Packet filtering analysis data packet filtering is also known as static data packet filtering. It analyzes incoming and outgoing data packets and transmits or blocks data packets according to established standards to control network access. Www.2cto.com acts as a data packet filter when the router forwards or rejects data packets according to the filter rules. When a data packet arrives at the router that filters the data packet, the router will extract some information from the packet header. Based on the filtering rules, the router determines whether the data packet should pass or be discarded. Packet filtering works at the network layer of the Open Systems Interconnection (OSI) model or the Internet layer of TCP/IP. As a layer-3 device, the data packet filtering router uses rules to determine whether to allow or reject traffic based on the source IP address, source port, destination port, and data packet protocol. These rules are defined using the access control list (ACL. I believe you still remember that ACL is an ordered list composed of a series of permit or deny statements applied to IP addresses or upper-layer protocols. ACL can extract the following information from the packet header, test according to rules, and then decide whether to "allow" or "deny ": the source IP address Destination IP Address ICMP Message Type ACL can also extract the upper layer information and test it according to the rules. Upper Layer information includes: TCP/UDP source port TCP/UDP destination port