ips-qos is a flexible firewall and traffic shaping tool. It was formerly offered as installers for the popular Linux distributions. The current version is available under Debian GNU/Linux. It was intended to give administrators more control over a shared Internet connection. It includes ips, a flexible and easy-to-use configurable firewall with the ability to control access to the Internet (or selected services) from a LAN. It also includes qos, a traffic shaping tool that measures and controls the traffic load for every computer in a LAN.
fwanalog is a shell script that parses and summarizes firewall logfiles. It understands logs from ipf (xBSD, Solaris), OpenBSD 3.x pf, Linux 2.2 ipchains, Linux 2.4 iptables, and a few types of routers and firewalls (Cisco, Checkpoint FW-1, and Watchguard). The excellent log analysis program Analog is used to create the reports.
Alt+Connect manages dialup connections, allowing a group of networked machines to share a single Internet connection through their server. Custom client software lets users to start or stop their internet connection, and the server (connectd) ensures that the connection remains up only while someone's using it. Features include support for multiple ISPs and links (modems or ISDN channels), connection control lists, ability to record the time a user spends online and charge him for it, and the ability to enable and disable IP forwarding as a machine starts or stops using the Internet.
IP-Array is a Linux iptables firewall script written in bash. It allows the creation of precise, stateful rules, while remaining easy to configure. IP-Array supports VPN, traffic shaping (creation of custom HTB and SFQ qdiscs, classes, and filters), multiple external interfaces, multiple LANs, multiple DMZs, NAT, logging, MAC address matching, packet marking, syslog logging, and various sysctl settings. It also includes some presets and autoconfig options for common needs like DNS, FTP, SMTP.
Aps is a small tool for analyzing network traffic. It prints out a great deal of information about the relevant protocols including TCP, UDP, ARP, and ICMP. It allows you to filter IP addresses, hardware addresses, ports, and specific protocols. It comes with a little GTK-GUI displaying packet counters for each protocol.
The Firewall Tester is a tool designed for testing firewalls' filtering policies. It includes an Intrusion Detection System testing feature, along with a packet generator tool and a sniffer. Unlike common firewall testing tools or packet generators, ftester is capable of generating network traffic that will look like real connections to the firewall or IDS system tested, which allows users to test stateful inspection firewalls (like netfilter or ipfilter) and IDS (like snort).
UCARP allows a pair of hosts to share common virtual IP addresses in order to provide automatic failover. It is a portable userland implementation of the secure and patent- free Common Address Redundancy Protocol (CARP, OpenBSD's alternative to VRRP). Strong points of the CARP protocol include its very low overhead, cryptographically signed messages, interoperability between different operating systems and no need for any dedicated extra network link between redundant hosts.
Jay's Iptables Firewall is a bash script that allows one to easily install and configure a firewall on a Linux system. It was initially written for use on a home LAN, but can be extend to any type of network. It features support for multiple (external/internal) interfaces, TCP/UDP/ICMP control, masquerading, synflood control, spoofing control, port forwarding from specific interfaces, VPNs, ToS (bandwith managment), denying hosts (IP or MAC address), ZorbIPTraffic, Spyware list IP, Pre/Post scripts, log options, and more. The firewall is able to launch custom iptables rules, and the configuration of the firewall is assisted by an optional, interactive, curses-based Perl script.
Nulog is a PHP interface for the MySQL plugin for the ulogd netfilter log daemon and for NuFW SQL logging (optional). It displays hosts (or users) that recently broke packets on your firewall and the last ports that were probed. A simple search function allows packets to be searched by host or by a given port. Nulog was formerly known as ulogd-php.