Network firewalls use rules to determine which data packets should be allowed, and which should be dropped. In addition to causing a packet to be dropped, a rule might trigger another action on the firewall, such as creating a record in a log. A rule consists of information about the source, destination, network ports, protocols, application type, and data appearing in the packet. When a packet matches the information in a rule, the firewall performs the action associated with the rule on that packet. Rules for matching certain packets and action to be taken on the packets may be sensitive information, such as personal information or government classified information, in which case it is important to hide the content of the rules in order to keep secret the techniques used to generate the rules.
Corresponding reference characters indicate corresponding parts throughout the several views of the drawings.