Users can Permit or Deny traffic based on


1. Direction - Inbound/Outbound

2.Protocol - TCP / UDP/ IGMP / ICMP

3. Source IP Address

4. Destination IP Address

5. Source Port

6. Destination Port

7. Device Interface


The source code is available in firewall.c and briefly


declspec(dllexport) ACL_ACTION fn_NetSim_MAC_Firewall(NETSIM_ID nDeviceId, NETSIM_ID interfaceId, NetSim_PACKET* packet, ACL_TYPE type)

{

 return fn_NetSim_Firewall(nDeviceId, interfaceId, packet, type, true);

}

is called by the MAC Layer


while the code


declspec(dllexport) ACL_ACTION fn_NetSim_NETWORK_Firewall(NETSIM_ID nDeviceId, NETSIM_ID interfaceId, NetSim_PACKET* packet, ACL_TYPE type)

{

 return fn_NetSim_Firewall(nDeviceId, interfaceId, packet, type, false);

}


is called by the network layer


When this function ( fn_NetSim_Firewall() ) is called, it in turns calls


static ACL_ACTION fn_NetSim_Firewall(NETSIM_ID nDeviceId, NETSIM_ID interfaceId, NetSim_PACKET* packet, ACL_TYPE type, bool isMAC)

This function checks all the rules. In this function, ptrACL acl is the access control list structure and it is defined at the beginning of firewall.c