Endian Firewall Community (EFW) is a "turn-key" linux security distribution that makes your system a full featured security appliance with Unified Threat Management (UTM) functionalities. The software has been designed for the best usability: very easy to install, use and manage and still greatly flexible. The feature suite includes stateful packet inspection firewall, application-level proxies for various protocols (HTTP, FTP, POP3, SMTP) with antivirus support, virus and spam-filtering for email traffic (POP and SMTP), content filtering of Web traffic and a "hassle free" VPN solution (based on both OpenVPN and IPsec).
Fail2Ban monitors log files like /var/log/pwdfail or /var/log/apache/error_log and bans failure-prone addresses. It updates firewall rules to reject the IP address or executes user defined commands. Please see code and download from https://github.com/fail2ban/fail2ban . SF Fail2ban portal might not be up-to-date
TPCAT is based upon pcapdiff by the EFF. TPCAT will analyze two packet captures (taken on each side of the firewall as an example) and report any packets that were seen on the source capture but didn’t make it to the dest. See docs for info.
Netsys is a simple network management system utility for make esier the control of your network. You can control too much things like firewall, NAT, Servers, Pings, and more.
CompactBSD is a powerful set of tools that allow you to build your own customized, lightweight distribution of OpenBSD and then burn it onto compact flash so that it can be run on an embedded PC platform such as FatPort's FatPoint (www.fatport.com)
GTCop Professional Security Appliance aims to provide a powerful tool for satellite communications, with enhanced QoS and bandwidth controls. As derived from IPCop Firewall, it is a stable, secure, easy to configure and maintain GNU/Linux firewall box.
Development area for GNU/Linux 2.6.x for the KS8695 ARM SoC. Covers kernel patches, drivers for serial, Ethernet, PCI, GPIO, watchdog subsystems, and drivers for optional PCI based devices such as USB, WiFi, WiMAX, IPSec, SSL, and RSA devices.
Live Security/Forensics Linux Distribution, built from scratch and packed full of tools useful for vulnerability analysis, penetration tests, and forensic analysis.
3ff aims to provide a full features gateway for home or small office use. This distro is totaly modular and try to be secure as possible.
Actim is an application written in python that allows sending/receiving files and calling command lines via email. (under GPL license) For example, if your home PC does not have any access to your office workstation which is behind the company firewall.
Auto Proxy Filter Test (APFT) automates the testing of safe and unsafe URLs against a content filtering proxy (such as Dansguardian) and helps prevent regressions. APFT is useful to people who are designing filter rules.
DAXFi is a Python package that helps configure several different kinds of firewalls in a consistent way. The rules are described in XML. It comes with a Python package, useful to build other applications and includes some useful example programs.
A daemon that creates realtime dynamic, expirable iptables rules to block/drop IP addresses attempting brute-force breakin attacks on a linux host via ssh or other mechanism. Highly customizable and extensible.
We launched the Firedraw project in order to make a free graphical interface for the Linux Firewall Netfilter(iptables, Kernel 2.4).
FOSSWALL project is now merged under the Open Source Security Network (OSSN) project. Open Source Security Network is a community who are dedicated to working in different aspects of IT Security, Network Security, Application Security, Email Security etc
GNOME Blocklist is a GNOME interface and backend for Linux P2P blocklist software like moblock and peerguardian. It provides a preference panel, notification icon and dbus daemon.
Iptables Firewall GUI for Gnome, making firewalls Easy
Loganalyzer for Windows XP Firewall and Linux Iptables firewall. Generates a nice html document with statistics from all the pakets captured by the firewall. The program is written in Python and has an (optional) graphical interface.
Mailchecker will (in time) check mail for 'safe' content. 'unsafe' content (e.g. attachments that may contain viruses) will be stopped or converted to 'safe' formats.
A firewall is used to control access to services (eg proxy) depending on the time of day, the day and the hosts the requests come from -- as the need may arise in a school or university. A web interface delegates control of activation to authorized users.
Small but complete enviroment for building custom embedded system (x86 and other). Based on the gentoo system and uclibc-embedded project. Ideal for small hardware like WRAP or Soekris.
NetgearDG tools is a collection of command line utilities to administer Netgear routers running DGTeam firmware. Currently the only supported router is the Netgear DG834GT.
Netkeeper is an integrated intrusion prevention system for Linux. It incorporates snort IDS and iptables firewall, and its distributed and modularized design allows deployment in various network topologies.
OSMCC is a tool that automates the tasks of safeguarding and auditing of configurations. Some Features: -- Control of change -- backup configurations -- Control integrity -- Identifies and analyzes critical records
PacketFlow is a command line utility that processes an XML configuration to generate a set of firewall rules. It is intended to be installed and run directly on the firewall itself. PacketFlow was designed to deal with complex configurations.