Mail2sh makes it possible to carry out shell commands by email. Email is sent to a particular user on your host and the commands will be carried out if the user and password given matches ones in /etc/passwd. Commands are executed with the user's privileges, and combined with a PGP module ensures a certain level of security for use. Note that the system is not natively encrypted, so use of an encryption mechanism is highly recommended for security reasons.
Nuface is a Web-based administration tool that generates Edenwall, NuFW, or simple Netfilter firewall rules. It features a high level abstraction on the security policy set by the administrator, and works internally on an XML data scheme. Its philosophy is to let you agglomerate subjects, resources, or protocols into meta-objects, and use those meta objects to generate ACLs, which are then interpreted as netfilter rules by Nupyf, the internal XML parser. This tool may easily be extended to support firewall implementations other than Netfilter.
The Sentry Firewall CD is a Linux-based bootable CD-ROM, suitable for use as an inexpensive and easy to maintain firewall, router, server, or IDS (Intrusion Detection System) node. The system is designed to be immediately configurable for a variety of different operating environments via a configuration file located on a floppy disk or on a remote server.
fBuilder Plus is a Web-based utility for building and configuring your ipchains/iptables-based Linux firewall. It performs all actions in real-time and includes a Firewall Creation Wizard, edit, insert, and delete capabilities for firewall rules, rule shifting, support for DHCP clients, DMZ creation through firewall wizard, NAT capabilities, support for IP aliases, custom protocols, user defined chains, limit matches, automatic log rule creation, state checking, log reporting, email alerts, export capabilities, and an enhanced firewall log parsing utility.
vpnd is a daemon which connects two networks on network level either via TCP/IP or a (virtual) leased line attached to a serial interface. All data transfered between the two networks are encrypted using the unpatented free Blowfish encryption algorithm with a key length of up to 576 bits (may be downgraded to a minimum of 0 bits to suit any legal restrictions).
BBStatus is an IP accounting package and an SNMP and IP monitoring tool for Linux. It collects, summarizes, and displays the values from its database. It can be used for IP accounting (allows you to design various kinds of accounting filters), SNMP monitoring (collects data making SNMP requests), ICMP monitoring (stores and summarizes values like min, avg, max reply time, and packet loss), and client traffic filtering (using various types of filters). It also provides user based access so that every user can log in and visualize various data (depending on access rights). It requires PostgreSQL, Apache with mod_auth_pgsql, Perl(Net::SNMP), and RRDTool.
IP-Array is a Linux iptables firewall script written in bash. It allows the creation of precise, stateful rules, while remaining easy to configure. IP-Array supports VPN, traffic shaping (creation of custom HTB and SFQ qdiscs, classes, and filters), multiple external interfaces, multiple LANs, multiple DMZs, NAT, logging, MAC address matching, packet marking, syslog logging, and various sysctl settings. It also includes some presets and autoconfig options for common needs like DNS, FTP, SMTP.
'NTLM Authorization Proxy Server' (APS) is a proxy software that allows you to authenticate via an MS Proxy Server using the proprietary NTLM protocol. APS has the ability to behave as a standalone proxy server and authenticate HTTP clients at Web servers using the NTLM protocol. It can change arbitrary values in your client's request headers so that those requests will look like they were created by MS IE. It is written in Python 1.5.2.
Traffpro is a Linux-based traffic control, traffic accounting, bandwidth shaping, bandwidth management, and network security system with many features for reporting and billing. Internet access can be distributed to a LAN and users can be assigned a traffic quota. Networks are protected from external intrusions with a firewall. You can control ports, blacklist URLs, add iptables rules, configure multiple ISPs and multiple subnets, detect viruses, view URL histories (without Squid), see the traffic consumed by individual users, and more. It also has a ticket support system and a captive portal module.