Static packet-filtering firewalls act as L3 devices. Filtering and ACL rules are applied to determine the acceptance/rejection of a packet from a particular source, destination, IP address, port number, or packet type. The strategy is to check whether any packet is trying to enter the internal network from the external claiming to be an internal packet.

As we are already aware, each service has a port number assigned to it. So packet-filtering can be done based on port numbers. A simple way is to block the port number to block a particular service. For example, if a Telnet service needs to be blocked, then you can simply block port number 23 and restrict the access of the Telnet service.

Static packet-filtering firewalls are similar to packet-filtering routers, but there is a slight difference. The filtering firewalls are very scalable and application-independent in nature, hence they have high performance standards.