What is a Firewall?

In terms of home computing, a Firewall is a software program installed on your computer that blocks all traffic (data transfer) unless a specific rule exception has been added to allow traffic to pass. Larger networks generally have a dedicated Hardware Firewall which is a device who's sole job is to act as a firewall. Dedicated devices are needed for the larger amount of traffic to analyze. If you are more technically minded, you can setup a dedicated Firewall using another computer with software like Smoothwall or IP Cop but that is beyond the scope of this article.

Try to think of a Firewall like a moat around your computer, and a bridge over the moat like an exception rule. The only way data can pass to and from your computer is if you add an exception rule, or a "bridge over the moat". This exception rule (bridge) can have very specific rules, or quite relaxed rules, depending on your needs. You can make an exception rule for any program running on your computer, any single port ranging from 1 to 65535, or a port range like 6881 to 6889. Most users simply add an exception rule for a specific program and let that program decide which ports it needs. Some examples below detail the different types and complexities of exception rules.

Firewall diagram showing exception rules

In the above diagram, the blue circle represents the Firewall (the moat) which blocks all traffic, unless it uses one of the four exception rules (bridges over the moat). Lets go through each rule in a little more detail...

The first exception rule (green) allows all traffic on port 80 (incoming/outgoing) for everybody. This means any computer or program attempting to send or receive data on port 80 will be allowed to do so. Port 80 is widely used for almost all internet browsing traffic, for example: this page you are viewing right now was sent using port 80.
The second exception rule (orange) allows all traffic communicating on port 443 (incoming/outgoing) using either SSL (Secure Sockets Layer) or TLS (Transport Layer Security). Port 443, SSL and TLS are used for secure (encrypted) browsing, for example: when you logon to your bank.
The third exception rule (purple) allows traffic communicating on port 5060 (incoming/outgoing) but only to, or from the web address: www.sip1.example.com. Port 5060 is used for VoIP (Voice Over Internet Protocol) traffic using SIP (Session Initiation Protocol). SIP may also require additional ports, or a port range to work properly.
The fourth exception rule (aqua) allows traffic on the port range 6881 through to 6889 (outgoing) but only for the program Bittorrent which will then handle any requests from other computers on the Internet over that port range. Bittorrent is a file sharing program that may require several connections to work properly, therefore multiple ports (port range) are specified in this rule. Bittorrent would also require an additional port to listen for incoming connections.

TCP & UDP

Although some Firewall's allow you to specify TCP or UDP protocols on your port exception rules, for most users it is not necessary to specify these due to the difficulty in knowing which ports require TCP, UDP or both. As an example: bittorrent does not use the UDP protocol, only TCP, and VoIP (SIP) traffic can use TCP or UDP protocols depending on the ATA device and your VoIP provider. If your Firewall requires you to make a choice between TCP and UDP for your port exception rules, you can safely allow both UDP/TCP traffic without opening too big a hole in your Firewall unless it is a port ranging between 1 and 1023, this port range is reserved mainly for system use (like port 80 for Internet) and it is not recommended to alter any ports in this range. Please follow the instructions of your device, service provider or installed program.

Further Reading


	Home \| Help \| About Us \| Contact Us \| Donate
	What is a Firewall? In terms of home computing, a Firewall is a software program installed on your computer that blocks all traffic (data transfer) unless a specific rule exception has been added to allow traffic to pass. Larger networks generally have a dedicated Hardware Firewall which is a device who's sole job is to act as a firewall. Dedicated devices are needed for the larger amount of traffic to analyze. If you are more technically minded, you can setup a dedicated Firewall using another computer with software like Smoothwall or IP Cop but that is beyond the scope of this article. Try to think of a Firewall like a moat around your computer, and a bridge over the moat like an exception rule. The only way data can pass to and from your computer is if you add an exception rule, or a "bridge over the moat". This exception rule (bridge) can have very specific rules, or quite relaxed rules, depending on your needs. You can make an exception rule for any program running on your computer, any single port ranging from 1 to 65535, or a port range like 6881 to 6889. Most users simply add an exception rule for a specific program and let that program decide which ports it needs. Some examples below detail the different types and complexities of exception rules. In the above diagram, the blue circle represents the Firewall (the moat) which blocks all traffic, unless it uses one of the four exception rules (bridges over the moat). Lets go through each rule in a little more detail... The first exception rule (green) allows all traffic on port 80 (incoming/outgoing) for everybody. This means any computer or program attempting to send or receive data on port 80 will be allowed to do so. Port 80 is widely used for almost all internet browsing traffic, for example: this page you are viewing right now was sent using port 80. The second exception rule (orange) allows all traffic communicating on port 443 (incoming/outgoing) using either SSL (Secure Sockets Layer) or TLS (Transport Layer Security). Port 443, SSL and TLS are used for secure (encrypted) browsing, for example: when you logon to your bank. The third exception rule (purple) allows traffic communicating on port 5060 (incoming/outgoing) but only to, or from the web address: www.sip1.example.com. Port 5060 is used for VoIP (Voice Over Internet Protocol) traffic using SIP (Session Initiation Protocol). SIP may also require additional ports, or a port range to work properly. The fourth exception rule (aqua) allows traffic on the port range 6881 through to 6889 (outgoing) but only for the program Bittorrent which will then handle any requests from other computers on the Internet over that port range. Bittorrent is a file sharing program that may require several connections to work properly, therefore multiple ports (port range) are specified in this rule. Bittorrent would also require an additional port to listen for incoming connections. TCP & UDP Although some Firewall's allow you to specify TCP or UDP protocols on your port exception rules, for most users it is not necessary to specify these due to the difficulty in knowing which ports require TCP, UDP or both. As an example: bittorrent does not use the UDP protocol, only TCP, and VoIP (SIP) traffic can use TCP or UDP protocols depending on the ATA device and your VoIP provider. If your Firewall requires you to make a choice between TCP and UDP for your port exception rules, you can safely allow both UDP/TCP traffic without opening too big a hole in your Firewall unless it is a port ranging between 1 and 1023, this port range is reserved mainly for system use (like port 80 for Internet) and it is not recommended to alter any ports in this range. Please follow the instructions of your device, service provider or installed program. Further Reading More information about Firewall's at Wikipedia.org Understanding Windows Firewall at Microsoft.com Search Google for Firewall

	Copyright ©2008 Ricmedia