/usr/lib/python2.7/dist-packages/jnpr/junos/cfgro/srx.yml is in python-junos-eznc 2.0.1-1.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 | ---
##### =========================================================================
##### SAMPLE SRX config-read-only tables/views
##### =========================================================================
### ---------------------------------------------------------------------------
### SRX zones and interfaces
### ---------------------------------------------------------------------------
ZoneTable:
get: security/zones/security-zone
ZoneIfsTable:
get: security/zones/security-zone/interfaces
required_keys:
security_zone: name
### ---------------------------------------------------------------------------
### SRX zone address book item table
### ---------------------------------------------------------------------------
ABitemTable:
get: security/zones/security-zone/address-book/address
required_keys:
security_zone: name
view: abitemView
abitemView:
fields:
ip_prefix: ip-prefix
### ---------------------------------------------------------------------------
### SRX zone-to-zone security policy
### ---------------------------------------------------------------------------
PolicyContextTable:
get: security/policies/policy
key:
- from-zone-name
- to-zone-name
view: policyContextView
policyContextView:
fields:
from_zone: from-zone-name
to_zone: to-zone-name
### ---------------------------------------------------------------------------
### SRX zone-to-zone security policy rules
### ---------------------------------------------------------------------------
PolicyRuleTable:
get: security/policies/policy/policy
required_keys:
policy:
- from-zone-name
- to-zone-name
view: policyRuleView
policyRuleView:
groups:
match: match
then: then
fields_match:
match_src: source-address
match_dst: destination-address
match_app: application
fields_then:
log_init : { log/session-init: flag }
action : deny | permit
|