summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorViacheslav Hletenko <v.gletenko@vyos.io>2024-07-02 08:44:53 +0000
committerMergify <37929162+mergify[bot]@users.noreply.github.com>2024-07-02 13:37:52 +0000
commit536613dc03d7b2ca6e9ba87a0b2db05396845530 (patch)
tree8cf07268c0c876b3036e65ab7dcf682963d76f0d
parent134889fdced187859c7d4d1630c248e6f434abe5 (diff)
downloadvyos-1x-536613dc03d7b2ca6e9ba87a0b2db05396845530.tar.gz
vyos-1x-536613dc03d7b2ca6e9ba87a0b2db05396845530.zip
T6523: Telegraf use nft scripts only if the firewall configured
If a firewall is not configured there is no reason to get and execute telegraf firewall custom scripts as there are no nft chain in the firewall nftables configuration (cherry picked from commit ebff0c481907ac0c2c0be9981c3c3d87caf3003b)
-rw-r--r--data/templates/telegraf/telegraf.j22
-rwxr-xr-xsrc/conf_mode/service_monitoring_telegraf.py3
2 files changed, 4 insertions, 1 deletions
diff --git a/data/templates/telegraf/telegraf.j2 b/data/templates/telegraf/telegraf.j2
index f382dbf2e..535e3a347 100644
--- a/data/templates/telegraf/telegraf.j2
+++ b/data/templates/telegraf/telegraf.j2
@@ -130,7 +130,9 @@ metric_name_label = "{{ loki.metric_name_label }}"
{% if influxdb is vyos_defined %}
[[inputs.exec]]
commands = [
+{% if nft_chains is vyos_defined %}
"{{ custom_scripts_dir }}/show_firewall_input_filter.py",
+{% endif %}
"{{ custom_scripts_dir }}/show_interfaces_input_filter.py",
"{{ custom_scripts_dir }}/vyos_services_input_filter.py"
]
diff --git a/src/conf_mode/service_monitoring_telegraf.py b/src/conf_mode/service_monitoring_telegraf.py
index 9455b6109..db870aae5 100755
--- a/src/conf_mode/service_monitoring_telegraf.py
+++ b/src/conf_mode/service_monitoring_telegraf.py
@@ -86,7 +86,8 @@ def get_config(config=None):
monitoring['custom_scripts_dir'] = custom_scripts_dir
monitoring['hostname'] = get_hostname()
monitoring['interfaces_ethernet'] = Section.interfaces('ethernet', vlan=False)
- monitoring['nft_chains'] = get_nft_filter_chains()
+ if conf.exists('firewall'):
+ monitoring['nft_chains'] = get_nft_filter_chains()
# Redefine azure group-metrics 'single-table' and 'table-per-metric'
if 'azure_data_explorer' in monitoring: