Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Stateful Packet Inspection

    Firewalling
    3
    4
    8845
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A
      annabanana last edited by

      Does pfsense have SPI? I see stateful packet filtering listed in the features, but that's not the same, correct?

      Thx
      Anna

      1 Reply Last reply Reply Quote 0
      • H
        hoba last edited by

        Just 2 terms for the same feature.

        1 Reply Last reply Reply Quote 0
        • D
          databeestje last edited by

          we do have statefull packet inspection. The firewall keep state on all connections (and these are replicated to a slave in a carp setup). This is not to be confused with layer7 application filtering.

          It just means that we keep track of session startup and shutdown. So sending random packets to a host (like the internet does) whithout setting up a connection will be found in the firewall logs.

          If that is what you were asking about.

          1 Reply Last reply Reply Quote 0
          • A
            annabanana last edited by

            Thanks for the replies. That cleared things up. For some reason I mistakingly thought layer7 and SPI were the same thing.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post