问题描述
有一个几乎 10K 策略的 junos 配置,下面是一个例子:
每个政策可能包含或不包含 logoptions
/ Scheduler
。
另一部分总是包含
示例 1
set logical-systems LS security policies from-zone Untrust to-zone Trust policy X match source-address 1.1.1.1/32
set logical-systems LS security policies from-zone Untrust to-zone Trust policy X match source-address 2.2.2.2/32
set logical-systems LS security policies from-zone Untrust to-zone Trust policy X match destination-address 3.3.3.3/32
set logical-systems LS security policies from-zone Untrust to-zone Trust policy X match destination-address 4.4.4.4/32
set logical-systems LS security policies from-zone Untrust to-zone Trust policy X match application Tcp-19094
set logical-systems LS security policies from-zone Untrust to-zone Trust policy X match application Tcp-9101
set logical-systems LS security policies from-zone Untrust to-zone Trust policy X then permit
set logical-systems LS security policies from-zone Untrust to-zone Trust policy 791 then log session-init
set logical-systems LS security policies from-zone Untrust to-zone Trust policy 791 then log session-close
set logical-systems LS security policies from-zone Untrust to-zone Trust policy X scheduler-name 2021-12-31
样本 2
set logical-systems LS1 security policies from-zone Untrust to-zone Trust policy X match source-address 1.1.1.1/32
set logical-systems LS1 security policies from-zone Untrust to-zone Trust policy X match source-address 2.2.2.2/32
set logical-systems LS1 security policies from-zone Untrust to-zone Trust policy X match destination-address 3.3.3.3/32
set logical-systems LS1 security policies from-zone Untrust to-zone Trust policy X match destination-address 4.4.4.4/32
set logical-systems LS1 security policies from-zone Untrust to-zone Trust policy X match application Tcp-19094
set logical-systems LS1 security policies from-zone Untrust to-zone Trust policy X match application Tcp-9101
set logical-systems LS1 security policies from-zone Untrust to-zone Trust policy X then permit
set logical-systems LS1 security policies from-zone Untrust to-zone Trust policy X scheduler-name 2021-12-31
示例 3
set logical-systems LS1 security policies from-zone Untrust to-zone Trust policy X match source-address 1.1.1.1/32
set logical-systems LS1 security policies from-zone Untrust to-zone Trust policy X match source-address 2.2.2.2/32
set logical-systems LS1 security policies from-zone Untrust to-zone Trust policy X match destination-address 3.3.3.3/32
set logical-systems LS1 security policies from-zone Untrust to-zone Trust policy X match destination-address 4.4.4.4/32
set logical-systems LS1 security policies from-zone Untrust to-zone Trust policy X match application Tcp-19094
set logical-systems LS1 security policies from-zone Untrust to-zone Trust policy X match application Tcp-9101
set logical-systems LS1 security policies from-zone Untrust to-zone Trust policy X then permit
我写了一个这样的 textfsm 模板:
Value required Logicalsystem (\S+)
Value required Srczone (\S+)
Value required Destzone (\S+)
Value required Policyname (\S+)
Value List Srcaddr (\S+)
Value List Dstaddr (\S+)
Value List Application (\S+)
Value required Action (permit|deny)
Value List logoptions (\S+)
Value Scheduler (\S+)
Start
^set logical-systems ${Logicalsystem} security policies from-zone ${Srczone} to-zone ${Destzone} policy ${Policyname} match source-address ${Srcaddr}
^set logical-systems ${Logicalsystem} security policies from-zone ${Srczone} to-zone ${Destzone} policy ${Policyname} match destination-address ${Dstaddr}
^set logical-systems ${Logicalsystem} security policies from-zone ${Srczone} to-zone ${Destzone} policy ${Policyname} match application ${Application}
^set logical-systems ${Logicalsystem} security policies from-zone ${Srczone} to-zone ${Destzone} policy ${Policyname} then ${Action} -> Record
^set logical-systems ${Logicalsystem} security policies from-zone ${Srczone} to-zone ${Destzone} policy ${Policyname} then log ${logoptions} -> Record
^set logical-systems ${Logicalsystem} security policies from-zone ${Srczone} to-zone ${Destzone} policy ${Policyname} scheduler-name ${Scheduler} -> Record Start
理想输出:
['LS','Untrust','Trust','X',['1.1.1.1/32','2.2.2.2/32'],['3.3.3.3/32','4.4.4.4/32'],['Tcp-19094','Tcp-9101'],'permit',['session-init','session-close'],'2021-12-31']
实际输出:
['EBS','CHG202106221013_5',['10.168.96.26/32','10.168.96.27/32'],['10.187.224.11/32','10.187.224.12/32'],[],'']
我的 textfsm 模板的哪一部分是错误的?请纠正我。谢谢。
解决方法
暂无找到可以解决该程序问题的有效方法,小编努力寻找整理中!
如果你已经找到好的解决方法,欢迎将解决方案带上本链接一起发送给小编。
小编邮箱:dio#foxmail.com (将#修改为@)