homeLANsecurity is a series of shell scripts for loading iptables firewall rules. The goal of these scripts is to provide an easy to manage framework for standard iptables rule sets. The scripts are well documented and are easily edited. It is primarily designed to operate on home or small office gateway Linux system, but the scripts can be easily adapted to protect an individual Linux server or workstation. homeLANsecurity's command set is written to support loading, clearing, saving, restoring, testing, and displaying of iptables rules. The configuration supports NAT, port forwarding of common services, TOS packet mangling, OpenVPN, Squid transparent proxy, IP address banning, adaptive banning, and connection tuning. Custom iptables rules are easily inserted without any editing of the scripts themselves.
trollhunter offers various tools to either analyze existing logfiles or monitor firewall activity in real time. Currently standard log messages generated by a Linux 2.4 kernel netfilter/iptables firewall are supported. You can choose from a Perl/Tk interface or run in commandline standard ASCII color TTY terminal.
rpfcd (Remote packet filter control daemon) allows remote control and monitoring of OpenBSD's packet filter. It communicates with clients using the RPFC protocol running on top of SSL. The protocol is designed to be relatively forgiving and easy to use. Its goal is to provide a common framework for pf control and monitoring. Instead of running pfctl/tcpdump/pflogd, writing ad-hoc parsing scripts, and sending the results by mail, rpfcd will provide the same and much more via a transparent server-client interface. Together with a decent CLI/GUI client, pf firewall monitoring becomes rather easy. This is especially interesting if you have several pf firewalls to control and monitor.
netfico is a complete Linux/netfilter (iptables) firewall and gateway configuration tool. It takes over the complete process of brining up the network interfaces, configuring VLANs, setting IP addresses, setting routes, and configuring the netfilter/iptables rules. This also means that there is just one central place where IP addresses and netmasks are configured. A central goal of netfico is to make handling of firewalls respective gateways with dual stacked (i.e. IPv4 and/or IPv6) hosts and a larger number of subnets easy and feasible.