Jay's Iptables Firewall is a bash script that allows one to easily install and configure a firewall on a Linux system. It was initially written for use on a home LAN, but can be extend to any type of network. It features support for multiple (external/internal) interfaces, TCP/UDP/ICMP control, masquerading, synflood control, spoofing control, port forwarding from specific interfaces, VPNs, ToS (bandwith managment), denying hosts (IP or MAC address), ZorbIPTraffic, Spyware list IP, Pre/Post scripts, log options, and more. The firewall is able to launch custom iptables rules, and the configuration of the firewall is assisted by an optional, interactive, curses-based Perl script.
Bandwidth Management Tools is a total bandwidth management solution for Linux and can be used for firewalling, traffic graphing, and shaping. It is not based on any currently-available bandwidth management software and supports packet queues, bursting, complex traffic flow hierarchies, flow groups, traffic logging, and a simple real-time monitoring front-end.
plugdaemon is a load-balancing "plug" proxy. It allows you to forward TCP connections to one or multiple hosts, using load balancing or failover, and to route the connections through an HTTPS proxy. Access control is done by source interface or by originating IP. Outgoing connections can be bound to a specific IP address.
IPsec-Tools is a Linux port of the user-space tools from KAME. It includes libipsec (a library with a PF_KEY implementation), setkey (a tool for manipulating and dumping the kernel Security Policy Database and Security Association Database), and racoon (Internet Key Exchange daemon for automatically keying IPsec connections).
libnfnetlink is a low-level userspace library for nfnetlink-based communication between the kernel-side netfilter and the user-space world. It is therefore the fundamental layer for all other nfnetlink-enabled user-space programs interfacing with the netfilter subsystem of the Linux kernel.
eurephia is an authentication plug-in for OpenVPN. It enhances the OpenVPN authentication process by using user name and password authentication in addition to SSL certificates. If too many failed attempts are registered, the user account and/or IP address will be blocked. For Linux servers, iptables support is also included, which can be used to restrict each user's network access through the VPN channel. OpenVPN 2.2 or later is required.
The Sentry Firewall CD is a Linux-based bootable CD-ROM, suitable for use as an inexpensive and easy to maintain firewall, router, server, or IDS (Intrusion Detection System) node. The system is designed to be immediately configurable for a variety of different operating environments via a configuration file located on a floppy disk or on a remote server.