homeLANsecurity is a series of shell scripts for loading iptables firewall rules. The goal of these scripts is to provide an easy to manage framework for standard iptables rule sets. The scripts are well documented and are easily edited. It is primarily designed to operate on home or small office gateway Linux system, but the scripts can be easily adapted to protect an individual Linux server or workstation. homeLANsecurity's command set is written to support loading, clearing, saving, restoring, testing, and displaying of iptables rules. The configuration supports NAT, port forwarding of common services, TOS packet mangling, OpenVPN, Squid transparent proxy, IP address banning, adaptive banning, and connection tuning. Custom iptables rules are easily inserted without any editing of the scripts themselves.
Lokiwall is a firewall script for Linux. In addition to the standard function of easily limiting network traffic, it features dual routing (using two Internet connections simultaniously), connection fail-over, load balancing, traffic control, advanced masquerading, advanced DNAT, and advanced marking (to direct specific traffic to a certain interface). The advanced features require some kernel patches. The standard features will work on a default Linux system with iptables and iproute2.
pflogx is a simple tool that exports OpenBSD packet filter logs to XML files. It reads a binary log file generated by the pf logging daemon (pflogd) and generates a human-readable and exploitable XML file. Using an XSLT processor you can convert this XML file to any other format, such as HTML, CSV, or SQL.
TCPDuP is a command-line networking utility that can proxy TCP service to a remote host:port pair, thus duplicating the availability of that service. It differs from using netcat and a named pipe in that it supports multiple concurrent connections. It is also faster than using a pipe and netcat due to less overhead and use of asynchronous I/O. Other features include local command execution, a daemon mode, and verbose output/logging.
PHREL is a per host rate limiter. It will track the rate of incoming traffic on a server and insert a chain into iptables when a configured threshold is crossed. The inserted chain may either rate limit or block the offending host for a period of time. The inserted chain is automatically removed when the offending host's traffic levels return to normal. PHREL is particularly well suited to protecting nameservers (DNS) from random hosts that flood requests, and to preventing SSH brute force login attempts.
Trustix™ Enterprise Firewall is a WYSIWYG firewall for iptables. It provides drag and drop security policy deployment and allows you to visualise DMZs, integrate branch offices with 3DES encrypted VPN tunnels, accelerate Internet access times with proxy caching server, and authenticate remote workers with PKI X.509 certificates. The unique GUI also allows you to manage traffic for all your zones (up to 24) as well as port forwarding and network address translation (NAT).