Brcontrol is a set of patches to allow some interaction between an IDS and a firewall. Currently, snort is supported as an IDS, and the netfilter facility of Linux is supported as a firewall. Brcontrol can help in the creation of aggresive honeypots or other advanced firewall and IDS configurations. It can also work as a bridge.
Vanguard provides enterprise class anti-virus and anti-spam protection to multiple internal mail servers, including the Gordano Messaging Suite, Microsoft Exchange, and IBM Lotus Notes/Domino. Dual anti virus scanning engines provide both traditional signature based virus protection and advanced Zero Hour protection. Any number of internal servers can be protected from a single Vanguard server. Each of those servers may be servicing the same Internet domain, separate Internet domains, or even multiple Internet domains on a single server. There is no limit to the number of protected domains or message throughput.
trollhunter offers various tools to either analyze existing logfiles or monitor firewall activity in real time. Currently standard log messages generated by a Linux 2.4 kernel netfilter/iptables firewall are supported. You can choose from a Perl/Tk interface or run in commandline standard ASCII color TTY terminal.
Tableutil is a utility for converting, aggregating, and performing operations (currently unions, differences, complements, and intersections) on lists of IP addresses. Its primary use is to convert files into a format pfctl(8) can read. It can read plain-text files with ranges (220.127.116.11-18.104.22.168), CIDR-style networks (192.168.0.0/24), single addresses (242.242.242.242), or host names (one.two.com). It can also read p2b files, the preferred file-format of PeerGuardian.