_protocols |= $2; }
++        | NOPORTRESOLVE ProtoList EOL
++          { portresolve_protocols &= ~$2; }
++
+         | LOGCLOSING EOL
+           { log_closing = TRUE; }
+         | NOLOGCLOSING EOL
+@@ -249,6 +255,7 @@
+             switches.log = -1;
+             switches.ident = use_ident;
+             switches.resolve = -1;
++	    switches.portresolve = -1;
+             switches.logformat = -1;
+             switches.logclosing = log_closing;
+           } 
+@@ -259,6 +266,7 @@
+             $$->ident = switches.ident;
+             $$->logclosing = switches.logclosing;
+             $$->resolve = switches.resolve;
++            $$->portresolve = switches.portresolve;
+             $$->logformat = switches.logformat;
+             $$->protocol = $4.protocol;
+             $$->loginfo = $4.loginfoval;
+@@ -287,6 +295,8 @@
+         | NOIDENT    { switches.ident = FALSE; }
+         | RESOLVE    { switches.resolve = RUN_ICMP | RUN_TCP | RUN_UDP; }
+         | NORESOLVE  { switches.resolve = 0; }
++        | PORTRESOLVE    { switches.portresolve = RUN_ICMP | RUN_TCP | RUN_UDP; }
++        | NOPORTRESOLVE  { switches.portresolve = 0; }
+         | SHORT      { switches.logformat = LOGFORMAT_SHORT; }
+         | NORMAL     { switches.logformat = LOGFORMAT_NORMAL; }
+         | DETAILED   { switches.logformat = LOGFORMAT_DETAILED; }
+
+--- a/Source/main.c
++++ b/Source/main.c
+@@ -48,6 +48,10 @@
+ #include "filter.h"
+ #include "pidfile.h"
+ 
++#ifndef PATH_MAX
++#define PATH_MAX 4096
++#endif
++
+ /* Logging mechanism */
+ struct loginfo log;
+ 
+
+--- a/Source/netutils.c
++++ b/Source/netutils.c
+@@ -237,15 +237,21 @@
+  * Get a service name for a specified protocol
+  */
+ 
+-void service_lookup(char *proto, char *service, __u16 port) {
++void service_lookup(char *proto, char *service, __u16 port, int portresolve) {
+   struct servent *se;
+ 
+   pthread_mutex_lock(&service_mutex);
+-  se = getservbyport(port, proto);
+-  if (se == NULL)
++  if (portresolve)
++  {
++    se = getservbyport(port, proto);
++    if (se == NULL)
++      snprintf(service, SERVICE_LENGTH, "port %d", ntohs(port));
++    else {
++      snprintf(service, SERVICE_LENGTH, "%s", se->s_name);
++    }
++  }
++  else {
+     snprintf(service, SERVICE_LENGTH, "port %d", ntohs(port));
+-  else {
+-    snprintf(service, SERVICE_LENGTH, "%s", se->s_name);
+   }
+   pthread_mutex_unlock(&service_mutex);
+ }
+
+--- a/Source/netutils.h
++++ b/Source/netutils.h
+@@ -53,6 +53,6 @@
+                  const __u32 src_addr, const __u16 src_port,
+                  const __u32 dst_addr, const __u16 dst_port);
+ 
+-void service_lookup(char *proto, char *service, __u16 port);
++void service_lookup(char *proto, char *service, __u16 port, int portresolve);
+ 
+ #endif
+
+--- a/Source/tcp.c
++++ b/Source/tcp.c
+@@ -51,6 +51,7 @@
+ struct loginfo tcp_log;
+ extern struct loginfo log;
+ extern unsigned short resolve_protocols;
++extern unsigned short portresolve_protocols;
+ 
+ /*
+  * Structure of a TCP packet
+@@ -88,7 +89,7 @@
+     *details ='\0';
+     host_print(remote_host, IPHDR.saddr,
+                info.resolve);
+-    service_lookup("tcp", service, TCPHDR.dest);
++    service_lookup("tcp", service, TCPHDR.dest, info.portresolve);
+     if (info.logformat == LOGFORMAT_DETAILED) {
+       get_details(details,
+                   IPHDR.saddr,
+@@ -186,7 +187,7 @@
+     *details ='\0';
+     host_print(remote_host, IPHDR.saddr,
+                info.resolve);
+-    service_lookup("tcp", service, TCPHDR.dest);
++    service_lookup("tcp", service, TCPHDR.dest, info.portresolve);
+     if (info.logformat == LOGFORMAT_DETAILED) {
+       get_details(details,
+                   IPHDR.saddr,
+
+--- a/Source/udp.c
++++ b/Source/udp.c
+@@ -81,7 +81,7 @@
+     *details ='\0';
+     host_print(remote_host, IPHDR.saddr,
+                info.resolve);
+-    service_lookup("udp", service, UDPHDR.dest);
++    service_lookup("udp", service, UDPHDR.dest, info.portresolve);
+     if (info.logformat == LOGFORMAT_DETAILED) {
+       get_details(details,
+                   IPHDR.saddr,
+
+--- a/ippl.conf
++++ b/ippl.conf
+@@ -4,13 +4,15 @@
+ # User used
+ # ---------
+ # Specify the user (declared in /etc/passwd) used to run the
+-# logging threads.
+-#runas nobody
++# logging threads. The ippl process visible in the process table
++# is still running as root! Look in /proc/pid/task to see the threads
++# running as ippl
++runas ippl
+ 
+ # Resolve hostnames?
+ # ------------------
+-# Uncomment the line below to disable DNS lookups
+-#noresolve all
++# Uncomment the line below to enable DNS lookups
++#resolve all
+ 
+ # Use ident?
+ # ----------
+@@ -38,9 +40,14 @@
+ # ----------------
+ run icmp tcp
+ # Uncomment the line below to log UDP traffic.
+-# See ippl.conf(5) for recommandations.
++# See ippl.conf(5) for recommendations.
+ #run udp
+ 
++# Resolve tcp/udp port to service name?
++# -------------------------------------
++# portresolve icmp tcp udp
++# Set noportresolve <protocol-list> to log port numbers instead
++
+ # Logging format
+ # ----------------
+ # If you want to see the destination address, the ports, etc
+@@ -63,6 +70,3 @@
+ # Do not log DNS queries
+ #ignore udp port domain
+ #ignore udp srcport domain
+-
+-# End of configuration
+-# Copyright (C) 1998-1999 Hugo Haas - Etienne Bernard
+
diff --git a/net-analyzer/ippl/files/ippl-1.4.14-privilege-drop.patch b/net-analyzer/ippl/files/ippl-1.4.14-privilege-drop.patch
new file mode 100644
index 000000000000..0f6d03684a93
--- /dev/null
+++ b/net-analyzer/ippl/files/ippl-1.4.14-privilege-drop.patch
@@ -0,0 +1,140 @@
+privilege-drop by Marc Haber <mh+debian-packages@zugschlus.de>
+
+--- a/Source/icmp.c
++++ b/Source/icmp.c
+@@ -39,6 +39,8 @@
+ #include "log.h"
+ #include "filter.h"
+ #include "configuration.h"
++#include <string.h>
++#include <errno.h>
+ 
+ /* Socket */
+ int icmp_socket;
+@@ -296,14 +298,16 @@
+ 
+   icmp_socket = socket(AF_INET, SOCK_RAW, IPPROTO_ICMP);
+   if (icmp_socket <= 0) {
+-	log.log(log.level_or_fd, "FATAL: Unable to open icmp raw socket");
++	int error = errno;
++    	log.log(log.level_or_fd, "FATAL: Unable to open icmp raw socket\nERROR No: %d\nERROR : %s", error, strerror(error));
+     exit(1);
+   }
+ 
+-  setgid(((struct passwd *)nobody)->pw_gid);
++  /* Don't do this here - race conditions will arise */
++  /* setgid(((struct passwd *)nobody)->pw_gid);
+   initgroups(((struct passwd *)nobody)->pw_name,
+ 	     ((struct passwd *)nobody)->pw_gid);
+-  setuid(((struct passwd *)nobody)->pw_uid);
++  setuid(((struct passwd *)nobody)->pw_uid); */
+ 
+   for(;;) {
+     if (read(icmp_socket, (__u8 *) &pkt, ICMP_CAPTURE_LENGTH) == -1) {
+--- a/Source/main.c
++++ b/Source/main.c
+@@ -153,6 +153,17 @@
+     run_thread(&udp_t, log_udp, (void *)account);
+   }
+ 
++  /* Sleep 1 sec to allow the other threads to catchup */
++  /* Not the best way to solve the issue but it works */
++  sleep(1);
++
++  /* Drop privileges */
++
++  setgid(((struct passwd *)account)->pw_gid);
++  initgroups(((struct passwd *)account)->pw_name,
++	     ((struct passwd *)account)->pw_gid);
++  setuid(((struct passwd *)account)->pw_uid);
++
+ }  
+ 
+ 
+@@ -160,8 +171,10 @@
+  * reload_configuration
+  *
+  * Stops the threads and reloads the configuration
++ *
++ * -- DEPRECATED (due to privilege drop cannot reload - needs a restart!)
+  */
+-void reload_configuration() {
++void reload_configuration_DEPRECATED() {
+   extern pthread_mutex_t log_mutex, service_mutex, dns_mutex, r_mux, w_mux;
+   extern pthread_cond_t w_cond;
+   extern int readers;
+@@ -353,8 +366,10 @@
+  * Function executed when we receive a SIHUP signal
+  */
+ void sighup(int sig) {
+-  reload_configuration();
+-  log.log(log.level_or_fd, "IP Protocols Logger: reloaded configuration.");
++  // DEPRECATED - reload_configuration();
++  // log.log(log.level_or_fd, "IP Protocols Logger: reloaded configuration.");
++  log.log(log.level_or_fd, "IP Protocols Logger: reload configuration is unsupported.");
++  die(sig);
+   signal(SIGHUP, sighup);
+ }
+ 
+--- a/Source/tcp.c
++++ b/Source/tcp.c
+@@ -44,6 +44,8 @@
+ #include "filter.h"
+ #include "configuration.h"
+ #include "ident.h"
++#include <errno.h>
++#include <string.h>
+ 
+ /* Socket */
+ int tcp_socket;
+@@ -258,14 +260,16 @@
+ 
+   tcp_socket = socket(AF_INET, SOCK_RAW, IPPROTO_TCP);
+   if (tcp_socket <= 0) {
+-	log.log(log.level_or_fd, "FATAL: Unable to open tcp raw socket");
++  	int error = errno;
++	log.log(log.level_or_fd, "FATAL: Unable to open tcp raw socket\nERROR No: %d\nERROR : %s", error, strerror(error));
+     exit(1);
+   }
+ 
+-  setgid(((struct passwd *)nobody)->pw_gid);
++  /* Don't do this here - race conditions will arise */
++  /* setgid(((struct passwd *)nobody)->pw_gid);
+   initgroups(((struct passwd *)nobody)->pw_name,
+ 	     ((struct passwd *)nobody)->pw_gid);
+-  setuid(((struct passwd *)nobody)->pw_uid);
++  setuid(((struct passwd *)nobody)->pw_uid); */
+ 
+   for(;;) {
+     if (read(tcp_socket, (__u8 *) &pkt, TCP_CAPTURE_LENGTH) == -1) {
+--- a/Source/udp.c
++++ b/Source/udp.c
+@@ -39,6 +39,8 @@
+ #include "filter.h"
+ #include "configuration.h"
+ #include "ident.h"
++#include <errno.h>
++#include <string.h>
+ 
+ /* Socket */
+ int udp_socket;
+@@ -138,14 +140,16 @@
+ 
+   udp_socket = socket(AF_INET, SOCK_RAW, IPPROTO_UDP);
+   if (udp_socket <= 0) {
+-	log.log(log.level_or_fd, "FATAL: Unable to open udp raw socket");
++  	int error = errno;
++	log.log(log.level_or_fd, "FATAL: Unable to open udp raw socket\nERROR No: %d\nERROR : %s", error, strerror(error));
+     exit(1);
+   }
+ 
+-  setgid(((struct passwd *)nobody)->pw_gid);
++  /* Don't do this here - race conditions will arise */
++  /* setgid(((struct passwd *)nobody)->pw_gid);
+   initgroups(((struct passwd *)nobody)->pw_name,
+ 	     ((struct passwd *)nobody)->pw_gid);
+-  setuid(((struct passwd *)nobody)->pw_uid);
++  setuid(((struct passwd *)nobody)->pw_uid); */
+ 
+   for(;;) {
+     if (read(udp_socket, (__u8 *) &pkt, UDP_CAPTURE_LENGTH) == -1) {
diff --git a/net-analyzer/ippl/files/ippl.rc b/net-analyzer/ippl/files/ippl.rc
new file mode 100644
index 000000000000..df9ecd1d9d3b
--- /dev/null
+++ b/net-analyzer/ippl/files/ippl.rc
@@ -0,0 +1,31 @@
+#!/sbin/runscript
+# Copyright 1999-2014 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+depend() {
+	need net
+}
+
+checkconfig() {
+	if [ ! -f /etc/ippl.conf ]
+	then
+		eerror "Please create /etc/ippl.conf"
+		return 1
+	fi
+	return 0
+}
+
+start() {
+	checkconfig || return $?
+	ebegin "Starting ippl"
+	start-stop-daemon --start --quiet --pidfile /run/ippl.pid \
+		--exec /usr/sbin/ippl
+	eend $? "Failed to start ippl"
+}
+
+stop() {
+	ebegin "Stopping ippl"
+	start-stop-daemon --stop --quiet --pidfile /run/ippl.pid
+	eend $? "Failed to stop ippl"
+}
diff --git a/net-analyzer/ippl/ippl-1.4.14-r3.ebuild b/net-analyzer/ippl/ippl-1.4.14-r3.ebuild
new file mode 100644
index 000000000000..93d07942e405
--- /dev/null
+++ b/net-analyzer/ippl/ippl-1.4.14-r3.ebuild
@@ -0,0 +1,55 @@
+# Copyright 1999-2013 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI="4"
+
+inherit eutils toolchain-funcs user
+
+DESCRIPTION="A daemon which logs TCP/UDP/ICMP packets"
+HOMEPAGE="http://pltplp.net/ippl/"
+SRC_URI="http://pltplp.net/ippl/archive/${P}.tar.gz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="amd64 ~ppc x86"
+IUSE=""
+
+DEPEND="virtual/yacc
+	>=sys-devel/flex-2.5.4a-r4"
+RDEPEND=""
+
+src_prepare() {
+	epatch \
+		"${FILESDIR}"/ippl-1.4.14-noportresolve.patch \
+		"${FILESDIR}"/ippl-1.4.14-manpage.patch \
+		"${FILESDIR}"/ippl-1.4.14-privilege-drop.patch \
+		"${FILESDIR}"/ippl-1.4.14-includes.patch
+	sed -i Source/Makefile.in \
+		-e 's|^LDFLAGS=|&@LDFLAGS@|g' \
+		|| die "sed Source/Makefile.in"
+	sed -i Makefile.in \
+		-e 's|make |$(MAKE) |g' \
+		|| die "sed Makefile.in"
+	# fix for bug #351287
+	sed -i -e '/lex.yy.c/s/ippl.l/& y.tab.c/' Source/Makefile.in \
+		|| die "sed src/Makefile.in"
+	tc-export CC
+}
+
+src_install() {
+	dosbin Source/ippl
+
+	insinto "/etc"
+	doins ippl.conf
+
+	doman Docs/{ippl.8,ippl.conf.5}
+
+	dodoc BUGS CREDITS HISTORY README TODO
+
+	newinitd "${FILESDIR}"/ippl.rc ippl
+}
+
+pkg_postinst() {
+	enewuser ippl
+}
diff --git a/net-analyzer/ippl/ippl-1.4.14-r5.ebuild b/net-analyzer/ippl/ippl-1.4.14-r5.ebuild
new file mode 100644
index 000000000000..e760c6d2a6af
--- /dev/null
+++ b/net-analyzer/ippl/ippl-1.4.14-r5.ebuild
@@ -0,0 +1,57 @@
+# Copyright 1999-2015 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI=5
+inherit eutils toolchain-funcs user
+
+DESCRIPTION="A daemon which logs TCP/UDP/ICMP packets"
+HOMEPAGE="http://pltplp.net/ippl/"
+SRC_URI="http://pltplp.net/ippl/archive/${P}.tar.gz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="amd64 ~ppc x86"
+
+DEPEND="virtual/yacc
+	>=sys-devel/flex-2.5.4a-r4"
+
+src_prepare() {
+	epatch \
+		"${FILESDIR}"/ippl-1.4.14-noportresolve.patch \
+		"${FILESDIR}"/ippl-1.4.14-manpage.patch \
+		"${FILESDIR}"/ippl-1.4.14-privilege-drop.patch \
+		"${FILESDIR}"/ippl-1.4.14-includes.patch \
+		"${FILESDIR}"/ippl-1.4.14-format-warnings.patch
+
+	sed -i Source/Makefile.in \
+		-e 's|^LDFLAGS=|&@LDFLAGS@|g' \
+		|| die
+
+	sed -i Makefile.in \
+		-e 's|make |$(MAKE) |g' \
+		|| die
+
+	# fix for bug #351287
+	sed -i -e '/lex.yy.c/s/ippl.l/& y.tab.c/' Source/Makefile.in \
+		|| die
+
+	tc-export CC
+}
+
+src_install() {
+	dosbin Source/ippl
+
+	insinto "/etc"
+	doins ippl.conf
+
+	doman Docs/{ippl.8,ippl.conf.5}
+
+	dodoc BUGS CREDITS HISTORY README TODO
+
+	newinitd "${FILESDIR}"/ippl.rc ippl
+}
+
+pkg_postinst() {
+	enewuser ippl
+}
diff --git a/net-analyzer/ippl/metadata.xml b/net-analyzer/ippl/metadata.xml
new file mode 100644
index 000000000000..03aa50bab7e3
--- /dev/null
+++ b/net-analyzer/ippl/metadata.xml
@@ -0,0 +1,5 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+<herd>netmon</herd>
+</pkgmetadata>