netfilter

There are 7 repositories under netfilter topic.

• x-way / iptables-tracer

  Insert trace-points into the running configuration to observe the path of packets through the iptables chains.

  iptables-traceriptablesnfloggolangnetfilter
  Language:Go 245

• vel21ripn / nDPI

  Open Source Deep Packet Inspection Software Toolkit

  linuxnetfilterndpiiptables
  Language:C 118

• AliDbg / IPBAN

  ⚔️🧱🔥🛑IP BAN Block Allow GEOIP country traffic limit server input/output to IP countries with iptables+xt_geoip, auto db-ip update, firewall fail2ban gfw ufw cidr blacklist netfilter rules persistent restrict netaddr xtables linux debian ubuntu apache nginx web server anti hack ddos firewalld ipblocks ipdeny ip ranges MaxMind ipset

  blockblockedfail2banfirewallgeoipipbanipsetiptablesufwipgfwxt-geoipnetfilterpersistentrulesblacklistcountrylinuxnginxmaxmind
  Language:Shell 113
• geo-nft

  wirefalls / geo-nft

  Bash script to create nftables sets of country specific IP address ranges for use with firewall rulesets. The project provides a simple and flexible way to implement geolocation filtering with nftables. It can be a useful tool to reduce the chance of malware, ransomware and phishing attempts as well as mitigating the effects of DDoS attacks.

  nftablesnftables-geoipnetfilterfirewallsfirewall-rulesfirewall-configurationlinux-securitylinux-servergeoip-databasenftables-rulesgeo-ipgeoip-locationransomware-preventionmalware-protectionphishing-protectionddos-mitigationanti-malwareddos-protectionanti-phishingip-geolocation
  Language:Shell 113

• dxwu / BinderFilter

  A Linux kernel IPC firewall and logger for Android and Binder

  androidbinderipc-messagekernelnetfilter
  Language:Python 109

• landhb / DrawBridge

  Layer 4 Single Packet Authentication Linux kernel module utilizing Netfilter hooks and kernel supported Berkeley Packet Filters (BPF)

  bpflinux-kernelnetfilteriptables-extensioniptablesport-knockingrustport-knockerport-knockknocker
  Language:C 109

• ti-mo / conntrack

  Pure-Go Conntrack implementation; for humans.

  golang-librarynetlinkconntracknetfilterhacktoberfest
  Language:Go 107

• ntop / ipt_geofence

  Geographical host protection for Linux/FreeBSD

  netfiltercybersecuritylinuxfirewall
  Language:C++ 101
• antiddos

  yuk1c / antiddos

  A very simple script that uses special iptables rules and sysctl tweaks that protects your server(s) against many different network attacks.

  antiddosddos-defenseddos-protectionfirewalliptableslinuxanti-ddosanti-ddos-protectionanti-ddos-scriptddos-mitigationlayer4attacksecuritynetfilter
  Language:Shell 98

• rpthms / nft-geo-filter

  Allow/deny traffic in nftables using country specific IP blocks

  nftablesblacklistnetfiltergeo-ipip-blacklistnft-blacklistblacklist-setsip-geolocationwhitelists-ipip-whitelist
  Language:Python 93

• borestad / blocklist-abuseipdb

  Aggregated AbuseIPDB blocklists with worst IPv4 & IPv6 offenders (~100% confidence)

  abuseipdbblocklistblocklistsipblocklistipsetmalwareiplistiplistsblacklistblacklistsipsumipset-listsipsetsattack-preventionattacksfirewalliptablesmaltrailblocklist-ipnetfilter
  Language:Shell 86

• yaa110 / rust-iptables

  Rust bindings for iptables

  bindingsiptablesnetfilterrustrust-crate
  Language:Rust 81

• milesrichardson / docker-nfqueue-scapy

  Docker container for intercepting packets with scapy from a netfilter queue (nfqueue)

  dockeriptablesnetfilternfqueuepythonscapy
  Language:Python 79

• ti-mo / netfilter

  Pure-Go Netfilter Netlink family implementation.

  golang-librarynetlinknetfilterhacktoberfest
  Language:Go 68

• florianl / go-nfqueue

  c-binding free API for golang to communicate with the queue subsystem of netfilter

  golanghacktoberfestnetfilternfqueue
  Language:Go 67

• florianl / go-nflog

  c-binding free API for golang to communicate with the log subsystem of netfilter

  netfilternfloggolangkernelhacktoberfest
  Language:Go 58

• jwkohnen / conntrack-stats-exporter

  Netfilter Conntrack Stats Exporter

  prometheus-exporternetfilterconntrackkubernetesnetworking
  Language:Go 57

• Sina-Ghaderi / goshkan

  Transparent TLS and HTTP proxy serve and operate on all 65535 ports, with domain regex whitelist and rest api control

  proxy-servertls-proxyhttp-proxysni-proxy65535-portsiptablesnetfilterregexpregex-filtersregex-matchmysqlproxygo
  Language:Go 57

• TeaInside / teavpn2

  TeaVPN2 - An open source VPN Software (currently supported platform is only Linux).

  networktunnelvpnvpn-servervpn-clientlinuxnetfiltertor-networkhacktoberfest
  Language:C 52

• regit / opensvp

  Opensvp is a security tool implementing "attacks" to be able to test the resistance of firewall to protocol level attack.

  pythonsecuritytestingnetworkscapynetfilter
  Language:Python 49

• yuuki / lsconntrack

  The Linux netfilter conntrack-based connection flows pretty printer.

  conntrackgolinuxnetfiltertcp
  Language:Go 41

• DAchilles / Netfilter-Firewall

  华中科技大学2021网络安全课程设计（基于netfilter的状态检测防火墙）

  hustnetfilterfirewall
  Language:C 38

• Pwnzer0tt1 / firegex

  Firegex is an application firewall created for CTF Attack-Defence competitions by Pwnzer0tt1

  application-firewallattack-defensectffirewallintrusion-detectionnetfilternetfilter-queuenftablesreverse-proxyfiregex
  Language:Python 33

• ashishraste / arp-dns-attacks

  ARP spoofing, HTTP redirection, DNS spoofing and DNS forging using pcap library

  linuxcnetwork-attacksnetfilter-hooknetfilterpacket-capturepcap-librarypacket-snifferhttpdnsarp-poisoning
  Language:C 31

• eiginn / nftrace

  Easier tracing of packets through iptables

  iptablesnetfilterfirewalltracinglinux-networking
  Language:Go 31

• freeyoung / netfilter-persistent-plugin-ipset

  A plugin of netfilter-persistent in debian/ubuntu to make ipset rules persistent, especially on reboot.

  ipsetnetfilternetfilter-persistentiptables-persistent
  Language:Shell 27

• dev2lead / uppersafe-osfw

  UPPERSAFE Open Source Firewall

  dnsfirewalliptablesnetfilterpythonsecurityunbound
  Language:Python 22

• juli3nk / go-netfilter

  Go implentation for Iptables

  gogolangnetfilteriptables
  Language:Go 17

• Ty-Chen / NAT

  NAT type configuration and switch

  iptablesnatnat-configurationnetfilter
  Language:C 17

• jchavanton / disruptor

  generating problems on RTP streams : latency, delay, jitter

  networkingsimulatorlatencyjitterpacketlosscnetfilterdisruptor
  Language:C 15

• secynic / nfsinkhole

  nfsinkhole is a Python library and scripts for setting up a Linux server as a sinkhole (monitor, log/capture, and drop all traffic to a secondary interface).

  networkingnetworkiptablesfirewalldsinkholelinuxsyslogrsyslogsyslog-ngtcpdumpservicesystemdnetfilterbsd-license
  Language:Python 13

• iamhyc / Netfilter-L4-Encryption

  An encryption trial with AES-128 on Linux kernel subsystem Netfilter

  netfilternetlinkaes-256
  Language:C 12

• mostafa / iptables_book

  Netfilter iptables on IPv4 & IPv6, 1st Edition: It's a collaborative book on Netfilter iptables and its programming.

  iptablesnetfilterbook
  11

• mohitrajain / raswall

  A Network access firewall for Unix like OS and specifically supports Raspberry Pi 3 .

  iptablesnetfilternetwork-securitysquidclamavproxy-serverfirewallcaptive-portalpythonnodejsmongodbpacket-parsingraspberry-pi-3dhcp-serverantivirus
  Language:JavaScript 10

• gamemann / Test-Kernel-Modules

  A repository used to store my test Linux kernel modules I make while I'm learning.

  kernellinuxmodulenetfilterexamplesnetforwardpacketprocessing
  Language:C 9

• t-ho / dmz-netfilter

  DMZ design using Linux netfilter

  dmznetfilteriptablesbashshell-scriptfirewall
  Language:Shell 9