Mshaper is a set of example scripts for implementing mass shaping on Linux machine behind NAT. Requirements are simple: Recent Linux kernel with IFB and QoS, HTB support plus iproute2. All users can have different rates or can be blocked.
Traffic shaper for vpn, poptop, etc., using iproute2
dynipsec solves the problem with dynamic ip addresses on both ends of an ipsec tunnel using FreeSWAN under Linux. It distributes the dynamic ips (and PTP addresses) to each peer of the ipsec tunnels via ssh and rebuilds the ipsec.conf and ipsec.secrets ev
NNTP proxy TCP forwarding firewall piercing and redirecting for obnoxious news servers
A front-end GUI for quickly and easily editing/managing iptables rules. It's written in Ruby, and depends on Gtk+ 2.
A universal HTTP tunnel using Apache, mod_perl and Perl.
Siproxd is a proxy/masquerading daemon for the SIP protocol. It allows SIP clients (softphones & hardphones) to work behind an IP masquerading firewall or router.
A python binding for the iptables tools. The binding allows direction manipulation of the iptables through an object oriented and transaction based manner. The binding removes the need to call iptable on the command line in python applications.
The BACnet Firewall Router (BTR) is an application that combines BACnet routing capability with traffic management functions to carefully control access to building automation and control networks.
Windows XP Firewall Web Frontend is a Web-based frontend for the Windows XP or 2003 (SP2) Firewall Service. Multi Language, easy to install and skinnable.
IPFIRE-wall is a framework that implements a network firewall. It can be used in desktop systems and in simple network configurations, providing a friendly graphical interface and a simple installation procedure. Also unprivileged users can personalize.
A MAC address based user authentication system for campus-wide network
This system restricts the network users and records usage log of the users. It is applicable to the campus wide network and is compatible to almost all network terminals. MAIN DEVELOPMENT SITE IS MOVED FROM here TO "https://osdn.jp/projects/opengatem/"
Open Source software for web-based management of system and network security policies and Iptables firewall rules
The Cisco Connection Analyzer will analyze a real time snap shot of your PIX/ASA connection table and tell you useful information about the conn table. It will tell you top talkers, top services..etc. Very useful in troubleshooting the firewall.
Brings the functionality of Linux netfilter to Windows.
Debian packages for PeerGuardian Linux (including the GUI) and its precessor moblock/blockcontrol/mobloquer. PeerGuardian is a privacy oriented firewall application. It blocks connections to and from hosts specified in huge blocklists (thousands or millions of IP ranges). Its origins lie in targeting aggressive IPs while you use P2P. See http://sourceforge.net/projects/peerguardian/
Multi-WAN is a set of shell scripts that provide load balancing and failover for sites with multiple Internet connections. Multi-WAN provides redundant *inbound* paths as well, using a combination of IPRoute2 and IPTables rules.
Allows use of the same port for both a SSH server and SSL (https) server, without needing changes to clients. Incoming connections will be proxied to a SSH or SSL server depending on the protocol spoken by the client. Handy if your home box runs a secure
IPTables::IPv4 is a Perl interface for managing the kernel-level Netfilter subsystem using Perl scripts.
This is a Firewall and IDS front-end, the main purpose is simplify configuration of Iptables and Fwsnort and Psad management. The Firewall provides an experimental feature to decide in real-time about each outgoing connection.
IP block list - can manage many thousands of IP addresses
yaib-daemon is a resource-friendly blacklist daemon, designed to block many thousands of IP addresses. These blacklists are stored in hash tables. So only one or two iptables rules are needed.
Enables access to SSH Shell and File Transfer services using a web browser. Java Servlet application uses pure HTML to provide access to SSH services.
Iptables match module capable of matching various peer-to-peer networks by examining the application-layer protocol
efw-toolbox. Is a collection of applications/scripts and other odds and ends that are useful to have. These are currently not available in the current Endian Firewall Project. This project is intended to work alongside with Endian Firewall project .
The VII is intended to be used in firewall/IPS testing and stressing testing by simulate IP/TCP/ARP/... packets. VII is a c script based tool which can send any kinds of customized packets. It support random protocol/port/ip.