GATE | Gate IT 2007 | Question 18

A firewall is to be configured to allow hosts in a private network to freely open TCP connections and send packets on open connections. However, it will only allow external hosts to send packets on existing open TCP connections or connections that are being opened (by internal hosts) but not allow them to open TCP connections to hosts in the private network. To achieve this the minimum capability of the firewall should be that of
(A) A combinational circuit
(B) A finite automaton
(C) A pushdown automaton with one stack
(D) A pushdown automaton with two stacks

Answer: (D)

Explanation: A) A combinational circuit => Not possible, because we need memory in Firewall, Combinational ckt has none.
B) A finite automaton => We need infinite memory, there is no upper limit on Number of TCP ckt so Not this.
C) A pushdown automaton with one stack => Stack is infinite. Suppose we have 2 connections , we have pushed details of those on stack we can not access the details of connection which was pushed first, without popping it off. So Big NO.
D) pushdown automaton with two stacks => This is TM. It can do everything our normal computer can do so Yes. Firewall can be created out of TM.

Quiz of this Question

My Personal Notes arrow_drop_up
Article Tags :

Be the First to upvote.

Please write to us at to report any issue with the above content.