—— Packet filtering or packet filtering is a universal, cheap and effective security method. It is universal because it does not take special processing methods for each specific network service; network security firewall，it is cheap because most routers provide packet filtering; it is effective because it can meet the security requirements of enterprises to a large extent.

——Packet filtering works at the network layer and the transport layer. It determines whether the packet is allowed to pass through according to the source and sink addresses of the packet, port number, protocol type, and flag. The information is based on the IP, TCP or UDP header.

——The advantage of packet filtering is that there is no need to change the application on the client and host, because it works at the network layer and the transport layer, and has nothing to do with the application layer. But its weakness is also obvious: only the limited information of the network layer and the transport layer is judged by filtering, so various security requirements cannot be fully met; in many filters, the number of filtering rules is limited, and with As the number of rules increases, performance will be affected; therefore, filters are usually used in conjunction with application gateways to form a firewall system.

like：

Anti-attack ability of firewall and NAT technology

What are the types of firewalls and what are their functions

​What is the concept of a firewall, and what are the conceptual points?