A novel and useful dynamic packet filter that can be incorporated in a
hardware based firewall suitable for use in portable computing devices
such as cellular telephones and wireless connected PDAs adapted to connect
to the Internet. The invention performs dynamic packet filtering on
packets received over an input packet stream. The dynamic filter checks
dynamic protocol behavior using information extracted from the received
packet. Sessions are created and stored in a session database to track the
state of communications between the source and destination. Recognition of
a session is accelerated by use of a hash table to quickly determine the
corresponding session record in the session database. Session related data
is read from the session database and the received packet is checked
against a set of rules to determine whether to allow or deny the packet.
