[Nocrancid] autopop-onenet.net router config diffs
rancid at rancid.noc.onenet.net
rancid at rancid.noc.onenet.net
Mon Sep 11 17:04:53 CDT 2017
Index: configs/core.end.onenet.net
===================================================================
--- configs/core.end.onenet.net (revision 156510)
+++ configs/core.end.onenet.net (working copy)
@@ -539,11 +539,11 @@
#lsi.1049931 up up
#lsi.1049935 up up
#lsi.1049938 up up
-#lsi.1049941 up up
#lsi.1049942 up up
#lsi.1049949 up up
#lsi.1049950 up up
#lsi.1049954 up up
+#lsi.1049956 up up
#mtun up up
#pimd up up
#pime up up
Index: configs/core.hut.law.onenet.net
===================================================================
--- configs/core.hut.law.onenet.net (revision 156495)
+++ configs/core.hut.law.onenet.net (working copy)
@@ -345,8 +345,8 @@
#lsi.1049071 up up
#lsi.1049072 up up
#lsi.1049074 up up
-#lsi.1049079 up up
#lsi.1049083 up up
+#lsi.1049085 up up
#me0 up up
#me0.0 up up
#mtun up up
Index: configs/core.dur.onenet.net
===================================================================
--- configs/core.dur.onenet.net (revision 156510)
+++ configs/core.dur.onenet.net (working copy)
@@ -561,10 +561,10 @@
#lsi.1049753 up up
#lsi.1049757 up up
#lsi.1049760 up up
-#lsi.1049763 up up
#lsi.1049764 up up
#lsi.1049768 up up
#lsi.1049772 up up
+#lsi.1049774 up up
#mtun up up
#pimd up up
#pime up up
Index: configs/core.say.onenet.net
===================================================================
--- configs/core.say.onenet.net (revision 156510)
+++ configs/core.say.onenet.net (working copy)
@@ -490,10 +490,10 @@
#lsi.1050518 up up
#lsi.1050522 up up
#lsi.1050525 up up
-#lsi.1050528 up up
#lsi.1050529 up up
#lsi.1050533 up up
#lsi.1050537 up up
+#lsi.1050539 up up
#mtun up up
#pimd up up
#pime up up
Index: configs/core.mus.onenet.net
===================================================================
--- configs/core.mus.onenet.net (revision 156510)
+++ configs/core.mus.onenet.net (working copy)
@@ -510,10 +510,10 @@
#lsi.1050153 up up
#lsi.1050157 up up
#lsi.1050160 up up
-#lsi.1050163 up up
#lsi.1050164 up up
#lsi.1050168 up up
#lsi.1050172 up up
+#lsi.1050174 up up
#mtun up up
#pimd up up
#pime up up
Index: configs/core.hut.sal.onenet.net
===================================================================
--- configs/core.hut.sal.onenet.net (revision 156495)
+++ configs/core.hut.sal.onenet.net (working copy)
@@ -368,8 +368,8 @@
#lsi.1049905 up up
#lsi.1049906 up up
#lsi.1049908 up up
-#lsi.1049913 up up
#lsi.1049917 up up
+#lsi.1049919 up up
#me0 up up
#me0.0 up up
#mtun up up
Index: configs/core.mca.onenet.net
===================================================================
--- configs/core.mca.onenet.net (revision 156510)
+++ configs/core.mca.onenet.net (working copy)
@@ -517,10 +517,10 @@
#lsi.1051402 up up
#lsi.1051403 up up
#lsi.1051404 up up
-#lsi.1051407 up up
#lsi.1051408 up up
#lsi.1051412 up up
#lsi.1051416 up up
+#lsi.1051419 up up
#mtun up up
#pimd up up
#pime up up
Index: configs/core.alt.onenet.net
===================================================================
--- configs/core.alt.onenet.net (revision 156510)
+++ configs/core.alt.onenet.net (working copy)
@@ -496,7 +496,6 @@
#lsi.1048940 up up
#lsi.1048946 up up
#lsi.1048949 up up
-#lsi.1048974 up up
#lsi.1048975 up up
#lsi.1048976 up up
#lsi.1048977 up up
@@ -520,6 +519,7 @@
#lsi.1049003 up up
#lsi.1049004 up up
#lsi.1049008 up up
+#lsi.1049010 up up
#mtun up up
#pimd up up
#pime up up
Index: configs/core.hut.elk.onenet.net
===================================================================
--- configs/core.hut.elk.onenet.net (revision 156495)
+++ configs/core.hut.elk.onenet.net (working copy)
@@ -359,8 +359,8 @@
#lsi.1048605 up up
#lsi.1048606 up up
#lsi.1048608 up up
-#lsi.1048613 up up
#lsi.1048617 up up
+#lsi.1048620 up up
#me0 up up
#me0.0 up up
#mtun up up
Index: configs/core4.tul.onenet.net
===================================================================
--- configs/core4.tul.onenet.net (revision 156513)
+++ configs/core4.tul.onenet.net (working copy)
@@ -841,8 +841,8 @@
#lsi.1048753 up up
#lsi.1048755 up up
#lsi.1048758 up up
-#lsi.1048761 up up
#lsi.1048765 up up
+#lsi.1048767 up up
#mtun up up
#pimd up up
#pime up up
Index: configs/core.wil.onenet.net
===================================================================
--- configs/core.wil.onenet.net (revision 156510)
+++ configs/core.wil.onenet.net (working copy)
@@ -504,10 +504,10 @@
#lsi.1049724 up up
#lsi.1049725 up up
#lsi.1049726 up up
-#lsi.1049729 up up
#lsi.1049730 up up
#lsi.1049734 up up
#lsi.1049738 up up
+#lsi.1049740 up up
#mtun up up
#pimd up up
#pime up up
Index: configs/core4.okc.onenet.net
===================================================================
--- configs/core4.okc.onenet.net (revision 156510)
+++ configs/core4.okc.onenet.net (working copy)
@@ -1494,7 +1494,6 @@
#lsi.1049851 up up
#lsi.1049856 up up
#lsi.1049859 up up
-#lsi.1049862 up up
#lsi.1049874 up up
#lsi.1049875 up up
#lsi.1049882 up up
@@ -1502,6 +1501,7 @@
#lsi.1049884 up up
#lsi.1049885 up up
#lsi.1049889 up up
+#lsi.1049892 up up
#mtun up up
#pimd up up
#pime up up
Index: configs/core.pot.onenet.net
===================================================================
--- configs/core.pot.onenet.net (revision 156510)
+++ configs/core.pot.onenet.net (working copy)
@@ -521,10 +521,10 @@
#lsi.1049577 up up
#lsi.1049578 up up
#lsi.1049581 up up
-#lsi.1049584 up up
#lsi.1049585 up up
#lsi.1049589 up up
#lsi.1049593 up up
+#lsi.1049595 up up
#mtun up up
#pimd up up
#pime up up
Index: configs/core.hut.412.onenet.net
===================================================================
--- configs/core.hut.412.onenet.net (revision 156495)
+++ configs/core.hut.412.onenet.net (working copy)
@@ -363,8 +363,8 @@
#lsi.1052337 up up
#lsi.1052338 up up
#lsi.1052340 up up
-#lsi.1052345 up up
#lsi.1052349 up up
+#lsi.1052351 up up
#me0 up up
#me0.0 up up
#mtun up up
Index: configs/core.hut.ard.onenet.net
===================================================================
--- configs/core.hut.ard.onenet.net (revision 156512)
+++ configs/core.hut.ard.onenet.net (working copy)
@@ -390,8 +390,8 @@
#lsi.1048987 up up
#lsi.1048988 up up
#lsi.1048990 up up
-#lsi.1048995 up up
#lsi.1048999 up up
+#lsi.1049001 up up
#me0 up up
#me0.0 up up
#mtun up up
Index: configs/core.hut.wea.onenet.net
===================================================================
--- configs/core.hut.wea.onenet.net (revision 156495)
+++ configs/core.hut.wea.onenet.net (working copy)
@@ -356,8 +356,8 @@
#lsi.1052000 up up
#lsi.1052001 up up
#lsi.1052003 up up
-#lsi.1052008 up up
#lsi.1052012 up up
+#lsi.1052014 up up
#me0 up up
#me0.0 up up
#mtun up up
Index: configs/core.hut.pra.onenet.net
===================================================================
--- configs/core.hut.pra.onenet.net (revision 156495)
+++ configs/core.hut.pra.onenet.net (working copy)
@@ -361,8 +361,8 @@
#lsi.1048827 up up
#lsi.1048828 up up
#lsi.1048830 up up
-#lsi.1048835 up up
#lsi.1048839 up up
+#lsi.1048842 up up
#me0 up up
#me0.0 up up
#mtun up up
Index: configs/core.law.onenet.net
===================================================================
--- configs/core.law.onenet.net (revision 156510)
+++ configs/core.law.onenet.net (working copy)
@@ -702,10 +702,10 @@
#lsi.1049717 up up
#lsi.1049721 up up
#lsi.1049724 up up
-#lsi.1049727 up up
#lsi.1049728 up up
#lsi.1049732 up up
#lsi.1049736 up up
+#lsi.1049738 up up
#mtun up up
#pimd up up
#pime up up
Index: configs/core.hut.sei.onenet.net
===================================================================
--- configs/core.hut.sei.onenet.net (revision 156495)
+++ configs/core.hut.sei.onenet.net (working copy)
@@ -356,8 +356,8 @@
#lsi.1049380 up up
#lsi.1049381 up up
#lsi.1049383 up up
-#lsi.1049388 up up
#lsi.1049392 up up
+#lsi.1049394 up up
#me0 up up
#me0.0 up up
#mtun up up
Index: configs/core.ada.onenet.net
===================================================================
--- configs/core.ada.onenet.net (revision 156514)
+++ configs/core.ada.onenet.net (working copy)
@@ -523,11 +523,11 @@
#lsi.1050238 up up
#lsi.1050243 up up
#lsi.1050246 up up
-#lsi.1050249 up up
#lsi.1050261 up up
#lsi.1050262 up up
#lsi.1050266 up up
#lsi.1050270 up up
+#lsi.1050272 up up
#mtun up up
#pimd up up
#pime up up
Index: configs/hub.dur.onenet.net
===================================================================
--- configs/hub.dur.onenet.net (revision 156517)
+++ configs/hub.dur.onenet.net (working copy)
@@ -433,7 +433,7 @@
#fe-2/1/1 up up
#fe-2/1/1.0 up up
#fe-2/1/2 up down
-#fe-2/1/3 down up
+#fe-2/1/3 down down
#ge-2/2/0 up up
#ge-2/2/0.0 up up
#pc-2/2/0 up up
Index: configs/core.hut.cli.onenet.net
===================================================================
--- configs/core.hut.cli.onenet.net (revision 156501)
+++ configs/core.hut.cli.onenet.net (working copy)
@@ -359,8 +359,8 @@
#lsi.1049221 up up
#lsi.1049222 up up
#lsi.1049224 up up
-#lsi.1049229 up up
#lsi.1049233 up up
+#lsi.1049235 up up
#me0 up up
#me0.0 up up
#mtun up up
Index: configs/core.dun.onenet.net
===================================================================
--- configs/core.dun.onenet.net (revision 156495)
+++ configs/core.dun.onenet.net (working copy)
@@ -491,8 +491,8 @@
#lsi.1050244 up up
#lsi.1050245 up up
#lsi.1050247 up up
-#lsi.1050252 up up
#lsi.1050256 up up
+#lsi.1050259 up up
#mtun up up
#pimd up up
#pime up up
Index: configs/core5.okc.onenet.net
===================================================================
--- configs/core5.okc.onenet.net (revision 156510)
+++ configs/core5.okc.onenet.net (working copy)
@@ -1393,12 +1393,12 @@
#lsi.1049119 up up
#lsi.1049123 up up
#lsi.1049126 up up
-#lsi.1049129 up up
#lsi.1049130 up up
#lsi.1049141 up up
#lsi.1049142 up up
#lsi.1049143 up up
#lsi.1049147 up up
+#lsi.1049149 up up
#mtun up up
#pimd up up
#pime up up
Index: configs/city-of-lawton.client.onenet.net
===================================================================
--- configs/city-of-lawton.client.onenet.net (revision 156517)
+++ configs/city-of-lawton.client.onenet.net (working copy)
@@ -1,12 +1,12 @@
# RANCID-CONTENT-TYPE: juniper
#
# grnoc-mon at CITY-OF-LAWTON-005231> show system commit
+# 2017-09-11 16:42:31 CDT by joel via cli
+# 2017-09-11 16:37:14 CDT by joel via cli commit confirmed, rollback in 5mins
+# 2017-09-11 16:09:00 CDT by joel via cli
# 2017-09-11 15:22:51 CDT by joel via cli commit confirmed, rollback in 5mins
# 2017-09-11 12:08:06 CDT by joel via cli
# 2017-09-11 09:48:29 CDT by joel via cli commit confirmed, rollback in 5mins
-# 2017-09-10 17:10:09 CDT by joel via cli
-# 2017-09-10 17:07:43 CDT by joel via cli
-# 2017-09-10 17:04:38 CDT by joel via cli
# grnoc-mon at CITY-OF-LAWTON-005231> show chassis environment
# Class Item Status Measurement
# Temp Routing Engine OK
@@ -135,7 +135,7 @@
# Time Source: NTP CLOCK
# System booted: 2017-08-25 14:03 CDT
# Protocols started: 2017-08-25 14:03 CDT
-# Last configured: 2017-09-11 15:22 CDT by joel
+# Last configured: 2017-09-11 16:42 CDT by joel
#
# grnoc-mon at CITY-OF-LAWTON-005231> show interface terse
#Interface Admin Link
@@ -230,7 +230,7 @@
#vlan up down
#vtep up up
# grnoc-mon at CITY-OF-LAWTON-005231> show configuration
-## Last commit: 2017-09-11 15:22:51 CDT by joel
+## Last commit: 2017-09-11 16:42:31 CDT by joel
version 15.1X49-D90.7;
groups {
ABUSE-DENY {
@@ -1405,8 +1405,19 @@
rule-set TRUST-TO-UNTRUST-NAT {
from zone [ TR-0100-USERS TRUST ];
to zone UNTRUST;
- rule NAT-EXEMPT-DC1 {
+ rule NAT-USERS-TO-EXEMPT-DC1 {
match {
+ source-address 10.1.0.0/16;
+ destination-address 164.58.2.192/28;
+ }
+ then {
+ source-nat {
+ off;
+ }
+ }
+ }
+ rule NAT-TRUST-TO-EXEMPT-DC1 {
+ match {
source-address 172.16.0.0/20;
destination-address 164.58.2.192/28;
}
@@ -2332,6 +2343,19 @@
}
}
}
+ policy TR-0100-SERVERS-TO-NAT-EXEMPT-ACTIVE-DIRECTORY {
+ match {
+ source-address TR-0100-USERS-10.1.0.0/16;
+ destination-address NAT-EXEMPT-ACTIVE-DIRECTORY-164.58.2.192/28;
+ application [ junos-dns-udp UNISYS-PORTS SQL-PORTS EOM-PORTS junos-smb GEMS-PORTS junos-netbios-session SMTP VIPRE-ANTIVIRUS NETBIOS MS-RPC-TCP SMB LDAP RPC-OVER-HTTP junos-ntp WSUS KERBEROS junos-http junos-https junos-icmp-all junos-dhcp-client junos-dhcp-server junos-nbname ];
+ }
+ then {
+ permit;
+ log {
+ session-init;
+ }
+ }
+ }
}
from-zone TR-0100-USERS to-zone TRUST {
apply-groups [ MAINFRAME-TRAFFIC SERVICES-TO-SERVERS ];
@@ -2682,6 +2706,21 @@
}
}
}
+ from-zone UNTRUST to-zone TR-0100-USERS {
+ policy NAT-EXEMPT-ACTIVE-DIRECTORY-TO-TR-0100-SERVERS {
+ match {
+ source-address NAT-EXEMPT-ACTIVE-DIRECTORY-164.58.2.192/28;
+ destination-address TR-0100-USERS-10.1.0.0/16;
+ application [ junos-dns-udp UNISYS-PORTS SQL-PORTS EOM-PORTS junos-smb GEMS-PORTS junos-netbios-session SMTP VIPRE-ANTIVIRUS NETBIOS MS-RPC-TCP SMB LDAP RPC-OVER-HTTP WSUS KERBEROS junos-dhcp-client junos-dhcp-server junos-icmp-all junos-nbname ];
+ }
+ then {
+ permit;
+ log {
+ session-init;
+ }
+ }
+ }
+ }
}
zones {
security-zone DMZ {
@@ -3639,7 +3678,10 @@
}
application MS-RPC-TCP {
term tcp-135 protocol tcp destination-port 135;
+ term tcp-49155 protocol tcp destination-port 49155;
+ term tcp-49156 protocol tcp destination-port 49156;
term tcp-49157 protocol tcp destination-port 49157;
+ term tcp-49158 protocol tcp destination-port 49158;
term tcp-49159 protocol tcp destination-port 49159;
}
application SMB {
Index: configs/core.hut.gra.onenet.net
===================================================================
--- configs/core.hut.gra.onenet.net (revision 156501)
+++ configs/core.hut.gra.onenet.net (working copy)
@@ -354,8 +354,8 @@
#lsi.1050155 up up
#lsi.1050156 up up
#lsi.1050158 up up
-#lsi.1050163 up up
#lsi.1050167 up up
+#lsi.1050169 up up
#me0 up up
#me0.0 up up
#mtun up up
Index: configs/core.hut.hen.onenet.net
===================================================================
--- configs/core.hut.hen.onenet.net (revision 156495)
+++ configs/core.hut.hen.onenet.net (working copy)
@@ -347,31 +347,31 @@
#lsi.3 up up
#lsi.1048791 up up
#lsi.1049107 up up
-#lsi.1049173 up up
-#lsi.1049174 up up
-#lsi.1049175 up up
-#lsi.1049176 up up
-#lsi.1049177 up up
-#lsi.1049178 up up
-#lsi.1049180 up up
-#lsi.1049181 up up
-#lsi.1049182 up up
-#lsi.1049183 up up
-#lsi.1049184 up up
-#lsi.1049185 up up
-#lsi.1049186 up up
-#lsi.1049187 up up
-#lsi.1049188 up up
-#lsi.1049189 up up
-#lsi.1049190 up up
-#lsi.1049191 up up
-#lsi.1049192 up up
-#lsi.1049193 up up
-#lsi.1049194 up up
-#lsi.1049195 up up
-#lsi.1049196 up up
-#lsi.1049197 up up
-#lsi.1049201 up up
+#lsi.1049252 up up
+#lsi.1049253 up up
+#lsi.1049254 up up
+#lsi.1049255 up up
+#lsi.1049256 up up
+#lsi.1049257 up up
+#lsi.1049258 up up
+#lsi.1049259 up up
+#lsi.1049260 up up
+#lsi.1049261 up up
+#lsi.1049262 up up
+#lsi.1049263 up up
+#lsi.1049264 up up
+#lsi.1049265 up up
+#lsi.1049266 up up
+#lsi.1049267 up up
+#lsi.1049268 up up
+#lsi.1049269 up up
+#lsi.1049270 up up
+#lsi.1049271 up up
+#lsi.1049272 up up
+#lsi.1049273 up up
+#lsi.1049274 up up
+#lsi.1049275 up up
+#lsi.1049276 up up
#me0 up up
#me0.0 up up
#mtun up up
Index: configs/perry-ps.client.onenet.net
===================================================================
--- configs/perry-ps.client.onenet.net (revision 155987)
+++ configs/perry-ps.client.onenet.net (working copy)
@@ -157,8 +157,8 @@
#ge-0/0/11 down down
#ge-0/0/12 down down
#ge-0/0/13 down down
-#ge-0/0/14 up up
-#ge-0/0/14.0 up up
+#ge-0/0/14 up down
+#ge-0/0/14.0 up down
#ge-0/0/15 up up
#ge-0/0/15.0 up up
#fxp2 up up
Index: configs/odmhsas-camhc-stigler.client.onenet.net
===================================================================
--- configs/odmhsas-camhc-stigler.client.onenet.net (revision 156517)
+++ configs/odmhsas-camhc-stigler.client.onenet.net (working copy)
@@ -951,5 +951,4 @@
1 sessions, 1 clients
Cumulative transmit rate 0.5 pps, cumulative receive rate 0.5 pps
-quit
More information about the Nocrancid
mailing list