Packet filtering firewall allows only packets that meet specific criteria to pass through the firewall. Here is the packet filtering firewall example you need to know.
Packet Filtering Firewall Example
Network traffic packets are filtered using a set of rules or criteria. These criteria are based on the source and destination IP addresses and port numbers. In a packet filtering firewall example, a packet is either allowed through the firewall or is dropped.
A packet that matches the rule is allowed to pass through the firewall while a packet that does not match the rule is dropped.
Source Address
The source address of a packet is compared to the source address of the rule. This is to determine if it should be allowed through or dropped. If you have to packet multiple rules, it starts with the first rule and compares each incoming packet to each rule in sequence until it finds a match.
If it finds a match, then it applies the associated actions on that matched packet. If there is no match, then it moves on to the next rule in sequence until all rules are checked.
Destination Address
The destination address of an incoming packet is compared against the destination address specified in a specific rule. If there is a match, then it applies the associated actions on that matched packet. If there isn’t a match, then it moves on to the next rule in sequence until all rules are checked.
Port Number
Ports are associated with network services running on the server or client computers. Certain ports are used for specific services such as web servers (port 80), mail servers (port 25), etc. Also, packets sent to these ports are checked against any rules that specify these ports as part of their criteria.
If there is a match, then it applies the associated actions on that matched packet. So, if there isn’t a match, then it moves on to the next rule in sequence until all rules are checked.
Packet Filtering – Action
Once a matching rule has been found, an action can be applied. This is against that matched packet based on the criteria used in building the firewall ruleset. So, the most common action used with packet filtering firewalls is dropping packets with incorrect header information.
This is an invalid source address or an invalid port number. So, this prevents intrusion attempts from being successful. Since they will be blocked before reaching their target computer system or network device (for example routers).
Conclusion
A typical use of this type of firewall is when you want to allow packets from certain computers to access a server. But not the rest of the Internet. For example, if you have a web server, you would want to allow packets from your company’s internal network.
So they can access the web server. However, you don’t want to allow packets from the rest of the Internet to access your web server. In this case, you would create a rule.
This allows packets with source IP addresses from your internal network (for example 192.168.1.0/24) and denies all other packets. Using this firewall will stop the rest of the Internet from accessing your network resources. Thus, preventing outside users from launching an attack against your system or network.