08-12-2015 06:29 AM
We have some small firewalls. The text file is just a series of text lines, no breaks, no blocks.
The configuration may contain any number of lines with this format where the "*" stands for interfaces like 0/1, 0/2, 0/1.2, 0/1.3, 0/2.5 and so on.
set interface ethernet* ip manageable
For each iteration there needs to also be a corresponding line like this, where the "*" stands for each of the interfaces in the "ip manageable" lines.
unset interface ethernet* manage telnet
The problem is that there is no relatively manageable subset of interfaces and subinterfaces. There could be many different interfaces and subinterface.
Is there any way to write a rule to make sure that for each interface set for ip manageability there is a corresponding line unsetting telnet as a protocol? I know we could do a script to check and do the unsetting, but can you use a script in a rule?
08-13-2015 01:04 PM
If I understand you correctly, I would do a Action Command to show all the interfaces, then a Trigger Template to save the interface names. Finally then use a Trigger to change what you want to change on each interface. I haven't tested it, but something like this?
show run | i 'set interface ethernet'
set interface ethernet[[$name]] .*
unset interface ethernet$name manage telnet