Reply

Rule Help - unsetting interfaces for telnet

Techie
Posts: 14
2027     0

We have some small firewalls. The text file is just a series of text lines, no breaks, no blocks.

The configuration may contain any number of lines with this format where the "*" stands for interfaces like 0/1, 0/2, 0/1.2, 0/1.3, 0/2.5 and so on.

set interface ethernet* ip manageable

For each iteration there needs to also be a corresponding line like this, where the "*" stands for each of the interfaces in the "ip manageable" lines.

unset interface ethernet* manage telnet

The problem is that there is no relatively manageable subset of interfaces and subinterfaces. There could be many different interfaces and subinterface.

Is there any way to write a rule to make sure that for each interface set for ip manageability there is a corresponding line unsetting telnet as a protocol? I know we could do a script to check and do the unsetting, but can you use a script in a rule?

If I understand you correctly

Posts: 75
2028     0

If I understand you correctly, I would do a Action Command to show all the interfaces, then a Trigger Template to save the interface names. Finally then use a Trigger to change what you want to change on each interface.  I haven't tested it, but something like this?

Action:

show run | i 'set interface ethernet'

Trigger

set interface ethernet[[$name]] .*

Trigger Template

unset interface ethernet$name manage telnet

 

 

Showing results for 
Search instead for 
Did you mean: 

Recommended for You