JunOS-style Syntax Remediation
Operating systems that use "set"-based syntax can now be remediated experimentally. Below is an example of a JunOS-style remediation.
$ cat ./tests/fixtures/running_config_flat_junos.conf
set system host-name aggr-example.rtr
set firewall family inet filter TEST term 1 from source-address 10.0.0.0/29
set firewall family inet filter TEST term 1 then accept
set vlans switch_mgmt_10.0.2.0/24 vlan-id 2
set vlans switch_mgmt_10.0.2.0/24 l3-interface irb.2
set vlans switch_mgmt_10.0.4.0/24 vlan-id 3
set vlans switch_mgmt_10.0.4.0/24 l3-interface irb.3
set interfaces irb unit 2 family inet address 10.0.2.1/24
set interfaces irb unit 2 family inet description "switch_10.0.2.0/24"
set interfaces irb unit 2 family inet disable
set interfaces irb unit 3 family inet address 10.0.4.1/16
set interfaces irb unit 3 family inet filter input TEST
set interfaces irb unit 3 family inet mtu 9000
set interfaces irb unit 3 family inet description "switch_mgmt_10.0.4.0/24"
$ python3
>>> from hier_config import WorkflowRemediation, get_hconfig, Platform
>>> from hier_config.utils import read_text_from_file
>>>
>>> running_config_text = read_text_from_file("./tests/fixtures/running_config_flat_junos.conf")
>>> generated_config_text = read_text_from_file("./tests/fixtures/generated_config_flat_junos.conf")
# Create HConfig objects for the running and generated configurations using JunOS syntax
>>> running_config = get_hconfig(Platform.JUNIPER_JUNOS, running_config_text)
>>> generated_config = get_hconfig(Platform.JUNIPER_JUNOS, generated_config_text)
>>>
# Initialize WorkflowRemediation with the running and generated configurations
>>> workflow = WorkflowRemediation(running_config, generated_config)
>>>
# Generate and display the remediation configuration
>>> print("Remediation configuration:")
Remediation configuration:
>>> print(str(workflow.remediation_config))
delete vlans switch_mgmt_10.0.4.0/24 vlan-id 3
delete vlans switch_mgmt_10.0.4.0/24 l3-interface irb.3
delete interfaces irb unit 2 family inet disable
delete interfaces irb unit 3 family inet address 10.0.4.1/16
delete interfaces irb unit 3 family inet description "switch_mgmt_10.0.4.0/24"
set vlans switch_mgmt_10.0.3.0/24 vlan-id 3
set vlans switch_mgmt_10.0.3.0/24 l3-interface irb.3
set vlans switch_mgmt_10.0.4.0/24 vlan-id 4
set vlans switch_mgmt_10.0.4.0/24 l3-interface irb.4
set interfaces irb unit 2 family inet filter input TEST
set interfaces irb unit 2 family inet mtu 9000
set interfaces irb unit 3 family inet address 10.0.3.1/16
set interfaces irb unit 3 family inet description "switch_mgmt_10.0.3.0/24"
set interfaces irb unit 4 family inet address 10.0.4.1/16
set interfaces irb unit 4 family inet filter input TEST
set interfaces irb unit 4 family inet mtu 9000
set interfaces irb unit 4 family inet description "switch_mgmt_10.0.4.0/24"
>>>
Configurations loaded into Hier Config with Juniper-style syntax are converted to a flat, set
-based format. Remediation steps are then generated using this set
syntax.
$ cat ./tests/fixtures/running_config_junos.conf
system {
host-name aggr-example.rtr;
}
firewall {
family inet {
filter TEST {
term 1 {
from {
source-address 10.0.0.0/29;
}
then {
accept;
}
}
}
}
}
vlans {
switch_mgmt_10.0.2.0/24 {
vlan-id 2;
l3-interface irb.2;
}
switch_mgmt_10.0.4.0/24 {
vlan-id 3;
l3-interface irb.3;
}
}
interfaces {
irb {
unit 2 {
family inet {
address 10.0.2.1/24;
description "switch_10.0.2.0/24";
disable;
}
}
unit 3 {
family inet {
address 10.0.4.1/16;
filter {
input TEST;
}
mtu 9000;
description "switch_mgmt_10.0.4.0/24";
}
}
}
}
$ python3
>>> from hier_config import WorkflowRemediation, get_hconfig, Platform
>>> from hier_config.utils import read_text_from_file
>>>
>>> running_config_text = read_text_from_file("./tests/fixtures/running_config_junos.conf")
>>> generated_config_text = read_text_from_file("./tests/fixtures/generated_config_junos.conf")
# Create HConfig objects for the running and generated configurations using JunOS syntax
>>> running_config = get_hconfig(Platform.JUNIPER_JUNOS, running_config_text)
>>> generated_config = get_hconfig(Platform.JUNIPER_JUNOS, generated_config_text)
>>>
# Initialize WorkflowRemediation with the running and generated configurations
>>> workflow = WorkflowRemediation(running_config, generated_config)
>>>
# Generate and display the remediation configuration
>>> print("Remediation configuration:")
Remediation configuration:
>>> print(str(workflow.remediation_config))
delete vlans switch_mgmt_10.0.4.0/24 vlan-id 3
delete vlans switch_mgmt_10.0.4.0/24 l3-interface irb.3
delete interfaces irb unit 2 family inet description "switch_10.0.2.0/24"
delete interfaces irb unit 2 family inet disable
delete interfaces irb unit 3 family inet address 10.0.4.1/16
delete interfaces irb unit 3 family inet description "switch_mgmt_10.0.4.0/24"
set vlans switch_mgmt_10.0.3.0/24 vlan-id 3
set vlans switch_mgmt_10.0.3.0/24 l3-interface irb.3
set vlans switch_mgmt_10.0.4.0/24 vlan-id 4
set vlans switch_mgmt_10.0.4.0/24 l3-interface irb.4
set interfaces irb unit 2 family inet filter input TEST
set interfaces irb unit 2 family inet mtu 9000
set interfaces irb unit 2 family inet description "switch_mgmt_10.0.2.0/24"
set interfaces irb unit 3 family inet address 10.0.3.1/16
set interfaces irb unit 3 family inet description "switch_mgmt_10.0.3.0/24"
set interfaces irb unit 4 family inet address 10.0.4.1/16
set interfaces irb unit 4 family inet filter input TEST
set interfaces irb unit 4 family inet mtu 9000
set interfaces irb unit 4 family inet description "switch_mgmt_10.0.4.0/24"
>>>