From ebff0c481907ac0c2c0be9981c3c3d87caf3003b Mon Sep 17 00:00:00 2001 From: Viacheslav Hletenko Date: Tue, 2 Jul 2024 08:44:53 +0000 Subject: T6523: Telegraf use nft scripts only if the firewall configured If a firewall is not configured there is no reason to get and execute telegraf firewall custom scripts as there are no nft chain in the firewall nftables configuration --- data/templates/telegraf/telegraf.j2 | 2 ++ src/conf_mode/service_monitoring_telegraf.py | 3 ++- 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/data/templates/telegraf/telegraf.j2 b/data/templates/telegraf/telegraf.j2 index f382dbf2e..535e3a347 100644 --- a/data/templates/telegraf/telegraf.j2 +++ b/data/templates/telegraf/telegraf.j2 @@ -130,7 +130,9 @@ metric_name_label = "{{ loki.metric_name_label }}" {% if influxdb is vyos_defined %} [[inputs.exec]] commands = [ +{% if nft_chains is vyos_defined %} "{{ custom_scripts_dir }}/show_firewall_input_filter.py", +{% endif %} "{{ custom_scripts_dir }}/show_interfaces_input_filter.py", "{{ custom_scripts_dir }}/vyos_services_input_filter.py" ] diff --git a/src/conf_mode/service_monitoring_telegraf.py b/src/conf_mode/service_monitoring_telegraf.py index 9455b6109..db870aae5 100755 --- a/src/conf_mode/service_monitoring_telegraf.py +++ b/src/conf_mode/service_monitoring_telegraf.py @@ -86,7 +86,8 @@ def get_config(config=None): monitoring['custom_scripts_dir'] = custom_scripts_dir monitoring['hostname'] = get_hostname() monitoring['interfaces_ethernet'] = Section.interfaces('ethernet', vlan=False) - monitoring['nft_chains'] = get_nft_filter_chains() + if conf.exists('firewall'): + monitoring['nft_chains'] = get_nft_filter_chains() # Redefine azure group-metrics 'single-table' and 'table-per-metric' if 'azure_data_explorer' in monitoring: -- cgit v1.2.3