[Nocrancid] autopop-onenet.net router config diffs

Thu Mar 21 09:00:48 CDT 2013

Index: swi1.chi-ex2200.onenet.net
===================================================================

--- swi1.chi-ex2200.onenet.net	(revision 55626)
+++ swi1.chi-ex2200.onenet.net	(working copy)
@@ -1,12 +1,12 @@
 # RANCID-CONTENT-TYPE: juniper
 #
 # grnoc-mon at SWI1-CHI--EX2200> show system commit 
+#   2013-03-21 08:08:54 CDT by rnordmark via cli
+#   2013-03-21 08:08:02 CDT by rnordmark via cli
+#   2013-03-21 08:06:43 CDT by rnordmark via cli commit confirmed, rollback in 5mins
 #   2013-03-20 16:39:02 CDT by joe via cli
 #   2013-03-20 16:10:00 CDT by joe via cli
 #   2013-03-20 10:57:41 CDT by admin via cli
-#   2013-03-20 10:56:43 CDT by admin via cli
-#   2013-03-19 14:04:11 CDT by admin via cli
-#   2013-03-14 09:42:30 CDT by admin via cli commit confirmed, rollback in 5mins
 # grnoc-mon at SWI1-CHI--EX2200> show chassis environment 
 # Class Item                           Status     Measurement
 # Power FPC 0 Power Supply 0           OK        
@@ -152,7 +152,7 @@
 # grnoc-mon at SWI1-CHI--EX2200> show system uptime 
 # System booted: 2013-03-13 12:08 CDT 
 # Protocols started: 2013-03-13 12:12 CDT 
-# Last configured: 2013-03-20 16:39 CDT  by joe
+# Last configured: 2013-03-21 08:08 CDT  by rnordmark
 # 
 # grnoc-mon at SWI1-CHI--EX2200> show interface terse 
 #Interface Admin Link
@@ -201,7 +201,7 @@
 #vlan up up
 #vlan.250 up up
 # grnoc-mon at SWI1-CHI--EX2200> show configuration 
-## Last commit: 2013-03-20 16:39:02 CDT by joe
+## Last commit: 2013-03-21 08:08:54 CDT by rnordmark
 version 11.4R6.6;
 system {
     host-name SWI1-CHI--EX2200;
@@ -234,8 +234,23 @@
             idle-timeout 1044;
             permissions all;
         }
+        class lockdown {
+            idle-timeout 2;
+            permissions view;
+            deny-commands .*;
+            deny-configuration .*;
+        }
+        class operator-local {
+            idle-timeout 15;
+            permissions [ access admin configure firewall interface network routing snmp system trace view ];
+            allow-commands "show log messages";
+        }
+        class robot {
+            idle-timeout 10;
+            permissions [ admin configure firewall interface routing secret security snmp system trace view ];
+        }
         user admin {
-            uid 2000;
+            uid 1000;
             class super-user;
             authentication {
 #                encrypted-password <removed>;
@@ -245,6 +260,14 @@
             uid 2018;
             class admin;
         }
+        user rancid {
+            uid 2001;
+            class robot;
+        }
+        user remote {
+            uid 2002;
+            class operator-local;
+        }
     }
     services {
         ssh {
@@ -319,6 +342,7 @@
 }
 snmp {
     description OneNet;
+    location "Chickasaw, OK";
     contact "Net Group";
     client-list snmp-management {
         156.110.31.0/27;
@@ -334,6 +358,12 @@
     community "<removed>" {
         authorization read-write;
     }
+    trap-group "<removed>" {
+        targets {
+            164.58.253.34;
+            164.58.253.35;
+        }
+    }
 }
 routing-options {
     static {
@@ -385,6 +415,21 @@
                     discard;
                 }
             }
+            term SNMP-ALLOW {
+                from {
+                    source-address {
+                        164.58.253.0/24;
+                        156.110.31.0/27;
+                        156.110.31.32/28;
+                    }
+                    protocol [ tcp udp ];
+                    ##
+                    ## Warning: statement ignored: unsupported platform (ex2200-24t-4g)
+                    ##
+                    port [ snmp snmptrap ];
+                }
+                then accept;
+            }
         }
     }
 }

