diff --git a/net/Makefile b/net/Makefile
index 63d96f9ef853..478066ea9705 100644
--- a/net/Makefile
+++ b/net/Makefile
@@ -107,6 +107,7 @@
     SUBDIR += drawterm
     SUBDIR += dropbox-api-command
     SUBDIR += dropbox-uploader
+    SUBDIR += dshell
     SUBDIR += dtcp
     SUBDIR += dtcpclient
     SUBDIR += e169-stats
diff --git a/net/dshell/Makefile b/net/dshell/Makefile
new file mode 100644
index 000000000000..4e9383b50c0d
--- /dev/null
+++ b/net/dshell/Makefile
@@ -0,0 +1,70 @@
+# Created by: Nobutaka Mantani <nobutaka@FreeBSD.org>
+# $FreeBSD$
+
+PORTNAME=	dshell
+PORTVERSION=	3.0.20150220
+CATEGORIES=	net
+
+MAINTAINER=	nobutaka@FreeBSD.org
+COMMENT=	Extensible network forensic analysis framework
+
+LICENSE=	MIT
+LICENSE_FILE=	${WRKSRC}/LICENSE.txt
+
+RUN_DEPENDS=	bash:${PORTSDIR}/shells/bash \
+		${PYTHON_PKGNAMEPREFIX}pygeoip>0:${PORTSDIR}/net/py-pygeoip \
+		${PYTHON_PKGNAMEPREFIX}pycrypto>0:${PORTSDIR}/security/py-pycrypto \
+		${PYTHON_PKGNAMEPREFIX}dpkt>0:${PORTSDIR}/net/py-dpkt \
+		${PYTHON_PKGNAMEPREFIX}ipy>0:${PORTSDIR}/net-mgmt/py-ipy \
+		${PYTHON_PKGNAMEPREFIX}pypcap>0:${PORTSDIR}/net/py-pypcap
+
+USE_GITHUB=	yes
+USES=		python
+
+GH_ACCOUNT=	USArmyResearchLab
+GH_PROJECT=	Dshell
+GH_TAGNAME=	${GH_COMMIT}
+GH_COMMIT=	46e691c
+
+OPTIONS_DEFINE=	DOCS
+
+.include <bsd.port.options.mk>
+
+post-patch:
+.for f in bin/generate-dshellrc.py doc/generate-doc.sh
+	${REINPLACE_CMD} -e 's|/bin/bash|${LOCALBASE}/bin/bash|' ${WRKSRC}/${f}
+.endfor
+
+post-build:
+	${RM} -rf ${WRKSRC}/lib/${PYTHON_VERSION}
+	${REINPLACE_CMD} -e 's|${WRKSRC}|${ETCDIR}|' ${WRKSRC}/dshell ${WRKSRC}/dshell-decode
+	${REINPLACE_CMD} -e 's|BINPATH=${WRKSRC}/bin|BINPATH=${PREFIX}/libexec/dshell|' \
+		-e 's|DSHELL=${WRKSRC}|DSHELL=${PYTHON_SITELIBDIR}|' \
+		-e 's|DATAPATH=${WRKSRC}/share|DATAPATH=${DATADIR}|' \
+		-e 's|DECODERPATH=${WRKSRC}/decoders|DECODERPATH=${PYTHON_SITELIBDIR}/dshell/decoders|' \
+		-e 's|LIBPATH=${WRKSRC}/lib|LIBPATH=${PYTHON_SITELIBDIR}/dshell|' \
+		${WRKSRC}/.dshellrc
+	(cd ${WRKSRC}/doc; ${REINPLACE_CMD} -e 's|${WRKSRC}|${PYTHON_SITELIBDIR}/dshell|g' *.html)
+
+do-install:
+.for f in dshell dshell-decode
+	${INSTALL_SCRIPT} ${WRKSRC}/${f} ${STAGEDIR}/${PREFIX}/bin
+.endfor
+	${MKDIR} ${STAGEDIR}/${PREFIX}/libexec/dshell
+.for f in decode.py pcapanon.py
+	${INSTALL_SCRIPT} ${WRKSRC}/bin/${f} ${STAGEDIR}/${PREFIX}/libexec/dshell
+.endfor
+	(cd ${STAGEDIR}/${PREFIX}/libexec/dshell; \
+		${LN} -sf decode.py decode)
+	${MKDIR} ${STAGEDIR}/${PREFIX}/etc/dshell
+	${INSTALL_DATA} ${WRKSRC}/.dshellrc ${STAGEDIR}/${PREFIX}/etc/dshell
+	(cd ${WRKSRC}/lib; ${COPYTREE_SHARE} . ${STAGEDIR}/${PYTHON_SITELIBDIR}/dshell)
+	(cd ${WRKSRC}/decoders; ${COPYTREE_SHARE} . ${STAGEDIR}/${PYTHON_SITELIBDIR}/dshell/decoders)
+.if ${PORT_OPTIONS:MDOCS}
+	${MKDIR} ${STAGEDIR}/${DOCSDIR}
+	${INSTALL_DATA} ${WRKSRC}/README.md ${STAGEDIR}/${DOCSDIR}
+	(cd ${WRKSRC}/doc; ${COPYTREE_SHARE} . ${STAGEDIR}/${DOCSDIR} "-name *\.html")
+.endif
+	${MKDIR} ${STAGEDIR}/${DATADIR}/GeoIP
+
+.include <bsd.port.mk>
diff --git a/net/dshell/distinfo b/net/dshell/distinfo
new file mode 100644
index 000000000000..fd54b281a13d
--- /dev/null
+++ b/net/dshell/distinfo
@@ -0,0 +1,2 @@
+SHA256 (dshell-3.0.20150220.tar.gz) = c2e796082b2d3fc531d7f826965627a1dd526c541522b508fdbbebbcb0b36a69
+SIZE (dshell-3.0.20150220.tar.gz) = 70850
diff --git a/net/dshell/files/patch-Makefile b/net/dshell/files/patch-Makefile
new file mode 100644
index 000000000000..e810386e905b
--- /dev/null
+++ b/net/dshell/files/patch-Makefile
@@ -0,0 +1,11 @@
+--- Makefile.orig	2015-02-04 22:30:21.000000000 +0900
++++ Makefile	2015-02-04 22:30:50.000000000 +0900
+@@ -15,7 +15,7 @@
+ initpy:
+ 	find $(PWD)/decoders -type d -not -path \*.svn\* -print -exec touch {}/__init__.py \;
+ 
+-pydoc:
++pydoc: rc
+ 	(cd $(PWD)/doc && ./generate-doc.sh $(PWD) ) 
+ 
+ clean: clean_pyc 
diff --git a/net/dshell/pkg-descr b/net/dshell/pkg-descr
new file mode 100644
index 000000000000..c28345225426
--- /dev/null
+++ b/net/dshell/pkg-descr
@@ -0,0 +1,12 @@
+DShell is an extensible network forensic analysis framework.
+Enables rapid development of plugins to support the dissection of
+network packet captures.
+
+Key features:
+
+Robust stream reassembly
+IPv4 and IPv6 support
+Custom output handlers
+Chainable decoders
+
+WWW: https://github.com/USArmyResearchLab/Dshell
diff --git a/net/dshell/pkg-message b/net/dshell/pkg-message
new file mode 100644
index 000000000000..638854c51561
--- /dev/null
+++ b/net/dshell/pkg-message
@@ -0,0 +1,9 @@
+======================================================================
+
+To use the GeoIP Databases from DShell, please download GeoIP.dat,
+GeoIPv6.dat, GeoIPASNum.dat, GeoIPASNumv6.dat from the following URL
+and place them into ${PREFIX}/share/dshell/GeoIP.
+
+http://dev.maxmind.com/geoip/legacy/geolite/
+
+======================================================================
diff --git a/net/dshell/pkg-plist b/net/dshell/pkg-plist
new file mode 100644
index 000000000000..095699263ddd
--- /dev/null
+++ b/net/dshell/pkg-plist
@@ -0,0 +1,132 @@
+bin/dshell
+bin/dshell-decode
+%%ETCDIR%%/.dshellrc
+libexec/dshell/decode.py
+libexec/dshell/decode
+libexec/dshell/pcapanon.py
+%%PYTHON_SITELIBDIR%%/dshell/dfile.py
+%%PYTHON_SITELIBDIR%%/dshell/dfile.pyc
+%%PYTHON_SITELIBDIR%%/dshell/dnsdecoder.py
+%%PYTHON_SITELIBDIR%%/dshell/dnsdecoder.pyc
+%%PYTHON_SITELIBDIR%%/dshell/dshell.py
+%%PYTHON_SITELIBDIR%%/dshell/dshell.pyc
+%%PYTHON_SITELIBDIR%%/dshell/httpdecoder.py
+%%PYTHON_SITELIBDIR%%/dshell/httpdecoder.pyc
+%%PYTHON_SITELIBDIR%%/dshell/util.py
+%%PYTHON_SITELIBDIR%%/dshell/util.pyc
+%%PYTHON_SITELIBDIR%%/dshell/decoders/__init__.py
+%%PYTHON_SITELIBDIR%%/dshell/decoders/dns/__init__.py
+%%PYTHON_SITELIBDIR%%/dshell/decoders/dns/dns-asn.py
+%%PYTHON_SITELIBDIR%%/dshell/decoders/dns/dns-asn.pyc
+%%PYTHON_SITELIBDIR%%/dshell/decoders/dns/dns-cc.py
+%%PYTHON_SITELIBDIR%%/dshell/decoders/dns/dns-cc.pyc
+%%PYTHON_SITELIBDIR%%/dshell/decoders/dns/dns.py
+%%PYTHON_SITELIBDIR%%/dshell/decoders/dns/dns.pyc
+%%PYTHON_SITELIBDIR%%/dshell/decoders/dns/innuendo-dns.py
+%%PYTHON_SITELIBDIR%%/dshell/decoders/dns/innuendo-dns.pyc
+%%PYTHON_SITELIBDIR%%/dshell/decoders/dns/reservedips.py
+%%PYTHON_SITELIBDIR%%/dshell/decoders/dns/reservedips.pyc
+%%PYTHON_SITELIBDIR%%/dshell/decoders/filter/__init__.py
+%%PYTHON_SITELIBDIR%%/dshell/decoders/filter/country.py
+%%PYTHON_SITELIBDIR%%/dshell/decoders/filter/country.pyc
+%%PYTHON_SITELIBDIR%%/dshell/decoders/filter/snort.py
+%%PYTHON_SITELIBDIR%%/dshell/decoders/filter/snort.pyc
+%%PYTHON_SITELIBDIR%%/dshell/decoders/filter/track.py
+%%PYTHON_SITELIBDIR%%/dshell/decoders/filter/track.pyc
+%%PYTHON_SITELIBDIR%%/dshell/decoders/flows/__init__.py
+%%PYTHON_SITELIBDIR%%/dshell/decoders/flows/large-flows.py
+%%PYTHON_SITELIBDIR%%/dshell/decoders/flows/large-flows.pyc
+%%PYTHON_SITELIBDIR%%/dshell/decoders/flows/long-flows.py
+%%PYTHON_SITELIBDIR%%/dshell/decoders/flows/long-flows.pyc
+%%PYTHON_SITELIBDIR%%/dshell/decoders/flows/netflow.py
+%%PYTHON_SITELIBDIR%%/dshell/decoders/flows/netflow.pyc
+%%PYTHON_SITELIBDIR%%/dshell/decoders/ftp/__init__.py
+%%PYTHON_SITELIBDIR%%/dshell/decoders/ftp/ftp.py
+%%PYTHON_SITELIBDIR%%/dshell/decoders/ftp/ftp.pyc
+%%PYTHON_SITELIBDIR%%/dshell/decoders/http/__init__.py
+%%PYTHON_SITELIBDIR%%/dshell/decoders/http/httpdump.py
+%%PYTHON_SITELIBDIR%%/dshell/decoders/http/httpdump.pyc
+%%PYTHON_SITELIBDIR%%/dshell/decoders/http/rip-http.py
+%%PYTHON_SITELIBDIR%%/dshell/decoders/http/rip-http.pyc
+%%PYTHON_SITELIBDIR%%/dshell/decoders/http/web.py
+%%PYTHON_SITELIBDIR%%/dshell/decoders/http/web.pyc
+%%PYTHON_SITELIBDIR%%/dshell/decoders/misc/__init__.py
+%%PYTHON_SITELIBDIR%%/dshell/decoders/misc/followstream.py
+%%PYTHON_SITELIBDIR%%/dshell/decoders/misc/followstream.pyc
+%%PYTHON_SITELIBDIR%%/dshell/decoders/misc/grep.py
+%%PYTHON_SITELIBDIR%%/dshell/decoders/misc/grep.pyc
+%%PYTHON_SITELIBDIR%%/dshell/decoders/misc/merge.py
+%%PYTHON_SITELIBDIR%%/dshell/decoders/misc/merge.pyc
+%%PYTHON_SITELIBDIR%%/dshell/decoders/misc/synrst.py
+%%PYTHON_SITELIBDIR%%/dshell/decoders/misc/synrst.pyc
+%%PYTHON_SITELIBDIR%%/dshell/decoders/misc/writer.py
+%%PYTHON_SITELIBDIR%%/dshell/decoders/misc/writer.pyc
+%%PYTHON_SITELIBDIR%%/dshell/decoders/misc/xor.py
+%%PYTHON_SITELIBDIR%%/dshell/decoders/misc/xor.pyc
+%%PYTHON_SITELIBDIR%%/dshell/decoders/protocol/__init__.py
+%%PYTHON_SITELIBDIR%%/dshell/decoders/protocol/ether.py
+%%PYTHON_SITELIBDIR%%/dshell/decoders/protocol/ether.pyc
+%%PYTHON_SITELIBDIR%%/dshell/decoders/protocol/ip.py
+%%PYTHON_SITELIBDIR%%/dshell/decoders/protocol/ip.pyc
+%%PYTHON_SITELIBDIR%%/dshell/decoders/protocol/protocol.py
+%%PYTHON_SITELIBDIR%%/dshell/decoders/protocol/protocol.pyc
+%%PYTHON_SITELIBDIR%%/dshell/decoders/templates/PacketDecoder.py
+%%PYTHON_SITELIBDIR%%/dshell/decoders/templates/PacketDecoder.pyc
+%%PYTHON_SITELIBDIR%%/dshell/decoders/templates/SessionDecoder.py
+%%PYTHON_SITELIBDIR%%/dshell/decoders/templates/SessionDecoder.pyc
+%%PYTHON_SITELIBDIR%%/dshell/decoders/templates/__init__.py
+%%PYTHON_SITELIBDIR%%/dshell/output/colorout.py
+%%PYTHON_SITELIBDIR%%/dshell/output/colorout.pyc
+%%PYTHON_SITELIBDIR%%/dshell/output/csvout.py
+%%PYTHON_SITELIBDIR%%/dshell/output/csvout.pyc
+%%PYTHON_SITELIBDIR%%/dshell/output/jsonout.py
+%%PYTHON_SITELIBDIR%%/dshell/output/jsonout.pyc
+%%PYTHON_SITELIBDIR%%/dshell/output/netflowout.py
+%%PYTHON_SITELIBDIR%%/dshell/output/netflowout.pyc
+%%PYTHON_SITELIBDIR%%/dshell/output/output.py
+%%PYTHON_SITELIBDIR%%/dshell/output/output.pyc
+%%PYTHON_SITELIBDIR%%/dshell/output/xmlout.py
+%%PYTHON_SITELIBDIR%%/dshell/output/xmlout.pyc
+%%PORTDOCS%%%%DOCSDIR%%/PacketDecoder.html
+%%PORTDOCS%%%%DOCSDIR%%/README.md
+%%PORTDOCS%%%%DOCSDIR%%/SessionDecoder.html
+%%PORTDOCS%%%%DOCSDIR%%/colorout.html
+%%PORTDOCS%%%%DOCSDIR%%/country.html
+%%PORTDOCS%%%%DOCSDIR%%/csvout.html
+%%PORTDOCS%%%%DOCSDIR%%/dfile.html
+%%PORTDOCS%%%%DOCSDIR%%/dns-asn.html
+%%PORTDOCS%%%%DOCSDIR%%/dns-cc.html
+%%PORTDOCS%%%%DOCSDIR%%/dns.html
+%%PORTDOCS%%%%DOCSDIR%%/dnsdecoder.html
+%%PORTDOCS%%%%DOCSDIR%%/dshell.html
+%%PORTDOCS%%%%DOCSDIR%%/ether.html
+%%PORTDOCS%%%%DOCSDIR%%/followstream.html
+%%PORTDOCS%%%%DOCSDIR%%/ftp.html
+%%PORTDOCS%%%%DOCSDIR%%/grep.html
+%%PORTDOCS%%%%DOCSDIR%%/httpdecoder.html
+%%PORTDOCS%%%%DOCSDIR%%/httpdump.html
+%%PORTDOCS%%%%DOCSDIR%%/innuendo-dns.html
+%%PORTDOCS%%%%DOCSDIR%%/ip.html
+%%PORTDOCS%%%%DOCSDIR%%/jsonout.html
+%%PORTDOCS%%%%DOCSDIR%%/large-flows.html
+%%PORTDOCS%%%%DOCSDIR%%/long-flows.html
+%%PORTDOCS%%%%DOCSDIR%%/merge.html
+%%PORTDOCS%%%%DOCSDIR%%/netflow.html
+%%PORTDOCS%%%%DOCSDIR%%/netflowout.html
+%%PORTDOCS%%%%DOCSDIR%%/output.html
+%%PORTDOCS%%%%DOCSDIR%%/protocol.html
+%%PORTDOCS%%%%DOCSDIR%%/reservedips.html
+%%PORTDOCS%%%%DOCSDIR%%/rip-http.html
+%%PORTDOCS%%%%DOCSDIR%%/snort.html
+%%PORTDOCS%%%%DOCSDIR%%/synrst.html
+%%PORTDOCS%%%%DOCSDIR%%/track.html
+%%PORTDOCS%%%%DOCSDIR%%/util.html
+%%PORTDOCS%%%%DOCSDIR%%/web.html
+%%PORTDOCS%%%%DOCSDIR%%/writer.html
+%%PORTDOCS%%%%DOCSDIR%%/xmlout.html
+%%PORTDOCS%%%%DOCSDIR%%/xor.html
+@dir %%DATADIR%%/GeoIP
+@dir %%DATADIR%%
+@dir %%PYTHON_SITELIBDIR%%/dshell
+@dir libexec/dshell
+@dir etc/dshell