Libconnect is a simple library wrapper written in assembly language that intercepts the calls applications make to establish TCP connections and transparently proxies them as necessary. Existing applications can use this library without any recompilation or modification. If you provide multiple proxies they will be cycled connection after connection.
The Userfriendly Iptables Frontend is used to generate optimized iptables packet filter rules, using a simple description file specified by the user. Generated rules are provided in iptables- save style. UIF can be used to read or write rulesets to or from LDAP servers in your network, which provides a global storing mechanism. Its aim is to be an easy to configure, human readable packet filter.
NACS provides you a comfortable and secure way to provide untrusted computers access to your TCP/IP-based (v4) LAN/WAN. The system guarantees that only registered users are able to use network resources. In contrast to other solutions, like PPTP or IPsec, it is not necessary to install program-specific client software. The client machines only need a DHCP client (automated networkconfiguration) and an SSL capable Web browser. The server needs a 2.4 kernel, Jakarta-Tomcat Servlet Engine, JDK 1.3/JDK 1.4, Apache, MySQL, and firewall which secures your network in general. NACS gets its login and password data from a normal Linux-style passwd file. This implementation supports the integration of other authentication mechanisms (such as LDAP).
Firewall is a set of scripts (firewall, fwup, and fwdown) that implement an ipchains firewall and various forms of network address and port translation. All you have to do is read the policy file and edit it to reflect your topology and filtering policy. It supports many different types of network topology (single host, traditional forwarding, masquerading, port forwarding, alias port forwarding and NAT), up to 10 untrusted interfaces each with their own policy, and over 50 network applications. It also supports centralised administration of multiple remote firewalls (meta-firewall).
myNetWatchman Perl Agent is a client for myNetWatchman.com. This program is designed to capture rejected packet information from various firewall logs and forward this attack information to central analysis servers at myNetWatchman.com, which then analyze events and escalate to the provider of the source.
QDPF was written to solve the problem of exposing internal services to the Internet. It runs on machines which bridge two networks and forwards TCP/IP packets from one to the other. Its main use is to expose corporate or Intranet services to the Internet, by running it on an intervening machine. TCP sessions can also be followed in detail using the 'trace' option. QDPF is a Java console application.
Yafig is a LAMP-based firewall rule generator that creates shell scripts for use with Linux netfilter/iptables. The user interface is similar to the FireWall-1 policy editor. Its main features are Web-based host, network, and service management. support for multiple policies with individual password protection, shared objects for multiple policies, support for chains (default and custom), and architecture independence.