[j-nsp] commit script to prevent duplicate service def' on SRX?
Phil Shafer
phil at juniper.net
Sat Jun 29 14:06:35 EDT 2013
Phil Mayers writes:
>To save me the work, does anyone know of a commit script that will
>prevent people defining services which duplicate the JunOS or existing
>user-defined ones?
>Are the built-in defs (under
>"groups/junos-defaults/applications/application/$name") in the candidate
>XML config? In which case it's easy, but if not, what the best way to
>get them?
They aren't in the commit script view, but you can get them
via an RPC. The shame is that you can't use set:intersection()
to find the overlap, since it addresses _exactly_ the same nodes,
not nodes with the same content. But here's a simple script
that hopefully addresses your needs.
[Disclaimer: I tested this under juise, but not on a live box.]
Thanks,
Phil
---------------
version 1.1;
ns jcs extension = "http://xml.juniper.net/junos/commit-scripts/1.0";
import "../import/junos.xsl";
match configuration {
var $rpc = <get-configuration database="committed"> {
<configuration> {
<groups> {
<name> "junos-defaults";
<applications>;
}
}
}
var $res = jcs:invoke($rpc);
var $apps = applications;
var $defs = $res/groups/applications/application/name;
var $mine = applications/application/name;
for-each ($mine[. == $defs]) {
<warning> {
call jcs:edit-path($dot = ..);
call jcs:statement($dot = ..);
<message> "reuse of junos-defaults application";
}
}
}
More information about the juniper-nsp
mailing list