Ciscoman's notes (Записки цыщика c дипломом)

I'm Cisco Champion Community member for 2017!

I'm Cisco Champion Community member for 2017!
"Cisco Champions are passionate about Cisco and happy to share our knowledge, experience, and feedback."

вторник, 1 сентября 2020 г.

PyRIFier-Auto: Helpful automation script to keep your JunOS prefix-lists up-to-date based on RIPE database content

 I completely forgot to publish this update! Fixing it now. Two months ago I made a PyEZ script for my friends from ISP where I was working in the past. This script is based on script from JUNOS Automation Cookbook by Adam Chappell.  PyEZ RIPE Filter Automation, hence I gave it a name "PyRIFier-Auto". This is a simple Python RIPE database parsing tool that finds all routes for AS or AS-SET object and updates JunOS prefix list. It can be useful as cron based tasks to update your filters automatically. Below you can find example of usage:

usage: pyrifier-auto_0.1.3.py [-h] -t router -l prefix-list [-p port]

                              [-u username] [-k keyfile] -n as-set [-d]


Python RIPE Database Parsing Tool That Finds All ROUTES for AS or AS-SET and

Updates JUNOS Prefix Lists


optional arguments:

  -h, --help      show this help message and exit

  -t router       Target router to connect

  -l prefix-list  prefix-list name

  -p port         NETCONF TCP port, default is 830

  -u username     Remote username

  -k keyfile      Path to ssh key file, default is ~/.ssh/id_rsa

  -n as-set       BGP AS or AS-SET to resolve into corresponding routes

  -d              clear/delete prefix list before updating with new data


user@scripts:~$ ./pyrifier-auto.py -t 172.16.1.253 -l PL_TEST -n AS51144

[edit policy-options]
    prefix-list PL_SOME { ... }
+   prefix-list PL_TEST {
+       91.216.167.0/24;
+   }

The only supported authentication method so far is SSH key-based authentication. 

Repository is published on github: https://github.com/enk37/PyRIFier-Auto

Hope it helps somebody, will be happy to know this.

Комментариев нет:

Отправить комментарий

Постоянные читатели

Поиск по этому блогу