Created
October 20, 2013 23:35
-
-
Save nemith/7076660 to your computer and use it in GitHub Desktop.
Junos Commit script to automatically disable all non-defined interfaces.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| version 1.0; | |
| ns junos = "http://xml.juniper.net/junos/*/junos"; | |
| ns xnm = "http://xml.juniper.net/xnm/1.1/xnm"; | |
| ns jcs = "http://xml.juniper.net/junos/commit-scripts/1.0"; | |
| import "../import/junos.xsl"; | |
| /* Whitelist of interfaces that are eligble to be automatically disabled. Add | |
| or remove what is needed */ | |
| var $ELIGIBLE_INT_TYPES := { | |
| <type> 'ae-'; /* Aggregated Ethernet interface */ | |
| <type> 'as-'; /* Aggregated Sonet */ | |
| <type> 'as-'; /* Aggregated SONET/SDH interface */ | |
| <type> 'at-'; /* ATM interface */ | |
| <type> 'br-'; /* Basic Rate ISDN interface */ | |
| <type> 'cau4-'; /* Channelized AU-4 */ | |
| <type> 'ce1-'; /* Channelized E1 */ | |
| <type> 'coc12-'; /* Channelized OC12 */ | |
| <type> 'coc1-'; /* Channelized OC1 */ | |
| <type> 'coc3-'; /* Channelized OC3 */ | |
| <type> 'coc48-'; /* Channelized OC48 */ | |
| <type> 'cstm16-'; /* Channelized STM16 */ | |
| <type> 'cstm1-'; /* Channelized STM1 */ | |
| <type> 'cstm4-'; /* Channelized STM4 */ | |
| <type> 'ct1-'; /* Channelized T1 IQ interface */ | |
| <type> 'ct3-'; /* Channelized T3 IQ interface */ | |
| <type> 'ds-'; /* DS0 interface */ | |
| <type> 'e1-'; /* E1 interface */ | |
| <type> 'e3-'; /* E3 interface */ | |
| <type> 'et-'; /* 100-Gigabit Ethernet interface */ | |
| <type> 'fe-'; /* Fast Ethernet interface */ | |
| <type> 'ge-'; /* Gigabit Ethernet interface */ | |
| <type> 'ml-'; /* Multilink interface */ | |
| <type> 'oc3-'; /* OC3 IQ interface */ | |
| <type> 'se-'; /* Serial interface */ | |
| <type> 'so-'; /* SONET/SDH interface. */ | |
| <type> 'stm16-'; /* STM16 interface */ | |
| <type> 'stm1-'; /* STM1 interface */ | |
| <type> 'stm4-'; /* STM4 interface */ | |
| <type> 't1-'; /* T1 interface */ | |
| <type> 't3-'; /* T3 interface */ | |
| <type> 'xe-'; /* 10-Gigabit Ethernet interface */ | |
| } | |
| match configuration { | |
| var $toplevel = .; | |
| /* Get all interfaces on the box */ | |
| var $all_ifs = jcs:invoke("get-interface-information"); | |
| for-each ($all_ifs/physical-interface) { | |
| var $if_name = name; | |
| /* Check to see if the interface name is an eligble interface | |
| (i.e in the ELIGIBLE_INT_TYPES node set). We don't want to disable | |
| non-physical interfaces or new interfaces by accedent */ | |
| if (not(jcs:empty($ELIGIBLE_INT_TYPES/type[starts-with($if_name, .)]))) { | |
| /* Only disable interfaces that are not defined */ | |
| if (jcs:empty($toplevel/interfaces/interface[name == $if_name])) { | |
| expr jcs:trace("Automatically disabling interface '" _ $if_name _ "' because it wasn't defined in the config."); | |
| call jcs:emit-change($dot = $toplevel/interfaces, $tag = 'transient-change') { | |
| with $content = { | |
| <interface> { | |
| <name> $if_name; | |
| <disable>; | |
| } | |
| } | |
| } | |
| } | |
| } | |
| } | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Copy the script to your Junos device | |
| ------------------------------------ | |
| homestar:commit bbennett$ scp disable-unconfigured-ifd.slax 172.16.1.1:/var/db/scripts/commit/ | |
| disable-unconfigured-ifd.slax 100% 3017 3.0KB/s 00:00 | |
| Enable the script and allow transiene changes | |
| --------------------------------------------- | |
| bbennett@SRX240# show | compare | |
| [edit system] | |
| + scripts { | |
| + commit { | |
| + allow-transients; | |
| + file disable-unconfigured-ifd.slax; | |
| + } | |
| + } | |
| Before: | |
| ------- | |
| bbennett@SRX240# run show interfaces terse | match ge-0/0 | except \.0 | |
| ge-0/0/0 up up | |
| ge-0/0/1 up up | |
| ge-0/0/2 up down | |
| ge-0/0/3 up down | |
| ge-0/0/4 up down | |
| ge-0/0/5 up down | |
| ge-0/0/6 up down | |
| ge-0/0/7 up down | |
| ge-0/0/8 up down | |
| ge-0/0/9 up down | |
| ge-0/0/10 up down | |
| ge-0/0/11 up down | |
| ge-0/0/12 up down | |
| ge-0/0/13 up down | |
| ge-0/0/14 up down | |
| ge-0/0/15 up up | |
| After: | |
| ------ | |
| bbennett@SRX240# run show interfaces terse | match ge-0/0 | except \.0 | |
| ge-0/0/0 up up | |
| ge-0/0/1 up up | |
| ge-0/0/2 down down | |
| ge-0/0/3 down down | |
| ge-0/0/4 up down | |
| ge-0/0/5 up down | |
| ge-0/0/6 up down | |
| ge-0/0/7 down down | |
| ge-0/0/8 down down | |
| ge-0/0/9 down down | |
| ge-0/0/10 down down | |
| ge-0/0/11 down down | |
| ge-0/0/12 down down | |
| ge-0/0/13 down down | |
| ge-0/0/14 down down | |
| ge-0/0/15 up up | |
| GREAT SUCCESS! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment