HTTPTunnel is a simple client/server application for creating an HTTP tunnel between two machines, optionally via a Web proxy. This tunnel can then be used to wrap arbitrary TCP socket traffic in HTTP, thus allowing communications even through a restrictive firewall that only allows outgoing HTTP connections.
PHREL is a per host rate limiter. It will track the rate of incoming traffic on a server and insert a chain into iptables when a configured threshold is crossed. The inserted chain may either rate limit or block the offending host for a period of time. The inserted chain is automatically removed when the offending host's traffic levels return to normal. PHREL is particularly well suited to protecting nameservers (DNS) from random hosts that flood requests, and to preventing SSH brute force login attempts.
360-FAAR (Firewall Analysis Audit and Repair) is an offline, command line, Perl firewall policy manipulation tool to filter, compare to logs, merge, translate, and output firewall commands for new policies, in Checkpoint dbedit, Cisco ASA, or ScreenOS commands. It is all contained in one file. It can read policy and logs for: Checkpoint FW1 (in odumper.csv / logexport format), Netscreen ScreenOS (in get config / syslog format), and Cisco ASA (show run / syslog format). It uses both inclusive and exclusive CIDR and text filters, permitting you to split large policies into smaller ones for virutalization at the same time as removing unused connectivity. It supports policy to log association, object translation, rulebase reordering and simplification, rule moves, and duplicate matching automatically. It allows you to seamlessly move rules to where you need them. 'print' mode creates a spreadsheet for your audit needs with one command.
conntrack-tools is a set of userspace tools for Linux that allow system administrators to interact with the Connection Tracking System, the module which provides stateful packet inspection for iptables. It includes the userspace daemon conntrackd and the commandline interface conntrack.
The Userspace Logging Daemon (ulogd) is a flexible framework for extensive logging of packets on a firewall machine. ulogd uses the ULOG target of iptables/netfilter, the packet filtering framework of Linux 2.4 and 2.6. It supports binary plugins for adding packet interpreters and output-targets (e.g., for logging into databases, user-defined filetypes, etc.).