diff --git a/net-misc/oidentd/Manifest b/net-misc/oidentd/Manifest
new file mode 100644
index 0000000..10b8dce
--- /dev/null
+++ b/net-misc/oidentd/Manifest
@@ -0,0 +1 @@
+DIST oidentd-2.2.1.tar.gz 253531 BLAKE2B e851d1898b82e10b882cf35e3b6a3fa3d660ce2a2628030909037df667c521b4e53c2569448619747cd2663b5bcb453d3d2b135caaee60f1ee00c476ac63ddf7 SHA512 adc49dc9ba0f6691856823cb41120aa7bb25c698c829ef4c226bcd9b8737a7f917fb2780b1447bd3de107b3825ba3f89f6017f877885815ee3e53f49707af20f
diff --git a/net-misc/oidentd/files/oidentd-2.0.7-init b/net-misc/oidentd/files/oidentd-2.0.7-init
new file mode 100644
index 0000000..5b1ae44
--- /dev/null
+++ b/net-misc/oidentd/files/oidentd-2.0.7-init
@@ -0,0 +1,40 @@
+#!/sbin/openrc-run
+# Copyright 1999-2004 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+depend() {
+    need net
+}
+
+check_config() {
+	if [ -z "${USER}" ]
+	then
+		eerror "Please set \$USER in /etc/conf.d/oidentd!"
+		return 1
+	fi
+	if [ -z "${GROUP}" ]
+	then
+		eerror "Please set \$GROUP in /etc/conf.d/oidentd!"
+		return 1
+	fi
+
+	if [ "$(sysctl -n security.bsd.see_other_uids 2>/dev/null)" = "0" ]; then
+		eerror "${SVCNAME} cannot work if the sysctl security.bsd.see_other_uids is 0"
+		return 1
+	fi
+}
+
+
+start() {
+	check_config || return 1
+	ebegin "Starting oidentd"
+	OPTIONS="${OPTIONS} -u ${USER} -g ${GROUP}"
+	start-stop-daemon --start --quiet --exec /usr/sbin/oidentd -- $OPTIONS
+	eend $?
+}
+
+stop() {
+	ebegin "Stopping oidentd"
+	start-stop-daemon --stop --quiet --exec /usr/sbin/oidentd
+	eend $?
+}
diff --git a/net-misc/oidentd/files/oidentd-2.0.8-bind-to-ipv6-too.patch b/net-misc/oidentd/files/oidentd-2.0.8-bind-to-ipv6-too.patch
new file mode 100644
index 0000000..2652622
--- /dev/null
+++ b/net-misc/oidentd/files/oidentd-2.0.8-bind-to-ipv6-too.patch
@@ -0,0 +1,17 @@
+Patch to bind to ipv6 socket as well
+Patch supplied by Fabian Knittel <fabian.knittel@avona.com>
+--- oidentd-2.0.8/src/oidentd_inet_util.c	2006-05-22 02:31:19.000000000 +0200
++++ oidentd-2.0.8.new/src/oidentd_inet_util.c	2010-03-01 20:26:11.000000000 +0100
+@@ -60,6 +60,12 @@
+ #ifdef WANT_IPV6
+ 		case AF_INET6:
+ 			SIN6(ai->ai_addr)->sin6_port = listen_port;
++
++			if (setsockopt(listenfd, IPPROTO_IPV6, IPV6_V6ONLY, &one,
++							sizeof(one)) != 0) {
++				debug("setsockopt IPV6_V6ONLY: %s", strerror(errno));
++				return (-1);
++			}
+ 			break;
+ #endif
+ 
diff --git a/net-misc/oidentd/files/oidentd-2.0.8-gcc5.patch b/net-misc/oidentd/files/oidentd-2.0.8-gcc5.patch
new file mode 100644
index 0000000..a401a65
--- /dev/null
+++ b/net-misc/oidentd/files/oidentd-2.0.8-gcc5.patch
@@ -0,0 +1,25 @@
+Description: Fix a failure to build with gcc5.
+Bug: http://bugs.debian.org/778035
+
+--- a/src/oidentd_util.c	2015-07-03 05:56:24.000000000 -0400
++++ b/src/oidentd_util.c	2015-07-03 05:56:47.671378000 -0400
+@@ -75,7 +75,7 @@
+ ** PRNG functions on systems whose libraries provide them.)
+ */
+ 
+-inline int randval(int i) {
++extern __attribute__ ((gnu_inline)) int randval(int i) {
+ 	/* Per _Numerical Recipes in C_: */
+ 	return ((double) i * rand() / (RAND_MAX+1.0));
+ }
+--- a/src/oidentd_util.h	2015-07-03 05:56:32.000000000 -0400
++++ b/src/oidentd_util.h	2015-07-03 05:56:53.835378000 -0400
+@@ -58,7 +58,7 @@
+ int find_group(const char *temp_group, gid_t *gid);
+ 
+ int random_seed(void);
+-inline int randval(int i);
++extern __attribute__ ((gnu_inline)) int randval(int i);
+ 
+ #ifndef HAVE_SNPRINTF
+ 	int snprintf(char *str, size_t n, char const *fmt, ...);
diff --git a/net-misc/oidentd/files/oidentd-2.0.8-log-conntrack-fails.patch b/net-misc/oidentd/files/oidentd-2.0.8-log-conntrack-fails.patch
new file mode 100644
index 0000000..d29479e
--- /dev/null
+++ b/net-misc/oidentd/files/oidentd-2.0.8-log-conntrack-fails.patch
@@ -0,0 +1,52 @@
+From 612f1d85dd59fc39b124392df38586769ebc8add Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= <ppisar@redhat.com>
+Date: Fri, 11 Mar 2016 10:00:59 +0100
+Subject: [PATCH] Log Linux core_init failures as normal error
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Opening Linux conntracking table file failure for different reason than
+missing the file is fatal for deamon initizalization. But the failure
+was logged inly in debugging build.
+
+This patch makes the fatal error visible in normal log.
+
+https://bugzilla.redhat.com/show_bug.cgi?id=1316308
+Signed-off-by: Petr Písař <ppisar@redhat.com>
+---
+ src/kernel/linux.c | 6 +++---
+ 1 file changed, 3 insertions(+), 3 deletions(-)
+
+diff --git a/src/kernel/linux.c b/src/kernel/linux.c
+index 8bf265f..9103dbf 100644
+--- a/src/kernel/linux.c
++++ b/src/kernel/linux.c
+@@ -73,21 +73,21 @@ bool core_init(void) {
+ 	masq_fp = fopen(MASQFILE, "r");
+ 	if (masq_fp == NULL) {
+ 		if (errno != ENOENT) {
+-			debug("fopen: %s: %s", MASQFILE, strerror(errno));
++			o_log(NORMAL, "fopen: %s: %s", MASQFILE, strerror(errno));
+ 			return false;
+ 		}
+ 
+ 		masq_fp = fopen(CONNTRACK, "r");
+ 		if (masq_fp == NULL) {
+ 			if (errno != ENOENT) {
+-				debug("fopen: %s: %s", CONNTRACK, strerror(errno));
++				o_log(NORMAL, "fopen: %s: %s", CONNTRACK, strerror(errno));
+ 				return false;
+ 			}
+ 
+ 			masq_fp = fopen(NFCONNTRACK, "r");
+ 			if (masq_fp == NULL) {
+ 				if (errno != ENOENT) {
+-					debug("fopen: %s: %s", NFCONNTRACK, strerror(errno));
++					o_log(NORMAL, "fopen: %s: %s", NFCONNTRACK, strerror(errno));
+ 					return false;
+ 				}
+ 				masq_fp = fopen("/dev/null", "r");
+-- 
+2.5.0
+
diff --git a/net-misc/oidentd/files/oidentd-2.0.8-masquerading.patch b/net-misc/oidentd/files/oidentd-2.0.8-masquerading.patch
new file mode 100644
index 0000000..191e9b9
--- /dev/null
+++ b/net-misc/oidentd/files/oidentd-2.0.8-masquerading.patch
@@ -0,0 +1,43 @@
+--- oidentd.orig/src/kernel/linux.c	2006-05-22 06:58:53.000000000 +0300
++++ oidentd-2.0.8/src/kernel/linux.c	2007-07-11 21:28:56.000000000 +0300
+@@ -48,6 +48,7 @@
+ #define CFILE6		"/proc/net/tcp6"
+ #define MASQFILE	"/proc/net/ip_masquerade"
+ #define CONNTRACK	"/proc/net/ip_conntrack"
++#define NFCONNTRACK	"/proc/net/nf_conntrack"
+ 
+ static int netlink_sock;
+ extern struct sockaddr_storage proxy;
+@@ -82,7 +83,15 @@
+ 				debug("fopen: %s: %s", CONNTRACK, strerror(errno));
+ 				return false;
+ 			}
+-			masq_fp = fopen("/dev/null", "r");
++
++			masq_fp = fopen(NFCONNTRACK, "r");
++			if (masq_fp == NULL) {
++				if (errno != ENOENT) {
++					debug("fopen: %s: %s", NFCONNTRACK, strerror(errno));
++					return false;
++				}
++				masq_fp = fopen("/dev/null", "r");
++			}
+ 		}
+ 
+ 		netfilter = true;
+@@ -367,6 +376,15 @@
+ 				&nport_temp, &mport_temp);
+ 			}
+ 
++			if (ret != 21) {
++				ret = sscanf(buf,
++					"%*15s %*d %15s %*d %*d ESTABLISHED src=%d.%d.%d.%d dst=%d.%d.%d.%d sport=%d dport=%d packets=%*d bytes=%*d src=%d.%d.%d.%d dst=%d.%d.%d.%d sport=%d dport=%d",
++				proto, &l1, &l2, &l3, &l4, &r1, &r2, &r3, &r4,
++				&masq_lport_temp, &masq_fport_temp,
++				&nl1, &nl2, &nl3, &nl4, &nr1, &nr2, &nr3, &nr4,
++				&nport_temp, &mport_temp);
++			}
++
+ 			if (ret != 21)
+ 				continue;
+ 
diff --git a/net-misc/oidentd/files/oidentd-2.0.8-no-conntrack-masquerading.patch b/net-misc/oidentd/files/oidentd-2.0.8-no-conntrack-masquerading.patch
new file mode 100644
index 0000000..92ef025
--- /dev/null
+++ b/net-misc/oidentd/files/oidentd-2.0.8-no-conntrack-masquerading.patch
@@ -0,0 +1,41 @@
+From 20a63ad8a90c36397cceedd34887298890dbafa3 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= <ppisar@redhat.com>
+Date: Fri, 11 Mar 2016 10:38:10 +0100
+Subject: [PATCH] Linux: Do not open conntracking table if masquerading is not
+ enabled
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+The contracking table was always opened. This is unnecessary because
+the table is used only when masquerading feature is requested on run
+time.
+
+This patch skips opening the conntracking table on Linux if
+masquerading is not requested.
+
+https://bugzilla.redhat.com/show_bug.cgi?id=1316308
+Signed-off-by: Petr Písař <ppisar@redhat.com>
+---
+ src/kernel/linux.c | 5 +++++
+ 1 file changed, 5 insertions(+)
+
+diff --git a/src/kernel/linux.c b/src/kernel/linux.c
+index 9103dbf..859f554 100644
+--- a/src/kernel/linux.c
++++ b/src/kernel/linux.c
+@@ -70,6 +70,11 @@ bool netfilter;
+ */
+ bool core_init(void) {
+ #ifdef MASQ_SUPPORT
++	if (!opt_enabled(MASQ)) {
++	    masq_fp = NULL;
++	    return true;
++	}
++
+ 	masq_fp = fopen(MASQFILE, "r");
+ 	if (masq_fp == NULL) {
+ 		if (errno != ENOENT) {
+-- 
+2.5.0
+
diff --git a/net-misc/oidentd/files/oidentd-2.2.2-confd b/net-misc/oidentd/files/oidentd-2.2.2-confd
new file mode 100644
index 0000000..215b62d
--- /dev/null
+++ b/net-misc/oidentd/files/oidentd-2.2.2-confd
@@ -0,0 +1,4 @@
+# oidentd start-up options
+USER="oidentd"
+GROUP="oidentd"
+OPTIONS=""
diff --git a/net-misc/oidentd/files/oidentd.conf b/net-misc/oidentd/files/oidentd.conf
new file mode 100644
index 0000000..03b28d8
--- /dev/null
+++ b/net-misc/oidentd/files/oidentd.conf
@@ -0,0 +1,22 @@
+# Configuration for oidentd
+# see oidentd.conf(5)
+# 
+default {
+	default {
+		deny spoof
+		deny spoof_all
+		deny spoof_privport
+		allow random
+		allow random_numeric
+		allow numeric
+		deny hide
+	}
+}
+
+# you may want to hide root connections
+#user "root" {
+#	default {
+#		force reply "UNKNOWN"
+#	}
+#}
+
diff --git a/net-misc/oidentd/files/oidentd.service b/net-misc/oidentd/files/oidentd.service
new file mode 100644
index 0000000..bf159d8
--- /dev/null
+++ b/net-misc/oidentd/files/oidentd.service
@@ -0,0 +1,9 @@
+[Unit]
+Description=TCP/IP IDENT protocol server
+
+[Service]
+ExecStart=/usr/sbin/oidentd -i -S -u nobody -g nobody
+ExecReload=/bin/kill -HUP $MAINPID
+
+[Install]
+WantedBy=multi-user.target
diff --git a/net-misc/oidentd/files/oidentd.service-r1 b/net-misc/oidentd/files/oidentd.service-r1
new file mode 100644
index 0000000..af426ee
--- /dev/null
+++ b/net-misc/oidentd/files/oidentd.service-r1
@@ -0,0 +1,9 @@
+[Unit]
+Description=TCP/IP IDENT protocol server
+
+[Service]
+ExecStart=/usr/sbin/oidentd -i -S -u oidentd -g oidentd
+ExecReload=/bin/kill -HUP $MAINPID
+
+[Install]
+WantedBy=multi-user.target
diff --git a/net-misc/oidentd/files/oidentd.socket b/net-misc/oidentd/files/oidentd.socket
new file mode 100644
index 0000000..63df703
--- /dev/null
+++ b/net-misc/oidentd/files/oidentd.socket
@@ -0,0 +1,10 @@
+[Unit]
+Description=Ident (RFC 1413) socket
+Conflicts=oidentd.service
+
+[Socket]
+ListenStream=113
+Accept=yes
+
+[Install]
+WantedBy=sockets.target
diff --git a/net-misc/oidentd/files/oidentd_at.service b/net-misc/oidentd/files/oidentd_at.service
new file mode 100644
index 0000000..ac03a94
--- /dev/null
+++ b/net-misc/oidentd/files/oidentd_at.service
@@ -0,0 +1,7 @@
+[Unit]
+Description=Ident (RFC 1413) per-connection server
+
+[Service]
+ExecStart=/usr/sbin/oidentd -I -S -u nobody -g nobody
+ExecReload=/bin/kill -HUP $MAINPID
+StandardInput=socket
diff --git a/net-misc/oidentd/files/oidentd_at.service-r1 b/net-misc/oidentd/files/oidentd_at.service-r1
new file mode 100644
index 0000000..dac0e70
--- /dev/null
+++ b/net-misc/oidentd/files/oidentd_at.service-r1
@@ -0,0 +1,7 @@
+[Unit]
+Description=Ident (RFC 1413) per-connection server
+
+[Service]
+ExecStart=/usr/sbin/oidentd -I -S -u oidentd -g oidentd
+ExecReload=/bin/kill -HUP $MAINPID
+StandardInput=socket
diff --git a/net-misc/oidentd/files/oidentd_masq.conf b/net-misc/oidentd/files/oidentd_masq.conf
new file mode 100644
index 0000000..6811288
--- /dev/null
+++ b/net-misc/oidentd/files/oidentd_masq.conf
@@ -0,0 +1,10 @@
+# oident masquarded connections configuration
+
+# use this file if your host is masquarading connections for several
+# hosts and you want to return a reply based on the hostname of
+# the originating machine
+# add "-f" to OIDENT_OPTIONS in /etc/conf.d/oidentd if you want
+# to forward ident requests to the real host
+
+# add hosts in the following format, see oidentd_masq.conf(5) for details:
+# <ip or host>[/mask] <username> <os>
diff --git a/net-misc/oidentd/metadata.xml b/net-misc/oidentd/metadata.xml
new file mode 100644
index 0000000..3be9f1f
--- /dev/null
+++ b/net-misc/oidentd/metadata.xml
@@ -0,0 +1,18 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+	<maintainer type="person">
+		<email>Dessa@gmake.de</email>
+		<name>Robert Förster</name>
+	</maintainer>
+	<maintainer type="project">
+		<email>proxy-maint@gentoo.org</email>
+		<name>Proxy Maintainers</name>
+	</maintainer>
+	<use>
+		<flag name="masquerade">Enable support for masqueraded/NAT connections</flag>
+	</use>
+	<upstream>
+		<remote-id type="sourceforge">ojnk</remote-id>
+	</upstream>
+</pkgmetadata>
diff --git a/net-misc/oidentd/oidentd-2.2.2.ebuild b/net-misc/oidentd/oidentd-2.2.2.ebuild
new file mode 100644
index 0000000..8f100f5
--- /dev/null
+++ b/net-misc/oidentd/oidentd-2.2.2.ebuild
@@ -0,0 +1,55 @@
+# Copyright 1999-2018 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=6
+
+inherit linux-info systemd user
+
+DESCRIPTION="Another (RFC1413 compliant) ident daemon"
+HOMEPAGE="http://oidentd.janikrabe.com/"
+SRC_URI="https://ftp.janikrabe.com/pub/${PN}/releases/${PV}/${P}.tar.gz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~s390 ~sh ~sparc ~x86 ~x86-fbsd"
+IUSE="debug ipv6 masquerade selinux"
+
+DEPEND="masquerade? (
+			net-libs/libnetfilter_conntrack
+			sys-libs/libcap-ng )"
+
+RDEPEND="${DEPEND}
+	selinux? ( sec-policy/selinux-oident )"
+
+DOCS=( AUTHORS ChangeLog README NEWS )
+
+pkg_setup() {
+	local CONFIG_CHECK="~INET_TCP_DIAG"
+
+	if use kernel_linux; then
+		linux-info_pkg_setup
+	fi
+
+	enewgroup oidentd
+	enewuser oidentd -1 -1 -1 oidentd
+
+}
+
+src_configure() {
+	econf \
+		$(use_enable debug) \
+		$(use_enable ipv6) \
+		$(use_enable masquerade masq) \
+		$(use_enable masquerade nat)
+}
+
+src_install() {
+	default
+
+	newinitd "${FILESDIR}"/${PN}-2.0.7-init ${PN}
+	newconfd "${FILESDIR}"/${PN}-2.0.7-confd ${PN}
+
+	systemd_newunit "${FILESDIR}"/${PN}_at.service ${PN}@.service
+	systemd_dounit "${FILESDIR}"/${PN}.socket
+	systemd_dounit "${FILESDIR}"/${PN}.service
+}