Unit level filters consists of four basic filtering methods. Packet filtering routers, packet filtering firewalls, stateful packet inspection firewalls and application level firewalls are explained here in more detail.
Port Assignments and Short Descriptions
IANA
COTSE
KEIR
GASMI
Special Applications - Port List
Packet Filtering Routers
This is the most common and oldest firewall method. A packet filtering router utilizes access control lists to protect against standard port based attacks. This is also known as port-blocking. Packets are inspected at the network or transport layer of the OSI model.
http://www.cisco.com/warp/public/473/79.html
OSI Model description
Packet Filtering Firewall
A packet filter firewall analyzes the information in the IP address location and determines if it is acceptable to continue on to its destination or not. The firewall utilizes a database file (rulesets) to determine specifically which packets can and cannot be forwarded to certain addresses.
http://www.cert.org/tech_tips/packet_filtering.html
Stateful Packet Inspection
Packets are analyzed at all OSI layers. This is another firewall method, a more
in depth process. Like packet filtering, this method analyzes the header information for source and destination, but this system also checks the contents. This method is most commonly used to ensure all information coming in was originally initiated by the receiving computer. Packet inspection also has the capacity
to close all ports until a specific connection is requested. This feature offers additional protection from threats such as port scanning.
http://www.ciol.com/content/flavour/netsec/101041101.asp
Application Level Firewalls (Proxy Servers)
Transfers data packets received on one network to another by masking the origin. Operation is performed on the application layer of the OSI model.
Application Firewall Description
Home : Information Security : Architecture 
