Someone could say that it is both.
In general it can firewall on a network basis. In other words it sits in the middle without intervening, it monitors connections, timeouts, ACLs, sequence number etc and blocks and allows packets.
Though for applications that use signaling protocols that actively inspected by the firewall (i.e. h323, sip) it actually proxies in the middle. Moreover, for application like ftp, http etc it also looks into the application layer and can block or allow according to protocols specific fields (website for http, file name for ftp etc).
I hope it helps.
PK