Thanks for the PR 
In the meantime. I have a NIC that support hardware offloads (eth0) but it’s not working in combination with software offload. Any ideas what I am doing wrong this time? Eveytime I get the following error message, but I already added this to the configuration:
#Hardware:
set interfaces ethernet eth0 offload hw-tc-offload
set firewall flowtable FLOW-HW interface 'eth0'
set firewall flowtable FLOW-HW offload 'hardware'
#Software
set firewall flowtable FLOW-SW interface 'eth2'
set firewall flowtable FLOW-SW interface 'eth3'
set firewall flowtable FLOW-SW interface 'eth4'
set firewall flowtable FLOW-SW offload 'software'
Error message after commit:
vyos@fw# commit
Interface "eth0" requires "offload hw-tc-offload"
[[firewall]] failed
When I enable this with ethtoool and commit after that I get the following error:
sudo ethtool -K eth0 hw-tc-offload on
Failed to apply firewall: /run/nftables.conf:28:15-36: Error: Could not
process rule: Operation not supported flowtable VYOS_FLOWTABLE_FLOW-
HW { ^^^^^^^^^^^^^^^^^^^^^^ /run/nftables.conf:280:15-36:
Error: Could not process rule: Operation not supported flowtable
VYOS_FLOWTABLE_FLOW-HW { ^^^^^^^^^^^^^^^^^^^^^^
nftables.conf
delete table ip vyos_filter
table ip vyos_filter {
flowtable VYOS_FLOWTABLE_FLOW-HW {
hook ingress priority 0; devices = { eth0 };
flags offload;
counter
}
flowtable VYOS_FLOWTABLE_FLOW-SW {
hook ingress priority 0; devices = { eth2, eth3, eth4 };
counter
}
It does not seem possible to run software and hardware flowtables together.