IP Filter is a TCP/IP packet filter suitable for use in a firewall environment. To use, it can either be run as a loadable kernel module (recommended) or incorporated into your kernel. Scripts are provided to install and patch system files as required. IP Filter also supports transparent proxying via packet forwarding, including round-robin forwarding to achieve load-balanced proxy.
LAN Management System (LMS) is a set of database-driven applications capable of managing multiple networks of computers and customers. It uses a Web UI and either a multipurpose daemon written in C or a set of Perl scripts that perform scheduled tasks and configure your system services. It was designed to organize small self-financed networks, but is mature enough to suit the needs of medium sized ISPs. Support for multiple databases and languages are included, and a template system allows it to blend in with your existing infrastructure.
DD-WRT is an alternative firmware for the Linksys WRT54G/GS/GL and the Asus WL-500 deluxe 802.11g wireless routers. It was originally based on the Alchemy Firmware from Sveasoft Inc., which is in turn based on the original GPL'd Linksys Firmware and a number of other open source projects. It offers many advanced features not found in the original Linksys firmware, or even the firmware available for purchase from Sveasoft. It is also free of the product activation or tracking found in the Sveasoft firmware.
knock is a server/client set that implements the idea known as port-knocking. Port-knocking is a method of accessing a backdoor to your firewall through a special sequence of port hits. This can be useful for opening up temporary holes in a restrictive firewall for SSH access or similar.
IPsec-Tools is a Linux port of the user-space tools from KAME. It includes libipsec (a library with a PF_KEY implementation), setkey (a tool for manipulating and dumping the kernel Security Policy Database and Security Association Database), and racoon (Internet Key Exchange daemon for automatically keying IPsec connections).
libnfnetlink is a low-level userspace library for nfnetlink-based communication between the kernel-side netfilter and the user-space world. It is therefore the fundamental layer for all other nfnetlink-enabled user-space programs interfacing with the netfilter subsystem of the Linux kernel.
IPTables log analyzer displays Linux 2.4 iptables logs (rejected, accepted, and masqueraded packets) in a nice HTML page. The reports it produces are easy to read and understand, reducing the manual analysis time. They contain statistics on packets and links to more detailed information on a given host, port, or domain.
Anti-censorship tools (proxyTools) consists of a huge Perl application (localProxy) and a set of tools to analyze the user's network (proxies, firewall rules, name servers, etc.). LocalProxy abstracts external services in an uncensored, reliable, fast manner to the localhost, where they may be used by standard clients (Web browsers, Usenet news clients, SOCKS-capable clients, etc.). Various combinations of strategies are tried to ensure the non-censored nature of the information, and multiple, parallel services (e.g. HTTP proxies) are used to ensure reliability and speed. The tools are capable of automating collection of the data required for localProxy. LocalProxy builds a configuration for the user and dynamically adjusts to using the fastest strategies and proxies available to it. The tools are useful for network analysis (firewall rules, proxy capabilities, etc.) independently of localProxy.
quicktables is an iptables firewall/NAT (gateway) script generator. It was created to quickly provide a secure set of iptables rules. It will ask you to answer a small handful of questions, and generates your very own personalized firewall script. It supports NAT and no NAT (firewall only) options, default policy of DROP on INPUT and FORWARD chains (all packets dropped), TCP and UDP ACCEPTs on INPUT chain (open ports to the firewall machine), TCP and UPD port forwarding with NAT (forward ports to multiple internal hosts--NAT only), multiple ICMP (ping) options, multiple logging options (syslog - kern.info), explicit host drops, and multiple port forwards for multiple external IP addresses.