However, most modern firewalls, including iptables, treat UDP in the same manner as a connection-oriented protocol....
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
If you create a rule allowing UDP traffic in one direction, the firewall will allow associated return traffic.
Let's consider an example. Suppose you decided to allow outbound DNS traffic on UDP port 53. In its state table, the firewall will track any requests that match the rule, and the DNS server's UDP response is then allowed to reach the client.
Without a three-way handshake, however, the firewall doesn't know when to remove the entry from its state table. To accommodate this situation, firewalls usually use a timer that allows return traffic to pass until the connection is inactive for a specified period of time, which is normally a few minutes. Once the firewall reaches that inactivity threshold, it discards the entry from the state table.
Dig Deeper on Network Firewalls, Routers and Switches
Related Q&A from Mike Chapple
The OWASP Top Ten list is not a compliance standard but a set of best practices for enterprises looking to boost Web app security. Here's how to get ...continue reading
A data breach notification policy is important to have, but deciding how to alert customers can be tough. Expert Mike Chapple explains some best ...continue reading
Tokenization technology can be confusing. Expert Mike Chapple explains what the difference is between two types of tokens and how tokenization can ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.