The packet is checked for characteristics defined in the rule, for example, a specific IP header, input and output interfaces, TCP flags and protocol.When a packet is filtered, its characteristics are compared against the rules one-by-one. All defined characteristics must match.