README
¶
go-junos
A Go package that interacts with Junos devices, as well as Junos Space, and allows you to do the following:
- Run operational mode commands, such as
show,request, etc.. - Compare the active configuration to a rollback configuration (diff).
- Rollback the configuration to a given state or a "rescue" config.
- Configure devices by submitting commands, uploading a local file or from a remote FTP/HTTP server.
- Commit operations: lock, unlock, commit, commit at, commit confirmed, commit full.
- Device views - This will allow you to quickly get all the information on the device for the specified view.
- [SRX] Convert from a zone-based address book to a global one.
Junos Space <= 15.2
- Get information from Junos Space managed devices.
- Add/remove devices from Junos Space.
- List all software image packages that are in Junos Space.
- Stage and deploy software images to devices from Junos Space.
- Create, edit and delete address and service objects/groups.
- Edit address and service groups by adding or removing objects to them.
- View all policies managed by Junos Space.
- Publish policies and update devices.
- Add/modify polymorphic (variable) objects.
Installation
go get -u github.com/scottdware/go-junos
Note: This package makes all of it's calls over Netconf using the go-netconf package from Juniper Networks. Please make sure you allow Netconf communication to your devices:
set system services netconf ssh
set security zones security-zone <xxx> interfaces <xxx> host-inbound-traffic system-services netconf
Authentication Methods
There are two different ways you can authenticate against to device. Standard username/password combination, or use SSH keys. There is an AuthMethod struct which defines these methods that you will need to use in your code. Here is an example of connecting to a device using only a username and password.
auth := &junos.AuthMethod{
Credentials: []string{"scott", "deathstar"},
}
jnpr, err := junos.NewSession("srx.company.com", auth)
if err != nil {
fmt.Println(err)
}
If you are using SSH keys, here is an example of how to connect:
auth := &junos.AuthMethod{
Username: "scott",
PrivateKey: "/home/scott/.ssh/id_rsa",
Passphrase: "mysecret",
}
jnpr, err := junos.NewSession("srx.company.com", auth)
if err != nil {
fmt.Println(err)
}
If you do not have a passphrase tied to your private key, then you can omit the Passphrase field entirely. In the above example,
we are connecting from a *nix/Mac device, as shown by the private key path. No matter the OS, as long as you provide the location of the
private key file, you should be fine.
If you are running Windows, and using PuTTY for all your SSH needs, then you will need to generate a public/private key pair by using Puttygen. Once you have generated it, you will need to export your private key using the OpenSSH format, and save it somewhere as shown below:
Examples
Visit the GoDoc page for package documentation and examples.
Connect to a device, and view the current config to rollback 1.
auth := &junos.AuthMethod{
Credentials: []string{"admin", "Juniper123!"},
}
jnpr, err := junos.NewSession("qfx-switch.company.com", auth)
if err != nil {
fmt.Println(err)
}
defer jnpr.Close()
diff, err := jnpr.Diff(1)
if err != nil {
fmt.Println(err)
}
fmt.Println(diff)
// Will output the following
[edit vlans]
- zzz-Test {
- vlan-id 999;
- }
- zzz-Test2 {
- vlan-id 1000;
- }
View the routing-instance configuration.
auth := &junos.AuthMethod{
Username: "admin",
PrivateKey: "/home/scott/.ssh/id_rsa",
}
jnpr, err := junos.NewSession("srx.company.com", auth)
if err != nil {
fmt.Println(err)
}
defer jnpr.Close()
riConfig, err := jnpr.GetConfig("text", "routing-instances")
if err != nil {
fmt.Println(err)
}
fmt.Println(riConfig)
// Will output the following
## Last changed: 2017-03-24 12:26:58 EDT
routing-instances {
default-ri {
instance-type virtual-router;
interface lo0.0;
interface reth1.0;
routing-options {
static {
route 0.0.0.0/0 next-hop 10.1.1.1;
}
}
}
}
Views
Device views allow you to quickly gather information regarding a specific "view," so that you may use that information however you wish. A good example, is using the "interface" view to gather all of the interface information on the device, then iterate over that view to see statistics, interface settings, etc.
Note: Some of the views aren't available for all platforms, such as the
ethernetswitchandvirtualchassison an SRX or MX.
Current out-of-the-box, built-in views are:
| Views | CLI equivilent |
|---|---|
arp |
show arp |
route |
show route |
bgp |
show bgp summary |
interface |
show interfaces |
vlan |
show vlans |
ethernetswitch |
show ethernet-switching table |
inventory |
show chassis hardware |
virtualchassis |
show virtual-chassis status |
staticnat |
show security nat static rule all |
sourcenat |
show security nat source rule all |
storage |
show system storage |
firewallpolicy |
show security policies (SRX only) |
lldp |
show lldp neighbors |
NOTE: Clustered SRX's will only show the NAT rules from one of the nodes, since they are duplicated on the other.
When using the interface view, by default it will return all of the interfaces on the device. If you wish to see only a particular
interface and all of it's logical interfaces, you can optionally specify the name of an interface using the option parameter, e.g.:
jnpr.View("interface", "ge-0/0/0")
Creating Custom Views
You can even create a custom view by creating a struct that models the XML output from using the GetConfig() function. Granted,
this is a little more work, and requires you to know a bit more about the Go language (such as unmarshalling XML), but if there's a custom
view that you want to see, it's possible to do this for anything you want.
I will be adding more views over time, but feel free to request ones you'd like to see by emailing me, or drop me a line on Twitter.
Example: View the ARP table on a device
view, err := jnpr.View("arp")
if err != nil {
fmt.Println(err)
}
fmt.Printf("# ARP entries: %d\n\n", view.Arp.Count)
for _, a := range view.Arp.Entries {
fmt.Printf("MAC: %s\n", a.MACAddress)
fmt.Printf("IP: %s\n", a.IPAddress)
fmt.Printf("Interface: %s\n\n", a.Interface)
}
// Will print out the following
# ARP entries: 4
MAC: 00:01:ab:cd:4d:73
IP: 10.1.1.28
Interface: reth0.1
MAC: 00:01:ab:cd:0a:93
IP: 10.1.1.30
Interface: reth0.1
MAC: 00:01:ab:cd:4f:8c
IP: 10.1.1.33
Interface: reth0.1
MAC: 00:01:ab:cd:f8:30
IP: 10.1.1.36
Interface: reth0.1
Documentation
¶
Overview ¶
Package junos provides automation for Junos (Juniper Networks) devices, as well as interaction with Junos Space.
Index ¶
- type APIRequest
- type Address
- type AddressEntry
- type AddressFamily
- type AddressSet
- type Addresses
- type ArpEntry
- type ArpTable
- type AuthMethod
- type BGPPeer
- type BGPTable
- type Chassis
- type CommitEntry
- type CommitHistory
- type Device
- type Devices
- type EthernetSwitchingTable
- type FileSystem
- type FirewallPolicy
- type GroupMembers
- type HardwareInventory
- type Interfaces
- type Junos
- func NewSession(host string, auth *AuthMethod) (*Junos, error)
- func NewSessionFromNetConn(host string, nc net.Conn, clientConfig *ssh.ClientConfig) (*Junos, error)
- func NewSessionFromNetconf(s *netconf.Session) (*Junos, error)
- func NewSessionWithConfig(host string, clientConfig *ssh.ClientConfig) (*Junos, error)
- func (j *Junos) Close()
- func (j *Junos) Command(cmd string, format ...string) (string, error)
- func (j *Junos) Commit() error
- func (j *Junos) CommitAt(time string, message ...string) error
- func (j *Junos) CommitCheck() error
- func (j *Junos) CommitConfirm(delay int) error
- func (j *Junos) CommitFull() error
- func (j *Junos) CommitHistory() (*CommitHistory, error)
- func (j *Junos) Config(path interface{}, format string, commit bool) error
- func (j *Junos) ConvertAddressBook() []string
- func (j *Junos) Diff(rollback int) (string, error)
- func (j *Junos) GatherFacts() error
- func (j *Junos) GetConfig(format string, section ...string) (string, error)
- func (j *Junos) Lock() error
- func (j *Junos) Reboot() error
- func (j *Junos) Rescue(action string) error
- func (j *Junos) Rollback(option interface{}) error
- func (j *Junos) SetCommitTimeout(delay int)
- func (j *Junos) Unlock() error
- func (j *Junos) View(view string, option ...string) (*Views, error)
- type L2MACEntry
- type LLDPNeighbor
- type LLDPNeighbors
- type LogicalInterface
- type MACEntry
- type Member
- type Module
- type PhysicalInterface
- type Policies
- type Policy
- type Route
- type RouteTable
- type RoutingEngine
- type RoutingTable
- type Rule
- type SecurityContext
- type SecurityDevice
- type SecurityDevices
- type SecurityZones
- type Service
- type Services
- type SoftwarePackage
- type SoftwarePackages
- type SoftwareUpgrade
- type SourceNatEntry
- type SourceNats
- type Space
- func (s *Space) AddAddress(name, ip string, description ...string) error
- func (s *Space) AddDevice(host, user, password string) (int, error)
- func (s *Space) AddGroup(grouptype, name string, description ...string) error
- func (s *Space) AddService(protocol, name string, ports interface{}, description string, timeout int) error
- func (s *Space) AddVariable(name, address string, description ...string) error
- func (s *Space) Addresses(filter ...string) (*Addresses, error)
- func (s *Space) DeleteObject(grouptype, name string) error
- func (s *Space) DeleteVariable(name string) error
- func (s *Space) DeploySoftware(device, image string, options *SoftwareUpgrade) (int, error)
- func (s *Space) Devices() (*Devices, error)
- func (s *Space) EditAddress(name, newip string) error
- func (s *Space) EditGroup(grouptype, action, object, name string) error
- func (s *Space) EditVariable() (*VariableManagement, error)
- func (s *Space) GroupMembers(grouptype, name string) (*GroupMembers, error)
- func (s *Space) Policies() (*Policies, error)
- func (s *Space) PublishPolicy(policy interface{}, update bool) (int, error)
- func (s *Space) RemoveDevice(device interface{}) error
- func (s *Space) RemoveStagedSoftware(device, image string) (int, error)
- func (s *Space) RenameObject(grouptype, name, newname string) error
- func (s *Space) Resync(device interface{}) (int, error)
- func (s *Space) SecurityDevices() (*SecurityDevices, error)
- func (s *Space) Services(filter ...string) (*Services, error)
- func (s *Space) Software() (*SoftwarePackages, error)
- func (s *Space) StageSoftware(device, image string, cleanup bool) (int, error)
- func (s *Space) UpdateDevice(device interface{}) (int, error)
- func (s *Space) Variables() (*Variables, error)
- type StaticNatEntry
- type StaticNats
- type Storage
- type SubModule
- type SubSubModule
- type SubSubSubModule
- type SystemStorage
- type VCMember
- type VCMemberNeighbor
- type Variable
- type VariableManagement
- type Variables
- type Views
- type VirtualChassis
- type Vlan
- type Vlans
- type Zone
- type ZoneInterface
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type APIRequest ¶
APIRequest builds our request before sending it to the server.
type Address ¶
type Address struct {
ID int `xml:"id"`
Name string `xml:"name"`
AddressType string `xml:"address-type"`
Description string `xml:"description"`
IPAddress string `xml:"ip-address"`
Hostname string `xml:"host-name"`
}
An Address contains information about each individual address object.
type AddressEntry ¶
type AddressEntry struct {
Name string `xml:"name"`
IP string `xml:"ip-prefix,omitempty"`
DNSName string `xml:"dns-name>name,omitempty"`
Wildcard string `xml:"wildcard-address>name,omitempty"`
}
AddressEntry contains information about each individual address-book entry.
type AddressFamily ¶
type AddressSet ¶
type AddressSet struct {
Name string `xml:"name"`
AddressEntries []AddressEntry `xml:"address"`
}
AddressSet contains all of the address-sets (groups) in the address-book.
type Addresses ¶
type Addresses struct {
Addresses []Address `xml:"address"`
}
Addresses contains a list of address objects.
type ArpEntry ¶
type ArpEntry struct {
MACAddress string `xml:"mac-address"`
IPAddress string `xml:"ip-address"`
Interface string `xml:"interface-name"`
}
ArpEntry holds each individual ARP entry.
type ArpTable ¶
type ArpTable struct {
Count int `xml:"arp-entry-count"`
Entries []ArpEntry `xml:"arp-table-entry"`
}
ArpTable contains the ARP table on the device.
type AuthMethod ¶
AuthMethod defines how we want to authenticate to the device. If using a username and password to authenticate, the Credentials field must be populated like so:
[]string{"user", "password"}
If you are using an SSH prviate key for authentication, you must provide the username, path to the private key, and passphrase. On most systems, the private key is found in the following location:
~/.ssh/id_rsa
If you do not have a passphrase tied to your private key, then you can omit this field.
type BGPPeer ¶
type BGPPeer struct {
Address string `xml:"peer-address"`
ASN int `xml:"peer-as"`
InputMessages int `xml:"input-messages"`
OutputMessages int `xml:"output-messages"`
QueuedRoutes int `xml:"route-queue-count"`
Flaps int `xml:"flap-count"`
ElapsedTime string `xml:"elapsed-time"`
State string `xml:"peer-state"`
RoutingTable string `xml:"bgp-rib>name"`
ActivePrefixes int `xml:"bgp-rib>active-prefix-count"`
ReceivedPrefixes int `xml:"bgp-rib>received-prefix-count"`
AcceptedPrefixes int `xml:"bgp-rib>accepted-prefix-count"`
SuppressedPrefixes int `xml:"bgp-rib>suppressed-prefix-count"`
}
BGPPeer contains information about each individual BGP peer.
type BGPTable ¶
type BGPTable struct {
TotalGroups int `xml:"group-count"`
TotalPeers int `xml:"peer-count"`
DownPeers int `xml:"down-peer-count"`
Entries []BGPPeer `xml:"bgp-peer"`
}
BGPTable contains information about every BGP peer configured on the device.
type Chassis ¶
type Chassis struct {
Name string `xml:"name"`
SerialNumber string `xml:"serial-number"`
Description string `xml:"description"`
Modules []Module `xml:"chassis-module"`
}
Chassis contains all of the hardware information for each chassis, such as a clustered pair of SRX's or a virtual-chassis configuration.
type CommitEntry ¶
type CommitEntry struct {
Sequence int `xml:"sequence-number"`
User string `xml:"user"`
Method string `xml:"client"`
Log string `xml:"log"`
Comment string `xml:"comment"`
Timestamp string `xml:"date-time"`
}
CommitEntry holds information about each prevous commit.
type CommitHistory ¶
type CommitHistory struct {
Entries []CommitEntry `xml:"commit-history"`
}
CommitHistory holds all of the commit entries.
type Device ¶
type Device struct {
ID int `xml:"key,attr"`
Family string `xml:"deviceFamily"`
Version string `xml:"OSVersion"`
Platform string `xml:"platform"`
Serial string `xml:"serialNumber"`
IPAddress string `xml:"ipAddr"`
Name string `xml:"name"`
ConnectionStatus string `xml:"connectionStatus"`
ManagedStatus string `xml:"managedStatus"`
}
A Device contains information about each individual device.
type EthernetSwitchingTable ¶
type EthernetSwitchingTable struct {
Entries []L2MACEntry `xml:"l2ng-l2ald-mac-entry-vlan"`
}
EthernetSwitchingTable contains the ethernet-switching table on the device.
type FileSystem ¶
type FileSystem struct {
Name string `xml:"filesystem-name"`
TotalBlocks int `xml:"total-blocks"`
UsedBlocks int `xml:"used-blocks"`
AvailableBlocks int `xml:"available-blocks"`
UsedPercent string `xml:"used-percent"`
MountedOn string `xml:"mounted-on"`
}
FileSystem contains the information for each partition.
type FirewallPolicy ¶
type FirewallPolicy struct {
XMLName xml.Name `xml:"security-policies"`
Entries []SecurityContext `xml:"security-context"`
}
FirewallPolicy contains the entire firewall policy for the device.
type GroupMembers ¶
type GroupMembers struct {
Members []Member `xml:"members>member"`
}
GroupMembers contains a list of all the members within a address or service group.
type HardwareInventory ¶
type HardwareInventory struct {
Chassis []Chassis `xml:"chassis"`
}
HardwareInventory contains all the hardware information about the device.
type Interfaces ¶
type Interfaces struct {
Entries []PhysicalInterface `xml:"physical-interface"`
}
Interfaces contains information about every interface on the device.
type Junos ¶
type Junos struct {
Session *netconf.Session
Hostname string
RoutingEngines int
Platform []RoutingEngine
CommitTimeout time.Duration
}
Junos contains our session state.
func NewSession ¶
func NewSession(host string, auth *AuthMethod) (*Junos, error)
NewSession establishes a new connection to a Junos device that we will use to run our commands against. Authentication methods are defined using the AuthMethod struct, and are as follows:
username and password, SSH private key (with or without passphrase)
Please view the package documentation for AuthMethod on how to use these methods.
NOTE: most users should use this function, instead of the other NewSession* functions
func NewSessionFromNetConn ¶
func NewSessionFromNetConn(host string, nc net.Conn, clientConfig *ssh.ClientConfig) (*Junos, error)
NewSessionFromNetConn uses an existing net.Conn to establish a netconf.Session
This is especially useful if you need to customize the SSH connection beyond what's supported in NewSession().
func NewSessionFromNetconf ¶
NewSessionFromNetconf uses an existing netconf.Session to run our commands against
This is especially useful if you need to customize the SSH connection beyond what's supported in NewSession().
func NewSessionWithConfig ¶
func NewSessionWithConfig(host string, clientConfig *ssh.ClientConfig) (*Junos, error)
NewSessionWithConfig establishes a new connection to a Junos device that we will use to run our commands against.
This is especially useful if you need to customize the SSH connection beyond what's supported in NewSession().
func (*Junos) Command ¶
Command executes any operational mode command, such as "show" or "request." If you wish to return the results of the command, specify the format, which must be "text" or "xml" as the second parameter (optional).
func (*Junos) CommitAt ¶
CommitAt commits the configuration at the specified time. Time must be in 24-hour HH:mm format. Specifying a commit message is optional.
func (*Junos) CommitCheck ¶
CommitCheck checks the configuration for syntax errors, but does not commit any changes.
func (*Junos) CommitConfirm ¶
CommitConfirm rolls back the configuration after the delayed minutes.
func (*Junos) CommitFull ¶
CommitFull does a full commit on the configuration, which requires all daemons to check and evaluate the new configuration. Useful for when you get an error with a commit or when you've changed the configuration significantly.
func (*Junos) CommitHistory ¶
func (j *Junos) CommitHistory() (*CommitHistory, error)
CommitHistory gathers all the information about the previous 5 commits.
func (*Junos) Config ¶
Config loads a given configuration file from your local machine, a remote (FTP or HTTP server) location, or via configuration statements from variables (type string or []string) within your script. Format must be "set", "text" or "xml".
func (*Junos) ConvertAddressBook ¶
ConvertAddressBook will generate the configuration needed to migrate from a zone-based address book to a global one. You can then use Config() to apply the changes if necessary.
func (*Junos) Diff ¶
Diff compares candidate config to current (rollback 0) or previous rollback this is equivalent to 'show | compare' or 'show | compare rollback X' when in configuration mode RPC: <get-configuration compare="rollback" rollback="[0-49]" format="text"/> https://goo.gl/wFRMX9 (juniper.net)
func (*Junos) GatherFacts ¶
GatherFacts gathers basic information about the device.
It's automatically called when using the provided NewSession* functions, but can be used if you create your own Junos sessions.
func (*Junos) GetConfig ¶
GetConfig returns the configuration starting at the given section. If you do not specify anything for section, then the entire configuration will be returned. Format must be "text" or "xml." You can do sub-sections by separating the section path with a ">" symbol, i.e. "system>login" or "protocols>ospf>area." The default option is to return the XML.
func (*Junos) Rescue ¶
Rescue will create or delete the rescue configuration given "save" or "delete" for the action.
func (*Junos) Rollback ¶
Rollback loads and commits the configuration of a given rollback number or rescue state, by specifying "rescue."
func (*Junos) SetCommitTimeout ¶
SetCommitTimeout will add the given delay time (in seconds) to the following commit functions: Lock(), Commit() and Unlock(). When configuring multiple devices, or having a large configuration to push, this can greatly reduce errors (especially if you're dealing with latency).
func (*Junos) View ¶
View gathers information on the device given the "view" specified. These views can be interrated/looped over to view the data (i.e. ARP table entries, interface details/statistics, routing tables, etc.). Supported views are:
arp, route, bgp, interface, vlan, ethernetswitch, inventory, virtualchassis, staticnat, sourcenat, storage, fireawllpolicy
By default, the interface view will return all interfaces on the device. If you wish to only see a particular physical interface, and all logical interfaces underneath it, you can use the option parameter to specify the name of the interface, e.g.:
View("interface", "ge-0/0/0")
type L2MACEntry ¶
type L2MACEntry struct {
GlobalMACCount int `xml:"mac-count-global"`
LearnedMACCount int `xml:"learnt-mac-count"`
RoutingInstance string `xml:"l2ng-l2-mac-routing-instance"`
VlanID int `xml:"l2ng-l2-vlan-id"`
MACEntries []MACEntry `xml:"l2ng-mac-entry"`
}
L2MACEntry contains information about every MAC address on each VLAN.
type LLDPNeighbor ¶
type LLDPNeighbor struct {
LocalPortId string `xml:"lldp-local-port-id"`
LocalParentInterfaceName string `xml:"lldp-local-parent-interface-name"`
RemoteChassisIdSubtype string `xml:"lldp-remote-chassis-id-subtype"`
RemoteChassisId string `xml:"lldp-remote-chassis-id"`
RemotePortDescription string `xml:"lldp-remote-port-description"`
RemotePortId string `xml:"lldp-remote-port-id"`
RemoteSystemName string `xml:"lldp-remote-system-name"`
}
type LLDPNeighbors ¶
type LLDPNeighbors struct {
Entries []LLDPNeighbor `xml:"lldp-neighbor-information"`
}
type LogicalInterface ¶
type LogicalInterface struct {
Name string `xml:"name"`
LocalIndex int `xml:"local-index"`
SNMPIndex int `xml:"snmp-index"`
Encapsulation string `xml:"encapsulation"`
LAGInputPackets uint64 `xml:"lag-traffic-statistics>lag-bundle>input-packets"`
LAGInputPps int `xml:"lag-traffic-statistics>lag-bundle>input-pps"`
LAGInputBytes int `xml:"lag-traffic-statistics>lag-bundle>input-bytes"`
LAGInputBps int `xml:"lag-traffic-statistics>lag-bundle>input-bps"`
LAGOutputPackets uint64 `xml:"lag-traffic-statistics>lag-bundle>output-packets"`
LAGOutputPps int `xml:"lag-traffic-statistics>lag-bundle>output-pps"`
LAGOutputBytes int `xml:"lag-traffic-statistics>lag-bundle>output-bytes"`
LAGOutputBps int `xml:"lag-traffic-statistics>lag-bundle>output-bps"`
ZoneName string `xml:"logical-interface-zone-name"`
InputPackets uint64 `xml:"traffic-statistics>input-packets"`
OutputPackets uint64 `xml:"traffic-statistics>output-packets"`
AddressFamilies []AddressFamily `xml:"address-family"`
LinkAddress string `xml:"link-address,omitempty"`
}
LogicalInterface contains information about the logical interfaces tied to a physical interface.
type MACEntry ¶
type MACEntry struct {
VlanName string `xml:"l2ng-l2-mac-vlan-name"`
MACAddress string `xml:"l2ng-l2-mac-address"`
Age string `xml:"l2ng-l2-mac-age"`
Flags string `xml:"l2ng-l2-mac-flags"`
LogicalInterface string `xml:"l2ng-l2-mac-logical-interface"`
}
MACEntry contains information about each individual MAC address. Flags are: S - static MAC, D - dynamic MAC, L - locally learned, P - persistent static, SE - statistics enabled, NM - non configured MAC, R - remote PE MAC, O - ovsdb MAC.
type Module ¶
type Module struct {
Name string `xml:"name"`
Version string `xml:"version,omitempty"`
PartNumber string `xml:"part-number"`
SerialNumber string `xml:"serial-number"`
Description string `xml:"description"`
CLEICode string `xml:"clei-code"`
ModuleNumber string `xml:"module-number"`
SubModules []SubModule `xml:"chassis-sub-module"`
}
Module contains information about each individual module.
type PhysicalInterface ¶
type PhysicalInterface struct {
Name string `xml:"name"`
AdminStatus string `xml:"admin-status"`
OperStatus string `xml:"oper-status"`
LocalIndex int `xml:"local-index"`
SNMPIndex int `xml:"snmp-index"`
LinkLevelType string `xml:"link-level-type"`
InterfaceType string `xml:"if-type"`
MTU string `xml:"mtu"`
LinkMode string `xml:"link-mode"`
Speed string `xml:"speed"`
FlowControl string `xml:"if-flow-control"`
AutoNegotiation string `xml:"if-auto-negotiation"`
HardwarePhysicalAddress string `xml:"hardware-physical-address"`
Flapped string `xml:"interface-flapped"`
InputBps int `xml:"traffic-statistics>input-bps"`
InputPps int `xml:"traffic-statistics>input-pps"`
OutputBps int `xml:"traffic-statistics>output-bps"`
OutputPps int `xml:"traffic-statistics>output-pps"`
LogicalInterfaces []LogicalInterface `xml:"logical-interface"`
}
PhysicalInterface contains information about each individual physical interface.
type Policies ¶
type Policies struct {
Policies []Policy `xml:"firewall-policy"`
}
Policies contains a list of firewall policies.
type Policy ¶
type Policy struct {
ID int `xml:"id"`
Name string `xml:"name"`
Description string `xml:"description"`
}
A Policy contains information about each individual firewall policy.
type Route ¶
type Route struct {
Destination string `xml:"rt-destination"`
Active string `xml:"rt-entry>active-tag"`
Protocol string `xml:"rt-entry>protocol-name"`
Preference int `xml:"rt-entry>preference"`
Age string `xml:"rt-entry>age"`
NextHop string `xml:"rt-entry>nh>to,omitempty"`
NextHopInterface string `xml:"rt-entry>nh>via,omitempty"`
NextHopTable string `xml:"rt-entry>nh>nh-table,omitempty"`
NextHopLocalInterface string `xml:"rt-entry>nh>nh-local-interface,omitempty"`
}
Route holds information about each individual route.
type RouteTable ¶
type RouteTable struct {
Name string `xml:"table-name"`
TotalRoutes int `xml:"total-route-count"`
ActiveRoutes int `xml:"active-route-count"`
HolddownRoutes int `xml:"holddown-route-count"`
HiddenRoutes int `xml:"hidden-routes"`
Entries []Route `xml:"rt"`
}
RouteTable holds all the route information for each table.
type RoutingEngine ¶
RoutingEngine contains the hardware and software information for each route engine.
type RoutingTable ¶
type RoutingTable struct {
RouteTables []RouteTable `xml:"route-table"`
}
RoutingTable contains every routing table on the device.
type Rule ¶
type Rule struct {
Name string `xml:"policy-name"`
State string `xml:"policy-state"`
Identifier int `xml:"policy-identifier"`
ScopeIdentifier int `xml:"scope-policy-identifier"`
SequenceNumber int `xml:"policy-sequence-number"`
SourceAddresses []string `xml:"source-addresses>source-address>address-name"`
DestinationAddresses []string `xml:"destination-addresses>destination-address>address-name"`
Applications []string `xml:"applications>application>application-name"`
SourceIdentities []string `xml:"source-identities>source-identity>role-name"`
PolicyAction string `xml:"policy-action>action-type"`
PolicyTCPOptions struct {
SYNCheck string `xml:"policy-tcp-options-syn-check"`
SequenceCheck string `xml:"policy-tcp-options-sequence-check"`
} `xml:"policy-action>policy-tcp-options"`
}
Rule contains each individual element that makes up a security policy rule.
type SecurityContext ¶
type SecurityContext struct {
SourceZone string `xml:"context-information>source-zone-name"`
DestinationZone string `xml:"context-information>destination-zone-name"`
Rules []Rule `xml:"policies>policy-information"`
}
SecurityContext contains the policies for each context, such as rules from trust to untrust zones.
type SecurityDevice ¶
type SecurityDevice struct {
ID int `xml:"id"`
Family string `xml:"device-family"`
Platform string `xml:"platform"`
IPAddress string `xml:"device-ip"`
Name string `xml:"name"`
}
A SecurityDevice contains information about each individual security device.
type SecurityDevices ¶
type SecurityDevices struct {
XMLName xml.Name `xml:"devices"`
Devices []SecurityDevice `xml:"device"`
}
SecurityDevices contains a list of security devices.
type SecurityZones ¶
type SecurityZones struct {
XMLName xml.Name `xml:"configuration"`
Zones []Zone `xml:"security>zones>security-zone"`
}
SecurityZones contains all of our security-zone information.
type Service ¶
type Service struct {
ID int `xml:"id"`
Name string `xml:"name"`
IsGroup bool `xml:"is-group"`
Description string `xml:"description"`
}
A Service contains information about each individual service object.
type Services ¶
type Services struct {
Services []Service `xml:"service"`
}
Services contains a list of service objects.
type SoftwarePackage ¶
type SoftwarePackage struct {
ID int `xml:"key,attr"`
Name string `xml:"fileName"`
Version string `xml:"version"`
Platform string `xml:"platformType"`
}
A SoftwarePackage contains information about each individual software package.
type SoftwarePackages ¶
type SoftwarePackages struct {
Packages []SoftwarePackage `xml:"package"`
}
SoftwarePackages contains a list of software packages managed by Junos Space.
type SoftwareUpgrade ¶
type SoftwareUpgrade struct {
UseDownloaded bool // Use an image already staged on the device.
Validate bool // Check/don't check compatibility with current configuration.
Reboot bool // Reboot system after adding package.
RebootAfter int // Reboot the system after "x" minutes.
Cleanup bool // Remove any pre-existing packages on the device.
RemoveAfter bool // Remove the package after successful installation.
}
SoftwareUpgrade consists of options available to use before issuing a software upgrade.
type SourceNatEntry ¶
type SourceNatEntry struct {
Name string `xml:"rule-name"`
SetName string `xml:"rule-set-name"`
ID string `xml:"rule-id"`
RuleMatchingPosition int `xml:"rule-matching-position"`
FromContext string `xml:"rule-from-context"`
FromZone string `xml:"rule-from-context-name"`
ToContext string `xml:"rule-to-context"`
ToZone string `xml:"rule-to-context-name"`
SourceAddressLowRange string `xml:"source-address-range-entry>rule-source-address-low-range"`
SourceAddressHighRange string `xml:"source-address-range-entryrule-source-address-high-range"`
SourceAddresses []string `xml:"source-address-range-entry>rule-source-address"`
DestinationAddresses []string `xml:"destination-address-range-entry>rule-destination-address"`
DestinationPortLow int `xml:"destination-port-entry>rule-destination-port-low"`
DestinationPortHigh int `xml:"destination-port-entry>rule-destination-port-high"`
SourcePortLow int `xml:"source-port-entry>rule-source-port-low"`
SourcePortHigh int `xml:"source-port-entry>rule-source-port-high"`
SourceNatProtocol string `xml:"src-nat-protocol-entry"`
RuleAction string `xml:"source-nat-rule-action-entry>source-nat-rule-action"`
PersistentNatType string `xml:"source-nat-rule-action-entry>persistent-nat-type"`
PersistentNatMappingType string `xml:"source-nat-rule-action-entry>persistent-nat-mapping-type"`
PersistentNatTimeout int `xml:"source-nat-rule-action-entry>persistent-nat-timeout"`
PersistentNatMaxSession int `xml:"source-nat-rule-action-entry>persistent-nat-max-session"`
TranslationHits int `xml:"source-nat-rule-hits-entry>rule-translation-hits"`
SuccessfulSessions int `xml:"source-nat-rule-hits-entry>succ-hits"`
ConcurrentHits int `xml:"source-nat-rule-hits-entry>concurrent-hits"`
}
SourceNatEntry holds each individual source NAT entry.
type SourceNats ¶
type SourceNats struct {
Count int
Entries []SourceNatEntry `xml:"source-nat-rule-entry"`
}
SourceNats contains the source NATs configured on the device.
type Space ¶
Space contains our session state.
func (*Space) AddAddress ¶
AddAddress creates a new address object in Junos Space. Description is optional.
func (*Space) AddDevice ¶
AddDevice adds a new managed device to Junos Space, and returns the Job ID.
func (*Space) AddGroup ¶
AddGroup creates a new address or service group in Junos Space. Objecttype must be "address" or "service".
func (*Space) AddService ¶
func (s *Space) AddService(protocol, name string, ports interface{}, description string, timeout int) error
AddService creates a new service object to Junos Space. For a single port, just enter in the number. For a range of ports, enter the low-high range in quotes like so: "10000-10002".
func (*Space) AddVariable ¶
AddVariable creates a new polymorphic object (variable) on the Junos Space server. The address option is a default address object that will be used. This address object must already exist on the server.
func (*Space) Addresses ¶
Addresses queries the Junos Space server and returns all of the information about each address that is managed by Space. Filter is optional, but if specified can help reduce the amount of objects returned.
func (*Space) DeleteObject ¶
DeleteObject removes an address or service object from Junos Space. Grouptype must be "address" or "service"
func (*Space) DeleteVariable ¶
DeleteVariable removes the polymorphic (variable) object from Junos Space. If the variable object is in use by a policy, then it will not be deleted until you remove it from the policy.
func (*Space) DeploySoftware ¶
func (s *Space) DeploySoftware(device, image string, options *SoftwareUpgrade) (int, error)
DeploySoftware starts the upgrade process on the device, using the given image along with the options specified.
func (*Space) Devices ¶
Devices queries the Junos Space server and returns all of the information about each device that is managed by Space.
func (*Space) EditAddress ¶
EditAddress changes the IP/Network/FQDN of the given address object name.
func (*Space) EditGroup ¶
EditGroup adds or removes objects to/from an existing address or service group. Grouptype must be "address" or "service." Action must be add or remove.
func (*Space) EditVariable ¶
func (s *Space) EditVariable() (*VariableManagement, error)
EditVariable creates a new state when adding/removing addresses to a polymorphic (variable) object. We do this to only get the list of security devices (SecurityDevices()) once, instead of call the function each time we want to modify a variable.
func (*Space) GroupMembers ¶
func (s *Space) GroupMembers(grouptype, name string) (*GroupMembers, error)
GroupMembers lists all of the address or service objects within the given group. Grouptype must be "address" or "service".
func (*Space) PublishPolicy ¶
PublishPolicy publishes a changed firewall policy. If "true" is specified for update, then Junos Space will also update the device.
func (*Space) RemoveDevice ¶
RemoveDevice removes a device from Junos Space. You can specify the device ID, name or IP address.
func (*Space) RemoveStagedSoftware ¶
RemoveStagedSoftware will delete the staged software image on the device.
func (*Space) RenameObject ¶
RenameObject renames an address or service object to the given new name. Grouptype must be "address" or "service"
func (*Space) Resync ¶
Resync synchronizes the device with Junos Space. Good to use if you make a lot of changes outside of Junos Space such as adding interfaces, zones, etc.
func (*Space) SecurityDevices ¶
func (s *Space) SecurityDevices() (*SecurityDevices, error)
SecurityDevices queries the Junos Space server and returns all of the information about each security device that is managed by Space.
func (*Space) Services ¶
Services queries the Junos Space server and returns all of the information about each service that is managed by Space.
func (*Space) Software ¶
func (s *Space) Software() (*SoftwarePackages, error)
Software queries the Junos Space server and returns all of the information about each software image that Space manages.
func (*Space) StageSoftware ¶
StageSoftware loads the given software image onto the device but does not upgrade it. The package is placed in the /var/tmp directory.
func (*Space) UpdateDevice ¶
UpdateDevice will update a changed security device, synchronizing it with Junos Space.
type StaticNatEntry ¶
type StaticNatEntry struct {
Name string `xml:"rule-name"`
SetName string `xml:"rule-set-name"`
ID string `xml:"rule-id"`
RuleMatchingPosition int `xml:"rule-matching-position"`
FromContext string `xml:"rule-from-context"`
FromZone string `xml:"rule-from-context-name"`
SourceAddressLowRange string `xml:"static-source-address-range-entry>rule-source-address-low-range"`
SourceAddressHighRange string `xml:"static-source-address-range-entry>rule-source-address-high-range"`
DestinaionAddressPrefix string `xml:"rule-destination-address-prefix"`
DestinationPortLow int `xml:"rule-destination-port-low"`
DestinationPortHigh int `xml:"rule-destination-port-high"`
HostAddressPrefix string `xml:"rule-host-address-prefix"`
HostPortLow int `xml:"rule-host-port-low"`
HostPortHigh int `xml:"rule-host-port-high"`
Netmask string `xml:"rule-address-netmask"`
RoutingInstance string `xml:"rule-host-routing-instance"`
TranslationHits int `xml:"rule-translation-hits"`
SuccessfulSessions int `xml:"succ-hits"`
ConcurrentHits int `xml:"concurrent-hits"`
}
StaticNatEntry holds each individual static NAT entry.
type StaticNats ¶
type StaticNats struct {
Count int
Entries []StaticNatEntry `xml:"static-nat-rule-entry"`
}
StaticNats contains the static NATs configured on the device.
type Storage ¶
type Storage struct {
Entries []SystemStorage `xml:"system-storage-information"`
}
Storage contains information about all of the file systems on the device.
type SubModule ¶
type SubModule struct {
Name string `xml:"name"`
Version string `xml:"version,omitempty"`
PartNumber string `xml:"part-number"`
SerialNumber string `xml:"serial-number"`
Description string `xml:"description"`
CLEICode string `xml:"clei-code"`
ModuleNumber string `xml:"module-number"`
SubSubModules []SubSubModule `xml:"chassis-sub-sub-module"`
}
SubModule contains information about each individual sub-module.
type SubSubModule ¶
type SubSubModule struct {
Name string `xml:"name"`
Version string `xml:"version,omitempty"`
PartNumber string `xml:"part-number"`
SerialNumber string `xml:"serial-number"`
Description string `xml:"description"`
SubSubSubModules []SubSubSubModule `xml:"chassis-sub-sub-sub-module"`
}
SubSubModule contains information about each sub-sub module, such as SFP's.
type SubSubSubModule ¶
type SubSubSubModule struct {
Name string `xml:"name"`
Version string `xml:"version,omitempty"`
PartNumber string `xml:"part-number"`
SerialNumber string `xml:"serial-number"`
Description string `xml:"description"`
}
SubSubSubModule contains information about each sub-sub-sub module, such as SFP's on a PIC, which is tied to a MIC on an MX.
type SystemStorage ¶
type SystemStorage struct {
FileSystems []FileSystem `xml:"filesystem"`
}
SystemStorage stores the file system information for each node, routing-engine, etc. on the device.
type VCMember ¶
type VCMember struct {
Status string `xml:"member-status"`
ID int `xml:"member-id"`
FPCSlot string `xml:"fpc-slot"`
SerialNumber string `xml:"member-serial-number"`
Model string `xml:"member-model"`
Priority int `xml:"member-priority"`
MixedMode string `xml:"member-mixed-mode"`
RouteMode string `xml:"member-route-mode"`
Role string `xml:"member-role"`
Neighbors []VCMemberNeighbor `xml:"neighbor-list>neighbor"`
}
VCMember contains information about each individual virtual-chassis member.
type VCMemberNeighbor ¶
type VCMemberNeighbor struct {
ID int `xml:"neighbor-id"`
Interface string `xml:"neighbor-interface"`
}
VCMemberNeighbor contains information about each virtual-chassis member neighbor.
type Variable ¶
type Variable struct {
ID int `xml:"id"`
Name string `xml:"name"`
Description string `xml:"description"`
}
A Variable contains information about each individual polymorphic (variable) object.
type VariableManagement ¶
type VariableManagement struct {
Devices []SecurityDevice
Space *Space
}
VariableManagement contains our session state when updating a polymorphic (variable) object.
func (*VariableManagement) Add ¶
func (v *VariableManagement) Add(address, name, firewall string) error
Add appends an address object to the given polymorphic (variable) object. Address is the address object you want to add, and name needs to be the variable object you wish to add the object to. You also must specify the device (firewall) that you want to associate the variable object to.
type Variables ¶
type Variables struct {
Variables []Variable `xml:"variable-definition"`
}
Variables contains a list of all polymorphic (variable) objects.
type Views ¶
type Views struct {
Arp ArpTable
BGP BGPTable
EthernetSwitch EthernetSwitchingTable
FirewallPolicy FirewallPolicy
Interface Interfaces
Inventory HardwareInventory
LLDPNeighbors LLDPNeighbors
Route RoutingTable
SourceNat SourceNats
StaticNat StaticNats
Storage Storage
VirtualChassis VirtualChassis
Vlan Vlans
}
Views contains the information for the specific views. Note that some views aren't available for specific hardware platforms, such as the "VirtualChassis" view on an SRX.
type VirtualChassis ¶
type VirtualChassis struct {
PreProvisionedVCID string `xml:"preprovisioned-virtual-chassis-information>virtual-chassis-id"`
PreProvisionedVCMode string `xml:"preprovisioned-virtual-chassis-information>virtual-chassis-mode"`
Members []VCMember `xml:"member-list>member"`
}
VirtualChassis contains information regarding the virtual-chassis setup for the device.
type Vlan ¶
type Vlan struct {
Name string `xml:"l2ng-l2rtb-vlan-name"`
Tag int `xml:"l2ng-l2rtb-vlan-tag"`
MemberInterfaces []string `xml:"l2ng-l2rtb-vlan-member>l2ng-l2rtb-vlan-member-interface"`
}
Vlan contains information about each individual VLAN.
type Vlans ¶
type Vlans struct {
Entries []Vlan `xml:"l2ng-l2ald-vlan-instance-group"`
}
Vlans contains all of the VLAN information on the device.
type Zone ¶
type Zone struct {
Name string `xml:"name"`
AddressEntries []AddressEntry `xml:"address-book>address"`
AddressSets []AddressSet `xml:"address-book>address-set"`
ZoneInterfaces []ZoneInterface `xml:"interfaces"`
}
Zone contains information about each individual security-zone.
type ZoneInterface ¶
type ZoneInterface struct {
Name string `xml:"name"`
}
ZoneInterface contains a list of all interfaces that belong to the zone.
Source Files