The firewall can filter traffic on source, destination and protocol as well as port on number (TCP/UDP).
Operating System Fingerprinting (OSFP)
Advanced passive OS fingerprinting technology can be used to allow or
block traffic based by the Operating System initiating the connection.
Log matching firewall traffic on a per rule bases
Each rule can be set to log a match, this also allows for easy add of a block
or pass rule through the firewall rule log module.
Policy based routing by per rule gateway
With policy based routing it is possible to add a gateway to a rule and
effectively change the standard routing of matching traffic.
Alias support for grouping and naming IPs, networks and ports
Aliases help to keep your firewall ruleset clean and easy to understand, in environments with multiple public IPs and numerous servers.
Transparent layer 2 firewall capable
Bridge interfaces and filter traffic between them, even allowing for an IP-less firewall.
Granular state table control
Adjustable state table size, ability to limit traffic per rule based on simultaneous connections, states per host & new connections per second as well as define state timeout and state type.
Disable packet filtering
This option can be used to turn the system in to a pure router