In many security courses that cover firewalls; the concept of a stateless is often barely discussed. Most open source and commercially available firewalls are stateful and many add additional features in addition to the firewall leading them to be called 'next generation' firewalls. Stateless firewalls cannot determine the complete pattern of incoming data packets but does inspect each packet.
Stateless firewalls perform better than stateful firewalls during heavy network traffic. Since each packet is being individually inspected there are no tables to maintain. They are very easy to configure as the configuration simply includes which types of packets to allow. That implicit deny all . They are also faster, less complex, and less expensive than stateful firewalls.
Another use case for packet inspection is rerouting of packets. A firewall that can identify and reroute packets is especially useful as a defense against denial of service attacks.
Many of the use cases for stateless firewalls involve deep packet inspection (DPI). Stateful packet inspection typcially evaluates packet header information, such as source IP address, destination IP address, and port number, deep packet inspection looks at a more comprehensive range of data and metadata associated with individual packets.
Deep packet inspection, which is also known as DPI, information extraction, IX, or complete packet inspection, is a type of network packet filtering. Deep packet inspection evaluates the data part and the header of a packet that is transmitted through an inspection point, weeding out any non-compliance to protocol, spam, viruses, intrusions, and any other defined criteria to block the packet from passing through the inspection point.