iptables is built on top of netfilter, the packet alteration framework for Linux 2.4.x and 2.6.x. It is a major rewrite of its predecessor ipchains, and is used to control packet filtering, Network Address Translation (masquerading, portforwarding, transparent proxying), and special effects such as packet mangling.
conntrack-tools is a set of userspace tools for Linux that allow system administrators to interact with the Connection Tracking System, the module which provides stateful packet inspection for iptables. It includes the userspace daemon conntrackd and the commandline interface conntrack.
The MultiAdmin security framework kernel module provides a means to have multiple "root" users with unique UIDs. This bypasses collation order problems with NSCD, allows you to have files with unique owners, and allows you to track the quota usage for every "real" user. It also implements a "sub-admin", a partially restricted root user who has full read-only access to most subsystems, but write rights only to a limited subset, for example writing to files or killing processes only of certain users.
libmnl is a minimalistic user-space library for Netlink developers. There are a lot of common tasks involved in parsing, validating, and constructing both the Netlink header and TLVs that are repetitive and easy to get wrong. This library aims to provide simple helpers that allow you to re-use code and avoid re-inventing the wheel.
systemd is a system and service manager for Linux, compatible with SysV and LSB init scripts. It provides aggressive parallelization capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, keeps track of processes using Linux cgroups, supports snapshotting and restoring of the system state, maintains mount and automount points, and implements an elaborate transactional dependency-based service control logic. It can work as a drop-in replacement for sysvinit.
parkverbot is a daemon that prevents hard disk head parking in rotational media. Modern rotational hard disks have a misfeature involving the regular automatic unloading of the heads, measurable by the SMART attribute "Load_Cycle_Count". This causes latency on wake-up amongst other issues (and it cannot always be turned off). The parkverbot daemon will periodically issue small read requests in order to keep the hardware from going to its head-unloaded idle state.
libnetfilter_cttimeout is an interface to Netfilter Connection Tracking timeouts. It provides a userspace library which provides a programming interface to the fine-grained connection tracking timeout infrastructure. With this library, you can create, update, and delete timeout policies which can be attached to traffic flows.
dwarves is a set of tools to inspect the DWARF debugging information inserted in ELF binaries by compilers such as GCC, and which are used by well-known debuggers such as GDB and more recent ones such as systemtap. With pahole, the struct packing and cacheline efficiency can be inspected.
Wayland is a protocol for a compositor to talk to its clients, as well as a C library implementation of that protocol. The compositor can be a standalone display server running on Linux kernel modesetting and evdev input devices, an X application, or a wayland client itself. The clients can be traditional applications, X servers (rootless or fullscreen), or other display servers.