lldp: T7165: add support to enable only rx or tx on specific interface

LLDP is a stateless protocol which does not necessitate sending to receive
advertisements. There are multiple scenarios such as provider peering links in
which it is advantageous to receive LLDP but not disclose internal information
to the provider.

Add new CLI command:
* set service lldp interface <name> mode [disable|rx-tx|rx|tx]

The default is unchanged and will be rx-tx.

Furthermore if an interface has an explicit LLDP disable configured under
"set service lldp interface <name> disable" this will be migrated to
"set service lldp interface <name> mode disable"

4 files changed, 53 insertions, 2 deletions

diff --git a/smoketest/config-tests/dialup-router-complex b/smoketest/config-tests/dialup-router-complex
index c356c73c0..12edcfef2 100644
--- a/smoketest/config-tests/dialup-router-complex
+++ b/smoketest/config-tests/dialup-router-complex
@@ -695,6 +695,7 @@ set service dns forwarding ignore-hosts-file
 set service dns forwarding listen-address '172.16.254.30'
 set service dns forwarding listen-address '172.31.0.254'
 set service dns forwarding negative-ttl '60'
+set service lldp interface pppoe0 mode 'disable'
 set service lldp legacy-protocols cdp
 set service lldp snmp
 set service mdns repeater interface 'eth0.35'
diff --git a/smoketest/config-tests/nat-basic b/smoketest/config-tests/nat-basic
index ba2b1b838..f1cc0121d 100644
--- a/smoketest/config-tests/nat-basic
+++ b/smoketest/config-tests/nat-basic
@@ -60,7 +60,7 @@ set service dhcp-server shared-network-name LAN subnet 192.168.189.0/24 range 0
 set service dhcp-server shared-network-name LAN subnet 192.168.189.0/24 range 0 stop '192.168.189.254'
 set service dhcp-server shared-network-name LAN subnet 192.168.189.0/24 subnet-id '1'
 set service lldp interface all
-set service lldp interface eth1 disable
+set service lldp interface eth1 mode 'disable'
 set service ntp allow-client address '192.168.189.0/24'
 set service ntp listen-address '192.168.189.1'
 set service ntp server time1.vyos.net
diff --git a/smoketest/configs/dialup-router-complex b/smoketest/configs/dialup-router-complex
index aa9837fe9..018379bcd 100644
--- a/smoketest/configs/dialup-router-complex
+++ b/smoketest/configs/dialup-router-complex
@@ -1392,6 +1392,9 @@ service {
         }
     }
     lldp {
+        interface pppoe0 {
+            disable
+        }
         legacy-protocols {
             cdp
         }
diff --git a/smoketest/scripts/cli/test_service_lldp.py b/smoketest/scripts/cli/test_service_lldp.py
index 9d72ef78f..c73707e0d 100755
--- a/smoketest/scripts/cli/test_service_lldp.py
+++ b/smoketest/scripts/cli/test_service_lldp.py
@@ -1,6 +1,6 @@
 #!/usr/bin/env python3
 #
-# Copyright (C) 2022-2024 VyOS maintainers and contributors
+# Copyright (C) 2022-2025 VyOS maintainers and contributors
 #
 # This program is free software; you can redistribute it and/or modify
 # it under the terms of the GNU General Public License version 2 or later as
@@ -117,6 +117,8 @@ class TestServiceLLDP(VyOSUnitTestSHIM.TestCase):
         config = read_file(LLDPD_CONF)
 
         self.assertIn(f'configure ports {interface} med location elin "{elin}"', config)
+        # This is the CLI default mode
+        self.assertIn(f'configure ports {interface} lldp status rx-and-tx', config)
         self.assertIn(f'configure system interface pattern "{interface}"', config)
 
     def test_06_lldp_snmp(self):
@@ -134,5 +136,50 @@ class TestServiceLLDP(VyOSUnitTestSHIM.TestCase):
 
         self.cli_delete(['service', 'snmp'])
 
+    def test_07_lldp_interface_mode(self):
+        interfaces = Section.interfaces('ethernet', vlan=False)
+
+        # set interface mode to 'tx'
+        self.cli_set(base_path + ['interface', 'all'])
+        for interface in interfaces:
+            self.cli_set(base_path + ['interface', interface, 'mode', 'disable'])
+        # commit changes
+        self.cli_commit()
+
+        # verify configuration
+        config = read_file(LLDPD_CONF)
+        for interface in interfaces:
+            self.assertIn(f'configure ports {interface} lldp status disable', config)
+
+        # Change configuration to rx-only
+        for interface in interfaces:
+            self.cli_set(base_path + ['interface', interface, 'mode', 'rx'])
+        # commit changes
+        self.cli_commit()
+        # verify configuration
+        config = read_file(LLDPD_CONF)
+        for interface in interfaces:
+            self.assertIn(f'configure ports {interface} lldp status rx-only', config)
+
+        # Change configuration to tx-only
+        for interface in interfaces:
+            self.cli_set(base_path + ['interface', interface, 'mode', 'tx'])
+        # commit changes
+        self.cli_commit()
+        # verify configuration
+        config = read_file(LLDPD_CONF)
+        for interface in interfaces:
+            self.assertIn(f'configure ports {interface} lldp status tx-only', config)
+
+        # Change configuration to rx-only
+        for interface in interfaces:
+            self.cli_set(base_path + ['interface', interface, 'mode', 'rx-tx'])
+        # commit changes
+        self.cli_commit()
+        # verify configuration
+        config = read_file(LLDPD_CONF)
+        for interface in interfaces:
+            self.assertIn(f'configure ports {interface} lldp status rx-and-tx', config)
+
 if __name__ == '__main__':
     unittest.main(verbosity=2)