Open Source Perl Firewall Software

Smoothwall is a best-of-breed Internet firewall/router, designed to run on commodity hardware and to provide an easy-to-use administration interface to those using it. Built using open source and Free software, it's distributed under the GNU Public License.

Privoxy is a non-caching web proxy with advanced filtering capabilities for enhancing privacy, modifying web page data and HTTP headers, controlling access, and removing ads and other obnoxious Internet junk. Privoxy has a flexible configuration and can be customized to suit individual needs and tastes. It has application for both stand-alone systems and multi-user networks.

The IPCop Firewall is a Linux firewall distribution. It is geared towards home and SOHO users. The IPCop web-interface is very user-friendly and makes usage easy.

Endian Firewall Community (EFW) is a "turn-key" linux security distribution that makes your system a full featured security appliance with Unified Threat Management (UTM) functionalities. The software has been designed for the best usability: very easy to install, use and manage and still greatly flexible. The feature suite includes stateful packet inspection firewall, application-level proxies for various protocols (HTTP, FTP, POP3, SMTP) with antivirus support, virus and spam-filtering for email traffic (POP and SMTP), content filtering of Web traffic and a "hassle free" VPN solution (based on both OpenVPN and IPsec).

BASE is the Basic Analysis and Security Engine. It is based on the code from the Analysis Console for Intrusion Databases (ACID) project. This application provides a web front-end to query and analyze the alerts coming from a SNORT IDS system.

An iptables based firewall for systems running the Linux 2.4 or later kernel. Very flexible configuration allows the firewall to be used in a wide variety of firewall/gateway/router and VPN environments.

The OWASP ModSecurity Core Rule Set (CRS) is a curated, generic Web Application Firewall rule set that detects and blocks common attack categories across most web apps. It focuses on broad protection—SQL injection, cross-site scripting, local/remote file inclusion, command injection, and protocol violations—without requiring app-specific knowledge. Rules are organized into paranoia levels so operators can tune detection aggressiveness and balance false positives against coverage. An anomaly-scoring model accumulates rule hits per request, enabling nuanced blocking thresholds and easier incident triage. The project ships with extensive documentation, exclusion packages, and testing tools to help tailor deployment for frameworks, CDNs, and APIs. Deployed on engines such as ModSecurity or compatible WAFs, CRS is a widely used baseline for HTTP security in reverse proxies and gateways.

MailCleaner is no longer maintained. It will return soon in another form. [antispam] MailCleaner is an anti-spam / anti-virus filter SMTP gateway with user and admin web interfaces, quarantine, multi-domains, multi-templates, multi-languages. Using Bayes, RBLs, Spamassassin, MailScanner, ClamAV. Based on Debian. Enterprise ready. MailCleaner is an anti spam gateway installed between your mail infrastructure and the Internet. It includes a complete GNU/Linux OS and a graphical web interface for user and administrative access. It comes in the form of virtual machine templates.. - fully compatible with any SMTP mail server (Exchange, Zimbra, O365,...) You can install now MailCleaner within the following virtual environments: qcow2 (KVM, Proxmox, OpenStack, Xen) ova (OVA, VMware ESXi, VMware Workstation, Fusion) vhd (Asure, VirtualPC) vhdx (Hyper-V) AMI (Amazon) Dedicate a server to MailCleaner, and you will have a working professional mail filter in le

Netdeep Secure is a Linux distribution with focus on network security. Is a Next Generation Open Source Firewall, which provides virtually all perimeter security features that your company may need. It offers Web content filters, ensuring better performance of the network, allowing users to use the service efficiently and securely, providing a deep control of the use of the Web access service, blocking access to unwanted websites, Virus, Spam, Applications and intrusion attempts. Its configuration is made entirely by the web interface.

Enables tunneling of network connections through restrictive HTTP proxies. Features: Portmapping, SOCKS4, SOCKS5, web-based admin interface, possibility to use standalone server (perl) or hosted server (PHP), optional authorization from LDAP or MySQL

[not maintained anymore] Jay's Iptables Firewall is a script with support for multiple (external/internal) interfaces, TCP/UDP/ICMP control, masquerading, synflood control, spoofing control, port forwarding, VPNs (vtund), ToS, denying hosts, ZorbIPTraff

This project will serve as a central hosting/bug tracking center for modifications to the SmoothWall.org firewall distribution. Support and information for the "mods" posted here can be found on the SmoothWall.org forums, the SmoothWall.org IRC server, or

360-FAAR (Firewall Analysis Audit and Repair) is an offline, command line, firewall policy manipulation tool to filter, compare to logs, merge, translate and output firewall commands for new policies, in Checkpoint dbedit, Cisco ASA or ScreenOS commands, and its one file! Read Policy and Logs for: Checkpoint FW1 (in odumper.csv / logexport format), Netscreen ScreenOS (in get config / syslog format), Cisco ASA (show run / syslog format), 360-FAAR compares firewall policies and uses CIDR and text filters to split rulebases / policies into target sections and identify connectivity for further analysis. 360-FAAR supports, policy to log association, object translation, rulebase reordering and simplification, rule moves and duplicate matching automatically. Allowing you to move rules to where you need them. Build new rulebases from scratch with a single 'any' rule and log files, with the 'res' and 'name' options. Switch into DROPS mode to analyse drop log entries.

Bypass is an IP forwarding/tunneling tool which can be used where limited bypassing of a firewall is necessary, but relaxing the restrictions in the actual firewall is not an option. The aim is for bypass to be automatic and transparent.

Net-Policy is a highly-scalable, role-and-policy based network management system. Net-Policy aims to be an easy-to-use, full-fledged management station capable of configuration, monitoring, and notification collection and aggregation via the use of SNMP

User written Addons and Updates for the IPCop Firewall.

AMaViS is a script that interfaces a mail transport agent (MTA) with virus scanners.

A set of tools (proxy, analyzer, proxy database maintenance tools) in Perl. Of interest to those whose Internet access is blocked or censored. The tools provide an 'abstraction' of uncensored outside services, inside the censoring firewall/proxy.

Snort2Pf is a small Perl daemon which greps Snort's alertfile and blocks the "naughty" hosts for a given amount of time using pfctl.

Collection of open source security tools that enhance the ability of people and companies to secure their environment. These tools will build upon the foundation laid by the security community.

Two tools able to edit your ipfilter.dat . These tools are able to edit your ipfilter.dat in order to check for big ranges and to check adjacent ranges . From the creators of ipfilterX , Nexus23 Labs . - Updates in Progress -

A firewall configuration project based on Linux 2.6.x and iptables. It has a web interface with an intuitive Webmin module, or you can edit a XML file. You can define the different firewall elements (zones, hosts, networks) and then set the services

BlockSSHD protects computers from SSH brute force attacks by dynamically blocking IP addresses by adding iptables rules.

IP Traffic Volume: Logs (counts) in- & outgoing bytes through network device(s) using kernel iptables. Highly configurable as to which bytes are logged, e.g. to/from specific ports or ip-addresses. Data displayed in html via cgi or plain ascii to console

SSS is a simple socks server written in perl that implements the SOCKS v5 protocol.