Packet Filtering Rules
In the example above, a packet sent from IP 162.22.34.56 into the current network is accepted according to Rule 1 of the table, and, therefore, is sent to the destination. On the other hand, a packet sent from another IP address, e.g., 175.236.120.12 will match Rule 3 (since none of Rules 1 and 2 match,) which means that the packet will be dropped.
Besides using the source and destination IP addresses, a firewall might also make its decisions based on the protocols used for the transmission of this packet, the source or destination port numbers, and even the contents of the packet itself. The latter method of filtering based on the content of the packet is called content filtering.
A few more examples of packet filtering:
- Allow e-mail and HTTP (web) services, but block services such as TFTP and Telnet.
- Block all incoming connections from the outside except for SMTP (so that you can keep receiving emails).
- Allow port 443 (= the default port for secure HTTPS traffic) for all service destination addresses.
- Allow port 80 (= the default port for secure HTTP traffic) for all service destination addresses.
These notes by Miriam Briskman are licensed under CC BY-NC 4.0 and based on sources.