home  exhibition  quizzes  tour 
  basics  protocol mechanisms  internet  lans  applications  
firewall | firewall game |


A firewall is placed between an organizations network and the internet in order to security-check the incoming and outgoing packets. One type of firewall - a so-called packet filter firewall - operates on the packet headers of the TCP/IP packets. The administrator has to specify a list with filter rules and the firewall applies these rules in order to determine whether to drop a packet or let it pass. Filtering decisions are typically based on

  • IP source and destination address
  • TCP or UDP source and destination port
  • the used protocol (e.g., ICMP, TCP, UDP)
  • and other information like the ICMP message type or TCP control bits
Typically, a defensive policy is applied for the packet filtering: in a first step all traffic is blocked and then in a second step rules are defined for dedicated packets that are allowed to pass. The filtering list is sequentially worked though from line one until a matching rule is found.

In this application you choose one of several scenarios and with the start button, the appropriate packets are sent. In the lower part, you configure the firewall. "Add" creates new rules, "Remove" deletes selected rules from the list. Allow the packets from the chosen scenario to pass the firewall. But be careful, you have to permit request and response packets to pass, otherwise no communication is possible.


start the application