Search Results for "firewall rule analyzer"
Sort By:
Showing 38 open source projects for "firewall rule analyzer"
View related business solutions-
8 Monitoring Tools in One APM. Install in 5 Minutes.AppSignal works out of the box for Ruby, Elixir, Node.js, Python, and more. 30-day free trial, no credit card required.
-
Enterprise-grade ITSM, for every businessFreshservice is an intuitive, AI-powered platform that helps IT, operations, and business teams deliver exceptional service without the usual complexity. Automate repetitive tasks, resolve issues faster, and provide seamless support across the organization. From managing incidents and assets to driving smarter decisions, Freshservice makes it easy to stay efficient and scale with confidence.
-
1
OpenSnitch
OpenSnitch is a GNU/Linux port of the Little Snitch firewall
...Double click on a row to view the details of a process, rule, host or user. Once you know which are the common processes, IPs and hosts that your machine is connecting to, you can start creating permanent rules (Duration: always) to deny or allow them. You can also convert temporary rules to permanent by right-clicking on a temporary rule or by double-clicking on it, and then edit it. By default OpenSnitch UI listens on a local Unix socket in /tmp/osui.sock. -
2
Coraza
OWASP Coraza WAF is a golang modsecurity compatible firewall library
Coraza is an open-source, enterprise-grade, high-performance Web Application Firewall (WAF) ready to protect your beloved applications. It is written in Go, supports ModSecurity SecLang rulesets and is 100% compatible with the OWASP Core Rule Set. Coraza is a drop-in alternative to replace the soon-to-be abandoned Trustwave ModSecurity Engine and supports industry-standard SecLang rule sets. Coraza runs the OWASP Core Rule Set (CRS) to protect your web applications from a wide range of attacks, including the OWASP Top Ten, with a minimum of false alerts. ... -
3
ProxySQL
A high-performance MySQL proxy
...It was created due to a lack of high performance open source proxies, and is able to scale millions of connections across hundreds of thousands of backend servers, all while getting the freedom of being open source. ProxySQL provides end-to-end MySQL connection handling, real-time statistics and database traffic inspection. It's got failover detection, rich query rule definitions, and a database firewall that protects your database from malicious activity or problematic application deployments. ProxySQL is trusted by numerous organizations throughout the world to meet their MySQL scalability and High Availability goals. -
4
Nipe
An engine to make Tor network your default gateway
Nipe is a Perl-based engine whose primary aim is to make the Tor network act as the default gateway for outgoing traffic. In practice, it configures system firewall rules (iptables) and network routing so that almost all IPv4 traffic is redirected through Tor. The tool provides commands such as install, start, stop, restart, and status to manage its behavior. When “start” is issued, it sets up the necessary rules; when “stop” is used, it attempts to remove those rules. Nipe currently... -
Go From AI Idea to AI App FastAccess Gemini 3 and 200+ models. Build chatbots, agents, or custom models with built-in monitoring and scaling.
-
5
Web-based Firewall Log Analyzer
Firewall log analyzer
Flexible web-based firewall log analyzer, supporting netfilter and ipfilter, ipfw, ipchains, cisco routers and Windows XP system logs, and mysql or postgresql database logs using the iptables ULOG or NFLOG target of netfilter others mapped to the ulogd format with a view. Fully supports IPv6 for database logs, and netfilter and ipfilter system file logs. -
6
FancySS
fancyss is a project for bypassing the Great Firewall (GFW)
Fancyss is a “scientific Internet access / bypassing censorship” toolkit targeted principally to Asus routers running AsusWRT or Merlin-based firmware. The project provides a plugin suite (with “software center” integration) so that home routers can run proxy or tunneling tools (e.g. V2Ray) to circumvent firewall or censorship (“GFW” in the Chinese context). Because it integrates into the router’s firmware environment, fancyss automates configuration, routing, and firewall rules to minimize... -
7
IP-Array
An iptables IPv4 firewall and traffic shaping program
A Linux IPv4 iptables firewall and traffic shaper. It allows flexible rule creation, while also shipping with presets for common needs. Rules are written in simple XML, allowing various ways to group and nest the arguments. An interactive mode is available in order to build configuration files in a wizard based manner. Extensive documentation is also included. -
8
OWASP ModSecurity CRS
OWASP ModSecurity Core Rule Set (CRS) Project
The OWASP ModSecurity Core Rule Set (CRS) is a curated, generic Web Application Firewall rule set that detects and blocks common attack categories across most web apps. It focuses on broad protection—SQL injection, cross-site scripting, local/remote file inclusion, command injection, and protocol violations—without requiring app-specific knowledge. Rules are organized into paranoia levels so operators can tune detection aggressiveness and balance false positives against coverage. ... -
9
Vuurmuur is a powerful firewall manager for Linux/iptables. Vuurmuur supports traffic shaping and live monitoring. It has an easy to learn configuration that allows both simple and complex configurations, and can be fully configured through the Ncurses GUI. Vuurmuur supports NAT, Port Forwarding and has IPv6 support.
-
Our Free Plans just got better! | Auth0You asked, we delivered! Auth0 is excited to expand our Free and Paid plans to include more options so you can focus on building, deploying, and scaling applications without having to worry about your security. Auth0 now, thank yourself later.
-
10
360-FAAR Firewall Analysis Audit Repair
360-FAAR Analyze FW1 Cisco Netscreen Policy Offline Using Config/Logs
360-FAAR (Firewall Analysis Audit and Repair) is an offline, command line, firewall policy manipulation tool to filter, compare to logs, merge, translate and output firewall commands for new policies, in Checkpoint dbedit, Cisco ASA or ScreenOS commands, and its one file! Read Policy and Logs for: Checkpoint FW1 (in odumper.csv / logexport format), Netscreen ScreenOS (in get config / syslog format), Cisco ASA (show run / syslog format), 360-FAAR compares firewall policies and uses CIDR and text filters to split rulebases / policies into target sections and identify connectivity for further analysis. 360-FAAR supports, policy to log association, object translation, rulebase reordering and simplification, rule moves and duplicate matching automatically. ... -
11
lua-resty-waf
High-performance WAF built on the OpenResty stack
lua-resty-waf is a web application firewall implemented in Lua for OpenResty/NGINX, designed to run inline at the edge with low overhead. It inspects requests and responses during NGINX phases, applying rule logic and anomaly scoring to detect patterns like SQL injection, cross-site scripting, and protocol abuse. Rules are organized into policies with configurable actions—block, log, or allow—and can leverage shared dictionaries for counters, rate limits, and caching decisions. ... -
12
ngx_lua_waf
ngx_lua_waf
ngx_lua_waf is a web application firewall (WAF) module written in Lua for use with OpenResty (Nginx + Lua). It provides protection against common web attacks such as SQL injection, XSS, file uploads, and malicious bots. The WAF is rule-based, easily configurable, and lightweight, offering real-time defense with minimal performance overhead. -
13
SSH System Administration Tool
SSH Java client GUI for Unix, Linux administration and monitoring
Raanan Zion https://au.linkedin.com/pub/raanan-zion/88/7b9/255 ssh Java interface for Unix, Linux and MS Windows system administration and monitoring. Automates firewall rule checks; exporting the results into Excel. Allows you to run multiple Unix commands on multiple servers simultaneously. Captures your network traces (on the port/ports and interface/interfaces of your choice) and at at a click of a button copies them back to your desktop opening. Remotely monitor your servers in a real time dashboard displaying CPU and RAM. ... -
14
Network Analyzer
Analyze the network carateristics like Delay, Jitter, Packet loss etc.
This software is a very simple network analyzer. When you click the start button, it will send a configurable stream of UDP packets to a host. (The receiving host is then required to echo all the packets back to the sender, which can be easily done via iptables rule under linux). Once the eched packets arrives back to the sender, the analyzer will calculate all the related statistics like, packet loss, jitter throughput etc... -
15
Perl logfile analyzer for DELL Sonicwall Firewall logfiles. This Perl program (Windows /Linux / Mac), creates an HTML file containing: hits per protocol, mean, median and variance on hourly and weekday basis, RBL statistics, IPS stats, VPN stats, virus stats, surfing statistics, CFS blocked sites stats.
-
16
Java-based Open Source WAF (Web Application Firewall) to include inside a web application in order to protect it against attacks like Cross-Site Request Forgery (CSRF), Parameter Manipulation and more.
-
17
aeternaICT Script Scheduler
Java Client-Server Script Scheduler
TCP Client/Server script scheduler written in java. Allow to run local and remote batch/script processes. Minimum requirements: - os with Java version 7, 32 bit *Hardware or software firewall running on your computer or lan network, can inhibit program proper working. It is recommended to disable them or create an appropriate rule. -
18
A command line tool that allows you to (live) analyze netfilter (iptables) log files. It provides a nice output and has features like displaying hostnames, duplicate detection... More info (+ screenshots) can be found in the pdf inside the tarball.
-
19
Lire is a pluggable log analyzer, supporting HTTP, email, DNS, FTP, firewall and print services. Output generated can be txt, (X)HTML, PDF, RTF, and DocBook. The latter four support graphics. For news/support visit the project homepage.
-
20
homeLANsecurity is a series of shell scripts for loading iptables firewall rules. It is primarily designed to operate on home or small office gateway Linux systems. It provides an easy to manage framework for standard iptables rule sets.
-
21
The Cisco Connection Analyzer will analyze a real time snap shot of your PIX/ASA connection table and tell you useful information about the conn table. It will tell you top talkers, top services..etc. Very useful in troubleshooting the firewall.
-
22
Snort_inline is a modified version of Snort. It accepts packets from iptables, instead of libpcap. It uses new rule types to tell iptables if the packet should be dropped or allowed to pass based on the Snort rules.
-
23
Resheto is a firewall management tool with (not yet)optimizing rule compiler. By now it is iptables/ipset oriented but will support PF in the future(and may be others) It is suitable for big(thousands) object databases with hierarchical(nested) groups an
-
24
KMyFirewall is a KDE/Qt Programm that tries to provide an easy to use and comfortable GUI for the Linux "iptables" command. An easy to use plugin architecture allows fast and easy development of rule option extentions.
-
25
diptables is simple shell script, that through one method interactive (using dialog and iptables) create a rule of iptables for the local machine. It is very interesting for who is starting to work with iptables.
