6 files changed, 222 insertions, 7 deletions

diff --git a/Makefile b/Makefile
index ad71219eb..882d5311b 100644
--- a/Makefile
+++ b/Makefile
@@ -45,7 +45,6 @@ interface_definitions: $(config_xml_obj)
 	rm -f $(TMPL_DIR)/vpn/node.def
 	rm -f $(TMPL_DIR)/vpn/ipsec/node.def
 	rm -rf $(TMPL_DIR)/vpn/nipsec
-	rm -rf $(TMPL_DIR)/protocols/nripng
 
 	# XXX: required until OSPF and RIP is migrated from vyatta-cfg-quagga to vyos-1x
 	mkdir $(TMPL_DIR)/interfaces/loopback/node.tag/ipv6
diff --git a/data/configd-include.json b/data/configd-include.json
index 495000961..e50dbf1b2 100644
--- a/data/configd-include.json
+++ b/data/configd-include.json
@@ -40,6 +40,7 @@
 "protocols_ospfv3.py",
 "protocols_pim.py",
 "protocols_rip.py",
+"protocols_ripng.py",
 "protocols_static.py",
 "protocols_static_multicast.py",
 "protocols_vrf.py",
diff --git a/data/templates/frr/ripng.frr.tmpl b/data/templates/frr/ripng.frr.tmpl
new file mode 100644
index 000000000..ac14dfd3f
--- /dev/null
+++ b/data/templates/frr/ripng.frr.tmpl
@@ -0,0 +1,82 @@
+!
+router ripng
+{% if default_information is defined and default_information.originate is defined %}
+ default-information originate
+{% endif %}
+{% if default_metric is defined and default_metric is not none %}
+ default-metric {{ default_metric }}
+{% endif %}
+{% if aggregate_address is defined and aggregate_address is not none %}
+{%   for prefix in aggregate_address %}
+ aggregate-address {{ prefix }}
+{%   endfor %}
+{% endif %}
+{% if passive_interface is defined and passive_interface is not none %}
+{%   for ifname in passive_interface %}
+ passive-interface {{ ifname }}
+{%   endfor %}
+{% endif %}
+{% if interface is defined and interface is not none %}
+{%   for ifname in interface %}
+ network {{ ifname }}
+{%   endfor %}
+{% endif %}
+{% if network is defined and network is not none %}
+{%   for net in network %}
+ network {{ net }}
+{%   endfor %}
+{% endif %}
+{% if route is defined and route is not none %}
+{%   for prefix in route %}
+ route {{ prefix }}
+{%   endfor %}
+{% endif %}
+{% if redistribute is defined and redistribute is not none %}
+{%   for protocol, protocol_config in redistribute.items() %}
+{%     if protocol == 'ospfv3' %}
+{%       set protocol = 'ospf6' %}
+{%     endif %}
+ redistribute {{ protocol }} {{ 'metric ' + protocol_config.metric if protocol_config.metric is defined }} {{ 'route-map ' + protocol_config.route_map if protocol_config.route_map is defined }}
+{%   endfor %}
+{% endif %}
+{# timers have default values #}
+ timers basic {{ timers['update'] }} {{ timers.timeout }} {{ timers.garbage_collection }}
+{% if distribute_list is defined and distribute_list is not none %}
+{%   if distribute_list.access_list is defined and distribute_list.access_list is not none %}
+{%     if distribute_list.access_list.in is defined and distribute_list.access_list.in is not none %}
+ ipv6 distribute-list {{ distribute_list.access_list.in }} in
+{%     endif %}
+{%     if distribute_list.access_list.out is defined and distribute_list.access_list.out is not none %}
+ ipv6 distribute-list {{ distribute_list.access_list.out }} out
+{%     endif %}
+{%   endif %}
+{%   if distribute_list.interface is defined and distribute_list.interface is not none %}
+{%     for interface, interface_config in distribute_list.interface.items() %}
+{%       if interface_config.access_list is defined and interface_config.access_list is not none %}
+{%         if interface_config.access_list.in is defined and interface_config.access_list.in is not none %}
+ ipv6 distribute-list {{ interface_config.access_list.in }} in {{ interface }}
+{%         endif %}
+{%         if interface_config.access_list.out is defined and interface_config.access_list.out is not none %}
+ ipv6 distribute-list {{ interface_config.access_list.out }} out {{ interface }}
+{%         endif %}
+{%       endif %}
+{%       if interface_config.prefix_list is defined and interface_config.prefix_list is not none %}
+{%         if interface_config.prefix_list.in is defined and interface_config.prefix_list.in is not none %}
+ ipv6 distribute-list prefix {{ interface_config.prefix_list.in }} in {{ interface }}
+{%         endif %}
+{%         if interface_config.prefix_list.out is defined and interface_config.prefix_list.out is not none %}
+ ipv6 distribute-list prefix {{ interface_config.prefix_list.out }} out {{ interface }}
+{%         endif %}
+{%       endif %}
+{%     endfor %}
+{%   endif %}
+{%   if distribute_list.prefix_list is defined and distribute_list.prefix_list is not none %}
+{%     if distribute_list.prefix_list.in is defined and distribute_list.prefix_list.in is not none %}
+ ipv6 distribute-list prefix {{ distribute_list.prefix_list.in }} in
+{%     endif %}
+{%     if distribute_list.prefix_list.out is defined and distribute_list.prefix_list.out is not none %}
+ ipv6 distribute-list prefix {{ distribute_list.prefix_list.out }} out
+{%     endif %}
+{%   endif %}
+{% endif %}
+!
diff --git a/interface-definitions/protocols-ripng.xml.in b/interface-definitions/protocols-ripng.xml.in
index 74f720e89..e456c3f3b 100644
--- a/interface-definitions/protocols-ripng.xml.in
+++ b/interface-definitions/protocols-ripng.xml.in
@@ -1,8 +1,8 @@
-<!-- Routing Information Protocol (RIPng) configuration -->
+<?xml version="1.0"?>
 <interfaceDefinition>
   <node name="protocols">
     <children>
-      <node name="nripng" owner="${vyos_conf_scripts_dir}/protocols_ripng.py">
+      <node name="ripng" owner="${vyos_conf_scripts_dir}/protocols_ripng.py">
         <properties>
           <help>Routing Information Protocol (RIPng) parameters</help>
         </properties>
diff --git a/smoketest/scripts/cli/test_protocols_ripng.py b/smoketest/scripts/cli/test_protocols_ripng.py
index 90cbaccd8..6850b60d3 100755
--- a/smoketest/scripts/cli/test_protocols_ripng.py
+++ b/smoketest/scripts/cli/test_protocols_ripng.py
@@ -107,10 +107,10 @@ class TestProtocolsRIPng(unittest.TestCase):
         self.assertIn(f'router ripng', frrconfig)
         self.assertIn(f' default-information originate', frrconfig)
         self.assertIn(f' default-metric {metric}', frrconfig)
-        self.assertIn(f' distribute-list {acl_in} in', frrconfig)
-        self.assertIn(f' distribute-list {acl_out} out', frrconfig)
-        self.assertIn(f' distribute-list prefix {prefix_list_in} in', frrconfig)
-        self.assertIn(f' distribute-list prefix {prefix_list_out} out', frrconfig)
+        self.assertIn(f' ipv6 distribute-list {acl_in} in', frrconfig)
+        self.assertIn(f' ipv6 distribute-list {acl_out} out', frrconfig)
+        self.assertIn(f' ipv6 distribute-list prefix {prefix_list_in} in', frrconfig)
+        self.assertIn(f' ipv6 distribute-list prefix {prefix_list_out} out', frrconfig)
         self.assertIn(f' passive-interface default', frrconfig)
         self.assertIn(f' timers basic {timer_update} {timer_timeout} {timer_garbage}', frrconfig)
         for aggregate in aggregates:
diff --git a/src/conf_mode/protocols_ripng.py b/src/conf_mode/protocols_ripng.py
new file mode 100755
index 000000000..8cc5de64a
--- /dev/null
+++ b/src/conf_mode/protocols_ripng.py
@@ -0,0 +1,133 @@
+#!/usr/bin/env python3
+#
+# Copyright (C) 2021 VyOS maintainers and contributors
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2 or later as
+# published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+import os
+
+from sys import exit
+
+from vyos.config import Config
+from vyos.configdict import dict_merge
+from vyos.configverify import verify_route_maps
+from vyos.util import call
+from vyos.util import dict_search
+from vyos.xml import defaults
+from vyos.template import render_to_string
+from vyos import ConfigError
+from vyos import frr
+from vyos import airbag
+airbag.enable()
+
+frr_daemon = 'ripngd'
+
+def get_config(config=None):
+    if config:
+        conf = config
+    else:
+        conf = Config()
+    base = ['protocols', 'ripng']
+    ripng = conf.get_config_dict(base, key_mangling=('-', '_'), get_first_key=True)
+
+    # Bail out early if configuration tree does not exist
+    if not conf.exists(base):
+        return ripng
+
+    # We have gathered the dict representation of the CLI, but there are default
+    # options which we need to update into the dictionary retrived.
+    default_values = defaults(base)
+    # merge in remaining default values
+    ripng = dict_merge(default_values, ripng)
+
+    # We also need some additional information from the config, prefix-lists
+    # and route-maps for instance. They will be used in verify()
+    base = ['policy']
+    tmp = conf.get_config_dict(base, key_mangling=('-', '_'))
+    # Merge policy dict into OSPF dict
+    ripng = dict_merge(tmp, ripng)
+
+    import pprint
+    pprint.pprint(ripng)
+    return ripng
+
+def verify(ripng):
+    if not ripng:
+        return None
+
+    acl_in = dict_search('distribute_list.access_list.in', ripng)
+    if acl_in and acl_in not in  (dict_search('policy.access_list6', ripng) or []):
+        raise ConfigError(f'Inbound access-list6 "{acl_in}" does not exist!')
+
+    acl_out = dict_search('distribute_list.access_list.out', ripng)
+    if acl_out and acl_out not in (dict_search('policy.access_list6', ripng) or []):
+        raise ConfigError(f'Outbound access-list6 "{acl_out}" does not exist!')
+
+    prefix_list_in = dict_search('distribute_list.prefix_list.in', ripng)
+    if prefix_list_in and prefix_list_in.replace('-','_') not in (dict_search('policy.prefix_list6', ripng) or []):
+        raise ConfigError(f'Inbound prefix-list6 "{prefix_list_in}" does not exist!')
+
+    prefix_list_out = dict_search('distribute_list.prefix_list.out', ripng)
+    if prefix_list_out and prefix_list_out.replace('-','_') not in (dict_search('policy.prefix_list6', ripng) or []):
+        raise ConfigError(f'Outbound prefix-list6 "{prefix_list_out}" does not exist!')
+
+    if 'interface' in ripng:
+        for interface, interface_options in ripng['interface'].items():
+            if 'authentication' in interface_options:
+                if {'md5', 'plaintext_password'} <= set(interface_options['authentication']):
+                    raise ConfigError('Can not use both md5 and plaintext-password at the same time!')
+            if 'split_horizon' in interface_options:
+                if {'disable', 'poison_reverse'} <= set(interface_options['split_horizon']):
+                    raise ConfigError(f'You can not have "split-horizon poison-reverse" enabled ' \
+                                      f'with "split-horizon disable" for "{interface}"!')
+
+    verify_route_maps(ripng)
+
+def generate(ripng):
+    if not ripng:
+        ripng['new_frr_config'] = ''
+        return None
+
+    ripng['new_frr_config'] = render_to_string('frr/ripng.frr.tmpl', ripng)
+    import pprint
+    pprint.pprint(ripng['new_frr_config'])
+
+    return None
+
+def apply(ripng):
+    # Save original configuration prior to starting any commit actions
+    frr_cfg = frr.FRRConfig()
+    frr_cfg.load_configuration(frr_daemon)
+    frr_cfg.modify_section(r'key chain \S+', '')
+    frr_cfg.modify_section(r'interface \S+', '')
+    frr_cfg.modify_section('router ripng', '')
+    frr_cfg.add_before(r'(ip prefix-list .*|route-map .*|line vty)', ripng['new_frr_config'])
+    frr_cfg.commit_configuration(frr_daemon)
+
+    # If FRR config is blank, rerun the blank commit x times due to frr-reload
+    # behavior/bug not properly clearing out on one commit.
+    if ripng['new_frr_config'] == '':
+        for a in range(5):
+            frr_cfg.commit_configuration(frr_daemon)
+
+    return None
+
+if __name__ == '__main__':
+    try:
+        c = get_config()
+        verify(c)
+        generate(c)
+        apply(c)
+    except ConfigError as e:
+        print(e)
+        exit(1)