Douane alternatives

Looking for an alternative tool to replace Douane? During the review of Douane we looked at other open source tools. Based on their category, tags, and text, these are the ones that have the best match.

Top 3

  1. iptables (network traffic filter)
  2. OpenSnitch (application firewall)
  3. nftables (network traffic filtering)

These tools are ranked as the best alternatives to Douane.

Alternatives (by score)

67

iptables

Introduction

The iptables tool is the userspace command line program part of the netfilter project. Since Linux 2.4 it is the standard packet filtering engine. Among standard traffic filtering, it can be used for Network Address Translation (NAT).

Project details

iptables is written in C.

Strengths and weaknesses

  • + The source code of this software is available
  • + Well-known tool

    Typical usage

    • Network traffic filtering

    iptables review

    96

    OpenSnitch

    Introduction

    OpenSnitch is a tool based on Little Snitch, a macOS application level firewall. All outgoing connections are monitored and the user is alerted when a new outgoing connection occurs. This allows the user to detect and block any unwanted connections.

    Project details

    OpenSnitch is written in Golang.

    Strengths and weaknesses

    • + More than 3000 GitHub stars
    • + The source code of this software is available
    • - No releases on GitHub available

    Typical usage

    • Network traffic filtering

    OpenSnitch review

    67

    nftables

    Introduction

    nftables is supposed to replace netfilter as the primary interface of network filtering. It is available since Linux kernel 3.13. Both netfilter and nftables have been co-authored by Patrick McHardy.

    Project details

    nftables is written in C.

    Strengths and weaknesses

    • + The source code of this software is available

      Typical usage

      • Network traffic filtering

      nftables review

      60

      Assimilator

      Introduction

      A tool like Assimilator can be of great help to 'normalize' all firewall rules into one place. Especially when a company uses different firewalls, each with their own syntax and specifics. Assimilator will then simplify the way firewall rules are created and managed.

      Project details

      Assimilator is written in Python.

      Strengths and weaknesses

      • + The source code of this software is available

        Typical usage

        • Network traffic filtering

        Assimilator review

        56

        LPFW (LeoPard FloWer)

        Introduction

        LPFW is the abbreviation for LeoPard FloWer and is an application firewall for Linux.

        Project details

        LPFW is written in C++, Python.

        Strengths and weaknesses

        • + The source code of this software is available
        • - Unknown project license

        Typical usage

        • Network traffic filtering

        LPFW review

        60

        Anti-DDOS

        Introduction

        This script could be useful for system and network administrators that want to learn about better defending the network against lots of network packets. The Linux kernel has a default configuration that is optimized for performance. To further secure it, changes need to be made to these kernel settings. The Anti-DDoS tool will help with setting up the configuration.

        Project details

        Anti-DDOS is written in shell script.

        Strengths and weaknesses

        • + Very low number of dependencies
        • + The source code of this software is available
        • - No releases on GitHub available

        Typical usage

        • DDoS protection
        • Network traffic filtering

        Anti-DDOS review

        60

        pyknock

        Introduction

        Port knocking tools typically hide services from the outside world by requesting a 'secret'. This secret is like a special way of knocking on a door, to let others know you can be trusted. It does not replace a password or other method of authentication, yet adds another layer to it.

        Project details

        pyknock is written in Python.

        Strengths and weaknesses

        • + The source code of this software is available
        • - No releases on GitHub available

        Typical usage

        • Network traffic filtering
        • System hardening

        pyknock review

        56

        0trace

        Introduction

        0trace is a reconnaissance tool to perform so-called hop enumeration within an established TCP connection. The goal is to allow traceroute-like functionality, yet in an alternative way. It can be used to bypass firewall rules. Tools like 0trace are typically used during pentesting assignments.

        Project details

        63

        360-FAAR

        Introduction

        360-FAAR is a tool written in Perl to parse policies and logs from firewalls. It can compare firewall policies and translate between a policy and log data. Supported firewalls include Checkpoint FW1, Cisco ASA, and Netscreen ScreenOS.

        Project details

        360-FAAR is written in Perl.

        Strengths and weaknesses

        • + Project is mature (5+ years)
        • + The source code of this software is available

          Typical usage

          • Firewall auditing
          • Log analysis
          • Security assessment
          • Security reviews

          360-FAAR review

          60

          Chiron

          Introduction

          Chiron is a security assessment framework for IPv6. It provides several modules including an IPv6 scanner, IPv6 Local Link, IPv4-to-IPv6 proxy, IPv6 attack module, and IPv6 proxy. These modules help to perform an assessment, like a penetration test.

          The tool uses IPv6 extension headers to create a headers chain. This may allow evading security devices like IDS, IPS, and firewalls. Due to the flexibility of the framework, the tool can also be used to perform fuzzing of the IPv6 stack of a device.

          Project details

          Chiron is written in Python.

          Strengths and weaknesses

          • + The source code of this software is available
          • - No releases on GitHub available

          Typical usage

          • Network analysis
          • Network scanning
          • Network security monitoring

          Chiron review

          64

          DFWFW (Docker Firewall Framework)

          Introduction

          DFWFW, short of Docker Firewall Framework, offers easy administration of the iptables rules of Docker containers. It updates using event streams.

          Project details

          DFWFW is written in Perl.

          Strengths and weaknesses

          • + The source code of this software is available
          • - Full name of author is unknown

          Typical usage

          • Firewall management

          DFWFW review

          56

          FireAway

          Introduction

          FireAway is a security tool to test the security of a firewall by trying to bypass its rules. It will use different methods to hide data or avoid detection by the firewall itself. This tool can be used for both defensive as offensive security.

          Project details

          FireAway is written in Python.

          Strengths and weaknesses

          • + The source code of this software is available
          • - No releases on GitHub available
          • - Unknown project license

          Typical usage

          • Bypassing firewall rules
          • Firewall auditing
          • Network traffic filtering
          • Penetration testing

          FireAway review

          74

          FireHOL

          Introduction

          FireHOL is promoted as an iptables stateful packet filtering firewall for humans. It also comes with FireQOS, which a bandwidth shaper based on tc.

          Project details

          FireHOL is written in shell script.

          Strengths and weaknesses

          • + More than 500 GitHub stars
          • + The source code of this software is available

            Typical usage

            • Firewall management
            • Network traffic filtering

            FireHOL review

            63

            Knock

            Introduction

            Knock implements the principle of port knocking. It does so by using libpcap to sniff network traffic on interfaces and then use that to see if it matches a predefined sequence of steps.

            Project details

            Knock is written in C.

            Strengths and weaknesses

            • + Project is mature (10+ years)
            • - No updates for a while

            Knock review

            60

            opensvp

            Introduction

            Tools like opensvp can be used to test the strength of a configuration from the outside. It makes it a good tool for penetration testing and security assessments. While people may feel safe to have a firewall in place, it might be unknowingly vulnerable to several attacks on protocol level. This tool helps with finding these weaknesses.

            Project details

            opensvp is written in Python.

            Strengths and weaknesses

            • + The source code of this software is available

              Typical usage

              • Application testing
              • Defense testing
              • Penetration testing
              • Security assessment

              opensvp review

              Some relevant tool missing as an alternative to Douane? Please contact us with your suggestion.