Iptables

fwsnort parses the rules files included in the snort intrusion detection system and builds an equivalent iptables ruleset for as many rules as possible. fwsnort accepts command line arguments to restrict processing to any particular class of snort rules such as "ddos", "backdoor", or...

ipset pakcage is a framework inside the Linux 2.4.x and 2.6.x kernel, which can be administered by the ipset utility. Depending on the type, currently an IP set may store IP addresses, (TCP/UDP) port numbers or IP addresses with MAC addresses in a way, which ensures lightning speed when...

NAT iptables firewall script is an iptables firewall script. This script is meant to be run once per boot the rules will be double added if you try to run it twice if you need to add another rule during runtime, change the -A to a -I to add it to the top of the list of rules if you use -A it...


Platforms: *nix

FIAIF is an Intelligent Firewall. Unlike many other scripts, FIAIF can be truly customized allowing multiple interfaces (or rather zones). There is no limit on the number of zones. All configuration is done through configuration files. There is no need to understand the script behind it all....


Platforms: *nix

POP3 Virus Scanner Proxy is a full-transparent proxy daemon which scans all mails for viruses using third party scanners (built-in support for AVPD and Trophie). You have to set up a port redirection in the linux-netfilter (iptables) so that all connections from e.g. inside your office to any...


Platforms: *nix

Lokiwall provides an easily manageable Linux firewall with some unique features. Lokiwall is a firewall script for Linux. In addition to the standard function of easily limiting network traffic, it features dual routing (using two Internet connections simultaniously), connection fail-over, load...


Platforms: *nix

iptables and netfilter are building blocks of a framework inside the Linux 2.4.x and 2.6.x kernel. This framework enables packet filtering, network addresss [and port] translation (NA[P]T) and other packet mangling. It is the re-designed and heavily improved successor of the previous Linux 2.2.x...


Platforms: *nix

seppl is both a protocol definition and a software implementation of a new encryption layer for IPv4. seppl project makes use of symmetric cryptography for encrypting the whole traffic on a network. Its implementation is designed around Linux netfilter/iptables. seppl introduces two new...


Platforms: *nix

pdumpq provides a pcap Dump for Linux/Netfilter QUEUE. pdumpq can be used to take queued packets from netfilter/iptables and dump them to a file that decoders like tcpdump, ethereal, and snort can read. You can also just pipe it through to the packet decoder and see what is in those packets...


Platforms: *nix

Alerttail executes actions when "some text" has been written to a file.This software tails a file and when a line matches some text pattern alerttail will execute a list of actions defined on it's own configuration file.Imagine you want to be warned when some text is written to a log file, you...


Platforms: Windows, Mac, *nix, C/C++, BSD Solaris

Shaperd is a user-mode program that can shape traffic passing through a Linux box. I egan to write it because I was tired of waiting for the echoes when I telnet other machines over my slow ppp link to the internet. I did try cbq and shaper, but none satisfied me (It wasnt well-documented at the...


Platforms: *nix

S-M-S stands for Slackware Mini Server ans is a Linux operating system console based and manageable through webmin interface. Although described as a mini server, have all the features of a powerful server such as apache2, sendmail, spamassassin, clamav, squid, iptables firewall, mysql, cups and...


Platforms: *nix

IP-Array is a Linux iptables firewall script written in bash. IP-Array allows the creation of precise, stateful rules, while remaining easy to configure. Goals: An easy to configure firewall - still leaving the user the possiblillity to configure detailed rules - which creates thight...


Platforms: *nix

dirwall is a small iptables firewall script that keeps the iptables rules separate from the script. The rules are stored in separate files so that other packages may maintain them. The dirwall rules are located in /etc/dirwall/{ACCEPT,FORWARD,MASQ,NAT,NOLOG,REJECT}/*". There may be multiple...


Platforms: *nix

fwanalog is a shell script that parses and summarizes firewall logfiles. It currently (version 0.6.9) understands logs from ipf (tested with OpenBSD 2.8s and 2.9s ipf, also FreeBSD, NetBSD and Solaris 8 with ipf (+ ipfw on FreeBSD)), OpenBSD 3.x pf, Linux 2.2 ipchains, Linux 2.4 iptables, some...


Platforms: *nix

IPCAD stands for IP Cisco Accounting Daemon. It runs in background, listens traffic on the specified interfaces, and records the traffic for later retrieval and analysis. IPCAD can use raw BPF devices, PCAP library, divert, tee or Linux iptables ULOG & IPQ packet sources to capture the packets....


Platforms: *nix

The Net-Policy project allows system administrators to configure and manage their entire network at once. It is initially designed to configure firewall and IPsec connections across an entire network. Net-policy contains the following components: net-policy: This is the core network manager....


Platforms: *nix

myfw is firewall based on iptables snipets (modules). myfw project helps you to build your iptables firewall. A configuration is listing ``modules, which are containing iptables rules. Thoses modules can contain perl code, in order to facilitate writing of rules (think foreach @ntp_servers)....


Platforms: *nix

Alfandega is a strong and Modular IpTables Firewall. It provides NAT, port-forwarding, spoofing list, blacklist of crackers and spywares sites, protection for tcp/udp scans, DOS/DDOS and Smurf attacks, TCP tuning, DHCP and PPP support and much more.


Platforms: *nix

NetSplitter is a ( user-level ) network load-balance. It is like a transparent-proxy and will balance ( output ) TCP connections on multiples links. Linux NAT add/remove code is incomplete. NetSplitter will use the system() function to run the iptables to handle this. Step 1) IPTABLES Tell...


Platforms: *nix