360-FAAR (Firewall Analysis Audit and Repair) is an offline, command line, Perl firewall policy manipulation tool to filter, compare to logs, merge, translate, and output firewall commands for new policies, in Checkpoint dbedit, Cisco ASA, or ScreenOS commands. It is all contained in one file. It can read policy and logs for: Checkpoint FW1 (in odumper.csv / logexport format), Netscreen ScreenOS (in get config / syslog format), and Cisco ASA (show run / syslog format). It uses both inclusive and exclusive CIDR and text filters, permitting you to split large policies into smaller ones for virutalization at the same time as removing unused connectivity. It supports policy to log association, object translation, rulebase reordering and simplification, rule moves, and duplicate matching automatically. It allows you to seamlessly move rules to where you need them. 'print' mode creates a spreadsheet for your audit needs with one command.
Ipt_fw is a firewall for Linux based on iptables. It is designed for client systems. Ipt_fw outputs a shell script containing iptables commands, so inspection of the settings it creates is easy. The configuration files are made in LibreOffice（OpenOffice）Calc. Making of the firewall and a machine using the firewall are separated. It allows you to set the user level and features detailed logging, IP address blacklist management, and iptables integrity.
HLBRW is an acronym for Hogwash Light BR Watch. It is a tool to help make rules for HLBR. In other words, HLBRW was made to be used by HLBR users needing make new rules. It requires some expertise with HLBR, the TCP/IP protocol suite, and regular expressions. HLBRW is a script started by iwatch (a system events watch program) when the HLBR event log is modified. The concept is very single: if the HLBR log was modified, then a known attack was blocked. But the attacker might take other subsequent actions unknown by HLBR. When HLBRW starts, it will coordinate a tcpdump session to record the traffic generated by the attacker's IP address for the next few minutes. If the recorded traffic isn't relevant (without a push in TCP or another relevant protocol), the created file will be deleted. Based on the recorded traffic, the network security manager can make new rules. HLBRW is part of the HLBR project, an intrusion prevention system (IPS) used in firewall systems.
Borderline is a firewall generator. It takes a generic rule specification as input and generated an highly optimized firewall. It features IPv6 rule generation, support for multiple interfaces, and integrated support for network zones. It currently only supports firewall generation for Linux 2.6 (netfilter).
'blaze' is a Netfilter iptables firewall script that is meant to be ridiculously easy to use, pretty basic, but powerful enough to handle a box with multiple NICs to support gateway usage, possibly with NAT. Setup should take no more than five minutes. Logging is not currently supported.
flex-fw is a small and fast front-end for the Linux iptables utility with an easy command syntax like ipfw or pf from BSD systems. It features service-oriented configuration, support for network profiles, which is useful for notebooks, support for macros, easy migration to another network environment by redefining macros, easy distribution to many hosts, syslog logging support for iptables errors and dropped packets, an interactive mode for manually configuring "on the fly", a batch mode for execution from shell scripts, and a library mode for using the flex-fw functions in your shell scripts.