Packet filtering rules are a collection of rule statements written in a dense language. Each rule statement specifies permissions for a particular network connection across a packet filtering device. Each rule statement includes a network address for the source of a packet, another network address for the destination of the packet, a protocol specification, a port specification, and an action, such as permit or deny the communication of the packet. A rule statement compacts a significant amount of information into a concise statement, which must be exact.