Firewall Software for BSD

Browse free open source Firewall software and projects for BSD below. Use the toggles on the left to filter open source Firewall software by OS, license, language, programming language, and project status.

  • Custom VMs From 1 to 96 vCPUs With 99.95% Uptime Icon
    Custom VMs From 1 to 96 vCPUs With 99.95% Uptime

    General-purpose, compute-optimized, or GPU/TPU-accelerated. Built to your exact specs.

    Live migration and automatic failover keep workloads online through maintenance. One free e2-micro VM every month.
    Try Free
  • Train ML Models With SQL You Already Know Icon
    Train ML Models With SQL You Already Know

    BigQuery automates data prep, analysis, and predictions with built-in AI assistance.

    Build and deploy ML models using familiar SQL. Automate data prep with built-in Gemini. Query 1 TB and store 10 GB free monthly.
    Try Free
  • 1
    VTun is the easiest way to create Virtual Tunnels over TCP/IP networks with traffic shaping, compression, and encryption. It supports IP, Ethernet, PPP and other tunnel types. VTun is easily and highly configurable. VPN, Mobile IP, Shaping, etc
    Leader badge
    Downloads: 6,428 This Week
    Last Update:
    See Project
  • 2
    Smoothwall
    Smoothwall is a best-of-breed Internet firewall/router, designed to run on commodity hardware and to provide an easy-to-use administration interface to those using it. Built using open source and Free software, it's distributed under the GNU Public License.
    Leader badge
    Downloads: 1,465 This Week
    Last Update:
    See Project
  • 3

    Privoxy

    HTTP proxy to block ads and customize webpages

    Privoxy is a non-caching web proxy with advanced filtering capabilities for enhancing privacy, modifying web page data and HTTP headers, controlling access, and removing ads and other obnoxious Internet junk. Privoxy has a flexible configuration and can be customized to suit individual needs and tastes. It has application for both stand-alone systems and multi-user networks.
    Leader badge
    Downloads: 551 This Week
    Last Update:
    See Project
  • 4

    UPnP PortMapper

    Manage port forwardings via UPnP

    The UPnP PortMapper can be used to easily manage the port mappings/port forwarding of a UPnP enabled internet gateway/router in the local network.
    Leader badge
    Downloads: 309 This Week
    Last Update:
    See Project
  • $300 Free Credits for Your Google Cloud Projects Icon
    $300 Free Credits for Your Google Cloud Projects

    Start building on Google Cloud with $300 in free credits. No commitment, no credit card required until you're ready to scale.

    Launch your next project with $300 in free Google Cloud credits—no strings attached. Test, build, and deploy without risk. Use your credits across the entire Google Cloud platform to find what works best for your needs. After your credits are used, continue with always-free tier services. Only pay when you're ready to scale. Sign up in minutes and start exploring.
    Start Free Trial
  • 5
    Firewall Builder is a GUI firewall management application for iptables, PF, Cisco ASA/PIX/FWSM, Cisco router ACL and more. Firewall configuration data is stored in a central file that can scale to hundreds of firewalls managed from a single UI. A message from project maintainers: After working on Firewall Builder for many years it is with some sadness that Vadim and I are announcing that we have suspended all development activity for this project. Firewall Builder has been a great project to work on and we have truly appreciated all the support and positive feedback that the user community has provided. Without you we wouldn’t have been able to keep things going this long. You might be wondering why we are doing this... We had an exciting opportunity come up to start a company developing advanced security automation solutions. This was a chance of a lifetime that we just couldn’t pass up and unfortunately it means that we no longer have time available to work on improv
    Downloads: 110 This Week
    Last Update:
    See Project
  • 6
    IPCop Firewall

    IPCop Firewall

    Linux firewall distribution geared towards home and SOHO users.

    The IPCop Firewall is a Linux firewall distribution. It is geared towards home and SOHO users. The IPCop web-interface is very user-friendly and makes usage easy.
    Downloads: 67 This Week
    Last Update:
    See Project
  • 7
    Coraza

    Coraza

    OWASP Coraza WAF is a golang modsecurity compatible firewall library

    Coraza is an open-source, enterprise-grade, high-performance Web Application Firewall (WAF) ready to protect your beloved applications. It is written in Go, supports ModSecurity SecLang rulesets and is 100% compatible with the OWASP Core Rule Set. Coraza is a drop-in alternative to replace the soon-to-be abandoned Trustwave ModSecurity Engine and supports industry-standard SecLang rule sets. Coraza runs the OWASP Core Rule Set (CRS) to protect your web applications from a wide range of attacks, including the OWASP Top Ten, with a minimum of false alerts. CRS protects from many common attack categories including: SQL Injection (SQLi), Cross Site Scripting (XSS), PHP & Java Code Injection, HTTPoxy, Shellshock, Scripting/Scanner/Bot Detection & Metadata & Error Leakages. Coraza is a library at its core, with many integrations to deploy on-premise Web Application Firewall instances.
    Downloads: 8 This Week
    Last Update:
    See Project
  • 8
    Siproxd is a proxy/masquerading daemon for the SIP protocol. It allows SIP clients (softphones & hardphones) to work behind an IP masquerading firewall or router.
    Leader badge
    Downloads: 46 This Week
    Last Update:
    See Project
  • 9
    OWASP ModSecurity CRS

    OWASP ModSecurity CRS

    OWASP ModSecurity Core Rule Set (CRS) Project

    The OWASP ModSecurity Core Rule Set (CRS) is a curated, generic Web Application Firewall rule set that detects and blocks common attack categories across most web apps. It focuses on broad protection—SQL injection, cross-site scripting, local/remote file inclusion, command injection, and protocol violations—without requiring app-specific knowledge. Rules are organized into paranoia levels so operators can tune detection aggressiveness and balance false positives against coverage. An anomaly-scoring model accumulates rule hits per request, enabling nuanced blocking thresholds and easier incident triage. The project ships with extensive documentation, exclusion packages, and testing tools to help tailor deployment for frameworks, CDNs, and APIs. Deployed on engines such as ModSecurity or compatible WAFs, CRS is a widely used baseline for HTTP security in reverse proxies and gateways.
    Downloads: 5 This Week
    Last Update:
    See Project
  • AI-powered service management for IT and enterprise teams Icon
    AI-powered service management for IT and enterprise teams

    Enterprise-grade ITSM, for every business

    Give your IT, operations, and business teams the ability to deliver exceptional services—without the complexity. Maximize operational efficiency with refreshingly simple, AI-powered Freshservice.
    Try it Free
  • 10
    SS5 is a socks server for Linux, Solaris and FreeBSD environment, that implements the SOCKS v4 and v5 protocol.
    Leader badge
    Downloads: 76 This Week
    Last Update:
    See Project
  • 11
    Please see http://firehol.org/ for up-to-date releases and information. FireHOL is a stateful iptables packet filtering firewall configurator. It is abstracted, extensible, easy and powerful. It can handle any kind of firewall, but most importantly, it gives you the means to configure it, the same way you think of it.
    Downloads: 21 This Week
    Last Update:
    See Project
  • 12
    BASE is the Basic Analysis and Security Engine. It is based on the code from the Analysis Console for Intrusion Databases (ACID) project. This application provides a web front-end to query and analyze the alerts coming from a SNORT IDS system.
    Downloads: 14 This Week
    Last Update:
    See Project
  • 13
    SSHGuard

    SSHGuard

    Intelligently block brute-force attacks by aggregating system logs

    SSHGuard protects hosts from brute-force attacks against SSH and other services. It aggregates system logs and blocks repeat offenders using several firewall backends, including iptables, ipfw, and pf.
    Leader badge
    Downloads: 59 This Week
    Last Update:
    See Project
  • 14
    AgentGuard

    AgentGuard

    AgentGuard is a firewall for AI agents

    AgentGuard is a real-time protection layer designed to safeguard AI agents and applications from runaway execution, excessive costs, and unsafe behavior during interaction with large language model APIs. It works by intercepting API calls made by an AI system and continuously monitoring usage, including token consumption and associated costs, allowing developers to enforce strict budget limits. When predefined thresholds are reached, the system can automatically halt execution, trigger alerts, or gracefully terminate processes depending on the configured mode. This makes it particularly valuable in environments where agents operate autonomously and may enter unintended loops or inefficient workflows. The tool integrates directly into existing applications with minimal changes, often requiring only a few lines of code to activate protection. It also supports advanced configurations such as distributed tracking through Redis and webhook notifications for real-time monitoring.
    Downloads: 2 This Week
    Last Update:
    See Project
  • 15
    ModSecurity is a web application firewall that can work either embedded or as a reverse proxy. It provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analysis.
    Downloads: 6 This Week
    Last Update:
    See Project
  • 16
    jNetPcap - A Libpcap Java Binding

    jNetPcap - A Libpcap Java Binding

    A java PCAP and DPI library

    A java wrapper for popular "libpcap" and "WinPcap" libraries. Accurate full API translation. Packet buffers delivered with no copies. Send custom packets, gather statistics. Comprehensive and easily extensible DPI engine.
    Downloads: 8 This Week
    Last Update:
    See Project
  • 17

    SonicReader

    Sonicwall Configuration File Reader

    SonicReader is used to view and save reports of the internals of a Sonicwall Configuration file. This is useful for those people that wish to know the settings within their saved Sonicwall Configs. I have no affiliation with Dell Sonicwall. Please do not contact Dell Sonicwall regarding the use of this program.
    Downloads: 9 This Week
    Last Update:
    See Project
  • 18
    The goal of FireStarter is to provide easy to use, yet powerful, graphical tools for setting up, administrating and monitoring firewalls for Linux machines.
    Downloads: 8 This Week
    Last Update:
    See Project
  • 19
    Enables tunneling of network connections through restrictive HTTP proxies. Features: Portmapping, SOCKS4, SOCKS5, web-based admin interface, possibility to use standalone server (perl) or hosted server (PHP), optional authorization from LDAP or MySQL
    Downloads: 11 This Week
    Last Update:
    See Project
  • 20
    This product is no longer maintained: The author created alternative tools: https://databunker.org/ and https://privacybunker.io/ GreenSQL is a database firewall engine used to protect Open Source Databases from SQL injection attacks. It works in proxy mode. Application logic is based on evaluating of SQL commands using risk score factors, as well as blocking of sensitive commands
    Downloads: 13 This Week
    Last Update:
    See Project
  • 21
    iptoip is a perl script to help maintaining an ipvsadm table on a non fixed ip adress or an intermitent connection
    Downloads: 23 This Week
    Last Update:
    See Project
  • 22

    PHP - Net_RouterOS

    A client for the MikroTik RouterOS API protocol, written in PHP.

    A client for the MikroTik RouterOS API protocol, written in PHP. Easy, tested and documented. All feedback welcomed.
    Downloads: 6 This Week
    Last Update:
    See Project
  • 23
    HTTP Anti Flood/DoS Security Module

    HTTP Anti Flood/DoS Security Module

    Detect Flooder IPs, Reduce Attack Surface against HTTP Flood Attacks

    This module provides attack surface reduction enhancements against the HTTP Flood Attacks at the web application level. Massive crawling/scanning tools, HTTP Flood tools can be detected and blocked by this module via htaccess, firewall or iptables, etc. (like mod_evasive) You can use this module by including "iosec.php" to any PHP file which wants to be protected. You can test module here: http://www.iosec.org/test.php (demo) Watch the Proof of Concept video: http://goo.gl/dSiAL Hakin9 IT Security Magazine Article about IOSEC http://goo.gl/aQM4Di (different format -> http://goo.gl/JKMUPN) IJNSA Article at http://goo.gl/LLxRdX WP Plugin Page http://goo.gl/nF5nD CHANGES v.1.8.2 - Iptables Auto Ban Bash Script Included - Token Access via Implicit Deny - Reverse Proxy Support - reCAPTCHA Support Do you want more features? Check for third party addons http://sf.net/projects/iosecaddons Gökhan Muharremoğlu
    Downloads: 4 This Week
    Last Update:
    See Project
  • 24
    360-FAAR  Firewall Analysis Audit Repair

    360-FAAR Firewall Analysis Audit Repair

    360-FAAR Analyze FW1 Cisco Netscreen Policy Offline Using Config/Logs

    360-FAAR (Firewall Analysis Audit and Repair) is an offline, command line, firewall policy manipulation tool to filter, compare to logs, merge, translate and output firewall commands for new policies, in Checkpoint dbedit, Cisco ASA or ScreenOS commands, and its one file! Read Policy and Logs for: Checkpoint FW1 (in odumper.csv / logexport format), Netscreen ScreenOS (in get config / syslog format), Cisco ASA (show run / syslog format), 360-FAAR compares firewall policies and uses CIDR and text filters to split rulebases / policies into target sections and identify connectivity for further analysis. 360-FAAR supports, policy to log association, object translation, rulebase reordering and simplification, rule moves and duplicate matching automatically. Allowing you to move rules to where you need them. Build new rulebases from scratch with a single 'any' rule and log files, with the 'res' and 'name' options. Switch into DROPS mode to analyse drop log entries.
    Downloads: 4 This Week
    Last Update:
    See Project
  • 25
    A Free SOCKS proxy server for Linux, macos and FreeBSD
    Downloads: 17 This Week
    Last Update:
    See Project
  • Previous
  • You're on page 1
  • 2
  • 3
  • 4
  • 5
  • Next
Auth0 Logo