Stateful Packet Filters
¨Keep tracks of each
active connection via a state table
–Monitoring of SYN code
bits
–Content
of state table (source & destination
IP address and port# ,
timeout)
¨Basis of packet
forwarding decision
–State table
– rule set
¨ACK packets may be
dropped if there was no associated SYN packet in
state table
¨May remember
outgoing UDP packets to restrict incoming UDP packets to replies
¨More intelligent but
slower than traditional packet filters