Packet Filtering Rules

In the example above, a packet sent from IP 162.22.34.56 into the current network is accepted according to Rule 1 of the table, and, therefore, is sent to the destination. On the other hand, a packet sent from another IP address, e.g., 175.236.120.12 will match Rule 3 (since none of Rules 1 and 2 match,) which means that the packet will be dropped.

Besides using the source and destination IP addresses, a firewall might also make its decisions based on the protocols used for the transmission of this packet, the source or destination port numbers, and even the contents of the packet itself. The latter method of filtering based on the content of the packet is called content filtering.

A few more examples of packet filtering: