Search Results for "firewall rule"
Sort By:
Showing 50 open source projects for "firewall rule"
View related business solutions-
MongoDB Atlas runs apps anywhereMongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.
-
Train ML Models With SQL You Already KnowBuild and deploy ML models using familiar SQL. Automate data prep with built-in Gemini. Query 1 TB and store 10 GB free monthly.
-
1
OpenSnitch
OpenSnitch is a GNU/Linux port of the Little Snitch firewall
...Double click on a row to view the details of a process, rule, host or user. Once you know which are the common processes, IPs and hosts that your machine is connecting to, you can start creating permanent rules (Duration: always) to deny or allow them. You can also convert temporary rules to permanent by right-clicking on a temporary rule or by double-clicking on it, and then edit it. By default OpenSnitch UI listens on a local Unix socket in /tmp/osui.sock. -
2
Coraza
OWASP Coraza WAF is a golang modsecurity compatible firewall library
Coraza is an open-source, enterprise-grade, high-performance Web Application Firewall (WAF) ready to protect your beloved applications. It is written in Go, supports ModSecurity SecLang rulesets and is 100% compatible with the OWASP Core Rule Set. Coraza is a drop-in alternative to replace the soon-to-be abandoned Trustwave ModSecurity Engine and supports industry-standard SecLang rule sets. Coraza runs the OWASP Core Rule Set (CRS) to protect your web applications from a wide range of attacks, including the OWASP Top Ten, with a minimum of false alerts. ... -
3
simplewall
Simple tool to configure Windows Filtering Platform (WFP)
...Because simplewall leverages WFP directly, it operates at a low level in the network stack, ensuring reliable enforcement of rules system-wide while remaining lightweight. It also includes optional modes like blocking all inbound or outbound traffic except what’s explicitly allowed, and supports temporary rule application, logging, and diagnostic views to help users understand what traffic is being blocked or permitted. -
4
LuLu
LuLu is the free open-source macOS firewall
LuLu is a free, open-source firewall for macOS developed by Objective-See. It blocks unauthorized outgoing network connections, allowing users to monitor and control which applications can transmit data externally. Designed for privacy and security, LuLu provides real-time prompts, rule-based filtering, and an intuitive interface, making it a valuable tool for Mac users seeking visibility over their system’s network behavior. -
Go From AI Idea to AI App FastAccess Gemini 3 and 200+ models. Build chatbots, agents, or custom models with built-in monitoring and scaling.
-
5
ProxySQL
A high-performance MySQL proxy
...It was created due to a lack of high performance open source proxies, and is able to scale millions of connections across hundreds of thousands of backend servers, all while getting the freedom of being open source. ProxySQL provides end-to-end MySQL connection handling, real-time statistics and database traffic inspection. It's got failover detection, rich query rule definitions, and a database firewall that protects your database from malicious activity or problematic application deployments. ProxySQL is trusted by numerous organizations throughout the world to meet their MySQL scalability and High Availability goals. -
6
OpenWrt PassWall
OpenWRT plugin that provides proxy routing management
openwrt-passwall is a comprehensive OpenWRT plugin that provides proxy routing management for internet traffic. It integrates with various tools and protocols like Shadowsocks, V2Ray, XRay, and Trojan to bypass censorship and optimize network performance. Designed for advanced users and network administrators, Passwall features a full-featured web UI and dynamic rules for routing and DNS control. -
7
ngx_waf
Handy, High performance, ModSecurity compatible Nginx firewall module
Handy, High-performance Nginx firewall module. Such as black and white list of IPs or IP range, uri black and white list, and request body black list, etc. Directives and rules are easy to write and readable. The IP detection is a constant-time operation. Most of the remaining inspections use caching to improve performance. Compatible with ModSecurity's rules, you can use OWASP ModSecurity Core Rule Set. -
8
ModSecurity Nginx Connector
ModSecurity v3 Nginx Connector
ModSecurity-nginx is the connector that embeds the ModSecurity v3 (libmodsecurity) web application firewall engine into NGINX. It integrates WAF processing into the NGINX request/response phases, allowing rules to inspect headers, bodies, and even streaming request data before it reaches upstream apps. Operators can load the OWASP Core Rule Set or custom rules to detect and block common attacks such as SQLi, XSS, RCE patterns, and protocol anomalies. -
9
Zapret
Advanced open source tool for bypassing DPI-based censorship
Zapret is an open source, cross-platform tool designed to help users bypass and evade Deep Packet Inspection (DPI)-based traffic blocking and censorship systems. Rather than acting as a traditional proxy or VPN, it works by manipulating network packets and traffic streams locally to confuse or disrupt DPI mechanisms used by ISPs and network filters, making it possible to access restricted websites and services without relaying traffic through third-party servers. Zapret implements multiple... -
Full-stack observability with actually useful AI | Grafana CloudBuilt on open standards like Prometheus and OpenTelemetry, Grafana Cloud includes Kubernetes Monitoring, Application Observability, Incident Response, plus the AI-powered Grafana Assistant. Get started with our generous free tier today.
-
10
Nipe
An engine to make Tor network your default gateway
Nipe is a Perl-based engine whose primary aim is to make the Tor network act as the default gateway for outgoing traffic. In practice, it configures system firewall rules (iptables) and network routing so that almost all IPv4 traffic is redirected through Tor. The tool provides commands such as install, start, stop, restart, and status to manage its behavior. When “start” is issued, it sets up the necessary rules; when “stop” is used, it attempts to remove those rules. Nipe currently... -
11
UUSEC WAF
AI and semantic technology Web Application Firewall
UUSEC WAF Web Application Firewall is an industrial grade free, high-performance, and highly scalable web application and API security protection product that supports AI and semantic engines. It is a comprehensive website protection product launched by UUSEC Technology, which first realizes the three-layer defense function of traffic layer, system layer, and runtime layer. -
12
boundman
Add rule to windows firewall to block inbound and outbound traffic
Boundman is an advanced, user-friendly, and sleek application designed to take control over your network connections. It allows you to efficiently manage and block incoming and outgoing traffic for specific .exe files contained within a chosen folder and its subfolders. With its intuitive PyQt5 graphical interface and robust PowerShell scripts, Boundman provides seamless integration with the Windows Firewall for a powerful network management experience. -
13
FancySS
fancyss is a project for bypassing the Great Firewall (GFW)
Fancyss is a “scientific Internet access / bypassing censorship” toolkit targeted principally to Asus routers running AsusWRT or Merlin-based firmware. The project provides a plugin suite (with “software center” integration) so that home routers can run proxy or tunneling tools (e.g. V2Ray) to circumvent firewall or censorship (“GFW” in the Chinese context). Because it integrates into the router’s firmware environment, fancyss automates configuration, routing, and firewall rules to minimize... -
14
sWAF
A simple Web Application Firewall docker image
sWAF is a simple Web Application Firewall docker image, pre-configured to be easily used within your web services architecture. It runs NGINX as a dedicated reverse proxy embedding powerful WAF engines: ModSecurity 3, using OWASP® ModSecurity Core Rule Set (CRS) rules, and NAXSI. It uses acme.sh for Let's Encrypt and other free CA support. A lot of people are self-hosting their own cloud infrastructure (using Nextcloud, Synology, QNAP, a cloud lease server or home-made solutions...), but we can never be too much paranoid about web security for a lot of good reasons. ... -
15
IP-Array
An iptables IPv4 firewall and traffic shaping program
A Linux IPv4 iptables firewall and traffic shaper. It allows flexible rule creation, while also shipping with presets for common needs. Rules are written in simple XML, allowing various ways to group and nest the arguments. An interactive mode is available in order to build configuration files in a wizard based manner. Extensive documentation is also included. -
16
OWASP ModSecurity CRS
OWASP ModSecurity Core Rule Set (CRS) Project
The OWASP ModSecurity Core Rule Set (CRS) is a curated, generic Web Application Firewall rule set that detects and blocks common attack categories across most web apps. It focuses on broad protection—SQL injection, cross-site scripting, local/remote file inclusion, command injection, and protocol violations—without requiring app-specific knowledge. Rules are organized into paranoia levels so operators can tune detection aggressiveness and balance false positives against coverage. ... -
17
WinFire
Create and delete block rules for the Windows firewall
...Rules will be created using the management prefix 'WinFire' for single application executable or all application executables/'types defined' within a directory and subdirectories (recursive). * These block rules are shown ticked/selected in "...Windows Firewall\Allowed Programs". It's OK, the application isn't being allowed, just showing that the block rule is enabled. Remember that a WinFire prefix firewall rule is always a block rule. "...Windows Firewall\Allowed Programs" doesn't show what is a block or allow rule. Use "Windows Firewall with Advanced Security". WinFire (this tool) has no affiliation with Microsoft, Microsoft's subsidiaries or any other product using the name or part thereof 'WinFire'. -
18
Vuurmuur is a powerful firewall manager for Linux/iptables. Vuurmuur supports traffic shaping and live monitoring. It has an easy to learn configuration that allows both simple and complex configurations, and can be fully configured through the Ncurses GUI. Vuurmuur supports NAT, Port Forwarding and has IPv6 support.
-
19
360-FAAR Firewall Analysis Audit Repair
360-FAAR Analyze FW1 Cisco Netscreen Policy Offline Using Config/Logs
360-FAAR (Firewall Analysis Audit and Repair) is an offline, command line, firewall policy manipulation tool to filter, compare to logs, merge, translate and output firewall commands for new policies, in Checkpoint dbedit, Cisco ASA or ScreenOS commands, and its one file! Read Policy and Logs for: Checkpoint FW1 (in odumper.csv / logexport format), Netscreen ScreenOS (in get config / syslog format), Cisco ASA (show run / syslog format), 360-FAAR compares firewall policies and uses CIDR and text filters to split rulebases / policies into target sections and identify connectivity for further analysis. 360-FAAR supports, policy to log association, object translation, rulebase reordering and simplification, rule moves and duplicate matching automatically. ... -
20
lua-resty-waf
High-performance WAF built on the OpenResty stack
lua-resty-waf is a web application firewall implemented in Lua for OpenResty/NGINX, designed to run inline at the edge with low overhead. It inspects requests and responses during NGINX phases, applying rule logic and anomaly scoring to detect patterns like SQL injection, cross-site scripting, and protocol abuse. Rules are organized into policies with configurable actions—block, log, or allow—and can leverage shared dictionaries for counters, rate limits, and caching decisions. ... -
21
ngx_lua_waf
ngx_lua_waf
ngx_lua_waf is a web application firewall (WAF) module written in Lua for use with OpenResty (Nginx + Lua). It provides protection against common web attacks such as SQL injection, XSS, file uploads, and malicious bots. The WAF is rule-based, easily configurable, and lightweight, offering real-time defense with minimal performance overhead. -
22
BotBlocks
BotBlocks block malicious IP address in windows machine
This is a Microsoft Windows Application,the purpose of this tool is to detect the botnet,normally when you have infected with a malware etc..they create a connection back to their command and control server, this tool will monitor the tcp traffic of your machine and it will let you know if you are knowingly or unknowingly contacting a malicious IP address, the tool will made this decision based on the database attached to it(I have collected these malicious IP address through various internet sources and from my personal exepreince, so there can be false positives but users can edit and update this db by using a sqlite db browser),as soon as the tool detect a malicious traffic it will pop up a window so user has a choice to either block it or whitelist it, if user choose block it will terminate the existing connection and create windows firewall rule to block ,if user choose whitelist it will ignore further communication to this IP address.It will also create a log file inside the "C:\ -
23
SSH System Administration Tool
SSH Java client GUI for Unix, Linux administration and monitoring
Raanan Zion https://au.linkedin.com/pub/raanan-zion/88/7b9/255 ssh Java interface for Unix, Linux and MS Windows system administration and monitoring. Automates firewall rule checks; exporting the results into Excel. Allows you to run multiple Unix commands on multiple servers simultaneously. Captures your network traces (on the port/ports and interface/interfaces of your choice) and at at a click of a button copies them back to your desktop opening. Remotely monitor your servers in a real time dashboard displaying CPU and RAM. ... -
24
Intrusion Detection and Defense System
Intrusion Detection and Defense System for windows
Its a light weight Intrusion detection and defense system works with windows firewall to protect any windows operating system from attacks that are intended to hack the server or provide any operational damage. By keeping eye on network activities and event viewer logs, ServerCloak capture and log any failed/denied inbound calls from IPv4 as well as IPv6. Once the calls reaches its limit, the service immediately tells windows firewall to block the attacking IP by adding a denial inbound firewall rule. ... -
25
nsis-liteFirewall
Added Find firewall rule
Added a function FindFWRule to detect firewall rule for windows firewall Ref: http://liangsun.org/portfolio/nsis-plugin-litefirewall/
