1 files changed, 72 insertions, 5 deletions

diff --git a/python/vyos/ifconfig/bridge.py b/python/vyos/ifconfig/bridge.py
index bf78f8972..7eac9b886 100644
--- a/python/vyos/ifconfig/bridge.py
+++ b/python/vyos/ifconfig/bridge.py
@@ -19,7 +19,7 @@ from vyos.ifconfig.interface import Interface
 from vyos.validate import assert_boolean
 from vyos.validate import assert_positive
 from vyos.util import cmd
-from vyos.util import vyos_dict_search
+from vyos.util import dict_search
 
 @Interface.register
 class BridgeIf(Interface):
@@ -41,6 +41,7 @@ class BridgeIf(Interface):
             'section': 'bridge',
             'prefixes': ['br', ],
             'broadcast': True,
+            'vlan': True,
         },
     }
 
@@ -73,6 +74,10 @@ class BridgeIf(Interface):
             'validate': assert_boolean,
             'location': '/sys/class/net/{ifname}/bridge/stp_state',
         },
+        'vlan_filter': {
+            'validate': assert_boolean,
+            'location': '/sys/class/net/{ifname}/bridge/vlan_filtering',
+        },
         'multicast_querier': {
             'validate': assert_boolean,
             'location': '/sys/class/net/{ifname}/bridge/multicast_querier',
@@ -152,6 +157,16 @@ class BridgeIf(Interface):
         >>> BridgeIf('br0').set_stp(1)
         """
         self.set_interface('stp', state)
+    
+    def set_vlan_filter(self, state):
+        """
+        Set bridge Vlan Filter state. 0 -> Vlan Filter disabled, 1 -> Vlan Filter enabled
+
+        Example:
+        >>> from vyos.ifconfig import BridgeIf
+        >>> BridgeIf('br0').set_vlan_filter(1)
+        """
+        self.set_interface('vlan_filter', state)
 
     def set_multicast_querier(self, enable):
         """
@@ -177,8 +192,13 @@ class BridgeIf(Interface):
         >>> BridgeIf('br0').add_port('eth0')
         >>> BridgeIf('br0').add_port('eth1')
         """
+        # Bridge port handling of wireless interfaces is done by hostapd.
+        if 'wlan' in interface:
+            return
+
         return self.set_interface('add_port', interface)
 
+
     def del_port(self, interface):
         """
         Remove member port from bridge instance.
@@ -197,6 +217,8 @@ class BridgeIf(Interface):
 
         # call base class first
         super().update(config)
+        
+        ifname = config['ifname']
 
         # Set ageing time
         value = config.get('aging')
@@ -223,17 +245,18 @@ class BridgeIf(Interface):
         self.set_stp(value)
 
         # enable or disable IGMP querier
-        tmp = vyos_dict_search('igmp.querier', config)
+        tmp = dict_search('igmp.querier', config)
         value = '1' if (tmp != None) else '0'
         self.set_multicast_querier(value)
 
         # remove interface from bridge
-        tmp = vyos_dict_search('member.interface_remove', config)
+        tmp = dict_search('member.interface_remove', config)
         for member in (tmp or []):
             if member in interfaces():
                 self.del_port(member)
+        vlan_filter = 0
 
-        tmp = vyos_dict_search('member.interface', config)
+        tmp = dict_search('member.interface', config)
         if tmp:
             for interface, interface_config in tmp.items():
                 # if interface does yet not exist bail out early and
@@ -260,7 +283,51 @@ class BridgeIf(Interface):
                 if 'priority' in interface_config:
                     value = interface_config.get('priority')
                     lower.set_path_priority(value)
-
+                
+                tmp = dict_search('native_vlan_removed', interface_config)
+                
+                if tmp and 'native_vlan_removed' not in interface_config:
+                    vlan_id = tmp
+                    cmd = f'bridge vlan add dev {interface} vid 1 pvid untagged master'
+                    self._cmd(cmd)
+                    cmd = f'bridge vlan del dev {interface} vid {vlan_id}'
+                    self._cmd(cmd)
+                    
+                tmp = dict_search('allowed_vlan_removed', interface_config)
+                
+                
+                for vlan_id in (tmp or []):
+                    cmd = f'bridge vlan del dev {interface} vid {vlan_id}'
+                    self._cmd(cmd)
+                
+                if 'native_vlan' in interface_config:
+                    vlan_filter = 1
+                    cmd = f'bridge vlan del dev {interface} vid 1'
+                    self._cmd(cmd)
+                    vlan_id = interface_config['native_vlan']
+                    cmd = f'bridge vlan add dev {interface} vid {vlan_id} pvid untagged master'
+                    self._cmd(cmd)
+                else:
+                    cmd = f'bridge vlan del dev {interface} vid 1'
+                    self._cmd(cmd)
+                
+                if 'allowed_vlan' in interface_config:
+                    vlan_filter = 1
+                    for vlan in interface_config['allowed_vlan']:
+                        cmd = f'bridge vlan add dev {interface} vid {vlan} master'
+                        self._cmd(cmd)
+        
+        
+        vif = dict_search('vif', config)
+        if vif:
+            for vlan_id,vif_config in vif.items():
+                cmd = f'bridge vlan add dev {ifname} vid {vlan_id} self master'
+                self._cmd(cmd)
+        
+        # enable/disable Vlan Filter
+        self.set_vlan_filter(vlan_filter)
+                        
+                            
         # Enable/Disable of an interface must always be done at the end of the
         # derived class to make use of the ref-counting set_admin_state()
         # function. We will only enable the interface if 'up' was called as