edited by
450 views
1 votes
1 votes

Which parameter can be used by a firewall to decide whether to forward or drop packets?

  1. source ip address & destination ip address  
  2. tcp/udp source and destination port number  
  3. tcp SYN and ACK bits  
  4. all of these
edited by

1 Answer

Best answer
4 votes
4 votes

Stateful firewall utilizes traffic that is using the Transport Control Protocol (TCP). TCP is stateful to begin with. TCP keeps track of its connections through the use of source and destination address, port number and IP flags.

All packets with "SYN" in their header received by the firewall are interpreted to open new connections. Firewall drops all packets which don't have "SYN " in their header.

If the service requested by the client is available on the server, it will respond with a "SYN-ACK" packet which the firewall will also track.

Once the firewall receives the client's "ACK" response, it transfers the connection to the "ESTABLISHED" state as the connection has been authenticated bidirectionally. This allows tracking of future packets through the established connection. 

TCP keeps track of its connections through the use of source and destination address, port number and IP flags.

Hence all 3 options are used by a firewall to decide whether to forward or drop packets .

Reference:

  1.  https://en.wikipedia.org/wiki/Stateful_firewall#Description
  2. https://www.pluralsight.com/blog/it-ops/stateful-firewall-fundamentals
Answer:

Related questions

1 votes
1 votes
1 answer
1
Bikram asked Nov 26, 2016
498 views
The bandwidth in a CSMA/CD network is $10$ Mbps. The minimum frame size required in the network when RTT is $384$ microsecond _______ in Bytes.
1 votes
1 votes
1 answer
2
Bikram asked Nov 26, 2016
401 views
A selective repeat ARQ uses a window size of $26$ to send the data. The number of bits needed to define the sequence number is _____.
2 votes
2 votes
3 answers
3
Bikram asked Nov 26, 2016
710 views
Which among the following services is provided by the transport layer?Recovery from message loss.End to end delivery of individual messages.Correct order message delivery...
6 votes
6 votes
3 answers
4
Bikram asked Nov 26, 2016
1,816 views
A sliding window protocol uses Selective Repeat. The sender sliding window size is $32$. After receiving the first $100$ frames, the acknowledgement number that is piggyb...