Dante is a free implementation of the proxy protocols SOCKS version 4 and SOCKS version 5 (RFC 1928). It can be used as a firewall between networks, controlling outgoing traffic. The package consists of two parts: a socks server and a proxy client that supports socks, HTTP proxies, and UPnP. RFC 1961 (GSSAPI) is supported in both the client and the server. Commercial support is available.
Hardened Debian improves Debian GNU/Linux with high security and hardening features, hardened kernels and packages, DHKP, and other security related enhancements. It makes systems more difficult to compromise using common attacks such as race conditions, chroot jail escapes, and buffer overflows.
JSTUN is a STUN (Simple Traversal of UDP (User Datagram Protocol) through NAT (Network Address Translation)) implementation. STUN provides a means for applications to discover the presence and type of firewalls or NATs between them and the public Internet. In the presence of a NAT, STUN can also be used by applications to learn the public Internet Protocol (IP) address assigned to the NAT.
LAN Management System (LMS) is a set of database-driven applications capable of managing multiple networks of computers and customers. It uses a Web UI and either a multipurpose daemon written in C or a set of Perl scripts that perform scheduled tasks and configure your system services. It was designed to organize small self-financed networks, but is mature enough to suit the needs of medium sized ISPs. Support for multiple databases and languages are included, and a template system allows it to blend in with your existing infrastructure.
The MiniUPnP project is a library and a daemon. The library is aimed to enable applications to use the capabilities of a UPnP Internet Gateway Device present on the network to forward ports. The daemon adds the UPnP Internet Gateway Device functionality to a NAT gateway running OpenBSD/NetBSD/FreeBSD/Solaris with PF/IPF or Linux 2.4.x/2.6.x with netfilter. One of its most interesting features is to enforce some permissions to allow or deny redirections, bringing some security to UPnP. Newer versions also support the NAT-PMP protocol from Apple.
OpenFWTK is an application proxy toolkit which inherits the ideology of TIS fwtk and maintains API backwards compatibility. The design goal is to make it simple yet powerful; no performance hacks are allowed in the code and library dependencies are reduced to a minimum. It is a true application layer filter. It features unified pluggable content inspection for the most frequently used protocols, NAC (Network Admission Control), and the ability to define fine-grained Internet access policy based on browser identification.