SLIS is a TCP/IP gateway for schools. It provides advanced functions to students and teachers, such as a filtering proxy/cache, email addresses, access control, Web replication, Web mirroring, an intranet Web server with PHP and PostgreSQL, user management, DHCP, remote monitoring of a global set of SLIS servers, live update, etc. All of this is provided by an easy-to-use Web interface. All of the project is in French, but work is in progress to make it international.
Qtfw is a Qt GUI frontend for FreeBSD's ipfw utility. It helps configure the firewall in FreeBSD with a nice and comprehensive user interface. User can edit rules in the current list, save rules for future use, configure kernel sysctl variables, and finally, create shell script from qtfw rules.
mfw allows multiple firewall configurations to be managed from the commandline on Mac OS X. Multiple firewall modes (and easy means of selecting between them) are useful on laptops, where one may want a default paranoid firewall, a mode for network scanning with nmap, modes for various networked games, or to run a software Network Address Translation (NAT) wireless base station.
Snort2c attempts to be a improved version of snort2pf with some advantages, such as kqueue usage, pf table support, pf ioctl calls, modular design, daemon mode support, whitelist support, and syslog logging. It contains snort2c (a daemon) and mons2c (snort2c's table management tool).
Modbus/TCP is an open automation protocol used in a variety of SCADA, PLC, and industrial IO applications. Modbusfw is a Linux 2.4.x Netfilter Extension that permits filtering decisions (DROP, REJECT, etc.) based on application-layer values, allowing finer-grained access control than is currently possibly by simply blocking TCP port 502.
Extensible Messaging Platform is a spam-filtering firewall server application. It protects any SMTP mail server from spam, email- orne viruses (including dangerous auto-launch viruses) and other objectionable content. It filters mail using complex contextual signatures (not simple keyword lists). The use of contextual signatures results in high success and extremely low false-positive rates. Additional features include automatic XML extraction/database insertion, optional POP3 retrieval, comprehensive user-definable contextual filtering, content-based message routing and developer API.
The ipoque PRX traffic manager effectively detects and controls all major peer-to-peer (P2P) filesharing, instant messaging (IM), and Voice over IP (VoIP) protocols. Bandwidth and volume limits can be assigned to network links, subnets, individual users, and user groups. Detailed usage statistics are provided and can be exported for post-processing. This community edition is a fully functional version with a bandwidth limit of 2 Mbit/s.
vpn-shaper is a dynamic traffic shaper for openvpn, poptop, and similar programs, using iproute2. It allows shaping of traffic between many users conected to one server, and it supports different prioritiy schemes for different users and different types of traffic. Trafic shaping uses the HTB qdisc. Prioritization uses l7-filter and ipp2p and some of the patch-o-matic extensions. Classification of trafic in HTB classes is done by using the IPMARC patch-o-matic extension. vpn-shaper requires the IPMARK patch-o-matic extension, connmark iptables match, and HTB qdisc.