quicktables is an iptables firewall/NAT (gateway) script generator. It was created to quickly provide a secure set of iptables rules. It will ask you to answer a small handful of questions, and generates your very own personalized firewall script. It supports NAT and no NAT (firewall only) options, default policy of DROP on INPUT and FORWARD chains (all packets dropped), TCP and UDP ACCEPTs on INPUT chain (open ports to the firewall machine), TCP and UPD port forwarding with NAT (forward ports to multiple internal hosts--NAT only), multiple ICMP (ping) options, multiple logging options (syslog - kern.info), explicit host drops, and multiple port forwards for multiple external IP addresses.
Jay's Iptables Firewall is a bash script that allows one to easily install and configure a firewall on a Linux system. It was initially written for use on a home LAN, but can be extend to any type of network. It features support for multiple (external/internal) interfaces, TCP/UDP/ICMP control, masquerading, synflood control, spoofing control, port forwarding from specific interfaces, VPNs, ToS (bandwith managment), denying hosts (IP or MAC address), ZorbIPTraffic, Spyware list IP, Pre/Post scripts, log options, and more. The firewall is able to launch custom iptables rules, and the configuration of the firewall is assisted by an optional, interactive, curses-based Perl script.
Perl Advanced TCP Hijacking is a collection of tools for inspecting and hijacking network connections written in Perl. It consists of a packet generator, an RST daemon, a sniffer, an ICMP redirection tool, an ARP redirection tool, an IDS testing tool, and an automatic hijacking daemon for plain protocols, and features both GUI and terminal interfaces.
LutelWall (formerly known as Lutel Firewall) is high-level firewall configuration tool. It uses a human-readable and easy-to-understand configuration to set up Netfilter in a secure way. It can be used to build a range of firewalls, from very simple, single-homed ones, to complex ones with multiple subnets, DMZs, and traffic redirections. It can be used on a dedicated firewall system, a multi-function gateway/router/server, or a standalone system.
Nulog is a PHP interface for the MySQL plugin for the ulogd netfilter log daemon and for NuFW SQL logging (optional). It displays hosts (or users) that recently broke packets on your firewall and the last ports that were probed. A simple search function allows packets to be searched by host or by a given port. Nulog was formerly known as ulogd-php.
SEPPL is both a protocol definition and a software implementation of a new encryption layer for IPv4. It is extremely leightweight and easy to use. It is implemented for the Linux kernel and makes use of netfiler and the Linux CryptoAPI. It is intended as a software replacement for WEP but may be used on non-wireless lans as well. It even fits for VPN solutions.