Content deleted Content added
m Date the maintenance tags using AWB |
No edit summary |
||
Line 3:
In [[computer networks]], a '''[[network layer]] [[Firewall (networking)|firewall]]''' works as a [[packet filter]] by deciding what [[packet]]s will pass the firewall according to rules defined by the administrator. Filtering rules can act on the basis of source and destination address and on [[Computer port (software)|port]]s, in addition to whatever higher-level [[network protocol]]s the packet contains. Network layer firewalls tend to operate very fast, and transparently to users.
Network layer firewalls generally fall into two sub-categories, [[stateful firewall|stateful]] and [[stateless firewall|stateless]]. [[State|Stateful]] firewalls hold some information on the state of connections (for example: established or not, initiation, [[handshaking]], [[data]] or breaking down the [[Connectivity (computer science)|connection]]) as part of their rules (e.g. only hosts inside the firewall can establish connections on a certain port).
Stateless firewalls have packet-filtering capabilities but cannot make more complex decisions on what stage communications between hosts have reached. Stateless firewalls therefore offer less security. Stateless firewalls somewhat resemble a [[router]] in their ability to filter packets.
| |||