Network security frequently requires packet inspection and filtering, including applying blocking, forwarding, or redirection rules to incoming packets. These rules may be quite complex, based on a combination of information from one or more layers of the packet. As rules databases get large, particularly for whitelist or blacklist-based blocking, it may take significant time to compare the packet information to each rule within the database, resulting in delays and inefficiencies within the system.