Firewall Log Daemon is a program written in C which will watch for ipchains or iptables log alerts in realtime. The program will start a small daemon process that parses and resolves firewall logs by reading a FIFO that syslog writes to. It can queue a batch of alerts and mail them to you, or can be used in a script to crunch an existing log file or data stream. It features hostname, port, protocol, and ICMP type/code lookup, with output formatted by a user-defined template.
fwmon is a firewall monitor for Linux. It integrates with ipchains/iptables to give you realtime notification of firewall events. It has fairly customizable output, allowing you to display a packet summary with hex and ASCII data dumps to stdout, a logfile, tcpdump-style capture files, and even syslog. It also boasts some simple security features such as the ability to chroot itself, and operate in a non-root environment.
The Firewall Tester is a tool designed for testing firewalls' filtering policies. It includes an Intrusion Detection System testing feature, along with a packet generator tool and a sniffer. Unlike common firewall testing tools or packet generators, ftester is capable of generating network traffic that will look like real connections to the firewall or IDS system tested, which allows users to test stateful inspection firewalls (like netfilter or ipfilter) and IDS (like snort).
Frankenwall is a bash shell script intended to create a highly secure IPTables based Linux firewall/router with QOS/traffic shaping/bandwidth management. Be certain you know exactly what your network needs before using it. The primary focus of this project is security through an intimate understanding of your networking requirements. All configuration is done by editing text files.
FrazierWall Linux is a single floppy distribution Linux firewall that is based on the Linux Router Project. It is designed for use with ethernet base internet connections (such as cable modems or xDSL lines). It allows you to share such a connection with several other computers on a LAN. It is easy to setup and maintain, and is available in a Linux configurable software version.
FreeBSDShield is a DShield.org reporting client for FreeBSD and the ipfw firewall. It allows you to report attempted security breaches to the DShield cooperative firewall logging effort, which in turn helps the Internet Storm Center (and netizens at large) track trends in network security and catch emerging vulnerabilities.
GajShield SecureGate is an ICSA certified firewall that provides virus protection, bandwidth management, policy based routing, URL filtering, IPS, and VPN gateway. Its features include stateful packet inspection, deep packet filtering, content filtering, virus detection for HTTP traffic, transparent SMTP and POP3 virus scanning, and IPSec and PPTP/L2TP VPN tunneling. It blocks spyware, adware, and other malicious applications from entering an organization. It has comprehensive reporting, multi-role administration, SNMP, remote logging, and local, LDAP, RADIUS, and TACACS+ authentication. It supports ISP load balancing and auto fail-over.
Gargoyle is an interface for small, widely available routers such as the Linksys WRT54G series and the La Fonera. It provides functionality above and beyond what the default software provides including sophisticated dynamic DNS, quality of service, and bandwidth monitoring tools. The primary goal is to provide a polished interface for these advanced tools that is at least as easy to configure as any existing firmware. This project is based on top of OpenWrt, but unlike other Web interfaces for OpenWrt it places a strong focus an usability and is meant for average users, not just power users.