469 projects tagged "Firewalls"

Download Website Updated 05 Apr 2014 CGIProxy

Screenshot
Pop 926.64
Vit 66.45

CGIProxy is a Perl CGI script that acts as an Internet proxy. Through it, you can retrieve resources that may be inaccessible from your own machine. The user is kept as anonymous as possible from any servers. HTTP and FTP are supported, and optionally SSL. Common uses include censorship circumvention, VPN-like setups, anonymous proxies, personal proxies, and others. Options include text-only browsing (to save bandwidth), selective cookie and script removal, simple ad filtering, access restriction by server, encoded target URLs and cookies, configuration by end user, and much more (currently over 70 config options). Javascript and Flash are fully supported. Messages are in 12 languages so far. Can be installed as a CGI script, a mod_perl script, a FastCGI script, or with its own embedded secure HTTP server. An online demo is available.

No download Website Updated 23 Mar 2014 sslh

Screenshot
Pop 429.80
Vit 21.49

sslh accepts connections in HTTP, HTTPS, SSH, OpenVPN, tinc, XMPP, or any other protocol that can be tested using a regular expression, on the same port. This makes it possible to connect to any of these servers on port 443 (e.g. from inside corporate firewalls, which almost never block port 443) while still serving HTTPS on that port. sslh supports IPv6, privilege dropping, transparent proxying, and much more.

Download Website Updated 04 Mar 2014 Untangle

Screenshot
Pop 535.78
Vit 34.40

Untangle is a Linux-based network gateway with pluggable modules for network applications like spam blocking, Web filtering, anti-virus, anti-spyware, intrusion prevention, VPN, SSL VPN, firewall, and more.

Download No website Updated 16 Feb 2014 ipt_pkd

Screenshot
Pop 168.50
Vit 19.51

ipt_pkd is an iptables extension implementing port knock detection with SPA (single packet authorization). This project provides 3 parts: the kernel module ipt_pkd, the iptables user space module libipt_pkd.so, and a user space client knock program. For the knock packet, it uses a UDP packet sent to a random port that contains a SHA-256 of a timestamp, small header, random bytes, and a shared key. ipt_pkd checks the time window of the packet and does the SHA-256 to verify the packet. The shared key is never sent.

No download Website Updated 11 Feb 2014 Zorp

Screenshot
Pop 291.63
Vit 28.61

Zorp is a proxy firewall suite with its core architecture is built around today's security demands: it uses application level proxies, is modular and component based, uses a script language to describe policy decisions, makes it possible to monitor encrypted traffic, lets you override client actions, and lets you protect your servers with its built in IDS capabilities.

Download Website Updated 05 Feb 2014 fwsnort

Screenshot
Pop 287.75
Vit 29.96

fwsnort translates snort rules into an equivalent iptables ruleset. By making use of the iptables string match module, fwsnort can detect application layer signatures which exist in many snort rules. fwsnort adds a --hex-string option to iptables, which allows snort rules that contain hex characters to be input directly into iptables rulesets without modification. In addition, fwsnort makes use of the IPTables::Parse Perl module in order to (optionally) restrict the snort rule translation to only those rules that specify traffic that could potentially be allowed through an existing iptables policy.

Download Website Updated 21 Jan 2014 Endian Firewall

Screenshot
Pop 365.96
Vit 24.73

Endian Firewall is an all-in-on Linux security distribution that turns any system into a full-featured security appliance. It features a stateful packet inspection firewall, application-level proxies for various protocols (HTTP, POP3, SMTP), anti-virus support, virus and spam filtering for email traffic (POP and SMTP), content filtering of Web traffic, and a "hassle free" VPN system based on OpenVPN.

Download Website Updated 27 Nov 2013 ulogd

Screenshot
Pop 286.43
Vit 21.05

The Userspace Logging Daemon (ulogd) is a flexible framework for extensive logging of packets on a firewall machine. ulogd uses the ULOG target of iptables/netfilter, the packet filtering framework of Linux 2.4 and 2.6. It supports binary plugins for adding packet interpreters and output-targets (e.g., for logging into databases, user-defined filetypes, etc.).

Download Website Updated 18 Nov 2013 Dante

Screenshot
Pop 310.40
Vit 41.81

Dante is a free implementation of the proxy protocols SOCKS version 4 and SOCKS version 5 (RFC 1928). It can be used as a firewall between networks, controlling outgoing traffic. The package consists of two parts: a socks server and a proxy client that supports socks, HTTP proxies, and UPnP. RFC 1961 (GSSAPI) is supported in both the client and the server. Commercial support is available.

Download No website Updated 17 Nov 2013 360-FAAR Firewall Analysis Audit and Repair

Screenshot
Pop 208.94
Vit 10.04

360-FAAR (Firewall Analysis Audit and Repair) is an offline, command line, Perl firewall policy manipulation tool to filter, compare to logs, merge, translate, and output firewall commands for new policies, in Checkpoint dbedit, Cisco ASA, or ScreenOS commands. It is all contained in one file. It can read policy and logs for: Checkpoint FW1 (in odumper.csv / logexport format), Netscreen ScreenOS (in get config / syslog format), and Cisco ASA (show run / syslog format). It uses both inclusive and exclusive CIDR and text filters, permitting you to split large policies into smaller ones for virutalization at the same time as removing unused connectivity. It supports policy to log association, object translation, rulebase reordering and simplification, rule moves, and duplicate matching automatically. It allows you to seamlessly move rules to where you need them. 'print' mode creates a spreadsheet for your audit needs with one command.

Screenshot

Project Spotlight

DOLPHIN SMASH

A mixed-signal, mixed-language multi-level simulator.

Screenshot

Project Spotlight

SRFirewall

An easy to use, but still quite capable firewall for Netfilter/iptables.