SRX Services Gateway
Highlighted
SRX Services Gateway

policy-test script and global policy

‎07-23-2013 01:43 PM

Hello collegues.

 

Interesting if new version of policy-test script will be released to support global policy or it's need to write by ourself?

policy-test version 1.0 doesn't search in global policies if from-zone and to-zone are not indicated.

 If from-zone and to-zone are set to 'any' the policy-test does search in global policies but also shows many wrong matches.

 

1 REPLY 1
Highlighted
SRX Services Gateway

Re: policy-test script and global policy

‎07-23-2013 03:23 PM

i've change            

            var $get-policies-rpc = <command> {
                expr " show security policies ";
                expr $filters;
                expr " detail ";
            }
            /* Get the list of possible policies */
            var $policies = jcs:execute($connection, $get-policies-rpc);

----- to ---

var $get-policies-rpc = <command> {
                expr " show security policies ";
                expr $filters;
                expr " detail "

  }
  var $get-global-policies-rpc = <command> {
                expr " show security policies global detail ";
   }
            /* Get the list of possible policies */
   var $policies = jcs:execute($connection, $get-policies-rpc) | jcs:execute($connection, $get-global-policies-rpc);

 

seems it works for me.

Feedback