fBuilder Plus is a Web-based utility for building and configuring your ipchains/iptables-based Linux firewall. It performs all actions in real-time and includes a Firewall Creation Wizard, edit, insert, and delete capabilities for firewall rules, rule shifting, support for DHCP clients, DMZ creation through firewall wizard, NAT capabilities, support for IP aliases, custom protocols, user defined chains, limit matches, automatic log rule creation, state checking, log reporting, email alerts, export capabilities, and an enhanced firewall log parsing utility.
fCluster is a multi-threaded client/server redundancy application for your Linux firewall solution. fCluster is designed for the production environment with features that include: dynamic firewall synchronization, support for both ipchains and netfilter, user definable polling intervals and fail-over sequence, and email notification of a system failure. It also includes a Perl administration utility that allows you to configure both the server and the client from one machine, and view the status of the local and remote machines.
ferm is a tool to maintain and setup complicated firewall rules. It allows one to reduce the tedious task of carefully inserting rules and chains, thus enabling the firewall administrator to spend more time on developing good rules, and less time on the proper implementation of those rules. These rules will be executed by the preferred kernel interface, such as ipchains and iptables, and in one pass. Firewall rules can also be split into different files and loaded at will.
The IPchains Firewalling Module, part of the RockSolid Linux Distribution, allows you to easily maintain a firewall based on ipchains with the Webmin look and feel. It has three modes: Newbie (select one of five security levels), Template (define from a table with protocols and directions what should be allowed to pass your firewall), and Expert (have the real ipchains experience by having every parameter under control by editing a script file which has all ipchains rules). Nearly all of the ipchains options are supported.
The Port Scan Attack Detector (psad) is a collection of three system daemons that are designed to work with the Linux iptables firewalling code to detect port scans and other suspect traffic. It features a set of highly configurable danger thresholds (with sensible defaults), verbose alert messages, email alerting, DShield reporting, and automatic blocking of offending IP addresses. Psad incorporates many of the packet signatures included in Snort to detect various kinds of suspicious scans, and implements the same passive OS fingerprinting algorithm used by p0f.
The Sentry Firewall CD is a Linux-based bootable CD-ROM, suitable for use as an inexpensive and easy to maintain firewall, router, server, or IDS (Intrusion Detection System) node. The system is designed to be immediately configurable for a variety of different operating environments via a configuration file located on a floppy disk or on a remote server.