A packet filter is the most simple type of firewall that operates at the network layer of OSI model. Packet filtering works on a set of rules stored as rule base, which determines which packet are allowed within the session, likewise which address are allowed for the communication process. If by default, a rule base does not permit any session, all packets are a drop from the communication. Information included in packet filtering are as follows:
The source address of the packet (or the Layer 3 address) and the destination address of the packet (also Layer 3 address).
Type of traffic or the specific network protocol (i.e. Ethernet)
And possibly some information about the Layer 4 communication sessions (which is why packet filtering are sometimes considered to operate at layer 3 and 4 of OSI model).
Stateful inspection, on the other hand, is the just superset of the packet filter. It also employs the method by which packet filtering works and an additional of storing the state of the session. For example, a session between 192.168.1.100:1023 and 184.108.40.206:80 was stored as “established” as its state, then the next time this session takes place, it will automatically be allowed. This provides a faster mechanism for filter incoming and outgoing session between server and host system. Stateful inspection firewall also operates at layer 3 and 4, plus layer 7 of the OSI model, which is evident on how stateful inspections consider application within the application layer.