s6-networking is a collection of small Unix tools designed to help networking. It includes clock synchronization, Unix and TCP super-servers, Unix and TCP access control, and other miscellaneous utilities. It is particularly suited for management of clients and servers on embedded devices, but works just as well on larger systems.
The Barefoot server is a scalable user-space port bouncer that can be used to forward, or bounce, TCP connections and UDP packets destined for an address on the host on which the Barefoot server runs to any other host or address. To these other hosts, it will appear as if the connection and packets are coming from the machine on which the Barefoot server runs, rather than from the original host. The Barefoot server has support for using proxy protocols on the outgoing side, and can relay incoming traffic out via a SOCKS server or an HTTP proxy supporting the CONNECT command. At the moment, using a proxy for outgoing traffic is only supported for the TCP protocol. The Barefoot server is targeted towards larger sites that need to bounce traffic from many simultaneous clients, while at the same time offering detailed access control, logging, and other features related to controlling the behavior of the traffic and the Barefoot server.
mod_asn is an Apache module that uses BGP routing data to look up the autonomous system (AS) and the network prefix (subnet) which contains a given (client's) IP address. mod_asn is highly scalable. To do lookups in high-speed, it uses the PostgreSQL ip4r datatype, which is indexable with a Patricia Trie algorithm to store network prefixes. This is the most suitable algorithm, being able to search through around 250,000 existing prefixes quickly. mod_asn is usable as a standalone module, and the lookup result can be used by scripts or other Apache modules. For instance, a download redirector could base its decisions on the lookup result provided by mod_asn.
YAMIdentd aims at being a simple, small, and functional ident daemon that can both process local requests and forward requests triggered by masqueraded hosts (when it is running on a Linux gateway). It currently only runs on Linux (2.4 and 2.6, 2.2 untested). The daemon can forward to any ident daemon that accepts forwarded requests. The code aims at being stable, fast, and RFC 1413 compliant. It is meant to be run from inetd. It doesn't use any configuration file. It should do the right thing automagically.
Junkie is a real-time packet sniffer and analyzer. It is modular enough to accomplish many different tasks. It can be a helpful companion to the modern network administrator and analyst. Compared to previously available tools, junkie lies in between tcpdump and wireshark. Unlike tcpdump, its purpose is to parse protocols of any depth; unlike wireshark, though, it is designed to analyze traffic in real-time and so cannot parse traffic as exhaustively as wireshark does. In addition, its design encompasses extendability and speed. It has a plug-in system and high-level extension language that eases the development and combination of new functionalities; threaded packet capture and analysis for handling of high bandwidth networks; and a modular architecture to ease the addition of any protocol layer. It is based on libpcap for portability, and well-tested on professional settings.
Dandelion is a 3D graph rendering application which can be controlled across a network. Its main purpose is to allow clear network graphs to be rendered in a window, which can be controlled by a separate application or the user. The Dandelion visualization is actually controlled by issuing simple commands to it across the network (although this could all be happening on a single machine). The Dandelion source includes a set of very simple libraries which can be incorporated into other applications and which can be used to send these commands. Libraries are included for C, C#, Java, and Python. The project was developed at Liverpool John Moores University within the PROTECT Centre.