I think my earlier question was not clear to some. So let me refine it. I mean to say without any s/w support a filtering technique at router level can not filter those packets. Is it right. If yes then why. I have a book which reads like. "A router alone cannot fully control a stream of IP packets, as it can not monitor the state of the state of incoming and out going packets, so a some protocols like FTp which which use more than one data stream present problems for a router based firewalls. Things get worse when you use a connection less protocol like UDP, which forms the basis of DNS. In order to control UDP streams in a firewall, you need to add some form of state monitoring to a packet filter" I think my question is some waht clear now. Sudipto basu sudipto74@yahoo.com ===== The most I can do for my friend is. Simply to be his friend. __________________________________________________ Do You Yahoo!? Get personalized email addresses from Yahoo! Mail http://personal.mail.yahoo.com/ _______________________________________________ Firewalls mailing list Firewalls@lists.gnac.net http://lists.gnac.net/mailman/listinfo/firewalls