The Firewall Tester is a tool designed for testing firewalls' filtering policies. It includes an Intrusion Detection System testing feature, along with a packet generator tool and a sniffer. Unlike common firewall testing tools or packet generators, ftester is capable of generating network traffic that will look like real connections to the firewall or IDS system tested, which allows users to test stateful inspection firewalls (like netfilter or ipfilter) and IDS (like snort).
Easy Firewall Generator is a PHP Web application that generates an iptables firewall script. The generated script is designed for a single system connected to the Internet or a system acting as a gateway/firewall for a small private network. The generator prompts recursively for a variety of options. When the selected options form a complete set, it generates and returns a commented firewall script based on those options. The generator includes documentation on iptables and each option.
Local Area Security Knoppix is a 'Live CD' distribution based on Knoppix but with a strong emphasis on security tools and small footprint. There are two different versions of L.A.S. Linux to fit two specific size requirements. There is a 185 MB version and a 210 MB version to fit on MiniCDs of the same size.
SafeSquid is a content filtering proxy server. It supports 'profiled' Internet access, a browser based interface, very fast throughput, DNS caching, content caching, pre-fetching, bandwidth control, virus scanning, ICP, CARP, and ICAP clients, source, target, and time-based granular firewall style rules to allow or deny content like music, videos, Flash and Java applets, messengers, chats, cookies, ActiveX, scripts, etc., remote authentication, real-time text and image analysis for blocking pornography, and an URL filter.
The Sentry Firewall CD is a Linux-based bootable CD-ROM, suitable for use as an inexpensive and easy to maintain firewall, router, server, or IDS (Intrusion Detection System) node. The system is designed to be immediately configurable for a variety of different operating environments via a configuration file located on a floppy disk or on a remote server.
Traffpro is a Linux-based traffic control, traffic accounting, bandwidth shaping, bandwidth management, and network security system with many features for reporting and billing. Internet access can be distributed to a LAN and users can be assigned a traffic quota. Networks are protected from external intrusions with a firewall. You can control ports, blacklist URLs, add iptables rules, configure multiple ISPs and multiple subnets, detect viruses, view URL histories (without Squid), see the traffic consumed by individual users, and more. It also has a ticket support system and a captive portal module.
fwmon is a firewall monitor for Linux. It integrates with ipchains/iptables to give you realtime notification of firewall events. It has fairly customizable output, allowing you to display a packet summary with hex and ASCII data dumps to stdout, a logfile, tcpdump-style capture files, and even syslog. It also boasts some simple security features such as the ability to chroot itself, and operate in a non-root environment.
Aps is a small tool for analyzing network traffic. It prints out a great deal of information about the relevant protocols including TCP, UDP, ARP, and ICMP. It allows you to filter IP addresses, hardware addresses, ports, and specific protocols. It comes with a little GTK-GUI displaying packet counters for each protocol.