Table of Contents
Advertisement
15-30 User's Reference Guide
Firewall tutorial
General Firewall Terms
Firewall: a component or set of components that restrict access between a protected network and the Internet,
or between two networks.
Host: A workstation on the Network.
Packet: Unit of communication on the Internet.
Packet Filter: Packet filters allow or deny packets based on source or destination IP addresses, TCP or UDP
ports, or the TCP ACK bit.
Port: A number that defines a particular type of service.
Filter Rule: A filter set is comprised of individual filter rules.
Filter Set: A grouping of individual filter rules.
Basic IP Packet Components
All IP packets contain the same basic "header" information, as follows:
This header information is what the packet filter uses to make filtering decisions. It is important to note that a
packet filter does not look into the IP datastream (the User Data from above) to make filtering decisions.
Basic Protocol Types
TCP: Transmission Control Protocol. TCP provides reliable packet delivery and has a retransmission
mechanism (so packets are not lost). RFC 793 is the specification for TCP.
UDP: User Datagram Protocol. Unlike TCP, UDP does not guarantee reliable, sequenced packet delivery. If data
does not reach its destination, UDP does not re transmit the data. RFC 768 is the specification for UDP.
And there are many more ports defined in the Assigned Addresses RFC.
Source IP Address
Destination IP Address
Source Port
Destination Port
Protocol
ACK Bit
DATA
163.176.132.18
163.176.4.27
2541
80
TCP
Yes
User Data
Advertisement
Table of Contents
Troubleshooting
