FortiPower · alagoutte · Jan 5, 2025 · Jan 4, 2025 · Jan 4, 2025 · Jan 4, 2025
diff --git a/PowerFGT/Public/cmdb/router/bgp.ps1 b/PowerFGT/Public/cmdb/router/bgp.ps1
@@ -0,0 +1,145 @@
+#
+# Copyright 2019, Alexis La Goutte <alexis dot lagoutte at gmail dot com>
+#
+# SPDX-License-Identifier: Apache-2.0
+#
+
+function Get-FGTRouterBGP {
+
+    <#
+        .SYNOPSIS
+        Get list of all BGP
+
+        .DESCRIPTION
+        Get list of all BGP (AS, router-id, neighbor, network...)
+
+        .EXAMPLE
+        Get-FGTRouterBGP
+
+        Get list of all router BGP object
+
+        .EXAMPLE
+        Get-FGTRouterBGP -meta
+
+        Get list of all router BGP object with metadata (q_...) like usage (q_ref)
+
+        .EXAMPLE
+        Get-FGTRouterBGP -skip
+
+        Get list of all router BGP object (but only relevant attributes)
+
+        .EXAMPLE
+        Get-FGTRouterBGP -vdom vdomX
+
+        Get list of all router BGP object on vdomX
+    #>
+
+    [CmdletBinding(DefaultParameterSetName = "default")]
+    Param(
+        [switch]$meta,
+        [Parameter(Mandatory = $false)]
+        [switch]$skip,
+        [Parameter(Mandatory = $false)]
+        [String[]]$vdom,
+        [Parameter(Mandatory = $false)]
+        [psobject]$connection = $DefaultFGTConnection
+    )
+
+    Begin {
+    }
+
+    Process {
+
+        $invokeParams = @{ }
+        if ( $PsBoundParameters.ContainsKey('meta') ) {
+            $invokeParams.add( 'meta', $meta )
+        }
+        if ( $PsBoundParameters.ContainsKey('skip') ) {
+            $invokeParams.add( 'skip', $skip )
+        }
+        if ( $PsBoundParameters.ContainsKey('vdom') ) {
+            $invokeParams.add( 'vdom', $vdom )
+        }
+
+        $response = Invoke-FGTRestMethod -uri 'api/v2/cmdb/router/bgp' -method 'GET' -connection $connection @invokeParams
+        $response.results
+    }
+
+    End {
+    }
+}
+
+function Set-FGTRouterBGP {
+
+    <#
+        .SYNOPSIS
+        Configure Router BGP Configuration
+
+        .DESCRIPTION
+        Configure BGP configuration (as, router id...)
+
+        .EXAMPLE
+        Set-FGTRouterBGP -as 65000 -router_id "192.0.2.1"
+
+        Set BGP AS to 65000 and Router ID to 192.0.2.1
+
+        .EXAMPLE
+        $data = @{ "ebgp-multipath" = "enable" }
+        PS C> Set-FGTRouterBGP -data $data
+
+        Change ebgp-multipath settings using -data parameter
+
+    #>
+
+    [CmdletBinding(SupportsShouldProcess, ConfirmImpact = 'medium')]
+    Param(
+        [Parameter (Mandatory = $false)]
+        [int]$as,
+        [Parameter (Mandatory = $false)]
+        [string]$router_id,
+        [Parameter (Mandatory = $false)]
+        [hashtable]$data,
+        [Parameter(Mandatory = $false)]
+        [String[]]$vdom,
+        [Parameter(Mandatory = $false)]
+        [psobject]$connection = $DefaultFGTConnection
+    )
+
+    Begin {
+    }
+
+    Process {
+
+        $invokeParams = @{ }
+        if ( $PsBoundParameters.ContainsKey('vdom') ) {
+            $invokeParams.add( 'vdom', $vdom )
+        }
+
+        $_bgp = new-Object -TypeName PSObject
+
+        if ( $PsBoundParameters.ContainsKey('as') ) {
+            $_bgp | add-member -name "as" -membertype NoteProperty -Value $as
+        }
+
+        if ( $PsBoundParameters.ContainsKey('router_id') ) {
+            $_bgp | add-member -name "router-id" -membertype NoteProperty -Value $router_id
+        }
+
+        if ( $PsBoundParameters.ContainsKey('data') ) {
+            $data.GetEnumerator() | ForEach-Object {
+                $_bgp | Add-member -name $_.key -membertype NoteProperty -Value $_.value
+            }
+        }
+
+        $uri = 'api/v2/cmdb/router/bgp'
+
+        if ($PSCmdlet.ShouldProcess("BGP", 'Configure Router BGP')) {
+            Invoke-FGTRestMethod -uri $uri -method 'PUT' -body $_bgp -connection $connection @invokeParams | Out-Null
+        }
+
+        Get-FGTRouterBGP -connection $connection @invokeParams
+    }
+
+    End {
+    }
+}
diff --git a/README.md b/README.md
@@ -36,6 +36,7 @@ With this module (version 0.8.1) you can manage:
 - [Monitor](#monitor) (Get)
 - [Policy](#policy) (Add/Get/Remove)
 - [Proxy Address/Address Group/ Policy](#proxy) (Add/Get/Set/Remove)
+- [Router BGP](#bgp) (Get/Set)
 - RoutePolicy (Get)
 - Service (Get)
 - Service Group (Get)
@@ -878,7 +879,9 @@ or delete it `Remove-SystemZone`.
     [Y] Yes  [A] Yes to All  [N] No  [L] No to All  [S] Suspend  [?] Help (default is "Y"): Y
 ```
 
-### Static Route
+### Routing
+
+#### Static Route
 
 You can create a new Static Route `Add-FGTRouterStatic`, retrieve its information `Get-FGTRouterStatic`,
 or delete it `Remove-FGTRouterStatic`.
@@ -948,6 +951,50 @@ or delete it `Remove-FGTRouterStatic`.
     [Y] Yes  [N] No  [?] Help (default is "N"): y
 ```
 
+## Routing
+
+#### BGP
+
+You can retrieve BGP information `Get-FGTRouterBGP` or configure it `Set-FGTRouterBGP`.
+
+```powershell
+# Get information about Router BGP
+    Get-FGTRouterBGP
+
+    as                                 :
+    router-id                          :
+    keepalive-timer                    : 60
+    holdtime-timer                     : 180
+    always-compare-med                 : disable
+    bestpath-as-path-ignore            : disable
+    bestpath-cmp-confed-aspath         : disable
+    bestpath-cmp-routerid              : disable
+    bestpath-med-confed                : disable
+    bestpath-med-missing-as-worst      : disable
+    client-to-client-reflection        : enable
+    dampening                          : disable
+    deterministic-med                  : disable
+    ebgp-multipath                     : enable
+    ibgp-multipath                     : disable
+    [...]
+
+# Configure BGP (AS and router-id)
+    Set-FGTRouterBGP -as 65001 -router_id 192.0.2.1
+
+    as                                 : 65001
+    router-id                          : 192.0.2.1
+    [...]
+
+# for configure BGP extra value, you need to use -data (for example holdtime and ebgp-multipath)
+    $data = @{ "holdtime-timer" = 120 ; "ebgp-multipath" = "enable" }
+    Set-FGTRouterBGP -data $data
+    [...]
+    holdtime-timer                     : 120
+    [...]
+    ebgp-multipath                     : enable
+    [...]
+```
+
 ### Interface
 
 You can create a new interface (Vlan ...) `Add-FGTSystemInterface`, retrieve its information `Get-FGTSystemInterface`,
@@ -1678,6 +1725,7 @@ Get-FGTMonitorVpnIPsec
 Get-FGTMonitorVpnSsl
 Get-FGTMonitorWebfilterCategories
 Get-FGTRouterPolicy
+Get-FGTRouterBGP
 Get-FGTRouterStatic
 Get-FGTSystemAdmin
 Get-FGTSystemDHCPServer
@@ -1730,6 +1778,7 @@ Set-FGTFirewallAddressGroup
 Set-FGTFirewallPolicy
 Set-FGTFirewallProxyAddressGroup
 Set-FGTFirewallVipGroup
+Set-FGTRouterBGP
 Set-FGTSystemGlobal
 Set-FGTSystemInterface
 Set-FGTSystemSettings

diff --git a/Tests/integration/Connection.Tests.ps1 b/Tests/integration/Connection.Tests.ps1
@@ -193,6 +193,9 @@ Describe "Connect to a FortiGate (using multi connection)" {
         It "Use Multi connection for call Get Log Settings" {
             { Get-FGTLogSetting -type syslogd -connection $fgt } | Should -Not -Throw
         }
+        It "Use Multi connection for call Get Router BGP" {
+            { Get-FGTRouterBGP -connection $fgt } | Should -Not -Throw
+        }
         It "Use Multi connection for call Get Router Policy" {
             { Get-FGTRouterPolicy -connection $fgt } | Should -Not -Throw
         }

diff --git a/Tests/integration/RouterBGP.Tests.ps1 b/Tests/integration/RouterBGP.Tests.ps1
@@ -0,0 +1,84 @@
+#
+# Copyright 2020, Alexis La Goutte <alexis dot lagoutte at gmail dot com>
+#
+# SPDX-License-Identifier: Apache-2.0
+#
+
+#include common configuration
+. ../common.ps1
+
+
+BeforeAll {
+    Connect-FGT @invokeParams
+}
+
+Describe "Get Router BGP" {
+
+
+    It "Get Router BGP Does not throw an error" {
+        {
+            Get-FGTRouterBGP
+        } | Should -Not -Throw
+    }
+
+    It "Get ALL Router BGP" {
+        $rb = Get-FGTRouterBGP
+        @($rb).count | Should -Not -Be $NULL
+    }
+
+    It "Get ALL Router BGP with -skip" {
+        $rb = Get-FGTRouterBGP -skip
+        @($rb).count | Should -Not -Be $NULL
+    }
+
+}
+
+Describe "Set Router BGP" {
+
+    BeforeAll {
+        $script:bgp = Get-FGTRouterBGP
+    }
+
+    It "Change AS" {
+        Set-FGTRouterBGP -as 65001
+        $rb = Get-FGTRouterBGP
+        $rb.as | Should -Be "65001"
+    }
+
+    It "Change router-id" {
+        Set-FGTRouterBGP -router_id "192.0.2.1"
+        $rb = Get-FGTRouterBGP
+        $rb.'router-id' | Should -Be "192.0.2.1"
+    }
+
+    It "Change BGP via data (one field)" {
+        $data = @{ "keepalive-timer" = 30 }
+        Set-FGTRouterBGP -data $data
+        $rb = Get-FGTRouterBGP
+        $rb.'keepalive-timer' | Should -Be "30"
+    }
+
+    It "Change BGP via data (two fields)" {
+        $data = @{ "holdtime-timer" = 120 ; "ebgp-multipath" = "enable" }
+        Set-FGTRouterBGP -data $data
+        $rb = Get-FGTRouterBGP
+        $rb.'holdtime-timer' | Should -Be "120"
+        $rb.'ebgp-multipath' | Should -Be "enable"
+    }
+
+    AfterAll {
+        #convert Ps(Custom)Object to Hashtable
+        $hashtable = @{}
+        foreach ( $property in $bgp.psobject.properties.name ) {
+            if ($property -eq "router-id" -or $property -eq "as") {
+                continue
+            }
+            $hashtable[$property] = $bgp.$property
+        }
+        Set-FGTRouterBGP -router_id 0.0.0.0 -as 0 -data $hashtable
+    }
+}
+
+AfterAll {
+    Disconnect-FGT -confirm:$false
+}