OpenSnitch is a GNU/Linux application firewall. Key features Interactive outbound connections filtering. Block ads, trackers or malware domains system wide. Ability to configure system firewall from the GUI (nftables). Configure input policy, allow inbound services, etc. Manage multiple nodes from a centralized GUI. SIEM integration
Splinter redirects IPv4 TCP connections to other destinations based on the source address, an alternative approach to kernel controlled firewalling.
OpenWRT is a Linux distribution for wireless routers and low-resource embedded devices. It provides a coherent base system for different plattforms, various hardware and firmware drivers, and a Debian-style packaging system for application and add-on packages. The JSON-RPC based admin web interface LuCI makes configuration very user-friendly, but keeps the similar SSH and command line UCI interface and /etc files accessible. With its own PROCD system event daemon it can immediately respond to up
Webfwlog is a Web-based firewall log reporting and analysis tool. It supports IPv6, as well as geoip data for ips using maxmind's geoip databases. It allows users to design reports to use on logged firewall data in whatever configuration they desire. Included are sample reports as a starting point. Reports can be sorted with a single click, or "drilled-down" all the way to the packet level, and report definitions saved for later use. Supported log formats are netfilter, ipfilter, ipfw, ipchains,
Upnpry is an upnp port opener for linux. It intercepts upnp port opening requests to routers and opens the corresponding ports on the linux box.
SSHGuard is an automated log watcher which quickly sets up firewall blocks for detected brute-force attacks. It supports not just SSH, but also sendmail, exim, dovecot, Cucipop, UWimap, vsftpd, proftpd, pure-ftpd and FreeBSD ftpd. It understands syslog/-ng, metalog, multilog and raw log formats. And works with netfilter/iptables, PF, ipfw, or just hosts.allow to set up firewalling rules.
DenyHost works to automatically block brute-force attacks against the secure shell service. It does this by scanning log files for failed login attempts and blocking remote hosts which have made too many failed connections.
A Netfilter firewall tool written in bash scripting, designed to be easy to use but yet flexible and powerful.
Sphirewall is a user-centric, application layer, analytical network firewall/router. Out-of-the box, it provides user authentication coupled with powerful analytics which provide you with complete control over your network and users. With Sphirewall, you can manage and understand what is happening on your network with features such as qos, bandwidth quotas, user authentication, application layer filtering and much more. Not built on iptables, it is able to do things which other Open Source fi
ArpON is a daemon that handles and inspects ARP (address resolution protcol) requests and thusly can prevent MITM attacks, ARP sppofing, cache or route poisoning. It also blocks related network attacks like ARP sniffing, hijacking, or injection, or higher-level DNS and HTTP request/session spoofing, or SSL/TLS circumvention. It also protects networks with proactive (network interface or system shutdown) and dynamic ARP traffic inspections in complexer setups.
Shorewall is a flexible firewall configuration system for Linux 2.4/3.x iptables. It's suitable for routers, gateways, servers, VPN environments and just desktop systems. It provides a higher level rule-based configuration scheme to configure the Netfilter kernel module, routes, interfaces and traffic shaping. It supports both IPv4 and IPv6.