RSS 463 projects tagged "Firewalls"

Download Website Updated 15 Apr 2014 Arno's IPTABLES Firewall Script

Screenshot
Pop 564.30
Vit 452.80

Arno's IPTABLES Firewall Script is a secure stateful firewall for both single and multi-homed machines. It supports NAT and SNAT, port forwarding, ADSL ethernet modems with both static and dynamically assigned IPs, MAC address filtering, stealth port scan detection, DMZ support, protection against SYN/ICMP flooding, experimental IPv6 support, multi-interface/aliased-IP support, and extensive user definable logging with rate limiting to prevent log flooding. It has plugin support to add extra features (like SSH Brute Force protection and (Racoon) IPSEC support). It is easy to configure and highly customizable. A filter script that makes your firewall log more readable is also included.

No download Website Updated 14 Apr 2014 nftables

Screenshot
Pop 245.56
Vit 10.09

nftables aims to replace the existing {ip,ip6,arp,eb}tables framework. It provides a new packet filtering framework, a new userspace utility, and a compatibility layer for {ip,ip6}tables. nftables is built upon the building blocks of the Netfilter infrastructure such as the existing hooks, the connection tracking system, the userspace queueing component, and the logging subsystem.

Download Website Updated 14 Apr 2014 fwknop

Screenshot
Pop 486.75
Vit 273.69

fwknop implements an authorization scheme called Single Packet Authorization that requires only a single encrypted packet to communicate various pieces of information, including desired access through an iptables, ipfw, or pf firewall policy and/or specific commands to execute on the target system. The main application of this program is to protect services such as SSH with an additional layer of security in order to make the exploitation of vulnerabilities much more difficult. The authorization server works by passively monitoring authorization packets via libpcap. Also supported is a robust port knocking implementation based around iptables log messages.

Download Website Updated 13 Apr 2014 ips-qos

Screenshot
Pop 60.88
Vit 1.82

ips-qos is a flexible firewall and traffic shaping tool. It was formerly offered as installers for the popular Linux distributions. The current version is available under Debian GNU/Linux. It was intended to give administrators more control over a shared Internet connection. It includes ips, a flexible and easy-to-use configurable firewall with the ability to control access to the Internet (or selected services) from a LAN. It also includes qos, a traffic shaping tool that measures and controls the traffic load for every computer in a LAN.

Download Website Updated 05 Apr 2014 CGIProxy

Screenshot
Pop 1,065.21
Vit 151.55

CGIProxy is a Perl CGI script that acts as an Internet proxy. Through it, you can retrieve resources that may be inaccessible from your own machine. The user is kept as anonymous as possible from any servers. HTTP and FTP are supported, and optionally SSL. Common uses include censorship circumvention, VPN-like setups, anonymous proxies, personal proxies, and others. Options include text-only browsing (to save bandwidth), selective cookie and script removal, simple ad filtering, access restriction by server, encoded target URLs and cookies, configuration by end user, and much more (currently over 70 config options). Javascript and Flash are fully supported. Messages are in 12 languages so far. Can be installed as a CGI script, a mod_perl script, a FastCGI script, or with its own embedded secure HTTP server. An online demo is available.

No download Website Updated 23 Mar 2014 sslh

Screenshot
Pop 406.88
Vit 35.89

sslh accepts connections in HTTP, HTTPS, SSH, OpenVPN, tinc, XMPP, or any other protocol that can be tested using a regular expression, on the same port. This makes it possible to connect to any of these servers on port 443 (e.g. from inside corporate firewalls, which almost never block port 443) while still serving HTTPS on that port. sslh supports IPv6, privilege dropping, transparent proxying, and much more.

Download Website Updated 16 Mar 2014 LEAF

Screenshot
Pop 815.73
Vit 116.18

LEAF is a secure, feature-rich, customizable embedded Linux network appliance for use in a variety of network topologies. Although it can be used in other ways, it's primarily used as a Internet gateway, router, firewall, and wireless access point.

Download Website Updated 04 Mar 2014 Untangle

Screenshot
Pop 529.78
Vit 48.39

Untangle is a Linux-based network gateway with pluggable modules for network applications like spam blocking, Web filtering, anti-virus, anti-spyware, intrusion prevention, VPN, SSL VPN, firewall, and more.

Download No website Updated 04 Mar 2014 IPCop Firewall

Screenshot
Pop 474.58
Vit 28.89

IPCop Linux is a complete Linux distribution whose sole purpose is to protect the networks on which it is installed.

Download No website Updated 16 Feb 2014 ipt_pkd

Screenshot
Pop 428.67
Vit 25.47

ipt_pkd is an iptables extension implementing port knock detection with SPA (single packet authorization). This project provides 3 parts: the kernel module ipt_pkd, the iptables user space module libipt_pkd.so, and a user space client knock program. For the knock packet, it uses a UDP packet sent to a random port that contains a SHA-256 of a timestamp, small header, random bytes, and a shared key. ipt_pkd checks the time window of the packet and does the SHA-256 to verify the packet. The shared key is never sent.

Screenshot

Project Spotlight

BAR: backup archiver program

An archiver program with compression and encryption support.

Screenshot

Project Spotlight

ddpt

A dd command variant for disks with large I/O support.