Basic Firewall Question

Why does the firewall still pass traffic through when the deny rule
blocks anything going to the LAN? Here is the background of my
confusion:

Before any other rule rule trumping, my firewall allows the LAN to send
data to wherever it wants. However, by default the firewall also
prevents anything from going to the LAN, with the deny rule processed
at a higher priority. Here are the rules:

Allow Default
----------------------------
Source: LAN, *
Destination:: *,*
Protocol: *,*

Deny Default
----------------------------
Source: *,*
Destination, LAN, *
Protocol: *

Therefore, I can understand how my client web browser can send a
connection request to a web server, but why does the web server
response passes through to the client when the deny rule blocks
everything. I know that server responses need to get passed back to the
client connection. Otherwise the Internet would not work very well. I
just want to know what I am misunderstanding about how the router
works.

Thanks for your time,

Boyd

Re: Basic Firewall Question

Post removed (X-No-Archive: yes)

Re: Basic Firewall Question

Hi Boyd,

As you quite rightly say, your firewall would be of little use if it
blocked absolutely everything from entering your LAN.

In realitly, when you initiate a connection, for example http, your
computer will create a request to port 80 on the web server. This will
originate from a different port number, typically a port number greater
than 1024. Your firewall will see this outbound connection and will hold
this port (the high one) open to allow the traffic back in to your
network and direct it to the device that started the request. This port
will be held open by the firewall until it is no longer needed.

This is an over-simplified precis of the process but I believe it is
accurate in essence,

Me.


wrote in message
news:1165264463.426057.75030@80g2000cwy.googlegroups.com...
> Why does the firewall still pass traffic through when the deny rule
> blocks anything going to the LAN? Here is the background of my
> confusion:
>
> Before any other rule rule trumping, my firewall allows the LAN to
send
> data to wherever it wants. However, by default the firewall also
> prevents anything from going to the LAN, with the deny rule processed
> at a higher priority. Here are the rules:
>
> Allow Default
> ----------------------------
> Source: LAN, *
> Destination:: *,*
> Protocol: *,*
>
> Deny Default
> ----------------------------
> Source: *,*
> Destination, LAN, *
> Protocol: *
>
> Therefore, I can understand how my client web browser can send a
> connection request to a web server, but why does the web server
> response passes through to the client when the deny rule blocks
> everything. I know that server responses need to get passed back to
the
> client connection. Otherwise the Internet would not work very well.
I
> just want to know what I am misunderstanding about how the router
> works.
>
> Thanks for your time,
>
> Boyd
>

Re: Basic Firewall Question

wrote in message
news:1165264463.426057.75030@80g2000cwy.googlegroups.com...
> Why does the firewall still pass traffic through when the deny rule
> blocks anything going to the LAN? Here is the background of my
> confusion:
>
> Before any other rule rule trumping, my firewall allows the LAN to send
> data to wherever it wants. However, by default the firewall also
> prevents anything from going to the LAN, with the deny rule processed
> at a higher priority. Here are the rules:
>
> Allow Default
> ----------------------------
> Source: LAN, *
> Destination:: *,*
> Protocol: *,*
>
> Deny Default
> ----------------------------
> Source: *,*
> Destination, LAN, *
> Protocol: *
>
> Therefore, I can understand how my client web browser can send a
> connection request to a web server, but why does the web server
> response passes through to the client when the deny rule blocks
> everything. I know that server responses need to get passed back to the
> client connection. Otherwise the Internet would not work very well. I
> just want to know what I am misunderstanding about how the router
> works.
>
> Thanks for your time,
>
> Boyd
>

Because the firewall sees the reply from whatever you are connecting to from
the LAN as an establised connection. The connection is what is sometimes
referred to as being "stateful".

Chris.