Network layer firewalls

A network layer firewall works as a packet filter by deciding what packets will pass the firewall according to rules defined by the administrator. Filtering rules can act on the basis of source and destination address and on portss, in addition to whatever higher-level protocols the packet contains. Network layer firewalls tend to operate very fast, and transparently to users.

Network layer firewalls generally fall into two sub-categories, stateful and non-stateful. Stateful firewalls hold some information on the state of connections (for example: established or not, initiation, handshaking, data or breaking down the connection) as part of their rules (e.g. only hosts inside the firewall can establish connections on a certain port).

Stateless firewalls have packet-filtering capabilities but cannot make more complex decisions on what stage communications between hosts have reached. Stateless firewalls therefore offer less security. Stateless firewalls somewhat resemble a router in their abilty to filter packets.

Any normal computer running an operating system which supports packet filtering and routing can function as a network layer firewall. Appropriate operating systems for such a configuration include Linux, Solaris and the BSDss.