version 1.0; ns junos = "http://xml.juniper.net/junos/*/junos"; ns xnm = "http://xml.juniper.net/xnm/1.1/xnm"; ns jcs = "http://xml.juniper.net/junos/commit-scripts/1.0"; import "../import/junos.xsl"; /* To do list: check the rate limiter nk against the interface description Trigger only for user iprdm Consider deactivate/delete when no longer referenced on an interface */ match configuration { var $configuration = firewall; var $log_msg1 = $localtime _ " " _ $script _ " script has started on device " _ $hostname _ " by user " _ $user; expr jcs:syslog( "external.warn", $log_msg1); for-each (interfaces/interface/unit/family/inet) { if ( (not(jcs:empty(policer[@junos:changed =="changed"]))) ) { var $changed_pol = ./policer/output; var $name_test = "^.*[n|N][0-9]{7}[k|K]_rate_limiter.*"; var $reg-result2 = jcs:regex($name_test, $changed_pol); if (not(jcs:empty($reg-result2[1]))) { var $pol_name = jcs:split("_",$changed_pol); var $nk = $pol_name[1]; var $rate = $pol_name[4]; { { { $changed_pol; { $rate; "32767"; } { ; } } } } var $log_msg2 = $localtime _ " " _ $script _ " the following firewall policer has been added: " _ $changed_pol; expr jcs:syslog( "external.warn", $log_msg2); { { { ../../../name; { ../../name; { { { $changed_pol; }}}}}}} var $log_msg3 = $localtime _ " " _ $script _ " the following input policer " _ $changed_pol _ " has been added to " _ ../../../name _ " vlan " _ ../../name; expr jcs:syslog( "external.warn", $log_msg3); } } if (not(jcs:empty(./policer/input))) { var $in_pol = ./policer/input; /*var $out_pol = ./policer/output;*/ var $name_test2 = "^.*[n|N][0-9]{7}[k|K]_rate_limiter.*"; var $reg-result3 = jcs:regex($name_test2, $in_pol); /*var $reg-result4 = jcs:regex($name_test2, $out_pol);*/ if (not(jcs:empty($reg-result3[1]))) { { $in_pol; } if (jcs:empty(./policer/output)) { { { { ../../../name; { ../../name; { { { $in_pol; }}}}}}} var $log_msg4 = $localtime _ " " _ $script _ " the following input policer " _ $in_pol _ " has been removed from " _ ../../../name _ " vlan " _ ../../name; expr jcs:syslog( "external.warn", $log_msg4); } } } } }