diff --git a/xtables-addons/Makefile b/xtables-addons/Makefile
index 789082703..c5e2c3f8a 100644
--- a/xtables-addons/Makefile
+++ b/xtables-addons/Makefile
@@ -9,9 +9,9 @@ include $(TOPDIR)/rules.mk
 include $(INCLUDE_DIR)/kernel.mk
 
 PKG_NAME:=xtables-addons
-PKG_VERSION:=3.19
-PKG_RELEASE:=$(AUTORELEASE)
-PKG_HASH:=5e36ea027ab15a84d9af1f3f8e84a78b80a617093657f08089bd44657722f661
+PKG_VERSION:=3.13
+PKG_RELEASE:=4
+PKG_HASH:=893c0c4ea09759cda1ab7e68f1281d125e59270f7b59e446204ce686c6a76d65
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
 PKG_SOURCE_URL:=https://inai.de/files/xtables-addons/
@@ -162,7 +162,7 @@ define Package/iptgeoip/install
 		$(1)/usr/lib/xtables-addons/
 	$(INSTALL_DIR) $(1)/usr/bin
 	$(CP) \
-		$(PKG_INSTALL_DIR)/usr/bin/xt_geoip_query \
+		$(PKG_INSTALL_DIR)/usr/bin/xt_geoip_fetch \
 		$(1)/usr/bin/
 	$(INSTALL_DIR) $(1)/usr/share/xt_geoip
 	touch $(1)/usr/share/xt_geoip/.keep
diff --git a/xtables-addons/patches/001-fix-kernel-version-detection.patch b/xtables-addons/patches/001-fix-kernel-version-detection.patch
index 624fa4d9b..775ccf657 100644
--- a/xtables-addons/patches/001-fix-kernel-version-detection.patch
+++ b/xtables-addons/patches/001-fix-kernel-version-detection.patch
@@ -1,8 +1,8 @@
 --- a/configure.ac
 +++ b/configure.ac
-@@ -42,7 +42,7 @@ regular_CFLAGS="-Wall -Waggregate-return
+@@ -44,7 +44,7 @@ regular_CFLAGS="-Wall -Waggregate-return
  
- AS_IF([test -n "$kbuilddir"], [
+ if test -n "$kbuilddir"; then
  	AC_MSG_CHECKING([kernel version that we will build against])
 -	krel="$(make -sC "$kbuilddir" M=$PWD kernelrelease | $AWK -v 'FS=[[^0-9.]]' '{print $1; exit}')"
 +	krel="$(make -sC "$kbuilddir" M=$PWD kernelversion | $AWK -v 'FS=[[^0-9.]]' '{print $1; exit}')"
diff --git a/xtables-addons/patches/200-add-lua-packetscript.patch b/xtables-addons/patches/200-add-lua-packetscript.patch
index c815e1a6a..6f68802fe 100644
--- a/xtables-addons/patches/200-add-lua-packetscript.patch
+++ b/xtables-addons/patches/200-add-lua-packetscript.patch
@@ -1137,7 +1137,7 @@
 +	struct xt_lua_tginfo *info = (void *)target->data;
 +
 +	info->state_id = 0;
-+	strcpy(info->function, "process_packet\0");
++	strncpy(info->function, "process_packet\0", sizeof("process_packet\0"));
 +}
 +
 +static int
@@ -5301,7 +5301,7 @@
 +      case OP_FORLOOP:
 +      case OP_FORPREP:
 +        checkreg(pt, a+3);
-+        fallthrough;
++        /* go through */
 +      case OP_JMP: {
 +        int dest = pc+1+b;
 +        /* not full check and jump is forward and do not skip `lastpc'? */
@@ -7716,7 +7716,6 @@
 +        }
 +        else if (sep == -1) return '[';
 +        else luaX_lexerror(ls, "invalid long string delimiter", TK_STRING);
-+        fallthrough;
 +      }
 +      case '=': {
 +        next(ls);
@@ -7810,6 +7809,7 @@
 +  lua_assert(ls->lookahead.token == TK_EOS);
 +  ls->lookahead.token = llex(ls, &ls->lookahead.seminfo);
 +}
++
 --- /dev/null
 +++ b/extensions/LUA/lua/llex.h
 @@ -0,0 +1,81 @@
@@ -12471,7 +12471,7 @@
 +      lua_number2int(k, n);
 +      if (luai_numeq(cast_num(k), nvalue(key))) /* index is int? */
 +        return luaH_getnum(t, k);  /* use specialized version */
-+      fallthrough;
++      /* else go through */
 +    }
 +    default: {
 +      Node *n = mainposition(t, key);
@@ -12766,7 +12766,7 @@
 +  if (!lua_isstring(L, -1))
 +    luaL_error(L, "invalid value (%s) at index %d in table for "
 +                  LUA_QL("concat"), luaL_typename(L, -1), i);
-+  luaL_addvalue(b);
++    luaL_addvalue(b);
 +}
 +
 +
@@ -17927,7 +17927,7 @@
 +
 +	L = lua_envs[info->state_id]->L;
 +
-+	if (!skb_make_writable(pskb, pskb->len))
++	if (!skb_ensure_writable(pskb, pskb->len))
 +		return NF_DROP;
 +
 +	/* call the function provided by --function parameter or the default 'process_packet' defined in Lua */
@@ -17984,7 +17984,7 @@
 +	int32_t ret;
 +	struct lua_env * env = kmalloc(sizeof(struct lua_env), GFP_KERNEL);
 +
-+	if (!script_size) {
++	if (!(script_size > 0)) {
 +		pr_debug("LUA [%d]: script_size %lu < 0\n", state_id, script_size);
 +		return false;
 +	}
@@ -18134,7 +18134,7 @@
 +
 --- a/extensions/Kbuild
 +++ b/extensions/Kbuild
-@@ -28,6 +28,7 @@ obj-${build_pknock}      += pknock/
+@@ -27,6 +27,7 @@ obj-${build_pknock}      += pknock/
  obj-${build_psd}         += xt_psd.o
  obj-${build_quota2}      += xt_quota2.o
  obj-${build_rtsp}        += rtsp/
@@ -18144,14 +18144,14 @@
  -include ${M}/Kbuild.*
 --- a/extensions/Mbuild
 +++ b/extensions/Mbuild
-@@ -23,3 +23,4 @@ obj-${build_pknock}      += pknock/
+@@ -22,3 +22,4 @@ obj-${build_pknock}      += pknock/
  obj-${build_psd}         += libxt_psd.so
  obj-${build_quota2}      += libxt_quota2.so
  obj-${build_gradm}       += libxt_gradm.so
 +obj-${build_LUA}         += LUA/
 --- a/mconfig
 +++ b/mconfig
-@@ -24,3 +24,4 @@ build_pknock=m
+@@ -23,3 +23,4 @@ build_pknock=m
  build_psd=m
  build_quota2=m
  build_rtsp=m
diff --git a/xtables-addons/patches/201-fix-lua-packetscript.patch b/xtables-addons/patches/201-fix-lua-packetscript.patch
index 5a016e2ae..a9fb796d0 100644
--- a/xtables-addons/patches/201-fix-lua-packetscript.patch
+++ b/xtables-addons/patches/201-fix-lua-packetscript.patch
@@ -22,15 +22,6 @@
  {
  	uint32_t  verdict;
  	lua_packet_segment *p;
-@@ -79,7 +79,7 @@ lua_tg(struct sk_buff *pskb, const struc
- 
- 	L = lua_envs[info->state_id]->L;
- 
--	if (!skb_make_writable(pskb, pskb->len))
-+	if (skb_ensure_writable(pskb, pskb->len))
- 		return NF_DROP;
- 
- 	/* call the function provided by --function parameter or the default 'process_packet' defined in Lua */
 @@ -88,11 +88,11 @@ lua_tg(struct sk_buff *pskb, const struc
  	/* push the lua_packet_segment as a parameter */
  	p = (lua_packet_segment *)lua_newuserdata(L, sizeof(lua_packet_segment));
diff --git a/xtables-addons/patches/302-fix-strict-check-warning.patch b/xtables-addons/patches/302-fix-strict-check-warning.patch
new file mode 100644
index 000000000..27d409f1f
--- /dev/null
+++ b/xtables-addons/patches/302-fix-strict-check-warning.patch
@@ -0,0 +1,93 @@
+commit 341132ae81d3531bba093c45f9efc38ab2b19a8c
+Author: Ken Zhu <guigenz@codeaurora.org>
+Date:   Sun Sep 20 17:28:15 2020 -0700
+
+    xtables-addons: fix strict check waring
+
+    stricter check break compiling, fix these issues.
+
+    Change-Id: Ie8feecf713e5eda879cf19faed57fa4724d46023
+    Signed-off-by: Ken Zhu <guigenz@codeaurora.org>
+
+diff -Nur a/extensions/LUA/byte_array.c xtables-addons-2.14/extensions/LUA/byte_array.c
+--- a/extensions/LUA/byte_array.c	2020-09-25 13:59:21.118624846 -0700
++++ xtables-addons-2.14/extensions/LUA/byte_array.c	2020-09-25 14:21:16.187637179 -0700
+@@ -107,12 +107,15 @@
+ static int32_t byte_array_to_string(lua_State *L)
+ {
+ 	lua_packet_segment * array = checkbytearray(L, 1);
+-	uint8_t buf[(array->length * 3) + 255];
++	uint8_t *buf = kmalloc((array->length * 3) + 255,  GFP_KERNEL);
+ 	uint8_t hexval[16] = { '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'a', 'b', 'c', 'd', 'e', 'f' };
+-	char res[255 + (array->length * 3)]; /* make sure the buffer is big enough*/
++	char *res= kmalloc(255 + (array->length * 3),  GFP_KERNEL); /* make sure the buffer is big enough*/
+ 	int32_t i, n;
+ 	uint8_t *ptr = array->start + array->offset;
+ 
++	if (!buf || !res)
++		goto kmalloc_out;
++
+ 	for (i = 0; i < array->length; i++) {
+ 		buf[i * 3] = hexval[(ptr[i] >> 4) & 0xF];
+ 		buf[(i * 3) + 1] = hexval[ptr[i] & 0x0F];
+@@ -124,6 +127,9 @@
+ 
+ 	lua_pushlstring(L, res, n);
+ 
++kmalloc_out:
++	if (buf) kfree(buf);
++	if (res) kfree(res);
+ 	return 1;
+ }
+ 
+diff -Nur a/extensions/LUA/lua/ldebug.c xtables-addons-2.14/extensions/LUA/lua/ldebug.c
+--- a/extensions/LUA/lua/ldebug.c	2020-09-25 13:59:21.118624846 -0700
++++ xtables-addons-2.14/extensions/LUA/lua/ldebug.c	2020-09-25 13:59:48.066359910 -0700
+@@ -412,6 +412,9 @@
+       case OP_FORPREP:
+         checkreg(pt, a+3);
+         /* go through */
++#if __has_attribute(__fallthrough__)
++	__attribute__((__fallthrough__));
++#endif
+       case OP_JMP: {
+         int dest = pc+1+b;
+         /* not full check and jump is forward and do not skip `lastpc'? */
+diff -Nur a/extensions/LUA/lua/llex.c xtables-addons-2.14/extensions/LUA/lua/llex.c
+--- a/extensions/LUA/lua/llex.c	2020-09-25 13:59:21.122624806 -0700
++++ xtables-addons-2.14/extensions/LUA/lua/llex.c	2020-09-25 13:59:48.066359910 -0700
+@@ -365,6 +365,9 @@
+         else if (sep == -1) return '[';
+         else luaX_lexerror(ls, "invalid long string delimiter", TK_STRING);
+       }
++#if __has_attribute(__fallthrough__)
++	__attribute__((__fallthrough__));
++#endif
+       case '=': {
+         next(ls);
+         if (ls->current != '=') return '=';
+diff -Nur a/extensions/LUA/lua/ltable.c xtables-addons-2.14/extensions/LUA/lua/ltable.c
+--- a/extensions/LUA/lua/ltable.c	2020-09-25 13:59:21.118624846 -0700
++++ xtables-addons-2.14/extensions/LUA/lua/ltable.c	2020-09-25 13:59:48.066359910 -0700
+@@ -477,6 +477,9 @@
+         return luaH_getnum(t, k);  /* use specialized version */
+       /* else go through */
+     }
++#if __has_attribute(__fallthrough__)
++	__attribute__((__fallthrough__));
++#endif
+     default: {
+       Node *n = mainposition(t, key);
+       do {  /* check whether `key' is somewhere in the chain */
+diff -Nur a/extensions/LUA/lua/ltablib.c xtables-addons-2.14/extensions/LUA/lua/ltablib.c
+--- a/extensions/LUA/lua/ltablib.c	2020-09-25 13:59:21.122624806 -0700
++++ xtables-addons-2.14/extensions/LUA/lua/ltablib.c	2020-09-25 13:59:48.066359910 -0700
+@@ -137,7 +137,7 @@
+   if (!lua_isstring(L, -1))
+     luaL_error(L, "invalid value (%s) at index %d in table for "
+                   LUA_QL("concat"), luaL_typename(L, -1), i);
+-    luaL_addvalue(b);
++  luaL_addvalue(b);
+ }
+ 
+