Linux firewall distribution geared towards home and SOHO users.
The IPCop Firewall is a Linux firewall distribution. It is geared towards home and SOHO users. The IPCop web-interface is very user-friendly and makes usage easy.
Manage port forwardings via UPnP
The UPnP PortMapper can be used to easily manage the port mappings/port forwarding of a UPnP enabled internet gateway/router in the local network.
Endian Firewall Community (EFW) is a "turn-key" linux security distribution that makes your system a full featured security appliance with Unified Threat Management (UTM) functionalities. The software has been designed for the best usability: very easy to install, use and manage and still greatly flexible. The feature suite includes stateful packet inspection firewall, application-level proxies for various protocols (HTTP, FTP, POP3, SMTP) with antivirus support, virus and spam-filtering for email traffic (POP and SMTP), content filtering of Web traffic and a "hassle free" VPN solution (based on both OpenVPN and IPsec).
BASE is the Basic Analysis and Security Engine. It is based on the code from the Analysis Console for Intrusion Databases (ACID) project. This application provides a web front-end to query and analyze the alerts coming from a SNORT IDS system.
Anti Spam SMTP Gateway
[antispam] MailCleaner is an anti-spam / anti-virus filter SMTP gateway with user and admin web interfaces, quarantine, multi-domains, multi-templates, multi-languages. Using Bayes, RBLs, Spamassassin, MailScanner, ClamAV. Based on Debian. Enterprise ready. MailCleaner is an anti spam gateway installed between your mail infrastructure and the Internet. It includes a complete GNU/Linux OS and a graphical web interface for user and administrative access. It comes in the form of virtual machine templates.. - fully compatible with any SMTP mail server (Exchange, Zimbra,...) You can install now MailCleaner within the following virtual environments: qcow2 (KVM, Proxmox, OpenStack, Xen) vhd (Hyper-V, VirtualPC) vmdk (VMware ESXi, Workstation, VMware Fusion) ova (VM Standard, supported by most hypervisor) Dedicate a server to MailCleaner, and you will have a working professional mail filter in less than an hour.
A firewall configuration project based on Linux 2.6.x and iptables. It has a web interface with an intuitive Webmin module, or you can edit a XML file. You can define the different firewall elements (zones, hosts, networks) and then set the services
IOSec Addons are enhancements for web security and crawler detection
IOSEC PHP HTTP FLOOD PROTECTION ADDONS IOSEC is a php component that allows you to simply block unwanted access to your webpage. if a bad crawler uses to much of your servers resources iosec can block that. IOSec Enhanced Websites: https://devop.tools/ https://blog.onetopp.com/ https://www.onetopp.com/ https://www.buzzerstar.com/development/ Added Setup Instructions for Wordpress Content Management System. Added Facebook Bot Support for "Facebot/1.0". Add this code to your website to prevent unauthorized stealing of your valuable content & block malicious bots from crawling your site.
nf-HiPAC is a high performance packet filter for Linux. It provides the same rich feature set as iptables but uses an advanced algorithm to minimize the number of memory lookups per packet.
IP-Updater is a Perl-Script to manage dynamic IP-adresses (DynDNS). It reads the IP via Telnet from the Router (Zyxel, Netgear) or get it from the web. Different updates to Dyn-IP-Services or FTP-Upload to a hompage are possible. With logging.
GTCop Professional Security Appliance aims to provide a powerful tool for satellite communications, with enhanced QoS and bandwidth controls. As derived from IPCop Firewall, it is a stable, secure, easy to configure and maintain GNU/Linux firewall box.
Anoubis is a Security Suite which implements a secured environment for applications. The core of the suite is an Application Firewall alongside with a Sandbox. Mechanisms to assure the authenticity of files, directories and applications are provided.
EasySnort is an easy to use, yet powerful webinterface to configure snort. It has got additional features like network restrictions, a powerful signature editor and automatic/manual updates for snort your signatures.
HLBR is an IPS (Intrusion Prevention System) that can filter packets in the OSI layer 2. Detection of malicious traffic is done by rules. It can even be used as bridge to honeypots. The HLBR is a firewall element and can use regular expressions. Warning: this project was discontinued and should not be used in production networks. There are several bugs.
Jateway is a general purpose TCP/IP connection proxy
Jateway is a general purpose TCP/IP connection proxy. Jateway accepts connections on arbitrary ports (like 80 or 443) and specific host:port combinations (like WANIP1:443 and WANIP2:443) for multi-interface systems Supports single TCP connections (like MySQL), and multi-TCP connections like HTTP and HTTPS, and fowards them to arbitrary host/port combinations.
Kwickserver is a do-it-yourself Firewall appliance optimized for educational use, but can be used in all other scenarios. It installs automatically from CD on your HD and is administered via webinterface. Download it from the project homepage!
linux4501 is a linux software distribution for the soekris net4501 single board PC (see www.soekris.com). It fits on a 16 or 32 MB Compactflash card and turns the 4501 into a firewall and (dsl) router. It can also be used as a starting point for your ow
Sky-Fire is a secure, easy-to-use Linux firewall. It is a dynamic script that supports forwarding to two different subnets and running servers on the firewall. The script is designed to be as user friendly as possible. It includes a setup script for quic
The SunGazer PacketFilter is a small and simple tool under GPL to set up firewall rules. It uses iptables and it is easy to use and to configure.
DDoS (SynFlood) Mitigation Tool
Cluster-Manager Daemon that uses Netfilter clusterip to make active-active clusterip. Keep-alive notify messages are sent periodically to every clusternode. clusterip is configured automatically when there are changes in the cluster.
fli4l is a single-floppy Linux-based ISDN/DSL/ethernet-router. It features configuration with some simple ASCII-files and several possible connection-flavors (in/out/callback, raw IP/PPP, PPPoE).
fwlogwatch is an open source firewall/IDS log analyzer and interactive realtime attack detection and response tool
IpTables Extension and Kernel Modul ipt_PORTNETSCAN English Detection of PORTSCAN's, NETSCAN's and COMBINEDSCAN's using quotas. Deutsch: PORTSCAN, NETSCAN und COMBINEDSCAN Erkennung auf Basis von IpTables_Regeln. Für die Erkennung können verschieden
The LR101 Projects aim is to develop a real Linux Hardware Router supporting all major protocols / routing protocols with VPN (FreeS/WAN) and VPN/ISP Failover support.
The security proxy is a reverse proxy that hides and serves several webapps. It handles their authentication needs transparently (single sign-on), may be configured to impose HTTPS client connections (on URL basis) and rewrite URLs of content it delivers.