Hi Afshin, patch-o-matic is a set of patches that: - apply changes pending for inclusion to the kernel tree - apply functionality/bugfixes which have been submitted to the kernel, and which you may not have with your running kernel - add new features/targets/matches written by people from around the world that may prove useful. It's a way to make your netfilter firewall a swiss army knife. It includes features known from other firewall solutions, and some totally unknown. Thanks to the modularity and opensource character :)) > Is it necessarily needed or only provides additional functionalities? Well, sometimes its patches are needed, if you need eg. amanda nat module, quake conntrack modules, mms, h.323 modules, pptp modules, or the ability to change the conntrack timeouts on the fly via /proc Regards, Maciej Soltysiak
