Documentation

Architecture guides, key concepts, and comprehensive reference documentation for all R-fx Networks Linux security projects. Flagship projects include interactive architecture diagrams and in-depth technical breakdowns sourced from authoritative project READMEs.

3 architecture guides

4 full docs

10 total projects

Jump to project

LMDLinux Malware Detect APFAdvanced Policy Firewall BFDBrute Force Detection SIMSystem Integrity Monitor IRSYNCIncremental Rsync LESLinux Environment Security LSMLinux Socket Monitor NSIVNetwork Socket Inode Validation PRMProcess Resource Monitor SPRISystem Priority

Flagship Projects

Full documentation with architecture diagrams, key concepts, and navigable structured guides sourced from authoritative project READMEs on 2.x branches.

LMDLinux Malware DetectREADMEArchitecture

Order-of-magnitude faster shell-native malware scanning for Linux

Multi-stage detection pipeline with hash-first short-circuiting

5 detection engines · 43x faster · SHA-NI accelerated

+7 more sections

Read full documentation (15 sections)Architecture

APFAdvanced Policy FirewallREADMEArchitecture

iptables-based firewall with intuitive policy syntax

Three-fold filtering with static, stateful, and sanity layers

GeoIP · RAB · Virtual networks · ipset block lists

+2 more sections

Read full documentation (10 sections)Architecture

BFDBrute Force DetectionREADMEArchitecture

Modular log parser for blocking authentication attacks

Pressure-based scoring with exponential decay model

57 service rules · 8 firewall backends · Watch mode daemon

+6 more sections

Read full documentation (14 sections)Architecture

SIMSystem Integrity MonitorREADME

System and services monitor for SysVinit systems

Read full documentation (0 sections)

Project Reference

Reference documentation generated from project metadata. Full README-based documentation is in progress for these projects.

IRSYNCIncremental RsyncGenerated

Snapshot backups with traffic shaping and restore

Incremental Rsync (IRSYNC) is an incremental backup utility built on rsync with integrated Linux traffic control (tc) shaping to regulate bandwidth consumption during transfers.

Overview Features Installation Resources

View documentation

LESLinux Environment SecurityGenerated

Automated security hardening for Linux systems

Linux Environment Security (LES) provides an increased level of local environment security with the goal of preventing environment-based attacks.

Overview Features Installation Resources

View documentation

LSMLinux Socket MonitorGenerated

Detect unauthorized network connections in real time

Linux Socket Monitor (LSM) is a network socket monitor designed to track changes to both network sockets and Unix domain sockets, effectively serving as a port monitor.

Overview Features Installation Resources

View documentation

NSIVNetwork Socket Inode ValidationGenerated

Socket inode checks for compromise detection

Network Socket Inode Validation (NSIV) validates network socket inodes to detect security anomalies by correlating processes to their network sockets at the kernel inode level.

Overview Features Installation Resources

View documentation

PRMProcess Resource MonitorGenerated

Monitor and enforce process resource limits

Process Resource Monitor (PRM) is a CPU, memory, process count, and run time resource monitor for Linux and BSD systems.

Overview Features Installation Version Resources

View documentation

SPRISystem PriorityGenerated

Process priority and scheduling management

System Priority (SPRI) is a tool for managing system process priorities and CPU scheduling on Linux systems.

Overview Features Installation Resources

View documentation