Hi, I want to be clear on where packets are being filtered within my particular home network.
I am currently sitting behind a soho router with NAT, ip filter, mac filter, firewall capabilities. ( D-Link 614+) Now although this is a wifi router, I am only using the wired ports.
At any rate my question is... is there a difference in the OSI layer that this hardware router is filtering on as opposed to my software ZoneAlarm firewall?
My thought is that the router is filtering at layer 2, but Zonealarm filters only after packets have hit my system, at layer 4 perhaps? I know this must seem trivial to most of you but I'm just getting lost in the layers here.
For instance say that I was only running ZoneAlarm, would that mean that I begin filtering only at layer 4?
What if I just had the router, but I am using ip filtering on it, does that constitute filtering at layer 2 and 4? In this case layer 4 because of the ip filter rules and not ZoneAlarm.
Does this answer a bit of your question :
Firewall White Paper - OSI & TCP/IP Network Models
The ISO Layering Model
If not feel free to correct me.
Right on the money thanks, much appreciated. :)