Add manpage update for new grouping feature '{from,to} {i,e}bgp'

OK phessler@

2 files changed, 20 insertions, 4 deletions

diff --git a/etc/examples/bgpd.conf b/etc/examples/bgpd.conf
index 7c80bfb4da0..95bc30411cf 100644
--- a/etc/examples/bgpd.conf
+++ b/etc/examples/bgpd.conf
@@ -1,4 +1,4 @@
-# $OpenBSD: bgpd.conf,v 1.5 2017/07/04 09:33:36 job Exp $
+# $OpenBSD: bgpd.conf,v 1.6 2017/08/12 17:39:51 job Exp $
 # sample bgpd configuration file
 # see bgpd.conf(5)
 
@@ -77,9 +77,17 @@ neighbor 10.2.1.1 {
 	    aes 4e0f2f1b5c4e3c0d0e2f2d3b8c5c8f0b
 }
 
+# do not send or use routes from EBGP neighbors without
+# further explicit configuration
+deny from ebgp
+deny to ebgp
+
+# allow updates to and from IBGP neighbors
+allow from ibgp
+allow to ibgp
+
 # filter out prefixes longer than 24 or shorter than 8 bits for IPv4
 # and longer than 48 or shorter than 16 bits for IPv6.
-deny from any
 allow from any inet prefixlen 8 - 24
 allow from any inet6 prefixlen 16 - 48
 
diff --git a/usr.sbin/bgpd/bgpd.conf.5 b/usr.sbin/bgpd/bgpd.conf.5
index 6f3beb71ae9..4bdc8131472 100644
--- a/usr.sbin/bgpd/bgpd.conf.5
+++ b/usr.sbin/bgpd/bgpd.conf.5
@@ -1,4 +1,4 @@
-.\" $OpenBSD: bgpd.conf.5,v 1.162 2017/08/11 16:02:53 claudio Exp $
+.\" $OpenBSD: bgpd.conf.5,v 1.163 2017/08/12 17:39:51 job Exp $
 .\"
 .\" Copyright (c) 2004 Claudio Jeker <claudio@openbsd.org>
 .\" Copyright (c) 2003, 2004 Henning Brauer <henning@openbsd.org>
@@ -16,7 +16,7 @@
 .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
 .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 .\"
-.Dd $Mdocdate: August 11 2017 $
+.Dd $Mdocdate: August 12 2017 $
 .Dt BGPD.CONF 5
 .Os
 .Sh NAME
@@ -1248,6 +1248,14 @@ is one of the following:
 .Bl -tag -width "group descr" -compact
 .It Ic any
 Any neighbor will be matched.
+.It Ic ibgp
+All
+.Em IBGP
+neighbors will be matched.
+.It Ic ebgp
+All
+.Em EBGP
+neighbors will be matched.
 .It Ar address
 Neighbors with this address will be matched.
 .It Ic group Ar descr