In this thesis, the architecture of stateful content-based packet classification is proposed. Compared to the traditional packet classifier, this architecture is capable to inspect the packet application content, maintain and track the protocol state transition dynamically, and handle both IPv4 and IPv6 packets. At first, we study the specification of numerous protocols and applications in wide-spread use. We generalize their features which are commonly utilized when inspecting the packet header and application content, and then Script Language is designed. Script Lan-guage has to cover sufficient types of matches to satisfy the requirements for convenience and flexibility. Next, Script Language Compiler compiles Script Language into codes which store the rule specifications into the rule table. Along with the rule table, Stateful Con-tent-based Classification Engine therefore can perform the procedure of packet classification. Classification Engine comprises several functional components. Separating the filtering pro-cedure into multiple stages is one of the features of Classification Engine. Each stage is im-plemented as different building blocks consistent with the characteristics of the matches. In addition, classification engine maintains and tracks the state transition of protocols in order to understand the evolution of connections. The architecture we proposed not only meets the requirements of current packet classi-fication (stateful and content inspection), but also brings up some original ideas and design.