netfilter

There are 9 repositories under netfilter topic.

• borestad / blocklist-abuseipdb

  Aggregated AbuseIPDB blocklists with worst IPv4 & IPv6 offenders (~99% confidence)

  abuseipdbblocklistblocklistsipblocklistipsetmalwareiplistiplistsblacklistblacklistsipsumipset-listsipsetsattack-preventionattacksfirewalliptablesmaltrailnetfilter
  Language:Shell 352

• x-way / iptables-tracer

  Insert trace-points into the running configuration to observe the path of packets through the iptables chains.

  iptables-traceriptablesnfloggolangnetfilter
  Language:Go 280

• AliDbg / IPBAN

  ⚔️🧱🔥🛑IP BAN Block Allow GEOIP country traffic limit server input/output to IP countries with iptables+xt_geoip, auto db-ip update, firewall fail2ban gfw ufw cidr blacklist netfilter rules persistent restrict netaddr xtables linux debian ubuntu apache nginx web server anti hack ddos firewalld ipblocks ipdeny ip ranges MaxMind ipset

  blockblockedfail2banfirewallgeoipipbanipsetiptablesufwipgfwxt-geoipnetfilterpersistentrulesblacklistcountrylinuxnginxmaxmind
  Language:Shell 148

• ti-mo / conntrack

  Pure-Go Conntrack implementation; for humans.

  golang-librarynetlinkconntracknetfilterhacktoberfest
  Language:Go 141

• dxwu / BinderFilter

  A Linux kernel IPC firewall and logger for Android and Binder

  androidbinderkernelipc-messagenetfilter
  Language:Python 139
• antiddos

  mintyYuki / antiddos

  Simple script against most network threats.

  antiddosddos-defenseddos-protectionfirewalllinuxanti-ddosanti-ddos-protectionanti-ddos-scriptddos-mitigationlayer4attacksecuritynetfilternftables
  Language:Shell 132

• vel21ripn / nDPI

  Open Source Deep Packet Inspection Software Toolkit

  linuxnetfilterndpiiptables
  Language:C 128

• ntop / ipt_geofence

  Geographical host protection for Linux/FreeBSD

  cybersecurityfirewalllinuxnetfilter
  Language:C++ 124
• geo-nft

  wirefalls / geo-nft

  Bash script to create nftables sets of country specific IP address ranges for use with firewall rulesets. The project provides a simple and flexible way to implement geolocation filtering with nftables. It can be a useful tool to reduce the chance of malware, ransomware and phishing attempts as well as mitigating the effects of DDoS attacks.

  nftablesnftables-geoipnetfilterfirewallsfirewall-rulesfirewall-configurationlinux-securitylinux-servergeoip-databasenftables-rulesgeo-ipgeoip-locationransomware-preventionmalware-protectionphishing-protectionddos-mitigationanti-malwareddos-protectionanti-phishingip-geolocation
  Language:Shell 121

• landhb / DrawBridge

  Layer 4 Single Packet Authentication Linux kernel module utilizing Netfilter hooks and kernel supported Berkeley Packet Filters (BPF)

  bpflinux-kernelnetfilteriptables-extensioniptablesport-knockingrustport-knockerport-knockknocker
  Language:C 116

• rpthms / nft-geo-filter

  Allow/deny traffic in nftables using country specific IP blocks

  nftablesblacklistnetfiltergeo-ipip-blacklistnft-blacklistblacklist-setsip-geolocationwhitelists-ipip-whitelist
  Language:Python 111

• florianl / go-nfqueue

  c-binding free API for golang to communicate with the queue subsystem of netfilter

  nfqueuegolangnetfilterhacktoberfest
  Language:Go 93

• yaa110 / rust-iptables

  Rust bindings for iptables

  bindingsiptablesnetfilterrustrust-crate
  Language:Rust 90

• milesrichardson / docker-nfqueue-scapy

  Docker container for intercepting packets with scapy from a netfilter queue (nfqueue)

  netfilternfqueuedockerscapypythoniptables
  Language:Python 81

• Pwnzer0tt1 / firegex

  Firegex, a firewall for Attack-Defense CTFs

  application-firewallattack-defensectffirewallintrusion-detectionnetfilternetfilter-queuenftablesreverse-proxyfiregex
  Language:Python 81

• Sina-Ghaderi / goshkan

  Transparent TLS and HTTP proxy serve and operate on all 65535 ports, with domain regex whitelist and rest api control

  proxy-servertls-proxyhttp-proxysni-proxy65535-portsiptablesnetfilterregexpregex-filtersregex-matchmysqlproxygo
  Language:Go 81

• ti-mo / netfilter

  Pure-Go Netfilter Netlink family implementation.

  golang-librarynetlinknetfilterhacktoberfest
  Language:Go 79

• florianl / go-nflog

  c-binding free API for golang to communicate with the log subsystem of netfilter

  netfilternfloggolangkernelhacktoberfest
  Language:Go 66

• jwkohnen / conntrack-stats-exporter

  Netfilter Conntrack Stats Exporter

  conntrackkubernetesnetfilternetworkingprometheus-exporter
  Language:Go 63

• TeaInside / teavpn2

  TeaVPN2 - An open source VPN Software (currently supported platform is only Linux).

  networktunnelvpnvpn-servervpn-clientlinuxnetfiltertor-networkhacktoberfest
  Language:C 52

• DAchilles / Netfilter-Firewall

  华中科技大学2021网络安全课程设计（基于netfilter的状态检测防火墙）

  hustnetfilterfirewall
  Language:C 50

• regit / opensvp

  Opensvp is a security tool implementing "attacks" to be able to test the resistance of firewall to protocol level attack.

  pythonsecuritytestingnetworkscapynetfilter
  Language:Python 48

• yuuki / lsconntrack

  The Linux netfilter conntrack-based connection flows pretty printer.

  conntrackgolinuxnetfiltertcp
  Language:Go 42

• eiginn / nftrace

  Easier tracing of packets through iptables

  iptablesnetfilterfirewalltracinglinux-networking
  Language:Go 35

• ashishraste / arp-dns-attacks

  ARP spoofing, HTTP redirection, DNS spoofing and DNS forging using pcap library

  linuxcnetwork-attacksnetfilter-hooknetfilterpacket-capturepcap-librarypacket-snifferhttpdnsarp-poisoning
  Language:C 32

• DXC-0 / Respect-My-Internet

  Opensnitch / LittleSnitch - No-Gafam (blocklist for facebook, google, microsoft, amazon, huawei, tencent, apple, xiaomi ...) - aggressive privacy and protection (trackers, spywares, malwares, cti feeds, malicious ips, phishing...) - 99% in adsblockers tests !

  adguardanonymityblocklistfirewallfirewall-configurationfirewall-rulesno-amazonno-appleno-batxno-facebookno-gafamno-microsoftopen-sourceopensnitchpiholeprivacy-protectionprivacy-toolsrespect-privacysecurityublock
  Language:Shell 30

• freeyoung / netfilter-persistent-plugin-ipset

  A plugin of netfilter-persistent in debian/ubuntu to make ipset rules persistent, especially on reboot.

  ipsetiptables-persistentnetfilternetfilter-persistent
  Language:Shell 28

• dev2lead / uppersafe-osfw

  UPPERSAFE Open Source Firewall

  firewalldnsnetfilteriptablesunboundpythonsecurity
  Language:Python 22

• alegarsan11 / nftables-gui

  This is a repository to develop a web interface to enble configuration of nftables via GUI.

  chainsfirewallfrontendiptablesnetfilternftablesrulestablesweb-frontend
  Language:Python 18

• juli3nk / go-netfilter

  Go implentation for Iptables

  gogolangnetfilteriptables
  Language:Go 17

• Ty-Chen / NAT

  NAT type configuration and switch

  natnat-configurationnetfilteriptables
  Language:C 17

• jchavanton / disruptor

  generating problems on RTP streams : latency, delay, jitter

  networkingsimulatorlatencyjitterpacketlosscnetfilterdisruptor
  Language:C 16

• cSuk1 / FireWall

  基于Netfilter的包过滤状态防火墙

  dosfirewallnetfiltersecuritytcp-ip
  Language:C 14

• iamhyc / Netfilter-L4-Encryption

  An encryption trial with AES-128 on Linux kernel subsystem Netfilter

  netfilternetlinkaes-256
  Language:C 12

• secynic / nfsinkhole

  nfsinkhole is a Python library and scripts for setting up a Linux server as a sinkhole (monitor, log/capture, and drop all traffic to a secondary interface).

  bsd-licensefirewalldiptableslinuxnetfilternetworknetworkingrsyslogservicesinkholesyslogsyslog-ngsystemdtcpdump
  Language:Python 12

• tkob-vh / gfw-rs

  Rewrite OpenGFW in Rust, with web-ui.

  gfwnetfilternetworkingnfqueuerusttoolsfilteringfirewall
  Language:Rust 12