The invention discloses a data package filtering method applied to a distributive firewall system. The method comprises the following steps: presetting a quintuple filtering rule and a content filtering rule through a strategy center; determining whether a quintuple of a data package is matched with the quintuple filtering rule; if so, giving the data package; if not so, sending the data package to a corresponding host computer firewall; receiving the data package and determining whether the data package arriving at the network firewall is the IPSec data package by host computer firewall; if so, extracting and decoding the IPSec data package through a hook with the IPSec data package coding processing capacity; filtering the received data package according to the content filtering rule; if the content of the data package is matched with the content filtering rule, giving up the data package; otherwise, receiving the data package. With the adoption of the method, the IPSec data package can be filtered, and the security of IPv6 network can be improved.