SRX

 View Only
last person joined: 2 days ago 

Ask questions and share experiences about the SRX Series.
  • 1.  How to add huge list of ips to prefix-list using CLI

    Posted 06-06-2016 07:20

    How to add a huge list of IPs in one go to prefix-list using cli ?

    for example add all those ips https://lists.blocklist.de/lists/ssh.txt

     
     

    #prefix-list
    #ip
    #policy-options
    #cli
    #blockip


  • 2.  RE: How to add huge list of ips to prefix-list using CLI
    Best Answer

     
    Posted 06-06-2016 07:51

    Hi,

     

    You can edit the prefix-list and do a load merge.

    Before that you may need to use some scripting or editors to append the ';'  to the prefix list.

     

    I normally use sed on *NIX to append the ';'

    Example:

    > sed -e 's/$/;/' prefix.txt

    Then, edit policy prefix-list xxx, load merge relative terminal. Example below:

    [edit policy-options prefix-list TEST]
    root@PE2# load merge relative terminal
    [Type ^D at a new line to end input]
    94.38.108.24;
    94.54.42.82;
    94.61.171.253;
    94.62.98.162;
    95.128.34.171;
    95.139.161.113;
    95.141.27.91;
    95.141.31.16;
    95.141.31.19;
    load complete
    
    [edit policy-options prefix-list TEST]
    root@PE2# show
    94.38.108.24/32;
    94.54.42.82/32;
    94.61.171.253/32;
    94.62.98.162/32;
    95.128.34.171/32;
    95.139.161.113/32;
    95.141.27.91/32;
    95.141.31.16/32;
    95.141.31.19/32;
    

    There might be other ways of doing this, network automation using Ansible or Junos space for instance, but those do not involve the JUNOS CLI.



  • 3.  RE: How to add huge list of ips to prefix-list using CLI

    Posted 06-06-2016 09:33

    thank you

    everything works but the file load command from junos is:

     

    load merge iplist.txt relative

     



  • 4.  RE: How to add huge list of ips to prefix-list using CLI

     
    Posted 06-07-2016 01:12

    Hi,

     

    Thanks. You can use 'load merge file.txt relative' to load config from a file or 'load merge relative terminal' to paste the lines of config directly onto the edit hierarchy. Both should work.

     

    Cheers,

    Ashvin



  • 5.  RE: How to add huge list of ips to prefix-list using CLI

    Posted 06-09-2016 09:22

    for some reasons in both way when I

    load merge file 

    some IPs are different ?!? very wierd

    or with other option 

    load merge relative terminal

    I paste from a simple text all the IPs with all line ending ";" and when I wait to load some line the ";" is missing and it give me error example :

    terminal:43:(25) invalid value '1195' in ip address: '103.207.36.1195.154.34.76': 103.207.36.1195.154.34.76
    [edit policy-options prefix-list Untrusted_IP_Address]
    '103.207.36.1195.154.34.76;'
    invalid value '1195' in ip address: '103.207.36.1195.154.34.76'

     



  • 6.  RE: How to add huge list of ips to prefix-list using CLI

     
    Posted 06-09-2016 15:27

    Hi,

     

    Can you share a sample prefix list file so I can test it.

     

    Cheers,

    Ashvin



  • 7.  RE: How to add huge list of ips to prefix-list using CLI

    Posted 06-10-2016 03:27

    http://pastebin.com/kqWtN4qT

     

    I found out that It works fine(loading 200 ips at the time , it looks that goes in crash(alter the text) when there are more than 400 records) if I use serial connection but no luck wih SSH



  • 8.  RE: How to add huge list of ips to prefix-list using CLI

     
    Posted 06-10-2016 04:55

    Hi,

     

    I've noticed the same behavior when loading to terminal from a Console connection, which is probably understandable due to the buffer getting full.

     

    It works fine from an SSH connection and when loading from a local file.

    From SSH:

    212.129.17.101;
    212.129.19.140;
    212.129.26.190;
    212.129.26.221;
    load complete
    
    [edit policy-options prefix-list TEST]
    root@JUNOS# show | count
    Count: 346 lines

    From File:

    root@JUNOS# edit policy-options prefix-list TEST
    
    [edit policy-options prefix-list TEST]
    root@JUNOS# load merge /var/tmp/prefix2.txt relative
    load complete
    
    [edit policy-options prefix-list TEST]
    root@JUNOS# show | count
    Count: 346 lines

    Cheers,

    Ashvin