4 files changed, 134 insertions, 8 deletions

diff --git a/src/conf_mode/interfaces_bridge.py b/src/conf_mode/interfaces_bridge.py
index 9789f7bd3..7b2c1ee0b 100755
--- a/src/conf_mode/interfaces_bridge.py
+++ b/src/conf_mode/interfaces_bridge.py
@@ -56,6 +56,17 @@ def get_config(config=None):
             bridge['member'].update({'interface_remove' : tmp })
         else:
             bridge.update({'member' : {'interface_remove' : tmp }})
+            for interface in tmp:
+                # When using VXLAN member interfaces that are configured for Single
+                # VXLAN Device (SVD) we need to call the VXLAN conf-mode script to
+                # re-create VLAN to VNI mappings if required, but only if the interface
+                # is already live on the system - this must not be done on first commit
+                if interface.startswith('vxlan') and interface_exists(interface):
+                    set_dependents('vxlan', conf, interface)
+                # When using Wireless member interfaces we need to inform hostapd
+                # to properly set-up the bridge
+                elif interface.startswith('wlan') and interface_exists(interface):
+                    set_dependents('wlan', conf, interface)
 
     if dict_search('member.interface', bridge) is not None:
         for interface in list(bridge['member']['interface']):
@@ -91,6 +102,10 @@ def get_config(config=None):
             # is already live on the system - this must not be done on first commit
             if interface.startswith('vxlan') and interface_exists(interface):
                 set_dependents('vxlan', conf, interface)
+            # When using Wireless member interfaces we need to inform hostapd
+            # to properly set-up the bridge
+            elif interface.startswith('wlan') and interface_exists(interface):
+                set_dependents('wlan', conf, interface)
 
     # delete empty dictionary keys - no need to run code paths if nothing is there to do
     if 'member' in bridge:
@@ -140,9 +155,6 @@ def verify(bridge):
             if 'enable_vlan' in bridge:
                 if 'has_vlan' in interface_config:
                     raise ConfigError(error_msg + 'it has VLAN subinterface(s) assigned!')
-
-                if 'wlan' in interface:
-                    raise ConfigError(error_msg + 'VLAN aware cannot be set!')
             else:
                 for option in ['allowed_vlan', 'native_vlan']:
                     if option in interface_config:
@@ -168,12 +180,19 @@ def apply(bridge):
     else:
         br.update(bridge)
 
-    for interface in dict_search('member.interface', bridge) or []:
-        if interface.startswith('vxlan') and interface_exists(interface):
+    tmp = []
+    if 'member' in bridge:
+        if 'interface_remove' in bridge['member']:
+            tmp.extend(bridge['member']['interface_remove'])
+        if 'interface' in bridge['member']:
+            tmp.extend(bridge['member']['interface'])
+
+    for interface in tmp:
+        if interface.startswith(tuple(['vxlan', 'wlan'])) and interface_exists(interface):
             try:
                 call_dependents()
             except ConfigError:
-                raise ConfigError('Error in updating VXLAN interface after changing bridge!')
+                raise ConfigError('Error updating member interface configuration after changing bridge!')
 
     return None
 
diff --git a/src/conf_mode/protocols_bgp.py b/src/conf_mode/protocols_bgp.py
index 44409c0e3..22f020099 100755
--- a/src/conf_mode/protocols_bgp.py
+++ b/src/conf_mode/protocols_bgp.py
@@ -333,7 +333,7 @@ def verify(bgp):
                     raise ConfigError('Cannot have local-as same as system-as number')
 
                 # Neighbor AS specified for local-as and remote-as can not be the same
-                if dict_search('remote_as', peer_config) == asn:
+                if dict_search('remote_as', peer_config) == asn and neighbor != 'peer_group':
                      raise ConfigError(f'Neighbor "{peer}" has local-as specified which is '\
                                         'the same as remote-as, this is not allowed!')
 
diff --git a/src/op_mode/bonding.py b/src/op_mode/bonding.py
new file mode 100755
index 000000000..07bccbd4b
--- /dev/null
+++ b/src/op_mode/bonding.py
@@ -0,0 +1,103 @@
+#!/usr/bin/env python3
+#
+# Copyright (C) 2016-2024 VyOS maintainers and contributors
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2 or later as
+# published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+#
+# This script will parse 'sudo cat /proc/net/bonding/<interface name>' and return table output for lacp related info
+
+import subprocess
+import re
+import sys
+import typing
+from tabulate import tabulate
+
+import vyos.opmode
+from vyos.configquery import ConfigTreeQuery
+
+def list_to_dict(data, headers, basekey):
+    data_list = {basekey: []}
+
+    for row in data:
+        row_dict = {headers[i]: row[i] for i in range(len(headers))}
+        data_list[basekey].append(row_dict)
+
+    return data_list
+
+def show_lacp_neighbors(raw: bool, interface: typing.Optional[str]):
+    headers = ["Interface", "Member", "Local ID", "Remote ID"]
+    data = subprocess.run(f"cat /proc/net/bonding/{interface}", stdout=subprocess.PIPE, stderr=subprocess.DEVNULL, shell=True, text=False).stdout.decode('utf-8')
+    if 'Bonding Mode: IEEE 802.3ad Dynamic link aggregation' not in data:
+        raise vyos.opmode.DataUnavailable(f"{interface} is not present or not configured with mode 802.3ad")
+
+    pattern = re.compile(
+        r"Slave Interface: (?P<member>\w+\d+).*?"
+        r"system mac address: (?P<local_id>[0-9a-f:]+).*?"
+        r"details partner lacp pdu:.*?"
+        r"system mac address: (?P<remote_id>[0-9a-f:]+)",
+        re.DOTALL
+    )
+
+    interfaces = []
+
+    for match in re.finditer(pattern, data):
+        member = match.group("member")
+        local_id = match.group("local_id")
+        remote_id = match.group("remote_id")
+        interfaces.append([interface, member, local_id, remote_id])
+
+    if raw:
+        return list_to_dict(interfaces, headers, 'lacp')
+    else:
+        return tabulate(interfaces, headers)
+
+def show_lacp_detail(raw: bool, interface: typing.Optional[str]):
+    headers = ["Interface", "Members", "Mode", "Rate", "System-MAC", "Hash"]
+    query = ConfigTreeQuery()
+
+    if interface:
+        intList = [interface]
+    else:
+        intList = query.list_nodes(['interfaces', 'bonding'])
+
+    bondList = []
+
+    for interface in intList:
+        data = subprocess.run(f"cat /proc/net/bonding/{interface}", stdout=subprocess.PIPE, stderr=subprocess.DEVNULL, shell=True, text=False).stdout.decode('utf-8')
+        if 'Bonding Mode: IEEE 802.3ad Dynamic link aggregation' not in data:
+            continue
+
+        mode_active = "active" if "LACP active: on" in data else "passive"
+        lacp_rate = re.search(r"LACP rate: (\w+)", data).group(1) if re.search(r"LACP rate: (\w+)", data) else "N/A"
+        hash_policy = re.search(r"Transmit Hash Policy: (.+?) \(\d+\)", data).group(1) if re.search(r"Transmit Hash Policy: (.+?) \(\d+\)", data) else "N/A"
+        system_mac = re.search(r"System MAC address: ([0-9a-f:]+)", data).group(1) if re.search(r"System MAC address: ([0-9a-f:]+)", data) else "N/A"
+        if raw:
+            members = re.findall(r"Slave Interface: ([a-zA-Z0-9:_-]+)", data)
+        else:
+            members = ",".join(set(re.findall(r"Slave Interface: ([a-zA-Z0-9:_-]+)", data)))
+
+        bondList.append([interface, members, mode_active, lacp_rate, system_mac, hash_policy])
+
+    if raw:
+        return list_to_dict(bondList, headers, 'lacp')
+    else:
+        return tabulate(bondList, headers)
+
+if __name__ == '__main__':
+    try:
+        res = vyos.opmode.run(sys.modules[__name__])
+        if res:
+            print(res)
+    except (ValueError, vyos.opmode.Error) as e:
+        print(e)
+        sys.exit(1)
diff --git a/src/op_mode/ipoe-control.py b/src/op_mode/ipoe-control.py
index 0f33beca7..b7d6a0c43 100755
--- a/src/op_mode/ipoe-control.py
+++ b/src/op_mode/ipoe-control.py
@@ -56,7 +56,11 @@ def main():
         if args.selector in cmd_dict['selector'] and args.target:
             run(cmd_dict['cmd_base'] + "{0} {1} {2}".format(args.action, args.selector, args.target))
         else:
-            output, err = popen(cmd_dict['cmd_base'] + cmd_dict['actions'][args.action], decode='utf-8')
+            if args.action == "show_sessions":
+                ses_pattern = " ifname,username,calling-sid,ip,ip6,ip6-dp,rate-limit,type,comp,state,uptime"
+            else:
+                ses_pattern = ""
+            output, err = popen(cmd_dict['cmd_base'] + cmd_dict['actions'][args.action] + ses_pattern, decode='utf-8')
             if not err:
                 print(output)
             else: