By now you should have a basic understanding of the things you can do using Junos scripts. You’ve been exposed to some examples of how you can use Junos automation to solve some common problems, so now let’s drill down into a few case studies.
The focus is not on how each script works, but rather how they are used.
You can download all scripts from this book’s web page at http://www.oreilly.com/9781449381714.
The int.xslt script shows all the interfaces in the system with an IP address configured (with the exception of a few pseudointerfaces that do not need to be bound to a zone) in a ScreenOS-like format:
run op int.xsltLogical Interface Address Zone Routing Instance Status Description ge-0/0/0.0 172.19.101.37 management Master Up pd-0/0/0.32769 Null Master Up ge-2/0/0.0 10.1.1.5 trust Master Up EX4200-1 ge-3/0/0.0 10.2.1.5 trust Master Up EX4200-1 wx-6/0/0.0 184.108.40.206 wx-zone Master Up lo0.0 10.255.255.255 trust Master Up st0.0 10.10.1.1 vpn Master Up
The description field is taken from the description in the unit and, if not present, the physical interface description is used. Of course, if neither of those is defined, the description is left blank.
The zone-groups.xslt script simulates a zone group, or a zone that contains multiple zones. When used in a policy, the zone group is expanded so that a new policy is added for each zone in the group (to prevent a zone ...