8 files changed, 76 insertions, 8 deletions

diff --git a/data/templates/frr/policy.frr.tmpl b/data/templates/frr/policy.frr.tmpl
index d3d3957a5..97eb15331 100644
--- a/data/templates/frr/policy.frr.tmpl
+++ b/data/templates/frr/policy.frr.tmpl
@@ -276,6 +276,9 @@ route-map {{ route_map }} {{ rule_config.action }} {{ rule }}
 {%           if rule_config.set.ipv6_next_hop is defined and rule_config.set.ipv6_next_hop.local is defined and rule_config.set.ipv6_next_hop.local is not none %}
  set ipv6 next-hop local {{ rule_config.set.ipv6_next_hop.local }}
 {%           endif %}
+{%           if rule_config.set.ipv6_next_hop is defined and rule_config.set.ipv6_next_hop.peer_address is defined %}
+ set ipv6 next-hop peer-address
+{%           endif %}
 {%           if rule_config.set.ipv6_next_hop is defined and rule_config.set.ipv6_next_hop.prefer_global is defined %}
  set ipv6 next-hop prefer-global
 {%           endif %}
diff --git a/data/templates/syslog/logrotate.tmpl b/data/templates/syslog/logrotate.tmpl
index f758265e4..c1b951e8b 100644
--- a/data/templates/syslog/logrotate.tmpl
+++ b/data/templates/syslog/logrotate.tmpl
@@ -1,12 +1,11 @@
-{% for file in files %}
-{{files[file]['log-file']}} {
+{{ config_render['log-file'] }} {
   missingok
   notifempty
   create
-  rotate {{files[file]['max-files']}}
-  size={{files[file]['max-size']//1024}}k
+  rotate {{ config_render['max-files'] }}
+  size={{ config_render['max-size'] // 1024 }}k
   postrotate
     invoke-rc.d rsyslog rotate > /dev/null
   endscript
 }
-{% endfor %}
+
diff --git a/debian/vyos-1x.postinst b/debian/vyos-1x.postinst
index 1a4c830cc..1ca6687a3 100644
--- a/debian/vyos-1x.postinst
+++ b/debian/vyos-1x.postinst
@@ -93,3 +93,7 @@ for file in $DELETE; do
         rm -f ${file}
     fi
 done
+
+# Remove logrotate items controlled via CLI and VyOS defaults
+sed -i '/^\/var\/log\/messages$/d' /etc/logrotate.d/rsyslog
+sed -i '/^\/var\/log\/auth.log$/d' /etc/logrotate.d/rsyslog
diff --git a/interface-definitions/policy.xml.in b/interface-definitions/policy.xml.in
index 9767285dd..5e037b558 100644
--- a/interface-definitions/policy.xml.in
+++ b/interface-definitions/policy.xml.in
@@ -1115,13 +1115,23 @@
                       <help>Nexthop IP address</help>
                       <completionHelp>
                         <script>${vyos_completion_dir}/list_local_ips.sh --ipv4</script>
+                        <list>unchanged peer-address</list>
                       </completionHelp>
                       <valueHelp>
                         <format>ipv4</format>
                         <description>IP address</description>
                       </valueHelp>
+                      <valueHelp>
+                        <format>unchanged</format>
+                        <description>Set the BGP nexthop address as unchanged</description>
+                      </valueHelp>
+                      <valueHelp>
+                        <format>peer-address</format>
+                        <description>Set the BGP nexthop address to the address of the peer</description>
+                      </valueHelp>
                       <constraint>
                         <validator name="ipv4-address"/>
+                        <regex>^(unchanged|peer-address)$</regex>
                       </constraint>
                     </properties>
                   </leafNode>
@@ -1160,6 +1170,12 @@
                           </constraint>
                         </properties>
                       </leafNode>
+                      <leafNode name="peer-address">
+                        <properties>
+                          <help>Use peer address (for BGP only)</help>
+                          <valueless/>
+                        </properties>
+                      </leafNode>
                       <leafNode name="prefer-global">
                         <properties>
                           <help>Prefer global address as the nexthop</help>
diff --git a/op-mode-definitions/include/bgp/afi-ipv4-ipv6-flowspec.xml.i b/op-mode-definitions/include/bgp/afi-ipv4-ipv6-flowspec.xml.i
new file mode 100644
index 000000000..34228fdd1
--- /dev/null
+++ b/op-mode-definitions/include/bgp/afi-ipv4-ipv6-flowspec.xml.i
@@ -0,0 +1,25 @@
+<!-- included start from bgp/afi-ipv4-ipv6-flowspec.xml.i -->
+<tagNode name="flowspec">
+  <properties>
+    <help>Network in the BGP routing table to display</help>
+    <completionHelp>
+      <list>&lt;x.x.x.x&gt; &lt;x.x.x.x/x&gt; &lt;h:h:h:h:h:h:h:h&gt; &lt;h:h:h:h:h:h:h:h/x&gt;</list>
+    </completionHelp>
+  </properties>
+  <children>
+    #include <include/bgp/prefix-bestpath-multipath.xml.i>
+  </children>
+  <command>${vyos_op_scripts_dir}/vtysh_wrapper.sh $@</command>
+</tagNode>
+<node name="flowspec">
+  <properties>
+    <help>Flowspec Address Family modifier</help>
+  </properties>
+  <children>
+    #include <include/bgp/afi-common.xml.i>
+    #include <include/bgp/afi-ipv4-ipv6-common.xml.i>
+    #include <include/vtysh-generic-detail.xml.i>
+  </children>
+  <command>${vyos_op_scripts_dir}/vtysh_wrapper.sh $@</command>
+</node>
+<!-- included end -->
diff --git a/op-mode-definitions/include/bgp/show-bgp-common.xml.i b/op-mode-definitions/include/bgp/show-bgp-common.xml.i
index e81b26b3e..c9a112fca 100644
--- a/op-mode-definitions/include/bgp/show-bgp-common.xml.i
+++ b/op-mode-definitions/include/bgp/show-bgp-common.xml.i
@@ -20,6 +20,7 @@
   <children>
     #include <include/bgp/afi-common.xml.i>
     #include <include/bgp/afi-ipv4-ipv6-common.xml.i>
+    #include <include/bgp/afi-ipv4-ipv6-flowspec.xml.i>
     #include <include/bgp/afi-ipv4-ipv6-vpn.xml.i>
   </children>
   <command>${vyos_op_scripts_dir}/vtysh_wrapper.sh $@</command>
diff --git a/src/conf_mode/system-syslog.py b/src/conf_mode/system-syslog.py
index 3d8a51cd8..309b4bdb0 100755
--- a/src/conf_mode/system-syslog.py
+++ b/src/conf_mode/system-syslog.py
@@ -17,6 +17,7 @@
 import os
 import re
 
+from pathlib import Path
 from sys import exit
 
 from vyos.config import Config
@@ -89,7 +90,7 @@ def get_config(config=None):
                     filename: {
                         'log-file': '/var/log/user/' + filename,
                         'max-files': '5',
-                        'action-on-max-size': '/usr/sbin/logrotate /etc/logrotate.d/' + filename,
+                        'action-on-max-size': '/usr/sbin/logrotate /etc/logrotate.d/vyos-rsyslog-generated-' + filename,
                         'selectors': '*.err',
                         'max-size': 262144
                     }
@@ -205,10 +206,17 @@ def generate(c):
     conf = '/etc/rsyslog.d/vyos-rsyslog.conf'
     render(conf, 'syslog/rsyslog.conf.tmpl', c)
 
+    # cleanup current logrotate config files
+    logrotate_files = Path('/etc/logrotate.d/').glob('vyos-rsyslog-generated-*')
+    for file in logrotate_files:
+        file.unlink()
+
     # eventually write for each file its own logrotate file, since size is
     # defined it shouldn't matter
-    conf = '/etc/logrotate.d/vyos-rsyslog'
-    render(conf, 'syslog/logrotate.tmpl', c)
+    for filename, fileconfig in c.get('files', {}).items():
+        if fileconfig['log-file'].startswith('/var/log/user/'):
+            conf = '/etc/logrotate.d/vyos-rsyslog-generated-' + filename
+            render(conf, 'syslog/logrotate.tmpl', { 'config_render': fileconfig })
 
 
 def verify(c):
diff --git a/src/etc/logrotate.d/vyos-rsyslog b/src/etc/logrotate.d/vyos-rsyslog
new file mode 100644
index 000000000..3c087b94e
--- /dev/null
+++ b/src/etc/logrotate.d/vyos-rsyslog
@@ -0,0 +1,12 @@
+/var/log/messages {
+    create
+    missingok
+    nomail
+    notifempty
+    rotate 10
+    size 1M
+    postrotate
+        # inform rsyslog service about rotation
+        /usr/lib/rsyslog/rsyslog-rotate
+    endscript
+}