Hi Stephen, could you please attach the script code? Thanks!

Script attached as requested.  Thanks

Thanks for sharing the code; I tried it and the script actually runs before the configuration checkout.

It's not showing any output when it finds an added filter, due to a typo: the <xnm:warningerror>  should be a <xnm:warning> instead!

Now the outpus shows as expected:

warning: Found, added rate limiter+                   output rate_limiter_700m;

Just a question: the script code is meant only to raise a warning as for now, without trying to automatically build the referenced filter, is that correct? So the configuration check.out will still fail after the warning messages are displayed.

Thanks for the reply.  I have corrected the typo and have changed the warning to an error (to get the commit to fail based on the commit script) but am still finding that the unless the firewall policer has already been defined then the commit fails before the script gets a chance to run.

Here is the output from the device where I have tested with two policers.  rate_limiter_100m already exists in the config and rate_limiter_110m does not.  I have also attached the updated script, not sure what I am missing and any help is much appreciated.

T4000# commit check                                                                          

re0:

configuration check succeeds

re1:

error: Found, added rate limiter+                   output rate_limiter_100m;

error: 1 error reported by commit scripts

error: commit script failure

re0:

error: remote commit-configuration failed on re1

{master}[edit]

T4000# set interfaces xe-7/1/11 unit 0 family inet policer output rate_limiter_110m          

{master}[edit]

T4000# commit check                                                                   

error: Referenced policer rate_limiter_110m not defined

error: configuration check-out failed

Just to be sure, did you update the script version on both the routing engine (a quick way is to use the "file copy" operational command)? And you could add some debugging code, just to check that the script has started, like the following at the beginning of the script:

	    <xnm:warning> {
        <message> "Script test2.slax started.";
    }
	

Let me know if the commit still seems to fail before the execution of the script!

Yeap I copied the updated script to both REs and have also added the debug message.  I get the debug message but still not the error message from my script, looks like the config check process gets in first.

T4000# run file copy /var/db/scripts/commit/test.slax re1:/var/db/scripts/commit/test.slax   

{master}[edit]
T4000# commit check                                                                           
warning: Script test.slax started.
configuration check succeeds
re1: 
warning: Script test2.slax started.
error: Found, added rate limiter+                   output rate_limiter_100m;
error: 1 error reported by commit scripts
error: commit script failure
re0: 
error: remote commit-configuration failed on re1

{master}[edit]
T4000# set interfaces xe-7/1/11 unit 0 family inet policer output rate_limiter_110m           

{master}[edit]
T4000# commit check                                                                    
warning: Script test.slax started.
error: Referenced policer rate_limiter_110m not defined
error: configuration check-out failed

{master}[edit]
T4000#

I tried the last version you updated and it seems to work as expected. I still have doubts that the script loaded on re1 and the one loaded on re0 are different; also the warning messages displayed are different:

T4000# commit check                                                                           
warning: Script test.slax started.
configuration check succeeds
re1: 
warning: Script test2.slax started.
error: Found, added rate limiter+     

 To check that the files have been loaded correctly, type the operational command "file show re0:/var/db/scripts/commit/test2.slax" and "file show re1:/var/db/scripts/commit/test2.slax"

I have re-copied the file and using the suggested command have confirmed their contents are the same.  I still have the same behaviour - adding config that references a profile that does not exist triggers a config check out error before the logic in the script gets invoked.

T4000# set interfaces xe-7/1/11 unit 0 family inet policer output rate_limiter_100m 

{master}[edit]
T4000# commit check 
warning: Script test2.slax started.
configuration check succeeds
re1: 
warning: Script test2.slax started.
error: Found, added rate limiter+                   output rate_limiter_100m;
error: 1 error reported by commit scripts
error: commit script failure
re0: 
error: remote commit-configuration failed on re1

{master}[edit]
T4000# set interfaces xe-7/1/11 unit 0 family inet policer output rate_limiter_110m    

{master}[edit]
T4000# commit check                                                                    
warning: Script test2.slax started.
error: Referenced policer rate_limiter_110m not defined
error: configuration check-out failed