OPNsense is an open source, easy-to-use and easy-to-build FreeBSD based firewall and routing platform. OPNsense includes most of the features available in expensive commercial firewalls, and more in many cases. It brings the rich feature set of commercial offerings with the benefits of open and verifiable sources. OPNsense started as a fork of pfSense® and m0n0wall in 2014, with its first official release in January 2015. The project has evolved very quickly while still retaining familiar aspe
PacketFence is a network access control (NAC) manager. It includes numerous features, including user registration and sanitation, central wireless and cable-network control, BYOD (bring-your-own-device) configuration, 802.1X support, and layer-2 device isolation. PacketFence is useful for managing small to large networks and intranet-access points.
NitroShare is a simple desktop file sharing application. It automatically discovers peers on the local network, provides speedy transfers, and supports any file type. Furthermore is available on all major platforms.
Netgraphp is a php script which uses LLDP information to traverse SNMP servers in a network and produce a graphical map of different hosts and connections in the network. The graph is produced with the graphviz dot syntax and graphviz can be used to produce different file formats like .png or .eps. All connections to be identified must have LLDP support at both ends and SNMP support at least at one end. Most high end switches have built in support for SNMP and LLDP. Computer hosts need something
Capdiss is a runtime environment for reading capture files (pcap, pcap-ng). It defines a simple event-driven API for Lua scripts. The aim of capdiss is to provide a comfortable environment for packet manipulation, where an analyst has to write less code, to do more, in a type-safe language. To achieve that, capdiss embeds powerful, yet minimalistic, scripting language Lua, and supports the native packet dissection framework Coroner.
NetDB can inventarize and historize MAC address allocation on network switches and ARP tables on routers. It stores those using MySQL. It supports extensive switch, VLAN and vendor code reports, or tracks static IP addresses, and record neighbor discover. It provides a CLI interface and a web interface, or generate CSV lists.
kenotaph-daemon is a tool for detecting a presence of network devices through means of a packet capture. Both Wired and Wireless networks are supported, assuming appropriate hardware is available. Targeted device is identified by a user defined Berkeley Packet Filter, either by its IP address or Hardware address, however the use of BPF allows for higher complexity. A packet capture is done in promiscuous mode, and/or in monitor mode. kenotaph-daemon is designed to be a 'daemon' program that run
Gfarm is a network shared filesystem and alternative to NFS, but optimized for reliability, scaling and access from wide area network. It can federate local disks of network-connected PCs and compute nodes in several clusters, and supports explicit replica location control by users. Plugins exist for FUSE, Zabbix, Hadoop, Samba, MPI-IO, GridFTP, and a Linux kernel module is under development.
The goal of IP-Link is to see the relationships between different IP from network traffic capture, thus quickly for a given address with the IP that communicates the most. IP-Link offers several visualization methods.
Netvisix is a Qt-based network analyzer. It can inspect various network protocols and packets, such as ARP, IPv4, IPv6, ICMP, ICMPv6, IGMP, TCP, UDP, DNS, DHCP, DHCPv6 and HTTP. It's obviously based on libpcap.
The Barefoot server is a scalable user-space port bouncer that can be used to forward, or bounce, TCP connections and UDP packets destined for an address on the host on which the Barefoot server runs to any other host or address. To these other hosts, it will appear as if the connection and packets are coming from the machine on which the Barefoot server runs, rather than from the original host. The Barefoot server has support for using proxy protocols on the outgoing side, and can relay incomin
Webfwlog is a Web-based firewall log reporting and analysis tool. It allows users to design reports to use on logged firewall data in whatever configuration they desire. Included are sample reports as a starting point. Reports can be sorted with a single click, or "drilled-down" all the way to the packet level, and saved for later use. Supported log formats are netfilter, ipfilter, ipfw, ipchains, Cisco routers, Snort, and Windows XP. Netfilter support includes ulogd MySQL or PostgreSQL database
TunnelIt is a simple tool that uses the TUN/TAP driver to tunnel Ethernet networks over IP connections. Its simple command line interface is meant to resemble "netcat" where it is logical to do so.