Mason is a tool that interactively builds a firewall using Linux' ipfwadm or ipchains firewalling. You leave mason running on the firewall machine while you are making all the kinds of connections that you want the firewall to support (and want it to block). Mason gives you a list of firewall rules that exactly allow and block those connections. It can either build a firewall from scratch for you or supplement an existing firewall.
Nmap ("Network Mapper") is a utility for network exploration, administration, and security auditing. It uses IP packets in novel ways to determine which hosts are available online (host discovery), which TCP/UDP ports are open (port scanning), and what applications and services are listening on each port (version detection). It can also identify remote host OS and device types via TCP/IP fingerprinting. Nmap offers flexible target and port specifications, decoy/stealth scanning for firewall and IDS evasion, and highly optimized timing algorithms for fast scanning.
nstreams is a program that analyzes the networks streams occuring on a network and prints them in a human readable form. This is useful when you want to set up a firewall but do not know your needs/the needs of your customers. nstreams can read tcpdump output files or directly listen on a given interface, and may even produce ipchains (Linux) or ipfw (BSD) firewall rules instead of printing the streams, letting you build your firewall automagically.
pks-commands.php3 allows your Web server to search and add PGP/GPG keys from the public keys out there. It takes the TCP 11371 port connection and does it all on the web server. It is good in environments where the client machines are unable to get to arbitrary TCP ports (such as behind tightened firewalls).
PMFirewall is an Ipchains Firewall and Masquerading Configuration Utility for Linux. It is designed to allow a beginner to build a custom firewall with little or no ipchains experience. This firewall should work for most Workstations, Servers, and Dual NIC routers using either a dialup, DSL, Cable, or LAN setup. It is restrictive to outside attacks while still being as transparent as possible to those inside.
QDPF was written to solve the problem of exposing internal services to the Internet. It runs on machines which bridge two networks and forwards TCP/IP packets from one to the other. Its main use is to expose corporate or Intranet services to the Internet, by running it on an intervening machine. TCP sessions can also be followed in detail using the 'trace' option. QDPF is a Java console application.
The Seattle Firewall is an ipchains firewall that supports IP masquerading and can be used on a standalone system, on a dedicated firewall system, or on a multi-use gateway/server. It supports VPN via IPIP tunnels, IPSec, and PPTP. It is easily configurable by editing configuration files, and can be extended without modifying the base product. It also includes realtime monitoring with an audible alarm that sounds when suspect packets are detected.