Zorp is a proxy firewall suite with its core architecture is built around today's security demands: it uses application level proxies, is modular and component based, uses a script language to describe policy decisions, makes it possible to monitor encrypted traffic, lets you override client actions, and lets you protect your servers with its built in IDS capabilities.
'NTLM Authorization Proxy Server' (APS) is a proxy software that allows you to authenticate via an MS Proxy Server using the proprietary NTLM protocol. APS has the ability to behave as a standalone proxy server and authenticate HTTP clients at Web servers using the NTLM protocol. It can change arbitrary values in your client's request headers so that those requests will look like they were created by MS IE. It is written in Python 1.5.2.
DAXFi is a Python script that helps configure several different kinds of firewalls in a consistent way. It can run as daemon to adapt its behavior to external conditions; rules can be described with XML files, XML strings, or generated directly by the code; the program can be configured and extended with a sort of plug-ins written in Python. It comes with a Python package, useful to build other applications aimed to manipulate different firewalls in a uniform way (some example programs are included).
Actim allows you to send and retrieve files, and to call command line programs on a target machine via emails. The application can handle both synchronous and asynchronous requests with basic security features. It has both command line and graphical user interfaces. This can be useful if, for example, your home PC does not have any access to your office workstation which is behind the company firewall.
Joseph is a Python class and program that parses config files into iptables commands. It supports ACL definitions to reduce the repetition of rules. The config file format is a custom, native English-like format that supports internal, external, and DMZ interfaces with allowed, masqueraded, and redirected services (ports).
fauxident is a small Python script that will act as an extremely naive ident server, answering all ident requests with a consistent response (either ERROR or USERID). This can be advantageous on systems where running a true identd is unavailable, where it would be would be a security risk, or when masquerading firewalls are in use, where multiple machines are involved behind the firewall and running a proper ident system is not an option.
PacketFlow Firewall Generator is an XML-based firewall generator. It takes an XML configuration file that defines the firewall policy and generates a list of iptables commands to implement this policy. It is primarily intended for use on dedicated firewalls, but it can be used in other scenarios. It makes dealing with many interfaces easy. PacketFlow works on the concept of interface "security levels." New connections are allowed to flow down hill from interfaces with a high security level to interfaces with a low security level. This approach tends to make rule sets much shorter, even with many interfaces. Access lists allow you to override the default behavior of the security levels. Access lists are defined between interfaces. There is also support for incoming, outgoing, and wildcard access lists. Wildcard access lists allow you to easily allow new connections to a particular service from any interface.
TrafficWatch is a system for accounting Internet traffic in a residential college or school type of environment. It consists of a set of scripts and Web pages for accounting for each user's Internet usage by volume, and is currently capable of accounting for both Squid proxy traffic and direct IPv4 traffic.