diff --git a/app-admin/opensnitch/Manifest b/app-admin/opensnitch/Manifest
index 8a5b33578..55dca16a2 100644
--- a/app-admin/opensnitch/Manifest
+++ b/app-admin/opensnitch/Manifest
@@ -18,3 +18,4 @@ DIST github.com-varlink-go-v0.4.0.tar.gz 28064 BLAKE2B ba9fa9b230878abde99b59841
 DIST github.com-vishvananda-netlink-dd687eb2f2d4.tar.gz 189590 BLAKE2B 6530c19453e22f2bcf4189c751d2478c3d85e4b6e3bac459e0f68ba3621efe80ea9206f9b848ccff110c340c17240f59ec89eb63d6f8401860f576a08bbc6b54 SHA512 5638d93830d2fe5ba315ea765ceb95058a98817f71585446c8767e3a7307a4b7eae35fdc55599b6f956cafaab6e0f94ce4fa4f5df3bd3900b2e4f1dfb8748cc3
 DIST github.com-vishvananda-netns-db3c7e526aae.tar.gz 8281 BLAKE2B d74e12debc35118ccd55abc297e1dd39408c8817ffff06965840a984bd5552b45da42a8f89f91adabd2e27b9a32d7d823ae065834aa7ccd5376d4ab3d429738c SHA512 cc564db276cf3cabba1f7dacbb84e5a90d1b2545bddf69ea84c266dd730e11c3db00d40565c74bf67a2f065f0f8e0a797db53fcdbeeade8cd692178367ce3533
 DIST opensnitch-1.6.4.tar.gz 1342558 BLAKE2B 3468456b699002634a2a407d1e07c86d54828a73407d0736d6b6a2080b4a2898d91737f48bd70289984578f305d1bfbfcd455bccd6b8b7adedc954e39f4dfe9b SHA512 0a4618af851e2f919d90a9b71b6946a536ed898ae10195e4ceb9a226036c6db299a4641a511b84de05d53a4743fdba8945acd281f4acf2d2fe9ff2ad80688c93
+DIST opensnitch-1.6.5.tar.gz 1354754 BLAKE2B 8672208d6b4824186d102054fb5e2f9debc5f761d83908808e5392bdca1dc876bbd3c91468c54b15b92bd020fdd7e07779e3d5cc619e6e28bfcd9bae9320d86b SHA512 f697a75d1dc3f1e50579cda4b04bad8ddfb30969c31998300a78fae7e679d066b1f99430d4a2acaae36af46f5cbc48f46edc981b14ea37f2bbde556121d3a541
diff --git a/app-admin/opensnitch/files/opensnitch-1.6.5-systemd.patch b/app-admin/opensnitch/files/opensnitch-1.6.5-systemd.patch
new file mode 100644
index 000000000..0006a4abb
--- /dev/null
+++ b/app-admin/opensnitch/files/opensnitch-1.6.5-systemd.patch
@@ -0,0 +1,15 @@
+diff --git a/daemon/opensnitchd.service b/daemon/opensnitchd.service
+index 3f05fad..bf29739 100644
+--- a/daemon/opensnitchd.service
++++ b/daemon/opensnitchd.service
+@@ -4,9 +4,7 @@ Documentation=https://github.com/evilsocket/opensnitch/wiki
+ 
+ [Service]
+ Type=simple
+-PermissionsStartOnly=true
+-ExecStartPre=/bin/mkdir -p /etc/opensnitchd/rules
+-ExecStart=/usr/local/bin/opensnitchd -rules-path /etc/opensnitchd/rules
++ExecStart=/usr/bin/opensnitchd -rules-path /etc/opensnitchd/rules -ui-socket unix:///tmp/osui.sock -cpu-profile /tmp/cpu.profile -mem-profile /tmp/mem.profile
+ Restart=always
+ RestartSec=30
+ TimeoutStopSec=10
diff --git a/app-admin/opensnitch/opensnitch-1.6.5.ebuild b/app-admin/opensnitch/opensnitch-1.6.5.ebuild
new file mode 100644
index 000000000..b6a9d00a4
--- /dev/null
+++ b/app-admin/opensnitch/opensnitch-1.6.5.ebuild
@@ -0,0 +1,172 @@
+# Copyright 1999-2024 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+DISTUTILS_USE_PEP517=setuptools
+PYTHON_COMPAT=( python3_{10..11} )
+inherit distutils-r1 linux-info systemd xdg-utils
+
+DESCRIPTION="Desktop application firewall"
+HOMEPAGE="https://github.com/evilsocket/opensnitch"
+
+EGO_PN="github.com/evilsocket/opensnitch"
+# modified from opensnitch/daemon/go.mod
+# NOTE: build fails with github.com/josharian/native after commit 5c7d0dd6ab
+EGO_VENDOR=(
+	"github.com/fsnotify/fsnotify v1.4.7"
+	"github.com/golang/protobuf v1.5.0"
+	"github.com/google/gopacket v1.1.14"
+	"github.com/google/nftables v0.1.0"
+	"github.com/google/uuid v1.3.0"
+	"github.com/iovisor/gobpf v0.2.0"
+	"github.com/varlink/go v0.4.0"
+	"github.com/vishvananda/netlink dd687eb2f2d4"
+	"golang.org/x/net v0.17.0 github.com/golang/net"
+	"golang.org/x/sys v0.13.0 github.com/golang/sys"
+	"google.golang.org/grpc v1.32.0 github.com/grpc/grpc-go"
+	"google.golang.org/protobuf v1.27.1 github.com/protocolbuffers/protobuf-go"
+
+	"golang.org/x/sync v0.1.0 github.com/golang/sync"
+	"golang.org/x/text v0.7.0 github.com/golang/text"
+	"google.golang.org/genproto 0dfe4f8abfcc github.com/googleapis/go-genproto"
+	"github.com/mdlayher/netlink v1.7.1"
+	"github.com/mdlayher/socket 41a913f399"
+	"github.com/josharian/native v1.1.0"
+	"github.com/vishvananda/netns db3c7e526aae"
+)
+
+inherit golang-vcs-snapshot
+
+SRC_URI="
+	https://github.com/evilsocket/opensnitch/archive/refs/tags/v${PV}.tar.gz -> ${P}.tar.gz
+	${EGO_VENDOR_URI}
+"
+
+LICENSE="GPL-3"
+SLOT="0"
+IUSE="+audit bpf +iptables +nftables systemd"
+REQUIRED_USE="|| ( iptables nftables )"
+KEYWORDS="~amd64"
+
+DEPEND=">=dev-lang/go-1.19
+	net-libs/libnetfilter_queue
+	dev-go/go-protobuf
+	dev-go/protoc-gen-go-grpc
+"
+RDEPEND="
+	dev-python/grpcio-tools[${PYTHON_USEDEP}]
+	dev-python/notify2[${PYTHON_USEDEP}]
+	dev-python/python-slugify[${PYTHON_USEDEP}]
+	dev-python/pyinotify[${PYTHON_USEDEP}]
+	dev-python/PyQt5[network,sql,${PYTHON_USEDEP}]
+	bpf? ( ~app-admin/opensnitch-ebpf-module-$PV )
+"
+
+RESTRICT+=" test"
+
+pkg_setup() {
+	# see https://github.com/evilsocket/opensnitch/discussions/978
+	local CONFIG_CHECK="
+		INET_TCP_DIAG
+		INET_UDP_DIAG
+		INET_RAW_DIAG
+		INET_DIAG_DESTROY
+		NETFILTER_NETLINK_ACCT
+		NETFILTER_NETLINK_QUEUE
+		NF_CONNTRACK
+		NF_CT_NETLINK
+		PROC_FS
+	"
+
+	# config needed for the audit monitoring method
+	use audit && CONFIG_CHECK+="
+		AUDIT
+	"
+
+	# config needed for using iptables as firewall
+	use iptables && CONFIG_CHECK+="
+		NETFILTER_XT_MATCH_CONNTRACK
+		NETFILTER_XT_TARGET_NFQUEUE
+	"
+
+	# config needed for using nftables as firewall
+	use nftables && CONFIG_CHECK+="
+		NFT_CT
+		NFT_QUEUE
+	"
+
+	linux-info_pkg_setup
+}
+
+src_prepare() {
+	rm -rf src/${EGO_PN}/ui/tests || die
+
+	if use systemd; then
+		pushd "${WORKDIR}/${P}/src/${EGO_PN}" > /dev/null || die
+		eapply "${FILESDIR}/${P}-systemd.patch"
+		popd > /dev/null || die
+	fi
+
+	pushd src/${EGO_PN} > /dev/null || die
+	eapply_user
+	popd > /dev/null || die
+}
+
+src_compile() {
+	emake -C src/${EGO_PN} protocol
+
+	pushd src/${EGO_PN}/ui > /dev/null || die
+	pyrcc5 -o opensnitch/{resources_rc.py,/res/resources.qrc}
+	# workaround for namespace conflict
+	# see https://github.com/evilsocket/opensnitch/issues/496
+	# and https://github.com/evilsocket/opensnitch/pull/442
+	sed -i 's/^import ui_pb2/from . import ui_pb2/' opensnitch/ui_pb2* || die
+	popd > /dev/null || die
+
+	# see https://github.com/evilsocket/opensnitch/issues/851
+	# opensnitch does not build without -fcf-protection when using go >= 1.19,
+	# error message:
+	# cgo: cannot load DWARF output from $WORK/..//_cgo_.o: zlib: invalid header
+	GOPATH="${S}:$(get_golibdir_gopath)" \
+	GOCACHE="${T}/go-cache" \
+	CGO_CPPFLAGS="${CPPFLAGS} -fcf-protection" \
+	CGO_CFLAGS="${CFLAGS} -fcf-protection" \
+	CGO_CXXFLAGS="${CXXFLAGS} -fcf-protection" \
+	go build -v \
+		-buildmode=pie \
+		-ldflags "-compressdwarf=false -linkmode external" \
+		-o opensnitchd \
+		"${EGO_PN}/daemon" || die
+
+	pushd src/${EGO_PN}/ui > /dev/null || die
+	distutils-r1_src_compile
+	popd > /dev/null || die
+}
+
+src_install(){
+	dobin opensnitchd
+
+	pushd src/${EGO_PN}/ui > /dev/null || die
+	distutils-r1_src_install
+	popd > /dev/null || die
+
+	pushd src/${EGO_PN}/daemon > /dev/null || die
+	insinto /etc/opensnitchd/rules
+	insinto /etc/opensnitchd/
+	doins default-config.json
+	doins system-fw.json
+	popd > /dev/null || die
+
+	if use systemd; then
+		pushd src/${EGO_PN}/daemon > /dev/null || die
+		systemd_dounit opensnitchd.service
+		popd > /dev/null || die
+	else
+		newinitd "${FILESDIR}"/opensnitch.initd ${PN}
+	fi
+}
+
+pkg_postinst() {
+	xdg_icon_cache_update
+}