The IPchains Firewalling Module, part of the RockSolid Linux Distribution, allows you to easily maintain a firewall based on ipchains with the Webmin look and feel. It has three modes: Newbie (select one of five security levels), Template (define from a table with protocols and directions what should be allowed to pass your firewall), and Expert (have the real ipchains experience by having every parameter under control by editing a script file which has all ipchains rules). Nearly all of the ipchains options are supported.
The Seattle Firewall is an ipchains firewall that supports IP masquerading and can be used on a standalone system, on a dedicated firewall system, or on a multi-use gateway/server. It supports VPN via IPIP tunnels, IPSec, and PPTP. It is easily configurable by editing configuration files, and can be extended without modifying the base product. It also includes realtime monitoring with an audible alarm that sounds when suspect packets are detected.
iptables is built on top of netfilter, the packet alteration framework for Linux 2.4.x and 2.6.x. It is a major rewrite of its predecessor ipchains, and is used to control packet filtering, Network Address Translation (masquerading, portforwarding, transparent proxying), and special effects such as packet mangling.
tcpxd is a TCP/IP relay or proxy, allowing a connection to a port on a system to be forwarded to another port on any other system. It is useful for firewalls and service relocations, and is small, simple, and fast. It's also easier to learn than netcat and supports TCP_NODELAY, alternate local ports, partial connection closures, and non-blocking connects.
The Falcon Project (Free Application-Level CONnection kit) is an open firewall project with the intention of developing a free, secure and OS-independent firewall system. Falcon consists of three major modules: Falcons's own proxies (written in Perl); 3rd-party proxies (squid / qmail / BIND8), each modified for chroot environment; and general concepts for OS hardening, chrooting etc.
floppyfw is a router and simple firewall on one single floppy. It uses Linux basic firewall capabilities, and has a very simple packaging system. It is perfect for masquerading and securing networks on ADSL and cable lines, using both static IP, DHCP, and PPPoE, and provides a simple installation, which usually involves editing of only one file on the floppy.
Aps is a small tool for analyzing network traffic. It prints out a great deal of information about the relevant protocols including TCP, UDP, ARP, and ICMP. It allows you to filter IP addresses, hardware addresses, ports, and specific protocols. It comes with a little GTK-GUI displaying packet counters for each protocol.