2 files changed, 96 insertions, 0 deletions
diff --git a/net-firewall/arno-iptables-firewall/Manifest b/net-firewall/arno-iptables-firewall/Manifest
index 3cb0552cc310..d4d0807f9011 100644
--- a/net-firewall/arno-iptables-firewall/Manifest
+++ b/net-firewall/arno-iptables-firewall/Manifest
@@ -1,2 +1,3 @@
 DIST arno-iptables-firewall-2.0.2a.tar.gz 138141 BLAKE2B 1dad35b86ff5d93991b01ed0b3f4cd61eeab0d896b7c270d809600de972cae13828f192e8962199563b7ebf55f961a4cd96af9b15234e504df23615827aec638 SHA512 56ba669101375cccd29183e7069198f27d0656021310a90a82cb03ce417d4dec241084f3332f57d52f889b125836a6a08bb116453aaa9a4c3860204e109322e5
+DIST arno-iptables-firewall-2.0.3.tar.gz 139445 BLAKE2B 57dade49a4aaacb1354129efeb5ca013060d51baa8c23dea1fc326e52a693c7137047883ea7bbca6cc3221f70a83f7283123a345e22ceac4bb99d3b43410b65d SHA512 c88a560d4c0a2644dd1ec35e0a6e2b1883e52dc6c71075207c3b98a59964a4be3787620e9414ad5e926bddb9dbc7c2674fd8687828526c35f0fb4a53a05aa929
 DIST arno-iptables-firewall_2.0.1e.tar.gz 126238 BLAKE2B 0c8263004d2294f6eedd7f40e6c339da3a57db803ce1d064ac0bf4a3d2191b26fcd0b59185e51240bd0378365f9ca115c80c5edc256aa68359728c960ab8e6e3 SHA512 244b3bbf08b2d97128908aece487388bb71ced002cc129885144f4eacf9cf6053c9eb1225a1cd33fdefc502f1e6822a85710d35a7884e99cfde35d34f3fd4f70
diff --git a/net-firewall/arno-iptables-firewall/arno-iptables-firewall-2.0.3.ebuild b/net-firewall/arno-iptables-firewall/arno-iptables-firewall-2.0.3.ebuild
new file mode 100644
index 000000000000..939a095dd94b
--- /dev/null
+++ b/net-firewall/arno-iptables-firewall/arno-iptables-firewall-2.0.3.ebuild
@@ -0,0 +1,95 @@
+# Copyright 1999-2018 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=6
+inherit readme.gentoo-r1 systemd eapi7-ver
+
+DESCRIPTION="Arno's iptables firewall script"
+HOMEPAGE="http://rocky.eld.leidenuniv.nl"
+
+MY_PV=$(ver_rs 3 -)
+MY_PV=${MY_PV/rc/RC}
+SRC_URI="https://github.com/${PN}/aif/archive/${MY_PV}.tar.gz -> ${P}.tar.gz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~amd64 ~x86"
+IUSE="+plugins"
+
+# sys-apps/coreutils dependency wrt
+# https://bugs.gentoo.org/show_bug.cgi?id=448716
+
+DEPEND=""
+RDEPEND="net-firewall/ipset
+	net-firewall/iptables
+	>=sys-apps/coreutils-8.21
+	sys-apps/iproute2
+	plugins? ( net-dns/bind-tools )"
+
+S="${WORKDIR}/aif-${MY_PV}"
+
+DISABLE_AUTOFORMATTING="yes"
+DOC_CONTENTS="You will need to configure /etc/${PN}/firewall.conf
+before using this package. To start the script, run:
+
+/etc/init.d/${PN} start (for OpenRC)
+systemctl start ${PN} (for systemd)
+
+If you want to start this script at boot, run:
+
+rc-update add ${PN} default (for OpenRC)
+systemctl enable ${PN} (for systemd)"
+
+src_prepare() {
+	sed -i -e 's:/usr/local/share/:/usr/libexec/:' \
+		etc/"${PN}"/firewall.conf || die "Sed failed!"
+	sed -i -e 's:/usr/local/sbin/:/usr/sbin/:' \
+		lib/systemd/system/"${PN}.service" || die "Sed failed!"
+	eapply_user
+}
+
+src_install() {
+	insinto /etc/"${PN}"
+	doins etc/"${PN}"/firewall.conf
+	doins etc/"${PN}"/custom-rules
+
+	doinitd "${FILESDIR}/${PN}"
+	systemd_dounit lib/systemd/system/"${PN}.service"
+
+	dobin bin/arno-fwfilter
+	dosbin bin/"${PN}"
+
+	insinto /usr/libexec/"${PN}"
+	doins share/"${PN}"/environment
+
+	dodoc CHANGELOG README
+	readme.gentoo_create_doc
+
+	if use plugins
+	then
+		insinto /etc/"${PN}"/plugins
+		doins etc/"${PN}"/plugins/*
+
+		insinto /usr/libexec/"${PN}"/plugins
+		doins share/"${PN}"/plugins/*.plugin
+
+		exeinto /usr/libexec/"${PN}"/plugins
+		doexe share/"${PN}"/plugins/dyndns-host-open-helper
+		doexe share/"${PN}"/plugins/traffic-accounting-helper
+		doexe share/"${PN}"/plugins/traffic-accounting-log-rotate
+		doexe share/"${PN}"/plugins/traffic-accounting-show
+
+		docinto plugins
+		dodoc share/"${PN}"/plugins/*.CHANGELOG
+	fi
+
+	doman share/man/man1/arno-fwfilter.1 \
+		share/man/man8/"${PN}".8
+}
+
+pkg_postinst () {
+	ewarn "When you stop this script, all firewall rules are flushed!"
+	ewarn "Make sure to not use multiple firewall scripts simultaneously"
+	ewarn "unless you know what you are doing!"
+	readme.gentoo_print_elog
+}