summaryrefslogtreecommitdiff
path: root/src/etc
diff options
context:
space:
mode:
Diffstat (limited to 'src/etc')
-rw-r--r--src/etc/sysctl.d/30-vyos-router.conf4
-rwxr-xr-xsrc/etc/telegraf/custom_scripts/show_firewall_input_filter.py6
2 files changed, 7 insertions, 3 deletions
diff --git a/src/etc/sysctl.d/30-vyos-router.conf b/src/etc/sysctl.d/30-vyos-router.conf
index 4feb7e09a..411429510 100644
--- a/src/etc/sysctl.d/30-vyos-router.conf
+++ b/src/etc/sysctl.d/30-vyos-router.conf
@@ -109,3 +109,7 @@ net.ipv4.neigh.default.gc_thresh3 = 8192
net.ipv6.neigh.default.gc_thresh1 = 1024
net.ipv6.neigh.default.gc_thresh2 = 4096
net.ipv6.neigh.default.gc_thresh3 = 8192
+
+# Enable global RFS (Receive Flow Steering) configuration. RFS is inactive
+# until explicitly configured at the interface level
+net.core.rps_sock_flow_entries = 32768
diff --git a/src/etc/telegraf/custom_scripts/show_firewall_input_filter.py b/src/etc/telegraf/custom_scripts/show_firewall_input_filter.py
index bf4bfd05d..cbc2bfe6b 100755
--- a/src/etc/telegraf/custom_scripts/show_firewall_input_filter.py
+++ b/src/etc/telegraf/custom_scripts/show_firewall_input_filter.py
@@ -11,7 +11,7 @@ def get_nft_filter_chains():
"""
Get list of nft chains for table filter
"""
- nft = cmd('/usr/sbin/nft --json list table ip filter')
+ nft = cmd('/usr/sbin/nft --json list table ip vyos_filter')
nft = json.loads(nft)
chain_list = []
@@ -27,7 +27,7 @@ def get_nftables_details(name):
"""
Get dict, counters packets and bytes for chain
"""
- command = f'/usr/sbin/nft list chain ip filter {name}'
+ command = f'/usr/sbin/nft list chain ip vyos_filter {name}'
try:
results = cmd(command)
except:
@@ -60,7 +60,7 @@ def get_nft_telegraf(name):
Get data for telegraf in influxDB format
"""
for rule, rule_config in get_nftables_details(name).items():
- print(f'nftables,table=filter,chain={name},'
+ print(f'nftables,table=vyos_filter,chain={name},'
f'ruleid={rule} '
f'pkts={rule_config["packets"]}i,'
f'bytes={rule_config["bytes"]}i '