What is packet filtering firewall configuration? How it can protect a layer of security?
Packet Filtering Firewall Configuration
Packet Filtering is a type of firewall which is used to filter or control incoming or outgoing traffic. Is Packet Filtering Firewall is also known as Stateless Firewall and it does not keep track of the state of the connection. So, it does not maintain any state information about TCP connections, UDP communication, and ICMP messages.
This type of firewall is generally used to provide security for a network. It is usually used where only basic security is required. These are such as blocking access to external networks or blocking specific services from being accessed within the network.
Filtering and Controlling Traffic
SFC is a stateful firewall that keeps track of all the communication sessions established between the hosts in a network. It uses a filtering table for controlling traffic. This table contains entries that are created by the administrator concerning rules.
These are called access control lists. It defines whether incoming or outgoing packets are allowed or denied. Here we will configure packet filtering under the physical interface (Fa0/0) of our router. So we must be sure that all physical interfaces are up (no down status).
We can that we want to allow only one host. This is in our network to communicate with another host on an external network that has IP address 192.168.1.10. So, we need to configure our route.
Configure an IP address for the Fa0/0 interface (192.168.1.2). Then configure the access list for allowing only one IP address 192.168.1.10 for outgoing communication from this interface (192.168.1.2). Apply this access list on our Fa0/0 interface through the command “IP access-group 101 out”.
We should apply ACL on both sides (incoming and outgoing direction). So we must apply ACL on both source and destination interfaces through the command “IP access-group 101”. When you have configured ACL but still there is no policy applied then the router will not drop this packet.
This is so even if one host tries to communicate with another host. But it will forward it if there is no error in the packet then it will be forwarded.
Types of Packet Filtering Firewall
Stateless firewalls are packet filtering firewalls. They have no information about the state of the connection. Also, they filter packets based on source and destination IP address, source, and destination port numbers, and protocol type.
Stateless firewalls do not keep track of the status of any TCP session and thus are relatively simple to implement. However, they also consume a lot of system resources. Also, this type of firewall cannot protect against SYN flood attacks.
Stateful firewalls use state information internally to apply filtering rules. They maintain state information for each connection, so they know what types of packets are allowed based on the current connection state. Stateful firewalls require more memory and CPU resources than stateless firewalls.
However, they can protect against SYN flood attacks, and track which hosts are allowed to connect to which hosts.