Worth mentioning these on the Qubes-Whonix security page for advanced users?
1. Suricata
Looks like it replaces the sys-firewall and does packet inspection (IDS, IPS) to look for malicious traffic. Larger project has been around since 2009.
GitHub - control-owl/suriGUI: GUI for Suricata + Qubes OS
https://resources.infosecinstitute.com/topic/suricata-what-is-it-and-how-can-we-use-it/
Suricata is an open-source detection engine that can act as an intrusion detection system (IDS) and an intrusion prevention system (IPS). It was developed by the Open Information Security Foundation (OSIF) and is a free tool used by enterprises, small and large. The system uses a rule set and signature language to detect and prevent threats. Suricata can run on Windows, Mac, Unix and Linux.
As discussed in the previous articles, intrusion detection “detects” and “alerts” a threat. In contrast, an intrusion prevention system also takes action on the event and attempts to block the traffic. Suricata can do both and also does well with deep packet inspection. Making it perfect for pretty much any kind of standard security monitoring initiatives your company might have.
See also:
Features - Suricata
ANN: sys-ips - General - Qubes OS Forum
2. Pi-hole network-level advertisement and Internet tracker blocking application
https://docs.pi-hole.net/
The Pi-hole® is a DNS sinkhole that protects your devices from unwanted content, without installing any client-side software.
Easy-to-install: our versatile installer walks you through the process and takes less than ten minutes
Resolute: content is blocked in non-browser locations, such as ad-laden mobile apps and smart TVs
Responsive: seamlessly speeds up the feel of everyday browsing by caching DNS queries
Lightweight: runs smoothly with minimal hardware and software requirements
Robust: a command-line interface that is quality assured for interoperability
Insightful: a beautiful responsive Web Interface dashboard to view and control your Pi-hole
Versatile: can optionally function as a DHCP server, ensuring all your devices are protected automatically
Scalable: capable of handling hundreds of millions of queries when installed on server-grade hardware
Modern: blocks ads over both IPv4 and IPv6
Free: open-source software which helps ensure you are the sole person in control of your privacy
See also:
How to configure PiHole in QubesOS (ProxyVM) | Patrizio Tufarolo
PiHole/PiHole Cloudflared at master · 92VV3M42d3v8/PiHole · GitHub
Pi-hole as additional ad-firewall and (unbound) DNS within Qubes - General Discussion - Qubes OS Forum
Pi-hole configuration qubes os 4.1 - User Support - Qubes OS Forum