NetComm NB712 Network Router User Manual


 
NB712 / NB714 User Guide 9
YML829 Rev1
2.1 Types of Firewall
There are three types of firewall:
2.1.1 Packet Filtering
In packet filtering, only the protocol and the address information of each packet is examined. Its
contents and context (its relation to other packets and to the intended application) are ignored.
The firewall pays no attention to applications on the host or local network and it “knows” nothing
about the source of the incoming data. Filtering consists of examining incoming or outgoing packets
and allowing or disallowing their transmission on the basis of a set of configurable rules. Network
Address Translation (NAT) routers offer the advantages of packet filtering firewalls but can also hide
the IP addresses of computers behind the firewall, and offer a level of circuit-based filtering.
Level 5: Application
Level 4: TCP
Level 3: IP
Level 2: Data Link
Level 1: Physical
Protocol
Source/Destination address
Source/Destination port
IP options
Connection status
192.168.0.5
172.16.3.4
Firewall
Filter remembers
this information
UDP
SP=3264
SA=192.168.0.5
DP=1525
DA=172.16.3.4
UDP
SP=1525
SA=172.16.3.4
DP=3264
DA=192.168.0.5
UDP
SP=1525
SA=172.168.3.4
DP=2049
DA=192.168.0.5
No matches
so disallowed
Matches outgoing
so allowed
192.100.0.10:1025
Firewall 192.120.8.5
192.100.0.11:4433
Internet
192.120.8.5:2205
192.120.8.5:2206
Internal/Protected
Network
External/Unprotected
Network
Client IP Internal Port External Port
192.68.0.10 1025 2205
192.168.0.11 4406 2206