Network traffic filtering tools
nftables (network traffic filtering)
nftables is a subsystem of the Linux kernel to filter and classify network traffic and supposed to replace netfilter.
SCUTUM (ARP filtering)
SCUTUM is a security tool for Linux systems to filter network traffic. With this firewall functionality, it can allow only whitelisted network gateways.
vallumd (distributed ipset blacklist for iptables)
Vallumd is a security tool using MQTT to provide centralized blacklists for multiple servers or systems.