Turbulence is a general BEEP server that provides many site administration features. Turbulence is built on top of the Vortex library and is extensible through modules and allows you to implement server side profiles that are used and combined later with other profiles through run time configuration. Turbulence is written to make it easy to develop and deploy BEEP profiles, allowing developers to provide a convenient configuration interface to site administrators and end users.
The Userspace Logging Daemon (ulogd) is a flexible framework for extensive logging of packets on a firewall machine. ulogd uses the ULOG target of iptables/netfilter, the packet filtering framework of Linux 2.4 and 2.6. It supports binary plugins for adding packet interpreters and output-targets (e.g., for logging into databases, user-defined filetypes, etc.).
GLB is a user-space TCP load balancer similar to Pen. It lacks most advanced Pen features, as the aim was to make a user-space TCP proxy that is as fast as possible. It can utilize multiple CPU cores. A list of destinations can be adjusted in runtime. Destination "draining" is supported. It supports "least connected", "round-robin", "random", and "source tracking" balancing policies.
iptables-bash_completion provides programmable completion for the iptables and ip6tables programs. iptables options are shown only if they are valid at the current context. It supports completion of options, matches, and targets, and dynamic retrieval of data from the system, including chains, set names, interfaces, and hostnames. Environment variables allow completion options to be tuned. IP and MAC addresses can be supplied using a file.
yaSSL is a C++ based SSL library for embedded and RTOS environments, designed for individuals who prefer to use the C++ language. For a C-based solution, please see CyaSSL. yaSSL supports the industry standards up to TLS 1.2, and also includes an OpenSSL compatibility interface.
Dante is a free implementation of the proxy protocols SOCKS version 4 and SOCKS version 5 (RFC 1928). It can be used as a firewall between networks, controlling outgoing traffic. The package consists of two parts: a socks server and a proxy client that supports socks, HTTP proxies, and UPnP. RFC 1961 (GSSAPI) is supported in both the client and the server. Commercial support is available.
360-FAAR (Firewall Analysis Audit and Repair) is an offline, command line, Perl firewall policy manipulation tool to filter, compare to logs, merge, translate, and output firewall commands for new policies, in Checkpoint dbedit, Cisco ASA, or ScreenOS commands. It is all contained in one file. It can read policy and logs for: Checkpoint FW1 (in odumper.csv / logexport format), Netscreen ScreenOS (in get config / syslog format), and Cisco ASA (show run / syslog format). It uses both inclusive and exclusive CIDR and text filters, permitting you to split large policies into smaller ones for virutalization at the same time as removing unused connectivity. It supports policy to log association, object translation, rulebase reordering and simplification, rule moves, and duplicate matching automatically. It allows you to seamlessly move rules to where you need them. 'print' mode creates a spreadsheet for your audit needs with one command.
LibreNMS is an autodiscovering PHP/MySQL-based network monitoring system forked from Observium. It aims to be easy to use and painless to deploy, and to support monitoring of a wide range of devices. Observium's license changed to a modified QPL license in May 2012, then was split into free and commercial versions. The aim of LibreNMS is to continue to create a usable NMS, but with a community focus and GPL licensing.
BACnet is an implementation of the BACnet (Building Automation and Control Networks) protocol specifically tailored for embedded systems. BACnet itself is a standard routable protocol designed to handle communications in automation in buildings, such as air conditioning systems and other HVAC equipment.