SRX

 View Only

IMPORTANT MODERATION NOTICE

This community is currently under full moderation, meaning  all posts will be reviewed before appearing in the community. Please expect a brief delay—there is no need to post multiple times. If your post is rejected, you'll receive an email outlining the reason(s). We've implemented full moderation to control spam. Thank you for your patience and participation.



  • 1.  How to add huge list of ips to prefix-list using CLI

    Posted 06-06-2016 07:20

    How to add a huge list of IPs in one go to prefix-list using cli ?

    for example add all those ips https://lists.blocklist.de/lists/ssh.txt

     
     

    #prefix-list
    #ip
    #policy-options
    #cli
    #blockip


  • 2.  RE: How to add huge list of ips to prefix-list using CLI
    Best Answer

     
    Posted 06-06-2016 07:51

    Hi,

     

    You can edit the prefix-list and do a load merge.

    Before that you may need to use some scripting or editors to append the ';'  to the prefix list.

     

    I normally use sed on *NIX to append the ';'

    Example:

    > sed -e 's/$/;/' prefix.txt

    Then, edit policy prefix-list xxx, load merge relative terminal. Example below:

    [edit policy-options prefix-list TEST]
    root@PE2# load merge relative terminal
    [Type ^D at a new line to end input]
    94.38.108.24;
    94.54.42.82;
    94.61.171.253;
    94.62.98.162;
    95.128.34.171;
    95.139.161.113;
    95.141.27.91;
    95.141.31.16;
    95.141.31.19;
    load complete
    
    [edit policy-options prefix-list TEST]
    root@PE2# show
    94.38.108.24/32;
    94.54.42.82/32;
    94.61.171.253/32;
    94.62.98.162/32;
    95.128.34.171/32;
    95.139.161.113/32;
    95.141.27.91/32;
    95.141.31.16/32;
    95.141.31.19/32;
    

    There might be other ways of doing this, network automation using Ansible or Junos space for instance, but those do not involve the JUNOS CLI.



  • 3.  RE: How to add huge list of ips to prefix-list using CLI

    Posted 06-06-2016 09:33

    thank you

    everything works but the file load command from junos is:

     

    load merge iplist.txt relative

     



  • 4.  RE: How to add huge list of ips to prefix-list using CLI

     
    Posted 06-07-2016 01:12

    Hi,

     

    Thanks. You can use 'load merge file.txt relative' to load config from a file or 'load merge relative terminal' to paste the lines of config directly onto the edit hierarchy. Both should work.

     

    Cheers,

    Ashvin



  • 5.  RE: How to add huge list of ips to prefix-list using CLI

    Posted 06-09-2016 09:22

    for some reasons in both way when I

    load merge file 

    some IPs are different ?!? very wierd

    or with other option 

    load merge relative terminal

    I paste from a simple text all the IPs with all line ending ";" and when I wait to load some line the ";" is missing and it give me error example :

    terminal:43:(25) invalid value '1195' in ip address: '103.207.36.1195.154.34.76': 103.207.36.1195.154.34.76
    [edit policy-options prefix-list Untrusted_IP_Address]
    '103.207.36.1195.154.34.76;'
    invalid value '1195' in ip address: '103.207.36.1195.154.34.76'

     



  • 6.  RE: How to add huge list of ips to prefix-list using CLI

     
    Posted 06-09-2016 15:27

    Hi,

     

    Can you share a sample prefix list file so I can test it.

     

    Cheers,

    Ashvin



  • 7.  RE: How to add huge list of ips to prefix-list using CLI

    Posted 06-10-2016 03:27

    http://pastebin.com/kqWtN4qT

     

    I found out that It works fine(loading 200 ips at the time , it looks that goes in crash(alter the text) when there are more than 400 records) if I use serial connection but no luck wih SSH



  • 8.  RE: How to add huge list of ips to prefix-list using CLI

     
    Posted 06-10-2016 04:55

    Hi,

     

    I've noticed the same behavior when loading to terminal from a Console connection, which is probably understandable due to the buffer getting full.

     

    It works fine from an SSH connection and when loading from a local file.

    From SSH:

    212.129.17.101;
    212.129.19.140;
    212.129.26.190;
    212.129.26.221;
    load complete
    
    [edit policy-options prefix-list TEST]
    root@JUNOS# show | count
    Count: 346 lines

    From File:

    root@JUNOS# edit policy-options prefix-list TEST
    
    [edit policy-options prefix-list TEST]
    root@JUNOS# load merge /var/tmp/prefix2.txt relative
    load complete
    
    [edit policy-options prefix-list TEST]
    root@JUNOS# show | count
    Count: 346 lines

    Cheers,

    Ashvin