Ethernet Switching
Showing results for 
Search instead for 
Do you mean 
Reply
Visitor
Posts: 3
Registered: ‎12-14-2016
0 Kudos

Script in EX 2200

Hello,

 

I want to know how I can do a script for all ours Switches in our network, I need to know which Switch has enabled:

show configuration ethernet-switching-options secure-access-port

 interface all {

allowed-mac......}

 

Does any body know about this?

 

Thanks

Visitor
Posts: 9
Registered: ‎08-16-2011
0 Kudos

Re: Script in EX 2200

Hi tuff,

 

can you please clarify your question, do you want to know which switch has a script enabled on it ??.

 

or do you need a script.

 

Thanks,

Ramesh.G

Visitor
Posts: 3
Registered: ‎12-14-2016
0 Kudos

Re: Script in EX 2200


Thanks for your reply rgopi,

I want to know which Switches are the port security enabled in by using a script :
@XXX> show configuration ethernet-switching-options secure-access-port
interface all {
allowed-mac [ ];
}

I need to enable it in ours Switches, is there any script I can use to know which are enabled and which are not?

Recognized Expert
Posts: 446
Registered: ‎02-13-2011
0 Kudos

Re: Script in EX 2200

Do you have Space running?  If not you could get a free demo version to use via download from Juniper Support site.  You could use the Looking Glass feature for this.  Depends on how many actual switches you need to look at, if you might need to use multiple interations.  For info look here:

 

https://www.juniper.net/documentation/en_US/junos-space12.3/platform/topics/task/operational/platfor...

 

Good luck.

Visitor
Posts: 3
Registered: ‎12-14-2016
0 Kudos

Re: Script in EX 2200

 

Hi,

 

We have a linux server,   We can running the script from here, all devices have connection with it.

Distinguished Expert
Posts: 575
Registered: ‎08-15-2012
0 Kudos

Re: Script in EX 2200

Hi, 

 

You could use a bash script for this.

I used a similar script to extract all ospf interfaces and build a template for RSVP [attached].

I had a file 'node.txt' listing the nodes/routers to query. 

 

You could adapt this for your purpose by including an if not empty condition. Below is an example:

#!/bin/bash
        for node in $(cat /tmp/node.txt)
        do
            sshpass -p "password" ssh $node -o PubKeyAuthentication=no "show configuration ethernet-switching-options secure-access-port" >> /tmp/$node.yml 
	    echo "$node config present"
        done

I may be able to test it later.

Hope this helps.

 

Cheers,

Ashvin

Super Contributor
Posts: 209
Registered: ‎07-18-2012
0 Kudos

Re: Script in EX 2200

Hi Folks,

If you have netconf in the box, you can also pull same information via netconfig, dump it and run scripts based on the context check as above refered by AshvinO..

 

Sample RPC:

<rpc>

    <get-config>

        <source>

                <running/>

        </source>

        <filter type="subtree">

            <configuration>

                <system>

                                        <login>

                                                <user>

                                                        <name>lab</name>

                                                </user>

                                        </login>

                </system>

            </configuration>

        </filter>

    </get-config>

</rpc>

]]>]]>

-Python
#Please mark my solution as accepted if it helped, Kudos are appreciated as well.
Highlighted
Distinguished Expert
Posts: 575
Registered: ‎08-15-2012
0 Kudos

Re: Script in EX 2200

Hi, 

 

Equivalent python script:

import warnings
warnings.filterwarnings("ignore")

from jnpr import junos
device={'node1', 'node2'}
for dev_host in device:
 dev=junos.Device(host=dev_host, user='username', password='pass', gather_facts=False)
 dev.open( )
 out=dev.cli("show configuration protocols rsvp", warning=False)
 if out:
  print "%s: Config is present" %(dev_host)
 dev.close( )

Python script requires the Junos automation python library to be installed and netconf to be enabled on the devices.

 

The bash script with "if not empty" condition:

#!/bin/bash
        for node in $(cat /tmp/node.txt)
        do
        	command=$(sshpass -p "password" ssh $node -o PubKeyAuthentication=no "show configuration protocols rsvp")
		if [ -n "$command" ]
	    	then
	            echo "$node config present"
	    	else 
		    echo "$node config not present"
            	fi
        done

 Example:

#python show_config.py 
node1: Config is present

# ./show-command.sh 
node1 config not present
node2 config present

 

Please adapt the show commands & credentials accordingly.

Hope this helps.

 

Cheers,

Ashvin