ipt_pkd is an iptables extension implementing port knock detection. This project provides 3 parts: the kernel module ipt_pkd, the iptables user space module libipt_pkd.so, and a user space client knock program. For the knock packet, it uses a UDP packet sent to a random port that contains a SHA-256 of a timestamp, small header, random bytes, and a shared key. ipt_pkd checks the time window of the packet and does the SHA-256 to verify the packet. The shared key is never sent.
3289fff009448b23ae5a1a23ef532cf71037575a42ae74e17ce860cba118e657
iptables is built on top of netfilter, the packet alteration framework for Linux 2.4.x and 2.6.x. It is a major rewrite of its predecessor ipchains, and is used to control packet filtering, Network Address Translation (masquerading, portforwarding, transparent proxying), and special effects such as packet mangling.
fd9a978035e6a8f73344f986c84a222dc4ac3706b901e0c1ecae9647db5e5d52
ipt_pkd is an iptables extension implementing port knock detection. This project provides 3 parts: the kernel module ipt_pkd, the iptables user space module libipt_pkd.so, and a user space client knock program. For the knock packet, it uses a UDP packet sent to a random port that contains a SHA-256 of a timestamp, small header, random bytes, and a shared key. ipt_pkd checks the time window of the packet and does the SHA-256 to verify the packet. The shared key is never sent.
6489d7bc87666fece8f873dc2c634e79d37baaedebb62bc38d96a78aa5d2e4b8
iptables blocklist importer is a Python program to parse and import P2P-style IP range block lists into an iptables chain quickly and efficiently.
c079c0c83fd9b4c81c2ef496919fea2650f7e90d6dcecbb94adac9acdb2b2a64
Vuurmuur is a middle-end and front-end for netfilter and iptables that is aimed at system administrators who need a decent firewall, but do not have netfilter specific knowledge. It converts human-readable rules into an iptables ruleset (or optional a bash script), makes netfilter logs readable, and includes an ncurses GUI.
7aa2bb1d088f48e3d5ba171705a3d01e0b7c9569de0ae59764d9bf251dcb0db8
authfail is a tool for adding IP addresses to an ACL when entities from those addresses attempt to log into a system, but cause authentication failures in auth.log. It reads data from auth.log in real time and adds the IP into netfilter with a DROP/REJECT policy.
e10c6b83900dae4ccfd7916d5f233c0dc17f61c450222ef47286600792e9c5c8
FireHOL a simple yet powerful way to configure stateful iptables firewalls. It can be used for almost any purpose, including control of any number of internal/external/virtual interfaces, control of any combination of routed traffic, setting up DMZ routers and servers, and all kinds of NAT. It provides strong protection (flooding, spoofing, etc.), transparent caches, source MAC verification, blacklists, whitelists, and more. Its goal is to be completely abstracted and powerful but also easy to use, audit, and understand.
2c6e709073a7cdb9c73863b3f5bdc77d7cf526162cb4ffd1a1e89e56a7b4fb49
FireHOL a simple yet powerful way to configure stateful iptables firewalls. It can be used for almost any purpose, including control of any number of internal/external/virtual interfaces, control of any combination of routed traffic, setting up DMZ routers and servers, and all kinds of NAT. It provides strong protection (flooding, spoofing, etc.), transparent caches, source MAC verification, blacklists, whitelists, and more. Its goal is to be completely abstracted and powerful but also easy to use, audit, and understand.
9bf6cfa2765f05571a2301f0e9cef9e1c13cab4281f2ed0396e6cbf0d374b83d
authfail is a tool for adding IP addresses to an ACL when entities from those addresses attempt to log into a system, but cause authentication failures in auth.log. It reads data from auth.log in real time and adds the IP into netfilter with a DROP/REJECT policy.
9a6480f03469aea6c42c58c3525d672976bbe6b7fbb43316702b73a10afed759
Ruined "Ruby Iptables NEtwork Displayer" draws a svg from your Linux IP tables generated from "iptables-save".
efc430a244fbf3c9251d627309f0d9be3caa71360a9a9654f689e24cbd1be3dd
Vuurmuur is a middle-end and front-end for netfilter and iptables that is aimed at system administrators who need a decent firewall, but do not have netfilter specific knowledge. It converts human-readable rules into an iptables ruleset (or optional a bash script), makes netfilter logs readable, and includes an ncurses GUI.
bf91812261ccf3ab3c1b88ae7d8c7fb6cfd95f7bc833d7e309f3ff9bb69f2b7a
Vuurmuur is a middle-end and front-end for netfilter and iptables that is aimed at system administrators who need a decent firewall, but do not have netfilter specific knowledge. It converts human-readable rules into an iptables ruleset (or optional a bash script), makes netfilter logs readable, and includes an ncurses GUI.
842bbcea007ba79faa1ddff43990b480a4b3293f2f248f3b2ce8b9640a601e1a
Vuurmuur is a middle-end and front-end for netfilter and iptables that is aimed at system administrators who need a decent firewall, but do not have netfilter specific knowledge. It converts human-readable rules into an iptables ruleset (or optional a bash script), makes netfilter logs readable, and includes an ncurses GUI.
5f504c9630b8c9013b95e7ee8ef0b91385e10b21eb75e89bd23f2f8112cde66e
iptables is the packet alteration framework (firewall utility) for Linux 2.4. It is an enhancement on ipchains, and is used to control packet filtering, Network Address Translation (masquerading, port forwarding, transparent proxying), and special effects.
1d8ee8634d167b0f1a8872b6547910c11bae676699faf2b4bc2c84a128449c3c
Vuurmuur is a middle-end and front-end for netfilter and iptables that is aimed at system administrators who need a decent firewall, but do not have netfilter specific knowledge. It converts human-readable rules into an iptables ruleset (or optional a bash script), makes netfilter logs readable, and includes an ncurses GUI.
2b9b3982d8836e4fc3b380a645e46e89424a72c6738bbd903d7d9fb038f8537f
iptables is the new packet alteration framework (firewall utility) for Linux 2.4. It is an enhancement on ipchains, and is used to control packet filtering, Network Address Translation (masquerading, port forwarding, transparent proxying), and special effects.
2067ed2134adde5f50716dd1d3752dfb023a634ff274af88eb635e5a1bba1bda
iptgraph is a kernel patch that adds hooks to the netfilter subsystem for the purpose of tracking the statistics of IP packets being processed and iptable rules being triggered. It currently supports Linux kernel 2.6.11.11, 2.6.12, 2.6.12.3, and 2.6.12.4.
8ccf237cde10469f4949718dab66eaf1b29d9ad9e0b389a2f3b90f186018d8a8
authfail is a tool for adding IP addresses to an ACL when entities from those addresses attempt to log into a system, but cause authentication failures in auth.log. It reads data from auth.log in real time and adds the IP into netfilter with a DROP/REJECT policy.
04e48386360e57b79d2b505156aeb0ffde4c2dff3b0ec8ec374a1c797baa5c1c
Vuurmuur is a middle-end and front-end for netfilter and iptables that is aimed at system administrators who need a decent firewall, but do not have netfilter specific knowledge. It converts human-readable rules into an iptables ruleset (or optional a bash script), makes netfilter logs readable, and includes an ncurses GUI.
2547978065347491bfd36aeeb4da7017b11b08670603270309246595b4d67ca6
iptgraph is a kernel patch that adds hooks to the netfilter subsystem for the purpose of tracking the statistics of IP packets being processed and iptable rules being triggered. It currently supports Linux kernel 2.6.11.11, 2.6.12, 2.6.12.3, and 2.6.12.4.
43eb584de08fdb0097db58a1e4fc0f9b3df61ae70857be8d44bf67bc08dab01b
iptables is the new packet alteration framework (firewall utility) for Linux 2.4. It is an enhancement on ipchains, and is used to control packet filtering, Network Address Translation (masquerading, port forwarding, transparent proxying), and special effects.
84ac04a28ae41e17df0f181d8bc0049ae7a83baae07296e890ea5977a2952318
iptables is the new packet alteration framework (firewall utility) for Linux 2.4. It is an enhancement on ipchains, and is used to control packet filtering, Network Address Translation (masquerading, port forwarding, transparent proxying), and special effects.
0bd229e99ef61fe39fba6194031e5307a9da7e22c2a5b8a581f6ae8efae14762
authfail is a tool for adding IP addresses to an ACL when entities from those addresses attempt to log into a system, but cause authentication failures in auth.log. It reads data from auth.log in real time and adds the IP into netfilter with a DROP/REJECT policy.
c31e42c5443566243213fffc80da1bff4bc9d2cdb9effe26767b66b53f9679c2
Vuurmuur is a middle-end and front-end for netfilter and iptables that is aimed at system administrators who need a decent firewall, but do not have netfilter specific knowledge. It converts human-readable rules into an iptables ruleset (or optional a bash script), makes netfilter logs readable, and includes an ncurses GUI.
0c15f24dafece7a89b91f0b9cce99e0e466142d5a64c31c7d746b4779dbde908
Vuurmuur is a middle-end and front-end for netfilter and iptables that is aimed at system administrators who need a decent firewall, but do not have netfilter specific knowledge. It converts human-readable rules into an iptables ruleset (or optional a bash script), makes netfilter logs readable, and includes an ncurses GUI.
a4ff68c34faac23779d07cc1f15092499e571e8ac10bf92cfd4fd8e16ece9987