fwlogwatch is a packet filter and firewall log analyzer with support for Linux ipchains, Linux netfilter/iptables, Solaris/BSD/HP-UX/IRIX ipfilter, Cisco IOS, Cisco PIX/ASA, Netscreen, Elsa Lancom router, and Snort IDS log files. It can output its summaries in text and HTML and has a lot of options. fwlogwatch also features a realtime anomaly response capability with a Web interface.
FrazierWall Linux is a single floppy distribution Linux firewall that is based on the Linux Router Project. It is designed for use with ethernet base internet connections (such as cable modems or xDSL lines). It allows you to share such a connection with several other computers on a LAN. It is easy to setup and maintain, and is available in a Linux configurable software version.
XOTcl provides a highly flexible, reflective, component-based object oriented environment that integrates language support for high level object oriented concepts (which are not found in other languages) with reasonable performance. XOTcl is an extension of TCL and was derived from the impressive OTcl language developed by D. Wetherall and C. Lindblad at MIT in 1995 and extended in various ways. XOTcl's language constructs explicitly aim at the complexity in a component gluing layer that is not solved by traditional object orientation in the style of C++ or Java.
Astaro Portscan Detection is a netfilter target which will attempt to detect TCP and UDP port scans and log them to syslog. This target is based upon Solar Designer's scanlogd. It suppports mutliple levels of logging, custom prefixes for entries, weighted total port scan detection, and port scan temporal spread detection.
Harm acts as a four-way socket redirector that allows you to effectively make a TCP connection from the Internet to a host behind a Linux masquerade-style firewall. The server (behind the firewall) makes connections to the client (on the Internet). After a successful connection, it will bounce packets from a telnet client (Windows and Linux) to the Harm client, to the Harm server (Linux only), or to the telnet daemon behind the firewall.
Joseph is a Python class and program that parses config files into iptables commands. It supports ACL definitions to reduce the repetition of rules. The config file format is a custom, native English-like format that supports internal, external, and DMZ interfaces with allowed, masqueraded, and redirected services (ports).
rc.firewall is configurable for dialup and static IP addresses. It is based on Linux-kernel 2.4.x, and it generates it's own configuration file. It supports specific port filtering for the internet- , intranet-, and a dmz-zone. For the DMZ-Zone, there is also a machine-specific port filtering, and redirection of specific ports of the internet-interface available. Note: Do not install this in productive environments, until you have checked the rules/tables with your own eyes.