lsfw (list firewall) helps network administrators deal with firewalling on a huge network. It lists the firewalls rules applied between two points on the network. It uses the configuration of the network equipment and builds a (light) model of the network described by the equipment. This allows probing for access-list matching all over the network, doing routing and firewalling.
360-FAAR (Firewall Analysis Audit and Repair) is an offline, command line, Perl firewall policy manipulation tool to filter, compare to logs, merge, translate, and output firewall commands for new policies, in Checkpoint dbedit, Cisco ASA, or ScreenOS commands. It is all contained in one file. It can read policy and logs for: Checkpoint FW1 (in odumper.csv / logexport format), Netscreen ScreenOS (in get config / syslog format), and Cisco ASA (show run / syslog format). It uses both inclusive and exclusive CIDR and text filters, permitting you to split large policies into smaller ones for virutalization at the same time as removing unused connectivity. It supports policy to log association, object translation, rulebase reordering and simplification, rule moves, and duplicate matching automatically. It allows you to seamlessly move rules to where you need them. 'print' mode creates a spreadsheet for your audit needs with one command.
IPFire is a Linux firewall distribution that is built from source and comes with lots of additional features. It is easy to set up and administer. It features a firewall with stateful inspection, a content filtering engine, traffic control (QoS), VPN technology, and a lot of logging.
DenyThem is a program designed to protect your Linux system from malicious attacks. It is an active response system to disrupt and block dictionary attacks and DOS attacks. DenyThem by default uses /var/log/syslog and /var/log/auth.log and searches for hack attempts. When DenyThem finds enough hack attempts from a single host, it will add a DROP statement to your system's firewall, thus preventing future attacks. DenyThem uses iptables, so it will only work on Linux or any other system that uses iptables. It can also block traffic from specific countries.