diff --git a/CHANGELOG.md b/CHANGELOG.md index 3290e1661..5c57fe042 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -7,6 +7,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/). ## [Unreleased] ### Added +- junos: add unit test (@systeembeheerder) ### Changed diff --git a/examples/device-simulation/cmdsets/junos b/examples/device-simulation/cmdsets/junos new file mode 100644 index 000000000..8877e32f9 --- /dev/null +++ b/examples/device-simulation/cmdsets/junos @@ -0,0 +1,9 @@ +set cli screen-length 0 +set cli screen-width 0 +show version +show chassis hardware +show system license +show system license keys +show configuration | display omit +exit + diff --git a/examples/device-simulation/yaml/junos_srx300_22.4.yaml b/examples/device-simulation/yaml/junos_srx300_22.4.yaml new file mode 100644 index 000000000..cb08ea7fe --- /dev/null +++ b/examples/device-simulation/yaml/junos_srx300_22.4.yaml @@ -0,0 +1,668 @@ +--- +init_prompt: |- + Last login: Fri Dec 6 11:32:31 2024 from 192.168.1.2\r + --- JUNOS 22.4R3-S2.11 built 2024-05-10 20:45:39 UTC + oxidized>\x20 +commands: + set cli screen-length 0: |- + set cli screen-length 0\x20 + Screen length set to 0 + + oxidized>\x20 + set cli screen-width 0: |- + set cli screen-width 0\x20 + Screen width set to 0 + + oxidized>\x20 + show version: |- + show version\x20 + Model: srx300 + Junos: 22.4R3-S2.11 + JUNOS Software Release [22.4R3-S2.11] + + oxidized>\x20 + show chassis hardware: |- + show chassis hardware\x20 + Hardware inventory: + Item Version Part number Serial number Description + Chassis AA0000AA0000 SRX300 + Routing Engine REV 0x08 650-077890 AA0000AA0000 RE-SRX300 + FPC 0 BUILTIN BUILTIN FPC + PIC 0 6xGE,2xGE SFP Base PIC + Xcvr 6 REV 01 740-031850 S2001411089 SFP-LX10 + Power Supply 0 \x20 + + oxidized>\x20 + show system license: |- + show system license\x20 + License usage:\x20 + Licenses Licenses Licenses + \t\t\t\t Feature Feature Feature + Feature name used installed needed Expiry\x20 + remote-access-ipsec-vpn-client 0 2 0 permanent + remote-access-juniper-std 0 2 0 permanent + + Licenses installed: none + + oxidized>\x20 + show system license keys: |- + show system license keys\x20 + + oxidized>\x20 + show configuration | display omit: |- + show configuration | display omit\x20 + ## Last commit: 2024-12-06 11:41:05 UTC by root + version 22.4R3-S2.11; + system { + root-authentication { + encrypted-password \"very-secret-encrypted-password\"; ## SECRET-DATA + } + login { + user oxidized { + uid 2002; + class super-user; + authentication { + encrypted-password \"very-secret-encrypted-password\"; ## SECRET-DATA + } + } + } + services { + ssh; + netconf { + ssh; + } + dhcp-local-server { + group jdhcp-group { + interface irb.0; + } + } + web-management { + https { + system-generated-certificate; + } + } + } + name-server { + 8.8.8.8; + 8.8.4.4; + } + syslog { + archive size 100k files 3; + user * { + any emergency; + } + file interactive-commands { + interactive-commands any; + } + file messages { + any notice; + authorization info; + } + } + max-configurations-on-flash 5; + max-configuration-rollbacks 5; + license { + autoupdate { + url https://ae1.juniper.net/junos/key_retrieval; + } + } + phone-home { + server https://redirect.juniper.net; + rfc-compliant; + } + } + security { + screen { + ids-option untrust-screen { + icmp { + ping-death; + } + ip { + source-route-option; + tear-drop; + } + tcp { + syn-flood { + alarm-threshold 1024; + attack-threshold 200; + source-threshold 1024; + destination-threshold 2048; + timeout 20; + } + land; + } + } + } + nat { + source { + rule-set trust-to-untrust { + from zone trust; + to zone untrust; + rule source-nat-rule { + match { + source-address 0.0.0.0/0; + } + then { + source-nat { + interface; + } + } + } + } + } + } + policies { + from-zone trust to-zone trust { + policy trust-to-trust { + match { + source-address any; + destination-address any; + application any; + } + then { + permit; + } + } + } + from-zone trust to-zone untrust { + policy trust-to-untrust { + match { + source-address any; + destination-address any; + application any; + } + then { + permit; + } + } + } + pre-id-default-policy { + then { + log { + session-close; + } + } + } + } + zones { + security-zone trust { + host-inbound-traffic { + system-services { + all; + } + protocols { + all; + } + } + interfaces { + irb.0; + } + } + security-zone untrust { + screen untrust-screen; + interfaces { + ge-0/0/0.0 { + host-inbound-traffic { + system-services { + dhcp; + tftp; + https; + } + } + } + ge-0/0/7.0 { + host-inbound-traffic { + system-services { + dhcp; + tftp; + } + } + } + } + } + } + } + interfaces { + ge-0/0/0 { + unit 0 { + family inet { + dhcp { + vendor-id Juniper-srx300; + } + } + } + } + ge-0/0/1 { + unit 0 { + family ethernet-switching { + vlan { + members vlan-trust; + } + } + } + } + ge-0/0/2 { + unit 0 { + family ethernet-switching { + vlan { + members vlan-trust; + } + } + } + } + ge-0/0/3 { + unit 0 { + family ethernet-switching { + vlan { + members vlan-trust; + } + } + } + } + ge-0/0/4 { + unit 0 { + family ethernet-switching { + vlan { + members vlan-trust; + } + } + } + } + ge-0/0/5 { + unit 0 { + family ethernet-switching { + vlan { + members vlan-trust; + } + } + } + } + ge-0/0/6 { + unit 0 { + family ethernet-switching { + vlan { + members vlan-trust; + } + } + } + } + ge-0/0/7 { + unit 0 { + family inet { + dhcp { + vendor-id Juniper-srx300; + } + } + } + } + irb { + unit 0 { + family inet { + address 192.168.1.1/24; + } + } + } + } + snmp { + location \"42 Wallaby Way, Sydney\"; + } + access { + address-assignment { + pool junosDHCPPool { + family inet { + network 192.168.1.0/24; + range junosRange { + low 192.168.1.2; + high 192.168.1.254; + } + dhcp-attributes { + router { + 192.168.1.1; + } + propagate-settings ge-0/0/0.0; + } + } + } + } + } + vlans { + vlan-trust { + vlan-id 3; + l3-interface irb.0; + } + } + protocols { + l2-learning { + global-mode switching; + } + rstp { + interface all; + } + } + + oxidized>\x20 + exit: |- + exit\x20 +oxidized_output: | + # show version + # Model: srx300 + # Junos: 22.4R3-S2.11 + # JUNOS Software Release [22.4R3-S2.11] + #\x20 + # oxidized> + # show chassis hardware + # Hardware inventory: + # Item Version Part number Serial number Description + # Chassis AA0000AA0000 SRX300 + # Routing Engine REV 0x08 650-077890 AA0000AA0000 RE-SRX300 + # FPC 0 BUILTIN BUILTIN FPC + # PIC 0 6xGE,2xGE SFP Base PIC + # Xcvr 6 REV 01 740-031850 S2001411089 SFP-LX10 + # Power Supply 0 + #\x20 + # oxidized> + # show system license + # License usage: + # Licenses Licenses Licenses + # \t\t\t\t Feature Feature Feature + # Feature name used installed needed Expiry + # remote-access-ipsec-vpn-client 0 2 0 permanent + # remote-access-juniper-std 0 2 0 permanent + #\x20 + # Licenses installed: none + #\x20 + # oxidized> + # show system license keys + #\x20 + # oxidized> + show configuration | display omit + ## Last commit: 2024-12-06 11:41:05 UTC by root + version 22.4R3-S2.11; + system { + root-authentication { + encrypted-password \"very-secret-encrypted-password\"; ## SECRET-DATA + } + login { + user oxidized { + uid 2002; + class super-user; + authentication { + encrypted-password \"very-secret-encrypted-password\"; ## SECRET-DATA + } + } + } + services { + ssh; + netconf { + ssh; + } + dhcp-local-server { + group jdhcp-group { + interface irb.0; + } + } + web-management { + https { + system-generated-certificate; + } + } + } + name-server { + 8.8.8.8; + 8.8.4.4; + } + syslog { + archive size 100k files 3; + user * { + any emergency; + } + file interactive-commands { + interactive-commands any; + } + file messages { + any notice; + authorization info; + } + } + max-configurations-on-flash 5; + max-configuration-rollbacks 5; + license { + autoupdate { + url https://ae1.juniper.net/junos/key_retrieval; + } + } + phone-home { + server https://redirect.juniper.net; + rfc-compliant; + } + } + security { + screen { + ids-option untrust-screen { + icmp { + ping-death; + } + ip { + source-route-option; + tear-drop; + } + tcp { + syn-flood { + alarm-threshold 1024; + attack-threshold 200; + source-threshold 1024; + destination-threshold 2048; + timeout 20; + } + land; + } + } + } + nat { + source { + rule-set trust-to-untrust { + from zone trust; + to zone untrust; + rule source-nat-rule { + match { + source-address 0.0.0.0/0; + } + then { + source-nat { + interface; + } + } + } + } + } + } + policies { + from-zone trust to-zone trust { + policy trust-to-trust { + match { + source-address any; + destination-address any; + application any; + } + then { + permit; + } + } + } + from-zone trust to-zone untrust { + policy trust-to-untrust { + match { + source-address any; + destination-address any; + application any; + } + then { + permit; + } + } + } + pre-id-default-policy { + then { + log { + session-close; + } + } + } + } + zones { + security-zone trust { + host-inbound-traffic { + system-services { + all; + } + protocols { + all; + } + } + interfaces { + irb.0; + } + } + security-zone untrust { + screen untrust-screen; + interfaces { + ge-0/0/0.0 { + host-inbound-traffic { + system-services { + dhcp; + tftp; + https; + } + } + } + ge-0/0/7.0 { + host-inbound-traffic { + system-services { + dhcp; + tftp; + } + } + } + } + } + } + } + interfaces { + ge-0/0/0 { + unit 0 { + family inet { + dhcp { + vendor-id Juniper-srx300; + } + } + } + } + ge-0/0/1 { + unit 0 { + family ethernet-switching { + vlan { + members vlan-trust; + } + } + } + } + ge-0/0/2 { + unit 0 { + family ethernet-switching { + vlan { + members vlan-trust; + } + } + } + } + ge-0/0/3 { + unit 0 { + family ethernet-switching { + vlan { + members vlan-trust; + } + } + } + } + ge-0/0/4 { + unit 0 { + family ethernet-switching { + vlan { + members vlan-trust; + } + } + } + } + ge-0/0/5 { + unit 0 { + family ethernet-switching { + vlan { + members vlan-trust; + } + } + } + } + ge-0/0/6 { + unit 0 { + family ethernet-switching { + vlan { + members vlan-trust; + } + } + } + } + ge-0/0/7 { + unit 0 { + family inet { + dhcp { + vendor-id Juniper-srx300; + } + } + } + } + irb { + unit 0 { + family inet { + address 192.168.1.1/24; + } + } + } + } + snmp { + location \"42 Wallaby Way, Sydney\"; + } + access { + address-assignment { + pool junosDHCPPool { + family inet { + network 192.168.1.0/24; + range junosRange { + low 192.168.1.2; + high 192.168.1.254; + } + dhcp-attributes { + router { + 192.168.1.1; + } + propagate-settings ge-0/0/0.0; + } + } + } + } + } + vlans { + vlan-trust { + vlan-id 3; + l3-interface irb.0; + } + } + protocols { + l2-learning { + global-mode switching; + } + rstp { + interface all; + } + } + + oxidized> diff --git a/spec/model/junos_spec.rb b/spec/model/junos_spec.rb new file mode 100644 index 000000000..9bfd8fbb1 --- /dev/null +++ b/spec/model/junos_spec.rb @@ -0,0 +1,21 @@ +require_relative 'model_helper' + +describe 'model/junos' do + before(:each) do + init_model_helper + @node = Oxidized::Node.new(name: 'example.com', + input: 'ssh', + model: 'junos') + end + + it 'runs on SRX300 with 22.4' do + mockmodel = MockSsh.new('examples/device-simulation/yaml/junos_srx300_22.4.yaml') + Net::SSH.stubs(:start).returns mockmodel + + status, result = @node.run + + _(status).must_equal :success + # result2file(result, 'model-output.txt') + _(result.to_cfg).must_equal mockmodel.oxidized_output + end +end