0xb00b5/firegex-traffic-viewer
5
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

niceness on firegex process

Browse Source
This commit is contained in:
Domingo Dirutigliano
2025-03-26 22:25:09 +01:00
parent d832c3cd98
commit d4b2b6c72d
6 changed files with 18 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
backend/docker-entrypoint.sh
View File

@@ -2,5 +2,5 @@
chown nobody -R /execute/ chown nobody -R /execute/
exec capsh --caps="cap_net_admin+eip cap_setpcap,cap_setuid,cap_setgid+ep" \ exec capsh --caps="cap_net_admin,cap_setpcap,cap_setuid,cap_setgid,cap_sys_nice+eip" \
--keep=1 --user=nobody --addamb=cap_net_admin -- -c "python3 /execute/app.py DOCKER" --keep=1 --user=nobody --addamb=cap_net_admin,cap_sys_nice -- -c "python3 /execute/app.py DOCKER"

2
backend/modules/nfproxy/firegex.py
View File

@@ -7,6 +7,7 @@ from fastapi import HTTPException
import time import time
from utils import run_func from utils import run_func
from utils import DEBUG from utils import DEBUG
from utils import nicenessify
nft = FiregexTables() nft = FiregexTables()
@@ -95,6 +96,7 @@ class FiregexInterceptor:
"FIREGEX_NFPROXY_SOCK": self.sock_path "FIREGEX_NFPROXY_SOCK": self.sock_path
}, },
) )
nicenessify(-10, self.process.pid)
self.outstrem_task = asyncio.create_task(self._stream_handler()) self.outstrem_task = asyncio.create_task(self._stream_handler())
try: try:
async with asyncio.timeout(3): async with asyncio.timeout(3):

2
backend/modules/nfregex/firegex.py
View File

@@ -6,6 +6,7 @@ import asyncio
import traceback import traceback
from utils import DEBUG from utils import DEBUG
from fastapi import HTTPException from fastapi import HTTPException
from utils import nicenessify
nft = FiregexTables() nft = FiregexTables()
@@ -106,6 +107,7 @@ class FiregexInterceptor:
"FIREGEX_NFQUEUE_FAIL_OPEN": "1" if self.srv.fail_open else "0", "FIREGEX_NFQUEUE_FAIL_OPEN": "1" if self.srv.fail_open else "0",
}, },
) )
nicenessify(-10, self.process.pid)
line_fut = self.process.stdout.readuntil() line_fut = self.process.stdout.readuntil()
try: try:
line_fut = await asyncio.wait_for(line_fut, timeout=3) line_fut = await asyncio.wait_for(line_fut, timeout=3)

9
backend/utils/__init__.py
View File

@@ -207,3 +207,12 @@ def register_event(sio_server: AsyncServer, event_name: str, model: BaseModel, r
return wrapper return wrapper
return decorator return decorator
def nicenessify(priority:int, pid:int|None=None):
try:
pid = os.getpid() if pid is None else pid
ps = psutil.Process(pid)
if os.name == 'posix':
ps.nice(priority)
except Exception as e:
print(f"Error setting priority: {e} {traceback.format_exc()}")
pass

3
start.py
View File

@@ -184,7 +184,8 @@ def write_compose(skip_password = True):
} }
], ],
"cap_add": [ "cap_add": [
"NET_ADMIN" "NET_ADMIN",
"SYS_NICE"
] ]
} }
}, },

2
tests/comparemark.py
View File

@@ -196,7 +196,7 @@ elif args.module == "nfproxy":
for _ in range(args.number_of_values): for _ in range(args.number_of_values):
#Get baseline reading #Get baseline reading
data = getReading(args.port) data = getReading(args.port)
puts("Baseline nfregex with no filter: ", color=colors.blue, end='') puts("Baseline nfproxy with no filter: ", color=colors.blue, end='')
no_filters.append(data) no_filters.append(data)
print(f"{data} MB/s") print(f"{data} MB/s")