First page Back Continue Last page Summary Graphics
A stateless packet-filtering firewall is normally implemented within the operating system and operates at the IP network and transport protocol layers.
A firewall makes routing or forwarding decisions based on information in the IP packet header fields.
Inspects packets at the IP level (network and transport layer mechanism)
Not only examines packet headers for forwarding information, but includes rules about which packets to forward and which to drop. Packets are forwarded between networks based on a set of rules enforcing access control policies.
For a single machine setup, it might be helpful to think of the network interface as an I/O pair. The firewall independently filters what comes in and what goes out through the interface. The input filtering and the output filtering can have completely different rules.