Involved Projects and Packages
libnetfilter_log is a userspace library providing interface to packets that have been logged by the kernel packet filter. It is is part of a system that deprecates the old syslog/dmesg based packet logging. This library has been previously known as libnfnetlink_log.
libnetfilter_queue is a userspace library providing an API to packets that have been queued by the kernel packet filter. It is is part of a system that deprecates the old ip_queue / libipq mechanism.
Build disabled for < 12.1 due to hitting make bug (Savannah bug #33125 (bnc #681108))
libnfnetlink is the low-level library for netfilter related kernel/userspace communication. It provides a generic messaging infrastructure for in-kernel netfilter subsystems (such as nfnetlink_log, nfnetlink_queue, nfnetlink_conntrack) and their respective users and/or management tools in userspace.
This library is not meant as a public API for application developers. It is only used by other netfilter.org projects, such as libnetfilter_log, libnetfilter_queue or libnetfilter_conntrack.
ulogd is a userspace logging daemon for netfilter/iptables related logging. This includes per-packet logging of security violations, per-packet logging for accounting purpose as well as per-flow logging.
Xtables is used to set up, maintain, and inspect the tables of IP
packet filter rules in the Linux kernel.
Xtables-addons is the successor to patch-o-matic(-ng). Likewise, it
contains extensions that were not, or are not yet, accepted in the
main kernel/iptables packages.
LibreSSL is an open-source implementation of the Secure Sockets Layer
(SSL) and Transport Layer Security (TLS) protocols. It derives from
OpenSSL, with the aim of refactoring the OpenSSL code so as to
provide a more secure implementation.
libdbi implements a database-independent abstraction layer in C, similar to the DBI/DBD layer in Perl. Writing one generic set of code, programmers can leverage the power of multiple databases and multiple simultaneous database connections by using this framework.
libdbi implements a database-independent abstraction layer in C, similar to the DBI/DBD layer in Perl. Drivers are distributed separately from the library itself.
sshfp generates DNS SSHFP records from SSH public keys. sshfp can
take public keys from a knownhosts file or from scanning the host's
sshd daemon. The ssh client can use these SSHFP records if you set
"VerifyHostKeyDNS yes" in the file /etc/ssh/ssh_config.
Brotli is a generic-purpose lossless compression algorithm that compresses data
using a combination of a modern variant of the LZ77 algorithm, Huffman coding
and 2nd order context modeling, with a compression ratio comparable to the best
currently available general-purpose compression methods. It is similar in speed
with deflate but offers more dense compression.
ngx_brotli is a set of two nginx modules:
ngx_brotli filter module - used to compress responses on-the-fly,
ngx_brotli static module - used to serve pre-compressed files.
Varnish is an HTTP accelerator. An HTTP accelerator (often called Reverse
Proxy) is an application that stores (caches) documents that have been
requested over the HTTP protocol.
Based on certain criteria the next client requesting the document is either
given the cached document, or a "fresh" document requested from a backend
server. The purpose of this is to minimize the requests going to the backend
server(s) by serving the same document to potentially many users.
Atheme is a portable, secure set of open source, modular IRC services released
under the BSD license, designed to run on many IRCds.
Unlike alternative packages, Atheme's core is minimalistic, providing only core
functionality. Atheme is a complete services set, excluding features designed
for oper abuse.