diff --git a/net-firewall/iptables/ChangeLog b/net-firewall/iptables/ChangeLog
index 41f65d0..7f4275d 100644
--- a/net-firewall/iptables/ChangeLog
+++ b/net-firewall/iptables/ChangeLog
@@ -1,7 +1,14 @@
 # ChangeLog for net-firewall/iptables
-# Copyright 1999-2012 Gentoo Foundation; Distributed under the GPL v2
+# Copyright 1999-2013 Gentoo Foundation; Distributed under the GPL v2
 # $Header: /var/cvsroot/gentoo-x86/net-firewall/iptables/ChangeLog,v 1.279 2012/10/23 07:58:43 radhermit Exp $
 
+*iptables-1.4.17 (02 Jan 2013)
+
+  02 Jan 2013; Mario Fetka <mario.fetka@gmail.com>
+  +files/iptables-1.4.17-libip6tc.patch, +iptables-1.4.17.ebuild,
+  files/iptables-1.4.13-IMQ-test1.diff, files/iptables-layer7.patch:
+  Bump to new g.o ebuild
+
 *iptables-1.4.16.3 (23 Oct 2012)
 
   23 Oct 2012; Tim Harder <radhermit@gentoo.org> +iptables-1.4.16.3.ebuild:
diff --git a/net-firewall/iptables/Manifest b/net-firewall/iptables/Manifest
index 46cf0f7..48eb041 100644
--- a/net-firewall/iptables/Manifest
+++ b/net-firewall/iptables/Manifest
@@ -1,10 +1,13 @@
 AUX ip6tables-1.4.13.confd 690 SHA256 2938fe4206514d9868047bd8f888a699fa2097ca69edab176453436d4259abaa SHA512 8de9a5de4061bef217fbc07577688a8110f1116af7f3b936dfd18100a6a7a47ec6e70c456b24cf3432fb4f2034b741a487fe6af8d9740f174d51c6eb16945c6e WHIRLPOOL f2f4903812b5b97d5bdf9cb28f0bcb6f8c866f197b46a9128530721a8d9db1cdcedffe2512c9235391a67f494c2daf1266d7bc8a6185949756437221c3861a10
-AUX iptables-1.4.13-IMQ-test1.diff 4310 SHA256 2a611eadf841f38dd44825b9511c48391223f96d885e49d067a94838cbd877a6 SHA512 37bafeed169a9a96b52a3a9d8479fb3ecdfe6058ed2810f479655f597d8b37a55c66242fb65ca435aa21f5a72836d30521072bd8d4b0fcc92945b9465d8cc668 WHIRLPOOL c69ad07c5d4763862cedde8c7805166bda3e6afc0e0a57a58b58fc0ba1f14c4f3b738d98e6e9f34e2b5a88f0ee82707cdd9ccd0795be13f8ec425efd3c083f58
+AUX iptables-1.4.13-IMQ-test1.diff 4178 SHA256 aec72ee800de20688bb2a3eeabef23b40c492e6cf7e0bb6e4b1c7e598fb398e0 SHA512 e7eafc6790fa42b8466187ab74418aff47d7861fc05a9b628446cf59577fb9e014684db035d56b3994666ee9f457efa8d25964827d3713679d29301a4de951f7 WHIRLPOOL fc1193cebbaf48c0bdff30fd954da10bc0ab1e2e699100488f1aa32354d3baeb95e478840e8ad39f3a3a07af479cb6a4dbaf96702471b60afe96b2d72fa4d5ed
 AUX iptables-1.4.13-r1.init 2666 SHA256 add450154d983c09e1ade0d929d9eb8b151634c0eb8e0a2c512f12e3c9574ade SHA512 8d1150dd076ad41644bc99342e20f1ecea0bfa6f5da106019b479f76398d774b55bdbe842cfa4e5d0a7f364eba10374695df3249e92ae53c56b2b2ac928ea6a1 WHIRLPOOL 2ba3227729c85d2695eb9682d98441fcf4d373ea88861330c7d299ddb0d04660a734ecdea08cba01b15796998c66ffe7657b934f414c821bd228b5d4d45c3b0a
 AUX iptables-1.4.13.confd 687 SHA256 7e2341211ca14997b7a8a1f930f94db855291af597c568f680f80031c20d45b6 SHA512 bd67d53e997ea65755148ba071fe6e3856d6e604b9167c666900721bc3dc24f63d395bc33a1a34ae50f95e72760da630db1a8d35afc81ec5973e60ba5343dc70 WHIRLPOOL 111b809b3122b04cce8ac0e551cfcdec7fde1ad563e1001bbbb3dbb4cae0ddf13851ece1024e13fb26aab2fe306dfc4fd9e59ab5a10127b301bc7a65ec20486b
 AUX iptables-1.4.13.init 2632 SHA256 3c955bbc787e57d6c0d6d5e97ec34e350fbcbf4f0b453bd2ed624e68ac83155f SHA512 ffb5eb1372a69f3aa9ed3181b3c96fe34b3a07a1b7021e132d0b8eca65f65d83bc546371bc3e7081de68e02fd18bf99993eff6a643715e4b4d0d0d9066c5eee8 WHIRLPOOL 50a3771e5ac7b0ee38cc23c11791c05616687bc44fd6708a89c431422dcee99a92448c55f5b4c790614e785b3b74cc0e168c9d91c547e9e4faa477bed7b0cdea
-AUX iptables-layer7.patch 11456 SHA256 2caf08767e82eec69c53612063c004756e15e37b28338a4aff31bdd8be6cc74d SHA512 1f4ca9f95404781aaff99b2accaff80588171f35d33f190effcb4808a1161e8a2c3f3baf593666cb305c35b18bdc42070f5cdd808f0e93b404f4620934318d3e WHIRLPOOL 682d10cceece2b2b093dd2c113cd36ff4ef37796531b4d8b1b0049c4937670dd4a36139dd157b32ef4c1de9e958aeb2c4a9ed9892aee108bf0d7c1efe32b1419
+AUX iptables-1.4.17-libip6tc.patch 1084 SHA256 5940f8020a131df4baa03578256ea9ff4fd975c913e062e3876e64e61a6fa8f3 SHA512 1d91231ad352c16a2af2c5d8593a59b8af4d5d9d4a7248a46170c843e85976bc34b4998f2cb86496cacd1ba30520cd3fe0d41705b7e5f4550bae7da70553ef2d WHIRLPOOL 027368602724dcbda0ddcd443c4a90aee278f409cfe0b3ce221a4e1826d10a4a0d95f6cbe18f887e712b4076161ba2e7adf0d09cf2055224f81ecadd173e5a73
+AUX iptables-layer7.patch 11379 SHA256 7a11f0e95c307dfb6f666000d378f28045e8f99dfaa46c3f2b27b308ea22d124 SHA512 65e12370b6f8d71f5c0b0047438689b7f35e05dfb2e24a8a9e312e7b3b942956ed23924ce61baf44e67a6971f10f32a2731b394a77a624be061b4c5dd6ab8e04 WHIRLPOOL b716a855c3ee2da0e417ccf859772bf7d27e222290022aa831ae758d19e692f71e46b00ae176d7a84c533df7ea65d9d7257326b4ad893cca14664ee17ac51d72
 DIST iptables-1.4.16.3.tar.bz2 536872 SHA256 643ccf34099d53d5b839e1d889c05627745a51ec122648e76a9fcec3a8a9ec79 SHA512 c232a927fe63623cc0d336b4a09d7baad2d0c5a2a5e3b7ad083727e9f17cd0b668a826a4c5ff0bbb45233fee6c38c153710b13f458514516af7cf7df10d720e2 WHIRLPOOL 2dadcdb39f7741cb7b3c493bc36792a6edbdd9ddaa0c862d2ec0a6fbb89eb82c55f04ae407ab641f425208b15ef6e689af10ce6c03368e40652367c39dead75f
+DIST iptables-1.4.17.tar.bz2 541137 SHA256 51e7a769469383b6ad308a6a19cdd2bd813cf4593e21a156a543a1cd70554925 SHA512 022f89cbf56408842bdeb1adbe05076addaad007599fdb662f32a1c134d743dade28c26842acc7545d2474903164be5fe3ec7fd1e276cd2c37bd3b33b8a30de1 WHIRLPOOL f2cb85d5f4080fce2c6673a58737ace3d55130f74c66207bc515d0c7b4ecd75bd7ac8540a862e8af133e740d34eee40833d72c9c3236c7ef4dc75cd43816ec41
 EBUILD iptables-1.4.16.3.ebuild 2346 SHA256 52354ce68dd8aeb4edf8024d9c2922ea4fc9e19a50d2163777e06f40be26353e SHA512 8fd8e297644b9da495939e78bf1d0ec2cbd3634eb315b5508903617b3681f1865419a5d503ac9ac0824d4dd806bf884eed9d1a6a146a05309a7169335c3b5a8f WHIRLPOOL 033bd35b47448e6fe66038d0a3f4bb5e272bf55e90a791aa8f45d248987555d5e6f05ac6dee1217b35ee006f9518f50f88018d536d64264cc6fc59be8ab9d190
-MISC ChangeLog 48600 SHA256 1198a02eb018f75e1dcfe5c37a166267fef971111967b62b6fbe215aa540c6ca SHA512 3f6463392886cd79059d41a5ecd6041474c39c1f8fcebd6ca364d643051dccaa3b370f676dd2710a3743318d816aab86a37dec96833d5ae49759710291ac6a57 WHIRLPOOL ed3c04733e9051db8050221258a700c8609b42d41626a0370cc23e5859849a8dab6144476adcea3ff26dff097b04616a37ea9cf6010ab9402d43e929f3924b8f
+EBUILD iptables-1.4.17.ebuild 2390 SHA256 f42aed0bc7f5afd746269f30618fbd9e14a632dfd8e9f68cba3197d8b198108c SHA512 349c88966c7424d5ce75a0cd08d6017e5c20f72afad2ebfc1dff77fac38501a37bf8843fa9e57ac41742130154b63e38a3092210aaf769fad0b31dfb79fadd5e WHIRLPOOL 768002379b59f7a70c28d22423354b955b22994397e1c827e35986cb11904296974d1f767d5a35f59423b5b18a4a697ae96ca1193dcb1945d6407d97669bb96e
+MISC ChangeLog 48844 SHA256 1a33fd73a97ce820da745d253e80cdceb6d8eff3961588804f739a3bbd920718 SHA512 7f6cc60e2bcb6960f3725bfdf06b68d6ac39a830ac2930666954727740b7ce9584f5930905a6df5666663a8779a12f2efab1e6d9d537b46bce3e6695ae047843 WHIRLPOOL cf93b85dfa20c813fc69c4a468bd7ac07e457482277f184edde099e3bb99675caeed20e92d081af691f90291cb5695d7f9449d537bf4c29b0e45082ca79b67b5
 MISC metadata.xml 1033 SHA256 6972ae7bad5c0025564a15429579f046ab4c365929aa175b1e84c1586872bdc9 SHA512 fe251377457099cbf9014fc206176a79d377b2c61f1b239b81e10cb05e740ac8e6d4849ac60987091d33b66ae9d72fbb36cf590bfe663e3dc1338c3648e1c179 WHIRLPOOL e0282695b2be9ab1b56e3779d26e27ce38803fa7fce9b1c66eb0ab3226d527e354436fcde7e15aa238c83dcbeab74cbf6f1aba36609096ca4bcdf982fce52abc
diff --git a/net-firewall/iptables/files/iptables-1.4.13-IMQ-test1.diff b/net-firewall/iptables/files/iptables-1.4.13-IMQ-test1.diff
index 3331c7f..f601db9 100644
--- a/net-firewall/iptables/files/iptables-1.4.13-IMQ-test1.diff
+++ b/net-firewall/iptables/files/iptables-1.4.13-IMQ-test1.diff
@@ -1,6 +1,6 @@
-diff -Naur iptables-1.4.12.2/extensions/libxt_IMQ.c iptables-1.4.12.2-imq/extensions/libxt_IMQ.c
+diff -Naur iptables-1.4.12.2/extensions/libxt_IMQ.c extensions/libxt_IMQ.c
 --- iptables-1.4.12.2/extensions/libxt_IMQ.c	1970-01-01 02:00:00.000000000 +0200
-+++ iptables-1.4.12.2-imq/extensions/libxt_IMQ.c	2011-09-30 13:53:21.000000000 +0300
++++ extensions/libxt_IMQ.c	2011-09-30 13:53:21.000000000 +0300
 @@ -0,0 +1,105 @@
 +/* Shared library add-on to iptables to add IMQ target support. */
 +#include <stdio.h>
@@ -107,9 +107,9 @@ diff -Naur iptables-1.4.12.2/extensions/libxt_IMQ.c iptables-1.4.12.2-imq/extens
 +	xtables_register_target(&imq_target);
 +	xtables_register_target(&imq_target6);
 +}
-diff -Naur iptables-1.4.12.2/extensions/libxt_IMQ.man iptables-1.4.12.2-imq/extensions/libxt_IMQ.man
+diff -Naur iptables-1.4.12.2/extensions/libxt_IMQ.man extensions/libxt_IMQ.man
 --- iptables-1.4.12.2/extensions/libxt_IMQ.man	1970-01-01 02:00:00.000000000 +0200
-+++ iptables-1.4.12.2-imq/extensions/libxt_IMQ.man	2011-09-30 13:53:21.000000000 +0300
++++ extensions/libxt_IMQ.man	2011-09-30 13:53:21.000000000 +0300
 @@ -0,0 +1,15 @@
 +This target is used to redirect the traffic to the IMQ driver and you can apply
 +QoS rules like HTB or CBQ.
@@ -126,9 +126,9 @@ diff -Naur iptables-1.4.12.2/extensions/libxt_IMQ.man iptables-1.4.12.2-imq/exte
 +Redirect incomming traffic from interface eth0 to imq0 and outgoing traffic to imq1:
 +iptables \-t mangle \-A FORWARD \-i eth0 \-j IMQ \-\-to\-dev 0
 +iptables \-t mangle \-A FORWARD \-o eth0 \-j IMQ \-\-to\-dev 1
-diff -Naur iptables-1.4.12.2/include/linux/netfilter/xt_IMQ.h iptables-1.4.12.2-imq/include/linux/netfilter/xt_IMQ.h
+diff -Naur iptables-1.4.12.2/include/linux/netfilter/xt_IMQ.h include/linux/netfilter/xt_IMQ.h
 --- iptables-1.4.12.2/include/linux/netfilter/xt_IMQ.h	1970-01-01 02:00:00.000000000 +0200
-+++ iptables-1.4.12.2-imq/include/linux/netfilter/xt_IMQ.h	2011-09-30 13:53:21.000000000 +0300
++++ include/linux/netfilter/xt_IMQ.h	2011-09-30 13:53:21.000000000 +0300
 @@ -0,0 +1,9 @@
 +#ifndef _XT_IMQ_H
 +#define _XT_IMQ_H
diff --git a/net-firewall/iptables/files/iptables-1.4.17-libip6tc.patch b/net-firewall/iptables/files/iptables-1.4.17-libip6tc.patch
new file mode 100644
index 0000000..5212dd2
--- /dev/null
+++ b/net-firewall/iptables/files/iptables-1.4.17-libip6tc.patch
@@ -0,0 +1,32 @@
+From d42bc7c100de69396a527e90736198f8e4e3000b Mon Sep 17 00:00:00 2001
+From: Mike Frysinger <vapier@gentoo.org>
+Date: Sun, 30 Dec 2012 18:06:15 -0500
+Subject: [PATCH] extensions: fix linking against -lip6tc
+
+The current build forgets to specify a path to find libip6tc which means
+it either fails (if there is no libip6tc in the system), or links against
+an old version (if there is one in the system).
+
+References: https://bugs.gentoo.org/449262
+Reported-by: Mike Gilbert <floppym@gentoo.org>
+Signed-off-by: Mike Frysinger <vapier@gentoo.org>
+---
+ extensions/GNUmakefile.in | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/extensions/GNUmakefile.in b/extensions/GNUmakefile.in
+index e71e3ff..a605474 100644
+--- a/extensions/GNUmakefile.in
++++ b/extensions/GNUmakefile.in
+@@ -101,7 +101,7 @@ libxt_state.so: libxt_conntrack.so
+ 	ln -fs $< $@
+ 
+ # Need the LIBADDs in iptables/Makefile.am too for libxtables_la_LIBADD
+-ip6t_NETMAP_LIBADD  = -lip6tc
++ip6t_NETMAP_LIBADD  = -L../libiptc/.libs -lip6tc
+ xt_RATEEST_LIBADD   = -lm
+ xt_statistic_LIBADD = -lm
+ 
+-- 
+1.8.0
+
diff --git a/net-firewall/iptables/files/iptables-layer7.patch b/net-firewall/iptables/files/iptables-layer7.patch
index 3963f5e..b60130a 100644
--- a/net-firewall/iptables/files/iptables-layer7.patch
+++ b/net-firewall/iptables/files/iptables-layer7.patch
@@ -1,6 +1,6 @@
-diff -urN iptables-1.4.9.1.org/extensions/libxt_layer7.c iptables-1.4.9.1/extensions/libxt_layer7.c
+diff -urN iptables-1.4.9.1.org/extensions/libxt_layer7.c extensions/libxt_layer7.c
 --- iptables-1.4.9.1.org/extensions/libxt_layer7.c	1970-01-01 01:00:00.000000000 +0100
-+++ iptables-1.4.9.1/extensions/libxt_layer7.c	2009-07-14 00:53:05.000000000 +0200
++++ extensions/libxt_layer7.c	2009-07-14 00:53:05.000000000 +0200
 @@ -0,0 +1,368 @@
 +/* 
 +   Shared library add-on to iptables for layer 7 matching support. 
@@ -370,9 +370,9 @@ diff -urN iptables-1.4.9.1.org/extensions/libxt_layer7.c iptables-1.4.9.1/extens
 +{
 +	xtables_register_match(&layer7);
 +}
-diff -urN iptables-1.4.9.1.org/extensions/libxt_layer7.man iptables-1.4.9.1/extensions/libxt_layer7.man
+diff -urN iptables-1.4.9.1.org/extensions/libxt_layer7.man extensions/libxt_layer7.man
 --- iptables-1.4.9.1.org/extensions/libxt_layer7.man	1970-01-01 01:00:00.000000000 +0100
-+++ iptables-1.4.9.1/extensions/libxt_layer7.man	2009-07-14 00:51:32.000000000 +0200
++++ extensions/libxt_layer7.man	2009-07-14 00:51:32.000000000 +0200
 @@ -0,0 +1,14 @@
 +This module matches packets based on the application layer data of 
 +their connections.  It uses regular expression matching to compare 
@@ -389,7 +389,7 @@ diff -urN iptables-1.4.9.1.org/extensions/libxt_layer7.man iptables-1.4.9.1/exte
 +specified before --l7proto.
 +
 --- iptables.orig/include/linux/netfilter/xt_layer7.h	1969-12-31 18:00:00.000000000 -0600
-+++ iptables/include/linux/netfilter/xt_layer7.h	2009-01-07 16:07:31.000000000 -0600
++++ include/linux/netfilter/xt_layer7.h	2009-01-07 16:07:31.000000000 -0600
 @@ -0,0 +1,13 @@
 +#ifndef _XT_LAYER7_H
 +#define _XT_LAYER7_H
diff --git a/net-firewall/iptables/iptables-1.4.17.ebuild b/net-firewall/iptables/iptables-1.4.17.ebuild
new file mode 100644
index 0000000..3c83b18
--- /dev/null
+++ b/net-firewall/iptables/iptables-1.4.17.ebuild
@@ -0,0 +1,87 @@
+# Copyright 1999-2013 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-firewall/iptables/iptables-1.4.17.ebuild,v 1.2 2012/12/30 23:11:07 vapier Exp $
+
+EAPI="4"
+
+# Force users doing their own patches to install their own tools
+AUTOTOOLS_AUTO_DEPEND=no
+
+inherit eutils multilib toolchain-funcs autotools
+
+DESCRIPTION="Linux kernel (2.4+) firewall, NAT and packet mangling tools"
+HOMEPAGE="http://www.iptables.org/"
+SRC_URI="http://iptables.org/projects/iptables/files/${P}.tar.bz2"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86"
+IUSE="ipv6 netlink static-libs"
+
+RDEPEND="
+	netlink? ( net-libs/libnfnetlink )
+"
+DEPEND="${RDEPEND}
+	virtual/os-headers
+	virtual/pkgconfig
+"
+
+src_prepare() {
+	# use the saner headers from the kernel
+	rm -f include/linux/{kernel,types}.h
+	epatch "${FILESDIR}"/${P}-libip6tc.patch #449262
+	epatch "${FILESDIR}/iptables-1.4.13-IMQ-test1.diff"
+	epatch "${FILESDIR}/iptables-layer7.patch"
+	eautoreconf
+
+	# Only run autotools if user patched something
+	epatch_user && eautoreconf || elibtoolize
+}
+
+src_configure() {
+	sed -i \
+		-e "/nfnetlink=[01]/s:=[01]:=$(usex netlink 1 0):" \
+		configure || die
+
+	econf \
+		--sbindir="${EPREFIX}/sbin" \
+		--libexecdir="${EPREFIX}/$(get_libdir)" \
+		--enable-devel \
+		--enable-shared \
+		$(use_enable static-libs static) \
+		$(use_enable ipv6)
+}
+
+src_compile() {
+	emake V=1
+}
+
+src_install() {
+	default
+	dodoc INCOMPATIBILITIES iptables/iptables.xslt
+
+	# all the iptables binaries are in /sbin, so might as well
+	# put these small files in with them
+	into /
+	dosbin iptables/iptables-apply
+	dosym iptables-apply /sbin/ip6tables-apply
+	doman iptables/iptables-apply.8
+
+	insinto /usr/include
+	doins include/iptables.h $(use ipv6 && echo include/ip6tables.h)
+	insinto /usr/include/iptables
+	doins include/iptables/internal.h
+
+	keepdir /var/lib/iptables
+	newinitd "${FILESDIR}"/${PN}-1.4.13-r1.init iptables
+	newconfd "${FILESDIR}"/${PN}-1.4.13.confd iptables
+	if use ipv6 ; then
+		keepdir /var/lib/ip6tables
+		newinitd "${FILESDIR}"/iptables-1.4.13-r1.init ip6tables
+		newconfd "${FILESDIR}"/ip6tables-1.4.13.confd ip6tables
+	fi
+
+	# Move important libs to /lib
+	gen_usr_ldscript -a ip{4,6}tc iptc xtables
+	find "${ED}" -type f -name '*.la' -exec rm -rf '{}' '+' || die "la removal failed"
+}