Merge pull request #3092 from rybnico/junos-add-hidden-secrets-and-co…

…unts junos: Replace dynamic value in VMX-BANDWIDTH with count, hide ssh keys
ytti · Mar 1, 2024 · 68d9438 · 68d9438
2 parents 335b322 + f05ae7e
commit 68d9438
Show file tree

Hide file tree

Showing 2 changed files with 3 additions and 1 deletion.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -36,6 +36,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/).
 - pfsense: exclude autogenerated firewall rule timestamps to reduce change churn from use of stuff like PFBlockerNG #2985 (@anthonysomerset)
 - ciscosmb: ignore "Please change the password" hint when doing backup. (@sharteeya)
 - dlinknextgen removes user and snmp-server secrets (@tcrichton)
+- junos: Replace dynamic value in VMX-BANDWIDTH with count, hide ssh keys
 
 
 ## Fixed

diff --git a/lib/oxidized/model/junos.rb b/lib/oxidized/model/junos.rb
@@ -1,6 +1,5 @@
 class JunOS < Oxidized::Model
   using Refinements
-
   comment '# '
 
   def telnet
@@ -10,11 +9,13 @@ def telnet
   cmd :all do |cfg|
     cfg = cfg.cut_both if screenscrape
     cfg.gsub!(/  scale-subscriber (\s+)(\d+)/, '  scale-subscriber                <count>')
+    cfg.gsub!(/VMX-BANDWIDTH\s+(\d+) (.*)/, 'VMX-BANDWIDTH                  <count> \2')
     cfg.lines.map { |line| line.rstrip }.join("\n") + "\n"
   end
 
   cmd :secret do |cfg|
     cfg.gsub!(/community (\S+) {/, 'community <hidden> {')
+    cfg.gsub!(/(ssh-(rsa|dsa|ecdsa|ecdsa-sk|ed25519|ed25519-sk) )".*; ## SECRET-DATA/, '<secret removed>')
     cfg.gsub!(/ "\$\d\$\S+; ## SECRET-DATA/, ' <secret removed>;')
     cfg
   end