Static and dynamic packet filtering
-
Helo,
What is static and dynamic packet filtering?
Best Regards,
Marco
-
At the most basic level:
-
Static packet filtering is where you define the rules based on src port, dst port, src IP, dst IP and protocol (layer 4). You write the rules for your filtering to occur. We can see in things like Access Control Lists used by routers.
-
Dynamic packet filtering is when the filtering device can filter based on the keeping track of the state of transmission. Most generically, we see this in stateful firewalls. It only allows for inbound traffic if the flow first originated from the inside network. It drops those originating from the outside directly.
-
-
@Ronnie-Wong
Thanks for your reply.
sorry but the explanation for the dynamic packet filtering is so clear.
U said that it allows only the inbound traffic... it drops those originating from the outside directly, but it is a network i mean it should accept traffic from outside , it is not a Lan.
could you please reexplain this idea .Kind Regards,
Marco
-
it doesn't accept it if it's not first requested from inside the LAN first.
We do not want to allow for unknown origin traffic to make a connection in if it's not requested first.
So reply traffic is ok.
New traffic from outside...not ok.
-