How to Run a Script on the Firewall
http://kb.juniper.net/InfoCenter/index?page=content&id=KB10219
Here is the procedure:
Login to the device via the console, telnet, or SSH
Run the command 'set script record'
Enter the desired commands to run during the script.
Stop the recording of commands by running the command 'exit record'
Run the script with the command 'exec script frequency 5'. This will execute the script every 5 seconds
Stop the script with the command 'exec script stop'
To obtain the output of the script, issue the command 'get script'
How to modify commands in ScreenOS
http://kb.juniper.net/InfoCenter/index?page=content&id=KB25685
For example:
An address book entry is created:
SSG20-> set address "Trust" "h_internal" 1.1.1.2 255.255.255.255 This address is used in a policy:
SSG20->set policy from trust to untrust "h_internal" any ICMP-ANY permit
SSG20->get conf | i "h_internal"
set address "Trust" "h_internal" 1.1.1.2 255.255.255.255
set policy id 14 from "Trust" to "Untrust" "h_internal" "Any" "ICMP-ANY" permit
SSG20->
Now, the address has to be changed from 1.1.1.2 to 1.1.1.100 (in the same entry). So, the mod command can be used:
SSG20->mod address "Trust" "h_internal" "h_internal" 1.1.1.100 255.255.255.255 Subsequently, the configuration is changed:
SSG20->get conf | i "h_internal"
set address "Trust" "h_internal" 1.1.1.100 255.255.255.255
set policy id 14 from "Trust" to "Untrust" "h_internal" "Any" "ICMP-ANY" permit
nSSG20->
转载请注明:Kermit的网站 » 在ScreenOS上使用修改命令和运行脚本