Linux firewall distribution geared towards home and SOHO users.
The IPCop Firewall is a Linux firewall distribution. It is geared towards home and SOHO users. The IPCop web-interface is very user-friendly and makes usage easy.
Smoothwall is a best-of-breed Internet firewall/router, designed to run on commodity hardware and to provide an easy-to-use administration interface to those using it. Built using open source and Free software, it's distributed under the GNU Public License.
HTTP proxy to block ads and customize webpages
Privoxy is a non-caching web proxy with advanced filtering capabilities for enhancing privacy, modifying web page data and HTTP headers, controlling access, and removing ads and other obnoxious Internet junk. Privoxy has a flexible configuration and can be customized to suit individual needs and tastes. It has application for both stand-alone systems and multi-user networks.
Firewall Builder is a GUI firewall management application for iptables, PF, Cisco ASA/PIX/FWSM, Cisco router ACL and more. Firewall configuration data is stored in a central file that can scale to hundreds of firewalls managed from a single UI. A message from project maintainers: After working on Firewall Builder for many years it is with some sadness that Vadim and I are announcing that we have suspended all development activity for this project. Firewall Builder has been a great project to work on and we have truly appreciated all the support and positive feedback that the user community has provided. Without you we wouldn’t have been able to keep things going this long. You might be wondering why we are doing this... We had an exciting opportunity come up to start a company developing advanced security automation solutions. This was a chance of a lifetime that we just couldn’t pass up and unfortunately it means that we no longer have time available to work on improv
A powerful network security tool, easy, safe and totally free.
BrazilFW is a mini Linux distribution designed to be used as a Firewall and Router that runs easily on older computers. An old PC running BrazilFW is much more powerful and efficient than commercial software for routing in offices and residences running on a "powerful" computer. BrazilFW is based on Coyote Linux, which was designed by Joshua Jackson who discontinued Coyote Linux in version 2.24 in August 2005. In that same month comes on the scene BrazilFW Firewall and Router (BFW) with version 2.24, which is led by "Claudio" and "Marcelo - Brazil", running only on floppy disks, and being 2.30.1 the last version with this support . The following versions, as well having automatic detection of network cards, only run on large capacity media, such as hard disk (HD). Versions in Development: * 2.33.x: Uses kernel 2.4.x and is developed by Marcinho Samurai. * 3.x: Uses kernel 4.x and is developed by WoshMan
Endian Firewall Community (EFW) is a "turn-key" linux security distribution that makes your system a full featured security appliance with Unified Threat Management (UTM) functionalities. The software has been designed for the best usability: very easy to install, use and manage and still greatly flexible. The feature suite includes stateful packet inspection firewall, application-level proxies for various protocols (HTTP, FTP, POP3, SMTP) with antivirus support, virus and spam-filtering for email traffic (POP and SMTP), content filtering of Web traffic and a "hassle free" VPN solution (based on both OpenVPN and IPsec).
BASE is the Basic Analysis and Security Engine. It is based on the code from the Analysis Console for Intrusion Databases (ACID) project. This application provides a web front-end to query and analyze the alerts coming from a SNORT IDS system.
Xtables-addons is a package that obsoletes the old patch-o-matic repository for the Linux kernel and iptables. Instead of patching the kernel source, extensions are built as modules and thus allow extending kernels without recompilation.
Those who have read past the "Malware" warning can be assured there is absolutely no malware in this OS or in the download. This warning comes from the "netcat" binary included in the download as a DOS time client. Unfortunately netcat has code that is flagged as malware. FREESCO, a NAT/firewall router/server based on Linux and runs on a single 1.44MB floppy. Freesco is very powerful and versatile and can connect multiple home or small office networks to most types of Internet connections including dialup.
VTun is the easiest way to create Virtual Tunnels over TCP/IP networks with traffic shaping, compression, and encryption. It supports IP, Ethernet, PPP and other tunnel types. VTun is easily and highly configurable. VPN, Mobile IP, Shaping, etc
Enables tunneling of network connections through restrictive HTTP proxies. Features: Portmapping, SOCKS4, SOCKS5, web-based admin interface, possibility to use standalone server (perl) or hosted server (PHP), optional authorization from LDAP or MySQL
SS5 is a socks server for Linux, Solaris and FreeBSD environment, that implements the SOCKS v4 and v5 protocol.
The WiFi Guard Dog project is a complete and embeddable captive portal solution for wireless community groups or individuals who wish to open free HotSpots while preventing abuse of their connection. Go to dev.wifidog.org to download the latest version.
Fail2Ban monitors log files like /var/log/pwdfail or /var/log/apache/error_log and bans failure-prone addresses. It updates firewall rules to reject the IP address or executes user defined commands. Please see code and download from https://github.com/fail2ban/fail2ban . SF Fail2ban portal might not be up-to-date
The goal of FireStarter is to provide easy to use, yet powerful, graphical tools for setting up, administrating and monitoring firewalls for Linux machines.
Siproxd is a proxy/masquerading daemon for the SIP protocol. It allows SIP clients (softphones & hardphones) to work behind an IP masquerading firewall or router.
A utility for detecting and resisting BIDIRECTIONAL ARP spoofing. It can anti-spoof for not only the local host, but also other hosts in the same subnet. It is as well a handy helper for gateways which don't work well with ARP.
An iptables based firewall for systems running the Linux 2.4 or later kernel. Very flexible configuration allows the firewall to be used in a wide variety of firewall/gateway/router and VPN environments.
This is a daemon that emulates Microsoft's Internet Connection Service (ICS). It implements the UPnP Internet Gateway Device specification (IGD) and allows UPnP aware clients, such as MSN Messenger to work properly from behind a Linux NAT firewall.
Anti Spam SMTP Gateway
[antispam] MailCleaner is an anti-spam / anti-virus filter SMTP gateway with user and admin web interfaces, quarantine, multi-domains, multi-templates, multi-languages. Using Bayes, RBLs, Spamassassin, MailScanner, ClamAV. Based on Debian. Enterprise ready. MailCleaner is an anti spam gateway installed between your mail infrastructure and the Internet. It includes a complete GNU/Linux OS and a graphical web interface for user and administrative access. It comes in the form of virtual machine templates.. - fully compatible with any SMTP mail server (Exchange, Zimbra,...) You can install now MailCleaner within the following virtual environments: qcow2 (KVM, Proxmox, OpenStack, Xen) vhd (Hyper-V, VirtualPC) vmdk (VMware ESXi, Workstation, VMware Fusion) ova (VM Standard, supported by most hypervisor) Dedicate a server to MailCleaner, and you will have a working professional mail filter in less than an hour.
iplist is a list based packet handler which uses the netfilter netlink-queue library (kernel 2.6.14 or later). It filters by IP-address and is optimized for thousands of IP-address ranges.
Devil-Linux is a special Linux distribution, which is used for Firewalls / Routers. The goal of Devil-Linux is to have a small, customizable and secure (what is secure in the internet?) Linux.
User written Addons and Updates for the IPCop Firewall.
TPCAT is based upon pcapdiff by the EFF. TPCAT will analyze two packet captures (taken on each side of the firewall as an example) and report any packets that were seen on the source capture but didn’t make it to the dest. See docs for info.
Windows Port Knocking. A Windows implementation of port knocking developed to work alongside an existing firewall (the free CHX-I Packet Filter v3.0).