external/cisco-scripts
1
0
Fork 0
mirror of https://github.com/vittorio88/cisco-scripts.git synced 2025-02-12 09:51:56 +00:00
Code Issues Releases Wiki Activity

add fix for using NVI with PAT in global VRF

Browse source
This commit is contained in:
vittorio alfieri 2015-01-12 23:45:33 +01:00
parent 1ef1393322
commit 2078381586
1 changed files with 64 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

64
fix_nvi.tcl Normal file
View file

@ -0,0 +1,64 @@
::cisco::eem::event_register_syslog pattern "$_internet_route_established_phrase"
::cisco::eem::description "This policy re-enters NVI PAT statements on command-line after address change on Internet facing interface in order to fix a Cisco bug affecting NVI and the global VRF"
namespace import ::cisco::lib::*
namespace import ::cisco::eem::*
## Please enter similar commands in global configuration mode to enable the script
# event manager environment _internet_route_established_phrase Dialer1 assigned DHCP address
# event manager directory user policy flash:/
# event manager policy fix_nvi.tcl
#
##################
# Check for global definition of environment variables
##################
# Note: _internet_route_established_phrase should be something like:
# "Dialer1 assigned DHCP address"
# or
# "Line protocol on Interface Virtual-Access1, changed state to up"
if {![info exists _internet_route_established_phrase]} {
set result /
Policy cannot be run: variable _internet_route_established_phrase is not defined
error $result $errorInfo
}
##################
# Open CLI
##################
# open cli
if [catch {cli_open} result] {error $result $errorInfo} else {array set cli $result}
# Enable
if [catch {cli_exec $cli(fd) "enable"} result] {error $result $errorInfo}
##################
# Retrieve NVI PAT statements
##################
# Note: "show run | include ip nat source static" should look like: ip nat source static tcp 192.168.33.41 22 interface Dialer1 22
# Execute CLI command and store in variable
if [catch {cli_exec $cli(fd) "show run | include ip nat source static"} result] {error $result $errorInfo} else {set nvi_pat_statements $result}
##################
# Re-enter NVI PAT statements
##################
action_syslog msg "Re-entering following NVI PAT statements:\n$nvi_pat_statements"
if [catch {cli_exec $cli(fd) "configure terminal"} result] {error $result $errorInfo}
if [catch {cli_exec $cli(fd) "$nvi_pat_statements"} result] {error $result $errorInfo}
if [catch {cli_exec $cli(fd) "end"} result] {error $result $errorInfo}
##################
# Close and clean-up
##################
action_syslog msg "Finished updating NVI statements!\n (Cisco should fix this bug, so this workaround can be removed)"
cli_close $cli(fd) $cli(tty_id)