From 4f85fe97ab787a3f588203207d2a2551acb34586 Mon Sep 17 00:00:00 2001
From: Marek Isalski <maz@from-this-height.tenebrae.faelix.org>
Date: Wed, 25 Sep 2019 19:07:32 +0100
Subject: [PATCH] add RPKI, maximum-prefix, nexthop-self, and BGP passwords

---
 vyos.conf.j2 | 18 +++++++++++++++++-
 1 file changed, 17 insertions(+), 1 deletion(-)

diff --git a/vyos.conf.j2 b/vyos.conf.j2
index af8b057..23050ec 100644
--- a/vyos.conf.j2
+++ b/vyos.conf.j2
@@ -245,6 +245,7 @@ protocols {
         {% for neighbor, neighbor_data in as_data.get('neighbor',{}).items() %}
         neighbor {{ neighbor }} {
             remote-as {{ neighbor_data['remote-as'] }}
+            {% if 'password' in neighbor_data %}password {{ neighbor_data['password'] }}{% endif %}
             {% if 'update-source' in neighbor_data %}update-source {{ neighbor_data['update-source'] }}{% endif %}
             {% if 'ebgp-multihop' in neighbor_data %}ebgp-multihop {{ neighbor_data['ebgp-multihop'] }}{% endif %}
 
@@ -276,6 +277,12 @@ protocols {
                         {# neighbor_data['address-family']['ipv4-unicast']['allowas-in'] #}
                     }
                     {% endif %}
+                    {% if neighbor_data['address-family']['ipv4-unicast'].get('nexthop-self',False) %}
+                    nexthop-self
+                    {% endif %}
+                    {% if neighbor_data['address-family']['ipv4-unicast'].get('maximum-prefix',None) != None %}
+                    maximum-prefix {{ neighbor_data['address-family']['ipv4-unicast'].get('maximum-prefix',None) }}
+                    {% endif %}
                 }
                 {% endif %}
                 {% if 'ipv6-unicast' in neighbor_data['address-family'] %}
@@ -304,6 +311,12 @@ protocols {
                         {# neighbor_data['address-family']['ipv6-unicast']['allowas-in'] #}
                     }
                     {% endif %}
+                    {% if neighbor_data['address-family']['ipv6-unicast'].get('nexthop-self',False) %}
+                    nexthop-self
+                    {% endif %}
+                    {% if neighbor_data['address-family']['ipv6-unicast'].get('maximum-prefix',None) != None %}
+                    maximum-prefix {{ neighbor_data['address-family']['ipv6-unicast'].get('maximum-prefix',None) }}
+                    {% endif %}
                 }
                 {% endif %}
             }
@@ -808,8 +821,11 @@ policy {
                     community-list {{ group['match-community'] }}
                 }
                 {% endif %}
+                {% if 'match-rpki' in group %}
+                    rpki {{ group['match-rpki'] }}
+                {% endif %}
             }
-            action permit
+            action {{ group.get('action','permit') }}
             {% if 'on-match' in group %}
             on-match {
                 {{ group['on-match'] }}