Projects tagged ‘pf’

FreeBSD is an advanced operating system for x86 compatible (including Pentium and Athlon), amd64 compatible (including Opteron, Athlon64, and EM64T), UltraSPARC, IA-64, PC-98 and ARM architectures. It ... [More] is derived from BSD, the version of UNIX developed at the University of California, Berkeley. It is developed and maintained by a large team of individuals. Additional platforms are in various stages of development. [Less]

The OpenBSD project produces a FREE, multi-platform 4.4BSD-based UNIX-like operating system... efforts emphasize portability, standardization, correctness, proactive security and integrated ... [More] cryptography. OpenBSD supports binary emulation of most programs from SVR4 (Solaris), FreeBSD, Linux, BSD/OS, SunOS and HP-UX. [Less]

PF (Packet Filter) is OpenBSD's system for filtering TCP/IP traffic, doing Network Address Translation, normalizing and conditioning TCP/IP traffic and providing bandwidth control and packet ... [More] prioritization. PF has also been ported to FreeBSD, NetBSD, and DragonFly BSD, and is an integral part of MirBSD. [Less]

NetBSD is a free, secure, and highly portable Unix-like Open Source operating system available for many platforms, from 64-bit Opteron machines and desktop systems to handheld and embedded devices. ... [More] Its clean design and advanced features make it excellent in both production and research environments, and it is user-supported with complete source. Many applications are easily available through pkgsrc, the NetBSD Packages Collection. [Less]

pfSense is a free, open source customized distribution of FreeBSD tailored for use as a firewall and router. In addition to being a powerful, flexible firewalling and routing platform, it includes a ... [More] long list of related features and a package system allowing further expandability without adding bloat and potential security vulnerabilities to the base distribution. pfSense is a popular project with more than 1 million downloads since its inception, and proven in countless installations ranging from small home networks protecting a single PC to large corporations, universities and other organizations protecting thousands of network devices. This project started in 2004 as a fork of the m0n0wall project, but focused towards full PC installations rather than embedded hardware. [Less]

DragonFly is an operating system and environment originally based on FreeBSD. DragonFly is developing a radically different approach to concurrency, SMP, and most other kernel subsystems. DragonFly ... [More] belongs to the same class of operating system as BSD and Linux and is based on the same UNIX ideals and APIs. [Less]

DenySSH monitors the auth log of a BSD system for failed SSH login attempts and adds repeat attackers to a Packet Filter table, allowing you to define PF rules to block the attacking hosts or redirect them to a honeypot for your amusement.

MirOS BSD is a secure operating system from the BSD family for 32-bit i386 and sparc systems. It is based on 4.4BSD-Lite (mostly OpenBSD, some NetBSD®). The MirPorts Framework is a portable ports ... [More] tree to facilitate the installation of additional software. The project also releases some portable software: mksh, a pdksh-based shell; PaxMirabilis, an archiver for various formats; MirMake, a framework for building software; MirNroff, an AT&T nroff based man page (and text document) formatter; MirCksum, a flexible checksumming and hash generation tool; and some more. [Less]

DescriptionThe OpenVPN Auth-LDAP Plugin implements username/password authentication via LDAP for OpenVPN 2.x. FeaturesUser authentication against LDAP. Simple Apache-style configuration file. LDAP ... [More] group-based access restrictions. Integration with the OpenBSD packet filter, supporting adding and removing VPN clients from PF tables based on group membership. Tested against OpenLDAP, the plugin will authenticate against any LDAP server that supports LDAP simple binds -- including Active Directory. BuildingRequirementsOpenLDAP Headers and Library GNU Objective-C Compiler OpenVPN Plugin Header (included with the OpenVPN sources) re2c (used for the configuration file lexer) To build, you will need to configure the sources appropriately. Example: ./configure --prefix=/usr/local --with-openldap=/usr/local --with-openvpn=/usr/ports/security/openvpn/work/openvpn-2.0.2The module will be build in src/openvpn-auth-ldap.so and installed as ${prefix}/lib/openvpn-auth-ldap.so. UsageAdd the following to your OpenVPN configuration file (adjusting the plugin path as required): plugin /usr/local/lib/openvpn-auth-ldap.so ""The config directive must point to an auth-ldap configuration file. An example configuration file is provided with the distribution, or see the Configuration page. SecurityPlease report all security issues directly to landonf+security (at) bikemonkey (dot) org. Through the use of extensive unit testing, valgrind, and regression testing, we are very confident in the overall code quality of the plugin. There has been one security vulnerability to date, due to misinterpretation of LDAP RFCs. 2006-12-02: OpenVPN Auth-LDAP would accept empty passwords when validating against Novell Directory Server. This is known to not affect default installs of OpenLDAP (our test platform). Strict implementation of the LDAP RFCs requires that a directory server treat a bind with a valid DN and an empty password as an "anonymous" bind. If anonymous binds are enabled, this could lead to password bypass. [Less]

PfDesigner is a graphical interface for creating and maintaining BSD Packet Filter (PF) firewall configurations.