tircproxy is a full featured IRC proxy. It can proxy DCC CHAT, DCC SEND and other DCC requests transparently to the user, block common trojans (such as script.ini), hide the user's identity and more. It can be used with the Linux kernel or IPF transparent proxy features to transparently proxy IRC sessions.
trackpeer is an agent that helps network and server administrators with tracking their users' computers. It makes it possible to determine the MAC addresses of computers over a network, even when the computers are behind NATed gateways. This agent is intended to be used by the administrators who need to identify and locate malicious computers and virus-infected computers in a network such as a middle-sized wireless LAN, public Ethernet jack system, campus, or corporate network.
trollhunter offers various tools to either analyze existing logfiles or monitor firewall activity in real time. Currently standard log messages generated by a Linux 2.4 kernel netfilter/iptables firewall are supported. You can choose from a Perl/Tk interface or run in commandline standard ASCII color TTY terminal.
tsocks provides transparent network access through a SOCKS version 4 or 5 proxy (usually on a firewall). tsocks intercepts the calls applications make to create TCP connections and determines if they can be directly accessed or need the SOCKS server. If they need the SOCKS server they connection is negotiated with the server transparently to the application. This allows existing applications to use SOCKS without recompilation or modification. tsocks is a wrapper library for the libc connect() call.
The Userspace Logging Daemon (ulogd) is a flexible framework for extensive logging of packets on a firewall machine. ulogd uses the ULOG target of iptables/netfilter, the packet filtering framework of Linux 2.4 and 2.6. It supports binary plugins for adding packet interpreters and output-targets (e.g., for logging into databases, user-defined filetypes, etc.).