FreeBSDShield is a DShield.org reporting client for FreeBSD and the ipfw firewall. It allows you to report attempted security breaches to the DShield cooperative firewall logging effort, which in turn helps the Internet Storm Center (and netizens at large) track trends in network security and catch emerging vulnerabilities.
Enhanced Reverse Pimpage is an enhanced version of the original rpimp by Matt Miller. Reverse Pimpage was designed to allow you to access a computer that is behind a firewall from outside that firewall itself. The way it accomplishes this is by having the client (the computer behind the firewall) send a SYN request to a certain port at certain intervals. The computer that will access the client must run the server program, and when the time interval is up it will connect. Once it's connected, the client telnets to itself and routes data back and forth between the two.
Vanguard provides enterprise class anti-virus and anti-spam protection to multiple internal mail servers, including the Gordano Messaging Suite, Microsoft Exchange, and IBM Lotus Notes/Domino. Dual anti virus scanning engines provide both traditional signature based virus protection and advanced Zero Hour protection. Any number of internal servers can be protected from a single Vanguard server. Each of those servers may be servicing the same Internet domain, separate Internet domains, or even multiple Internet domains on a single server. There is no limit to the number of protected domains or message throughput.
sipscreen is a Linux iptables QUEUE target handler for screening inbound SIP phone calls flowing through a Linux gateway. If you have a Vonage appliance, or other voice-over-IP adapter located behind a Linux router, you may find sipscreen useful for accepting or rejecting calls based on the caller ID information, time of day, or other custom algorithms.
OpenFWTK is an application proxy toolkit which inherits the ideology of TIS fwtk and maintains API backwards compatibility. The design goal is to make it simple yet powerful; no performance hacks are allowed in the code and library dependencies are reduced to a minimum. It is a true application layer filter. It features unified pluggable content inspection for the most frequently used protocols, NAC (Network Admission Control), and the ability to define fine-grained Internet access policy based on browser identification.