The basis of the firewall's functionality is IP packet filtering. Packet filtering allows you to accept or block any IP packet based on certain criteria.
In order to perform packet filtering, the firewall filter driver (FWIP.SYS) must be installed. While the firewall is running, the filter driver examines every single IP packet coming into and going out of the system, and decides whether it should be allowed to continue. It makes this decision based on the filter rules that are active.
The following sections discuss filter rules in detail.