360-FAAR (Firewall Analysis Audit and Repair) is an offline, command line, Perl firewall policy manipulation tool to filter, compare to logs, merge, translate, and output firewall commands for new policies, in Checkpoint dbedit, Cisco ASA, or ScreenOS commands. It is all contained in one file. It can read policy and logs for: Checkpoint FW1 (in odumper.csv / logexport format), Netscreen ScreenOS (in get config / syslog format), and Cisco ASA (show run / syslog format). It uses both inclusive and exclusive CIDR and text filters, permitting you to split large policies into smaller ones for virutalization at the same time as removing unused connectivity. It supports policy to log association, object translation, rulebase reordering and simplification, rule moves, and duplicate matching automatically. It allows you to seamlessly move rules to where you need them. 'print' mode creates a spreadsheet for your audit needs with one command.
FrazierWall Linux is a single floppy distribution Linux firewall that is based on the Linux Router Project. It is designed for use with ethernet base internet connections (such as cable modems or xDSL lines). It allows you to share such a connection with several other computers on a LAN. It is easy to setup and maintain, and is available in a Linux configurable software version.
HTTPTunnel is a simple client/server application for creating an HTTP tunnel between two machines, optionally via a Web proxy. This tunnel can then be used to wrap arbitrary TCP socket traffic in HTTP, thus allowing communications even through a restrictive firewall that only allows outgoing HTTP connections.
Lokiwall is a firewall script for Linux. In addition to the standard function of easily limiting network traffic, it features dual routing (using two Internet connections simultaniously), connection fail-over, load balancing, traffic control, advanced masquerading, advanced DNAT, and advanced marking (to direct specific traffic to a certain interface). The advanced features require some kernel patches. The standard features will work on a default Linux system with iptables and iproute2.
Trustix™ Enterprise Firewall is a WYSIWYG firewall for iptables. It provides drag and drop security policy deployment and allows you to visualise DMZs, integrate branch offices with 3DES encrypted VPN tunnels, accelerate Internet access times with proxy caching server, and authenticate remote workers with PKI X.509 certificates. The unique GUI also allows you to manage traffic for all your zones (up to 24) as well as port forwarding and network address translation (NAT).
mSuite is a solution for enterprise-wide infrastructure management. This solution uses Monolith Event Manager (Event/Fault), Action Manager (E&N), and Reporter (Historical Reporting). Monolith integrates with a variety of availability and performance tools based upon a client's needs. mSuite can monitor syslogs, SNMP traps, and NT event logs.
vpn-shaper is a dynamic traffic shaper for openvpn, poptop, and similar programs, using iproute2. It allows shaping of traffic between many users conected to one server, and it supports different prioritiy schemes for different users and different types of traffic. Trafic shaping uses the HTB qdisc. Prioritization uses l7-filter and ipp2p and some of the patch-o-matic extensions. Classification of trafic in HTB classes is done by using the IPMARC patch-o-matic extension. vpn-shaper requires the IPMARK patch-o-matic extension, connmark iptables match, and HTB qdisc.