Back to Security Pattern Catalog

Packet Filter Firewall

Classification Key : Exterior Security, Information Disclosure


Malicious users might try to attack the local network through their IP-level payloads. How can the malicious hosts be identified?


Intercept all traffic at the single access point and filter them based on the ingress/egress security policy. Packets coming from un-trusted sources are rejected. The malicious un-trusted users are determined from a set of rules that implement the security policies of the institution. An outside host can only access the LAN if some rule exists authorizing traffic from its address.

Known Uses

OpenBSD packet filtering firewall, Linux Firewall.

Related Patterns

Single Access Point, Stateful Firewall, Network Address Blacklist, Demilitarized Zone


Wiley Book


Firewall, Filtering, Access Control


Last modified: May 05, 2012

Conceived and Maintained by: Munawar Hafiz