arlinux is a mini-linux (floppy) distro for Recovery o Router/Firewall purpose. Realname is Advanced (Router/Recovery) Linux
yxorp is a reverse proxy and application level firewall for the HTTP protocol. It can do all kinds of checks on HTTP traffic, and is highly configurable. It also has other functions that are useful for a web frontend, like load balancing.
A simple captive portal
Jkaptive is a simple captive portal without RADIUS and thus, without total security, but at the same time. without too much hassle. The reason behind this is because a lot of site administrators don't need tight security - their site is just a café which offers free internet access on an unsecured WLAN access point connected to the internet and they need a ticketing system to make it cumbersome for average people to use this offering without actually buying a single coffee. Jkaptive itself just presents the login page,checks the token and places netfilter rules. Telling apart ticketed from unticketed traffic is done through Linux' netfilter. As no proxy server is involved, jkaptive has no performance penalty, nor does it create problems with non-http traffic. Once the token is accepted, jkaptive is out of the way of any network packets completely. For presenting the login page, jkaptive has a built-in webserver, so no additional webserver application is needed.
EasyBSD is a modular automation script designed to assist in the extensive post installation process that is required in FreeBSD. The following are modules that are included with EasyBSD, Checks, Update, Security, Networking, Firewall, and more...
The Firewall Tester is a tool designed for testing firewalls' filtering policies. It includes an Intrusion Detection System testing feature, along with a packet generator tool and a sniffer. Unlike common firewall testing tools or packet generators, fte
Enable servers behind a firewall to export services to the external networks with the assistance from an externel host as proxy (Jumppoint). The firewall tunnel consists of two parts: a frontend as "Jumppoint" and a backend running behind the firewall
GTCop Professional Security Appliance aims to provide a powerful tool for satellite communications, with enhanced QoS and bandwidth controls. As derived from IPCop Firewall, it is a stable, secure, easy to configure and maintain GNU/Linux firewall box.
This very simple perl script parses you iptables log files and produces a report in text format with a summary based on the prefix of the log ( --log-prefix option of iptables ). Prefix description is allowed.
Jateway is a general purpose TCP/IP connection proxy
Jateway is a general purpose TCP/IP connection proxy. Jateway accepts connections on arbitrary ports (like 80 or 443) and specific host:port combinations (like WANIP1:443 and WANIP2:443) for multi-interface systems Supports single TCP connections (like MySQL), and multi-TCP connections like HTTP and HTTPS, and fowards them to arbitrary host/port combinations.
This is an open source port mapper written in java nio no-blocking socket model. Open Port Mapper allows multiple ports mappings, and it provides the functionality of specifying allow list and deny list.
YAFT is a frontend for iptables in the new linux 2.4.x kernels. It's purpose is to provide a more structured interface to the iptables firewalling system making it simpler for the firewall manager to add and remove rules. (And yes, it has man pages)
Proxy is an IP filtering proxy server for Linux. It was written to solve the problem of being able to connect to machines behind a Linux firewall. There are both threaded and non-threaded versions of proxy in the download area.
sshh allows you to make a persistent tcp connection (tunnel) over an http proxy. Once you have it set up, you can make new connections from either end. Similar in concept to httptunnel but more versatile and scalable.
AGT is a powerful console frontend to iptables, supporting nearly all of the iptables extensions. All options can be specified in a configuration file with similar syntax to 'ipf' and 'ipfw'.
A package for encrypted IP over UDP tunneling. Can be used to build any range of VPN solutions. (Linux version)
Capra is a Open Source tool to quickly get some nice and useful reports out off your Watchguard Fireware log files.
Web administration tool to manage linux netfilter (iptables) rules
HLBR is an IPS (Intrusion Prevention System) that can filter packets in the OSI layer 2. Detection of malicious traffic is done by rules. It can even be used as bridge to honeypots. The HLBR is a firewall element and can use regular expressions. Warning: this project was discontinued and should not be used in production networks. There are several bugs.
IP Blocker is an incident response tool that automatically updates access control lists on Cisco routers and other devices. Web and command line interfaces are both supported, as is logging, email notification, and automatic expiration of blocks.
IP Traffic Volume: Logs (counts) in- & outgoing bytes through network device(s) using kernel iptables. Highly configurable as to which bytes are logged, e.g. to/from specific ports or ip-addresses. Data displayed in html via cgi or plain ascii to console
Powerfull Web Application Firewall for PHP
NinjaFirewall (Pro Edition) is a powerful Web Application Firewall designed to protect all PHP softwares, from custom scripts to popular shopping cart softwares and CMS applications. Some of its features are: * Powerful filtering engine. * Stand alone Web Application Firewall. * Protects against remote & local file inclusions, code execution, uploads, SQL injections, bots and scanners, XSS and many other threats. * Hooks and sanitises all HTTP requests before they reach your website, as well as the response body. * Real-time detection (File Guard). * Response body filter (Web Filter). * Powerful access control and firewall policies. * Easy to setup; your PHP scripts do not require modifications. * Works with any PHP applications, even those encoded with ionCube and ZendGuard. * Management administration console. * One-click updates. * Centralized logging. * And many more...
OpenISP: A suite of ISP Management Software (GPL licensed.) mysqlBind, mysqlApache, mysqlRadius, mysqlSendmail, mysqlISP, mysqlRadacct, mysqlIPM and others. NOTICE: Moved to freshmeat.net and www.openisp.net. For third party wrappers: unixservice.com
Simple Firewall is a easy tool for administration users and access control. This tool is made for Linux. Using iptables for packet filtering Write in perl Save rules with xml. That can be run in bash shell and web via webmin. This version of firewa
TuxFrw is a set of scripts created to ease the way Linux IPTables rules are configured. Using TuxFrw an user can configure his own Linux / Netfilter based network firewall, simply passing some IP address numbers and other services utilization policie
chainssh is a shell script to smplify the ssh login via multiple sshgateways/firewallgateaways. e.g. connect from homehost via sshgateway to a clusternode with one command.