Zorp is based on Linux and like most modern operating systems it also has a packet filtering solution. The Linux kernel has had serious filtering capabilities since version 2.0. Since then, the packet filtering framework has been rewritten three times to improve its capabilities, features, speed and robustness. The latest packet filtering system in Linux is called Netfilter/IPTables and is available since version 2.4.

Netfilter belongs to the family of stateful packet filtering methods and provides packet mangling and connection NATing capabilities as well. Netfilter is designed to be very flexible in configuration to cover all of the possible packet filtering situations. Although in Zorp, Netfilter plays less significant role, it is necessary to understand how it handles packets and how the configuration is organized.