SRX Services Gateway
Highlighted
SRX Services Gateway

srx load set terminal chops off strings misses commands

‎06-29-2016 08:49 AM

Hi all

 

I got an SRX where when I use load set terminal, it often misses statements and chops of the last several charaters. here is an example:

 

What I load via load set terminal:

{primary:node0}[edit]
ejunzzo@fwtpcore1a# load set terminal
[Type ^D at a new line to end input]
set security policies from-zone zone_A to-zone zone_B policy pol_zoneA_host_to_zoneB_host match source-address Host_xxx.xxx.xxx.xxx_testing_host07
set security policies from-zone zone_A to-zone zone_B policy pol_zoneA_host_to_zoneB_host match source-address Host_xxx.xxx.xxx.xxx_testing07
set security policies from-zone zone_A to-zone zone_B policy pol_zoneA_host_to_zoneB_host match source-address Host_xxx.xxx.xxx.xxx_testing08
set security policies from-zone zone_A to-zone zone_B policy pol_zoneA_host_to_zoneB_host match destination-address Host_xxx.xxx.xxx.xxx_zoneB_8
set security policies from-zone zone_A to-zone zone_B policy pol_zoneA_host_to_zoneB_host match application junos-http
set security policies from-zone zone_A to-zone zone_B policy pol_zoneA_host_to_zoneB_host match application junos-https
set security policies from-zone zone_A to-zone zone_B policy pol_zoneA_host_to_zoneB_host then permit


load complete

What I get afterwards with show | compare

 

{primary:node0}[edit]
ejunzzo@fwtpcore1a# show | compare
[edit security policies from-zone zone_A to-zone zone_B]
+     policy pol_zoneA_host_to_zoneB_host {
+         match {
+             source-address [ Host_xxx.xxx.xxx.xxx_testing_host07 Host_xxx.xxx.xxx.xxx_testing07 Host_xxx.xxx.xxx.xxx_testing08 ];
+             destination-address Host_xxx.xxx.xxx.xxx_zoneB_8;
+             ## Warning: missing mandatory statement(s): 'application'
+         }
+         ## Warning: missing mandatory statement(s): 'then'
+     }

now if I copy paste the same lines for application and then again into srx, it still works, and show | compare stops complaining about missing mandatory statements.

 

This is particularlly annoying since I have like 5 different policies to commit and this happens quite often. 

Does anyone else encounter this and what did you do to fix it?

 

Thanks

1 REPLY 1
Highlighted
SRX Services Gateway
Solution
Accepted by topic author blgdig
‎07-04-2016 12:55 PM

Re: srx load set terminal chops off strings misses commands

‎06-29-2016 11:53 AM

Hello,

This is a ages-old well-known problem with certain terminal emulators and shallow buffers

https://forums.juniper.net/t5/Ethernet-Switching/Copy-amp-Paste-from-text-file-to-CLI/m-p/37373#M181...

If You put the set commands into a text file, transfer this file via SFTP to SRX and then use "load set <path/filename>", You won't see this problem. One limitation is You cannot add annotations this way.

HTH

Thx
Alex 

_____________________________________________________________________

Please ask Your Juniper account team about Juniper Professional Services offerings.
Juniper PS can design, test & build the network/part of the network as per Your requirements

+++++++++++++++++++++++++++++++++++++++++++++

Accept as Solution = cool !
Accept as Solution+Kudo = You are a Star !