FireHOL a simple yet powerful way to configure stateful iptables firewalls. It can be used for almost any purpose, including control of any number of internal/external/virtual interfaces, control of any combination of routed traffic, setting up DMZ routers and servers, and all kinds of NAT. It provides strong protection (flooding, spoofing, etc.), transparent caches, source MAC verification, blacklists, whitelists, and more. Its goal is to be completely abstracted and powerful but also easy to use, audit, and understand.
ipt-netflow is high performance NetFlow exporting module for Linux kernel (up to 3.x). It is designed for Linux router with heavy network load. This is netfilter/iptables module adding support for NETFLOW target. It is designed to work without conntrack. It supports NetFlow protocols versions 5, 9, and IPFIX. It has accounting for IPv4, IPv6 traffic, and (NEL) NAT translation events.
The Network Security Policy Compiler (NetSPoC) is a tool for security management of large computer networks with different security domains. It generates configuration files for packet filters controlling the borders of security domains. It provides its own language for describing security policy and the topology of a network. The security policy is a set of rules that state which packets are allowed to pass the network and which are not. NetSPoC is topology aware; a rule for traffic from A to B is automatically applied to all managed packet filters on the path from A to B.
Andrisoft WANSIGHT is a fully featured network traffic analyzer and collector. It provides in-depth traffic analysis, traffic accounting, and bandwidth monitoring, and enables you to generate complex traffic reports, graphs, and tops, instantly pin down the cause of network incidents, understand patterns in application performance, and make the right capacity planning decisions. It supports 10GbE packet sniffing and NetFlow, sFlow, and IPFIX.
Radiator RADIUS server is flexible, extensible, and authenticates from a huge range of authentication methods, including Wireless, TLS, TTLS, PEAP, SQL, proxy, DBM, files, LDAP, NIS+, password, NT SAM, Emerald, Platypus, Freeside, TACACS+, PAM, external, OPIE, POP3, EAP, MOTP, TOTP, HOTP, Active Directory, Vasco Digipass, SecurID, Yubikey, WiMAX, and many more. It runs on Unix, Linux, Solaris, Windows, MacOS 9, MacOS X, VMS, and more.