Cisco Cisco Packet Data Interworking Function (PDIF) Documentation Roadmaps
Personal Stateful Firewall Overview
How Personal Stateful Firewall Works ▀
Cisco ASR 5000 Series Product Overview ▄
OL-22937-01
Figure 217. Stateful Firewall Processing
Data packet
received for ECS
processing
Is packet fragmented
no
yes
Buffer and wait for
fragments
IP header checks
Update statistics
and DoS attacks,
and drop the
packet
fail
pass
Matching flow exists
for the packet
Update flow stats
for packet
no
Transport layer
header and state
checks
fail
pass
Update statistics
and DoS attacks,
and drop the
packet
IP Reassembly
Update statistics
and drop the
packet
In progress
Transport layer
header and state
checks
Update statistics
and drop the
packet
fail
yes
fail
pass
done