From ms at man-da.de Tue Apr 1 09:48:56 2008 From: ms at man-da.de (Marcus Stoegbauer) Date: Tue, 01 Apr 2008 11:48:56 +0200 Subject: [rancid] Rancid on Force10 SFTOS Message-ID: <47F20508.6010400@man-da.de> Hi, in case anyone will stumble upon this in the last months of SFTOS, here is how you can make Rancid work with Force10 SFTOS: 1. Tell clogin to send "logout" instead of "exit" when working with Force10 (the diff is against rancid-2.3.2a8): --- clogin.in 2008-02-08 07:28:29.000000000 +0100 +++ clogin.in-new 2008-04-01 11:42:37.000000000 +0200 @@ -701,7 +701,11 @@ # the Cisco CE and Jnx ERX # return to non-enabled mode # on exit in enabled mode. - send -h "exit\r" + if { [ string compare "force10" "$platform" ] } { + send -h "logout\r" + } else { + send -h "exit\r" + } exp_continue; } "Would you like to save them now" { # Force10 2. Get the new f10rancid module from http://www.twoguys.org/~gregh/software/f10rancid.in The "end" of show run is actually a "end " on SFTOS, so we have to change one line. I don't know if adding a match for zero or more spaces will break anything with FTOS though (and can't test): --- f10rancid.in 2008-02-07 22:22:23.000000000 +0100 +++ f10rancid.in-new 2008-04-01 11:33:24.000000000 +0200 @@ -476,7 +476,7 @@ # catch anything that wasnt matched above. ProcessHistory("","","","$_"); # end of config. the ": " game is for the PIX - if (/^end$/) { + if (/^end *$/) { $found_end = 1; return(0); } Marcus From adam.korab at gmail.com Tue Apr 1 13:52:12 2008 From: adam.korab at gmail.com (Adam Korab) Date: Tue, 1 Apr 2008 09:52:12 -0400 Subject: [rancid] cisco line-wrap only diff Message-ID: Hi, I'm almost certain this has been addressed before, but apparently I'm not feeding htdig the proper keywords... On a Cisco 3750, I periodically get diffs that only seem to be a change in how the line wraps: - !VLAN: 31 FCIP active Gi1/0/27, Gi1/0/28, Gi2/0/27 - !VLAN: Gi2/0/28 + !VLAN: 31 FCIP active Gi1/0/27, Gi1/0/28, Gi2/0/27, Gi2/0/28 What causes this, and how can it be addressed? A pointer in the right direction or to a previous post would be great. Thanks. --Adam From rskoog at chrr.osu.edu Wed Apr 2 13:43:39 2008 From: rskoog at chrr.osu.edu (Rob Skoog) Date: Wed, 02 Apr 2008 09:43:39 -0400 Subject: [rancid] Re: cisco line-wrap only diff In-Reply-To: References: Message-ID: <47F38D8B.60405@chrr.osu.edu> Adam Korab wrote: > Hi, > > I'm almost certain this has been addressed before, but apparently I'm > not feeding htdig the proper keywords... > > On a Cisco 3750, I periodically get diffs that only seem to be a > change in how the line wraps: > > - !VLAN: 31 FCIP active Gi1/0/27, > Gi1/0/28, Gi2/0/27 > - !VLAN: Gi2/0/28 > + !VLAN: 31 FCIP active Gi1/0/27, > Gi1/0/28, Gi2/0/27, Gi2/0/28 > > > What causes this, and how can it be addressed? > > A pointer in the right direction or to a previous post would be great. > > Thanks. > > --Adam > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss I have notice this too with our 3750s. It seems to be triggered every time we change a config. Generating at least one or two more emails simply due to line wrapping. Rob From saku+rancid at ytti.fi Wed Apr 2 15:48:48 2008 From: saku+rancid at ytti.fi (Saku Ytti) Date: Wed, 2 Apr 2008 18:48:48 +0300 Subject: [rancid] Re: cisco line-wrap only diff In-Reply-To: <47F38D8B.60405@chrr.osu.edu> References: <47F38D8B.60405@chrr.osu.edu> Message-ID: <20080402154848.GB3389@mx.ytti.net> On (2008-04-02 09:43 -0400), Rob Skoog wrote: > Adam Korab wrote: > > Hi, > > > > I'm almost certain this has been addressed before, but apparently I'm > > not feeding htdig the proper keywords... > > > > On a Cisco 3750, I periodically get diffs that only seem to be a > > change in how the line wraps: > > > > - !VLAN: 31 FCIP active Gi1/0/27, > > Gi1/0/28, Gi2/0/27 > > - !VLAN: Gi2/0/28 > > + !VLAN: 31 FCIP active Gi1/0/27, > > Gi1/0/28, Gi2/0/27, Gi2/0/28 > > > > > > What causes this, and how can it be addressed? > > > > A pointer in the right direction or to a previous post would be great. Try this. [root at login1.fi.sn.net /opt/RCS/apps/rancid/bin]# hg diff -r 2 -r 3 diff -r 38749fc2620d -r 1639236c0ecd bin/clogin --- a/bin/clogin Tue Jul 10 08:50:58 2007 +0300 +++ b/bin/clogin Tue Jul 10 08:58:00 2007 +0300 @@ -582,6 +582,8 @@ proc run_commands { prompt command } { set command "set logging session disable;$command" } else { send "term length 0\r" + expect -re $prompt {} + send "term width 0\r" } # escape any parens in the prompt, such as "(enable)" regsub -all {[)(]} $prompt {\\&} reprompt @@ -869,6 +871,8 @@ foreach router [lrange $argv $i end] { send "set logging session disable\r" } else { send "term length 0\r" + expect -re $prompt {} + send "term width 0\r" } expect -re $prompt {} source $sfile > > > > Thanks. > > > > --Adam > > _______________________________________________ > > Rancid-discuss mailing list > > Rancid-discuss at shrubbery.net > > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > > I have notice this too with our 3750s. It seems to be triggered every > time we change a config. Generating at least one or two more emails > simply due to line wrapping. > > Rob > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss -- ++ytti From bgcosta at iol.pt Wed Apr 2 19:22:04 2008 From: bgcosta at iol.pt (Bruno Costa) Date: Wed, 2 Apr 2008 20:22:04 +0100 Subject: [rancid] Erase older config revisions Message-ID: <6pq3fp$eeamad@neti02smtpa.hdi.tvcabo> Hi I?m kinda of new to Rancid and I need help My network is consisted by several equipments, which on a daily basis are configured several times. Problem is, at the end of a month or 2 the number of Rancid Configs revisions are by the hundreds. Is there a way to erase or delete older revisions while keeping the most recent ones? Thkx -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20080402/a26a6866/attachment.html From mashcraft at omniture.com Wed Apr 2 21:15:13 2008 From: mashcraft at omniture.com (Mike Ashcraft) Date: Wed, 2 Apr 2008 15:15:13 -0600 Subject: [rancid] Re: Erase older config revisions In-Reply-To: <6pq3fp$eeamad@neti02smtpa.hdi.tvcabo> References: <6pq3fp$eeamad@neti02smtpa.hdi.tvcabo> Message-ID: <45EB285310B55542A513F93230F0A53304E70A4F@EXCHANGE0.orm.omniture.com> Bruno, If you don't want or need all these revisions, have you considered cutting back on how often rancid runs. Running only once a day may meet your needs. You can delete revisions in CVS. However, the revision numbers will continue to increment (will not start back at 1.1). See the CVS docs and look at the -orange option. I would only consider this if there was a disk space issue that you were dealing with. The documentation includes numerous reasons why this is not a good idea. You could also consider creating a branch every month and then adjusting rancid to check into the new branch. Mike From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Bruno Costa Sent: Wednesday, April 02, 2008 1:22 PM To: rancid-discuss at shrubbery.net Subject: [rancid] Erase older config revisions Hi I?m kinda of new to Rancid and I need help... My network is consisted by several equipments, which on a daily basis are configured several times. Problem is, at the end of a month or 2 the number of Rancid Configs revisions are by the hundreds. Is there a way to erase or delete older revisions while keeping the most recent ones? Thkx -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20080402/d268b949/attachment.html From ecables at gmail.com Thu Apr 3 02:46:36 2008 From: ecables at gmail.com (Eric Cables) Date: Wed, 2 Apr 2008 19:46:36 -0700 Subject: [rancid] Re: cisco line-wrap only diff In-Reply-To: <20080402154848.GB3389@mx.ytti.net> References: <47F38D8B.60405@chrr.osu.edu> <20080402154848.GB3389@mx.ytti.net> Message-ID: If this is the official "fix", why isn't it implemented into the next release? It seems to be a trend to just patch things up locally, instead of getting them added into the official release... is there a reason for this? On Wed, Apr 2, 2008 at 8:48 AM, Saku Ytti wrote: > On (2008-04-02 09:43 -0400), Rob Skoog wrote: > > Adam Korab wrote: > > > Hi, > > > > > > I'm almost certain this has been addressed before, but apparently I'm > > > not feeding htdig the proper keywords... > > > > > > On a Cisco 3750, I periodically get diffs that only seem to be a > > > change in how the line wraps: > > > > > > - !VLAN: 31 FCIP active Gi1/0/27, > > > Gi1/0/28, Gi2/0/27 > > > - !VLAN: Gi2/0/28 > > > + !VLAN: 31 FCIP active Gi1/0/27, > > > Gi1/0/28, Gi2/0/27, Gi2/0/28 > > > > > > > > > What causes this, and how can it be addressed? > > > > > > A pointer in the right direction or to a previous post would be great. > > Try this. > > [root at login1.fi.sn.net /opt/RCS/apps/rancid/bin]# hg diff -r 2 -r 3 > diff -r 38749fc2620d -r 1639236c0ecd bin/clogin > --- a/bin/clogin Tue Jul 10 08:50:58 2007 +0300 > +++ b/bin/clogin Tue Jul 10 08:58:00 2007 +0300 > @@ -582,6 +582,8 @@ proc run_commands { prompt command } { > set command "set logging session disable;$command" > } else { > send "term length 0\r" > + expect -re $prompt {} > + send "term width 0\r" > } > # escape any parens in the prompt, such as "(enable)" > regsub -all {[)(]} $prompt {\\&} reprompt > @@ -869,6 +871,8 @@ foreach router [lrange $argv $i end] { > send "set logging session disable\r" > } else { > send "term length 0\r" > + expect -re $prompt {} > + send "term width 0\r" > } > expect -re $prompt {} > source $sfile > > > > > > > Thanks. > > > > > > --Adam > > > _______________________________________________ > > > Rancid-discuss mailing list > > > Rancid-discuss at shrubbery.net > > > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > > > > I have notice this too with our 3750s. It seems to be triggered every > > time we change a config. Generating at least one or two more emails > > simply due to line wrapping. > > > > Rob > > _______________________________________________ > > Rancid-discuss mailing list > > Rancid-discuss at shrubbery.net > > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > > -- > ++ytti > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > -- Eric Cables -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20080402/1df8ddee/attachment.html From stpierce at att.com Thu Apr 3 15:24:10 2008 From: stpierce at att.com (PIERCE, STEVEN T (STEVE), ATTOPS) Date: Thu, 3 Apr 2008 11:24:10 -0400 Subject: [rancid] Rancid and TFTP? Message-ID: <703B56AF3EFA6D488043B41602FB321711C253B0@ACCLUST03EVS1.ugd.att.com> This is slightly off-topic, but I'd appreciate any input from others who may have encountered the same issue. I run a customer proof of concept lab and I am a happy user of RANCID and CVSWeb. I like being able to view old configs from various engagements, see diffs, etc. The one missing element is the ability for me to log into a remote Cisco device and do a simple "copy tftp flash" in order to load an older configuration from the server running RANCID. Since RANCID doesn't store complete configs, I can't figure out a way to do this. Has anyone developed a way to archive configs with RANCID and still be able to easily tftp complete configs to a remote device? I can't seem to figure this out. Or, are there other opensource tools that would fill this need? Thanks. -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20080403/6c5fb145/attachment.html From andrew.brennan+rancid at drexel.edu Thu Apr 3 17:01:28 2008 From: andrew.brennan+rancid at drexel.edu (andrew.brennan+rancid at drexel.edu) Date: Thu, 3 Apr 2008 13:01:28 -0400 (EDT) Subject: [rancid] Re: Rancid and TFTP? Message-ID: <20080403130008.M74863@dust.noc.drexel.edu> You would either need to wrap the process doing the "login, copy" with a time/date that would be passed to cvs (export the correct file to a known filename, login to the switch, tftp known file to flash) or you could put a file lookup function into the TFTPD (I looked for hooks in the remap function, but I don't see what I think would be needed). Or, you might be able to get both functions rolled together by letting a TFTPD access the CVS repository via CvsFS (http://cvsfs.sourceforge.net/) and not have to write any scripts/code at all. Haven't looked into this approach, I only thought of it a second ago. :) andrew. On Thu, 3 Apr 2008, PIERCE, STEVEN T (STEVE), ATTOPS wrote: > This is slightly off-topic, but I'd appreciate any input from others who > may have encountered the same issue. > > I run a customer proof of concept lab and I am a happy user of RANCID > and CVSWeb. I like being able to view old configs from various > engagements, see diffs, etc. The one missing element is the ability for > me to log into a remote Cisco device and do a simple "copy tftp flash" > in order to load an older configuration from the server running RANCID. > Since RANCID doesn't store complete configs, I can't figure out a way to > do this. > > Has anyone developed a way to archive configs with RANCID and still be > able to easily tftp complete configs to a remote device? I can't seem > to figure this out. Or, are there other opensource tools that would > fill this need? > > Thanks. > > From rskoog at chrr.osu.edu Thu Apr 3 17:25:33 2008 From: rskoog at chrr.osu.edu (Rob Skoog) Date: Thu, 03 Apr 2008 13:25:33 -0400 Subject: [rancid] Re: Rancid and TFTP? In-Reply-To: <703B56AF3EFA6D488043B41602FB321711C253B0@ACCLUST03EVS1.ugd.att.com> References: <703B56AF3EFA6D488043B41602FB321711C253B0@ACCLUST03EVS1.ugd.att.com> Message-ID: <47F5130D.3020304@chrr.osu.edu> PIERCE, STEVEN T (STEVE), ATTOPS wrote: > This is slightly off-topic, but I'd appreciate any input from others who > may have encountered the same issue. > > I run a customer proof of concept lab and I am a happy user of RANCID > and CVSWeb. I like being able to view old configs from various > engagements, see diffs, etc. The one missing element is the ability for > me to log into a remote Cisco device and do a simple "copy tftp flash" > in order to load an older configuration from the server running RANCID. > Since RANCID doesn't store complete configs, I can't figure out a way to > do this. > > Has anyone developed a way to archive configs with RANCID and still be > able to easily tftp complete configs to a remote device? I can't seem > to figure this out. Or, are there other opensource tools that would > fill this need? > > Thanks. > > > > ------------------------------------------------------------------------ > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss I've thought about doing this before, but haven't yet. you could use a shell script with clogin to do it though through cron. Something like: (untested) #!/bin/sh #pull config clogin device -c "copy flash tftp:\\ip\newConfig.txt" #compare to previous config if ! diff TFTPROOT\newConfig.txt TFTPROOT\CurrentConfig.txt #config is different then date=$(date --iso-8601=seconds) #archive old config mv TFTPROOT\CurrentConfig.txt ARCHIVE\config.$date.txt #make new config current mv TFTPROOT\newConfig.txt TFTPROOT\CurrentConfig.txt #config is the same else rm TFTPROOT\newConfig.txt fi Anyways, I think you get the idea... You could probably even check it into CVS as mentioned by Andrew if you wanted to get really ambitious. I'm not sure though how you could pull existing information from the CVS rancid makes and load it directly as a config. Someone else with more rancid+cvs knowledge might be able to answer your question better. Regards, Rob Skoog From stpierce at att.com Fri Apr 4 16:47:03 2008 From: stpierce at att.com (PIERCE, STEVEN T (STEVE), ATTOPS) Date: Fri, 4 Apr 2008 12:47:03 -0400 Subject: [rancid] Backup Password? Message-ID: <703B56AF3EFA6D488043B41602FB321711C5CC1A@ACCLUST03EVS1.ugd.att.com> I've searched the archives, but I can't seem to find a solution to my problem. I have my devices configured with TACACS and have created a "rancid" account on the server. When everything is properly configured and functional, RANCID works great. However, because I work in a dynamic environment, at times there is a failure (either server or change of remote config) that causes the TACACS authentication to fail. In this case, I've configured my AAA authentication line in the remote device to default to enable authentication: aaa authentication login default group tacacs+ enable During these situations, RANCID obviously fails. The enable is not the same as the TACACS username that RANCID is trying to use. Is there a way to create a "backup" or "secondary" password that RANCID can try if the first attempt to reach a device fails? Or, perhaps, better, a way for RANCID to recognize that it's not being prompted for a "Username" since AAA isn't working (it gets prompted for "Password:") and to simply enter the enable password? In this situation, I don't want RANCID to use it's username password, but the enable password. I've got to be missing something here. -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20080404/6485752e/attachment.html From ahenry41 at maine.edu Fri Apr 4 17:28:37 2008 From: ahenry41 at maine.edu (Andrew W. Henry) Date: Fri, 4 Apr 2008 13:28:37 -0400 Subject: [rancid] Re: Backup Password? In-Reply-To: <703B56AF3EFA6D488043B41602FB321711C5CC1A@ACCLUST03EVS1.ugd.att.com> References: <703B56AF3EFA6D488043B41602FB321711C5CC1A@ACCLUST03EVS1.ugd.att.com> Message-ID: <004a01c89679$50f657f0$f2e307d0$@edu> Steve, We had a similar issue here. Some of our devices support radius, some don't, and sometimes radius is broken (as in your case). Plus there are a few unfortunate cases where we share management with another group and thus must use separate accounts for those devices. Rancid only supports a single "match" from the .cloginrc file, so there is no built-in way to do what you (and we) wanted. What we did was added in support to clogin for multiple usernames/passwords for a given entry in .cloginrc. For instance, for our catalyst switches, where once we could only have: # all our catalyst switches that support radius (and the radius server is up/reachable!) add user cat-* { radiususer } add password cat-* { radiuspass } { enablepass } Now we can have: # all catalyst switches add user cat-* { {radiususer} {localuser} } add password cat-* { {radiuspass} {localuserpass} {someotherpass} {etc} } { {enablepass} {otherenablepass} {etc} } This isn't perfect, but it has worked well for us. One downside is that it has to iterate through all the possible passwords for each account listed, so it can take some time if the first login attempt fails and you have a lot of possible passwords. Since we primarily use it to back up configs, though, we don?t mind (or notice) the delay. And where we once had a sprawling .cloginrc where each special case device had to be specifically enumerated, now we can roll most device classes up into just a few lines. We modified clogin version 2.3.2a6, and I would be happy to share our diffs from this version if you or anyone is interested. I haven?t looked at the latest alpha, so I am not sure how well our changes would mesh with that. -- **************************************** Andrew W. Henry Communications Specialist awhenry at maine.edu ---------------------------------------- University of Maine System ITS, Communications and Network Services Voice (207) 561-3587 Fax (207) 561-3531 ---------------------------------------- Maine School and Library Network 1-888-FOR-MSLN (1-888-367-6756) (888 number in-state only) **************************************** From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of PIERCE, STEVEN T (STEVE), ATTOPS Sent: Friday, April 04, 2008 12:47 PM To: rancid-discuss at shrubbery.net Subject: [rancid] Backup Password? I've searched the archives, but I can't seem to find a solution to my problem. ? I have my devices configured with TACACS and have created a "rancid" account on the server.? When everything is properly configured and functional, RANCID works great. ? However, because I work in a dynamic environment, at times there is a failure (either server or change of remote config) that causes the TACACS authentication to fail.? In this case, I've configured my AAA authentication line in the remote device to default to enable authentication: ? aaa authentication login default group tacacs+ enable ? During these situations, RANCID obviously fails.? The enable is not the same as the TACACS username that RANCID is trying to use.? ? Is there a way to create a "backup" or "secondary" password that RANCID can try if the first attempt to reach a device fails? Or, perhaps, better, a way for RANCID to recognize that it's not being prompted for a "Username" since AAA isn't working (it gets prompted for "Password:") and to simply enter the enable password?? In this situation, I?don't want RANCID to use it's username password, but the enable password. ? I've got to be missing something here. ? From jeff at ocjtech.us Fri Apr 4 17:40:44 2008 From: jeff at ocjtech.us (Jeffrey Ollie) Date: Fri, 4 Apr 2008 12:40:44 -0500 Subject: [rancid] Re: Backup Password? In-Reply-To: <703B56AF3EFA6D488043B41602FB321711C5CC1A@ACCLUST03EVS1.ugd.att.com> References: <703B56AF3EFA6D488043B41602FB321711C5CC1A@ACCLUST03EVS1.ugd.att.com> Message-ID: <935ead450804041040v40cd190cxce34ecf43a9bb297@mail.gmail.com> On Fri, Apr 4, 2008 at 11:47 AM, PIERCE, STEVEN T (STEVE), ATTOPS wrote: > > Is there a way to create a "backup" or "secondary" password that RANCID can > try if the first attempt to reach a device fails? Or, perhaps, better, a way > for RANCID to recognize that it's not being prompted for a "Username" since > AAA isn't working (it gets prompted for "Password:") and to simply enter the > enable password? In this situation, I don't want RANCID to use it's > username password, but the enable password. What you can do is something like this: username rancid privilege 15 secret blahblahblah aaa authentication login default group tacacs+ local-case aaa authentication enable default group tacacs+ enable aaa authorization exec default group tacacs+ local If the TACACS+ servers are unavailable the router will fall back to a local database of users (the "username" statements). If you keep the passwords for RANCID synced between the TACACS+ server and the routers RANCID will never know that the TACACS+ server was down. You could also create an "emergency" password on your routers for humans to use when the network is having issues. Jeff From yuval.ben.ari at gmail.com Sun Apr 6 11:14:48 2008 From: yuval.ben.ari at gmail.com (Yuval Ben Ari) Date: Sun, 6 Apr 2008 14:14:48 +0300 Subject: [rancid] Re: GSR 12k - sho diag / missing subslot spa info In-Reply-To: References: <3B715C4683E2F54DBC36ECDD2CA70F5301F14628@VARESTMAIL03.mail.inthosts.net> <20070627184142.GV22136@shrubbery.net> <3B715C4683E2F54DBC36ECDD2CA70F5301F14633@VARESTMAIL03.mail.inthosts.net> <3B715C4683E2F54DBC36ECDD2CA70F5303C42979@VARESTMAIL03.mail.inthosts.net> Message-ID: it works ok but it's a bit messy and will be hard to parse (I parse the PID/SN from there) any idea why we need the "raw" keyword? without it I still seem to have all the info I need. also I noticed that a 4GE-SFP-LC= linecard appears as PID: 800-22811-06 instead of the part name. any idea if it's a bug? On Mon, Mar 3, 2008 at 8:57 PM, Yuval Ben Ari wrote: > thanks!, I will try it > > On Mon, Mar 3, 2008 at 7:16 AM, Elliott, Andrew wrote: > > > # This routine parses "show inventory". > > sub ShowInventory { > > print STDERR " In ShowInventory: $_" if ($debug); > > > > while () { > > tr/\015//d; > > return if (/^\s*\^$/); > > last if (/^$prompt/); > > next if (/^(\s*|\s*$cmd\s*)$/); > > return(1) if /Line has invalid autocommand /; > > return(1) if /(Invalid input detected|Type help or )/; > > return(-1) if (/command authorization failed/i); > > # the pager can not be disabled per-session on the PIX > > if (/^(<-+ More -+>)/) { > > my($len) = length($1); > > s/^$1\s{$len}//; > > } > > > > if (/^(NAME: "[^"]*",) (DESCR: "[^"]+")/) { > > ProcessHistory("INVENTORY","","", sprintf("!%-30s %s\n", $1, > > $2)); > > next; > > } > > # split PID/VID/SN line > > if (/^PID: (\S*)\s*, VID: (\S*)\s*, SN: (\S*)\s*$/) { > > my($entries) = ""; > > $entries .= "!PID: $1\n" if ($1); > > $entries .= "!VID: $2\n" if ($2); > > $entries .= "!SN: $3\n" if ($3); > > ProcessHistory("INVENTORY","","", "$entries"); > > next; > > } > > ProcessHistory("INVENTORY","","","!$_"); > > } > > ProcessHistory("INVENTORY","","","!\n"); > > > > return(0); > > } > > > > And add this to your command table: > > > > @commandtable = ( > > {'show inventory raw' => 'ShowInventory'}, > > > > > > --- > > Andrew Elliott > > XO Communications > > desk: 989.758.6987 > > cell: 989.213.5794 > > > > > > > > > > > > > > ________________________________ > > > > From: Yuval Ben Ari [mailto:yuval.ben.ari at gmail.com] > > Sent: Sunday, March 02, 2008 9:13 AM > > To: Elliott, Andrew > > Cc: rancid-discuss at shrubbery.net > > Subject: Re: [rancid] Re: GSR 12k - sho diag / missing subslot > > spa info > > > > > > I am also having the same problem, and I am also interested to > > have the S/N of the SPA > > Indeed "show inventory" seems the best way to do it. > > has anyone added "show inventory" parser yet? > > otherwise I can try to add it and post here. > > > > Yuval > > > > > > On Wed, Jun 27, 2007 at 10:50 PM, Elliott, Andrew > > wrote: > > > > > > > > > > Hello, > > > > > > > > I have been recently asked that my router backups > > include > > > the SUBSLOT > > > > line from 'sho diag' on the 12k's. > > > > > > > > Here is an example (trimmed for brevity) of the > > output I > > > want rancid to > > > > parse: > > > > > > > > SLOT 1 (RP/LC 1 ): Modular SPA Interface Card (10G) > > > > -snip- > > > > > > > > SPA Information: > > > > subslot 1/0: SPA-10X1GE-V2 (0x508), status > > is ok > > > > subslot 1/1: Empty > > > > subslot 1/2: Empty > > > > subslot 1/3: Empty > > > > > > > > SUBSLOT 1/0 (SPA-10X1GE-V2): 10-port Gigabit > > Ethernet Shared Port > > > > Adapter > > > > Product Identifier (PID) : SPA-10X1GE-V2 > > > > -snip- > > > > > > > > This is a new card type that we have recently begun > > deploying, and > > > > currently all that is backed up is the main SPA IC > > > information, not the > > > > info on the "SUBSLOT" or "SPA -> subslot" lines. > > > > > > I'd need to have the complete output; I don't have > > GSRs anymore. > > > > > > > CHR1.NYC-NY#sho diag 1 > > > > > > SLOT 1 (RP/LC 1 ): Modular SPA Interface Card (10G) > > > > MAIN: type 149, 00-0000-00 rev A0 > > Deviation: D090170 > > HW config: 0x20 SW key: 00-00-00 > > PCA: 00-00000-00 rev A0 ver 4 > > Design Release 1.0 S/N SAD000000M0 > > MBUS: Embedded Agent > > Test hist: 0x00 RMA#: 00-00-00 RMA hist: > > 0x00 > > DIAG: Test count: 0x00000000 Test results: > > 0x00000000 > > FRU: Linecard/Module: 12000-SIP-601= > > Processor Memory: MEM-LC5-2048=(Non-Replaceable) > > Packet Memory: MEM-LC5-PKT-256=(Non-Replaceable) > > L3 Engine: 5 - ISE 10 Gbps > > MBUS Agent Software version 2.51 (RAM) (ROM version is > > 3.50) > > ROM Monitor version 17.1 > > Fabric Downloader version used 4.1 (ROM version is 4.1) > > Primary clock is CSC 1 > > Board is analyzed > > Board State is Line Card Enabled (IOS RUN ) > > Insertion time: 00:22:52 (2w4d ago) > > Processor Memory size: 2147483648 bytes > > TX Packet Memory size: 268435456 bytes, Packet Memory > > pagesize: 32768 > > bytes > > RX Packet Memory size: 268435456 bytes, Packet Memory > > pagesize: 32768 > > bytes > > 0 crashes since restart > > > > > > SPA Information: > > subslot 1/0: SPA-10X1GE-V2 (0x508), status is ok > > subslot 1/1: Empty > > subslot 1/2: Empty > > subslot 1/3: Empty > > > > CHR1.NYC-NY# > > > > > > > > > > > It is possible I am using a version of rancid that > > needs to > > > be upgraded > > > > and/or patched. > > > > > > possibly. 'show inventory' has been added and that > > ought to > > > include this > > > information...if cisco has gotten around to adding it > > to this platform > > > yet. > > > > > > > > > Looks like this might be the best way to go. From the > > show inventory: > > > > NAME: "slot 1", DESCR: "ISE 10G Modular Services Card > > v2" > > PID: 12000-SIP-601 , VID: V02, SN: SAD111403M0 > > > > NAME: "SPA subslot 1/0", DESCR: "10-port Gigabit > > Ethernet Shared Port > > Adapter" > > PID: SPA-10X1GE-V2 , VID: V01, SN: JAB111701NG > > > > > > _______________________________________________ > > Rancid-discuss mailing list > > Rancid-discuss at shrubbery.net > > > > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > > > > > > > > > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20080406/75d6a38a/attachment.html From john at sackheads.org Mon Apr 7 13:36:06 2008 From: john at sackheads.org (John Payne) Date: Mon, 7 Apr 2008 09:36:06 -0400 Subject: [rancid] Re: End of run not found In-Reply-To: <4EF9D3EC-D910-4720-BE6A-A4264586B87F@sackheads.org> References: <509d59e0803071316l60a559aeq2cc9a64ed13b8a59@mail.gmail.com> <509d59e0803100642q133e7b31k765f91c2a38199c3@mail.gmail.com> <3435B936-5DB7-4ED8-B8A7-58D148AEF4E3@sackheads.org> <8423e7bb0803171007h3d56f2dci6ad6162b47e900ac@mail.gmail.com> <4EF9D3EC-D910-4720-BE6A-A4264586B87F@sackheads.org> Message-ID: On Mar 24, 2008, at 2:18 PM, John Payne wrote: > > On Mar 17, 2008, at 1:07 PM, Lance Vermilion wrote: > >> John Payne, >> >> Did the patching of expect fix you? > > Yep! Actually... only mostly. I've still got 2 boxes that block and timeout :( > >> >> -lance >> >> On 3/17/08, John Payne wrote: >>> >>> >>> On Mar 17, 2008, at 10:20 AM, John Payne wrote: >>> >>> >>> On Mar 10, 2008, at 9:42 AM, Raymond Venner wrote: >>> >>> Greetings, >>> Still no luck with this issue and can't seem to find any >>> informational >>> threads online. This seems to be CAT os related but I can't seem to >>> pinpoint the issue. Any info would be greatly appreciated.. >>> >>> I'm having similar problems with SOME IOS devices. >>> running rancid manually with -d I see it hanging on show >>> controllers... >>> >>> Actually, a bit more digging... it looks like some kind of >>> buffering issue. >>> >>> ## $Id: clogin.in,v 1.77 2004/03/12 05:44:06 asp Exp $ >>> >>> with a clogin -c 'show controllers' works fine. >>> >>> clogin from 2.3.2a7: >>> ## $Id: clogin.in,v 1.107 2006/12/08 21:28:25 heas Exp $ >>> >>> with a clogin -c 'show controllers' hangs after >>> Fifo13, and >>> then eventually completes (several minutes later). >>> >>> I see similar things with 'show run' on a different device. >>> >>> Of course... that sent me hunting and it looks like I'm using an >>> unpatched >>> expect. >>> >>> *sigh* >>> >>> >>> >>> >>> >>> >>> >>> On Fri, Mar 7, 2008 at 5:16 PM, Raymond Venner >>> wrote: >>>> >>>> Trying to run rancid on the following devices >>>> >>>> WS-C6506 >>>> WS-C6509 >>>> but keep getting the following error. >>>> >>>> End of run not found >>>> >>>> Anybody know of a fix? >>>> >>>> Thanks in advance. >>> >>> _______________________________________________ >>> Rancid-discuss mailing list >>> Rancid-discuss at shrubbery.net >>> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss >>> _______________________________________________ >>> Rancid-discuss mailing list >>> Rancid-discuss at shrubbery.net >>> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss >>> >>> _______________________________________________ >>> Rancid-discuss mailing list >>> Rancid-discuss at shrubbery.net >>> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss >>> >> > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > From mstefani at redhat.com Mon Apr 7 15:49:09 2008 From: mstefani at redhat.com (Michael Stefaniuc) Date: Mon, 07 Apr 2008 17:49:09 +0200 Subject: [rancid] [PATCH] Preliminary support for Cisco's SANOS devices Message-ID: <47FA4275.3010307@redhat.com> Hello guys, attached is a patch against 2.3.2a8 to add preliminary support for Cisco's SANOS devices. Idea for the patch loosely based on http://www.shrubbery.net/pipermail/rancid-discuss/2008-March/002881.html License: Whatever it takes to get the patch accepted upstream. bye michael -- Michael Stefaniuc Tel.: +49-711-96437-199 Consulting Communications Engineer Fax.: +49-711-96437-111 -------------------------------------------------------------------- Reg. Adresse: Red Hat GmbH, Hauptst?tter Strasse 58, 70178 Stuttgart Handelsregister: Amtsgericht Stuttgart HRB 153243 Gesch?ftsf?hrer: Brendan Lane, Charlie Peters, Michael Cunningham, Werner Knoblich -------------- next part -------------- A non-text attachment was scrubbed... Name: rancid-2.3.2a8-sanos.patch Type: text/x-patch Size: 1510 bytes Desc: not available Url : http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20080407/8d3937f6/attachment.bin -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 251 bytes Desc: OpenPGP digital signature Url : http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20080407/8d3937f6/attachment-0001.bin From jbilder at csstars.com Mon Apr 7 16:20:45 2008 From: jbilder at csstars.com (Bilder, Jeff) Date: Mon, 7 Apr 2008 11:20:45 -0500 Subject: [rancid] Support for Cisco's WAAS device. In-Reply-To: <47FA4275.3010307@redhat.com> References: <47FA4275.3010307@redhat.com> Message-ID: I see there were previous posts about using rancid to grab configuration files from Cisco's WAAS device and that it closely resembles and agm. Has anyone been able to get this working successfully? Thanks, JB From egirard at focustsi.com Mon Apr 7 16:42:11 2008 From: egirard at focustsi.com (Eric Girard) Date: Mon, 7 Apr 2008 12:42:11 -0400 Subject: [rancid] Re: Support for Cisco's WAAS device. In-Reply-To: References: <47FA4275.3010307@redhat.com> Message-ID: Jeff, I had made an attempt at getting it to work, but my RANCID/expect/TCL skills left a little to be desired. I can however make a box available to someone who knows RANCID a little better. Eric Eric Girard Systems Engineer Focus Technology Solutions, Inc. -----Original Message----- From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Bilder, Jeff Sent: Monday, April 07, 2008 12:21 PM To: rancid-discuss at shrubbery.net Subject: [rancid] Support for Cisco's WAAS device. I see there were previous posts about using rancid to grab configuration files from Cisco's WAAS device and that it closely resembles and agm. Has anyone been able to get this working successfully? Thanks, JB _______________________________________________ Rancid-discuss mailing list Rancid-discuss at shrubbery.net http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss From rskjels at pogostick.net Wed Apr 9 10:08:43 2008 From: rskjels at pogostick.net (Rikard Stemland Skjelsvik) Date: Wed, 9 Apr 2008 12:08:43 +0200 (MEST) Subject: [rancid] wrapper script and routers.[up|down|failed|all] Message-ID: First i would like to take the opportunity to thank the developpers of Rancid. >From what i can gather, rancid-run will not bother to get configs from routers marked as down in router.db. Does anyone have a quick shellscript that would ping en entry in router.db, and mark the host as down if it does not get a ping, and mark the host as up if the host responds to ping? When collecting up to hundreds of hosts, i belive this could speed up the backup. I am also confused about the files: routers.failed routers.all routers.down routers.up It seems that routers.down is populated during a rancid-run, but is emptied when the rancid-run process quits. I thought that these files would give the status of the last run. Thank you! Regards, Rikard From wshuffman2 at gmail.com Thu Apr 10 18:24:38 2008 From: wshuffman2 at gmail.com (Scott Huffman) Date: Thu, 10 Apr 2008 14:24:38 -0400 Subject: [rancid] Jrancid Log Messages Message-ID: <1d8095b20804101124v631fcd26ya03939c271e6c59@mail.gmail.com> Has anyone tried adding "show log messages" to the jrancid file? I tried adding it but it doesn't seem to be working and I'm not sure how to troubleshoot it either. Any suggestions would be greatly appreciated. Thanks Scott -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20080410/6a6b74c9/attachment.html From CBell at thig.com Mon Apr 14 11:21:36 2008 From: CBell at thig.com (Chris Bell) Date: Mon, 14 Apr 2008 07:21:36 -0400 Subject: [rancid] SFTOS and Rancid Message-ID: Good morning, We've recently begun purchasing S50V Force 10 switches to power our VoIP rollout. We currently use the E1200 by Force 10 as our core switch. RANCID and the E1200 (FTOS ver. 6.5.3.1) get along beautifully "out of the box". However the S50V's and RANCID do not. Specifically the SFTOS (ver. 2.5.2.2) requires the command "quit" to exit the switch after logging out of exec mode with "exit". I'm sure this is something very easy on my end to fix, but I can't seem to figure out where to place the command "quit" in place of "exit" to get this to work. Also, the S50V's have the annoying habit of asking "Are you sure you want to do this" whenever using tftp or even saving the config. Is there a way to have clogin/f10rancid answer these? I use some clogin scripts to backup all of our devices to a tftp server each night, in addition to the typical RANCID hourly backups we do. Sorry if these seem like basic questions, but I understand little about programming. I do know that RANICD is probably the most important tool I have though and it's imperative that I get it working with these switches. I'm currently using RANCID with the HP Procurve 3400cl's and a variety of Cisco routers, ASA's, and PIX's with no issues. Thanks so much for the help in advance and please let me know if I need to clarify. Christopher Bell Network Administrator Tower Hill Insurance Group 352-333-1734 ext 1734 CONFIDENTIAL NOTICE: This email including any attachments, contains confidential information belonging to the sender. It may also be privileged or otherwise protected by work product immunity or other legal rules. This information is intended only for the use of the individual or entity named above. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution or the taking of any action in reliance on the contents of this emailed information is strictly prohibited. If you have received this email in error, please immediately notify us by reply email of the error and then delete this email immediately. From john at sackheads.org Mon Apr 14 13:47:40 2008 From: john at sackheads.org (John Payne) Date: Mon, 14 Apr 2008 09:47:40 -0400 Subject: [rancid] Re: End of run not found In-Reply-To: References: <509d59e0803071316l60a559aeq2cc9a64ed13b8a59@mail.gmail.com> <509d59e0803100642q133e7b31k765f91c2a38199c3@mail.gmail.com> <3435B936-5DB7-4ED8-B8A7-58D148AEF4E3@sackheads.org> <8423e7bb0803171007h3d56f2dci6ad6162b47e900ac@mail.gmail.com> <4EF9D3EC-D910-4720-BE6A-A4264586B87F@sackheads.org> Message-ID: <0D9F5CD1-708F-40B3-A442-5B6517BC87E6@sackheads.org> On Apr 7, 2008, at 9:36 AM, John Payne wrote: > > On Mar 24, 2008, at 2:18 PM, John Payne wrote: > >> >> On Mar 17, 2008, at 1:07 PM, Lance Vermilion wrote: >> >>> John Payne, >>> >>> Did the patching of expect fix you? >> >> Yep! > > Actually... only mostly. I've still got 2 boxes that block and > timeout :( For the boxes I have remaining that block and timeout, I've noticed that when I do a clogin followed by term len 0 and sh run, it blocks at the ntp servers. If I hit ctrl-c, it continues and finishes. These boxes don't have the longest configs, but it's every time on the same ones. > >> >>> >>> -lance >>> >>> On 3/17/08, John Payne wrote: >>>> >>>> >>>> On Mar 17, 2008, at 10:20 AM, John Payne wrote: >>>> >>>> >>>> On Mar 10, 2008, at 9:42 AM, Raymond Venner wrote: >>>> >>>> Greetings, >>>> Still no luck with this issue and can't seem to find any >>>> informational >>>> threads online. This seems to be CAT os related but I can't >>>> seem to >>>> pinpoint the issue. Any info would be greatly appreciated.. >>>> >>>> I'm having similar problems with SOME IOS devices. >>>> running rancid manually with -d I see it hanging on show >>>> controllers... >>>> >>>> Actually, a bit more digging... it looks like some kind of >>>> buffering issue. >>>> >>>> ## $Id: clogin.in,v 1.77 2004/03/12 05:44:06 asp Exp $ >>>> >>>> with a clogin -c 'show controllers' works fine. >>>> >>>> clogin from 2.3.2a7: >>>> ## $Id: clogin.in,v 1.107 2006/12/08 21:28:25 heas Exp $ >>>> >>>> with a clogin -c 'show controllers' hangs after >>>> Fifo13, and >>>> then eventually completes (several minutes later). >>>> >>>> I see similar things with 'show run' on a different device. >>>> >>>> Of course... that sent me hunting and it looks like I'm using an >>>> unpatched >>>> expect. >>>> >>>> *sigh* >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> On Fri, Mar 7, 2008 at 5:16 PM, Raymond Venner >>>> wrote: >>>>> >>>>> Trying to run rancid on the following devices >>>>> >>>>> WS-C6506 >>>>> WS-C6509 >>>>> but keep getting the following error. >>>>> >>>>> End of run not found >>>>> >>>>> Anybody know of a fix? >>>>> >>>>> Thanks in advance. >>>> >>>> _______________________________________________ >>>> Rancid-discuss mailing list >>>> Rancid-discuss at shrubbery.net >>>> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss >>>> _______________________________________________ >>>> Rancid-discuss mailing list >>>> Rancid-discuss at shrubbery.net >>>> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss >>>> >>>> _______________________________________________ >>>> Rancid-discuss mailing list >>>> Rancid-discuss at shrubbery.net >>>> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss >>>> >>> >> >> _______________________________________________ >> Rancid-discuss mailing list >> Rancid-discuss at shrubbery.net >> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss >> > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > From bgcosta at iol.pt Fri Apr 11 19:52:27 2008 From: bgcosta at iol.pt (Bruno Costa) Date: Fri, 11 Apr 2008 20:52:27 +0100 Subject: [rancid] CatOs Message-ID: <6q9hhd$ehp6ih@neti04smtpa.hdi.tvcabo> Good evening I need help please I have some cisco switches still using CatOs. I try to run Rancid on them, but I cannot get the configs. I solved the whole ?enable? password problem, and clogin is working fine with the CatOs switches. Nonetheless it doesn?t retrieve the configurarions. Is there any way to do it? Thkx -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20080411/a7c84e22/attachment.html From rancid at gheek.net Mon Apr 14 16:52:31 2008 From: rancid at gheek.net (Lance Vermilion) Date: Mon, 14 Apr 2008 09:52:31 -0700 Subject: [rancid] Re: CatOs In-Reply-To: <6q9hhd$ehp6ih@neti04smtpa.hdi.tvcabo> References: <6q9hhd$ehp6ih@neti04smtpa.hdi.tvcabo> Message-ID: <8423e7bb0804140952l81222fapecd1d7fb2ac9a742@mail.gmail.com> Do you have the device saved as catos in your router.db? On Fri, Apr 11, 2008 at 12:52 PM, Bruno Costa wrote: > Good evening > > > > I need help please > > > > I have some cisco switches still using CatOs. I try to run Rancid on them, > but I cannot get the configs. > > > > I solved the whole "enable" password problem, and clogin is working fine > with the CatOs switches. Nonetheless it doesn?t retrieve the configurarions. > > > > Is there any way to do it? > > > > Thkx > > > > > > > > > > > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20080414/722087a9/attachment.html From zarahel at iol.pt Mon Apr 14 17:42:19 2008 From: zarahel at iol.pt (Zarahel) Date: Mon, 14 Apr 2008 18:42:19 +0100 Subject: [rancid] Re: CatOs In-Reply-To: <8423e7bb0804140952l81222fapecd1d7fb2ac9a742@mail.gmail.com> Message-ID: <6qod4e$ehluve@neti03smtpa.hdi.tvcabo> No I didn?t knew that was possible. So, instead of routername:cisco:up, what is it? How do I define Catos in router.db? Thkx _____ De: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] Em nome de Lance Vermilion Enviada: segunda-feira, 14 de Abril de 2008 17:53 Para: Bruno Costa Cc: rancid-discuss at shrubbery.net Assunto: [rancid] Re: CatOs Do you have the device saved as catos in your router.db? On Fri, Apr 11, 2008 at 12:52 PM, Bruno Costa wrote: Good evening I need help please I have some cisco switches still using CatOs. I try to run Rancid on them, but I cannot get the configs. I solved the whole "enable" password problem, and clogin is working fine with the CatOs switches. Nonetheless it doesn?t retrieve the configurarions. Is there any way to do it? Thkx _______________________________________________ Rancid-discuss mailing list Rancid-discuss at shrubbery.net http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20080414/e012ec9b/attachment.html From rancid at gheek.net Mon Apr 14 17:47:44 2008 From: rancid at gheek.net (Lance Vermilion) Date: Mon, 14 Apr 2008 10:47:44 -0700 Subject: [rancid] Re: CatOs In-Reply-To: <6qod4e$ehluve@neti03smtpa.hdi.tvcabo> References: <8423e7bb0804140952l81222fapecd1d7fb2ac9a742@mail.gmail.com> <6qod4e$ehluve@neti03smtpa.hdi.tvcabo> Message-ID: <8423e7bb0804141047yefed83fs32c81bb8b3e8a874@mail.gmail.com> mydevice:cat5:up On Mon, Apr 14, 2008 at 10:42 AM, Zarahel wrote: > No > > > > I didn?t knew that was possible. So, instead of routername:cisco:up, what > is it? How do I define Catos in router.db? > > > > Thkx > > > ------------------------------ > > *De:* rancid-discuss-bounces at shrubbery.net [mailto: > rancid-discuss-bounces at shrubbery.net] *Em nome de *Lance Vermilion > *Enviada:* segunda-feira, 14 de Abril de 2008 17:53 > *Para:* Bruno Costa > *Cc:* rancid-discuss at shrubbery.net > *Assunto:* [rancid] Re: CatOs > > > > Do you have the device saved as catos in your router.db? > > On Fri, Apr 11, 2008 at 12:52 PM, Bruno Costa wrote: > > Good evening > > > > I need help please > > > > I have some cisco switches still using CatOs. I try to run Rancid on them, > but I cannot get the configs. > > > > I solved the whole "enable" password problem, and clogin is working fine > with the CatOs switches. Nonetheless it doesn?t retrieve the configurarions. > > > > Is there any way to do it? > > > > Thkx > > > > > > > > > > > > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > > > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20080414/f0fa271a/attachment.html From wshuffman2 at gmail.com Mon Apr 14 20:09:48 2008 From: wshuffman2 at gmail.com (Scott Huffman) Date: Mon, 14 Apr 2008 16:09:48 -0400 Subject: [rancid] Debug Rancid Message-ID: <1d8095b20804141309p39bbf5d9g10d2609913f095f2@mail.gmail.com> Is there a way to get more detailed logs out of rancid-run? I was trying to edit the jrancid file to add "show log messages" and now I have rancid in a state where it won't run. I have tried restoring everything back to where I started but it doesn't seem to work. Rancid-run now just hangs when running it manually. I have tried setting all the devices down in router.db, but it still tries to access all the routers for some reason. When I run it, I get this in my processes: Rancid:~ $ ps -A | grep rancid 237 p0 S+ 0:00.02 /bin/sh /opt/local/bin/rancid-run 238 p0 S+ 0:00.01 /bin/sh /opt/local/bin/rancid-run 242 p0 S+ 0:00.11 /bin/sh /opt/local/libexec/rancid/control_rancid jrou 353 p0 S+ 0:00.03 /opt/local/bin/perl /opt/local/libexec/rancid/par -q 354 p0 S+ 0:00.01 sh -c (rancid-fe \Accent-m20-re1:juniper) 355 p0 S+ 0:00.01 sh -c (rancid-fe \Barracuda-m40e-re1:juniper) 356 p0 S+ 0:00.01 sh -c (rancid-fe \Barracuda-m7i-backup:juniper) 357 p0 S+ 0:00.01 sh -c (rancid-fe \Barracuda-t320:juniper) 358 p0 S+ 0:00.01 sh -c (rancid-fe \Mustang-m7i:juniper) 359 p0 S+ 0:00.01 sh /opt/local/libexec/rancid/jrancid Accent-m20-re1 360 p0 S+ 0:00.01 sh /opt/local/libexec/rancid/jrancid Barracuda-m40e-re1 361 p0 S+ 0:00.01 sh /opt/local/libexec/rancid/jrancid Barracuda-m7i-backup 362 p0 S+ 0:00.01 sh /opt/local/libexec/rancid/jrancid Barracuda-t320 363 p0 S+ 0:00.01 sh /opt/local/libexec/rancid/jrancid Mustang-m7i 408 p1 R+ 0:00.00 grep rancid Rancid:~ $ And this for logs: Rancid:~ $ cat /opt/local/var/rancid/logs/jrouters.20080414.151921 starting: Mon Apr 14 15:19:21 EDT 2008 Trying to get all of the configs. Rancid:~ $ Any suggestions would be greatly appreciated Thanks Scott -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20080414/920cf54d/attachment.html From rancid at gheek.net Mon Apr 14 20:44:51 2008 From: rancid at gheek.net (Lance Vermilion) Date: Mon, 14 Apr 2008 13:44:51 -0700 Subject: [rancid] Re: Debug Rancid In-Reply-To: <1d8095b20804141309p39bbf5d9g10d2609913f095f2@mail.gmail.com> References: <1d8095b20804141309p39bbf5d9g10d2609913f095f2@mail.gmail.com> Message-ID: <8423e7bb0804141344g5fca22c0wc52f7be05b33ec54@mail.gmail.com> you would need to run the rancid script with the debug flag set. don't run rancid-run. jrancid -d or jlogin -d Assuming those scripts support that. On Mon, Apr 14, 2008 at 1:09 PM, Scott Huffman wrote: > Is there a way to get more detailed logs out of rancid-run? > > I was trying to edit the jrancid file to add "show log messages" and now I > have rancid in a state where it won't run. I have tried restoring > everything back to where I started but it doesn't seem to work. Rancid-run > now just hangs when running it manually. > > I have tried setting all the devices down in router.db, but it still tries > to access all the routers for some reason. When I run it, I get this in my > processes: > > > Rancid:~ $ ps -A | grep rancid > 237 p0 S+ 0:00.02 /bin/sh /opt/local/bin/rancid-run > 238 p0 S+ 0:00.01 /bin/sh /opt/local/bin/rancid-run > 242 p0 S+ 0:00.11 /bin/sh /opt/local/libexec/rancid/control_rancid > jrou > 353 p0 S+ 0:00.03 /opt/local/bin/perl > /opt/local/libexec/rancid/par -q > 354 p0 S+ 0:00.01 sh -c (rancid-fe \Accent-m20-re1:juniper) > 355 p0 S+ 0:00.01 sh -c (rancid-fe \Barracuda-m40e-re1:juniper) > 356 p0 S+ 0:00.01 sh -c (rancid-fe \Barracuda-m7i-backup:juniper) > 357 p0 S+ 0:00.01 sh -c (rancid-fe \Barracuda-t320:juniper) > 358 p0 S+ 0:00.01 sh -c (rancid-fe \Mustang-m7i:juniper) > 359 p0 S+ 0:00.01 sh /opt/local/libexec/rancid/jrancid > Accent-m20-re1 > 360 p0 S+ 0:00.01 sh /opt/local/libexec/rancid/jrancid > Barracuda-m40e-re1 > 361 p0 S+ 0:00.01 sh /opt/local/libexec/rancid/jrancid > Barracuda-m7i-backup > 362 p0 S+ 0:00.01 sh /opt/local/libexec/rancid/jrancid > Barracuda-t320 > 363 p0 S+ 0:00.01 sh /opt/local/libexec/rancid/jrancid Mustang-m7i > 408 p1 R+ 0:00.00 grep rancid > Rancid:~ $ > > And this for logs: > > > Rancid:~ $ cat /opt/local/var/rancid/logs/jrouters.20080414.151921 > starting: Mon Apr 14 15:19:21 EDT 2008 > > > > Trying to get all of the configs. > Rancid:~ $ > > Any suggestions would be greatly appreciated > Thanks > Scott > > > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20080414/c05c2a3a/attachment.html From wshuffman2 at gmail.com Tue Apr 15 14:24:42 2008 From: wshuffman2 at gmail.com (Scott Huffman) Date: Tue, 15 Apr 2008 10:24:42 -0400 Subject: [rancid] Re: Debug Rancid In-Reply-To: <8423e7bb0804141344g5fca22c0wc52f7be05b33ec54@mail.gmail.com> References: <1d8095b20804141309p39bbf5d9g10d2609913f095f2@mail.gmail.com> <8423e7bb0804141344g5fca22c0wc52f7be05b33ec54@mail.gmail.com> Message-ID: <1d8095b20804150724x4b33e138k6ad2fa439dba2444@mail.gmail.com> The jlogin works fine, the jrancid -d doesn't do anything, just hangs. I don't see any logs either when I run just the jrancid -d. I believe it is a CVS issue, but not sure. On Mon, Apr 14, 2008 at 4:44 PM, Lance Vermilion wrote: > you would need to run the rancid script with the debug flag set. don't run > rancid-run. > > jrancid -d > or > jlogin -d > > Assuming those scripts support that. > > On Mon, Apr 14, 2008 at 1:09 PM, Scott Huffman > wrote: > > > Is there a way to get more detailed logs out of rancid-run? > > > > I was trying to edit the jrancid file to add "show log messages" and now > > I have rancid in a state where it won't run. I have tried restoring > > everything back to where I started but it doesn't seem to work. Rancid-run > > now just hangs when running it manually. > > > > I have tried setting all the devices down in router.db, but it still > > tries to access all the routers for some reason. When I run it, I get this > > in my processes: > > > > > > Rancid:~ $ ps -A | grep rancid > > 237 p0 S+ 0:00.02 /bin/sh /opt/local/bin/rancid-run > > 238 p0 S+ 0:00.01 /bin/sh /opt/local/bin/rancid-run > > 242 p0 S+ 0:00.11 /bin/sh > > /opt/local/libexec/rancid/control_rancid jrou > > 353 p0 S+ 0:00.03 /opt/local/bin/perl > > /opt/local/libexec/rancid/par -q > > 354 p0 S+ 0:00.01 sh -c (rancid-fe \Accent-m20-re1:juniper) > > 355 p0 S+ 0:00.01 sh -c (rancid-fe \Barracuda-m40e-re1:juniper) > > 356 p0 S+ 0:00.01 sh -c (rancid-fe > > \Barracuda-m7i-backup:juniper) > > 357 p0 S+ 0:00.01 sh -c (rancid-fe \Barracuda-t320:juniper) > > 358 p0 S+ 0:00.01 sh -c (rancid-fe \Mustang-m7i:juniper) > > 359 p0 S+ 0:00.01 sh /opt/local/libexec/rancid/jrancid > > Accent-m20-re1 > > 360 p0 S+ 0:00.01 sh /opt/local/libexec/rancid/jrancid > > Barracuda-m40e-re1 > > 361 p0 S+ 0:00.01 sh /opt/local/libexec/rancid/jrancid > > Barracuda-m7i-backup > > 362 p0 S+ 0:00.01 sh /opt/local/libexec/rancid/jrancid > > Barracuda-t320 > > 363 p0 S+ 0:00.01 sh /opt/local/libexec/rancid/jrancid > > Mustang-m7i > > 408 p1 R+ 0:00.00 grep rancid > > Rancid:~ $ > > > > And this for logs: > > > > > > Rancid:~ $ cat /opt/local/var/rancid/logs/jrouters.20080414.151921 > > starting: Mon Apr 14 15:19:21 EDT 2008 > > > > > > > > Trying to get all of the configs. > > Rancid:~ $ > > > > Any suggestions would be greatly appreciated > > Thanks > > Scott > > > > > > > > _______________________________________________ > > Rancid-discuss mailing list > > Rancid-discuss at shrubbery.net > > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > > > > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20080415/669f6e50/attachment.html From gabbawp at gmail.com Tue Apr 15 08:37:32 2008 From: gabbawp at gmail.com (Gareth Hopkins) Date: Tue, 15 Apr 2008 10:37:32 +0200 Subject: [rancid] Issues with Cisco XR Message-ID: <9a0178110804150137q5456033dnf5473734145eb95f@mail.gmail.com> Hi, I have a number of IOS and XR boxes that I am trying to poll. The IOS boxes work like a dream, but the XR boxes (12404 and 12406's) all hang during the poll. I am running FreeBSD 6.3 and have upgraded the expect port to expect-devel as per a number of postings on this mailing list. Rancid version is 2.3.2a7. Here is what happens when I run rancid in debug mode. It hangs in the same place on each XR device. [rancid at testbox ~]$ rancid -d testrouter executing clogin -t 30 -c"admin show version;show version;show redundancy secondary;show idprom backplane;show install active;admin show env all;show env all;show rsp chassis-info;show gsr chassis;show diag chassis-info;show boot;show bootvar;admin show variables boot;show variables boot;show flash;dir /all nvram:;dir /all bootflash:;dir /all slot0:;dir /all disk0:;dir /all slot1:;dir /all disk1:;dir /all slot2:;dir /all disk2:;dir /all harddisk:;dir /all harddiska:;dir /all harddiskb:;dir /all sup-bootflash:;dir /all sup-microcode:;dir /all slavenvram:;dir /all slavebootflash:;dir /all slaveslot0:;dir /all slavedisk0:;dir /all slaveslot1:;dir /all slavedisk1:;dir /all slaveslot2:;dir /all slavedisk2:;dir /all slavesup-bootflash:;dir /all sec-nvram:;dir /all sec-bootflash:;dir /all sec-slot0:;dir /all sec-disk0:;dir /all sec-slot1:;dir /all sec-disk1:;dir /all sec-slot2:;dir /all sec-disk2:;show controllers;show controllers cbus;show diagbus;admin show diag;show diag;show module;show spe version;show c7200;show inventory raw;show vtp status;show vlan;show vlan-switch;show debug;show running-config;write term" testrouter PROMPT MATCH: RP/0/0/CPU0:testrouter# HIT COMMAND:RP/0/0/CPU0:testrouter#adminRP/0/0/CPU0:testrouter#admin showRP/0/0/CPU0:testrouter#admin show version In ShowVersion: RP/0/0/CPU0:testrouter#adminRP/0/0/CPU0:testrouter#admin showRP/0/0/CPU0:testrouter#admin show version HIT COMMAND:RP/0/0/CPU0:testrouter#showRP/0/0/CPU0:testrouter#show version In ShowVersion: RP/0/0/CPU0:testrouter#showRP/0/0/CPU0:testrouter#show version TYPE = 12404/PRP HIT COMMAND:RP/0/0/CPU0:testrouter#showRP/0/0/CPU0:testrouter#show redundancyRP/0/0/CPU0:testrouter#show redundancy secondary In ShowRedundancy: RP/0/0/CPU0:testrouter#showRP/0/0/CPU0:testrouter#show redundancyRP/0/0/CPU0:testrouter#show redundancy secondary HIT COMMAND:RP/0/0/CPU0:testrouter#showRP/0/0/CPU0:testrouter#show idpromRP/0/0/CPU0:testrouter#show idprom backplane In ShowIDprom: RP/0/0/CPU0:testrouter#showRP/0/0/CPU0:testrouter#show idpromRP/0/0/CPU0:testrouter#show idprom backplane HIT COMMAND:RP/0/0/CPU0:testrouter#showRP/0/0/CPU0:testrouter#show installRP/0/0/CPU0:testrouter#show install active In ShowInstallActive: RP/0/0/CPU0:testrouter#showRP/0/0/CPU0:testrouter#show installRP/0/0/CPU0:testrouter#show install active HIT COMMAND:RP/0/0/CPU0:testrouter#adminRP/0/0/CPU0:testrouter#admin showRP/0/0/CPU0:testrouter#admin show envRP/0/0/CPU0:testrouter#admin show env all In ShowEnv: RP/0/0/CPU0:testrouter#adminRP/0/0/CPU0:testrouter#admin showRP/0/0/CPU0:testrouter#admin show envRP/0/0/CPU0:testrouter#admin show env all HIT COMMAND:RP/0/0/CPU0:testrouter#showRP/0/0/CPU0:testrouter#show rspRP/0/0/CPU0:testrouter#show rsp chassis-info In ShowRSP: RP/0/0/CPU0:testrouter#showRP/0/0/CPU0:testrouter#show rspRP/0/0/CPU0:testrouter#show rsp chassis-info HIT COMMAND:RP/0/0/CPU0:testrouter#showRP/0/0/CPU0:testrouter#show gsrRP/0/0/CPU0:testrouter#show gsr chassis In ShowGSR: RP/0/0/CPU0:testrouter#showRP/0/0/CPU0:testrouter#show gsrRP/0/0/CPU0:testrouter#show gsr chassis HIT COMMAND:RP/0/0/CPU0:testrouter#showRP/0/0/CPU0:testrouter#show diagRP/0/0/CPU0:testrouter#show diag chassis-info In ShowGSR: RP/0/0/CPU0:testrouter#showRP/0/0/CPU0:testrouter#show diagRP/0/0/CPU0:testrouter#show diag chassis-info HIT COMMAND:RP/0/0/CPU0:testrouter#showRP/0/0/CPU0:testrouter#show boot In ShowBoot: RP/0/0/CPU0:testrouter#showRP/0/0/CPU0:testrouter#show boot HIT COMMAND:RP/0/0/CPU0:testrouter#showRP/0/0/CPU0:testrouter#show bootvar In ShowBoot: RP/0/0/CPU0:testrouter#showRP/0/0/CPU0:testrouter#show bootvar HIT COMMAND:RP/0/0/CPU0:testrouter#adminRP/0/0/CPU0:testrouter#admin showRP/0/0/CPU0:testrouter#admin show variablesRP/0/0/CPU0:testrouter#admin show variables boot In ShowBoot: RP/0/0/CPU0:testrouter#adminRP/0/0/CPU0:testrouter#admin showRP/0/0/CPU0:testrouter#admin show variablesRP/0/0/CPU0:testrouter#admin show variables boot HIT COMMAND:RP/0/0/CPU0:testrouter#showRP/0/0/CPU0:testrouter#show variablesRP/0/0/CPU0:testrouter#show variables boot In ShowBoot: RP/0/0/CPU0:testrouter#showRP/0/0/CPU0:testrouter#show variablesRP/0/0/CPU0:testrouter#show variables boot HIT COMMAND:RP/0/0/CPU0:testrouter#showRP/0/0/CPU0:testrouter#show flash In ShowFlash: RP/0/0/CPU0:testrouter#showRP/0/0/CPU0:testrouter#show flash HIT COMMAND:RP/0/0/CPU0:testrouter#dirRP/0/0/CPU0:testrouter#dir /allRP/0/0/CPU0:testrouter#dir /all nvram: In DirSlotN: RP/0/0/CPU0:testrouter#dirRP/0/0/CPU0:testrouter#dir /allRP/0/0/CPU0:testrouter#dir /all nvram: HIT COMMAND:RP/0/0/CPU0:testrouter#dirRP/0/0/CPU0:testrouter#dir /allRP/0/0/CPU0:testrouter#dir /all bootflash: In DirSlotN: RP/0/0/CPU0:testrouter#dirRP/0/0/CPU0:testrouter#dir /allRP/0/0/CPU0:testrouter#dir /all bootflash: HIT COMMAND:RP/0/0/CPU0:testrouter#dirRP/0/0/CPU0:testrouter#dir /allRP/0/0/CPU0:testrouter#dir /all slot0: In DirSlotN: RP/0/0/CPU0:testrouter#dirRP/0/0/CPU0:testrouter#dir /allRP/0/0/CPU0:testrouter#dir /all slot0: HIT COMMAND:RP/0/0/CPU0:testrouter#dirRP/0/0/CPU0:testrouter#dir /allRP/0/0/CPU0:testrouter#dir /all disk0: In DirSlotN: RP/0/0/CPU0:testrouter#dirRP/0/0/CPU0:testrouter#dir /allRP/0/0/CPU0:testrouter#dir /all disk0: HIT COMMAND:RP/0/0/CPU0:testrouter#dirRP/0/0/CPU0:testrouter#dir /allRP/0/0/CPU0:testrouter#dir /all slot1: In DirSlotN: RP/0/0/CPU0:testrouter#dirRP/0/0/CPU0:testrouter#dir /allRP/0/0/CPU0:testrouter#dir /all slot1: HIT COMMAND:RP/0/0/CPU0:testrouter#dirRP/0/0/CPU0:testrouter#dir /allRP/0/0/CPU0:testrouter#dir /all disk1: In DirSlotN: RP/0/0/CPU0:testrouter#dirRP/0/0/CPU0:testrouter#dir /allRP/0/0/CPU0:testrouter#dir /all disk1: HIT COMMAND:RP/0/0/CPU0:testrouter#dirRP/0/0/CPU0:testrouter#dir /allRP/0/0/CPU0:testrouter#dir /all slot2: In DirSlotN: RP/0/0/CPU0:testrouter#dirRP/0/0/CPU0:testrouter#dir /allRP/0/0/CPU0:testrouter#dir /all slot2: HIT COMMAND:RP/0/0/CPU0:testrouter#dirRP/0/0/CPU0:testrouter#dir /allRP/0/0/CPU0:testrouter#dir /all disk2: In DirSlotN: RP/0/0/CPU0:testrouter#dirRP/0/0/CPU0:testrouter#dir /allRP/0/0/CPU0:testrouter#dir /all disk2: testrouter clogin error: Error: TIMEOUT reached testrouter clogin error: Error: TIMEOUT reached testrouter: missed cmd(s): admin show diag,dir /all slavedisk2:,dir /all sec-slot2:,show diag,dir /all sec-nvram:,dir /all sec-bootflash:,show spe version,dir /all slaveslot2:,dir /all slaveslot0:,dir /all sec-slot1:,dir /all harddiska:,dir /all slavenvram:,dir /all sec-disk2:,dir /all slavesup-bootflash:,dir /all sec-disk0:,dir /all harddiskb:,show inventory raw,dir /all slavedisk1:,show env all,show module,show controllers,show diagbus,dir /all slavedisk0:,show debug,dir /all sec-slot0:,dir /all sec-disk1:,write term,show vtp status,dir /all sup-bootflash:,dir /all harddisk:,dir /all sup-microcode:,show vlan,dir /all slavebootflash:,show controllers cbus,dir /all slaveslot1:,show vlan-switch,show running-config,show c7200 testrouter: missed cmd(s): admin show diag,dir /all slavedisk2:,dir /all sec-slot2:,show diag,dir /all sec-nvram:,dir /all sec-bootflash:,show spe version,dir /all slaveslot2:,dir /all slaveslot0:,dir /all sec-slot1:,dir /all harddiska:,dir /all slavenvram:,dir /all sec-disk2:,dir /all slavesup-bootflash:,dir /all sec-disk0:,dir /all harddiskb:,show inventory raw,dir /all slavedisk1:,show env all,show module,show controllers,show diagbus,dir /all slavedisk0:,show debug,dir /all sec-slot0:,dir /all sec-disk1:,write term,show vtp status,dir /all sup-bootflash:,dir /all harddisk:,dir /all sup-microcode:,show vlan,dir /all slavebootflash:,show controllers cbus,dir /all slaveslot1:,show vlan-switch,show running-config,show c7200 testrouter: End of run not found testrouter: End of run not found ! Any ideas? Thanks Gabba -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20080415/58f80464/attachment.html From alex.malberty at babycenter.com Tue Apr 15 23:15:22 2008 From: alex.malberty at babycenter.com (Alex Malberty) Date: Tue, 15 Apr 2008 16:15:22 -0700 Subject: [rancid] cannot get running-config Message-ID: Hello, I am having problems getting the running-config from a Cisco router with IOS Version 12.3(8). I am using an enable 5 with low privileges, which I know is what is causing the problem. Is there any way to get that configuration without using a user with full privileges? Thanks !NAME: "FastEthernet0", DESCR: "Fast Ethernet" !NAME: "FastEthernet1", DESCR: "Fast Ethernet" !NAME: "FastEthernet2", DESCR: "Fast Ethernet" !NAME: "FastEthernet3", DESCR: "Fast Ethernet" !NAME: "FastEthernet4", DESCR: "PQUICC_FEC" ! !VTP: VTP Version : 2 !VTP: Configuration Revision : 0 !VTP: Maximum VLANs supported locally : 256 !VTP: Number of existing VLANs : 5 !VTP: VTP Operating Mode : Server !VTP: VTP Domain Name : !VTP: VTP Pruning Mode : Disabled !VTP: VTP V2 Mode : Disabled !VTP: VTP Traps Generation : Disabled !VTP: MD5 digest : 88888888888888888 !VTP: Local updater ID is 12.12.12.12 on interface Vl1 (lowest numbered VLAN interface found) ! !VLAN: VLAN Name Status Ports !VLAN: ---- -------------------------------- --------- ------------------------------- !VLAN: 1 default active Fa0, Fa1, Fa2, Fa3 !VLAN: 1002 fddi-default active !VLAN: 1003 token-ring-default active !VLAN: 1004 fddinet-default active !VLAN: 1005 trnet-default active !VLAN: VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2 !VLAN: ---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------ !VLAN: 1 enet 100001 1500 - - - - - 1002 1003 !VLAN: 1002 fddi 101002 1500 - - - - - 1 1003 !VLAN: 1003 tr 101003 1500 1005 0 - - srb 1 1002 !VLAN: 1004 fdnet 101004 1500 - - 1 ibm - 0 0 !VLAN: 1005 trnet 101005 1500 - - 1 ibm - 0 0 ! ! config-register 0x2102 boot-start-marker boot-end-marker ! end ------------------------------------------------------------------------ -- Alejandro A. Malberty Systems Administrator Engineering BabyCenter, LLC amalberty at babycenter.com p: 415.344.7626 http://www.babycenter.com This email message is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply email and destroy all copies of the original message. If you are the intended recipient, please be advised that the content of this message is subject to access, review and disclosure by the sender's Email System Administrator. -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20080415/68118c47/attachment.html From thomas.lee at airliquide.com Wed Apr 16 10:07:53 2008 From: thomas.lee at airliquide.com (thomas cp lee) Date: Wed, 16 Apr 2008 12:07:53 +0200 Subject: [rancid] "Routers changed to down:" Problem Message-ID: <20080416100753.GA21655@airliquide.com> Hello ! (First-off, apologies if this is spam - I couldn't find a search threads option in the ml-archives to see if this issue had already been adressed) I'm running rancid 2.3.1-4 on ubuntu, and all seems to be going swimmingly apart from a tiny bit of weird behavior by the mail part of the control_rancid script... Every time rancid is run (from cron), it correctly detects up/down diffs in the router.db's, and also correctly mails diffs on the routers themselves. However, rancid mails me (for each $group), a mail looking like : +++ From: rancid@$isp.com Subject: changes in $group routers To: rancid-$group@$isp.com Date: Wed, 16 Apr 2008 11:01:12 +0200 (CEST) Routers changed to down: +++ ...and that's it ! Nothing has changed in the router.db file, there's just this constantly empty message. I've scrabbled in the logs, and nothing is mentioned. Why am I being mailled when no changes have taken place ? I'm guessing that it's a permissions issue, but uid/gid are rancid:rancid everywhere, & it seems to be recreating the routers.down files no probs (if I delete 'em) and as i said above, it detects the changes all right, so I don't understand where the problem could be. Is it the CVS being odd ? Any help would be greatly appreciated. Vive Rancid ! Cheers, Tom -- Thomas Lee Unix, R?seaux & S?curit? ISIS [P?le Services] Air Liquide From zarahel at iol.pt Wed Apr 16 13:39:52 2008 From: zarahel at iol.pt (zarahel at iol.pt) Date: Wed, 16 Apr 2008 14:39:52 +0100 Subject: [rancid] [Rancid] Error Log Message-ID: <20080416143952.0qjx3op3wg0wsow4@webmail.iol.pt> Good afternoon to you all Does anybody know of a script, or some solution that would concentrate all the errors in rancid run and compact them in one single error log? I?m asking this because I have about 40 differente groups in Rancid, and veryfing each log file is a pain the as*. Thkx ________________________________________________________________________________ ANTECIPE A DEVOLU??O DO SEU IRS e receba j? o seu dinheiro... I.R.Yes! da Capital Mais http://www.iol.pt/correio/rodape.php?dst=0803281 From thomas.lee at airliquide.com Wed Apr 16 14:48:34 2008 From: thomas.lee at airliquide.com (thomas cp lee) Date: Wed, 16 Apr 2008 16:48:34 +0200 Subject: [rancid] Re: "Routers changed to down:" Problem In-Reply-To: <20080416100753.GA21655@airliquide.com> References: <20080416100753.GA21655@airliquide.com> Message-ID: <20080416144834.GA24534@airliquide.com> On Wed, Apr 16, 2008 at 12:07:53PM +0200, thomas cp lee a ecrit: > > Any help would be greatly appreciated. Vive Rancid ! > Okay, looks like I've cracked it myself... There is (at least on my ubuntu) a problem with the flags in the 'diff' program called by control_rancid. The "diff" program is executed with the flags "-u -4", and that appears to be obselete. When I modify it in the control_rancid script, so that it's "-U 4", it seems to now work as god intended. (plz note, I've not changed it (yet) on the "cvs diff" line...) So, in a nutshell for me : perl -i -pe 's/^diff -u -4/diff -U 4/g' /var/lib/rancid/bin/control_rancid Voila, cheers. Tom --s Thomas Lee Unix, R?seaux & S?curit? ISIS [P?le Services] Air Liquide From alex.malberty at babycenter.com Mon Apr 14 17:53:15 2008 From: alex.malberty at babycenter.com (Alex Malberty) Date: Mon, 14 Apr 2008 10:53:15 -0700 Subject: [rancid] Probelms gettin PIX 501 Version 6.3(5) configuration Message-ID: Hi everyone, I am having trouble trying to get the configuration of a PIX 501 Version 6.3(5). I am using an enable user with limited privileges to access the firewall. This only happens when I use the user with limited privileges on the firewall. If I use enable level 15 I can get the config and check it out in SVN. Does anybody know what permissions are needed to allow a user to pull the running config info? Below are the logs when I run rancid-run Thanks in advance, Alex. Trying to get all of the configs. pa-fw-501: End of run not found : end la-fw-501 clogin error: Error: TIMEOUT reached la-fw-501: missed cmd(s): admin show diag,dir /all slavedisk2:,show rsp chassis-info,dir /all sec-slot2:,show diag,dir /all disk1:,show gsr chassis,dir /all sec-nvram:,show diag chassis-info,dir /all disk2:,dir /all sec-bootflash:,show spe version,dir /all slaveslot2:,dir /all disk0:,show install active,show bootvar,dir /all slaveslot0:,dir /all sec-slot1:,dir /all harddiska:,dir /all slavenvram:,show flash,dir /all sec-disk2:,dir /all slavesup-bootflash:,dir /all sec-disk0:,dir /all harddiskb:,show variables boot,show boot,show inventory raw,dir /all slavedisk1:,show env all,show module,admin show env all,show controllers,admin show version,show diagbus,dir /all slavedisk0:,show debug,show idprom backplane,dir /all bootflash:,dir /all sec-slot0:,dir /all sec-disk1:,write term,show vtp status,dir /all sup-bootflash:,dir /all slot2:,dir /all harddisk:,dir /all slot0:,dir /all sup-microcode:,show vlan,dir /all slavebootflash:,show controllers cbus,dir /all slaveslot1:,dir /all nvram:,show version,show vlan-switch,admin show variables boot,show redundancy secondary,show running-config,show c7200,dir /all slot1: la-fw-501: End of run not found ! ------------------------------------------------------------------------ -- Alejandro A. Malberty Systems Administrator Engineering BabyCenter, LLC amalberty at babycenter.com p: 415.344.7626 http://www.babycenter.com This email message is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply email and destroy all copies of the original message. If you are the intended recipient, please be advised that the content of this message is subject to access, review and disclosure by the sender's Email System Administrator. -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20080414/10638b17/attachment.html From alex.malberty at babycenter.com Mon Apr 14 22:08:59 2008 From: alex.malberty at babycenter.com (Alex Malberty) Date: Mon, 14 Apr 2008 15:08:59 -0700 Subject: [rancid] Re: Probelms gettin PIX 501 Version 6.3(5) configuration In-Reply-To: References: Message-ID: Hi everyone, I am having trouble trying to get the configuration of a PIX 501 Version 6.3(5). I am using an enable user with limited privileges to access the firewall. This only happens when I use the user with limited privileges on the firewall. If I use enable level 15 I can get the config and check it out in SVN. Does anybody know what permissions are needed to allow a user to pull the running config info? Below are the logs when I run rancid-run Thanks in advance, Alex. Trying to get all of the configs. pa-fw-501: End of run not found : end la-fw-501 clogin error: Error: TIMEOUT reached la-fw-501: missed cmd(s): admin show diag,dir /all slavedisk2:,show rsp chassis-info,dir /all sec-slot2:,show diag,dir /all disk1:,show gsr chassis,dir /all sec-nvram:,show diag chassis-info,dir /all disk2:,dir /all sec-bootflash:,show spe version,dir /all slaveslot2:,dir /all disk0:,show install active,show bootvar,dir /all slaveslot0:,dir /all sec-slot1:,dir /all harddiska:,dir /all slavenvram:,show flash,dir /all sec-disk2:,dir /all slavesup-bootflash:,dir /all sec-disk0:,dir /all harddiskb:,show variables boot,show boot,show inventory raw,dir /all slavedisk1:,show env all,show module,admin show env all,show controllers,admin show version,show diagbus,dir /all slavedisk0:,show debug,show idprom backplane,dir /all bootflash:,dir /all sec-slot0:,dir /all sec-disk1:,write term,show vtp status,dir /all sup-bootflash:,dir /all slot2:,dir /all harddisk:,dir /all slot0:,dir /all sup-microcode:,show vlan,dir /all slavebootflash:,show controllers cbus,dir /all slaveslot1:,dir /all nvram:,show version,show vlan-switch,admin show variables boot,show redundancy secondary,show running-config,show c7200,dir /all slot1: la-fw-501: End of run not found ! ------------------------------------------------------------------------ -- Alejandro A. Malberty Systems Administrator Engineering BabyCenter, LLC amalberty at babycenter.com p: 415.344.7626 http://www.babycenter.com This email message is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply email and destroy all copies of the original message. If you are the intended recipient, please be advised that the content of this message is subject to access, review and disclosure by the sender's Email System Administrator. -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20080414/88f74d9d/attachment.html From smunzani at comcast.net Thu Apr 17 16:54:49 2008 From: smunzani at comcast.net (Sam Munzani) Date: Thu, 17 Apr 2008 11:54:49 -0500 Subject: [rancid] Re: Probelms gettin PIX 501 Version 6.3(5) configuration In-Reply-To: References: Message-ID: <480780D9.8080708@comcast.net> With limited priv you can't run "show running-config" command. You have to run "show config" provided its permitted command in your limited access setup. To setup limited priv properly, you need something like below. privilege show level 1 mode exec command configuration <== This is ASA command so you will have to figure out equivalent on PIX Sam > > Hi everyone, > > I am having trouble trying to get the configuration of a PIX 501 > Version 6.3(5). I am using an enable user with limited privileges to > access the firewall. This only happens when I use the user with > limited privileges on the firewall. If I use enable level 15 I can get > the config and check it out in SVN. Does anybody know what permissions > are needed to allow a user to pull the running config info? Below are > the logs when I run rancid-run > > Thanks in advance, > > Alex. > > > > Trying to get all of the configs. > > pa-fw-501: End of run not found > > : end > > la-fw-501 clogin error: Error: TIMEOUT reached > > la-fw-501: missed cmd(s): admin show diag,dir /all slavedisk2:,show > rsp chassis-info,dir /all sec-slot2:,show diag,dir /all disk1:,show > gsr chassis,dir /all sec-nvram:,show diag chassis-info,dir /all > disk2:,dir /all sec-bootflash:,show spe version,dir /all > slaveslot2:,dir /all disk0:,show install active,show bootvar,dir /all > slaveslot0:,dir /all sec-slot1:,dir /all harddiska:,dir /all > slavenvram:,show flash,dir /all sec-disk2:,dir /all > slavesup-bootflash:,dir /all sec-disk0:,dir /all harddiskb:,show > variables boot,show boot,show inventory raw,dir /all slavedisk1:,show > env all,show module,admin show env all,show controllers,admin show > version,show diagbus,dir /all slavedisk0:,show debug,show idprom > backplane,dir /all bootflash:,dir /all sec-slot0:,dir /all > sec-disk1:,write term,show vtp status,dir /all sup-bootflash:,dir /all > slot2:,dir /all harddisk:,dir /all slot0:,dir /all sup-microcode:,show > vlan,dir /all slavebootflash:,show controllers cbus,dir /all > slaveslot1:,dir /all nvram:,show version,show vlan-switch,admin show > variables boot,show redundancy secondary,show running-config,show > c7200,dir /all slot1: > > la-fw-501: End of run not found > > ! > > -------------------------------------------------------------------------- > > *Alejandro A. Malberty* > > Systems Administrator > > Engineering > > BabyCenter, LLC > > amalberty at babycenter.com > > p: 415.344.7626 > > > > > _http://www.babycenter.com_ > > > > / > > This email message is for the sole use of the intended recipient(s) > and may contain confidential and privileged information. Any > unauthorized review, use, disclosure or distribution is prohibited. If > you are not the intended recipient, please contact the sender by reply > email and destroy all copies of the original message. If you are the > intended recipient, please be advised that the content of this message > is subject to access, review and disclosure by the sender's Email > System Administrator. > > / > ------------------------------------------------------------------------ > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20080417/8b539e3f/attachment.html From alex.malberty at babycenter.com Thu Apr 17 20:40:59 2008 From: alex.malberty at babycenter.com (Alex Malberty) Date: Thu, 17 Apr 2008 13:40:59 -0700 Subject: [rancid] ssh key based authentication Message-ID: Hello, Does rancid support key based authentication in ssh? Thank you, ------------------------------------------------------------------------ -- Alejandro A. Malberty Systems Administrator Engineering BabyCenter, LLC amalberty at babycenter.com p: 415.344.7626 http://www.babycenter.com This email message is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply email and destroy all copies of the original message. If you are the intended recipient, please be advised that the content of this message is subject to access, review and disclosure by the sender's Email System Administrator. -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20080417/25be447b/attachment.html From sbarnard at govolution.com Thu Apr 17 20:54:14 2008 From: sbarnard at govolution.com (Sam Barnard) Date: Thu, 17 Apr 2008 16:54:14 -0400 Subject: [rancid] Run Rancid and with output to terminal Message-ID: <9DB9EF9B-0B0F-490C-87B2-1B90A2BF9E39@govolution.com> Is there a way to run rancid-run with output to the terminal? I am not getting any output or error messages to the logs other than: starting: Thu Apr 17 16:38:31 EDT 2008 ending: Thu Apr 17 16:38:31 EDT 2008 I can manually run clogin to each device: [rancid at ashp-mon03 ~]$ bin/clogin BRRTR02 brrtr02 spawn telnet brrtr02 Trying
... telnet: connect to address
: Connection refused telnet: Unable to connect to remote host: Connection refused spawn ssh -c 3des -x -l rancid brrtr02 UNAUTHORIZED ACCESS PROHIBITED. DISCONNECT NOW ! rancid at brrtr02's password: UNAUTHORIZED ACCESS PROHIBITED. DISCONNECT NOW! BRRTR02# rancid run doesnt seem to do anything tough. Routers.db looks like this: BRRTR01:cisco:up BRRTR02:cisco:up 6509a:cisco:up 6509b:cisco:up But mainly I want to see where it is choking, so is there a way to run rancid-run with output to the terminal? Thanks, Sam Barnard Systems Engineer Govolution, LLC sbarnard at govolution.com 703/894 - 5000 x 5703 From eravin at panix.com Thu Apr 17 22:04:40 2008 From: eravin at panix.com (Ed Ravin) Date: Thu, 17 Apr 2008 18:04:40 -0400 Subject: [rancid] Zyxel DSL CPE and RANCID? Message-ID: <20080417220440.GA3124@panix.com> Has anyone gotten RANCID to work with Zyxel DSL modems? They start out with a Playskool menu but you can drop into a command line with the right incantation. From gabbawp at gmail.com Fri Apr 18 06:56:57 2008 From: gabbawp at gmail.com (Gareth Hopkins) Date: Fri, 18 Apr 2008 08:56:57 +0200 Subject: [rancid] Re: Run Rancid and with output to terminal In-Reply-To: <9DB9EF9B-0B0F-490C-87B2-1B90A2BF9E39@govolution.com> References: <9DB9EF9B-0B0F-490C-87B2-1B90A2BF9E39@govolution.com> Message-ID: <9a0178110804172356p6f3ae117nac5c3f26105e634a@mail.gmail.com> Hi, You can run rancid with the debug flag, so rancid -d routername Cheers, Gabba On Thu, Apr 17, 2008 at 10:54 PM, Sam Barnard wrote: > Is there a way to run rancid-run with output to the terminal? > > I am not getting any output or error messages to the logs other than: > > starting: Thu Apr 17 16:38:31 EDT 2008 > > > > ending: Thu Apr 17 16:38:31 EDT 2008 > > I can manually run clogin to each device: > > [rancid at ashp-mon03 ~]$ bin/clogin BRRTR02 > brrtr02 > spawn telnet brrtr02 > Trying
... > telnet: connect to address
: Connection refused > telnet: Unable to connect to remote host: Connection refused > spawn ssh -c 3des -x -l rancid brrtr02 > UNAUTHORIZED ACCESS PROHIBITED. DISCONNECT NOW ! rancid at brrtr02's > password: > UNAUTHORIZED ACCESS PROHIBITED. DISCONNECT NOW! > BRRTR02# > > rancid run doesnt seem to do anything tough. Routers.db looks like > this: > > BRRTR01:cisco:up > BRRTR02:cisco:up > 6509a:cisco:up > 6509b:cisco:up > > But mainly I want to see where it is choking, so is there a way to run > rancid-run with output to the terminal? > > Thanks, > > Sam Barnard > Systems Engineer > Govolution, LLC > sbarnard at govolution.com > 703/894 - 5000 x 5703 > > > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20080418/58b2d6f9/attachment.html From gabbawp at gmail.com Fri Apr 18 13:19:18 2008 From: gabbawp at gmail.com (Gareth Hopkins) Date: Fri, 18 Apr 2008 15:19:18 +0200 Subject: [rancid] Re: Run Rancid and with output to terminal In-Reply-To: References: <9DB9EF9B-0B0F-490C-87B2-1B90A2BF9E39@govolution.com> <9a0178110804172356p6f3ae117nac5c3f26105e634a@mail.gmail.com> Message-ID: <9a0178110804180619y15e9c036lac372beef5c50b1f@mail.gmail.com> Hi, Just rancid -d routername. jrancid should be the same syntax. On Fri, Apr 18, 2008 at 3:14 PM, Scott Huffman wrote: > Gabba, > Should it be rancid -d routername , or rancid-run -d routername ? I > have tried rancid-run -d routername, and it says the -d flag is an unknown > option. I also tried jrancid -d routername, and it still doesn't put > anything to the terminal. > Thanks > Scott > > > > On Fri, Apr 18, 2008 at 2:56 AM, Gareth Hopkins wrote: > > > Hi, > > > > You can run rancid with the debug flag, so rancid -d routername > > > > Cheers, > > > > Gabba > > > > > > On Thu, Apr 17, 2008 at 10:54 PM, Sam Barnard > > wrote: > > > > > Is there a way to run rancid-run with output to the terminal? > > > > > > I am not getting any output or error messages to the logs other than: > > > > > > starting: Thu Apr 17 16:38:31 EDT 2008 > > > > > > > > > > > > ending: Thu Apr 17 16:38:31 EDT 2008 > > > > > > I can manually run clogin to each device: > > > > > > [rancid at ashp-mon03 ~]$ bin/clogin BRRTR02 > > > brrtr02 > > > spawn telnet brrtr02 > > > Trying
... > > > telnet: connect to address
: Connection refused > > > telnet: Unable to connect to remote host: Connection refused > > > spawn ssh -c 3des -x -l rancid brrtr02 > > > UNAUTHORIZED ACCESS PROHIBITED. DISCONNECT NOW ! rancid at brrtr02's > > > password: > > > UNAUTHORIZED ACCESS PROHIBITED. DISCONNECT NOW! > > > BRRTR02# > > > > > > rancid run doesnt seem to do anything tough. Routers.db looks like > > > this: > > > > > > BRRTR01:cisco:up > > > BRRTR02:cisco:up > > > 6509a:cisco:up > > > 6509b:cisco:up > > > > > > But mainly I want to see where it is choking, so is there a way to run > > > rancid-run with output to the terminal? > > > > > > Thanks, > > > > > > Sam Barnard > > > Systems Engineer > > > Govolution, LLC > > > sbarnard at govolution.com > > > 703/894 - 5000 x 5703 > > > > > > > > > > > > _______________________________________________ > > > Rancid-discuss mailing list > > > Rancid-discuss at shrubbery.net > > > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > > > > > > > > > _______________________________________________ > > Rancid-discuss mailing list > > Rancid-discuss at shrubbery.net > > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > > > > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20080418/e8aafa33/attachment.html From wshuffman2 at gmail.com Fri Apr 18 15:36:52 2008 From: wshuffman2 at gmail.com (Scott Huffman) Date: Fri, 18 Apr 2008 11:36:52 -0400 Subject: [rancid] Log Files Message-ID: <1d8095b20804180836l7bb00742j51a2ccd3ed36d4b@mail.gmail.com> Any thoughts on these logs? The error continues to repeat. I think this is why my rancid is hanging. Rancid:~ dtidelaware$ cat /opt/local/var/rancid/logs/jrouters.20080416.233000 | more starting: Wed Apr 16 23:30:00 EDT 2008 Trying to get all of the configs. /opt/local/libexec/rancid/jrancid: line 28: use: command not found /opt/local/libexec/rancid/jrancid: line 28: use: command not found /opt/local/libexec/rancid/jrancid: line 28: use: command not found /opt/local/libexec/rancid/jrancid: line 28: use: command not found /opt/local/libexec/rancid/jrancid: line 29: syntax error near unexpected token ` 'dfl'' /opt/local/libexec/rancid/jrancid: line 29: `getopts('dfl');' /opt/local/libexec/rancid/jrancid: line 29: syntax error near unexpected token ` 'dfl'' /opt/local/libexec/rancid/jrancid: line 29: `getopts('dfl');' /opt/local/libexec/rancid/jrancid: line 29: syntax error near unexpected token ` 'dfl'' #JRancid file------------------------------------------ use Getopt::Std; <---------------- Line 28 getopts('dfl'); <---------------- Line 29 $debug = $opt_d; $log = $opt_l; $file = $opt_f; $host = $ARGV[0]; ------------------------------------------------------------- -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20080418/d3ace888/attachment.html From tex at off.org Fri Apr 18 20:05:12 2008 From: tex at off.org (Austin Schutz) Date: Fri, 18 Apr 2008 13:05:12 -0700 Subject: [rancid] Re: Log Files In-Reply-To: <1d8095b20804180836l7bb00742j51a2ccd3ed36d4b@mail.gmail.com> References: <1d8095b20804180836l7bb00742j51a2ccd3ed36d4b@mail.gmail.com> Message-ID: <20080418200512.GY27901@gblx.net> jrancid is missing the path to the perl interpreter at the top of the file. It looks like something weird happened when you installed rancid- maybe couldn't find the interpreter but didnt' stop installing. Austin On Fri, Apr 18, 2008 at 11:36:52AM -0400, Scott Huffman wrote: > Any thoughts on these logs? The error continues to repeat. I think this is > why my rancid is hanging. > > Rancid:~ dtidelaware$ cat > /opt/local/var/rancid/logs/jrouters.20080416.233000 | more > starting: Wed Apr 16 23:30:00 EDT 2008 > > Trying to get all of the configs. > /opt/local/libexec/rancid/jrancid: line 28: use: command not found > /opt/local/libexec/rancid/jrancid: line 28: use: command not found > /opt/local/libexec/rancid/jrancid: line 28: use: command not found > /opt/local/libexec/rancid/jrancid: line 28: use: command not found > /opt/local/libexec/rancid/jrancid: line 29: syntax error near unexpected > token ` > 'dfl'' > /opt/local/libexec/rancid/jrancid: line 29: `getopts('dfl');' > /opt/local/libexec/rancid/jrancid: line 29: syntax error near unexpected > token ` > 'dfl'' > /opt/local/libexec/rancid/jrancid: line 29: `getopts('dfl');' > /opt/local/libexec/rancid/jrancid: line 29: syntax error near unexpected > token ` > 'dfl'' > > > > #JRancid file------------------------------------------ > > use Getopt::Std; <---------------- Line 28 > getopts('dfl'); <---------------- Line 29 > > $debug = $opt_d; > $log = $opt_l; > $file = $opt_f; > $host = $ARGV[0]; > > ------------------------------------------------------------- > > > !DSPAM:4808c186173864550419146! > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > > !DSPAM:4808c186173864550419146! From tex at off.org Fri Apr 18 20:10:41 2008 From: tex at off.org (Austin Schutz) Date: Fri, 18 Apr 2008 13:10:41 -0700 Subject: [rancid] Re: Log Files In-Reply-To: <20080418200512.GY27901@gblx.net> References: <1d8095b20804180836l7bb00742j51a2ccd3ed36d4b@mail.gmail.com> <20080418200512.GY27901@gblx.net> Message-ID: <20080418201041.GZ27901@gblx.net> On Fri, Apr 18, 2008 at 01:05:12PM -0700, Austin Schutz wrote: > jrancid is missing the path to the perl interpreter at the top > of the file. It looks like something weird happened when you installed > rancid- maybe couldn't find the interpreter but didnt' stop installing. > Oh- the fix- put #!/usr/bin/perl (or wherever your perl is) as the very first line of jrancid. Austin From wshuffman2 at gmail.com Sat Apr 19 19:23:49 2008 From: wshuffman2 at gmail.com (Scott Huffman) Date: Sat, 19 Apr 2008 15:23:49 -0400 Subject: [rancid] Re: Log Files In-Reply-To: <20080418201041.GZ27901@gblx.net> References: <1d8095b20804180836l7bb00742j51a2ccd3ed36d4b@mail.gmail.com> <20080418200512.GY27901@gblx.net> <20080418201041.GZ27901@gblx.net> Message-ID: <1d8095b20804191223t29b5656er2f2f4f83d3dc9ee3@mail.gmail.com> Sounds great, I will give that a try monday when I go in. I was editing the jrancid file to try adding the "show log messages" command. Apparently somewhere in my editing I deleted that line. Thanks Scott On Fri, Apr 18, 2008 at 4:10 PM, Austin Schutz wrote: > On Fri, Apr 18, 2008 at 01:05:12PM -0700, Austin Schutz wrote: > > jrancid is missing the path to the perl interpreter at the top > > of the file. It looks like something weird happened when you installed > > rancid- maybe couldn't find the interpreter but didnt' stop installing. > > > > Oh- the fix- put #!/usr/bin/perl (or wherever your perl is) as the > very first line of jrancid. > > Austin > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20080419/14159cb7/attachment.html From wshuffman2 at gmail.com Mon Apr 21 18:15:31 2008 From: wshuffman2 at gmail.com (Scott Huffman) Date: Mon, 21 Apr 2008 14:15:31 -0400 Subject: [rancid] Re: Log Files In-Reply-To: <1d8095b20804191223t29b5656er2f2f4f83d3dc9ee3@mail.gmail.com> References: <1d8095b20804180836l7bb00742j51a2ccd3ed36d4b@mail.gmail.com> <20080418200512.GY27901@gblx.net> <20080418201041.GZ27901@gblx.net> <1d8095b20804191223t29b5656er2f2f4f83d3dc9ee3@mail.gmail.com> Message-ID: <1d8095b20804211115l54092c79s9adbe08dc6b53ff6@mail.gmail.com> Rancid actually runs and completes now. However new routers I added to the router.db are being completly skipped. I tried running rancid-run -r routernam, it completes, but the log shows nothing. Rancid:~ $ cat /opt/local/var/rancid/logs/jrouters.20080421.135735 starting: Mon Apr 21 13:57:35 EDT 2008 ending: Mon Apr 21 13:57:37 EDT 2008 Any suggestions how to debug this farther? The -d flag doesn't seem to work for rancid-run. Thanks Scott On Sat, Apr 19, 2008 at 3:23 PM, Scott Huffman wrote: > Sounds great, I will give that a try monday when I go in. I was editing > the jrancid file to try adding the "show log messages" command. Apparently > somewhere in my editing I deleted that line. > Thanks > Scott > > > > On Fri, Apr 18, 2008 at 4:10 PM, Austin Schutz wrote: > > > On Fri, Apr 18, 2008 at 01:05:12PM -0700, Austin Schutz wrote: > > > jrancid is missing the path to the perl interpreter at the top > > > of the file. It looks like something weird happened when you installed > > > rancid- maybe couldn't find the interpreter but didnt' stop > > installing. > > > > > > > Oh- the fix- put #!/usr/bin/perl (or wherever your perl is) as > > the > > very first line of jrancid. > > > > Austin > > > > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20080421/289a6395/attachment.html From alex.malberty at babycenter.com Mon Apr 21 21:11:57 2008 From: alex.malberty at babycenter.com (Alex Malberty) Date: Mon, 21 Apr 2008 14:11:57 -0700 Subject: [rancid] cisco privilege user Message-ID: Hi Everyone, Does everyone use privilege enable 15 (enable) to get the running-config of Cisco devices with IOS. Any non privilege 15 user will get a blank configuration. Thanks, ------------------------------------------------------------------------ -- Alejandro A. Malberty Systems Administrator Engineering BabyCenter, LLC amalberty at babycenter.com p: 415.344.7626 http://www.babycenter.com This email message is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply email and destroy all copies of the original message. If you are the intended recipient, please be advised that the content of this message is subject to access, review and disclosure by the sender's Email System Administrator. -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20080421/97c1eafe/attachment.html From smunzani at comcast.net Mon Apr 21 21:23:45 2008 From: smunzani at comcast.net (Sam Munzani) Date: Mon, 21 Apr 2008 16:23:45 -0500 Subject: [rancid] Re: cisco privilege user In-Reply-To: References: Message-ID: <480D05E1.1040008@comcast.net> That's normal. If you have configure priv 1 with show commands then they can run "show config" to retrieve the config file. You can't run show run. Sam > > Hi Everyone, > > Does everyone use privilege enable 15 (enable) to get the > running-config of Cisco devices with IOS. Any non privilege 15 user > will get a blank configuration. > > Thanks, > > -------------------------------------------------------------------------- > > *Alejandro A. Malberty* > > Systems Administrator > > Engineering > > BabyCenter, LLC > > amalberty at babycenter.com > > p: 415.344.7626 > > > > > _http://www.babycenter.com_ > > > > / > > This email message is for the sole use of the intended recipient(s) > and may contain confidential and privileged information. Any > unauthorized review, use, disclosure or distribution is prohibited. If > you are not the intended recipient, please contact the sender by reply > email and destroy all copies of the original message. If you are the > intended recipient, please be advised that the content of this message > is subject to access, review and disclosure by the sender's Email > System Administrator. > > / > ------------------------------------------------------------------------ > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20080421/c76b01ac/attachment.html From alex.malberty at babycenter.com Mon Apr 21 21:25:42 2008 From: alex.malberty at babycenter.com (Alex Malberty) Date: Mon, 21 Apr 2008 14:25:42 -0700 Subject: [rancid] Re: cisco privilege user In-Reply-To: <480D05E1.1040008@comcast.net> References: <480D05E1.1040008@comcast.net> Message-ID: The problem is that show conf is not the configuration that is running on the system. I wonder if anybody has implemented a solution for this. ------------------------------------------------------------------------ -- Alejandro A. Malberty Systems Administrator Engineering BabyCenter, LLC amalberty at babycenter.com p: 415.344.7626 http://www.babycenter.com ________________________________ From: Sam Munzani [mailto:smunzani at comcast.net] Sent: Monday, April 21, 2008 2:24 PM To: Alex Malberty Cc: rancid-discuss at shrubbery.net Subject: Re: [rancid] cisco privilege user That's normal. If you have configure priv 1 with show commands then they can run "show config" to retrieve the config file. You can't run show run. Sam Hi Everyone, Does everyone use privilege enable 15 (enable) to get the running-config of Cisco devices with IOS. Any non privilege 15 user will get a blank configuration. Thanks, ------------------------------------------------------------------------ -- Alejandro A. Malberty Systems Administrator Engineering BabyCenter, LLC amalberty at babycenter.com p: 415.344.7626 http://www.babycenter.com This email message is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply email and destroy all copies of the original message. If you are the intended recipient, please be advised that the content of this message is subject to access, review and disclosure by the sender's Email System Administrator. ________________________________ _______________________________________________ Rancid-discuss mailing list Rancid-discuss at shrubbery.net http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20080421/8370eb1b/attachment.html From smunzani at comcast.net Tue Apr 22 04:05:31 2008 From: smunzani at comcast.net (Sam Munzani) Date: Mon, 21 Apr 2008 23:05:31 -0500 Subject: [rancid] How to debug rancid-run? Message-ID: <480D640B.6070305@comcast.net> Hi, I built rancid 2.3.2a7 on FreeBSD 7.0 version using FreeBSD ports. Following things work fine however it doesn't just run the rancid-run. 1. clogin device-name works fine. 2. rancid device-name works fine too. However rancid-run -r device-name just hangs forever. Control+x, Control+Break or nothing else works. Below are my version numbers. expect-5.44.1.4 tcl-8.4.18,1 tk-8.4.18,2 There is nothing fancy in the setup and I have done rancid install many times. This time I am simply stumped and needs more ideas on how to debug. I am suspecting my issues are around cvs but "rancid-run -r" should not care about cvs. Thanks, Sam From wshuffman at gmail.com Fri Apr 18 15:28:33 2008 From: wshuffman at gmail.com (Scott Huffman) Date: Fri, 18 Apr 2008 11:28:33 -0400 Subject: [rancid] Errors in Logs Message-ID: Any thoughts on this error: /opt/local/libexec/rancid/jrancid: line 29: `getopts('dfl');' ===================================== Getting missed routers: round 4. /opt/local/libexec/rancid/jrancid: line 28: use: command not found /opt/local/libexec/rancid/jrancid: line 29: syntax error near unexpected token `'dfl'' /opt/local/libexec/rancid/jrancid: line 29: `getopts('dfl');' /opt/local/libexec/rancid/jrancid: line 28: use: command not found /opt/local/libexec/rancid/jrancid: line 29: syntax error near unexpected token `'dfl'' It repeats over and over. Think this is why my rancid hangs, just not sure what this means. Thanks Scott -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20080418/70c71224/attachment.html From dmack at verizon.com Tue Apr 22 13:47:19 2008 From: dmack at verizon.com (dmack at verizon.com) Date: Tue, 22 Apr 2008 09:47:19 -0400 Subject: [rancid] Rancid Diff Noise Message-ID: Hello! We have been happily using Rancid for the past 3 years and love it! I just upgraded our system to rancid-2.3.2a7 and it went smoothly. However, our diffs for the Juniper ERX-1440 are "noisy". We are getting two categories of changes that we would like to ignore. The first is the disk bytes counts reported by DirSlotN. It changes everyday, I suspect due to our provisioning changes. The second is mpls ldp passwords are "randomly" encrypted on the fly so they appear different each time. I have an example below: RCS file: /usr/local/rancid/CVS/washdc/configs/washdc-rtr-03,v retrieving revision 1.340 retrieving revision 1.341 diff -u -p -r1.340 -r1.341 --- washdc/configs/washdc-rtr-03 2008/04/02 13:09:45 1.340 +++ washdc/configs/washdc-rtr-03 2008/04/03 12:09:03 1.341 @@ -255,8 +255,8 @@ !Flash: ------------- !Flash: Device (bytes) (bytes) (bytes) !Flash: -------------- ---------- --------- -------- -!Flash: disk0: 1025482752 282328652 68157440 -!Flash: standby-disk0: 1025482752 282314384 68157440 +!Flash: disk0: 1025482752 282344524 68157440 +!Flash: standby-disk0: 1025482752 282330256 68157440 ! ! serial assembly assembly ram !slot type number number rev. (MB) @@ -1701,8 +1701,8 @@ mpls ldp targeted-hello receive list 130 mpls ldp targeted-hello send list 130.81.100.2 mpls ldp targeted-hello receive list 130.81.100.2 ! -mpls ldp neighbor 130.81.100.1 password 8 BZ References: Message-ID: <20080422163716.GA3117@panix.com> On Fri, Apr 18, 2008 at 11:28:33AM -0400, Scott Huffman wrote: > Any thoughts on this error: > /opt/local/libexec/rancid/jrancid: line 29: `getopts('dfl');' > ===================================== > Getting missed routers: round 4. > /opt/local/libexec/rancid/jrancid: line 28: use: command not found > /opt/local/libexec/rancid/jrancid: line 29: syntax error near > unexpected token `'dfl'' > /opt/local/libexec/rancid/jrancid: line 29: `getopts('dfl');' > /opt/local/libexec/rancid/jrancid: line 28: use: command not found The errors above suggest that an interpreter other than Perl is trying to run "jrancid". Check that the first line of "jrancid" is pointing to a working version of Perl, and that the newline format of "jrancid" properly matches your OS. From john at sackheads.org Tue Apr 22 17:17:21 2008 From: john at sackheads.org (John Payne) Date: Tue, 22 Apr 2008 13:17:21 -0400 Subject: [rancid] Re: cisco privilege user In-Reply-To: References: <480D05E1.1040008@comcast.net> Message-ID: <95F888D7-5AB7-4C1E-B195-B1FA13B8F818@sackheads.org> On Apr 21, 2008, at 5:25 PM, Alex Malberty wrote: > The problem is that show conf is not the configuration that is > running on the system. I wonder if anybody has implemented a > solution for this. > TACACS+ command authorization. -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20080422/6cadefa7/attachment.html From sam_mailinglists at spacething.org Tue Apr 22 18:53:14 2008 From: sam_mailinglists at spacething.org (Sam Stickland) Date: Tue, 22 Apr 2008 19:53:14 +0100 Subject: [rancid] Support from Cisco ACE modules Message-ID: <480E341A.8030605@spacething.org> Hi, Has anyone done any work for supporting these? All they need for clogin to work is an autoenable statement, but rancid is unable to collect the configurations. I haven't looked at this extensively I think it's just because the pager statement is different: I get these entries in the logs: my-ace-module: End of run not found It's also trying to execute a bunch of commands that don't make sense on ACE modules. I'm a competent, but time staved programmer. If someone can point towards the bits of the scripts that need modifying I'll try and get this done. Sam From saku+rancid at ytti.fi Tue Apr 22 19:19:19 2008 From: saku+rancid at ytti.fi (Saku Ytti) Date: Tue, 22 Apr 2008 22:19:19 +0300 Subject: [rancid] Re: Support from Cisco ACE modules In-Reply-To: <480E341A.8030605@spacething.org> References: <480E341A.8030605@spacething.org> Message-ID: <20080422191918.GA24213@mx.ytti.net> On (2008-04-22 19:53 +0100), Sam Stickland wrote: This is really rudimentary. [root at login1.fi.sn.net /opt/RCS/apps/rancid/bin]# hg diff -r20 -r19 rancid diff -r 67011fc63924 -r 8ff8aa5f718e bin/rancid --- a/bin/rancid Wed Apr 09 15:56:21 2008 +0300 +++ b/bin/rancid Thu Apr 03 10:41:49 2008 +0300 @@ -154,7 +154,7 @@ sub ShowVersion { if (/^$prompt/) { $found_version=1; last}; next if (/^(\s*|\s*$cmd\s*)$/); return(1) if /Line has invalid autocommand /; - return(1) if /([Ii]nvalid (?:input|command) detected|Type help or )/; + return(1) if /(Invalid input detected|Type help or )/; return(-1) if (/command authorization failed/i); return(0) if ($found_version); # Only do this routine once # the pager can not be disabled per-session on the PIX @@ -168,7 +168,7 @@ sub ShowVersion { $slaveslot = ", slot $1"; next; } - if (/^Application and Content Networking Software/ or /^Cisco Application Control Software/) { $type="CE"; } + if (/^Application and Content Networking Software/) { $type="CE"; } /^Application and Content Networking Software Release /i && ProcessHistory("COMMENTS","keysort","F1", "!Image: $_") && next; /^Cisco Secure PIX /i && @@ -1423,7 +1423,7 @@ sub WriteTerm { $linecnt++; $lineauto = 0 if (/^[^ ]/); # skip the crap - if (/^(##+$|(Building|Current|Generating) configuration)/i) { + if (/^(##+$|(Building|Current) configuration)/i) { while () { next if (/^Current configuration\s*:/i); next if (/^:/); [root at login1.fi.sn.net /opt/RCS/apps/rancid/bin]# > Hi, > > Has anyone done any work for supporting these? All they need for clogin > to work is an autoenable statement, but rancid is unable to collect the > configurations. I haven't looked at this extensively I think it's just > because the pager statement is different: > > I get these entries in the logs: > > my-ace-module: End of run not found > > It's also trying to execute a bunch of commands that don't make sense on > ACE modules. > > I'm a competent, but time staved programmer. If someone can point > towards the bits of the scripts that need modifying I'll try and get > this done. > > Sam > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss -- ++ytti From chirayu at hotmail.com Tue Apr 22 21:29:59 2008 From: chirayu at hotmail.com (chirayu patel) Date: Tue, 22 Apr 2008 14:29:59 -0700 Subject: [rancid] Working with Foundry EIF2402 Message-ID: Hey Everyone, I have managed to get my low END 24-port foundry switch working with rancind. I have modified francid to work but I am running into a slight problem. I am able to get the following commands working show version dir (shows flash) and show running-config is partially working. ;enable password !!!!vlan 1 name DefaultVlan untagged ethernet 1/25 to 1/26---More---Error: TIMEOUT reached but it doesn't go beyond ---More--- Any suggestions? Thanks guys. Chirayu Patel Network Engineer -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20080422/a0b63219/attachment.html From sam_mailinglists at spacething.org Tue Apr 22 18:50:52 2008 From: sam_mailinglists at spacething.org (Sam Stickland) Date: Tue, 22 Apr 2008 19:50:52 +0100 Subject: [rancid] Support from Cisco ACE modules Message-ID: <480E338C.4040000@spacething.org> Hi, Has anyone done any work for supporting these? All they need for clogin to work is an autoenable statement, but rancid is unable to collect the configurations. I haven't looked at this extensively I think it's just because the pager statement is different: I get these entries in the logs: my-ace-module: End of run not found It's also trying to execute a bunch of commands that don't make sense on ACE modules. I'm a competent, but time staved programmer. If someone can point towards the bits of the scripts that need modifying I'll try and get this done. Sam From gary.roberts at hciscorporate.com Mon Apr 28 22:59:03 2008 From: gary.roberts at hciscorporate.com (Gary Roberts) Date: Mon, 28 Apr 2008 17:59:03 -0500 Subject: [rancid] Device not issuing and "End" Message-ID: <48161067.FFB7.0000.0@hciscorporate.com> I have a device that utilizes commands in the Cisco IOS format. For backup purposes, lets say it is a Cisco Clone. However, when issuing a show running-config, the device does not include or issue an "END" at the end of the file, like most devices. As a result, i get an "End of Run not found" error. Suggestions? Thanks in Advance, gr From smunzani at comcast.net Tue Apr 29 02:35:03 2008 From: smunzani at comcast.net (Sam Munzani) Date: Mon, 28 Apr 2008 21:35:03 -0500 Subject: [rancid] su - rancid doesn't work.. What am I doing wrong here? Message-ID: <48168957.7070609@comcast.net> Hi, Please tell me what am I doing wrong here? Its simple thing but for some reason it doesn't work. smunzani at ubuntu:/var/lib/rancid$ sudo bash root at ubuntu:/var/lib/rancid# id uid=0(root) gid=0(root) groups=0(root) root at ubuntu:/var/lib/rancid# su - rancid root at ubuntu:/var/lib/rancid# id uid=0(root) gid=0(root) groups=0(root) root at ubuntu:/var/lib/rancid# more /etc/passwd << snip >> rancid:x:111:122::/var/lib/rancid:/bin/false I tried to su from my own account too and that doesn't work either. smunzani at ubuntu:/var/lib/rancid$ su - rancid Password: smunzani at ubuntu:/var/lib/rancid$ id uid=1000(smunzani) gid=1000(smunzani) groups=4(adm),20(dialout),24(cdrom),25(floppy),29(audio),30(dip),44(video),46(plugdev),107(fuse),119(lpadmin),120(admin),1000(smunzani) Why is not my su - rancid command working here? Any suggestions on what should I be looking at? I am running ubuntu server 8.0.4. Thanks, Sam -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20080428/75bb7e9f/attachment.html From smunzani at comcast.net Tue Apr 29 02:48:22 2008 From: smunzani at comcast.net (Sam Munzani) Date: Mon, 28 Apr 2008 21:48:22 -0500 Subject: [rancid] Re: su - rancid doesn't work.. What am I doing wrong here? In-Reply-To: <48168957.7070609@comcast.net> References: <48168957.7070609@comcast.net> Message-ID: <48168C76.8070604@comcast.net> I figured out that it has to do with /bin/false in /etc/passwd entry instead of a real shell. Is that normal? If I can't su to rancid, how can I run the scripts? Should I change that to /bin/sh? Thanks, Sam > Hi, > > Please tell me what am I doing wrong here? Its simple thing but for > some reason it doesn't work. > > smunzani at ubuntu:/var/lib/rancid$ sudo bash > root at ubuntu:/var/lib/rancid# id > uid=0(root) gid=0(root) groups=0(root) > root at ubuntu:/var/lib/rancid# su - rancid > root at ubuntu:/var/lib/rancid# id > uid=0(root) gid=0(root) groups=0(root) > root at ubuntu:/var/lib/rancid# more /etc/passwd > << snip >> > rancid:x:111:122::/var/lib/rancid:/bin/false > > > I tried to su from my own account too and that doesn't work either. > smunzani at ubuntu:/var/lib/rancid$ su - rancid > Password: > smunzani at ubuntu:/var/lib/rancid$ id > uid=1000(smunzani) gid=1000(smunzani) > groups=4(adm),20(dialout),24(cdrom),25(floppy),29(audio),30(dip),44(video),46(plugdev),107(fuse),119(lpadmin),120(admin),1000(smunzani) > > Why is not my su - rancid command working here? Any suggestions on > what should I be looking at? I am running ubuntu server 8.0.4. > > Thanks, > Sam > ------------------------------------------------------------------------ > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20080428/c2bd1802/attachment.html From gary.roberts at hciscorporate.com Tue Apr 29 14:32:02 2008 From: gary.roberts at hciscorporate.com (Gary Roberts) Date: Tue, 29 Apr 2008 09:32:02 -0500 Subject: [rancid] Re: Device not issuing and "End" In-Reply-To: 200804281801279241 References: 200804281801279241 Message-ID: <4816EB12.FFB7.0000.0@hciscorporate.com> Just some more info i forgot to add. The device does drop me to a prompt at the end of show run. gr >>> On Monday, April 28, 2008 at 5:59 PM, in message 200804281801279241, Gary Roberts wrote: > I have a device that utilizes commands in the Cisco IOS format. > For backup purposes, lets say it is a Cisco Clone. > However, when issuing a show running-config, the device does not include or > issue an "END" at the end of the file, like most devices. > As a result, i get an "End of Run not found" error. > > Suggestions? > > Thanks in Advance, > > gr > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss From sam_mailinglists at spacething.org Tue Apr 29 19:09:08 2008 From: sam_mailinglists at spacething.org (Sam Stickland) Date: Tue, 29 Apr 2008 20:09:08 +0100 Subject: [rancid] Re: Device not issuing and "End" In-Reply-To: <4816EB12.FFB7.0000.0@hciscorporate.com> References: 200804281801279241 <4816EB12.FFB7.0000.0@hciscorporate.com> Message-ID: <48177254.7030900@spacething.org> In my quick glance at the source code this has puzzled me. It looks like RANCID either looks for a specific line to mark the end of the config, or in some cases (i.e. Content Engines) it just believes that if it gets more than 4 lines it's complete. Is there any reason it doesn't look for the prompt to re-appear? Does this not work in all cases? Sam Gary Roberts wrote: > Just some more info i forgot to add. > The device does drop me to a prompt at the end of show run. > > gr > > >>>> On Monday, April 28, 2008 at 5:59 PM, in message 200804281801279241, Gary >>>> > Roberts wrote: > >> I have a device that utilizes commands in the Cisco IOS format. >> For backup purposes, lets say it is a Cisco Clone. >> However, when issuing a show running-config, the device does not include or >> issue an "END" at the end of the file, like most devices. >> As a result, i get an "End of Run not found" error. >> >> Suggestions? >> >> Thanks in Advance, >> >> gr >> _______________________________________________ >> Rancid-discuss mailing list >> Rancid-discuss at shrubbery.net >> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss >> > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > From mashcraft at omniture.com Tue Apr 29 19:39:42 2008 From: mashcraft at omniture.com (Mike Ashcraft) Date: Tue, 29 Apr 2008 13:39:42 -0600 Subject: [rancid] Re: Device not issuing and "End" In-Reply-To: <48161067.FFB7.0000.0@hciscorporate.com> References: <48161067.FFB7.0000.0@hciscorporate.com> Message-ID: <45EB285310B55542A513F93230F0A533054E7346@EXCHANGE0.orm.omniture.com> Gary, You will need to make a copy of bin/rancid and modify it to work with this device, add the new clone vendor to bin/rancid-fe calling your modified rancid and set these clones as the newly created vendor in router.db. If you name the clone, someone may have already created this modification and could provide a copy. Mike -----Original Message----- From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Gary Roberts Sent: Monday, April 28, 2008 4:59 PM To: rancid-discuss at shrubbery.net Subject: [rancid] Device not issuing and "End" I have a device that utilizes commands in the Cisco IOS format. For backup purposes, lets say it is a Cisco Clone. However, when issuing a show running-config, the device does not include or issue an "END" at the end of the file, like most devices. As a result, i get an "End of Run not found" error. Suggestions? Thanks in Advance, gr _______________________________________________ Rancid-discuss mailing list Rancid-discuss at shrubbery.net http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss From rancid at ale.cx Tue Apr 29 21:00:51 2008 From: rancid at ale.cx (alex) Date: Tue, 29 Apr 2008 22:00:51 +0100 Subject: [rancid] Re: Zyxel DSL CPE and RANCID? Message-ID: <200804292200.51246.rancid@ale.cx> On Thursday 17 April 2008 23:04:40 Ed Ravin wrote: > Has anyone gotten RANCID to work with Zyxel DSL modems? They start > out with a Playskool menu but you can drop into a command line with > the right incantation. Unfortunately just having a CLI isn't enough. You can't see the config from the CLI. The closest you can get is a file called autoexec.net [at least on a P-660H-61] which contains a few config parameters, but nothing useful like interface configs or WAN credentials. alexd From eravin at panix.com Tue Apr 29 23:21:44 2008 From: eravin at panix.com (Ed Ravin) Date: Tue, 29 Apr 2008 19:21:44 -0400 Subject: [rancid] Netgear GSM 73xx RANCID scripts available for testing Message-ID: <20080429232144.GA809@panix.com> I've cooked together support for the Netgear GSM 73xx series of switches. It should work for those switches or any similar Netgear device. Attached are two files - "tlogin" and "grancid". "tlogin" also supports Netopia DSL routers, hence the different letter ID. You will need to manually add router type "netgear" that calls "grancid" to your rancid-fe script. Once that's done, and "grancid" and "tlogin" are installed in the usual place on your system, you can edit router.db and fire away. Use the usual config in .cloginrc for username, password, and enable password. Although the NetGEAR switches have a Cisco-like command line, they won't work with the current clogin because: a) they don't support "exit" to log out of the box - "exit" returns you to non-enabled mode, and then you need to say "logout" to get out. This causes clogin to go into an endless loop after reading the config until it times out. b) the command prompt includes parentheses around the host name, and if your host name is the right length it provokes a bug in cloginrc when processing the prompt string. These differences are minor enough that it should be possible to roll them back into clogin - I've tried to make sure none of my changes break anything clogin normally does. Testing all that is another matter, of course, hence the creation of "tlogin" as a separate script. -- Ed -------------- next part -------------- #! /usr/local/bin/expect -- ## ## $Id: tlogin,v 1.4 2008/04/29 02:10:38 root Exp $ ## ## rancid 2.3.2a8 ## Copyright (c) 1997-2007 by Terrapin Communications, Inc. ## All rights reserved. ## ## This code is derived from software contributed to and maintained by ## Terrapin Communications, Inc. by Henry Kilmer, John Heasley, Andrew Partan, ## Pete Whiting, Austin Schutz, and Andrew Fort. ## ## Redistribution and use in source and binary forms, with or without ## modification, are permitted provided that the following conditions ## are met: ## 1. Redistributions of source code must retain the above copyright ## notice, this list of conditions and the following disclaimer. ## 2. Redistributions in binary form must reproduce the above copyright ## notice, this list of conditions and the following disclaimer in the ## documentation and/or other materials provided with the distribution. ## 3. All advertising materials mentioning features or use of this software ## must display the following acknowledgement: ## This product includes software developed by Terrapin Communications, ## Inc. and its contributors for RANCID. ## 4. Neither the name of Terrapin Communications, Inc. nor the names of its ## contributors may be used to endorse or promote products derived from ## this software without specific prior written permission. ## 5. It is requested that non-binding fixes and modifications be contributed ## back to Terrapin Communications, Inc. ## ## THIS SOFTWARE IS PROVIDED BY Terrapin Communications, INC. AND CONTRIBUTORS ## ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED ## TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR ## PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COMPANY OR CONTRIBUTORS ## BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR ## CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF ## SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS ## INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN ## CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ## ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE ## POSSIBILITY OF SUCH DAMAGE. # # The expect login scripts were based on Erik Sherk's gwtn, by permission. # # tlogin - Netopia and Netgear extensions to clogin. # # Most options are intuitive for logging into a Cisco router. # The default is to enable (thus -noenable). Some folks have # setup tacacs to have a user login at priv-lvl = 15 (enabled) # so the -autoenable flag was added for this case (don't go through # the process of enabling and the prompt will be the "#" prompt. # The default username password is the same as the vty password. # # Usage line set usage "Usage: $argv0 \[-dV\] \[-autoenable\] \[-noenable\] \[-c command\] \ \[-Evar=x\] \[-e enable-password\] \[-f cloginrc-file\] \[-p user-password\] \ \[-s script-file\] \[-t timeout\] \[-u username\] \ \[-v vty-password\] \[-w enable-username\] \[-x command-file\] \ \[-y ssh_cypher_type\] router \[router...\]\n" # env(CLOGIN) may contain: # x == do not set xterm banner or name # Password file set password_file $env(HOME)/.cloginrc # Default is to login to the router set do_command 0 set do_script 0 # The default is to automatically enable set avenable 1 # The default is that you login non-enabled (tacacs can have you login already # enabled) set avautoenable 0 # The default is to look in the password file to find the passwords. This # tracks if we receive them on the command line. set do_passwd 1 set do_enapasswd 1 # set send_human {.4 .4 .7 .3 5} # Find the user in the ENV, or use the unix userid. if {[ info exists env(CISCO_USER) ]} { set default_user $env(CISCO_USER) } elseif {[ info exists env(USER) ]} { set default_user $env(USER) } elseif {[ info exists env(LOGNAME) ]} { set default_user $env(LOGNAME) } else { # This uses "id" which I think is portable. At least it has existed # (without options) on all machines/OSes I've been on recently - # unlike whoami or id -nu. if [ catch {exec id} reason ] { send_error "\nError: could not exec id: $reason\n" exit 1 } regexp {\(([^)]*)} "$reason" junk default_user } if {[ info exists env(CLOGINRC) ]} { set password_file $env(CLOGINRC) } # Sometimes routers take awhile to answer (the default is 10 sec) set timeout 45 # Process the command line for {set i 0} {$i < $argc} {incr i} { set arg [lindex $argv $i] switch -glob -- $arg { # Expect debug mode -d* { exp_internal 1 # Username } -u* - -U* { if {! [ regexp .\[uU\](.+) $arg ignore user]} { incr i set username [ lindex $argv $i ] } # VTY Password } -p* - -P* { if {! [ regexp .\[pP\](.+) $arg ignore userpasswd]} { incr i set userpasswd [ lindex $argv $i ] } set do_passwd 0 # VTY Password } -v* { if {! [ regexp .\[vV\](.+) $arg ignore passwd]} { incr i set passwd [ lindex $argv $i ] } set do_passwd 0 # Version string } -V* { send_user "rancid 2.3.2a8\n" exit 0 # Enable Username } -w* - -W* { if {! [ regexp .\[wW\](.+) $arg ignore enauser]} { incr i set enausername [ lindex $argv $i ] } # Environment variable to pass to -s scripts } -E* { if {[ regexp .\[E\](.+)=(.+) $arg ignore varname varvalue]} { set E$varname $varvalue } else { send_user "\nError: invalid format for -E in $arg\n" exit 1 } # Enable Password } -e* { if {! [ regexp .\[e\](.+) $arg ignore enapasswd]} { incr i set enapasswd [ lindex $argv $i ] } set do_enapasswd 0 # Command to run. } -c* - -C* { if {! [ regexp .\[cC\](.+) $arg ignore command]} { incr i set command [ lindex $argv $i ] } set do_command 1 # Expect script to run. } -s* - -S* { if {! [ regexp .\[sS\](.+) $arg ignore sfile]} { incr i set sfile [ lindex $argv $i ] } if { ! [ file readable $sfile ] } { send_user "\nError: Can't read $sfile\n" exit 1 } set do_script 1 # 'ssh -c' cypher type } -y* - -Y* { if {! [ regexp .\[eE\](.+) $arg ignore cypher]} { incr i set cypher [ lindex $argv $i ] } # alternate cloginrc file } -f* - -F* { if {! [ regexp .\[fF\](.+) $arg ignore password_file]} { incr i set password_file [ lindex $argv $i ] } # Timeout } -t* - -T* { if {! [ regexp .\[tT\](.+) $arg ignore timeout]} { incr i set timeout [ lindex $argv $i ] } # Command file } -x* - -X { if {! [ regexp .\[xX\](.+) $arg ignore cmd_file]} { incr i set cmd_file [ lindex $argv $i ] } if [ catch {set cmd_fd [open $cmd_file r]} reason ] { send_user "\nError: $reason\n" exit 1 } set cmd_text [read $cmd_fd] close $cmd_fd set command [join [split $cmd_text \n] \;] set do_command 1 # Do we enable? } -noenable { set avenable 0 # Does tacacs automatically enable us? } -autoenable { set avautoenable 1 set avenable 0 } -* { send_user "\nError: Unknown argument! $arg\n" send_user $usage exit 1 } default { break } } } # Process routers...no routers listed is an error. if { $i == $argc } { send_user "\nError: $usage" } # Only be quiet if we are running a script (it can log its output # on its own) if { $do_script } { log_user 0 } else { log_user 1 } # # Done configuration/variable setting. Now run with it... # # Sets Xterm title if interactive...if its an xterm and the user cares proc label { host } { global env # if CLOGIN has an 'x' in it, don't set the xterm name/banner if [info exists env(CLOGIN)] { if {[string first "x" $env(CLOGIN)] != -1} { return } } # take host from ENV(TERM) if [info exists env(TERM)] { if [regexp \^(xterm|vs) $env(TERM) ignore ] { send_user "\033]1;[lindex [split $host "."] 0]\a" send_user "\033]2;$host\a" } } } # This is a helper function to make the password file easier to # maintain. Using this the password file has the form: # add password sl* pete cow # add password at* steve # add password * hanky-pie proc add {var args} { global int_$var ; lappend int_$var $args} proc include {args} { global env regsub -all "(^{|}$)" $args {} args if { [ regexp "^/" $args ignore ] == 0 } { set args $env(HOME)/$args } source_password_file $args } proc find {var router} { upvar int_$var list if { [info exists list] } { foreach line $list { if { [string match [lindex $line 0] $router ] } { return [lrange $line 1 end] } } } return {} } # Loads the password file. Note that as this file is tcl, and that # it is sourced, the user better know what to put in there, as it # could install more than just password info... I will assume however, # that a "bad guy" could just as easy put such code in the clogin # script, so I will leave .cloginrc as just an extention of that script proc source_password_file { password_file } { global env if { ! [file exists $password_file] } { send_user "\nError: password file ($password_file) does not exist\n" exit 1 } file stat $password_file fileinfo if { [expr ($fileinfo(mode) & 007)] != 0000 } { send_user "\nError: $password_file must not be world readable/writable\n" exit 1 } if [ catch {source $password_file} reason ] { send_user "\nError: $reason\n" exit 1 } } # Log into the router. # returns: 0 on success, 1 on failure, -1 if rsh was used successfully proc login { router user userpswd passwd enapasswd cmethod cyphertype } { global command spawn_id in_proc do_command do_script platform global prompt u_prompt p_prompt e_prompt sshcmd set in_proc 1 set uprompt_seen 0 # try each of the connection methods in $cmethod until one is successful set progs [llength $cmethod] foreach prog [lrange $cmethod 0 end] { incr progs -1 if [string match "telnet*" $prog] { regexp {telnet(:([^[:space:]]+))*} $prog methcmd suffix port if {"$port" == ""} { set retval [ catch {spawn telnet $router} reason ] } else { set retval [ catch {spawn telnet $router $port} reason ] } if { $retval } { send_user "\nError: telnet failed: $reason\n" return 1 } } elseif [string match "ssh*" $prog] { regexp {ssh(:([^[:space:]]+))*} $prog methcmd suffix port if {"$port" == ""} { set retval [ catch {spawn $sshcmd -c $cyphertype -x -l $user $router} reason ] } else { set retval [ catch {spawn $sshcmd -c $cyphertype -x -l $user -p $port $router} reason ] } if { $retval } { send_user "\nError: $sshcmd failed: $reason\n" return 1 } } elseif ![string compare $prog "rsh"] { if { ! $do_command } { if { [llength $cmethod] == 1 } { send_user "\nError: rsh is an invalid method for -x and " send_user "interactive logins\n" } if { $progs == 0 } { return 1 } continue; } set commands [split $command \;] set num_commands [llength $commands] set rshfail 0 for {set i 0} {$i < $num_commands && !$rshfail} { incr i} { log_user 0 set retval [ catch {spawn rsh $user@$router [lindex $commands $i] } reason ] if { $retval } { send_user "\nError: rsh failed: $reason\n" log_user 1; return 1 } send_user "$router# [lindex $commands $i]\n" # rcmd does not get a pager and no prompts, so we just have to # look for failures & lines. expect { "Connection refused" { catch {close}; catch {wait}; send_user "\nError: Connection\ Refused ($prog): $router\n" set rshfail 1 } -re "(Connection closed by|Connection to \[^\n\r]+ closed)" { catch {close}; catch {wait}; send_user "\nError: Connection\ closed ($prog): $router\n" set rshfail 1 } "Host is unreachable" { catch {close}; catch {wait}; send_user "\nError: Host Unreachable:\ $router\n" set rshfail 1 } "No address associated with" { catch {close}; catch {wait}; send_user "\nError: Unknown host\ $router\n" set rshfail 1 } -re "\b+" { exp_continue } -re "\[\n\r]+" { send_user -- "$expect_out(buffer)" exp_continue } timeout { catch {close}; catch {wait}; send_user "\nError: TIMEOUT reached\n" set rshfail 1 } eof { catch {close}; catch {wait}; } } log_user 1 } if { $rshfail } { if { !$progs } { return 1 } else { continue } } # fake the end of the session for rancid. send_user "$router# exit\n" # return rsh "success" return -1 } else { send_user "\nError: unknown connection method: $prog\n" return 1 } sleep 0.3 # This helps cleanup each expect clause. expect_after { timeout { send_user "\nError: TIMEOUT reached\n" catch {close}; catch {wait}; if { $in_proc} { return 1 } else { continue } } eof { send_user "\nError: EOF received\n" catch {close}; catch {wait}; if { $in_proc} { return 1 } else { continue } } } # Here we get a little tricky. There are several possibilities: # the router can ask for a username and passwd and then # talk to the TACACS server to authenticate you, or if the # TACACS server is not working, then it will use the enable # passwd. Or, the router might not have TACACS turned on, # then it will just send the passwd. # if telnet fails with connection refused, try ssh expect { -re "(Connection refused|Secure connection \[^\n\r]+ refused)" { catch {close}; catch {wait}; if !$progs { send_user "\nError: Connection Refused ($prog): $router\n" return 1 } } -re "(Connection closed by|Connection to \[^\n\r]+ closed)" { catch {close}; catch {wait}; if !$progs { send_user "\nError: Connection closed ($prog): $router\n" return 1 } } eof { send_user "\nError: Couldn't login: $router\n"; wait; return 1 } -nocase "unknown host\r" { catch {close}; catch {wait}; send_user "\nError: Unknown host $router\n"; wait; return 1 } "Host is unreachable" { catch {close}; catch {wait}; send_user "\nError: Host Unreachable: $router\n"; wait; return 1 } "No address associated with name" { catch {close}; catch {wait}; send_user "\nError: Unknown host $router\n"; wait; return 1 } -re "(Host key not found |The authenticity of host .* be established).*\(yes\/no\)\?" { send "yes\r" send_user "\nHost $router added to the list of known hosts.\n" exp_continue } -re "HOST IDENTIFICATION HAS CHANGED.* \(yes\/no\)\?" { send "no\r" send_user "\nError: The host key for $router has changed. Update the SSH known_hosts file accordingly.\n" return 1 } -re "Offending key for .* \(yes\/no\)\?" { send "no\r" send_user "\nError: host key mismatch for $router. Update the SSH known_hosts file accordingly.\n" return 1 } -re "(denied|Sorry)" { send_user "\nError: Check your passwd for $router\n" catch {close}; catch {wait}; return 1 } "Login failed" { send_user "\nError: Check your passwd for $router\n" return 1 } -re "% (Bad passwords|Authentication failed)" { send_user "\nError: Check your passwd for $router\n" return 1 } "Press any key to continue" { # send_user "Pressing the ANY key\n" send "\r" exp_continue } -re "Enter Selection: " { # Catalyst 1900s have some lame menu. Enter # K to reach a command-line. send "K\r" exp_continue } -re "Netopia.*always start from this main screen" { # control-N to escape from the Netopia Playskool menu send "\x0e" set platform "netopia" set prompt "#" set autoenable 1 return 0 } -re "Last login:" { exp_continue } -re "@\[^\r\n]+ $p_prompt" { # ssh pwd prompt sleep 1 send "$userpswd\r" exp_continue } -re "$u_prompt" { send "$user\r" set uprompt_seen 1 exp_continue } -re "$p_prompt" { sleep 1 if {$uprompt_seen == 1} { send "$userpswd\r" } else { send "$passwd\r" } exp_continue } -re "$prompt" { break; } "Login invalid" { send_user "\nError: Invalid login: $router\n"; catch {close}; catch {wait}; return 1 } } } set in_proc 0 return 0 } # Enable proc do_enable { enauser enapasswd } { global prompt in_proc global u_prompt e_prompt set in_proc 1 send "enable\r" expect { -re "$u_prompt" { send "$enauser\r"; exp_continue} -re "$e_prompt" { send "$enapasswd\r"; exp_continue} "#" { set prompt "#" } "(enable)" { set prompt "> (enable) " } -re "(denied|Sorry|Incorrect)" { # % Access denied - from local auth and poss. others send_user "\nError: Check your Enable passwd\n"; return 1 } "% Error in authentication" { send_user "\nError: Check your Enable passwd\n" return 1 } "% Bad passwords" { send_user "\nError: Check your Enable passwd\n" return 1 } } # We set the prompt variable (above) so script files don't need # to know what it is. set in_proc 0 return 0 } # Run commands given on the command line. proc run_commands { prompt command } { global in_proc platform set in_proc 1 # If the prompt is (enable), then we are on a switch and the # command is "set length 0"; otherwise its "term length 0". # skip if its an extreme (since the pager can not be disabled on a # per-vty basis). if { [ string compare "extreme" "$platform" ] } { if [ regexp -- ".*> .*enable" "$prompt" ] { send "set length 0\r" # This is ugly, but reduces code duplication, allowing the # subsequent expects to handle everything as normal. set command "set logging session disable;$command" } elseif { ![ string compare "netopia" "$platform" ] } { # kludge - should instead skip re-sensing prompt if platform netopia set prompt "#" } else { send "term length 0\r" } # limit matching of the prompt to the first umpteen characters regsub -all {^(.{1,11}).*([#>])} $prompt {\1\2} reprompt # escape any parens in the prompt, such as "(enable)" # as well as any other regexp special chars that confuse parsing regsub -all {[+*.|(){}[\]]} $prompt {\\&} reprompt # match cisco config mode prompts too, such as router(config-if)#, # but catalyst does not change in this fashion. regsub -all {([#>])$} $reprompt {([^#>\r\n]+)?[#>](\\([^)\\r\\n]+\\))?} reprompt expect { -re $reprompt {} -re "\[\n\r]+" { exp_continue } } } else { regsub -all "\[)(]" $prompt {\\&} reprompt } # this is the only way i see to get rid of more prompts in o/p..grrrrr log_user 0 # Is this a multi-command? if [ string match "*\;*" "$command" ] { set commands [split $command \;] set num_commands [llength $commands] # the pager can not be turned off on the PIX, so we have to look # for the "More" prompt. the extreme is equally obnoxious, with a # global switch in the config. for {set i 0} {$i < $num_commands} { incr i} { send "[subst -nocommands [lindex $commands $i]]\r" expect { -re "\b+" { exp_continue } -re "^\[^\n\r *]*$reprompt" { send_user -- "$expect_out(buffer)" } -re "^\[^\n\r]*$reprompt." { send_user -- "$expect_out(buffer)" exp_continue } -re "^--More--\[\r\n]+" { # specific match c1900 pager send " " exp_continue } -re "\[\n\r]+" { send_user -- "$expect_out(buffer)" exp_continue } -re "\[^\r\n]*Press to cont\[^\r\n]*" { send " " # bloody ^[[2K after " " expect { -re "^\[^\r\n]*\r" {} } exp_continue } -re "^ *--More--\[^\n\r]*" { send " " exp_continue } -re "^<-+ More -+>\[^\n\r]*" { send_user -- "$expect_out(buffer)" send " " exp_continue } } } } else { # the pager can not be turned off on the PIX, so we have to look # for the "More" prompt. the extreme is equally obnoxious, with a # global switch in the config. send "[subst -nocommands $command]\r" expect { -re "\b+" { exp_continue } -re "^\[^\n\r *]*$reprompt" { send_user -- "$expect_out(buffer)" } -re "^\[^\n\r]*$reprompt." { send_user -- "$expect_out(buffer)" exp_continue } -re "^--More--\r\n" { # specific match c1900 pager send " " exp_continue } -re "\[\n\r]+" { send_user -- "$expect_out(buffer)" exp_continue } -re "\[^\r\n]*Press to cont\[^\r\n]*" { send " " # bloody ^[[2K after " " expect { -re "^\[^\r\n]*\r" {} } exp_continue } -re "^ *--More--\[^\n\r]*" { send " " exp_continue } -re "^<-+ More -+>\[^\n\r]*" { send_user -- "$expect_out(buffer)" send " " exp_continue } } } log_user 1 if { [ string compare "extreme" "$platform" ] } { send -h "exit\r" } else { send -h "quit\r" } expect { -re "^\[^\n\r *]*$reprompt" { # the Cisco CE and Jnx ERX # and Netgear GSM switches # return to non-enabled mode # on exit in enabled mode. # And Netgear wants "logout" # in non-enabled mode, so # send 'em both: send "exit\rlogout\r" exp_continue; } "Would you like to save them now" { # Force10 and Netgear send "n\r" exp_continue } "Configuration changes have occurred.*" { # Cisco CSS send "n\r" exp_continue } -re "Do you wish to save your configuration changes" { send "n\r" exp_continue } -re "\[\n\r]+" { exp_continue } timeout { catch {close}; catch {wait}; return 0 } eof { return 0 } } set in_proc 0 } # # For each router... (this is main loop) # source_password_file $password_file set in_proc 0 set exitval 0 foreach router [lrange $argv $i end] { set router [string tolower $router] # attempt at platform switching. set platform "" send_user -- "$router\n" # Figure out the prompt. # autoenable is off by default. If we have it defined, it was done # on the command line. If it is not specifically set on the command # line, check the password file. if $avautoenable { set autoenable 1 set enable 0 set prompt "(#| \\(enable\\))" } else { set ae [find autoenable $router] if { "$ae" == "1" } { set autoenable 1 set enable 0 set prompt "(#| \\(enable\\))" } else { set autoenable 0 set enable $avenable set prompt ">" } } # look for noenable option in .cloginrc if { [find noenable $router] != "" } { set enable 0 } # Figure out passwords if { $do_passwd || $do_enapasswd } { set pswd [find password $router] if { [llength $pswd] == 0 } { send_user -- "\nError: no password for $router in $password_file.\n" continue } if { $enable && $do_enapasswd && $autoenable == 0 && [llength $pswd] < 2 } { send_user -- "\nError: no enable password for $router in $password_file.\n" continue } set passwd [join [lindex $pswd 0] ""] set enapasswd [join [lindex $pswd 1] ""] } else { set passwd $userpasswd set enapasswd $enapasswd } # Figure out username if {[info exists username]} { # command line username set ruser $username } else { set ruser [join [find user $router] ""] if { "$ruser" == "" } { set ruser $default_user } } # Figure out username's password (if different from the vty password) if {[info exists userpasswd]} { # command line username set userpswd $userpasswd } else { set userpswd [join [find userpassword $router] ""] if { "$userpswd" == "" } { set userpswd $passwd } } # Figure out enable username if {[info exists enausername]} { # command line enausername set enauser $enausername } else { set enauser [join [find enauser $router] ""] if { "$enauser" == "" } { set enauser $ruser } } # Figure out prompts set u_prompt [find userprompt $router] if { "$u_prompt" == "" } { set u_prompt "(Username|Login|login|user name|name|User):" } else { set u_prompt [join [lindex $u_prompt 0] ""] } set p_prompt [find passprompt $router] if { "$p_prompt" == "" } { set p_prompt "(\[Pp]assword|passwd):" } else { set p_prompt [join [lindex $p_prompt 0] ""] } set e_prompt [find enableprompt $router] if { "$e_prompt" == "" } { set e_prompt "\[Pp]assword:" } else { set e_prompt [join [lindex $e_prompt 0] ""] } # Figure out cypher type if {[info exists cypher]} { # command line cypher type set cyphertype $cypher } else { set cyphertype [find cyphertype $router] if { "$cyphertype" == "" } { set cyphertype "3des" } } # Figure out connection method set cmethod [find method $router] if { "$cmethod" == "" } { set cmethod {{telnet} {ssh}} } # Figure out the SSH executable name set sshcmd [find sshcmd $router] if { "$sshcmd" == "" } { set sshcmd {ssh} } # Login to the router if {[login $router $ruser $userpswd $passwd $enapasswd $cmethod $cyphertype]} { incr exitval # if login failed or rsh was unsuccessful, move on to the next device continue } if { $enable } { if {[do_enable $enauser $enapasswd]} { if { $do_command || $do_script } { incr exitval catch {close}; catch {wait}; continue } } } # we are logged in, now figure out the full prompt send "\r" expect { -re "\[\r\n]+" { exp_continue; } -re "^(.+\[:.])1 ($prompt)" { # stoopid extreme cmd-line numbers and # prompt based on state of config changes, # which may have an * at the beginning. set junk $expect_out(1,string) regsub -all "^\\\* " $expect_out(1,string) {} junk set prompt ".? ?$junk\[0-9]+ $expect_out(2,string)"; set platform "extreme" } -re "^.+$prompt" { set junk $expect_out(0,string); regsub -all "\[\]\[]" $junk {\\&} prompt; } -re "^.+> \\\(enable\\\)" { set junk $expect_out(0,string); regsub -all "\[\]\[]" $junk {\\&} prompt; } } if { $do_command } { if {[run_commands $prompt $command]} { incr exitval continue } } elseif { $do_script } { # If the prompt is (enable), then we are on a switch and the # command is "set length 0"; otherwise its "term length 0". if [ regexp -- ".*> .*enable" "$prompt" ] { send "set length 0\r" send "set logging session disable\r" } elseif { ![ string compare "netopia" "$platform" ] } { # do nothing, not supported in netopia } else { send "term length 0\r" } expect -re $prompt {} source $sfile catch {close}; } else { label $router log_user 1 interact } # End of for each router catch {wait}; sleep 0.3 } exit $exitval -------------- next part -------------- #! /usr/local/bin/perl5 ## ## $Id: grancid,v 1.3 2008/04/29 22:08:27 root Exp $ ## ## Copyright (C) 1997-2004 by Terrapin Communications, Inc. ## All rights reserved. ## ## This software may be freely copied, modified and redistributed ## without fee for non-commerical purposes provided that this license ## remains intact and unmodified with any RANCID distribution. ## ## There is no warranty or other guarantee of fitness of this software. ## It is provided solely "as is". The author(s) disclaim(s) all ## responsibility and liability with respect to this software's usage ## or its effect upon hardware, computer systems, other software, or ## anything else. ## ## Except where noted otherwise, rancid was written by and is maintained by ## Henry Kilmer, John Heasley, Andrew Partan, Pete Whiting, and Austin Schutz. ## # # grancid - adapted for NetGEAR GSM 73xx series by Ed Ravin # May work on other NetGEAR equipment. # # RANCID - Really Awesome New Cisco confIg Differ # # usage: grancid [-d] [-l] [-f filename | $host] # use Getopt::Std; getopts('dfl'); $log = $opt_l; $debug = $opt_d; $file = $opt_f; $host = $ARGV[0]; $clean_run = 0; $found_end = 0; $found_version = 0; $found_env = 0; $found_diag = 0; $timeo = 90; # clogin timeout in seconds $clogin_pgm= $ENV{'RANCID_CLOGIN'} || "tlogin"; my(%filter_pwds); # password filtering mode # This routine is used to print out the router configuration sub ProcessHistory { my($new_hist_tag,$new_command,$command_string, at string)=(@_); if((($new_hist_tag ne $hist_tag) || ($new_command ne $command)) && defined %history) { print eval "$command \%history"; undef %history; } if (($new_hist_tag) && ($new_command) && ($command_string)) { if ($history{$command_string}) { $history{$command_string} = "$history{$command_string}@string"; } else { $history{$command_string} = "@string"; } } elsif (($new_hist_tag) && ($new_command)) { $history{++$#history} = "@string"; } else { print "@string"; } $hist_tag = $new_hist_tag; $command = $new_command; 1; } sub numerically { $a <=> $b; } # This is a sort routing that will sort numerically on the # keys of a hash as if it were a normal array. sub keynsort { local(%lines)=@_; local($i) = 0; local(@sorted_lines); foreach $key (sort numerically keys(%lines)) { $sorted_lines[$i] = $lines{$key}; $i++; } @sorted_lines; } # This is a sort routing that will sort on the # keys of a hash as if it were a normal array. sub keysort { local(%lines)=@_; local($i) = 0; local(@sorted_lines); foreach $key (sort keys(%lines)) { $sorted_lines[$i] = $lines{$key}; $i++; } @sorted_lines; } # This is a sort routing that will sort on the # values of a hash as if it were a normal array. sub valsort{ local(%lines)=@_; local($i) = 0; local(@sorted_lines); foreach $key (sort values %lines) { $sorted_lines[$i] = $key; $i++; } @sorted_lines; } # This is a numerical sort routing (ascending). sub numsort { local(%lines)=@_; local($i) = 0; local(@sorted_lines); foreach $num (sort {$a <=> $b} keys %lines) { $sorted_lines[$i] = $lines{$num}; $i++; } @sorted_lines; } # This is a sort routine that will sort on the # ip address when the ip address is anywhere in # the strings. sub ipsort { local(%lines)=@_; local($i) = 0; local(@sorted_lines); foreach $addr (sort sortbyipaddr keys %lines) { $sorted_lines[$i] = $lines{$addr}; $i++; } @sorted_lines; } # These two routines will sort based upon IP addresses sub ipaddrval { my(@a) = ($_[0] =~ m#^(\d+)\.(\d+)\.(\d+)\.(\d+)$#); $a[3]+256*($a[2]+256*($a[1]+256*$a[0])); } sub sortbyipaddr { &ipaddrval($a) <=> &ipaddrval($b); } # This routine parses "show version" sub ShowVersion { print STDERR " In ShowVersion: $_" if ($debug); while () { tr/\015//d; if (/^$prompt/) { $found_version=1; last}; next if(/^(\s*|\s*$cmd\s*)$/); return(1) if /(Invalid input detected|Type help or )/; return(-1) if (/command authorization failed/i); return(0) if ($found_version); # Only do this routine once # in case the pager prompt shows up s/^--More--.*\(q\)uit//; ### sample output: # System Description............................. GSM7312 L3 Managed Gigabit # Switch # Machine Model.................................. Netgear GSM7312 5691 # Serial Number.................................. Unknown # Burned In MAC Address.......................... 00:14:6C:ff:ff:ff # Software Version............................... 6.2.0.14 # Bootcode Version............................... 3.0 # Current Time................................... Jan 3 14:13:57 1970 UTC # Current SNTP Sync Status....................... Other # ignore "Current" items that will cause diffs to be unnecessarily sent next if /(Current Time|Current SNTP)/i; ProcessHistory("COMMENTS","keysort","A1","! $_"); } return(0); } sub ShowMisc { # keyval my $keyval= $_[0] or "C1"; print STDERR " In ShowMisc($keyval): $_" if ($debug); while () { tr/\015//d; if (/^$prompt/) { $found_version=1; last}; next if(/^(\s*|\s*$cmd\s*)$/); return(1) if /(Invalid input detected|Type help or )/; return(-1) if (/command authorization failed/i); # in case the pager prompt shows up s/^--More--.*\(q\)uit//; ProcessHistory("COMMENTS","keysort",$keyval,"! $_"); } return(0); } sub ShowSlot { ShowMisc("B1"); } sub ScriptList { ShowMisc("C1"); } sub ShowVlan { ShowMisc("D1"); } sub ShowUsers { ShowMisc("E1"); } sub ShowConfig { print STDERR " In ShowConfig: $_" if ($debug); while () { tr/\015//d; if (/^$prompt/) { $found_end=1; $clean_run=1; return 0}; next if(/^(\s*|\s*$cmd\s*)$/); return(1) if /(Invalid input detected|Type help or )/; return(-1) if (/command authorization failed/i); # in case the pager prompt shows up s/^--More--.*\(q\)uit//; # no post-processing needed - just file it ProcessHistory("","","","$_"); } } # dummy function sub DoNothing {print STDOUT;} # Main @commandtable=( {'show hardware' => "ShowVersion"}, {'show slot' => "ShowSlot"}, {'script list' => "ScriptList"}, {'show users' => "ShowUsers"}, {'show vlan' => "ShowVlan"}, {'show running-config' => "ShowConfig"}, ); # Use array to preserve order of commands, and hash for mapping to subroutine my (%commands, @commands); foreach (@commandtable) { push @commands, (keys(%{$_}))[0]; $commands{$commands[$#commands]}= (values(%{$_}))[0]; }; $cisco_cmds=join(";", at commands); $cmds_regexp=join("|", at commands); open(OUTPUT,">$host.new") || die "Can't open $host.new for writing: $!\n"; select(OUTPUT); # make OUTPUT unbuffered if debugging if ($debug) { $| = 1; } if ($file) { print STDERR "opening file $host\n" if ($debug); print STDOUT "opening file $host\n" if ($log); open(INPUT,"<$host") || die "open failed for $host: $!\n"; } else { print STDERR "executing $clogin_pgm -t $timeo -c\"$cisco_cmds\" $host\n" if ($debug); print STDOUT "executing $clogin_pgm -t $timeo -c\"$cisco_cmds\" $host\n" if ($log); if (defined($ENV{NOPIPE})) { system "$clogin_pgm -t $timeo -c \"$cisco_cmds\" $host $host.raw 2>&1" || die "$clogin_pgm failed for $host: $!\n"; open(INPUT, "< $host.raw") || die "$clogin_pgm failed for $host: $!\n"; } else { open(INPUT,"$clogin_pgm -t $timeo -c \"$cisco_cmds\" $host ) { tr/\015//d; if (/[>#]\s?exit$/) { $clean_run=1; last; } if (/^Error:/) { print STDOUT ("$host $clogin_pgm error: $_"); print STDERR ("$host $clogin_pgm error: $_") if ($debug); $clean_run=0; last; } while (/#\s*($cmds_regexp)\s*$/) { $cmd = $1; if (!defined($prompt)) { $prompt = ($_ =~ /^([^#]+#)/)[0]; $prompt =~ s/([][+.*}{)(\\])/\\$1/g; print STDERR ("PROMPT MATCH: $prompt\n") if ($debug); } print STDERR ("HIT COMMAND:$_") if ($debug); if (! defined($commands{$cmd})) { print STDERR "$host: found unexpected command - \"$cmd\"\n"; $clean_run = 0; last TOP; } $rval = &{$commands{$cmd}}; delete($commands{$cmd}); if ($rval == -1) { $clean_run = 0; last TOP; } } } print STDOUT "Done $logincmd: $_\n" if ($log); # Flush History ProcessHistory("","","",""); # Cleanup close(INPUT); close(OUTPUT); if (defined($ENV{NOPIPE})) { unlink("$host.raw") if (! $debug); } # check for completeness if (scalar(%commands) || !$clean_run || !$found_end) { if (scalar(%commands)) { printf(STDOUT "$host: missed cmd(s): %s\n", join(',', keys(%commands))); printf(STDERR "$host: missed cmd(s): %s\n", join(',', keys(%commands))) if ($debug); } if (!$clean_run || !$found_end) { print STDOUT "$host: End of run not found\n"; print STDERR "$host: End of run not found\n" if ($debug); system("/usr/bin/tail -1 $host.new"); } unlink "$host.new" if (! $debug); } From me at ale.cx Tue Apr 29 20:46:17 2008 From: me at ale.cx (alex) Date: Tue, 29 Apr 2008 21:46:17 +0100 Subject: [rancid] Re: Zyxel DSL CPE and RANCID? In-Reply-To: <20080417220440.GA3124@panix.com> References: <20080417220440.GA3124@panix.com> Message-ID: <200804292146.18177.me@ale.cx> On Thursday 17 April 2008 23:04:40 Ed Ravin wrote: > Has anyone gotten RANCID to work with Zyxel DSL modems? They start > out with a Playskool menu but you can drop into a command line with > the right incantation. Unfortunately just having a CLI isn't enough. You can't see the config from the CLI. The closest you can get is a file called autoexec.net [at least on a P-660H-61] which contains a few config parameters, but nothing useful like interface configs or WAN credentials. alexd From ecables at gmail.com Wed Apr 30 16:55:39 2008 From: ecables at gmail.com (Eric Cables) Date: Wed, 30 Apr 2008 09:55:39 -0700 Subject: [rancid] Rancid hanging Message-ID: I have been using Rancid for over a year now, and just yesterday I attempted to migrate over to a newly built system. Everything seemed to be working okay, clogin worked, and when I began rancid-run everything appeared to start off okay, but the problem is that rancid-run never finished. I left it running for about 16 hours, but it never produced any additional output to the logfile other than "Trying to get all of the configs.". The configs directory did produce device.new files, all with sizes of what I would expect for the configs, but that was it. -rw-r----- 1 rancid rancid 0 Apr 29 16:20 site1-er-03-01 -rw-r----- 1 rancid rancid 8800 Apr 30 09:42 site1-er-03-01.new -rw-r----- 1 rancid rancid 0 Apr 29 16:20 site1-hr-03-01 -rw-r----- 1 rancid rancid 19092 Apr 30 09:41 site1-hr-03-01.new -rw-r----- 1 rancid rancid 0 Apr 29 16:20 site2-er-01-01 -rw-r----- 1 rancid rancid 8502 Apr 30 09:42 site2-er-01-01.new -rw-r----- 1 rancid rancid 0 Apr 29 16:20 site3-er-01-01 -rw-r----- 1 rancid rancid 13032 Apr 30 09:41 site3-er-01-01.new Can anyone provide any feedback on how to troubleshoot this? As stated, there is nothing in the logs generated indicating why it is hanging. Thanks, -- Eric Cables -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20080430/c06bc8d1/attachment.html From ecables at gmail.com Wed Apr 30 17:46:52 2008 From: ecables at gmail.com (Eric Cables) Date: Wed, 30 Apr 2008 10:46:52 -0700 Subject: [rancid] Gathering Cisco MDS configurations Message-ID: I have sent a couple of e-mails in the past about this topic, and gotten some replies that were helpful, but I am still struggling with this. I have 9500 series MDS switches, running SAN-OS, that I need to archive. Currently I rely on CiscoWorks to do this, which is pretty much the only reason I still have that software in place. Here are the suggestions I have received, and implemented: Modify the bin/rancid file as follows: -- if (/^Application and Content Networking Software/) { $type="CE"; } + if (/^Cisco Storage Area Networking Operating System/) { $type="SAN"; } -- -- } # The ContentEngine lacks a definitive "end of config" marker. If we # know that it is a CE and we have seen at least 5 lines of write term # o/p, we can be reasonably sure that we got the config. if ($type =~ /^CE$/ && $linecnt > 5) { $found_end = 1; return(0); } + # The Cisco SAN switch running SANOS lacks a definitive "end of config" + # marker. If we know that it is a SAN switch and we have seen at least 5 + # lines of write term o/p, we can be reasonably sure that we got the config. + if ($type =~ /^SAN$/ && $linecnt > 5) { + $found_end = 1; + return(1); + } return(0); -- I have done the above, but it didn't seem to yield the expected results. Here is my output from a rancid-run: Trying to get all of the configs. mds-02-04: End of run not found mds-02-01: End of run not found mds-02-02: End of run not found mds-02-03: End of run not found <> cvs diff: Diffing . cvs diff: Diffing configs cvs commit: Examining . cvs commit: Examining configs ending: Wed Apr 30 10:42:09 PDT 2008 The above just loops for each round, and then it fails out. Any suggestions would be greatly appreciated. -- Eric Cables -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20080430/703acbee/attachment.html From mstefani at redhat.com Wed Apr 30 19:29:52 2008 From: mstefani at redhat.com (Michael Stefaniuc) Date: Wed, 30 Apr 2008 21:29:52 +0200 Subject: [rancid] Re: Gathering Cisco MDS configurations In-Reply-To: References: Message-ID: <4818C8B0.3060105@redhat.com> Eric Cables wrote: > I have sent a couple of e-mails in the past about this topic, and gotten > some replies that were helpful, but I am still struggling with this. I > have 9500 series MDS switches, running SAN-OS, that I need to archive. > Currently I rely on CiscoWorks to do this, which is pretty much the only > reason I still have that software in place. > > Here are the suggestions I have received, and implemented: > > Modify the bin/rancid file as follows: That's not enough, check the patch/email i have sent to this mailing list at the beginning of the month; subject was "[PATCH] Preliminary support for Cisco's SANOS devices" bye michael > -- > if (/^Application and Content Networking Software/) { $type="CE"; } > + if (/^Cisco Storage Area Networking Operating System/) { > $type="SAN"; } > -- > > -- > } > # The ContentEngine lacks a definitive "end of config" marker. If we > # know that it is a CE and we have seen at least 5 lines of write term > # o/p, we can be reasonably sure that we got the config. > if ($type =~ /^CE$/ && $linecnt > 5) { > $found_end = 1; > return(0); > } > > + # The Cisco SAN switch running SANOS lacks a definitive "end of config" > + # marker. If we know that it is a SAN switch and we have seen at > least 5 > + # lines of write term o/p, we can be reasonably sure that we got > the config. > + if ($type =~ /^SAN$/ && $linecnt > 5) { > + $found_end = 1; > + return(1); > + } > > return(0); > -- > > I have done the above, but it didn't seem to yield the expected > results. Here is my output from a rancid-run: > > Trying to get all of the configs. > mds-02-04: End of run not found > > mds-02-01: End of run not found > > mds-02-02: End of run not found > > mds-02-03: End of run not found > > <> > > cvs diff: Diffing . > cvs diff: Diffing configs > cvs commit: Examining . > cvs commit: Examining configs > > ending: Wed Apr 30 10:42:09 PDT 2008 > > > The above just loops for each round, and then it fails out. Any > suggestions would be greatly appreciated. -- Michael Stefaniuc Tel.: +49-711-96437-199 Consulting Communications Engineer Fax.: +49-711-96437-111 -------------------------------------------------------------------- Reg. Adresse: Red Hat GmbH, Hauptst?tter Strasse 58, 70178 Stuttgart Handelsregister: Amtsgericht Stuttgart HRB 153243 Gesch?ftsf?hrer: Brendan Lane, Charlie Peters, Michael Cunningham, Werner Knoblich From ecables at gmail.com Wed Apr 30 19:47:17 2008 From: ecables at gmail.com (Eric Cables) Date: Wed, 30 Apr 2008 12:47:17 -0700 Subject: [rancid] Re: Gathering Cisco MDS configurations In-Reply-To: <4818C8B0.3060105@redhat.com> References: <4818C8B0.3060105@redhat.com> Message-ID: Excellent, that did the trick. I hope this makes it into the next rancid release. On Wed, Apr 30, 2008 at 12:29 PM, Michael Stefaniuc wrote: > Eric Cables wrote: > > I have sent a couple of e-mails in the past about this topic, and gotten > > some replies that were helpful, but I am still struggling with this. I > > have 9500 series MDS switches, running SAN-OS, that I need to archive. > > Currently I rely on CiscoWorks to do this, which is pretty much the only > > reason I still have that software in place. > > > > Here are the suggestions I have received, and implemented: > > > > Modify the bin/rancid file as follows: > That's not enough, check the patch/email i have sent to this mailing > list at the beginning of the month; subject was > "[PATCH] Preliminary support for Cisco's SANOS devices" > > bye > michael > > > -- > > if (/^Application and Content Networking Software/) { > $type="CE"; } > > + if (/^Cisco Storage Area Networking Operating System/) { > > $type="SAN"; } > > -- > > > > -- > > } > > # The ContentEngine lacks a definitive "end of config" marker. If > we > > # know that it is a CE and we have seen at least 5 lines of write > term > > # o/p, we can be reasonably sure that we got the config. > > if ($type =~ /^CE$/ && $linecnt > 5) { > > $found_end = 1; > > return(0); > > } > > > > + # The Cisco SAN switch running SANOS lacks a definitive "end of > config" > > + # marker. If we know that it is a SAN switch and we have seen at > > least 5 > > + # lines of write term o/p, we can be reasonably sure that we got > > the config. > > + if ($type =~ /^SAN$/ && $linecnt > 5) { > > + $found_end = 1; > > + return(1); > > + } > > > > return(0); > > -- > > > > I have done the above, but it didn't seem to yield the expected > > results. Here is my output from a rancid-run: > > > > Trying to get all of the configs. > > mds-02-04: End of run not found > > > > mds-02-01: End of run not found > > > > mds-02-02: End of run not found > > > > mds-02-03: End of run not found > > > > <> > > > > cvs diff: Diffing . > > cvs diff: Diffing configs > > cvs commit: Examining . > > cvs commit: Examining configs > > > > ending: Wed Apr 30 10:42:09 PDT 2008 > > > > > > The above just loops for each round, and then it fails out. Any > > suggestions would be greatly appreciated. > > > -- > Michael Stefaniuc Tel.: +49-711-96437-199 > Consulting Communications Engineer Fax.: +49-711-96437-111 > -------------------------------------------------------------------- > Reg. Adresse: Red Hat GmbH, Hauptst?tter Strasse 58, 70178 Stuttgart > Handelsregister: Amtsgericht Stuttgart HRB 153243 > Gesch?ftsf?hrer: Brendan Lane, Charlie Peters, Michael Cunningham, > Werner Knoblich > -- Eric Cables -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20080430/1f36e4ec/attachment.html