Print this chapterPrint this chapter

Packet Filtering

3. Circuit relay


A circuit level gateway is a firewall that validates connections before allowing data to be exchanged. This means that it does not simply allow or deny packets based on the packet header but determines whether the connection between both ends is valid according to configurable rules before it opens a session and allows data to be exchanged. Filtering is based on:

  • Source/destination IP address
  • Source/destination port
  • A period of time
  • Protocol
  • User
  • Password

All traffic is validated and monitored, and unwanted traffic can be dropped.

Weakness:

  • Operates at the Transport Layer and may require substantial modification of the programs that normally provide transport functions