A firewall is a computer connected to both a private (protected) network and a public (unprotected) network, which receives and resubmits specific kinds of network requests on behalf of network clients on either the private or public network.
Firewalls involve proxies. A proxy acts as a middle-man in a network transaction.
Rather than allowing a client to speak directly to a server, the proxy server receives the request from the client, and then resubmits the request, on behalf of the client, to the target server.
Each protocol or type of network transaction typically requires its own proxy program, and an administrator enables or installs specific proxies to determine what kinds of services will be allowed between the two networks.
Firewalls are not routers or address translators.
The internal network uses private address space. Neither side of the firewall knows about the address space on the other side of the firewall, and does not know how to route data to the other side of the firewall.
A packet filter is a set of rules, applied to a stream of data packets, which is used to decide whether to permit or deny the forwarding of each packet.
These rules are usually on a router or in the routing layer of a computer's network protocol stack.
Using a packet filter, an administrator can dictate what types of packets are allowed into or out of a network or computer.
Prevents the outside network from having knowledge of the address space on the protected network.
However, aside from translating the addresses of the internal network, packets are forwarded as received through the unit, and no proxies are involved.
Any good firewall will also employ packet filtering.
This is done to protect the firewall itself from intrusion and to isolate intruders from the internal network.