diff --git a/net/nocatauth/Makefile b/net/nocatauth/Makefile
new file mode 100644
index 000000000..c4a7ff690
--- /dev/null
+++ b/net/nocatauth/Makefile
@@ -0,0 +1,65 @@
+#
+# Copyright (C) 2009 OpenWrt.org
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
+# $Id$
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=nocatauth
+PKG_VERSION:=nightly
+PKG_RELEASE:=1
+
+PKG_SOURCE:=NoCatAuth-$(PKG_VERSION).tgz
+PKG_SOURCE_URL:=http://nocat.net/downloads/NoCatAuth/
+PKG_MD5SUM:=b3a5f8d62b322a9409806037ab8d374e
+
+PKG_BUILD_DIR:=$(BUILD_DIR)/NoCatAuth-$(PKG_VERSION)
+
+include $(INCLUDE_DIR)/package.mk
+
+define Package/nocatauth
+  SUBMENU:=Captive Portals
+  SECTION:=net
+  CATEGORY:=Network
+  DEPENDS:=+perl +perlbase-essential +perlbase-posix +perlbase-autoloader +perlbase-xsloader +perlbase-fcntl +perlbase-tie +perlbase-getopt +perlbase-findbin +perlbase-cwd +perlbase-config +perlbase-file +perlbase-sigtrap +perlbase-io +perlbase-symbol +perlbase-selectsaver +perlbase-socket +perlbase-errno +kmod-ipt-ipopt +kmod-ipt-nat-extra +iptables-mod-ipopt +iptables-mod-nat-extra
+  TITLE:=Open public network perl-based gateway daemon
+  URL:=http://nocat.net
+endef
+
+define Package/nocatauth/description
+        NoCatAuth is the original "catch and release" captive portal 
+	implementation. It provides a simple splash screen web page for 
+	clients on your network, as well as a variety of authenticated 
+	modes. It is written in Perl.
+endef
+
+define Build/Configure
+endef
+
+define Build/Compile
+	mkdir -p $(PKG_INSTALL_DIR)
+	$(MAKE) -C $(PKG_BUILD_DIR) \
+		PREFIX="$(PKG_INSTALL_DIR)" \
+		gateway
+endef
+
+define Package/nocatauth/install
+	$(INSTALL_DIR) $(1)
+	$(INSTALL_DIR) $(1)/www
+	$(INSTALL_DATA) $(PKG_INSTALL_DIR)/htdocs/{status,splash}.html $(1)/www
+	$(INSTALL_DIR) $(1)/www/images
+	$(INSTALL_DATA) $(PKG_INSTALL_DIR)/htdocs/images/auth_logo.gif $(1)/www/images
+	$(INSTALL_DIR) $(1)/usr/nocatauth/lib
+	$(CP) $(PKG_INSTALL_DIR)/lib/* $(1)/usr/nocatauth/lib
+	$(INSTALL_DIR) $(1)/usr/nocatauth/bin
+	$(CP) $(PKG_INSTALL_DIR)/bin/* $(1)/usr/nocatauth/bin
+	$(INSTALL_DIR) $(1)/etc
+	$(INSTALL_CONF) $(PKG_INSTALL_DIR)/nocat.conf $(1)/etc/
+	$(INSTALL_DIR) $(1)/etc/init.d
+	$(INSTALL_BIN) ./files/nocatauth-gateway $(1)/etc/init.d/nocatauth-gateway
+endef
+
+$(eval $(call BuildPackage,nocatauth))
diff --git a/net/nocatauth/files/nocatauth-gateway b/net/nocatauth/files/nocatauth-gateway
new file mode 100755
index 000000000..ec4c07e7a
--- /dev/null
+++ b/net/nocatauth/files/nocatauth-gateway
@@ -0,0 +1,14 @@
+#!/bin/sh /etc/rc.common
+# Copyright (C) 2009 OpenWrt.org
+
+START=90
+GATEWAY=/usr/nocatauth/bin/gateway
+CONF=/etc/nocat.conf
+
+start() {
+	$GATEWAY -f $CONF
+}
+
+stop() {
+	killall gateway
+}
diff --git a/net/nocatauth/patches/001-ptp-local.patch b/net/nocatauth/patches/001-ptp-local.patch
new file mode 100644
index 000000000..ce5dd503f
--- /dev/null
+++ b/net/nocatauth/patches/001-ptp-local.patch
@@ -0,0 +1,56 @@
+diff -ru NoCatAuth-nightly/bin/detect-fw.sh NoCatAuth-patched/bin/detect-fw.sh
+--- NoCatAuth-nightly/bin/detect-fw.sh	2002-08-08 23:28:43.000000000 -0700
++++ NoCatAuth-patched/bin/detect-fw.sh	2009-03-18 15:03:00.000000000 -0700
+@@ -9,8 +9,7 @@
+ 
+ # Do we have iptables *and* are running Linux 2.4?
+ #
+-elif which iptables >/dev/null 2>&1 && \
+-  test X"`uname -sr | cut -d. -f-2`" = X"Linux 2.4"; then
++elif which iptables >/dev/null 2>&1 ; then
+     FIREWALL=iptables
+     FW_BIN=iptables
+ 
+diff -ru NoCatAuth-nightly/bin/gateway NoCatAuth-patched/bin/gateway
+--- NoCatAuth-nightly/bin/gateway	2003-03-07 17:56:51.000000000 -0800
++++ NoCatAuth-patched/bin/gateway	2009-03-19 00:24:05.000000000 -0700
+@@ -7,6 +7,7 @@
+ use lib "$FindBin::Bin/../lib";
+ use NoCat;
+ use strict;
++use sigtrap qw(stack-trace untrapped error-signals);
+ 
+ # Gracefully handle termination signals.
+ $SIG{INT} = sub { exit };
+diff -ru NoCatAuth-nightly/lib/NoCat/Gateway.pm NoCatAuth-patched/lib/NoCat/Gateway.pm
+--- NoCatAuth-nightly/lib/NoCat/Gateway.pm	2003-07-30 22:22:22.000000000 -0700
++++ NoCatAuth-patched/lib/NoCat/Gateway.pm	2009-03-19 00:22:09.000000000 -0700
+@@ -90,13 +90,12 @@
+ 
+ sub run {
+     my $self	= shift;
+-    my $kids	= 0;
+     my $hup = 0;
+     
+     return unless $self->bind_socket;
+ 
+     local $SIG{PIPE} = "IGNORE"; 
+-    local $SIG{CHLD} = sub { $kids++ };
++    local $SIG{CHLD} = "IGNORE";
+     local $SIG{HUP} = sub { $hup++ };
+ 
+     # Reset history.
+@@ -134,13 +133,6 @@
+             $self->log( 6, "HUP received, resetting log file." );
+             $hup = 0;
+         }
+-
+-	# See if any kids have expired, reap zombies
+-	if ( $kids ) {
+-	    1 until ( wait == -1 );
+-	    $kids = 0;
+-	}
+-
+     } # loop forever
+ }
+ 
diff --git a/net/nocatauth/patches/002-openwrt.patch b/net/nocatauth/patches/002-openwrt.patch
new file mode 100644
index 000000000..f6c3ed335
--- /dev/null
+++ b/net/nocatauth/patches/002-openwrt.patch
@@ -0,0 +1,30 @@
+diff -ur NoCatAuth-nightly/gateway.conf NoCatAuth-patched/gateway.conf
+--- NoCatAuth-nightly/gateway.conf	2003-02-10 17:59:09.000000000 -0800
++++ NoCatAuth-patched/gateway.conf	2009-03-19 01:20:42.000000000 -0700
+@@ -46,7 +46,7 @@
+ ##
+ # GatewayLog -- Optional.  If unset, messages will go to STDERR.
+ #
+-GatewayLog	/usr/local/nocat/nocat.log
++GatewayLog	/var/log/nocat.log
+ 
+ ##
+ # LoginTimeout - Number of seconds after a client's last
+@@ -79,7 +79,7 @@
+ # DocumentRoot -- Where all of the application templates (including
+ #   SplashPage) are hiding. Can be different from Apache's DocumentRoot.
+ #
+-DocumentRoot	/usr/local/nocat/htdocs
++DocumentRoot	/www
+ 
+ # SplashForm -- Form displayed to users on capture.
+ #
+@@ -289,7 +289,7 @@
+ #   the bin/ parent directory. Set this only if you put it
+ #   somewhere that NoCat doesn't expect.
+ #
+-# PGPKeyPath	/usr/local/nocat/pgp
++# PGPKeyPath	/usr/lib/nocatauth/pgp
+ 
+ ##
+ # MessageVerify -- Shell command to verify a PGP signed
diff --git a/net/nocatauth/patches/003-fix-module-loading b/net/nocatauth/patches/003-fix-module-loading
new file mode 100644
index 000000000..9f1217281
--- /dev/null
+++ b/net/nocatauth/patches/003-fix-module-loading
@@ -0,0 +1,31 @@
+diff -ru NoCatAuth-nightly/libexec/iptables/initialize.fw NoCatAuth-patched/libexec/iptables/initialize.fw
+--- NoCatAuth-nightly/libexec/iptables/initialize.fw	2003-03-26 19:21:04.000000000 -0800
++++ NoCatAuth-patched/libexec/iptables/initialize.fw	2009-03-19 19:24:31.000000000 -0700
+@@ -26,18 +26,6 @@
+     #
+     echo "1" > /proc/sys/net/ipv4/ip_forward
+     echo "1" > /proc/sys/net/ipv4/conf/all/rp_filter
+-
+-    # Load alllll the kernel modules we need.
+-    #
+-    rmmod ipchains > /dev/null 2>&1 # for RH 7.1 users.
+-
+-    for module in ip_tables ipt_REDIRECT ipt_MASQUERADE ipt_MARK ipt_REJECT  \
+-	ipt_TOS ipt_LOG iptable_mangle iptable_filter iptable_nat ip_nat_ftp \
+-	ip_conntrack ip_conntrack_ftp ip_conntrack_irc \
+-	ip_nat_irc ipt_mac ipt_state ipt_mark; do
+-
+-	modprobe $module
+-    done
+ fi
+ 
+ # Flush all user-defined chains
+@@ -241,6 +229,8 @@
+ # Add any other local firewall rules below.
+ ##
+ 
++iptables -t nat -I POSTROUTING -o $ExternalDevice -j MASQUERADE
++
+ ##
+ # Uncomment the following to permit all 10/8 traffic *before* auth
+ ##