A generic term for a routing device that makes filtering decisions based on a set of rules. These rules usually define IP addresses, TCP and UDP port numbers. It may also be possible to define the rules in terms of TCP flags in order to make decisions based on connection direction. A properly configured packet filter will only route the IP packets defined by the rules, rejecting all other packets.
Inspects each packet for user defined content, such as an IP address but does not track the state of sessions. This is one of the least secure types of firewall.
Rules used by a firewall to accept or reject incoming (network communication) packets based on source and destination IP addresses, source and destination port numbers, and packet type. These rules can also be used to reject any packet from the outside that claims to come from air address inside the network.
a simple firewall consisting of a single choke
Blocks traffic based on IP address and/or port numbers. Also known as a "screening router".
This is anything that filters out network traffic based on sender's address, receiver's address, and the type of protocol being sent. Some routers support packet filtering, all firewalls should. MUSIC's Ethernet Packet Filters perform wire-speed look-up fuctions for 10/100 Mbit Ethernet bridges and switches. These devices provide a glueless interface between most Ethernet MAC devices and a MUSIC LANCAM address table
A firewall function that can be configured to allow or disallow specified packets through a firewall.
Anything that filters out network traffic based on a sender's address, receiver's address, and the type of protocol being sent. Some routers support packet filtering, all firewalls do, and some proxy servers do as well.
The capability to search a packet to determine its destination and then route or block it accordingly.
The determination of whether to forward or drop a packet according to a prescribed set of criteria, such as source or destination or packet length. Helps to control network traffic.
A crude type of firewall technology that bases security decisions only on information contained in an IP packet header, such as service type, source or destination. Packet filtering is commonly utilized in routers. Packet filtering cannot support many dynamic protocols and cannot apply application intelligence to the data stream when making security decisions.
Packet filters are host-based or appliance-based applications, which block or allow network traffic based on a set of rules defined by the administrator. Commonly used packet filters on various versions of Unix are ipf (various), ipfw (Free BSD/Mac OS X), pf (Open BSD, and all other BSDs), iptables/ipchains (Linux).