# How It Works

## **Allowing Valid Transactions**

1. A user sends a transaction to your protocol *(either through your DApp's frontend, or directly to your protocol's smart contract)*.
2. The Firewall's [Pre Execution](/firewall/glossary.md#pre-execution) validation process begins.
3. The Firewall validates the transaction against each of your configured security policies.
4. Once all the policies have cleared the transaction, the Firewall allows the transaction to proceed to your protocol.
5. Your protocol executes the transaction as normal.
6. The Firewall's [Post Execution](/firewall/glossary.md#post-execution) validation process begins.
7. The Firewall validates the transaction against each of your configured security policies.
8. Once all the policies have cleared the changes made by the transaction *(such as balance changes etc)*, execution ends and the transaction is completed.

## **Reverting Invalid Transactions - Pre Execution**

1. A user sends a transaction to your protocol *(either through your DApp's frontend, or directly to your protocol's smart contract)*.
2. The Firewall's [Pre Execution](/firewall/glossary.md#pre-execution) validation process begins.
3. The Firewall validates the transaction against each of your configured security policies.
4. One of the policies detects a malicious transaction and reverts it.
5. The transaction is reverted and your protocol remains unharmed.

## **Reverting Invalid Transactions - Post Execution**

1. A user sends a transaction to your protocol *(either through your DApp's frontend, or directly to your protocol's smart contract)*.
2. The Firewall's [Pre Execution](/firewall/glossary.md#pre-execution) validation process begins.
3. The Firewall validates the transaction against each of your configured security policies.
4. Once all the policies have cleared the transaction, the Firewall allows the transaction to proceed to your protocol.
5. Your protocol executes the transaction as normal.
6. The Firewall's [Post Execution](/firewall/glossary.md#post-execution) validation process begins.
7. The Firewall validates the transaction against each of your configured security policies.
8. One of the policies detects a malicious change done by the transaction and reverts it.
9. The transaction is reverted and your protocol remains unharmed.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.ironblocks.com/firewall/how-it-works.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.