diff --git a/net-vpn/tuntox/files/rules.example b/net-vpn/tuntox/files/rules.example
new file mode 100644
index 000000000..df8437c08
--- /dev/null
+++ b/net-vpn/tuntox/files/rules.example
@@ -0,0 +1,4 @@
+# /var/lib/tuntox/rules: config file for /usr/sbin/tuntox
+#
+# List of allowed hostnames and ports.
+# Format is hostname:port (Example: 192.168.0.1:2341)
diff --git a/net-vpn/tuntox/files/tuntox-git-0.0.7_update_env.diff b/net-vpn/tuntox/files/tuntox-git-0.0.7_update_env.diff
new file mode 100644
index 000000000..7fc82a7ee
--- /dev/null
+++ b/net-vpn/tuntox/files/tuntox-git-0.0.7_update_env.diff
@@ -0,0 +1,25 @@
+--- a/main.c	2017-10-23 19:30:01.239197000 +0300
++++ b/main.c	2017-10-23 22:43:40.960904919 +0300
+@@ -36,11 +36,11 @@
+ long int udp_end_port = 0;
+ 
+ /* Directory with config and tox save */
+-char config_path[500] = "/etc/tuntox/";
++char config_path[500] = "/var/lib/tuntox/";
+ 
+ /* Limit hostname and port in server */
+ int nrules = 0;
+-char rules_file[500] = "/etc/tuntox/rules";
++char rules_file[500] = "/var/lib/tuntox/rules";
+ enum rules_policy_enum rules_policy = NONE;
+ rule *rules = NULL;
+ 
+@@ -1185,7 +1185,7 @@
+     fprintf(stderr, "                                       stdin/stdout (SSH ProxyCommand mode)\n");
+     fprintf(stderr, "    -p          - ping the server from -i and exit\n");
+     fprintf(stderr, "  Common:\n");
+-    fprintf(stderr, "    -C <dir>    - save private key in <dir> instead of /etc/tuntox in server\n");
++    fprintf(stderr, "    -C <dir>    - save private key in <dir> instead of /var/lib/tuntox in server\n");
+     fprintf(stderr, "                  mode\n");
+     fprintf(stderr, "    -s <secret> - shared secret used for connection authentication (max\n");
+     fprintf(stderr, "                  %u characters)\n", TOX_MAX_FRIEND_REQUEST_LENGTH-1);
diff --git a/net-vpn/tuntox/files/tuntox.conf b/net-vpn/tuntox/files/tuntox.conf
new file mode 100644
index 000000000..9e8ce87ad
--- /dev/null
+++ b/net-vpn/tuntox/files/tuntox.conf
@@ -0,0 +1,7 @@
+[program:tuntox]
+command = /usr/sbin/tuntox
+autostart = true
+startsecs = 20
+user = tuntox
+redirect_stderr = true
+stdout_logfile = /var/log/tuntox/tuntox.log
diff --git a/net-vpn/tuntox/files/tuntox.confd b/net-vpn/tuntox/files/tuntox.confd
new file mode 100644
index 000000000..6ad93912c
--- /dev/null
+++ b/net-vpn/tuntox/files/tuntox.confd
@@ -0,0 +1,10 @@
+# /etc/conf.d/tuntox: config file for /etc/init.d/tuntox
+
+# Save private key in <dir> instead of /var/lib/tuntox
+TUNTOX_HOME_DIR="/var/lib/tuntox"
+
+# Shared secret used for connection authentication (max 1015 characters)
+TUNTOX_SHARED_SECRET=""
+
+# See more: tuntox -h
+TUNTOX_ARGS="-d"
diff --git a/net-vpn/tuntox/files/tuntox.initd b/net-vpn/tuntox/files/tuntox.initd
new file mode 100644
index 000000000..7aec3f81b
--- /dev/null
+++ b/net-vpn/tuntox/files/tuntox.initd
@@ -0,0 +1,42 @@
+#!/sbin/openrc-run
+# Copyright 1999-2017 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+DAEMON="/usr/bin/${RC_SVCNAME}"
+PID_DIR=${PID_DIR:-/var/run/${RC_SVCNAME}}
+PID_FILE=${PID_DIR}/${RC_SVCNAME}.pid
+USER=${RC_SVCNAME}
+GROUP=${RC_SVCNAME}
+
+[ -z "${TUNTOX_HOME_DIR}" ] && TUNTOX_HOME_DIR="/var/lib/tuntox"
+
+DAEMON_ARGS=("-D -C ${TUNTOX_HOME_DIR} -F ${PID_FILE} -U ${USER} ${TUNTOX_ARGS}")
+
+depend() {
+	need net
+	use netmount
+}
+
+checkconfig() {
+	if [ ! -d ${PID_DIR} ]; then
+		checkpath -q -d -o ${USER}:${GROUP} -m 0755 ${PID_DIR} || return 1
+	fi
+
+	[ -z "${TUNTOX_SHARED_SECRET}" ] || DAEMON_ARGS+=("-s ${TUNTOX_SHARED_SECRET}")
+}
+
+start() {
+	checkconfig || return 1
+	ebegin "Starting ${RC_SVCNAME}"
+	start-stop-daemon --start --quiet --pidfile "${PID_FILE}" \
+		--user "${USER}" --exec "${DAEMON}" -- ${DAEMON_ARGS[@]}
+	eend ${?}
+}
+
+stop() {
+	ebegin "Stopping ${RC_SVCNAME}"
+	start-stop-daemon --stop --quiet --pidfile "${PID_FILE}" --user "${USER}"
+	eend ${?}
+}
+
+# vim: set ft=gentoo-init-d ts=4 :
diff --git a/net-vpn/tuntox/files/tuntox.logrotated b/net-vpn/tuntox/files/tuntox.logrotated
new file mode 100644
index 000000000..be6e15168
--- /dev/null
+++ b/net-vpn/tuntox/files/tuntox.logrotated
@@ -0,0 +1,7 @@
+/var/log/tuntox/tuntox.log {
+	compress
+	daily
+	rotate 3
+	notifempty
+	missingok
+}
diff --git a/net-vpn/tuntox/metadata.xml b/net-vpn/tuntox/metadata.xml
new file mode 100644
index 000000000..1f3e1654c
--- /dev/null
+++ b/net-vpn/tuntox/metadata.xml
@@ -0,0 +1,14 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+  <maintainer type="person">
+    <email>email@linxon.ru</email>
+    <name>Yury Martynov</name>
+  </maintainer>
+  <longdescription>
+    Tuntox is a program which forwards TCP connections over the Tox
+    A program which forwards TCP connections over the Tox protocol. This allows
+    low-latency access to distant machines behind a NAT you can't control or with
+    a dynamic IP address.
+  </longdescription>
+</pkgmetadata>
diff --git a/net-vpn/tuntox/tuntox-0.0.9.ebuild b/net-vpn/tuntox/tuntox-0.0.9.ebuild
new file mode 120000
index 000000000..368c698d0
--- /dev/null
+++ b/net-vpn/tuntox/tuntox-0.0.9.ebuild
@@ -0,0 +1 @@
+tuntox-9999.ebuild
\ No newline at end of file
diff --git a/net-vpn/tuntox/tuntox-9999.ebuild b/net-vpn/tuntox/tuntox-9999.ebuild
new file mode 100644
index 000000000..5aedfd6fb
--- /dev/null
+++ b/net-vpn/tuntox/tuntox-9999.ebuild
@@ -0,0 +1,83 @@
+# Copyright 1999-2019 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+inherit eutils git-r3 systemd toolchain-funcs user
+
+DESCRIPTION="Tunnel TCP connections over the Tox protocol"
+HOMEPAGE="https://gdr.name/tuntox https://github.com/gjedeer/tuntox"
+
+EGIT_REPO_URI="https://github.com/gjedeer/tuntox"
+if [[ ${PV} != *9999 ]]; then
+	EGIT_COMMIT="${PV}"
+	KEYWORDS="~amd64 ~arm ~arm64 ~x86"
+fi
+
+LICENSE="GPL-3"
+SLOT="0"
+IUSE="systemd static"
+
+RDEPEND="
+	dev-libs/libevent:=[threads]
+	net-libs/tox"
+
+DEPEND="${RDEPEND}"
+BDEPEND="virtual/pkgconfig"
+
+pkg_setup() {
+	enewgroup ${PN}
+	enewuser ${PN} -1 -1 /var/lib/${PN} ${PN}
+}
+
+src_prepare() {
+	# Do not rename binary files
+	sed -e "s/\$(CC) -o \$@/\$(CC) -o ${PN}/" \
+		-i Makefile || die "sed failed!"
+
+	use systemd && (
+		sed -e "s/#User=proxy/User=${PN}/" \
+			-e "s/#Group=proxy/Group=${PN}/" \
+			-i scripts/tuntox.service || die "sed failed!"
+	)
+
+	eapply "${FILESDIR}"
+	eapply_user
+}
+
+src_compile() {
+	emake CC=$(tc-getCC) \
+		tox_bootstrap.h \
+		gitversion.h \
+		$(usex static "tuntox" "tuntox_nostatic")
+}
+
+src_install() {
+	for d in lib log; do
+		keepdir "/var/${d}/${PN}"
+		fowners ${PN}:${PN} "/var/${d}/${PN}"
+		fperms 750 "/var/${d}/${PN}"
+	done
+
+	insinto /var/lib/${PN}
+	doins "${FILESDIR}"/tuntox.conf "${FILESDIR}"/rules.example
+	fowners ${PN}:${PN} "/var/lib/${PN}"/{tuntox.conf,rules.example}
+
+	insinto /etc/logrotate.d/
+	newins "${FILESDIR}"/tuntox.logrotated ${PN}
+
+	newinitd "${FILESDIR}"/tuntox.initd ${PN}
+	newconfd "${FILESDIR}"/tuntox.confd ${PN}
+	use systemd && systemd_dounit scripts/tuntox.service
+
+	dobin ${PN}
+	dobin scripts/tokssh
+
+	dodoc README.md VPN.md BUILD.md
+}
+
+pkg_postinst() {
+	ewarn "\nPlease, add yourself to the \"${PN}\" group. This security measure ensures"
+	ewarn "that only trusted users can use tuntox.\n"
+	einfo "See documentation: https://github.com/gjedeer/tuntox#introduction\n"
+}