GitHub hosts numerous open-source firewall projects, ranging from network-level tools to web application firewalls (WAFs). These include tools for Linux, Windows, Docker, and more, often focusing on traffic filtering, intrusion prevention, and security hardening. github
Top Repositories
GitHub’s firewall topic page lists over 1,900 public repositories, sorted by stars. Popular ones include: github
- frp by fatedier: A fast reverse proxy for exposing local servers behind NAT or firewalls to the internet (97.5k stars). github
- nps by ehang-io: Lightweight intranet penetration proxy supporting TCP, UDP, SOCKS5, and HTTP forwarding (33.3k stars). github
- SafeLine by chaitin: Self-hosted WAF and reverse proxy protecting web apps from attacks like XSS and SQL injection (17.4k stars). github
- opensnitch by evilsocket: Interactive GNU/Linux application firewall similar to Little Snitch for outbound connection filtering (12k stars). github
- portmaster by safing: Privacy-focused firewall blocking surveillance with DNS and networking controls (10.6k stars). github
Notable Web Firewalls
- BunkerWeb by bunkerity: Next-gen open-source WAF based on NGINX, with HTTPS automation, ModSecurity, bot blocking, and a web UI. Integrates easily with Docker, Kubernetes, and Linux; supports plugins like ClamAV scanning (9.2k stars). github
- pfSense: FreeBSD-based network firewall distribution with packages for advanced functionality, replacing commercial firewalls like Cisco ASA (5.3k stars). github
Other Categories
| Type | Examples | Key Features |
|---|---|---|
| Network Proxies | rathole, lanproxy | NAT traversal, tunneling (11.5k and 5.8k stars) github |
| Platform-Specific | simplewall (Windows WFP), afwall (Android iptables) | App-level filtering (7.3k and 3.1k stars) github |
| Enterprise | firezone, teleport | Zero-trust access with WireGuard (7.5k and 19k stars) github |
Explore the full list on GitHub’s firewall topic for downloads, stars, and updates. github