PeerGuardian - a privacy oriented firewall application
PeerGuardian is a privacy oriented firewall application. It blocks connections to and from hosts specified in huge blocklists (thousands or millions of IP ranges). Its origin seeds in targeting aggressive IPs while you use P2P. PeerGuardian Linux: Actively developed. However the team is very small and with few spare time. Contributors are welcome! Peerguardian OS X: Not developed anymore. We've lost contact with the OS X developer. New contributors are welcome! PeerGuardian Windows: Not developed anymore. It's highly recommended to use PeerBlock instead, which is a continuation of PeerGuardian's development in Windows, with bug fixes and support for Windows Vista and Windows 7. New contributors and/or collaboration with peerblock.com are welcome! PeerGuardian is an open project. Not only is its source code open for you to read, use, and modify - but the project is open for you to join and contribute in any form (code, documentation, bug reports, web and support).
This is a daemon that emulates Microsoft's Internet Connection Service (ICS). It implements the UPnP Internet Gateway Device specification (IGD) and allows UPnP aware clients, such as MSN Messenger to work properly from behind a Linux NAT firewall.
360-FAAR Analyze FW1 Cisco Netscreen Policy Offline Using Config/Logs
360-FAAR (Firewall Analysis Audit and Repair) is an offline, command line, firewall policy manipulation tool to filter, compare to logs, merge, translate and output firewall commands for new policies, in Checkpoint dbedit, Cisco ASA or ScreenOS commands, and its one file! Read Policy and Logs for: Checkpoint FW1 (in odumper.csv / logexport format), Netscreen ScreenOS (in get config / syslog format), Cisco ASA (show run / syslog format), 360-FAAR compares firewall policies and uses CIDR and text filters to split rulebases / policies into target sections and identify connectivity for further analysis. 360-FAAR supports, policy to log association, object translation, rulebase reordering and simplification, rule moves and duplicate matching automatically. Allowing you to move rules to where you need them. Build new rulebases from scratch with a single 'any' rule and log files, with the 'res' and 'name' options. Switch into DROPS mode to analyse drop log entries.
Siproxd is a proxy/masquerading daemon for the SIP protocol. It allows SIP clients (softphones & hardphones) to work behind an IP masquerading firewall or router.
Enables tunneling of network connections through restrictive HTTP proxies. Features: Portmapping, SOCKS4, SOCKS5, web-based admin interface, possibility to use standalone server (perl) or hosted server (PHP), optional authorization from LDAP or MySQL
Nodogsplash offers a simple way to provide restricted access to an internet connection. It is intended for use on wireless access points running OpenWRT (but may also work on other Linux-based devices).
Bored of having HTTP-only connection to the Internet? Tired of being unable to connect to irc through a HTTP proxy? desproxy (a TCP tunnel for HTTP proxies) just makes you able to tunnel all your TCP traffic through a HTTP proxy! Keywords: HTTP pr
TCP-Switch currently allows sharing one port for four protocols (SSH, HTTP, HTTPS, passive FTP). Each protocol can be forwarded (tunnel) to a different <host:port>. Future releases will allow much more controll, e.g. client IP/port, and other protocols
A Java implementation of a NAT-PMP client. At the project's inception, there was not a well-known NAT-PMP client library for Java. This project intends to fill the gap.
This Library provides a java API for firewall logs, connection tracking and rules management.
web rules is an powerfully filtering HTTP proxy, and rules how to access the web. high-performance multiple-channels are support. work on windows, mac and unix-like.
The Cisco Connection Analyzer will analyze a real time snap shot of your PIX/ASA connection table and tell you useful information about the conn table. It will tell you top talkers, top services..etc. Very useful in troubleshooting the firewall.
Capra is a Open Source tool to quickly get some nice and useful reports out off your Watchguard Fireware log files.
This script reads your iptables-based firewall configuration and displays your rules in the order in which packes will actually traverse them. Output is intuitive while closely resembling that of iptables-save, and indicates table ownership of rules, etc
Schedule emailing of your Smoothwall logs. Schedule on a daily/weekly/monthly basis via cron jobs. Formatting options are text and html. csv formatting planned.
ppfilter is a personal firewall for Mac OS X.
chainssh is a shell script to smplify the ssh login via multiple sshgateways/firewallgateaways. e.g. connect from homehost via sshgateway to a clusternode with one command.
"stealth my bugs" is another type of scalable firewall, additionally type. It could not replace other systems like iptables or equivalent. Written in perl by using minimal requirements, it grants maximum usuability.
SSHgate is a small daemon that transparently routes packets across SSH encrypted tunnels.
Infect is a network traffic classification tool, that classifies TCP protocols. The classification is based on ML techniques. Scen: Train/Recognize arbitrary protocols (SSH, HTTPS..), Detect policy violations (e.g. tunnels)
Auto Proxy Filter Test (APFT) automates the testing of safe and unsafe URLs against a content filtering proxy (such as Dansguardian) and helps prevent regressions. APFT is useful to people who are designing filter rules.
Forwards non-NTLM HTTP client requests to an NTLM proxy server (ie. Microsoft IAS). Can also forward a local port to a remote machine.
GTCop Professional Security Appliance aims to provide a powerful tool for satellite communications, with enhanced QoS and bandwidth controls. As derived from IPCop Firewall, it is a stable, secure, easy to configure and maintain GNU/Linux firewall box.
Admin for HLBR (IPS) Software.