As of Zorp 3.3, packet filtering and application-level services are handled together, consequently these topics are discussed together in Chapter 6, Managing network traffic with Zorp. Manually modifying the packet filtering rules is required only very rarely, and is not recommended unless absolutely needed. Local Zorp services are described in Section 9.4, Local services on Zorp.

The key point of the Zorp firewall system is the Zorp-based application proxy suit. Besides the application layer gateways, the enclosed packet filter also plays a very important role. Although all of the traffic is handled by the Zorp proxies, the packet filter also performs additional filtering and helps the proxies' work.

This chapter includes a short introduction on packet filter basics and technologies in general and also shows the main concepts of the Linux packet filter framework which is used with Zorp. It also covers the commonly used packet filter policy style which is the default of the ZMS-based configuration. For further reading on the Linux packet filter, see Appendix C, Further readings.

In the world of computer networks each and every connection is based on packets. No communication takes place without packets. Therefore if the filter of the traffic (connections) is required, it is reasonable to filter the packets. Unlike proxies, packet filters operate with packets on the packet level. If the firewall drops the packets it would result in the drop of the connection.