The invention concerns handling in a firewall data communication protocols
comprising at least one parent connection and at least one related
connection, wherein at least one attribute of the related connection is
negotiated within the parent connection. Whether to allow a related
connection is decided on the basis of information about the related
connection as well as information about the parent connection. The method
of the invention comprises allowing a parent connection, storing
information about the parent connection, monitoring contents of the
parent connection, detecting within the parent connection negotiation of
at least one attribute of a related connection, and using said at least
one negotiated attribute of the related connection and said information
about the parent connection for deciding, whether said related connection
is allowable.