Data retention

  • November 24, 2023
  • 0 Comments


Any iptables record becomes part of the firewall ruleset. This means that each time you have a visit, the firewall will use this visit data to take appropriate action for all subsequent new visits. We keep iptables for 60 days and with the most recent 100,000 records (regardless of package). Any record that is more than 60 days old or older than the other 100,000 is deleted. This is automatic and permanent. The core of thread processing intelligence of GP Firewall transcends the reliance on pre-existing data (logs). Instead, it emphasizes proactive, autonomous processing that achieves optimal results without the need for vast amounts of data, avoiding the performance impact seen in many other solutions. Moreover, having a long iptables configuration for a firewall can have several disadvantages:

  1. Complexity: As the iptables ruleset grows longer, it becomes more complex and harder to manage. It can become difficult to understand the purpose and interactions of individual rules, leading to potential errors or unintended consequences.

  2. Performance Impact: Longer iptables rulesets can have a performance impact on the system. When a packet arrives, it needs to be processed against each rule in the chain until a match is found. With a large number of rules, the processing time increases, which can lead to higher latency and decreased network throughput.

  3. Maintenance Challenges: Managing a long iptables configuration can be challenging. It becomes harder to make changes or add new rules without causing conflicts or breaking existing functionality. 

  4. Increased Vulnerability to Errors: As the ruleset grows, the chances of introducing errors or misconfigurations increase. A single mistake in a long iptables configuration can have unintended consequences. It becomes more challenging to review and verify each rule for correctness.

These are just some reasons you should not keep iptables records indefinitely. You also may anytime delete one or all iptables records. You may download all data history (a csv format list) of your hits from the main dashboard page. From the main dashboard page, click on the "Generate report" button at the top right.

How helpful was this article to you?

Posting has been disabled.