The RTSP Proxy Kit contains source code for a reference implementation of an application-level RTSP proxy server for UNIX and Windows environments. The kit provides all of the basic functionality for an RTSP proxy.
Transproxy is used in conjunction with the FreeBSD (ipfw and ipnat) or Linux transparent proxy feature (ipfwadm, ipchains and iptables), to transparently proxy HTTP requests.
Snort_inline is a modified version of Snort. It accepts packets from iptables, instead of libpcap. It uses new rule types to tell iptables if the packet should be dropped or allowed to pass based on the Snort rules.
bastion-firewall is a Netfilter based firewall for Linux. It can generate graphical stats of all the rules traffic in the firewall with Rrdtool and it's integrated with the Snort Inline IPS. It's written in the bash and C programming languages.
Perl logfile analyzer for DELL Sonicwall Firewall logfiles. This Perl program (Windows /Linux / Mac), creates an HTML file containing: hits per protocol, mean, median and variance on hourly and weekday basis, RBL statistics, IPS stats, VPN stats, virus stats, surfing statistics, CFS blocked sites stats.
tgcd is a simple Unix network utility to extend the accessibility of TCP/IP based network services beyond firewalls. This can also be used by network analysts and security experts for penetration testing and analyze the security of their network. It's written in C Language.
Java-based Open Source WAF (Web Application Firewall) to include inside a web application in order to protect it against attacks like Cross-Site Request Forgery (CSRF), Parameter Manipulation and more.
IP-Updater is a Perl-Script to manage dynamic IP-adresses (DynDNS). It reads the IP via Telnet from the Router (Zyxel, Netgear) or get it from the web. Different updates to Dyn-IP-Services or FTP-Upload to a hompage are possible. With logging.
IPv4 & IPv6 Firewall Manager with traffic shaping and Ncurses GUI
Vuurmuur is a powerful firewall manager for Linux/iptables. Vuurmuur supports traffic shaping and live monitoring. It has an easy to learn configuration that allows both simple and complex configurations, and can be fully configured through the Ncurses GUI. Vuurmuur supports NAT, Port Forwarding and has experimental IPv6 support.
AMaViS is a script that interfaces a mail transport agent (MTA) with virus scanners.
Debian packages for PeerGuardian Linux (including the GUI) and its precessor moblock/blockcontrol/mobloquer. PeerGuardian is a privacy oriented firewall application. It blocks connections to and from hosts specified in huge blocklists (thousands or millions of IP ranges). Its origins lie in targeting aggressive IPs while you use P2P. See http://sourceforge.net/projects/peerguardian/
The program implements the CIDR merging with whitelisting (network exclusion). Output will be summarized to be as small as possible. The program has been widely used for blacklist merge and optimization.
iptables web interface
Web interface for linux firewall written in haskell. It covers a little subset of options and targets. It works as standalone https daemon, and allows to authenticate with system accounts using pam. Iptadmin can't ruin iptables configuration files by design. It doesn't let user to block network access to the interface.
A set of tools (proxy, analyzer, proxy database maintenance tools) in Perl. Of interest to those whose Internet access is blocked or censored. The tools provide an 'abstraction' of uncensored outside services, inside the censoring firewall/proxy.
redWall is a bootable CD-ROM Firewall with Snort, snortsam, dansguardian and support for fwbuilder, spamassassin, reporting (using ACID/sarg/ntop/webfwlog), VPN (FreeSWan/PoPToP/Openvpn) and mail alerting (by mail). Configs are stored on a Floppy or USB
A command line tool that allows you to (live) analyze netfilter (iptables) log files. It provides a nice output and has features like displaying hostnames, duplicate detection... More info (+ screenshots) can be found in the pdf inside the tarball.
BlockSSHD protects computers from SSH brute force attacks by dynamically blocking IP addresses by adding iptables rules.
Web interface written in php for ISC bind and ISC dhcp configuration and administration. It keeps it's own database containing general dns and dhcp information and information about subnets, hosts etc. Configures DNS, DHCP, firewalls, RADIUS servers..
IP Tables State implements the "state top" feature from IP Filter for IP Tables. "State top" displays the states held by your stateful firewall in a "top"-like manner, in real time. IPTState also has an option to print your state table once and NOTE: Development has moved to github: http://github.com/jaymzh/iptstate
Sentry Firewall CD-ROM is a Linux-based bootable CD-ROM suitable for use as an inexpensive and easy to maintain Firewall or IDS Node. The system is designed to be immediately configurable for a variety of different operating environments via a config fil
Snort2Pf is a small Perl daemon which greps Snort's alertfile and blocks the "naughty" hosts for a given amount of time using pfctl.
flex-fw is a small and fast console frontend to iptables
flex-fw is a small and fast console frontend to iptables with an easy syntax similar to pf, ipf or ipfw from BSD systems. The main goal was making a lightweight tool to manage tons of iptables rules on multiple Linux hosts with a similar configuration.
THIS PROJECT IS UP FOR GRABS. PLEASE CONTACT ME FOR TAKING OVER THIS PROJECT. This is program to allow users behind a HTTP proxy like squid to use applications like telnet,ssh, irc, fetchmail etc as if they were directly connected to the internet.
AGT is a powerful console frontend to iptables, supporting nearly all of the iptables extensions. All options can be specified in a configuration file with similar syntax to 'ipf' and 'ipfw'.
EasyBSD is a modular automation script designed to assist in the extensive post installation process that is required in FreeBSD. The following are modules that are included with EasyBSD, Checks, Update, Security, Networking, Firewall, and more...