Packet filtering has been growing in importance within the Internet as the requirements expand to selectively recognize and process desired packets, as a result of security concerns, policy control, differentiated services, intrusion detection, or other needs. Packet filtering is needed for services, such as firewalls and quality of service; services that require the capability to distinguish and isolate traffic that poses potential threats.
The process of controlling access to a network by analyzing the incoming and outgoing packet and letting them pass or halting them based on some criteria of the nature of packets is called packet filtering. Packet filtering is one technique, among many, for implementing security firewalls. Packet filters are host-based or appliance-based applications, which block or allow network traffic based on a set of rules defined by the administrator. The administrator starts the packet filtering process on the device, composes the set of rules to which the incoming network traffic should be applied and those rules either permit or deny the traffic based upon those rules. A packet filter is a mechanism used to provide a level of digital security by controlling the flow of information (data packets) via the examination of key information in packet headers. A packet filter determines if these packets are allowed to go through a given point based on certain access control policies. Typically, this point is a firewall, router or gateway into a network or workstation.
Modern packet filters can filter traffic based on many packet attributes like source IP or port, destination IP or port, destination service like HTTP or FTP. They can filter based on protocols, TTL values, domain name of the source, and many other attributes. This project proposes a rule based approach to packet filtering and further, provides the implementation of addition of rules on a dynamic and prioritized basis as required by real time applications.