rcf is an ipchains-based firewall with support for over 50 protocols, masquerading, portforwarding, IP accounting and various protections. Unlimited public, private, DMZ and MZ interfaces are supported. Rules are defined per interface and DMZ/MZ clusters.
The Hackers Lab is aimed to provide hackers, system audits, system and server and network administrators with applications to secure their own servers.
Dave's Naughty Stuff Blocker. This is an open source solution to allow administrators to filter and redirect selected "inappropriate" sites based on a list of specific sites and/or strings.
Bypass is an IP forwarding/tunneling tool which can be used where limited bypassing of a firewall is necessary, but relaxing the restrictions in the actual firewall is not an option. The aim is for bypass to be automatic and transparent.
Mailchecker will (in time) check mail for 'safe' content. 'unsafe' content (e.g. attachments that may contain viruses) will be stopped or converted to 'safe' formats.
This is a Firewall and IDS front-end, the main purpose is simplify configuration of Iptables and Fwsnort and Psad management. The Firewall provides an experimental feature to decide in real-time about each outgoing connection.
Nubric (Near-real-time user behaviour and resource interaction control) is a framework for security and authentication-related modules written in Java. Its origin focus lies on network monitoring, dynamic, transparent firewalling and traffic control.
KFW aims to be a simple to use but powerful Firewall/IDS. That will have a GUI designed since its origins, and will use state of the art firewalling and intrusion detection techniques to achieve maximum performance.
A Simple Middlebox Configuration Protocol (RFC 4540) implementation for Linux.
SIMCO is a signaling protocol that can be used by applications (such as SIP B2BUAs) to dynamically control firewalls and Network Address Translators (NATs).
Infect is a network traffic classification tool, that classifies TCP protocols. The classification is based on ML techniques. Scen: Train/Recognize arbitrary protocols (SSH, HTTPS..), Detect policy violations (e.g. tunnels)