Index: security/softether-devel/Makefile
===================================================================
--- security/softether-devel/Makefile
+++ security/softether-devel/Makefile
@@ -1,31 +1,27 @@
 # $FreeBSD$
 
-PORTNAME=	softether-devel
-PORTVERSION=	4.21.9613
-PORTREVISION=	2
+PORTNAME=	softether
+PORTVERSION=	4.27.9668
 CATEGORIES=	security
+MASTER_SITES=	https://www.softether-download.com/files/softether/v4.27-9668-beta-2018.05.29-tree/Source_Code/
+PKGNAMESUFFIX=	-devel
+DISTNAME=	${PORTNAME}-src-v4.27-9668-beta
 
 MAINTAINER=	hrs@FreeBSD.org
-COMMENT=	Cross-platform Multi-protocol VPN Software
+COMMENT=	Softether VPN solution
 
 LICENSE=	GPLv2
 LICENSE_FILE=	${WRKSRC}/LICENSE
 
+ONLY_FOR_ARCHS=	amd64 i386
 CONFLICTS_INSTALL=	softether
 
-USES=		dos2unix gmake iconv localbase readline ssl
-DOS2UNIX_FILES=	src/Mayaqua/Network.c
-USE_GITHUB=	yes
-GH_ACCOUNT=	SoftEtherVPN
-GH_PROJECT=	SoftEtherVPN
-GH_TAGNAME=	1e17c9b
-ALL_TARGET=	build
-MAKE_ENV=	STAGEDIR=${STAGEDIR} ICONV_LIB=${ICONV_LIB}
-USE_RC_SUBR=	vpnserver vpnclient vpnbridge
-PORTDOCS=	AUTHORS.TXT BUILD_UNIX.TXT ChangeLog README THIRD_PARTY.TXT \
-		WARNING.TXT
+CPPFLAGS+=	-I${LOCALBASE}/include
+LDFLAGS+=	-L${LOCALBASE}/lib
+
+PORTDOCS=	AUTHORS.TXT ChangeLog LICENSE README THIRD_PARTY.TXT WARNING.TXT
 
-OPTIONS_DEFINE= DOCS UNLOCK
+OPTIONS_DEFINE=	DOCS UNLOCK
 
 # Use of some functions in Japan and China is restricted.
 # This option Unlocks regional lockout following functions:
@@ -34,16 +30,55 @@
 #  - Deep-inspect packet logging function
 #  - Source IP address control list function
 #  - syslog transfer function
-UNLOCK_DESC= Unlock regional lockout (JP and CN)
-UNLOCK_EXTRA_PATCHES=   ${FILESDIR}/extra-patch-unrestrict-enterprise-functions
+UNLOCK_DESC=	Unlock regional lockout (JP and CN)
+UNLOCK_EXTRA_PATCHES=	${FILESDIR}/extra-patch-unrestrict-enterprise-functions
 
-post-patch:
-	${INSTALL_DATA} ${WRKSRC}/src/makefiles/freebsd_32bit.mak \
-	    ${WRKSRC}/Makefile
+USES=		dos2unix gmake iconv:wchar_t localbase:ldflags ncurses \
+		readline ssl
+DOS2UNIX_FILES=	AUTHORS.TXT ChangeLog LICENSE README THIRD_PARTY.TXT \
+		WARNING.TXT src/Cedar/*.* src/Mayaqua/*.*
+USE_RC_SUBR=	softether_bridge softether_client softether_server
+SUB_FILES=	vpncmd
+
+LOGDIR?=	/var/log/softether
+PLIST_SUB+=	LOGDIR="${LOGDIR}"
+SUB_LIST=	LOGDIR="${LOGDIR}"
+
+# a pity the source directory has such a naming scheme, but well
+WRKSRC=		${WRKDIR}/v4.27-9668
 
-post-install-DOCS-on:
+ALL_TARGET=	build
+
+.include <bsd.port.options.mk>
+
+post-patch:
+	# skip configure at all and copy the corresponding Makefile in place
+.if ${ARCH} != "amd64"
+	@${CP} ${WRKSRC}/src/makefiles/freebsd_32bit.mak ${WRKSRC}/Makefile
+.else
+	@${CP} ${WRKSRC}/src/makefiles/freebsd_64bit.mak ${WRKSRC}/Makefile
+.endif
+	# pull in user specific CFLAGS and LDFLAGS
+	@${REINPLACE_CMD} -e "s|OPTIONS_COMPILE_RELEASE=|OPTIONS_COMPILE_RELEASE=${CFLAGS} |g" ${WRKSRC}/Makefile
+	@${REINPLACE_CMD} -e "s|OPTIONS_LINK_RELEASE=|OPTIONS_LINK_RELEASE=${LDFLAGS} |g" ${WRKSRC}/Makefile
+
+# manually install to ${PREFIX}/libexec/softether, then the final install will copy scripts
+# into ${PREFIX}/sbin
+do-install:
+	${MKDIR} ${STAGEDIR}/${PREFIX}/libexec/softether
+	${INSTALL_SCRIPT} ${WRKSRC}/bin/vpnbridge/vpnbridge ${STAGEDIR}/${PREFIX}/libexec/${PORTNAME}/vpnbridge
+	${INSTALL_SCRIPT} ${WRKSRC}/bin/vpnclient/vpnclient ${STAGEDIR}/${PREFIX}/libexec/${PORTNAME}/vpnclient
+	${INSTALL_SCRIPT} ${WRKSRC}/bin/vpncmd/vpncmd ${STAGEDIR}/${PREFIX}/libexec/${PORTNAME}/vpncmd
+	${INSTALL_SCRIPT} ${WRKSRC}/bin/vpnserver/vpnserver ${STAGEDIR}/${PREFIX}/libexec/${PORTNAME}/vpnserver
+	${INSTALL_DATA} ${WRKSRC}/bin/vpnserver/hamcore.se2 ${STAGEDIR}/${PREFIX}/libexec/${PORTNAME}/hamcore.se2
+	${INSTALL_SCRIPT} ${WRKDIR}/vpncmd ${STAGEDIR}/${PREFIX}/sbin/vpncmd
+.for i in vpnbridge vpnclient vpncmd vpnserver
+	@${STRIP_CMD} ${STAGEDIR}${PREFIX}/libexec/${PORTNAME}/${i}
+.endfor
 	@${MKDIR} ${STAGEDIR}${DOCSDIR}
-	cd ${WRKSRC} && \
-	    ${INSTALL_DATA} ${PORTDOCS} ${STAGEDIR}${DOCSDIR}
+	@${MKDIR} ${STAGEDIR}${LOGDIR}
+.for doc in ${PORTDOCS}
+	${INSTALL_DATA} ${WRKSRC}/${doc} ${STAGEDIR}${DOCSDIR}
+.endfor
 
 .include <bsd.port.mk>
Index: security/softether-devel/distinfo
===================================================================
--- security/softether-devel/distinfo
+++ security/softether-devel/distinfo
@@ -1,3 +1,3 @@
-TIMESTAMP = 1479531912
-SHA256 (SoftEtherVPN-SoftEtherVPN-4.21.9613-1e17c9b_GH0.tar.gz) = 3ba427abd3684e6f3fa1896512d240890f07beee179aef0823cbfd165b06def5
-SIZE (SoftEtherVPN-SoftEtherVPN-4.21.9613-1e17c9b_GH0.tar.gz) = 33681928
+TIMESTAMP = 1532578431
+SHA256 (softether-src-v4.27-9668-beta.tar.gz) = 42f74c3eee12ccafe6e2eaa833385406f953aed284d3bf79e0dcf164cbda0e77
+SIZE (softether-src-v4.27-9668-beta.tar.gz) = 33786372
Index: security/softether-devel/files/patch-src-makefiles-freebsd_32bit.mak
===================================================================
--- security/softether-devel/files/patch-src-makefiles-freebsd_32bit.mak
+++ /dev/null
@@ -1,110 +0,0 @@
---- src/makefiles/freebsd_32bit.mak.orig	2016-04-24 14:49:31 UTC
-+++ src/makefiles/freebsd_32bit.mak
-@@ -25,19 +25,19 @@
- 
- #CC=gcc
- 
--OPTIONS_COMPILE_DEBUG=-D_DEBUG -DDEBUG -DUNIX -DUNIX_BSD -DBRIDGE_BPF -DNO_VLAN -D_REENTRANT -DREENTRANT -D_THREAD_SAFE -D_THREADSAFE -DTHREAD_SAFE -DTHREADSAFE -D_FILE_OFFSET_BITS=64 -I./src/ -I./src/Cedar/ -I./src/Mayaqua/ -I/usr/local/include -I/usr/include -g -fsigned-char
-+OPTIONS_COMPILE_DEBUG=-D_DEBUG -DDEBUG -DUNIX -DUNIX_BSD -DBRIDGE_BPF -DNO_VLAN -D_REENTRANT -DREENTRANT -D_THREAD_SAFE -D_THREADSAFE -DTHREAD_SAFE -DTHREADSAFE -D_FILE_OFFSET_BITS=64 -I./src/ -I./src/Cedar/ -I./src/Mayaqua/ -g -fsigned-char
- 
--OPTIONS_LINK_DEBUG=-g -fsigned-char -L/usr/local/lib -L/usr/lib -lm -lpthread -lssl -lcrypto -liconv -lreadline -lncurses -lz
-+OPTIONS_LINK_DEBUG=-g -fsigned-char -lm -lpthread -lssl -lcrypto ${ICONV_LIB} -lreadline -lncurses -lz
- 
--OPTIONS_COMPILE_RELEASE=-DNDEBUG -DVPN_SPEED -DUNIX -DUNIX_BSD -DBRIDGE_BPF -DNO_VLAN -D_REENTRANT -DREENTRANT -D_THREAD_SAFE -D_THREADSAFE -DTHREAD_SAFE -DTHREADSAFE -D_FILE_OFFSET_BITS=64 -I./src/ -I./src/Cedar/ -I./src/Mayaqua/ -I/usr/local/include -I/usr/include -O2 -fsigned-char
-+OPTIONS_COMPILE_RELEASE=-DNDEBUG -DVPN_SPEED -DUNIX -DUNIX_BSD -DBRIDGE_BPF -DNO_VLAN -D_REENTRANT -DREENTRANT -D_THREAD_SAFE -D_THREADSAFE -DTHREAD_SAFE -DTHREADSAFE -D_FILE_OFFSET_BITS=64 -I./src/ -I./src/Cedar/ -I./src/Mayaqua/ -fsigned-char ${CFLAGS}
- 
--OPTIONS_LINK_RELEASE=-O2 -fsigned-char -L/usr/local/lib -L/usr/lib -lm -lpthread -lssl -lcrypto -liconv -lreadline -lncurses -lz
-+OPTIONS_LINK_RELEASE=-fsigned-char ${LDFLAGS} ${LIBS} -lm -lpthread -lssl -lcrypto ${ICONV_LIB} -lreadline -lncurses -lz
- 
--INSTALL_BINDIR=/usr/bin/
--INSTALL_VPNSERVER_DIR=/usr/vpnserver/
--INSTALL_VPNBRIDGE_DIR=/usr/vpnbridge/
--INSTALL_VPNCLIENT_DIR=/usr/vpnclient/
--INSTALL_VPNCMD_DIR=/usr/vpncmd/
-+INSTALL_BINDIR=${PREFIX}/sbin/
-+INSTALL_VPNSERVER_DIR=${PREFIX}/softethervpn/vpnserver/
-+INSTALL_VPNBRIDGE_DIR=${PREFIX}/softethervpn/vpnbridge/
-+INSTALL_VPNCLIENT_DIR=${PREFIX}/softethervpn/vpnclient/
-+INSTALL_VPNCMD_DIR=${PREFIX}/softethervpn/vpncmd/
- 
- ifeq ($(DEBUG),YES)
- 	OPTIONS_COMPILE=$(OPTIONS_COMPILE_DEBUG)
-@@ -379,7 +379,7 @@ tmp/objs/vpncmd.o: src/vpncmd/vpncmd.c $
- 	$(CC) $(OPTIONS_COMPILE) -c src/vpncmd/vpncmd.c -o tmp/objs/vpncmd.o
- 
- # Install
--install: $(INSTALL_BINDIR)vpnserver $(INSTALL_BINDIR)vpnbridge $(INSTALL_BINDIR)vpnclient $(INSTALL_BINDIR)vpncmd
-+install: $(STAGEDIR)$(INSTALL_BINDIR)vpnserver $(STAGEDIR)$(INSTALL_BINDIR)vpnbridge $(STAGEDIR)$(INSTALL_BINDIR)vpnclient $(STAGEDIR)$(INSTALL_BINDIR)vpncmd
- 	@echo
- 	@echo "--------------------------------------------------------------------"
- 	@echo "Installation completed successfully."
-@@ -391,41 +391,37 @@ install: $(INSTALL_BINDIR)vpnserver $(IN
- 	@echo "--------------------------------------------------------------------"
- 	@echo
- 
--$(INSTALL_BINDIR)vpnserver: bin/vpnserver/hamcore.se2 bin/vpnserver/vpnserver
--	@mkdir -p $(INSTALL_VPNSERVER_DIR)
--	cp bin/vpnserver/hamcore.se2 $(INSTALL_VPNSERVER_DIR)hamcore.se2
--	cp bin/vpnserver/vpnserver $(INSTALL_VPNSERVER_DIR)vpnserver
--	echo "#!/bin/sh" > $(INSTALL_BINDIR)vpnserver
--	echo $(INSTALL_VPNSERVER_DIR)vpnserver '"$$@"' >> $(INSTALL_BINDIR)vpnserver
--	echo 'exit $$?' >> $(INSTALL_BINDIR)vpnserver
--	chmod 755 $(INSTALL_BINDIR)vpnserver
-+$(STAGEDIR)$(INSTALL_BINDIR)vpnserver: bin/vpnserver/hamcore.se2 bin/vpnserver/vpnserver
-+	@mkdir -p $(STAGEDIR)$(INSTALL_VPNSERVER_DIR)
-+	cp bin/vpnserver/hamcore.se2 $(STAGEDIR)$(INSTALL_VPNSERVER_DIR)hamcore.se2
-+	$(BSD_INSTALL_PROGRAM) bin/vpnserver/vpnserver $(STAGEDIR)$(INSTALL_VPNSERVER_DIR)vpnserver
-+	echo "#!/bin/sh" > $(STAGEDIR)$(INSTALL_BINDIR)vpnserver
-+	echo exec $(INSTALL_VPNSERVER_DIR)vpnserver '"$$@"' >> $(STAGEDIR)$(INSTALL_BINDIR)vpnserver
-+	chmod 755 $(STAGEDIR)$(INSTALL_BINDIR)vpnserver
- 
--$(INSTALL_BINDIR)vpnbridge: bin/vpnbridge/hamcore.se2 bin/vpnbridge/vpnbridge
--	@mkdir -p $(INSTALL_VPNBRIDGE_DIR)
--	cp bin/vpnbridge/hamcore.se2 $(INSTALL_VPNBRIDGE_DIR)hamcore.se2
--	cp bin/vpnbridge/vpnbridge $(INSTALL_VPNBRIDGE_DIR)vpnbridge
--	echo "#!/bin/sh" > $(INSTALL_BINDIR)vpnbridge
--	echo $(INSTALL_VPNBRIDGE_DIR)vpnbridge '"$$@"' >> $(INSTALL_BINDIR)vpnbridge
--	echo 'exit $$?' >> $(INSTALL_BINDIR)vpnbridge
--	chmod 755 $(INSTALL_BINDIR)vpnbridge
-+$(STAGEDIR)$(INSTALL_BINDIR)vpnbridge: bin/vpnbridge/hamcore.se2 bin/vpnbridge/vpnbridge
-+	@mkdir -p $(STAGEDIR)$(INSTALL_VPNBRIDGE_DIR)
-+	cp bin/vpnbridge/hamcore.se2 $(STAGEDIR)$(INSTALL_VPNBRIDGE_DIR)hamcore.se2
-+	$(BSD_INSTALL_PROGRAM) bin/vpnbridge/vpnbridge $(STAGEDIR)$(INSTALL_VPNBRIDGE_DIR)vpnbridge
-+	echo "#!/bin/sh" > $(STAGEDIR)$(INSTALL_BINDIR)vpnbridge
-+	echo exec $(INSTALL_VPNBRIDGE_DIR)vpnbridge '"$$@"' >> $(STAGEDIR)$(INSTALL_BINDIR)vpnbridge
-+	chmod 755 $(STAGEDIR)$(INSTALL_BINDIR)vpnbridge
- 
--$(INSTALL_BINDIR)vpnclient: bin/vpnclient/hamcore.se2 bin/vpnclient/vpnclient
--	@mkdir -p $(INSTALL_VPNCLIENT_DIR)
--	cp bin/vpnclient/hamcore.se2 $(INSTALL_VPNCLIENT_DIR)hamcore.se2
--	cp bin/vpnclient/vpnclient $(INSTALL_VPNCLIENT_DIR)vpnclient
--	echo "#!/bin/sh" > $(INSTALL_BINDIR)vpnclient
--	echo $(INSTALL_VPNCLIENT_DIR)vpnclient '"$$@"' >> $(INSTALL_BINDIR)vpnclient
--	echo 'exit $$?' >> $(INSTALL_BINDIR)vpnclient
--	chmod 755 $(INSTALL_BINDIR)vpnclient
-+$(STAGEDIR)$(INSTALL_BINDIR)vpnclient: bin/vpnclient/hamcore.se2 bin/vpnclient/vpnclient
-+	@mkdir -p $(STAGEDIR)$(INSTALL_VPNCLIENT_DIR)
-+	cp bin/vpnclient/hamcore.se2 $(STAGEDIR)$(INSTALL_VPNCLIENT_DIR)hamcore.se2
-+	$(BSD_INSTALL_PROGRAM) bin/vpnclient/vpnclient $(STAGEDIR)$(INSTALL_VPNCLIENT_DIR)vpnclient
-+	echo "#!/bin/sh" > $(STAGEDIR)$(INSTALL_BINDIR)vpnclient
-+	echo exec $(INSTALL_VPNCLIENT_DIR)vpnclient '"$$@"' >> $(STAGEDIR)$(INSTALL_BINDIR)vpnclient
-+	chmod 755 $(STAGEDIR)$(INSTALL_BINDIR)vpnclient
- 
--$(INSTALL_BINDIR)vpncmd: bin/vpncmd/hamcore.se2 bin/vpncmd/vpncmd
--	@mkdir -p $(INSTALL_VPNCMD_DIR)
--	cp bin/vpncmd/hamcore.se2 $(INSTALL_VPNCMD_DIR)hamcore.se2
--	cp bin/vpncmd/vpncmd $(INSTALL_VPNCMD_DIR)vpncmd
--	echo "#!/bin/sh" > $(INSTALL_BINDIR)vpncmd
--	echo $(INSTALL_VPNCMD_DIR)vpncmd '"$$@"' >> $(INSTALL_BINDIR)vpncmd
--	echo 'exit $$?' >> $(INSTALL_BINDIR)vpncmd
--	chmod 755 $(INSTALL_BINDIR)vpncmd
-+$(STAGEDIR)$(INSTALL_BINDIR)vpncmd: bin/vpncmd/hamcore.se2 bin/vpncmd/vpncmd
-+	@mkdir -p $(STAGEDIR)$(INSTALL_VPNCMD_DIR)
-+	cp bin/vpncmd/hamcore.se2 $(STAGEDIR)$(INSTALL_VPNCMD_DIR)hamcore.se2
-+	$(BSD_INSTALL_PROGRAM) bin/vpncmd/vpncmd $(STAGEDIR)$(INSTALL_VPNCMD_DIR)vpncmd
-+	echo "#!/bin/sh" > $(STAGEDIR)$(INSTALL_BINDIR)vpncmd
-+	echo exec $(INSTALL_VPNCMD_DIR)vpncmd '"$$@"' >> $(STAGEDIR)$(INSTALL_BINDIR)vpncmd
-+	chmod 755 $(STAGEDIR)$(INSTALL_BINDIR)vpncmd
- 
- # Clean
- clean:
Index: security/softether-devel/files/patch-src_Mayaqua_Network.c
===================================================================
--- security/softether-devel/files/patch-src_Mayaqua_Network.c
+++ /dev/null
@@ -1,14 +0,0 @@
---- src/Mayaqua/Network.c.orig	2017-01-12 14:15:02 UTC
-+++ src/Mayaqua/Network.c
-@@ -12983,7 +12983,11 @@ bool StartSSLEx(SOCK *sock, X *x, K *pri
- 		{
- 			if (client_tls == false)
- 			{
-+#ifndef OPENSSL_NO_SSL3_METHOD
- 				SSL_CTX_set_ssl_version(ssl_ctx, SSLv3_method());
-+#else
-+				SSL_CTX_set_ssl_version(ssl_ctx, SSLv23_method());
-+#endif
- 			}
- 			else
- 			{
Index: security/softether-devel/files/patch-src__Cedar__Cedar.h
===================================================================
--- /dev/null
+++ security/softether-devel/files/patch-src__Cedar__Cedar.h
@@ -0,0 +1,75 @@
+--- src/Cedar/Cedar.h.orig	2016-05-03 06:16:53 UTC
++++ src/Cedar/Cedar.h
+@@ -510,22 +510,22 @@
+ #define	LOG_ENGINE_BUFFER_CACHE_SIZE_MAX	(10 * 1024 * 1024)	// Write cache size
+ 
+ // Constant such as a file name
+-#define	SERVER_LOG_DIR_NAME			"@server_log"
++#define	SERVER_LOG_DIR_NAME			"/var/log/softether/server"
+ #define	BRIDGE_LOG_DIR_NAME			SERVER_LOG_DIR_NAME
+ #define	SERVER_LOG_PERFIX			"vpn"
+ 
+-#define	HUB_SECURITY_LOG_DIR_NAME	"@security_log"
+-#define	HUB_SECURITY_LOG_FILE_NAME	"@security_log/%s"
++#define	HUB_SECURITY_LOG_DIR_NAME	"/var/log/softether/security"
++#define	HUB_SECURITY_LOG_FILE_NAME	"/var/log/softether/security/%s"
+ #define	HUB_SECURITY_LOG_PREFIX		"sec"
+-#define	HUB_PACKET_LOG_DIR_NAME		"@packet_log"
+-#define	HUB_PACKET_LOG_FILE_NAME	"@packet_log/%s"
++#define	HUB_PACKET_LOG_DIR_NAME		"/var/log/softether/packet"
++#define	HUB_PACKET_LOG_FILE_NAME	"/var/log/softether/packet/%s"
+ #define	HUB_PACKET_LOG_PREFIX		"pkt"
+ 
+-#define	NAT_LOG_DIR_NAME			"@secure_nat_log"
+-#define	NAT_LOG_FILE_NAME			"@secure_nat_log/%s"
++#define	NAT_LOG_DIR_NAME			"/var/log/softether/secure_nat"
++#define	NAT_LOG_FILE_NAME			"/var/log/softether/secure_nat/%s"
+ #define	NAT_LOG_PREFIX				"snat"
+ 
+-#define	CLIENT_LOG_DIR_NAME			"@client_log"
++#define	CLIENT_LOG_DIR_NAME			"/var/log/softether/client"
+ #define	CLIENT_LOG_PREFIX			"client"
+ 
+ // Packet log settings
+@@ -560,8 +560,8 @@
+ #define	DISK_FREE_CHECK_INTERVAL_DEFAULT	(5 * 60 * 1000)
+ 
+ // Simple log
+-#define TINY_LOG_DIRNAME			"@tiny_log"
+-#define TINY_LOG_FILENAME			"@tiny_log/%04u%02u%02u_%02u%02u%02u.log"
++#define TINY_LOG_DIRNAME			"/var/log/softether/tiny"
++#define TINY_LOG_FILENAME			"/var/log/softether/tiny/%04u%02u%02u_%02u%02u%02u.log"
+ 
+ 
+ //////////////////////////////////////////////////////////////////////
+@@ -574,7 +574,7 @@
+ //#define CE_SNAPSHOT_INTERVAL		((UINT64)(3000))
+ #define CE_SNAPSHOT_POLLING_INTERVAL	(1 * 1000)
+ #define CE_SNAPSHOT_POLLING_INTERVAL_LICENSE	(30 * 1000)
+-#define CE_SNAPSHOT_DIR_NAME		"@carrier_log"
++#define CE_SNAPSHOT_DIR_NAME		"/var/log/softether/carrier"
+ #define CE_SNAPSHOT_PREFIX			"carrier"
+ 
+ 
+@@ -591,7 +591,7 @@
+ // Expiration date of random size cache
+ #define	RAND_SIZE_CACHE_EXPIRE		(24 * 60 * 60 * 1000)
+ // Management allowed IP address list file name
+-#define	ADMINIP_TXT					"@adminip.txt"
++#define	ADMINIP_TXT					"/var/db/softether/adminip.txt"
+ 
+ #define NON_SSL_MIN_COUNT			60
+ #define NON_SSL_ENTRY_EXPIRES		(10 * 60 * 1000)
+@@ -642,9 +642,9 @@
+ //////////////////////////////////////////////////////////////////////
+ 
+ #define	EL_ADMIN_PORT			22888
+-#define	EL_CONFIG_FILENAME		"@etherlogger.config"
+-#define	EL_PACKET_LOG_DIR_NAME	"@etherlogger_log"
+-#define	EL_PACKET_LOG_FILE_NAME	"@etherlogger_log/%s"
++#define	EL_CONFIG_FILENAME		"/var/db/softether/etherlogger.config"
++#define	EL_PACKET_LOG_DIR_NAME	"/var/log/softether/etherlogger"
++#define	EL_PACKET_LOG_FILE_NAME	"/var/log/softether/etherlogger/%s"
+ #define	EL_PACKET_LOG_PREFIX	"pkt"
+ #define	EL_LICENSE_CHECK_SPAN	(10 * 1000)
+ 
Index: security/softether-devel/files/patch-src__Cedar__Client.h
===================================================================
--- /dev/null
+++ security/softether-devel/files/patch-src__Cedar__Client.h
@@ -0,0 +1,20 @@
+--- src/Cedar/Client.h.orig	2016-05-03 06:16:53 UTC
++++ src/Cedar/Client.h
+@@ -125,7 +125,7 @@
+ 
+ 
+ // Constants
+-#define	CLIENT_CONFIG_FILE_NAME				"@vpn_client.config"
++#define	CLIENT_CONFIG_FILE_NAME				"/var/db/softether/vpn_client.config"
+ #define	CLIENT_DEFAULT_KEEPALIVE_HOST		"keepalive.softether.org"
+ #define	CLIENT_DEFAULT_KEEPALIVE_PORT		80
+ #define	CLIENT_DEFAULT_KEEPALIVE_INTERVAL	KEEP_INTERVAL_DEFAULT
+@@ -145,7 +145,7 @@
+ #define	CLIENT_WIN32_EXE_FILENAME_X64		"vpnclient_x64.exe"
+ #define	CLIENT_WIN32_EXE_FILENAME_IA64		"vpnclient_ia64.exe"
+ 
+-#define CLIENT_CUSTOM_INI_FILENAME			"@custom.ini"
++#define CLIENT_CUSTOM_INI_FILENAME			"/var/db/softether/custom.ini"
+ 
+ #define	CLIENT_GLOBAL_PULSE_NAME			"clientglobalpulse"
+ 
Index: security/softether-devel/files/patch-src__Cedar__Nat.h
===================================================================
--- /dev/null
+++ security/softether-devel/files/patch-src__Cedar__Nat.h
@@ -0,0 +1,11 @@
+--- src/Cedar/Nat.h.orig	2016-05-03 06:16:53 UTC
++++ src/Cedar/Nat.h
+@@ -115,7 +115,7 @@
+ #define	NAT_H
+ 
+ // Constants
+-#define	NAT_CONFIG_FILE_NAME			"@vpn_router.config"	// NAT configuration file
++#define	NAT_CONFIG_FILE_NAME			"/var/db/softether/vpn_router.config"	// NAT configuration file
+ #define	DEFAULT_NAT_ADMIN_PORT			2828		// Default port number for management
+ #define	NAT_ADMIN_PORT_LISTEN_INTERVAL	1000		// Interval for trying to open a port for management
+ #define	NAT_FILE_SAVE_INTERVAL			(30 * 1000)	// Interval to save
Index: security/softether-devel/files/patch-src__Cedar__Server.c
===================================================================
--- /dev/null
+++ security/softether-devel/files/patch-src__Cedar__Server.c
@@ -0,0 +1,30 @@
+--- src/Cedar/Server.c.orig	2016-05-03 06:16:53 UTC
++++ src/Cedar/Server.c
+@@ -115,12 +115,12 @@
+ 
+ static SERVER *server = NULL;
+ static LOCK *server_lock = NULL;
+-char *SERVER_CONFIG_FILE_NAME = "@vpn_server.config";
+-char *SERVER_CONFIG_FILE_NAME_IN_CLIENT = "@vpn_gate_svc.config";
+-char *SERVER_CONFIG_FILE_NAME_IN_CLIENT_RELAY = "@vpn_gate_relay.config";
+-char *BRIDGE_CONFIG_FILE_NAME = "@vpn_bridge.config";
+-char *SERVER_CONFIG_TEMPLATE_NAME = "@vpn_server_template.config";
+-char *BRIDGE_CONFIG_TEMPLATE_NAME = "@vpn_server_template.config";
++char *SERVER_CONFIG_FILE_NAME = "/var/db/softether/vpn_server.config";
++char *SERVER_CONFIG_FILE_NAME_IN_CLIENT = "/var/db/softether/vpn_gate_svc.config";
++char *SERVER_CONFIG_FILE_NAME_IN_CLIENT_RELAY = "/var/db/softether/vpn_gate_relay.config";
++char *BRIDGE_CONFIG_FILE_NAME = "/var/db/softether/vpn_bridge.config";
++char *SERVER_CONFIG_TEMPLATE_NAME = "/var/db/softether/vpn_server_template.config";
++char *BRIDGE_CONFIG_TEMPLATE_NAME = "/var/db/softether/vpn_server_template.config";
+ 
+ static bool server_reset_setting = false;
+ 
+@@ -10916,7 +10916,7 @@ SERVER *SiNewServerEx(bool bridge, bool 
+ #endif	// OS_WIN32
+ 
+ #ifdef	ENABLE_AZURE_SERVER
+-	if (IsFileExists("@azureserver.config"))
++	if (IsFileExists("/var/db/softether/azureserver.config"))
+ 	{
+ 		DisableRDUPServerGlobally();
+ 		s->AzureServer = NewAzureServer(s->Cedar);
Index: security/softether-devel/files/patch-src__Mayaqua__Cfg.h
===================================================================
--- /dev/null
+++ security/softether-devel/files/patch-src__Mayaqua__Cfg.h
@@ -0,0 +1,11 @@
+--- src/Mayaqua/Cfg.h.orig	2016-05-03 06:16:53 UTC
++++ src/Mayaqua/Cfg.h
+@@ -117,7 +117,7 @@
+ // Macro
+ //#define	CHECK_CFG_NAME_EXISTS			// Check duplication of the existing name
+ 
+-#define	SAVE_BINARY_FILE_NAME_SWITCH	L"@save_binary"
++#define	SAVE_BINARY_FILE_NAME_SWITCH	L"/var/db/softether/save_binary"
+ 
+ // Constants
+ #define	TAG_DECLARE			"declare"
Index: security/softether-devel/files/patch-src__Mayaqua__Cfg.c
===================================================================
--- /dev/null
+++ security/softether-devel/files/patch-src__Mayaqua__Cfg.c
@@ -0,0 +1,11 @@
+--- src/Mayaqua/Cfg.c.orig	2016-05-03 06:16:53 UTC
++++ src/Mayaqua/Cfg.c
+@@ -139,7 +139,7 @@ void BackupCfgWEx(CFG_RW *rw, FOLDER *f,
+ 	}
+ 
+ 	// Determine the directory name
+-	UniFormat(dirname, sizeof(dirname), L"@backup.%s", original[0] == L'@' ? original + 1 : original);
++	UniFormat(dirname, sizeof(dirname), L"/var/db/softether/backup.%s", original[0] == L'@' ? original + 1 : original);
+ 
+ 	// Determine the file name
+ 	LocalTime(&st);
Index: security/softether-devel/files/patch-src__Mayaqua__Kernel.c
===================================================================
--- /dev/null
+++ security/softether-devel/files/patch-src__Mayaqua__Kernel.c
@@ -0,0 +1,11 @@
+--- src/Mayaqua/Kernel.c.orig	2016-05-03 06:16:53 UTC
++++ src/Mayaqua/Kernel.c
+@@ -2213,7 +2213,7 @@ void AbortExitEx(char *msg)
+ 		msg = "Unknown Error";
+ 	}
+ 
+-	f = fopen("abort_error_log.txt", "w");
++	f = fopen("/var/db/softether/abort_error_log.txt", "w");
+ 	if (f != NULL)
+ 	{
+ 		fwrite(msg, 1, strlen(msg), f);
Index: security/softether-devel/files/patch-src__Mayaqua__Network.c
===================================================================
--- /dev/null
+++ security/softether-devel/files/patch-src__Mayaqua__Network.c
@@ -0,0 +1,19 @@
+--- src/Mayaqua/Network.c.orig	2016-05-03 06:16:53 UTC
++++ src/Mayaqua/Network.c
+@@ -13025,10 +13025,15 @@
+ 		{
+ 			if (client_tls == false)
+ 			{
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L
++#ifndef OPENSSL_NO_SSL3
+ 				SSL_CTX_set_ssl_version(ssl_ctx, SSLv3_method());
+ #else
+ 				SSL_CTX_set_ssl_version(ssl_ctx, SSLv23_method());
++				SSL_CTX_set_options(ssl_ctx, SSL_OP_NO_SSLv2 | SSL_OP_NO_TLSv1
++#ifdef SSL_OP_NO_TLSv1_2
++				| SSL_OP_NO_TLSv1_1 | SSL_OP_NO_TLSv1_2
++#endif
++				);
+ #endif
+ 			}
+ 			else
Index: security/softether-devel/files/patch-src__Mayaqua__Table.h
===================================================================
--- /dev/null
+++ security/softether-devel/files/patch-src__Mayaqua__Table.h
@@ -0,0 +1,11 @@
+--- src/Mayaqua/Table.h.orig	2016-05-03 06:16:53 UTC
++++ src/Mayaqua/Table.h
+@@ -119,7 +119,7 @@
+ #define	LANGLIST_FILENAME		"|languages.txt"
+ #define	LANGLIST_FILENAME_WINE	"|languages_wine.txt"
+ 
+-#define	LANG_CONFIG_FILENAME	L"@lang.config"
++#define	LANG_CONFIG_FILENAME	L"/var/db/softether/lang.config"
+ #define	LANG_CONFIG_TEMPLETE	"|lang.config"
+ 
+ // Language constant
Index: security/softether-devel/files/patch-src__Mayaqua__Unix.c
===================================================================
--- /dev/null
+++ security/softether-devel/files/patch-src__Mayaqua__Unix.c
@@ -0,0 +1,29 @@
+--- src/Mayaqua/Unix.c.orig	2016-05-03 06:16:53 UTC
++++ src/Mayaqua/Unix.c
+@@ -931,7 +931,7 @@ void *UnixNewSingleInstance(char *instan
+ 	GetExeDir(dir, sizeof(dir));
+ 
+ 	// File name generation
+-	Format(name, sizeof(name), "%s/.%s", dir, tmp);
++	Format(name, sizeof(name), "/var/db/softether/.%s", tmp);
+ 
+ 	fd = open(name, O_WRONLY);
+ 	if (fd == -1)
+@@ -2320,7 +2320,7 @@ void UnixGenPidFileName(char *name, UINT
+ 	Hash(hash, exe_name, StrLen(exe_name), false);
+ 	BinToStr(tmp1, sizeof(tmp1), hash, sizeof(hash));
+ 
+-	Format(name, size, "%s/.pid_%s", dir, tmp1);
++	Format(name, size, "/var/db/softether/%s.pid", tmp1);
+ }
+ 
+ // Delete the PID file
+@@ -2365,7 +2365,7 @@ void UnixGenCtlFileName(char *name, UINT
+ 	Hash(hash, exe_name, StrLen(exe_name), false);
+ 	BinToStr(tmp1, sizeof(tmp1), hash, sizeof(hash));
+ 
+-	Format(name, size, "%s/.ctl_%s", dir, tmp1);
++	Format(name, size, "/var/db/softether/.ctl_%s", tmp1);
+ }
+ 
+ // Write the CTL file
Index: security/softether-devel/files/softether_bridge.in
===================================================================
--- /dev/null
+++ security/softether-devel/files/softether_bridge.in
@@ -0,0 +1,36 @@
+#!/bin/sh
+
+# PROVIDE: softether_bridge
+# REQUIRE: NETWORKING SERVERS
+# BEFORE: DAEMON
+# KEYWORD: shutdown
+
+#
+# Add the following lines to /etc/rc.conf to enable softether_bridge:
+# softether_bridge_enable (bool):  Set to "NO" by default.
+#                                  Set it to "YES" to enable
+#
+. /etc/rc.subr
+
+name=softether_bridge
+rcvar=softether_bridge_enable
+load_rc_config ${name}
+
+: ${softether_bridge_enable:=NO}
+
+command="%%PREFIX%%/libexec/softether/vpnbridge"
+
+datadir="/var/db/softether"
+
+start_precmd="${name}_precmd"
+start_cmd="${command} start"
+stop_cmd="${command} stop"
+
+softether_bridge_precmd()
+{
+	if [ ! -d "${datadir}" ]; then
+	    mkdir -p ${datadir}
+	fi
+}
+
+run_rc_command "$1"
Index: security/softether-devel/files/softether_client.in
===================================================================
--- /dev/null
+++ security/softether-devel/files/softether_client.in
@@ -0,0 +1,36 @@
+#!/bin/sh
+
+# PROVIDE: softether_client
+# REQUIRE: NETWORKING SERVERS
+# BEFORE: DAEMON
+# KEYWORD: shutdown
+
+#
+# Add the following lines to /etc/rc.conf to enable softether_client:
+# softether_client_enable (bool):  Set to "NO" by default.
+#                                  Set it to "YES" to enable
+#
+. /etc/rc.subr
+
+name=softether_client
+rcvar=softether_client_enable
+load_rc_config ${name}
+
+: ${softether_client_enable:=NO}
+
+command="%%PREFIX%%/libexec/softether/vpnclient"
+
+datadir="/var/db/softether"
+
+start_precmd="${name}_precmd"
+start_cmd="${command} start"
+stop_cmd="${command} stop"
+
+softether_client_precmd()
+{
+	if [ ! -d "${datadir}" ]; then
+	    mkdir -p ${datadir}
+	fi
+}
+
+run_rc_command "$1"
Index: security/softether-devel/files/softether_server.in
===================================================================
--- /dev/null
+++ security/softether-devel/files/softether_server.in
@@ -0,0 +1,36 @@
+#!/bin/sh
+
+# PROVIDE: softether_server
+# REQUIRE: NETWORKING SERVERS
+# BEFORE: DAEMON
+# KEYWORD: shutdown
+
+#
+# Add the following lines to /etc/rc.conf to enable softether_server:
+# softether_server_enable (bool):  Set to "NO" by default.
+#                                  Set it to "YES" to enable
+#
+. /etc/rc.subr
+
+name=softether_server
+rcvar=softether_server_enable
+load_rc_config ${name}
+
+: ${softether_server_enable:=NO}
+
+command="%%PREFIX%%/libexec/softether/vpnserver"
+
+datadir="/var/db/softether"
+
+start_precmd="${name}_precmd"
+start_cmd="${command} start"
+stop_cmd="${command} stop"
+
+softether_server_precmd()
+{
+	if [ ! -d "${datadir}" ]; then
+	    mkdir -p ${datadir}
+	fi
+}
+
+run_rc_command "$1"
Index: security/softether-devel/files/vpnbridge.in
===================================================================
--- security/softether-devel/files/vpnbridge.in
+++ /dev/null
@@ -1,30 +0,0 @@
-#!/bin/sh
-#
-# $FreeBSD$
-#
-# PROVIDE: vpnbridge
-# REQUIRE: LOGIN
-#
-. /etc/rc.subr
-
-name=vpnbridge
-rcvar=${name}_enable
-command=%%PREFIX%%/sbin/${name}
-start_cmd="${name}_start"
-stop_cmd="${name}_stop"
-
-vpnbridge_start()
-{
-
-	$command start
-}
-
-vpnbridge_stop()
-{
-
-	$command stop
-}
-
-load_rc_config $name
-: ${vpnbridge_enable:=NO}
-run_rc_command "$1"
Index: security/softether-devel/files/vpnclient.in
===================================================================
--- security/softether-devel/files/vpnclient.in
+++ /dev/null
@@ -1,30 +0,0 @@
-#!/bin/sh
-#
-# $FreeBSD$
-#
-# PROVIDE: vpnclient
-# REQUIRE: LOGIN
-#
-. /etc/rc.subr
-
-name=vpnclient
-rcvar=${name}_enable
-command=%%PREFIX%%/sbin/${name}
-start_cmd="${name}_start"
-stop_cmd="${name}_stop"
-
-vpnclient_start()
-{
-
-	$command start
-}
-
-vpnclient_stop()
-{
-
-	$command stop
-}
-
-load_rc_config $name
-: ${vpnclient_enable:=NO}
-run_rc_command "$1"
Index: security/softether-devel/files/vpncmd.in
===================================================================
--- /dev/null
+++ security/softether-devel/files/vpncmd.in
@@ -0,0 +1,6 @@
+#!/bin/sh
+#
+# wrapper script for vpncmd, the configuration binary for
+# SoftEther vpn
+#
+%%PREFIX%%/libexec/softether/vpncmd ${1+"$@"}
Index: security/softether-devel/files/vpnserver.in
===================================================================
--- security/softether-devel/files/vpnserver.in
+++ /dev/null
@@ -1,30 +0,0 @@
-#!/bin/sh
-#
-# $FreeBSD$
-#
-# PROVIDE: vpnserver
-# REQUIRE: LOGIN
-#
-. /etc/rc.subr
-
-name=vpnserver
-rcvar=${name}_enable
-command=%%PREFIX%%/sbin/${name}
-start_cmd="${name}_start"
-stop_cmd="${name}_stop"
-
-vpnserver_start()
-{
-
-	$command start
-}
-
-vpnserver_stop()
-{
-
-	$command stop
-}
-
-load_rc_config $name
-: ${vpnserver_enable:=NO}
-run_rc_command "$1"
Index: security/softether-devel/pkg-descr
===================================================================
--- security/softether-devel/pkg-descr
+++ security/softether-devel/pkg-descr
@@ -1,10 +1,7 @@
-SoftEther VPN ("SoftEther" means "Software Ethernet") is one of the
-world's most powerful and easy-to-use multi-protocol VPN software.
+SoftEther VPN ("SoftEther" means "Software Ethernet") is a powerful,
+multi-OS and easy-to-use multi-protocol VPN software. It supports
+SSL-VPN (HTTPS), as well as OpenVPN, IPsec, L2TP, MS-SSTP, L2TPv3
+and EtherIP tunneling protocols and has a clone function to support
+OpenVPN clients.
 
-SoftEther VPN runs on Windows, Linux, Mac, FreeBSD and Solaris.
-
-SoftEther VPN supports most of widely-used VPN protocols
-including SSL-VPN, OpenVPN, IPsec, L2TP, MS-SSTP, L2TPv3 and EtherIP
-by the single SoftEther VPN Server program.
-
-WWW: http://www.softether.org/
+WWW: https://www.softether.org
Index: security/softether-devel/pkg-message
===================================================================
--- /dev/null
+++ security/softether-devel/pkg-message
@@ -0,0 +1,22 @@
+**************************************************************************
+
+To run softether vpn client from startup, add
+softether_client_enable="YES" in your rc.conf.
+
+To run softether vpn server from startup, add
+softether_server_enable="YES" in your rc.conf.
+
+To run softether vpn bridge from startup, add
+softether_bridge_enable="YES" in your rc.conf.
+
+Initial and further configuration of all softether services can be
+done either by using a Windows client to connect to the running
+services or by vpncmd from command line.
+
+Please note client and bridge functionality is not fully
+supported on FreeBSD right now.
+
+When removing SoftEther VPN without the desire to reinstall, please
+ensure to remove the directory /var/db/softether as well.
+
+**************************************************************************
Index: security/softether-devel/pkg-plist
===================================================================
--- security/softether-devel/pkg-plist
+++ security/softether-devel/pkg-plist
@@ -1,12 +1,8 @@
-sbin/vpnserver
-sbin/vpnbridge
-sbin/vpnclient
+libexec/softether/hamcore.se2
+libexec/softether/vpnbridge
+libexec/softether/vpnclient
+libexec/softether/vpncmd
+libexec/softether/vpnserver
 sbin/vpncmd
-softethervpn/vpnbridge/hamcore.se2
-softethervpn/vpnbridge/vpnbridge
-softethervpn/vpnclient/hamcore.se2
-softethervpn/vpnclient/vpnclient
-softethervpn/vpncmd/hamcore.se2
-softethervpn/vpncmd/vpncmd
-softethervpn/vpnserver/hamcore.se2
-softethervpn/vpnserver/vpnserver
+@dir libexec/softether
+@dir %%LOGDIR%%