Evil TTL - Network Solutions
Evil TTL   >   Juniper SRX SLAX Script

Evil_TTL> show | s

Juniper SRX SLAX Script

Category:Juniper -> Security

This is a ping script with 10 seconds intervals between ICMP requests.

Create a file with .slax extention with the following contents:

/*
* op script for ICMP keepalive with 10 seconds intervals which runs 5 times (or for 50 seconds), then stops unless called repeatedly once every 60 seconds
* script location: /var/db/scripts/op/icmp_keepalive.slax
* Called once every 60 seconds by event-options:
*
* set system scripts op file icmp_keepalive.slax command icmp_keepalive
* set event-options generate-event ICMP_DST_PING time-interval 60
* set event-options policy ICMP_KEEPALIVE events ICMP_DST_PING
* set event-options policy ICMP_KEEPALIVE then execute-commands commands "op icmp_keepalive"
*/

version 1.0;

ns junos "http://xml.juniper.net/junos/*/junos";
ns xnm "http://xml.juniper.net/xnm/1.1/xnm";
ns jcs "http://xml.juniper.net/junos/commit-scripts/1.0";

import "../import/junos.xsl";

match {
 <op-script-output{
  for $i(... 5){
  
   /* ================
   *  --- PING INSTANCE #1 ---
   *  ================ */
   
   var $ping-rpc {
    <ping{
     <host"10.50.50.50";
     <count"1";
     <rapid>;
     <interface> "reth1.10";
    }
   }
   var $results jcs:invoke($ping-rpc);

   /* ================
   *  --- PING INSTANCE #2 ---
   *  ================ */
   
   var $ping-rpc2 {
    <ping{
     <host"10.20.20.25";
     <count"1";
     <rapid>;
     <interface> "reth1.20";
    }
   }
   var $results2 jcs:invoke($ping-rpc2);

   /* ================
   *  --- PING INSTANCE #3 ---
   *  ================ */
   
   var $ping-rpc3 {
    <ping{
     <host"10.30.30.40";
     <count"1";
     <rapid>;
     <interface> "reth1.30";
    }
   }
   var $results3 jcs:invoke($ping-rpc3);
      
   /* Uncomment below to see ping results:
   *
   * for-each($results/*){
   * <output> name() _ ": " _ . ;} */
   
   /* =======================
   *  --- Set PING Interval - 10 seconds ---
   *  =======================*/
   
   expr jcs:sleep(10);
  }
 }

Copy SLAX script onto SRX firewall to the following location: /var/db/scripts/op/icmp_keepalive.slax. This is the default location where JunosOS looks for scripts when you call them.

Automate calling the script once every 60 seconds by event-options:

set system scripts op file icmp_keepalive.slax command icmp_keepalive
set event-options generate-event ICMP_DST_PING time-interval 60
set event-options policy ICMP_KEEPALIVE events ICMP_DST_PING
set event-options policy ICMP_KEEPALIVE then execute-commands commands "op icmp_keepalive" 
By privilege15