{"id":25,"date":"2020-04-10T18:32:04","date_gmt":"2020-04-10T17:32:04","guid":{"rendered":"https:\/\/blog.thomarite.uk\/?p=25"},"modified":"2023-05-29T16:53:59","modified_gmt":"2023-05-29T15:53:59","slug":"iptables-conntrack","status":"publish","type":"post","link":"https:\/\/blog.thomarite.uk\/index.php\/2020\/04\/10\/iptables-conntrack\/","title":{"rendered":"Iptables Conntrack"},"content":{"rendered":"\n<p>I am subscribed to Cloudflare blog as they are in general really good. And definitely, you always learn something new (and want to cry because you have so much to learn from these guys).<\/p>\n\n\n\n<p>This time was a dissection of conntrack in iptables to improve their firewall performance.<\/p>\n\n\n\n<p><a href=\"https:\/\/blog.cloudflare.com\/conntrack-tales-one-thousand-and-one-flows\/\">https:\/\/blog.cloudflare.com\/conntrack-tales-one-thousand-and-one-flows<\/a><\/p>\n\n\n\n<p>I never thought about the limits of the conntrack table and how important is to have in mind (or make a tattoo of) the iptables <a href=\"https:\/\/upload.wikimedia.org\/wikipedia\/commons\/3\/37\/Netfilter-packet-flow.svg\">diagram<\/a>:<\/p>\n\n\n\n<figure class=\"wp-block-image size-large is-resized\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/blog.thomarite.uk\/wp-content\/uploads\/2023\/05\/image-21-1024x358.png\" alt=\"\" class=\"wp-image-1320\" width=\"1070\" height=\"373\" srcset=\"https:\/\/blog.thomarite.uk\/wp-content\/uploads\/2023\/05\/image-21-1024x358.png 1024w, https:\/\/blog.thomarite.uk\/wp-content\/uploads\/2023\/05\/image-21-300x105.png 300w, https:\/\/blog.thomarite.uk\/wp-content\/uploads\/2023\/05\/image-21-768x269.png 768w\" sizes=\"auto, (max-width: 709px) 85vw, (max-width: 909px) 67vw, (max-width: 1362px) 62vw, 840px\" \/><\/figure>\n","protected":false},"excerpt":{"rendered":"<p>I am subscribed to Cloudflare blog as they are in general really good. And definitely, you always learn something new (and want to cry because you have so much to learn from these guys). This time was a dissection of conntrack in iptables to improve their firewall performance. https:\/\/blog.cloudflare.com\/conntrack-tales-one-thousand-and-one-flows I never thought about the limits &hellip; <a href=\"https:\/\/blog.thomarite.uk\/index.php\/2020\/04\/10\/iptables-conntrack\/\" class=\"more-link\">Continue reading<span class=\"screen-reader-text\"> &#8220;Iptables Conntrack&#8221;<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3,2,4],"tags":[],"class_list":["post-25","post","type-post","status-publish","format-standard","hentry","category-unix","category-networks","category-security"],"_links":{"self":[{"href":"https:\/\/blog.thomarite.uk\/index.php\/wp-json\/wp\/v2\/posts\/25","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.thomarite.uk\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.thomarite.uk\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.thomarite.uk\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.thomarite.uk\/index.php\/wp-json\/wp\/v2\/comments?post=25"}],"version-history":[{"count":4,"href":"https:\/\/blog.thomarite.uk\/index.php\/wp-json\/wp\/v2\/posts\/25\/revisions"}],"predecessor-version":[{"id":1323,"href":"https:\/\/blog.thomarite.uk\/index.php\/wp-json\/wp\/v2\/posts\/25\/revisions\/1323"}],"wp:attachment":[{"href":"https:\/\/blog.thomarite.uk\/index.php\/wp-json\/wp\/v2\/media?parent=25"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.thomarite.uk\/index.php\/wp-json\/wp\/v2\/categories?post=25"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.thomarite.uk\/index.php\/wp-json\/wp\/v2\/tags?post=25"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}