7 files changed, 166 insertions, 14 deletions

diff --git a/python/vyos/configtree.py b/python/vyos/configtree.py
index d048901f0..423fe01ed 100644
--- a/python/vyos/configtree.py
+++ b/python/vyos/configtree.py
@@ -20,10 +20,22 @@ from ctypes import cdll, c_char_p, c_void_p, c_int, c_bool
 
 LIBPATH = '/usr/lib/libvyosconfig.so.0'
 
+def replace_backslash(s, search, replace):
+    """Modify quoted strings containing backslashes not of escape sequences"""
+    def replace_method(match):
+        result = match.group().replace(search, replace)
+        return result
+    p = re.compile(r'("[^"]*[\\][^"]*"\n|\'[^\']*[\\][^\']*\'\n)')
+    return p.sub(replace_method, s)
+
 def escape_backslash(string: str) -> str:
-    """Escape single backslashes in string that are not in escape sequence"""
-    p = re.compile(r'(?<!\\)[\\](?!b|f|n|r|t|\\[^bfnrt])')
-    result = p.sub(r'\\\\', string)
+    """Escape single backslashes in quoted strings"""
+    result = replace_backslash(string, '\\', '\\\\')
+    return result
+
+def unescape_backslash(string: str) -> str:
+    """Unescape backslashes in quoted strings"""
+    result = replace_backslash(string, '\\\\', '\\')
     return result
 
 def extract_version(s):
@@ -165,11 +177,14 @@ class ConfigTree(object):
 
     def to_string(self, ordered_values=False):
         config_string = self.__to_string(self.__config, ordered_values).decode()
+        config_string = unescape_backslash(config_string)
         config_string = "{0}\n{1}".format(config_string, self.__version)
         return config_string
 
     def to_commands(self, op="set"):
-        return self.__to_commands(self.__config, op.encode()).decode()
+        commands = self.__to_commands(self.__config, op.encode()).decode()
+        commands = unescape_backslash(commands)
+        return commands
 
     def to_json(self):
         return self.__to_json(self.__config).decode()
@@ -362,6 +377,7 @@ def show_diff(left, right, path=[], commands=False, libpath=LIBPATH):
         msg = __get_error().decode()
         raise ConfigTreeError(msg)
 
+    res = unescape_backslash(res)
     return res
 
 def union(left, right, libpath=LIBPATH):
diff --git a/python/vyos/configverify.py b/python/vyos/configverify.py
index 5d3723876..6508ccdd9 100644
--- a/python/vyos/configverify.py
+++ b/python/vyos/configverify.py
@@ -269,14 +269,33 @@ def verify_bridge_delete(config):
         raise ConfigError(f'Interface "{interface}" cannot be deleted as it '
                           f'is a member of bridge "{bridge_name}"!')
 
-def verify_interface_exists(ifname):
+def verify_interface_exists(ifname, warning_only=False):
     """
     Common helper function used by interface implementations to perform
-    recurring validation if an interface actually exists.
+    recurring validation if an interface actually exists. We first probe
+    if the interface is defined on the CLI, if it's not found we try if
+    it exists at the OS level.
     """
     import os
-    if not os.path.exists(f'/sys/class/net/{ifname}'):
-        raise ConfigError(f'Interface "{ifname}" does not exist!')
+    from vyos.base import Warning
+    from vyos.configquery import ConfigTreeQuery
+    from vyos.utils.dict import dict_search_recursive
+
+    # Check if interface is present in CLI config
+    config = ConfigTreeQuery()
+    tmp = config.get_config_dict(['interfaces'], get_first_key=True)
+    if bool(list(dict_search_recursive(tmp, ifname))):
+        return True
+
+    # Interface not found on CLI, try Linux Kernel
+    if os.path.exists(f'/sys/class/net/{ifname}'):
+        return True
+
+    message = f'Interface "{ifname}" does not exist!'
+    if warning_only:
+        Warning(message)
+        return False
+    raise ConfigError(message)
 
 def verify_source_interface(config):
     """
diff --git a/python/vyos/ifconfig/bridge.py b/python/vyos/ifconfig/bridge.py
index b29e71394..7936e3da5 100644
--- a/python/vyos/ifconfig/bridge.py
+++ b/python/vyos/ifconfig/bridge.py
@@ -1,4 +1,4 @@
-# Copyright 2019-2021 VyOS maintainers and contributors <maintainers@vyos.io>
+# Copyright 2019-2024 VyOS maintainers and contributors <maintainers@vyos.io>
 #
 # This library is free software; you can redistribute it and/or
 # modify it under the terms of the GNU Lesser General Public
@@ -14,12 +14,11 @@
 # License along with this library.  If not, see <http://www.gnu.org/licenses/>.
 
 from netifaces import interfaces
-import json
 
 from vyos.ifconfig.interface import Interface
 from vyos.utils.assertion import assert_boolean
+from vyos.utils.assertion import assert_list
 from vyos.utils.assertion import assert_positive
-from vyos.utils.process import cmd
 from vyos.utils.dict import dict_search
 from vyos.configdict import get_vlan_ids
 from vyos.configdict import list_diff
@@ -86,6 +85,10 @@ class BridgeIf(Interface):
             'validate': assert_boolean,
             'location': '/sys/class/net/{ifname}/bridge/vlan_filtering',
         },
+        'vlan_protocol': {
+            'validate': lambda v: assert_list(v, ['0x88a8', '0x8100']),
+            'location': '/sys/class/net/{ifname}/bridge/vlan_protocol',
+        },
         'multicast_querier': {
             'validate': assert_boolean,
             'location': '/sys/class/net/{ifname}/bridge/multicast_querier',
@@ -248,6 +251,26 @@ class BridgeIf(Interface):
         """
         return self.set_interface('del_port', interface)
 
+    def set_vlan_protocol(self, protocol):
+        """
+        Set protocol used for VLAN filtering.
+        The valid values are 0x8100(802.1q) or 0x88A8(802.1ad).
+
+        Example:
+        >>> from vyos.ifconfig import Interface
+        >>> BridgeIf('br0').del_port('eth1')
+        """
+
+        if protocol not in ['802.1q', '802.1ad']:
+            raise ValueError()
+
+        map = {
+            '802.1ad': '0x88a8',
+            '802.1q' : '0x8100'
+        }
+
+        return self.set_interface('vlan_protocol', map[protocol])
+
     def update(self, config):
         """ General helper function which works on a dictionary retrived by
         get_config_dict(). It's main intention is to consolidate the scattered
@@ -294,10 +317,13 @@ class BridgeIf(Interface):
             if member in interfaces():
                 self.del_port(member)
 
-        # enable/disable Vlan Filter
+        # enable/disable VLAN Filter
         tmp = '1' if 'enable_vlan' in config else '0'
         self.set_vlan_filter(tmp)
 
+        tmp = config.get('protocol')
+        self.set_vlan_protocol(tmp)
+
         # add VLAN interfaces to local 'parent' bridge to allow forwarding
         if 'enable_vlan' in config:
             for vlan in config.get('vif_remove', {}):
diff --git a/python/vyos/ifconfig/vti.py b/python/vyos/ifconfig/vti.py
index 9ebbeb9ed..9511386f4 100644
--- a/python/vyos/ifconfig/vti.py
+++ b/python/vyos/ifconfig/vti.py
@@ -1,4 +1,4 @@
-# Copyright 2021-2022 VyOS maintainers and contributors <maintainers@vyos.io>
+# Copyright 2021-2024 VyOS maintainers and contributors <maintainers@vyos.io>
 #
 # This library is free software; you can redistribute it and/or
 # modify it under the terms of the GNU Lesser General Public
@@ -52,8 +52,14 @@ class VTIIf(Interface):
                 cmd += f' {iproute2_key} {tmp}'
 
         self._cmd(cmd.format(**self.config))
+
+        # interface is always A/D down. It needs to be enabled explicitly
         self.set_interface('admin_state', 'down')
 
+    def set_admin_state(self, state):
+        """ Handled outside by /etc/ipsec.d/vti-up-down """
+        pass
+
     def get_mac(self):
         """ Get a synthetic MAC address. """
         return self.get_mac_synthetic()
diff --git a/python/vyos/priority.py b/python/vyos/priority.py
new file mode 100644
index 000000000..ab4e6d411
--- /dev/null
+++ b/python/vyos/priority.py
@@ -0,0 +1,75 @@
+# Copyright 2024 VyOS maintainers and contributors <maintainers@vyos.io>
+#
+# This library is free software; you can redistribute it and/or
+# modify it under the terms of the GNU Lesser General Public
+# License as published by the Free Software Foundation; either
+# version 2.1 of the License, or (at your option) any later version.
+#
+# This library is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# Lesser General Public License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public License
+# along with this library.  If not, see <http://www.gnu.org/licenses/>.
+
+from pathlib import Path
+from typing import List
+
+from vyos.xml_ref import load_reference
+from vyos.base import Warning as Warn
+
+def priority_data(d: dict) -> list:
+    def func(d, path, res, hier):
+        for k,v in d.items():
+            if not 'node_data' in v:
+                continue
+            subpath = path + [k]
+            hier_prio = hier
+            data = v.get('node_data')
+            o = data.get('owner')
+            p = data.get('priority')
+            # a few interface-definitions have priority preceding owner
+            # attribute, instead of within properties; pass in descent
+            if p is not None and o is None:
+                hier_prio = p
+            if o is not None and p is None:
+                p = hier_prio
+            if o is not None and p is not None:
+                o = Path(o.split()[0]).name
+                p = int(p)
+                res.append((subpath, o, p))
+            if isinstance(v, dict):
+                func(v, subpath, res, hier_prio)
+        return res
+    ret = func(d, [], [], 0)
+    ret = sorted(ret, key=lambda x: x[0])
+    ret = sorted(ret, key=lambda x: x[2])
+    return ret
+
+def get_priority_data() -> list:
+    xml = load_reference()
+    return priority_data(xml.ref)
+
+def priority_sort(sections: List[list[str]] = None,
+                  owners: List[str] = None,
+                  reverse=False) -> List:
+    if sections is not None:
+        index = 0
+        collection: List = sections
+    elif owners is not None:
+        index = 1
+        collection = owners
+    else:
+        raise ValueError('one of sections or owners is required')
+
+    l = get_priority_data()
+    m = [item for item in l if item[index] in collection]
+    n = sorted(m, key=lambda x: x[2], reverse=reverse)
+    o = [item[index] for item in n]
+    # sections are unhashable; use comprehension
+    missed = [j for j in collection if j not in o]
+    if missed:
+        Warn(f'No priority available for elements {missed}')
+
+    return o
diff --git a/python/vyos/qos/base.py b/python/vyos/qos/base.py
index 47318122b..c8e881ee2 100644
--- a/python/vyos/qos/base.py
+++ b/python/vyos/qos/base.py
@@ -324,6 +324,11 @@ class QoSBase:
                             if 'burst' in cls_config:
                                 burst = cls_config['burst']
                                 filter_cmd += f' burst {burst}'
+
+                            if 'mtu' in cls_config:
+                                mtu = cls_config['mtu']
+                                filter_cmd += f' mtu {mtu}'
+
                         cls = int(cls)
                         filter_cmd += f' flowid {self._parent:x}:{cls:x}'
                         self._cmd(filter_cmd)
@@ -387,6 +392,10 @@ class QoSBase:
                     burst = config['default']['burst']
                     filter_cmd += f' burst {burst}'
 
+                if 'mtu' in config['default']:
+                    mtu = config['default']['mtu']
+                    filter_cmd += f' mtu {mtu}'
+
                 if 'class' in config:
                     filter_cmd += f' flowid {self._parent:x}:{default_cls_id:x}'
 
diff --git a/python/vyos/xml_ref/generate_cache.py b/python/vyos/xml_ref/generate_cache.py
index 6a05d4608..d1ccb0f81 100755
--- a/python/vyos/xml_ref/generate_cache.py
+++ b/python/vyos/xml_ref/generate_cache.py
@@ -38,7 +38,8 @@ xml_tmp = join('/tmp', xml_cache_json)
 pkg_cache = abspath(join(_here, 'pkg_cache'))
 ref_cache = abspath(join(_here, 'cache.py'))
 
-node_data_fields = ("node_type", "multi", "valueless", "default_value")
+node_data_fields = ("node_type", "multi", "valueless", "default_value",
+                    "owner", "priority")
 
 def trim_node_data(cache: dict):
     for k in list(cache):