Xtables-addons is a set of additional extensions for the Xtables packet filter that is present in the Linux kernel (which is loosely known by its administrative commands iptables/ip6tables/etc.).

Xtables-addons succeeds the older patch-o-matic and patch-o-matic-ng packages. Likewise, it contains extensions that were not, or are not yet, accepted in the main kernel/iptables packages.

Xtables-addons is different from patch-o-matic in that the kernel need not be patched or recompiled, and usually, recompiling iptables is not necessary either. See the INSTALL file within the source package for the minimum requirements.

patch-o-matic had a number of properties I had found to be a bother:



Send anything Xtables-addons related to the netfilter-devel list that is handled through vger.kernel.org. Subscribing to the list is not necessary, just post to the address, which is netfilter-devel in front of the AT sign, and vger.kernel.org after that.

Additional material