From tarranum.kamal at gmail.com Fri Jun 2 06:36:30 2017 From: tarranum.kamal at gmail.com (Tarranum Kamal) Date: Fri, 2 Jun 2017 14:36:30 +0800 Subject: [rancid] HELP RACNID LOOKING GLASS In-Reply-To: References: <20170525141718.GH24772@shrubbery.net> Message-ID: Anyone who can answer my query. I have fixed my previous issues and now when try to execute ping from my LG webpage, it gives me error "Unknown device type nokia: . I am trying to configure it for Nokia routers (formerly Alcatel Lucent). Here is how my rancid.types.conf looks like nokia;script;nkrancid nokia;login;nklogin nokia;module;timos nokia;command;timos::ping nokia;inloop;timos::inloop and nklogin /nkrancid are located in /usr/local/libexc/rancid and are writeable by rancid user only. Thanks for your reply. BR On Fri, May 26, 2017 at 1:12 PM, Tarranum Kamal wrote: > I use your method. The location of perl i think I am sure (see below) > > /usr/local/htdocs/lg % cd /usr/local/bin/perl > perl* perl5* perl5.24.1* perlbug* perldoc* perlivp* > perlthanks* > > > Perl version in use: > > perl -v > > This is perl 5, version 24, subversion 1 (v5.24.1) built for > amd64-freebsd-thread-multi > (with 1 registered patch, see perl -V for more detail) > > Copyright 1987-2016, Larry Wall > > Perl may be copied only under the terms of either the Artistic License or > the > GNU General Public License, which may be found in the Perl 5 source kit. > > Complete documentation for Perl, including FAQ lists, should be found on > this system using "man perl" or "perldoc perl". If you have access to the > Internet, point your browser at http://www.perl.org/, the Perl Home Page. > > Thanks for replying > > BR > > On Fri, May 26, 2017 at 12:52 AM, Aaron Dudek wrote: > >> Did you install the modules using the method I gave? >> Are you sure about the location of the perl modules? >> >> I've never played with the LG and I don't do http. >> >> On Thu, May 25, 2017 at 11:57 AM, Tarranum Kamal >> wrote: >> > Hi Aaron >> > >> > Thanks for your swift reply. Is this going to install CGI and Lockfile >> > module for me ? >> > >> > FYI, httpd.conf file >> > >> > >> > LoadModule cgid_module libexec/apache24/mod_cgid.so >> > >> > >> > LoadModule cgi_module libexec/apache24/mod_cgi.so >> > LoadModule perl_module libexec/apache24/mod_perl.so >> > >> > ScriptAlias /lg /usr/local/htdocs/lg >> > >> > >> > AllowOverride None >> > AddHandler cgi-script .cgi .pl >> > Options ExecCGI >> > DirectoryIndex lgform.cgi >> > Require all granted >> > >> > >> > When I see httpd-error.log, I see below: >> > >> > [Thu May 25 16:01:48.035497 2017] [cgi:error] [pid 17135] [client > > address:port>] AH01215: (8)Exec format error: exec of >> > '/usr/local/htdocs/lg/index.html' failed: >> /usr/local/htdocs/lg/index.html >> > [Thu May 25 16:01:48.035557 2017] [cgi:error] [pid 17135] [client > > address:port>] End of script output before headers: index.html >> > >> > Best Regards >> > >> > >> > >> > On Thu, May 25, 2017 at 10:22 PM, Aaron Dudek >> wrote: >> >> >> >> As far as the Perl stuff >> >> try >> >> A) Start CPAN Shell: >> >> # perl -MCPAN -e shell >> >> >> >> B) Install a perl module: >> >> At cpan> shell prompt install module using install module::Name >> >> command. For example install module called MIME::Lite: >> >> # cpan> install MIME::Lite >> >> >> >> Alternatively, try out the following command: >> >> # cpan -i MIME::Lite >> >> >> >> On Thu, May 25, 2017 at 10:17 AM, heasley wrote: >> >> > Thu, May 25, 2017 at 01:17:56PM +0800, Tarranum Kamal: >> >> >> 0down votefavorite >> >> >> >> >> >> >> >> >> I am beginner to server world and in general scripting and OS. I >> have >> >> >> managed to run Rancid on my server running Freebsd. Now i am trying >> to >> >> >> confiugre RANCID Looking glass, i have followed REAMDE.lg that comes >> >> >> with >> >> >> rancid package but to be honest this is too difficult to understand >> >> >> with >> >> >> lots of hidden assumptions . ANyways i followed the instricution in >> it >> >> >> ) >> >> >> (whatever I could understand) , when I try to access it thru >> browser it >> >> >> displays text instead webpage, now I am clueless. The readme says it >> >> >> required CGI and Lockfile perl modules, how can I check if these >> >> >> modules >> >> >> are present on my servers >> >> >> >> >> >> I would appreciate if anyone has installed rancid looking glass who >> can >> >> >> help me out or if anyone can provide me a better installation guide >> for >> >> >> freebsd. >> >> > >> >> > its been a while since i've setup the lg freshly and the i have yet >> to >> >> > review the suggestion last week from another user on the cisco-nsp >> list. >> >> > i'll try to do that next week, otherwise the README.lg file is the >> only >> >> > instruction I have for you ATM. >> >> > >> >> > _______________________________________________ >> >> > Rancid-discuss mailing list >> >> > Rancid-discuss at shrubbery.net >> >> > http://www.shrubbery.net/mailman/listinfo/rancid-discuss >> > >> > >> > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From tannerlyle at gmail.com Fri Jun 2 15:29:58 2017 From: tannerlyle at gmail.com (Tanner Lyle) Date: Fri, 2 Jun 2017 10:29:58 -0500 Subject: [rancid] help ciena-ws trouble on Rancid 3.6.2 Message-ID: ---------- Forwarded message ---------- From: Tanner Lyle Date: Fri, Jun 2, 2017 at 9:19 AM Subject: help ciena-ws trouble on Rancid 3.6.2 To: rancid-discuss at shrubbery.net I am having trouble trying to get Rancid 3.6.2 to complete on a Ciena Waveserver. I have other devices that are able to run and create configs on my rancid install. It is able to login in and runs the commands but never seems to be able to pass the output to the parsing scripts export NOPIPE=YES && rancid -d -t ciena-ws 192.168.168.32 loadtype: device type ciena-ws loadtype: found device type ciena-ws in /usr/local/rancid/etc/rancid. types.base executing hlogin -t 120 -c"software show;chassis show;configuration show" 192.168.168.32 192.168.168.32: missed cmd(s): all commands 192.168.168.32: End of run not found hlogin seems to fail from the use of "logout" instead of "exit" and never closes the loop. I created a new login called cienawslogin and ran it and it seems to close the loop but never passes the output to the parse script # Ciena Waveserver (XXX WiP) ciena-ws;script;rancid -t ciena-ws ciena-ws;login;cienawslogin ciena-ws;module;wavesvros ciena-ws;inloop;wavesvros::inloop ciena-ws;command;wavesvros::ShowVersion;software show ciena-ws;command;wavesvros::ShowChassis;chassis show ciena-ws;command;wavesvros::WriteTerm;configuration show export NOPIPE=YES && rancid -d -t ciena-ws 192.168.168.32 loadtype: device type ciena-ws loadtype: found device type ciena-ws in /usr/local/rancid/etc/rancid. types.base executing cienawslogin -t 120 -c"software show;chassis show;configuration show" 192.168.168.32 192.168.168.32: missed cmd(s): all commands 192.168.168.32: End of run not found I've included both of the 192.168.168.32.raw's generated by the "export NOPIPE=YES && rancid -d -t ciena-ws 192.168.168.32" with both the hlogin and wavewslogin files is there anyway to debug why the output isn't making it to be parsed cienawslogin -d -t 120 -c"software show" 192.168.168.32 output in "cienawslogin-debug.txt" -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- 192.168.168.32 spawn hpuifilter -- ssh -x -l su 192.168.168.32 Password: !!! This is a private network. Any unauthorized access or use will lead to prosecution!!! Welcome to the Waveserver OS CLI! Waveserver-Bottom# Waveserver-Bottom# system shell session set more off Waveserver-Bottom# software show Operation is in progress... +---------------- SOFTWARE STATE INFORMATION -------------------+ | Parameter | Value | +-------------------------------+-------------------------------+ | Software Operational State | Normal | | Upgrade Operational State | Idle | +-------------------------------+-------------------------------+ | Auto-revert Timer | Not running | | User-revert Timer | Not running | +-------------------------------+-------------------------------+ | Last Command File Executed | | | Last Config File via Command | | +-------------------------------+-------------------------------+ +---------------- ACTIVE RELEASE INFORMATION -------------------+ | Parameter | Value | +-------------------------------+-------------------------------+ | Version | 1.3.1 | | Build | ci08 | | Build Date | 2017.03.24-13:28.38 | | Catalog Name | 1.3.1-ci08_svrbuild_wvsrvr | | License Name | Waveserver-SWR1.3.0 | | License Version | 1.3 | +-------------------------------+-----------+---------+---------+ | Release Component | Version | Build | State | +-------------------------------+-----------+---------+---------+ | Waveserver OS | 1.3.1 | ci08 | Active | | WS Control Datapath Firmware | 1.2.0 | bf88 | Active | | WS Wavelogic Firmware | 1.2.0 | bf88 | Active | | WS Controller App | 1.3.1 | ci08 | Active | | WS Datapath App | 1.3.1 | ci08 | Active | | WS Management App | 1.3.1 | ci08 | Active | | WS License Service App | 1.3.1 | ci08 | Active | | WS MIB | 01-03-00 | 00 | Active | | WS YANG | 01-03-00 | 00 | Active | | WS HW-ID | 002 | 00 | Active | | WS SW-ID | 01 | 00 | Active | +-------------------------------+-----------+---------+---------+ +------------------------+--------+--------------+--------+---------+ | Licensed Feature | In-Use | Availability | Type | Status | +------------------------+--------+--------------+--------+---------+ | Software Release | No | No | | | | Software Release 1.3.0 | Yes | Held | Served | Valid | +------------------------+--------+--------------+--------+---------+ Waveserver-Bottom#exit Goodbye. Connection to 192.168.168.32 closed. -------------- next part -------------- A non-text attachment was scrubbed... Name: hlogin.192.168.168.32.raw Type: image/raw Size: 15849 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: cienawslogin.192.168.168.32.raw Type: image/raw Size: 15739 bytes Desc: not available URL: From tannerlyle at gmail.com Fri Jun 2 14:19:18 2017 From: tannerlyle at gmail.com (Tanner Lyle) Date: Fri, 2 Jun 2017 09:19:18 -0500 Subject: [rancid] help ciena-ws trouble on Rancid 3.6.2 Message-ID: I am having issues trying to get Rancid 3.6.2 to run commands and parse output from a Ciena Waveserver. I have other devices that are able to run via my rancid install. It is able to login in and runs the commands but never seems to be able to pass them to the parsing scripts export NOPIPE=YES && rancid -d -t ciena-ws 192.168.168.32 loadtype: device type ciena-ws loadtype: found device type ciena-ws in /usr/local/rancid/etc/rancid.types.base executing hlogin -t 120 -c"software show;chassis show;configuration show" 192.168.168.32 192.168.168.32: missed cmd(s): all commands 192.168.168.32: End of run not found hlogin seems to fail from the use of "logout" instead of "exit" and never closes the loop. I created a new login called cienawslogin and ran it and it seems to close the loop but never passes the output to the parse script # Ciena Waveserver (XXX WiP) ciena-ws;script;rancid -t ciena-ws ciena-ws;login;cienawslogin ciena-ws;module;wavesvros ciena-ws;inloop;wavesvros::inloop ciena-ws;command;wavesvros::ShowVersion;software show ciena-ws;command;wavesvros::ShowChassis;chassis show ciena-ws;command;wavesvros::WriteTerm;configuration show export NOPIPE=YES && rancid -d -t ciena-ws 192.168.168.32 loadtype: device type ciena-ws loadtype: found device type ciena-ws in /usr/local/rancid/etc/rancid.types.base executing cienawslogin -t 120 -c"software show;chassis show;configuration show" 192.168.168.32 192.168.168.32: missed cmd(s): all commands 192.168.168.32: End of run not found I've included both of the 192.168.168.32.raw's generated by the "export NOPIPE=YES && rancid -d -t ciena-ws 192.168.168.32" with both the hlogin and wavewslogin files -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: hlogin.192.168.168.32.raw Type: image/raw Size: 15849 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: cienawslogin.192.168.168.32.raw Type: image/raw Size: 15739 bytes Desc: not available URL: From onurbrc at gmail.com Fri Jun 2 15:07:55 2017 From: onurbrc at gmail.com (=?UTF-8?Q?Bruno_Cal=C3=A7ado?=) Date: Fri, 2 Jun 2017 17:07:55 +0200 Subject: [rancid] Question about Alteon Radware - CLI interaction Message-ID: Hello, My name is Bruno and I am a network student. I'm doing my internship about network devices automatization. Where I'm working we don't have HTTPS access enabled. So, I'd would ask you if you have any documentation about ssh interactivity or another CLI method to communicate with Radware devices? I'd love to use Ansible to do that without vDirect nor https for while. Could you send me anything about it ? I've seen your post about Radware/Alteon Interactive Commands . Would you have any documentation about it ? Thank you in advance. Best regards, Bruno REIS -------------- next part -------------- An HTML attachment was scrubbed... URL: From me at falz.net Fri Jun 2 20:11:00 2017 From: me at falz.net (Chris Wopat) Date: Fri, 2 Jun 2017 15:11:00 -0500 Subject: [rancid] help ciena-ws trouble on Rancid 3.6.2 In-Reply-To: References: Message-ID: > From: Tanner Lyle > > I am having issues trying to get Rancid 3.6.2 to run commands and parse > output from a Ciena Waveserver. I have other devices that are able to run > via my rancid install. > > It is able to login in and runs the commands but never seems to be able to > pass them to the parsing scripts > > export NOPIPE=YES && rancid -d -t ciena-ws 192.168.168.32 > loadtype: device type ciena-ws > loadtype: found device type ciena-ws in > /usr/local/rancid/etc/rancid.types.base > executing hlogin -t 120 -c"software show;chassis show;configuration show" > 192.168.168.32 > 192.168.168.32: missed cmd(s): all commands > 192.168.168.32: End of run not found > > hlogin seems to fail from the use of "logout" instead of "exit" and never > closes the loop. > > I created a new login called cienawslogin and ran it and it seems to close > the loop but never passes the output to the parse script > > # Ciena Waveserver (XXX WiP) > ciena-ws;script;rancid -t ciena-ws > ciena-ws;login;cienawslogin > ciena-ws;module;wavesvros > ciena-ws;inloop;wavesvros::inloop > ciena-ws;command;wavesvros::ShowVersion;software show > ciena-ws;command;wavesvros::ShowChassis;chassis show > ciena-ws;command;wavesvros::WriteTerm;configuration show > > export NOPIPE=YES && rancid -d -t ciena-ws 192.168.168.32 > loadtype: device type ciena-ws > loadtype: found device type ciena-ws in > /usr/local/rancid/etc/rancid.types.base > executing cienawslogin -t 120 -c"software show;chassis show;configuration > show" 192.168.168.32 > 192.168.168.32: missed cmd(s): all commands > 192.168.168.32: End of run not found There was some discussion of this on the list last week, but not a fix yet. I sent some debugging info off list to heasley as well. http://www.shrubbery.net/pipermail/rancid-discuss/2017-May/009587.html I have unpredictable behavior between my boxes. I have RANCID set to run hourly. On a rare occasion (once every two days?) one will run all of a sudden over night when no one has made any changes to anything. A few others have never had a successful run. --Chris From aleromex at gmail.com Mon Jun 5 15:01:58 2017 From: aleromex at gmail.com (Alexander R) Date: Mon, 5 Jun 2017 18:01:58 +0300 Subject: [rancid] IBM BNT Layer 2/3 Copper Gigabit Ethernet Switch no config collected In-Reply-To: <20161216174403.GH96654@shrubbery.net> References: <20161212211951.GE57590@shrubbery.net> <20161216174403.GH96654@shrubbery.net> Message-ID: On Fri, Dec 16, 2016 at 8:44 PM, heasley wrote: > Tue, Dec 13, 2016 at 10:30:08AM +0300, Alexander R: > > On Tue, Dec 13, 2016 at 12:19 AM, heasley wrote: > > > > > Mon, Dec 12, 2016 at 12:01:24PM +0300, Alexander R: > > > > my configuration: > > > > centos 7 x86_64 > > > > i've issue in rancid 3.5.1 and 3.6.0 > > > > > > thank you for including this. > > > > > > > i've issue to collect configs from switch modules "BNT Layer 2/3 > Copper > > > > Gigabit Ethernet Switch Module for IBM BladeCenter (5.2.8 (FLASH > > > image1))", > > > > it has IP 192.168.1.11 > > > > > > > > It's cisco-like CLI, so i've created my own "ibm" type in > > > rancid.types.conf: > > > > > > > > # cat /etc/rancid/rancid.types.conf > > > > ibm;script;rancid -t ibm > > > > ibm;login;clogin > > > > ibm;module;ios > > > > ibm;inloop;ios::inloop > > > > ibm;command;ios::WriteTerm;show running-config > > > > > > > > It's working fine with other switch module "IBM Networking OS > Virtual > > > > Fabric 10Gb Switch Module for IBM BladeCenter (7.8.3 (FLASH > image1))" and > > > > it have IP 192.168.1.12, but not with "BNT Layer 2/3 Copper Gigabit > > > > Ethernet Switch Module for IBM BladeCenter (5.2.8 (FLASH image1))" > > > > > > > > Fail device: > > > > # rancid -t ibm -d 192.168.1.11 > > > > loadtype: device type ibm > > > > loadtype: found device type ibm in /etc/rancid/rancid.types.conf > > > > executing clogin -t 90 -c"show running-config" 192.168.1.11 > > > > PROMPT MATCH: sw11# > > > > HIT COMMAND:sw11#show running-config > > > > In WriteTerm: sw11#show running-config > > > > 192.168.1.11: End of run not found > > > > end > > > > > > > > In 192.168.1.11.raw i see config issued by "show run..." > > > > > > > > Ok device: > > > > # rancid -t ibm -d 192.168.1.12 > > > > loadtype: device type ibm > > > > loadtype: found device type ibm in /etc/rancid/rancid.types.conf > > > > executing clogin -t 90 -c"show running-config" 192.168.1.12 > > > > PROMPT MATCH: sw12# > > > > HIT COMMAND:sw12#show running-config > > > > In WriteTerm: sw12#show running-config > > > > 192.168.1.12: End of run not found > > > > end > > > > > > > > ps. 192.168.1.11 has NO words "exit" in config, because interface > isn't > > > > configured (such a configuration plan). > > > > 192.168.1.12 has words "exit", because interfaces is configured. > > > > > > > > Could you help me? > > > > > > ios::WriteTerM() will expect to find and "end" marker in the config, > > > without > > > which it will not set $found_end. if this device does not have this > marker > > > or something similar that a customer version of ios::WriteTerm could > use, > > > you can use a custom version of ios::WriteTerm that just counts lines, > > > which > > > ios::WriteTerm already does if the input is an ASA (or a few others), > which > > > lack an end marker. > > > > > > > Hi, > > thank you for responce. > > > > It's my configs > > > > Ok device: > > rancid]# tail -n5 192.168.1.12.raw > > ntp secondary-server 192.168.1.1 > > ! > > end > > > > sw12#exitReceived disconnect from 192.168.1.12: 11: Logged out. > > rancid]# > > > > Fail device: > > rancid]# tail -n5 192.168.1.11.raw > > ntp secondary-server 192.168.1.1 > > ! > > end > > > > sw11#exitReceived disconnect from 192.168.1.11: 11: Logged out. > ^^ this is likely the problem; the lousy thing didnt echo the > CR. inloop() expects the CR and set $clean_run. you'll have to adjust > the match; the lousy exos does this too. > I'm sorry, but how to do this "you'll have to adjust the match"? > > > rancid]# > > > > So, both switches have "end" word at the end of file. Any ideas? I don't > > know why it's not worked on same "text" files > > > > > > > the purpose of this is that some devices behave poorly in low memory > > > conditions, eg: memory leaks. some appear to succeed to produce a > config, > > > but output nothing. requiring the marker prevents rancid from dropping > > > the config from the repo. > > > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From heas at shrubbery.net Tue Jun 6 04:06:31 2017 From: heas at shrubbery.net (heasley) Date: Tue, 6 Jun 2017 04:06:31 +0000 Subject: [rancid] IBM BNT Layer 2/3 Copper Gigabit Ethernet Switch no config collected In-Reply-To: References: <20161212211951.GE57590@shrubbery.net> <20161216174403.GH96654@shrubbery.net> Message-ID: <20170606040631.GC48726@shrubbery.net> Mon, Jun 05, 2017 at 06:01:58PM +0300, Alexander R: > On Fri, Dec 16, 2016 at 8:44 PM, heasley wrote: > > > Tue, Dec 13, 2016 at 10:30:08AM +0300, Alexander R: > > > On Tue, Dec 13, 2016 at 12:19 AM, heasley wrote: > > > > > > > Mon, Dec 12, 2016 at 12:01:24PM +0300, Alexander R: > > > > > my configuration: > > > > > centos 7 x86_64 > > > > > i've issue in rancid 3.5.1 and 3.6.0 > > > > > > > > thank you for including this. > > > > > > > > > i've issue to collect configs from switch modules "BNT Layer 2/3 > > Copper > > > > > Gigabit Ethernet Switch Module for IBM BladeCenter (5.2.8 (FLASH > > > > image1))", > > > > > it has IP 192.168.1.11 > > > > > > > > > > It's cisco-like CLI, so i've created my own "ibm" type in > > > > rancid.types.conf: > > > > > > > > > > # cat /etc/rancid/rancid.types.conf > > > > > ibm;script;rancid -t ibm > > > > > ibm;login;clogin > > > > > ibm;module;ios > > > > > ibm;inloop;ios::inloop > > > > > ibm;command;ios::WriteTerm;show running-config > > > > > > > > > > It's working fine with other switch module "IBM Networking OS > > Virtual > > > > > Fabric 10Gb Switch Module for IBM BladeCenter (7.8.3 (FLASH > > image1))" and > > > > > it have IP 192.168.1.12, but not with "BNT Layer 2/3 Copper Gigabit > > > > > Ethernet Switch Module for IBM BladeCenter (5.2.8 (FLASH image1))" > > > > > > > > > > Fail device: > > > > > # rancid -t ibm -d 192.168.1.11 > > > > > loadtype: device type ibm > > > > > loadtype: found device type ibm in /etc/rancid/rancid.types.conf > > > > > executing clogin -t 90 -c"show running-config" 192.168.1.11 > > > > > PROMPT MATCH: sw11# > > > > > HIT COMMAND:sw11#show running-config > > > > > In WriteTerm: sw11#show running-config > > > > > 192.168.1.11: End of run not found > > > > > end > > > > > > > > > > In 192.168.1.11.raw i see config issued by "show run..." > > > > > > > > > > Ok device: > > > > > # rancid -t ibm -d 192.168.1.12 > > > > > loadtype: device type ibm > > > > > loadtype: found device type ibm in /etc/rancid/rancid.types.conf > > > > > executing clogin -t 90 -c"show running-config" 192.168.1.12 > > > > > PROMPT MATCH: sw12# > > > > > HIT COMMAND:sw12#show running-config > > > > > In WriteTerm: sw12#show running-config > > > > > 192.168.1.12: End of run not found > > > > > end > > > > > > > > > > ps. 192.168.1.11 has NO words "exit" in config, because interface > > isn't > > > > > configured (such a configuration plan). > > > > > 192.168.1.12 has words "exit", because interfaces is configured. > > > > > > > > > > Could you help me? > > > > > > > > ios::WriteTerM() will expect to find and "end" marker in the config, > > > > without > > > > which it will not set $found_end. if this device does not have this > > marker > > > > or something similar that a customer version of ios::WriteTerm could > > use, > > > > you can use a custom version of ios::WriteTerm that just counts lines, > > > > which > > > > ios::WriteTerm already does if the input is an ASA (or a few others), > > which > > > > lack an end marker. > > > > > > > > > > Hi, > > > thank you for responce. > > > > > > It's my configs > > > > > > Ok device: > > > rancid]# tail -n5 192.168.1.12.raw > > > ntp secondary-server 192.168.1.1 > > > ! > > > end > > > > > > sw12#exitReceived disconnect from 192.168.1.12: 11: Logged out. > > > rancid]# > > > > > > Fail device: > > > rancid]# tail -n5 192.168.1.11.raw > > > ntp secondary-server 192.168.1.1 > > > ! > > > end > > > > > > sw11#exitReceived disconnect from 192.168.1.11: 11: Logged out. > > ^^ this is likely the problem; the lousy thing didnt echo the > > CR. inloop() expects the CR and set $clean_run. you'll have to adjust > > the match; the lousy exos does this too. > > > > I'm sorry, but how to do this "you'll have to adjust the match"? there is a match in inloop() for the exit/logout/whatever from the cli. it expects the device to act normally and this one does not, as mentioned. see the same match in exos.pm; something similar to that ought to work. > > > > > > rancid]# > > > > > > So, both switches have "end" word at the end of file. Any ideas? I don't > > > know why it's not worked on same "text" files > > > > > > > > > > the purpose of this is that some devices behave poorly in low memory > > > > conditions, eg: memory leaks. some appear to succeed to produce a > > config, > > > > but output nothing. requiring the marker prevents rancid from dropping > > > > the config from the repo. > > > > > > From heas at shrubbery.net Tue Jun 6 04:54:13 2017 From: heas at shrubbery.net (heasley) Date: Tue, 6 Jun 2017 04:54:13 +0000 Subject: [rancid] help ciena-ws trouble on Rancid 3.6.2 In-Reply-To: References: Message-ID: <20170606045412.GA36856@shrubbery.net> Fri, Jun 02, 2017 at 10:29:58AM -0500, Tanner Lyle: > ---------- Forwarded message ---------- > From: Tanner Lyle > Date: Fri, Jun 2, 2017 at 9:19 AM > Subject: help ciena-ws trouble on Rancid 3.6.2 > To: rancid-discuss at shrubbery.net hey, super busy. > > I am having trouble trying to get Rancid 3.6.2 to complete on a Ciena > Waveserver. I have other devices that are able to run and create configs > on my rancid install. > > It is able to login in and runs the commands but never seems to be able to > pass the output to the parsing scripts > > export NOPIPE=YES && rancid -d -t ciena-ws 192.168.168.32 > loadtype: device type ciena-ws > loadtype: found device type ciena-ws in /usr/local/rancid/etc/rancid. > types.base > executing hlogin -t 120 -c"software show;chassis show;configuration show" > 192.168.168.32 > 192.168.168.32: missed cmd(s): all commands > 192.168.168.32: End of run not found > > hlogin seems to fail from the use of "logout" instead of "exit" and never > closes the loop. hlogin needs a small change to catch that; as follows. does it fix this? Index: bin/hlogin.in =================================================================== --- bin/hlogin.in (revision 3655) +++ bin/hlogin.in (working copy) @@ -332,7 +332,7 @@ exp_continue } -re "\[\r\n]+" { exp_continue } - -re "^.+>" { + -re "^.+\[#>]" { catch {send -h "exit\r"} exp_continue } > I created a new login called cienawslogin and ran it and it seems to close > the loop but never passes the output to the parse script > > # Ciena Waveserver (XXX WiP) > ciena-ws;script;rancid -t ciena-ws > ciena-ws;login;cienawslogin > ciena-ws;module;wavesvros > ciena-ws;inloop;wavesvros::inloop > ciena-ws;command;wavesvros::ShowVersion;software show > ciena-ws;command;wavesvros::ShowChassis;chassis show > ciena-ws;command;wavesvros::WriteTerm;configuration show > > export NOPIPE=YES && rancid -d -t ciena-ws 192.168.168.32 > loadtype: device type ciena-ws > loadtype: found device type ciena-ws in /usr/local/rancid/etc/rancid. > types.base > executing cienawslogin -t 120 -c"software show;chassis show;configuration > show" 192.168.168.32 > 192.168.168.32: missed cmd(s): all commands > 192.168.168.32: End of run not found > > I've included both of the 192.168.168.32.raw's generated by the "export > NOPIPE=YES && rancid -d -t ciena-ws 192.168.168.32" with both the hlogin > and wavewslogin files > > is there anyway to debug why the output isn't making it to be parsed > > > cienawslogin -d -t 120 -c"software show" 192.168.168.32 > output in "cienawslogin-debug.txt" > 192.168.168.32 > spawn hpuifilter -- ssh -x -l su 192.168.168.32 > Password: > > !!! This is a private network. Any unauthorized access or use will lead to prosecution!!! > > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss From heas at shrubbery.net Tue Jun 6 06:43:39 2017 From: heas at shrubbery.net (heasley) Date: Tue, 6 Jun 2017 06:43:39 +0000 Subject: [rancid] Fortigate - tweak suggestion as well as issue with spacing FortiOS >5.4+ In-Reply-To: References: Message-ID: <20170606064338.GD36856@shrubbery.net> Tue, May 30, 2017 at 01:25:29PM +0000, Alexander Griesser: > Hi, > > me too (tm). > On all of my fortigates - also happens on Quaggas, fwiw. > The linebreaks are hard to ignore for diff, but this one: > > - next > + next > end Is the command to disable the pager perhaps not working? > can be fixed by adding "ignore-whitespace" as a diff option which would make sense in all situations I guess; not sure if there's any router/switch/firewall which really cares about whitespace syntax-wise. True, but this would filter spaces that are legitimate. :) > -----Urspr?ngliche Nachricht----- > Von: Rancid-discuss [mailto:rancid-discuss-bounces at shrubbery.net] Im Auftrag von Chris Wopat > Gesendet: Dienstag, 30. Mai 2017 15:17 > An: rancid-discuss at shrubbery.net > Betreff: [rancid] Fortigate - tweak suggestion as well as issue with spacing FortiOS >5.4+ > > Two notes with Fortigate (fnrancid)- one a feature request, the other an issue we're trying to pin down. > > 1) feature - i'd suggest changing the config it fetches from 'show full-configuration' to just 'show', which will show only non-default stuff. 'show full-configuration' is equivilant to IOS's 'show running-config full'. 'show' seems to match better with how most devices are handled. I do not know the platform; you folks tell me. or, covert it to a module and have more than one spec. > > 2) issue with spacing / tabbing causing excessive diffs. This seemed to have begun happening in FortiOS 5.4 and was not happening on 5.2. > It happens in both 5.4 and 5.6 and across various devices (half dozen, 1000d, 600d, 100d.). > > Random sections of the config line wrap or change their spacing and flip back and forth. It doesn't seem to be excessively wide lines, nor any specific section of the config. > > This is a change detected between two consecutive runs with no changes made to a device: > > config system global > - set admintimeout 35 > + set admintimeout > + 35 > > > config system global > - set admintimeout > - 35 > + set admintimeout 35 > > > .. and another: > > config system global > - set disk-usage wanopt > + set disk-usage > + wanopt > > config system global > - set disk-usage > - wanopt > + set disk-usage wanopt > > > .. and another: > > - config > - system accprofile > + config system accprofile > edit "prof_admin" > set mntgrp read-write > > > .. and so on > > - next > + next > end > > > - next > + next > end > > Curious if others are seeing this as well. I've opened a case w/ Fortinet as I believe it's on their side, but have a hard time convincing them. > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss From heas at shrubbery.net Tue Jun 6 07:06:29 2017 From: heas at shrubbery.net (heasley) Date: Tue, 6 Jun 2017 07:06:29 +0000 Subject: [rancid] mtrancid - output exclusion? In-Reply-To: <8b748700a0ea4d09931c41de272371f0@anx-i-dag01.anx.local> References: <0e721fc76450427f9eed10066de6a5e8@anx-i-dag01.anx.local> <8b748700a0ea4d09931c41de272371f0@anx-i-dag01.anx.local> Message-ID: <20170606070629.GB23653@shrubbery.net> Mon, May 29, 2017 at 10:30:31AM +0000, Alexander Griesser: > This is not entirely correct - this was just the output of one of our testsystems. > When you freshly deploy this system, the deadline lies in the future (30 days free trial) and it keeps renewing every hour and changes the configuration for that and therefore generates a rancid diff. > Also when installing a valid license, the behaviour is the same - the deadline field is static and won't change and therefore won't show up in the config diff, but the renewal date does and the output does not change when the state of the license changes (from valid to expired, f.ex.) - it's just the renewal-date which changes so this can be safely ignored. thanks. i'm leaving the filter. From tarranum.kamal at gmail.com Tue Jun 6 06:45:58 2017 From: tarranum.kamal at gmail.com (Tarranum Kamal) Date: Tue, 6 Jun 2017 14:45:58 +0800 Subject: [rancid] HELP RACNID LOOKING GLASS In-Reply-To: References: <20170525141718.GH24772@shrubbery.net> Message-ID: Hi All Can anyone give me some tip? On Fri, Jun 2, 2017 at 2:36 PM, Tarranum Kamal wrote: > Anyone who can answer my query. I have fixed my previous issues and now > when try to execute ping from my LG webpage, it gives me error "Unknown > device type nokia: . I am trying to configure it for Nokia routers > (formerly Alcatel Lucent). > > Here is how my rancid.types.conf looks like > > nokia;script;nkrancid > nokia;login;nklogin > nokia;module;timos > nokia;command;timos::ping > nokia;inloop;timos::inloop > > and nklogin /nkrancid are located in /usr/local/libexc/rancid and are > writeable by rancid user only. > > Thanks for your reply. > > BR > > On Fri, May 26, 2017 at 1:12 PM, Tarranum Kamal > wrote: > >> I use your method. The location of perl i think I am sure (see below) >> >> /usr/local/htdocs/lg % cd /usr/local/bin/perl >> perl* perl5* perl5.24.1* perlbug* perldoc* perlivp* >> perlthanks* >> >> >> Perl version in use: >> >> perl -v >> >> This is perl 5, version 24, subversion 1 (v5.24.1) built for >> amd64-freebsd-thread-multi >> (with 1 registered patch, see perl -V for more detail) >> >> Copyright 1987-2016, Larry Wall >> >> Perl may be copied only under the terms of either the Artistic License or >> the >> GNU General Public License, which may be found in the Perl 5 source kit. >> >> Complete documentation for Perl, including FAQ lists, should be found on >> this system using "man perl" or "perldoc perl". If you have access to the >> Internet, point your browser at http://www.perl.org/, the Perl Home Page. >> >> Thanks for replying >> >> BR >> >> On Fri, May 26, 2017 at 12:52 AM, Aaron Dudek wrote: >> >>> Did you install the modules using the method I gave? >>> Are you sure about the location of the perl modules? >>> >>> I've never played with the LG and I don't do http. >>> >>> On Thu, May 25, 2017 at 11:57 AM, Tarranum Kamal >>> wrote: >>> > Hi Aaron >>> > >>> > Thanks for your swift reply. Is this going to install CGI and Lockfile >>> > module for me ? >>> > >>> > FYI, httpd.conf file >>> > >>> > >>> > LoadModule cgid_module libexec/apache24/mod_cgid.so >>> > >>> > >>> > LoadModule cgi_module libexec/apache24/mod_cgi.so >>> > LoadModule perl_module libexec/apache24/mod_perl.so >>> > >>> > ScriptAlias /lg /usr/local/htdocs/lg >>> > >>> > >>> > AllowOverride None >>> > AddHandler cgi-script .cgi .pl >>> > Options ExecCGI >>> > DirectoryIndex lgform.cgi >>> > Require all granted >>> > >>> > >>> > When I see httpd-error.log, I see below: >>> > >>> > [Thu May 25 16:01:48.035497 2017] [cgi:error] [pid 17135] [client >> > address:port>] AH01215: (8)Exec format error: exec of >>> > '/usr/local/htdocs/lg/index.html' failed: >>> /usr/local/htdocs/lg/index.html >>> > [Thu May 25 16:01:48.035557 2017] [cgi:error] [pid 17135] [client >> > address:port>] End of script output before headers: index.html >>> > >>> > Best Regards >>> > >>> > >>> > >>> > On Thu, May 25, 2017 at 10:22 PM, Aaron Dudek >>> wrote: >>> >> >>> >> As far as the Perl stuff >>> >> try >>> >> A) Start CPAN Shell: >>> >> # perl -MCPAN -e shell >>> >> >>> >> B) Install a perl module: >>> >> At cpan> shell prompt install module using install module::Name >>> >> command. For example install module called MIME::Lite: >>> >> # cpan> install MIME::Lite >>> >> >>> >> Alternatively, try out the following command: >>> >> # cpan -i MIME::Lite >>> >> >>> >> On Thu, May 25, 2017 at 10:17 AM, heasley wrote: >>> >> > Thu, May 25, 2017 at 01:17:56PM +0800, Tarranum Kamal: >>> >> >> 0down votefavorite >>> >> >> >>> >> >> >>> >> >> I am beginner to server world and in general scripting and OS. I >>> have >>> >> >> managed to run Rancid on my server running Freebsd. Now i am >>> trying to >>> >> >> confiugre RANCID Looking glass, i have followed REAMDE.lg that >>> comes >>> >> >> with >>> >> >> rancid package but to be honest this is too difficult to understand >>> >> >> with >>> >> >> lots of hidden assumptions . ANyways i followed the instricution >>> in it >>> >> >> ) >>> >> >> (whatever I could understand) , when I try to access it thru >>> browser it >>> >> >> displays text instead webpage, now I am clueless. The readme says >>> it >>> >> >> required CGI and Lockfile perl modules, how can I check if these >>> >> >> modules >>> >> >> are present on my servers >>> >> >> >>> >> >> I would appreciate if anyone has installed rancid looking glass >>> who can >>> >> >> help me out or if anyone can provide me a better installation >>> guide for >>> >> >> freebsd. >>> >> > >>> >> > its been a while since i've setup the lg freshly and the i have yet >>> to >>> >> > review the suggestion last week from another user on the cisco-nsp >>> list. >>> >> > i'll try to do that next week, otherwise the README.lg file is the >>> only >>> >> > instruction I have for you ATM. >>> >> > >>> >> > _______________________________________________ >>> >> > Rancid-discuss mailing list >>> >> > Rancid-discuss at shrubbery.net >>> >> > http://www.shrubbery.net/mailman/listinfo/rancid-discuss >>> > >>> > >>> >> >> > -------------- next part -------------- An HTML attachment was scrubbed... URL: From adudek16 at gmail.com Tue Jun 6 11:56:16 2017 From: adudek16 at gmail.com (Aaron Dudek) Date: Tue, 6 Jun 2017 07:56:16 -0400 Subject: [rancid] HELP RACNID LOOKING GLASS In-Reply-To: References: <20170525141718.GH24772@shrubbery.net> Message-ID: I would look to see what there is for Alcatel Lucent or SROS instead of Nokia On Fri, Jun 2, 2017 at 2:36 AM, Tarranum Kamal wrote: > Anyone who can answer my query. I have fixed my previous issues and now when > try to execute ping from my LG webpage, it gives me error "Unknown device > type nokia: . I am trying to configure it for Nokia routers (formerly > Alcatel Lucent). > > Here is how my rancid.types.conf looks like > > nokia;script;nkrancid > nokia;login;nklogin > nokia;module;timos > nokia;command;timos::ping > nokia;inloop;timos::inloop > > and nklogin /nkrancid are located in /usr/local/libexc/rancid and are > writeable by rancid user only. > > Thanks for your reply. > > BR > > On Fri, May 26, 2017 at 1:12 PM, Tarranum Kamal > wrote: >> >> I use your method. The location of perl i think I am sure (see below) >> >> /usr/local/htdocs/lg % cd /usr/local/bin/perl >> perl* perl5* perl5.24.1* perlbug* perldoc* perlivp* >> perlthanks* >> >> >> Perl version in use: >> >> perl -v >> >> This is perl 5, version 24, subversion 1 (v5.24.1) built for >> amd64-freebsd-thread-multi >> (with 1 registered patch, see perl -V for more detail) >> >> Copyright 1987-2016, Larry Wall >> >> Perl may be copied only under the terms of either the Artistic License or >> the >> GNU General Public License, which may be found in the Perl 5 source kit. >> >> Complete documentation for Perl, including FAQ lists, should be found on >> this system using "man perl" or "perldoc perl". If you have access to the >> Internet, point your browser at http://www.perl.org/, the Perl Home Page. >> >> Thanks for replying >> >> BR >> >> On Fri, May 26, 2017 at 12:52 AM, Aaron Dudek wrote: >>> >>> Did you install the modules using the method I gave? >>> Are you sure about the location of the perl modules? >>> >>> I've never played with the LG and I don't do http. >>> >>> On Thu, May 25, 2017 at 11:57 AM, Tarranum Kamal >>> wrote: >>> > Hi Aaron >>> > >>> > Thanks for your swift reply. Is this going to install CGI and Lockfile >>> > module for me ? >>> > >>> > FYI, httpd.conf file >>> > >>> > >>> > LoadModule cgid_module libexec/apache24/mod_cgid.so >>> > >>> > >>> > LoadModule cgi_module libexec/apache24/mod_cgi.so >>> > LoadModule perl_module libexec/apache24/mod_perl.so >>> > >>> > ScriptAlias /lg /usr/local/htdocs/lg >>> > >>> > >>> > AllowOverride None >>> > AddHandler cgi-script .cgi .pl >>> > Options ExecCGI >>> > DirectoryIndex lgform.cgi >>> > Require all granted >>> > >>> > >>> > When I see httpd-error.log, I see below: >>> > >>> > [Thu May 25 16:01:48.035497 2017] [cgi:error] [pid 17135] [client >> > address:port>] AH01215: (8)Exec format error: exec of >>> > '/usr/local/htdocs/lg/index.html' failed: >>> > /usr/local/htdocs/lg/index.html >>> > [Thu May 25 16:01:48.035557 2017] [cgi:error] [pid 17135] [client >> > address:port>] End of script output before headers: index.html >>> > >>> > Best Regards >>> > >>> > >>> > >>> > On Thu, May 25, 2017 at 10:22 PM, Aaron Dudek >>> > wrote: >>> >> >>> >> As far as the Perl stuff >>> >> try >>> >> A) Start CPAN Shell: >>> >> # perl -MCPAN -e shell >>> >> >>> >> B) Install a perl module: >>> >> At cpan> shell prompt install module using install module::Name >>> >> command. For example install module called MIME::Lite: >>> >> # cpan> install MIME::Lite >>> >> >>> >> Alternatively, try out the following command: >>> >> # cpan -i MIME::Lite >>> >> >>> >> On Thu, May 25, 2017 at 10:17 AM, heasley wrote: >>> >> > Thu, May 25, 2017 at 01:17:56PM +0800, Tarranum Kamal: >>> >> >> 0down votefavorite >>> >> >> >>> >> >> >>> >> >> I am beginner to server world and in general scripting and OS. I >>> >> >> have >>> >> >> managed to run Rancid on my server running Freebsd. Now i am trying >>> >> >> to >>> >> >> confiugre RANCID Looking glass, i have followed REAMDE.lg that >>> >> >> comes >>> >> >> with >>> >> >> rancid package but to be honest this is too difficult to understand >>> >> >> with >>> >> >> lots of hidden assumptions . ANyways i followed the instricution in >>> >> >> it >>> >> >> ) >>> >> >> (whatever I could understand) , when I try to access it thru >>> >> >> browser it >>> >> >> displays text instead webpage, now I am clueless. The readme says >>> >> >> it >>> >> >> required CGI and Lockfile perl modules, how can I check if these >>> >> >> modules >>> >> >> are present on my servers >>> >> >> >>> >> >> I would appreciate if anyone has installed rancid looking glass who >>> >> >> can >>> >> >> help me out or if anyone can provide me a better installation guide >>> >> >> for >>> >> >> freebsd. >>> >> > >>> >> > its been a while since i've setup the lg freshly and the i have yet >>> >> > to >>> >> > review the suggestion last week from another user on the cisco-nsp >>> >> > list. >>> >> > i'll try to do that next week, otherwise the README.lg file is the >>> >> > only >>> >> > instruction I have for you ATM. >>> >> > >>> >> > _______________________________________________ >>> >> > Rancid-discuss mailing list >>> >> > Rancid-discuss at shrubbery.net >>> >> > http://www.shrubbery.net/mailman/listinfo/rancid-discuss >>> > >>> > >> >> > From me at falz.net Tue Jun 6 13:26:52 2017 From: me at falz.net (Chris Wopat) Date: Tue, 6 Jun 2017 08:26:52 -0500 Subject: [rancid] Fortigate - tweak suggestion as well as issue with spacing FortiOS >5.4+ In-Reply-To: <20170606064338.GD36856@shrubbery.net> References: <20170606064338.GD36856@shrubbery.net> Message-ID: <887a272e-a66c-d34f-7b3a-7a13bc2d30c8@falz.net> On 06/06/2017 01:43 AM, heasley wrote: > Tue, May 30, 2017 at 01:25:29PM +0000, Alexander Griesser: >> Hi, >> >> me too (tm). >> On all of my fortigates - also happens on Quaggas, fwiw. >> The linebreaks are hard to ignore for diff, but this one: >> >> - next >> + next >> end > > Is the command to disable the pager perhaps not working? disabling pager appears to be working properly, the fnlogin script seems to properly do the correct commands (page 496 of http://docs.fortinet.com/uploaded/files/800/fortigate-cli-50.pdf ) config system console set output standard It does appear to send a "config global" command prior to this which appears to not be valid on fortiOS 5.2/5.4/5.6. Perhaps necessary on older versions, unsure. >> 1) feature - i'd suggest changing the config it fetches from 'show full-configuration' to just 'show', which will show only non-default stuff. 'show full-configuration' is equivilant to IOS's 'show running-config full'. 'show' seems to match better with how most devices are handled. > > I do not know the platform; you folks tell me. or, covert it to a module and > have more than one spec. I'd like to hear if others are on board with this, if so the quick and dirty is just adjusting @commandtable's {'show full-configuration' => 'GetConf'} to {'show' => 'GetConf'} Another patch that I hope others agree on would be to add this to sub GetSystem {} next if (/^\s*IPS-ETDB: .*/); next if (/^\s*APP-DB: .*/); next if (/^\s*IPS Malicious URL Database: .*/); next if (/^\s*Botnet DB: .*/); There are already a few lines like this in there, this may be fixes for newer versions of those names or newer features. They're supper chatty and update every few days with revision #s and timestamps. Example lines if the regexp should be tweaked further (it was copied from existing): IPS-ETDB: 11.00153(2017-06-05 18:43) APP-DB: 11.00152(2017-06-01 23:21) IPS Malicious URL Database: 1.00665(2017-06-05 05:25) Botnet DB: 3.00393(2017-06-05 10:09) --Chris From aleromex at gmail.com Tue Jun 6 12:57:59 2017 From: aleromex at gmail.com (Alexander R) Date: Tue, 6 Jun 2017 15:57:59 +0300 Subject: [rancid] IBM BNT Layer 2/3 Copper Gigabit Ethernet Switch no config collected In-Reply-To: <20170606040631.GC48726@shrubbery.net> References: <20161212211951.GE57590@shrubbery.net> <20161216174403.GH96654@shrubbery.net> <20170606040631.GC48726@shrubbery.net> Message-ID: Thank you! Now it's working If some has a same issue: # diff ios.pm.orig-3.6.2 ios.pm 140c140,143 < if (/[>#]\s?exit$/) { --- > # note: this match sucks rocks, but currently the extreme bits are > # unreliable about echoing the 'exit\n' command. this match might > # really be a bad idea, but instead rely upon WriteTerm's found_end? > if (/($prompt\s?(quit|exit)|Connection( to \S+)? closed)/ && $found_end) { 150c153 < while (/[>#]\s*($cmds_regexp)\s*$/) { --- > while (/$prompt\s*($cmds_regexp)\s*$/) { 153,154c156,159 < $prompt = ($_ =~ /^([^#>]+[#>])/)[0]; < $prompt =~ s/([][}{)(+\\])/\\$1/g; --- > $prompt = ($_ =~ /^([^#]+#)/)[0]; > $prompt =~ s/([][}{)(\\])/\\$1/g; > $prompt =~ s/[:.](\d+ ?)#/[:.]\\d+ ?#/; > $prompt =~ s/\*/\\\*/; On Tue, Jun 6, 2017 at 7:06 AM, heasley wrote: > Mon, Jun 05, 2017 at 06:01:58PM +0300, Alexander R: > > On Fri, Dec 16, 2016 at 8:44 PM, heasley wrote: > > > > > Tue, Dec 13, 2016 at 10:30:08AM +0300, Alexander R: > > > > On Tue, Dec 13, 2016 at 12:19 AM, heasley > wrote: > > > > > > > > > Mon, Dec 12, 2016 at 12:01:24PM +0300, Alexander R: > > > > > > my configuration: > > > > > > centos 7 x86_64 > > > > > > i've issue in rancid 3.5.1 and 3.6.0 > > > > > > > > > > thank you for including this. > > > > > > > > > > > i've issue to collect configs from switch modules "BNT Layer 2/3 > > > Copper > > > > > > Gigabit Ethernet Switch Module for IBM BladeCenter (5.2.8 (FLASH > > > > > image1))", > > > > > > it has IP 192.168.1.11 > > > > > > > > > > > > It's cisco-like CLI, so i've created my own "ibm" type in > > > > > rancid.types.conf: > > > > > > > > > > > > # cat /etc/rancid/rancid.types.conf > > > > > > ibm;script;rancid -t ibm > > > > > > ibm;login;clogin > > > > > > ibm;module;ios > > > > > > ibm;inloop;ios::inloop > > > > > > ibm;command;ios::WriteTerm;show running-config > > > > > > > > > > > > It's working fine with other switch module "IBM Networking OS > > > Virtual > > > > > > Fabric 10Gb Switch Module for IBM BladeCenter (7.8.3 (FLASH > > > image1))" and > > > > > > it have IP 192.168.1.12, but not with "BNT Layer 2/3 Copper > Gigabit > > > > > > Ethernet Switch Module for IBM BladeCenter (5.2.8 (FLASH > image1))" > > > > > > > > > > > > Fail device: > > > > > > # rancid -t ibm -d 192.168.1.11 > > > > > > loadtype: device type ibm > > > > > > loadtype: found device type ibm in /etc/rancid/rancid.types.conf > > > > > > executing clogin -t 90 -c"show running-config" 192.168.1.11 > > > > > > PROMPT MATCH: sw11# > > > > > > HIT COMMAND:sw11#show running-config > > > > > > In WriteTerm: sw11#show running-config > > > > > > 192.168.1.11: End of run not found > > > > > > end > > > > > > > > > > > > In 192.168.1.11.raw i see config issued by "show run..." > > > > > > > > > > > > Ok device: > > > > > > # rancid -t ibm -d 192.168.1.12 > > > > > > loadtype: device type ibm > > > > > > loadtype: found device type ibm in /etc/rancid/rancid.types.conf > > > > > > executing clogin -t 90 -c"show running-config" 192.168.1.12 > > > > > > PROMPT MATCH: sw12# > > > > > > HIT COMMAND:sw12#show running-config > > > > > > In WriteTerm: sw12#show running-config > > > > > > 192.168.1.12: End of run not found > > > > > > end > > > > > > > > > > > > ps. 192.168.1.11 has NO words "exit" in config, because interface > > > isn't > > > > > > configured (such a configuration plan). > > > > > > 192.168.1.12 has words "exit", because interfaces is configured. > > > > > > > > > > > > Could you help me? > > > > > > > > > > ios::WriteTerM() will expect to find and "end" marker in the > config, > > > > > without > > > > > which it will not set $found_end. if this device does not have > this > > > marker > > > > > or something similar that a customer version of ios::WriteTerm > could > > > use, > > > > > you can use a custom version of ios::WriteTerm that just counts > lines, > > > > > which > > > > > ios::WriteTerm already does if the input is an ASA (or a few > others), > > > which > > > > > lack an end marker. > > > > > > > > > > > > > Hi, > > > > thank you for responce. > > > > > > > > It's my configs > > > > > > > > Ok device: > > > > rancid]# tail -n5 192.168.1.12.raw > > > > ntp secondary-server 192.168.1.1 > > > > ! > > > > end > > > > > > > > sw12#exitReceived disconnect from 192.168.1.12: 11: Logged out. > > > > rancid]# > > > > > > > > Fail device: > > > > rancid]# tail -n5 192.168.1.11.raw > > > > ntp secondary-server 192.168.1.1 > > > > ! > > > > end > > > > > > > > sw11#exitReceived disconnect from 192.168.1.11: 11: Logged out. > > > ^^ this is likely the problem; the lousy thing didnt echo the > > > CR. inloop() expects the CR and set $clean_run. you'll have to adjust > > > the match; the lousy exos does this too. > > > > > > > I'm sorry, but how to do this "you'll have to adjust the match"? > > there is a match in inloop() for the exit/logout/whatever from the cli. > it expects the device to act normally and this one does not, as mentioned. > see the same match in exos.pm; something similar to that ought to work. > > > > > > > > > > rancid]# > > > > > > > > So, both switches have "end" word at the end of file. Any ideas? I > don't > > > > know why it's not worked on same "text" files > > > > > > > > > > > > > the purpose of this is that some devices behave poorly in low > memory > > > > > conditions, eg: memory leaks. some appear to succeed to produce a > > > config, > > > > > but output nothing. requiring the marker prevents rancid from > dropping > > > > > the config from the repo. > > > > > > > > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From tannerlyle at gmail.com Tue Jun 6 14:06:25 2017 From: tannerlyle at gmail.com (Tanner Lyle) Date: Tue, 6 Jun 2017 09:06:25 -0500 Subject: [rancid] help ciena-ws trouble on Rancid 3.6.2 In-Reply-To: <20170606045412.GA36856@shrubbery.net> References: <20170606045412.GA36856@shrubbery.net> Message-ID: My problem still exists, hlogin does now make it to the end of config and logout now. However the output gathered from the device does not appear to be recognized by rancid and fails to move on and be parsed against the wavesvros.pm. (i think that's how it's supposed to work not 100% for sure). [rancid at localhost logs]$ rancid -d -t ciena-ws 192.168.168.32 loadtype: device type ciena-ws loadtype: found device type ciena-ws in /usr/local/rancid/etc/rancid.types.base $VAR1 = {}; $VAR1 = {}; $VAR1 = {}; $VAR1 = {}; $VAR1 = { 'chassis show' => 'wavesvros::ShowChassis', 'software show' => 'wavesvros::ShowVersion', 'configuration show brief' => 'wavesvros::WriteTerm' }; software show;chassis show;configuration show brief executing cienawslogin -t 120 -c"software show;chassis show;configuration show brief" 192.168.168.32 192.168.168.32: missed cmd(s): all commands 192.168.168.32: End of run not found }; On Mon, Jun 5, 2017 at 11:54 PM, heasley wrote: > Fri, Jun 02, 2017 at 10:29:58AM -0500, Tanner Lyle: > > ---------- Forwarded message ---------- > > From: Tanner Lyle > > Date: Fri, Jun 2, 2017 at 9:19 AM > > Subject: help ciena-ws trouble on Rancid 3.6.2 > > To: rancid-discuss at shrubbery.net > > hey, super busy. > > > > > I am having trouble trying to get Rancid 3.6.2 to complete on a Ciena > > Waveserver. I have other devices that are able to run and create configs > > on my rancid install. > > > > It is able to login in and runs the commands but never seems to be able > to > > pass the output to the parsing scripts > > > > export NOPIPE=YES && rancid -d -t ciena-ws 192.168.168.32 > > loadtype: device type ciena-ws > > loadtype: found device type ciena-ws in /usr/local/rancid/etc/rancid. > > types.base > > executing hlogin -t 120 -c"software show;chassis show;configuration show" > > 192.168.168.32 > > 192.168.168.32: missed cmd(s): all commands > > 192.168.168.32: End of run not found > > > > hlogin seems to fail from the use of "logout" instead of "exit" and never > > closes the loop. > > hlogin needs a small change to catch that; as follows. does it fix this? > > Index: bin/hlogin.in > =================================================================== > --- bin/hlogin.in (revision 3655) > +++ bin/hlogin.in (working copy) > @@ -332,7 +332,7 @@ > exp_continue > } > -re "\[\r\n]+" { exp_continue } > - -re "^.+>" { > + -re "^.+\[#>]" { > catch {send -h "exit\r"} > exp_continue > } > > > I created a new login called cienawslogin and ran it and it seems to > close > > the loop but never passes the output to the parse script > > > > # Ciena Waveserver (XXX WiP) > > ciena-ws;script;rancid -t ciena-ws > > ciena-ws;login;cienawslogin > > ciena-ws;module;wavesvros > > ciena-ws;inloop;wavesvros::inloop > > ciena-ws;command;wavesvros::ShowVersion;software show > > ciena-ws;command;wavesvros::ShowChassis;chassis show > > ciena-ws;command;wavesvros::WriteTerm;configuration show > > > > export NOPIPE=YES && rancid -d -t ciena-ws 192.168.168.32 > > loadtype: device type ciena-ws > > loadtype: found device type ciena-ws in /usr/local/rancid/etc/rancid. > > types.base > > executing cienawslogin -t 120 -c"software show;chassis show;configuration > > show" 192.168.168.32 > > 192.168.168.32: missed cmd(s): all commands > > 192.168.168.32: End of run not found > > > > I've included both of the 192.168.168.32.raw's generated by the "export > > NOPIPE=YES && rancid -d -t ciena-ws 192.168.168.32" with both the hlogin > > and wavewslogin files > > > > is there anyway to debug why the output isn't making it to be parsed > > > > > > cienawslogin -d -t 120 -c"software show" 192.168.168.32 > > output in "cienawslogin-debug.txt" > > > 192.168.168.32 > > spawn hpuifilter -- ssh -x -l su 192.168.168.32 > > Password: > > > > !!! This is a private network. Any unauthorized access or use will lead > to prosecution!!! > > > > > > > > > _______________________________________________ > > Rancid-discuss mailing list > > Rancid-discuss at shrubbery.net > > http://www.shrubbery.net/mailman/listinfo/rancid-discuss > > -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: cienawsoutput.192.168.168.32.raw Type: image/raw Size: 15910 bytes Desc: not available URL: From gmourani at gmail.com Tue Jun 6 15:42:11 2017 From: gmourani at gmail.com (Gerhard Mourani) Date: Tue, 6 Jun 2017 11:42:11 -0400 Subject: [rancid] Brocade - ignore secure-mac-address changes Message-ID: Hello, I'm using Rancid 3.2 on CentOS 6.8 and would like to ensure that any change in secure-mac-address in my Brocade config is hidden or removed. Here I guest is the corresponding line of code in foundry.pm to sort those lines. /secure-mac-address (\S+)/ && ProcessHistory("SECMAC","keysort","$1","$_") && next; How to make the above to ignore secure-mac-address changes ? Thanks, -------------- next part -------------- An HTML attachment was scrubbed... URL: From me at falz.net Tue Jun 6 20:17:08 2017 From: me at falz.net (Chris Wopat) Date: Tue, 6 Jun 2017 15:17:08 -0500 Subject: [rancid] help ciena-ws trouble on Rancid 3.6.2 In-Reply-To: <20170606045412.GA36856@shrubbery.net> References: <20170606045412.GA36856@shrubbery.net> Message-ID: > Date: Tue, 6 Jun 2017 04:54:13 +0000 > From: heasley > hlogin needs a small change to catch that; as follows. does it fix this? > > Index: bin/hlogin.in > =================================================================== > --- bin/hlogin.in (revision 3655) > +++ bin/hlogin.in (working copy) > @@ -332,7 +332,7 @@ > exp_continue > } > -re "\[\r\n]+" { exp_continue } > - -re "^.+>" { > + -re "^.+\[#>]" { > catch {send -h "exit\r"} > exp_continue > } I believe it's effectively ignoring the 'logout' part, but still getting end of run not found and hence not succeeding. $ rancid -d -t ciena-ws my-waveserver loadtype: device type ciena-ws loadtype: found device type ciena-ws in /usr/local/rancid/etc/rancid.types.base executing hlogin -t 120 -c"software show;chassis show;configuration show" my-waveserver PROMPT MATCH: my-waveserver> HIT COMMAND:my-waveserver> software show In ShowVersion: my-waveserver> software show HIT COMMAND:my-waveserver> chassis show In ShowChassisClocks: my-waveserver> chassis show HIT COMMAND:my-waveserver> configuration show In ShowConfiguration: my-waveserver> configuration show my-waveserver: End of run not found my-waveserver^>logout This looks similar to Tanner, although he's still using a custom 'cienawslogin' instead of 'hlogin'. From tarranum.kamal at gmail.com Wed Jun 7 03:36:04 2017 From: tarranum.kamal at gmail.com (Tarranum Kamal) Date: Wed, 7 Jun 2017 11:36:04 +0800 Subject: [rancid] HELP RACNID LOOKING GLASS In-Reply-To: References: <20170525141718.GH24772@shrubbery.net> Message-ID: Hi Aaron Yes you are right, the original equipment is from Alcatel running SROS. Its a Unix like machine and I am trying to test ping for now. I am attached my type.conf , nkrancid and nklogin files. I gor nkrancid from https://github.com/buraglio/alurancid (after fixing one line it worked fine for me) however alulogin file on the same repositiory is meant to work for old version of rancid so i just copied jlogin that comes wih rancid3.0 and renamed it , is it right thing to do ? files on my systems are attached. Thanks for your help. BR Tarranum On Tue, Jun 6, 2017 at 7:56 PM, Aaron Dudek wrote: > I would look to see what there is for Alcatel Lucent or SROS instead of > Nokia > > On Fri, Jun 2, 2017 at 2:36 AM, Tarranum Kamal > wrote: > > Anyone who can answer my query. I have fixed my previous issues and now > when > > try to execute ping from my LG webpage, it gives me error "Unknown device > > type nokia: . I am trying to configure it for Nokia routers (formerly > > Alcatel Lucent). > > > > Here is how my rancid.types.conf looks like > > > > nokia;script;nkrancid > > nokia;login;nklogin > > nokia;module;timos > > nokia;command;timos::ping > > nokia;inloop;timos::inloop > > > > and nklogin /nkrancid are located in /usr/local/libexc/rancid and are > > writeable by rancid user only. > > > > Thanks for your reply. > > > > BR > > > > On Fri, May 26, 2017 at 1:12 PM, Tarranum Kamal < > tarranum.kamal at gmail.com> > > wrote: > >> > >> I use your method. The location of perl i think I am sure (see below) > >> > >> /usr/local/htdocs/lg % cd /usr/local/bin/perl > >> perl* perl5* perl5.24.1* perlbug* perldoc* perlivp* > >> perlthanks* > >> > >> > >> Perl version in use: > >> > >> perl -v > >> > >> This is perl 5, version 24, subversion 1 (v5.24.1) built for > >> amd64-freebsd-thread-multi > >> (with 1 registered patch, see perl -V for more detail) > >> > >> Copyright 1987-2016, Larry Wall > >> > >> Perl may be copied only under the terms of either the Artistic License > or > >> the > >> GNU General Public License, which may be found in the Perl 5 source kit. > >> > >> Complete documentation for Perl, including FAQ lists, should be found on > >> this system using "man perl" or "perldoc perl". If you have access to > the > >> Internet, point your browser at http://www.perl.org/, the Perl Home > Page. > >> > >> Thanks for replying > >> > >> BR > >> > >> On Fri, May 26, 2017 at 12:52 AM, Aaron Dudek > wrote: > >>> > >>> Did you install the modules using the method I gave? > >>> Are you sure about the location of the perl modules? > >>> > >>> I've never played with the LG and I don't do http. > >>> > >>> On Thu, May 25, 2017 at 11:57 AM, Tarranum Kamal > >>> wrote: > >>> > Hi Aaron > >>> > > >>> > Thanks for your swift reply. Is this going to install CGI and > Lockfile > >>> > module for me ? > >>> > > >>> > FYI, httpd.conf file > >>> > > >>> > > >>> > LoadModule cgid_module libexec/apache24/mod_cgid.so > >>> > > >>> > > >>> > LoadModule cgi_module libexec/apache24/mod_cgi.so > >>> > LoadModule perl_module libexec/apache24/mod_perl.so > >>> > > >>> > ScriptAlias /lg /usr/local/htdocs/lg > >>> > > >>> > > >>> > AllowOverride None > >>> > AddHandler cgi-script .cgi .pl > >>> > Options ExecCGI > >>> > DirectoryIndex lgform.cgi > >>> > Require all granted > >>> > > >>> > > >>> > When I see httpd-error.log, I see below: > >>> > > >>> > [Thu May 25 16:01:48.035497 2017] [cgi:error] [pid 17135] [client >>> > address:port>] AH01215: (8)Exec format error: exec of > >>> > '/usr/local/htdocs/lg/index.html' failed: > >>> > /usr/local/htdocs/lg/index.html > >>> > [Thu May 25 16:01:48.035557 2017] [cgi:error] [pid 17135] [client >>> > address:port>] End of script output before headers: index.html > >>> > > >>> > Best Regards > >>> > > >>> > > >>> > > >>> > On Thu, May 25, 2017 at 10:22 PM, Aaron Dudek > >>> > wrote: > >>> >> > >>> >> As far as the Perl stuff > >>> >> try > >>> >> A) Start CPAN Shell: > >>> >> # perl -MCPAN -e shell > >>> >> > >>> >> B) Install a perl module: > >>> >> At cpan> shell prompt install module using install module::Name > >>> >> command. For example install module called MIME::Lite: > >>> >> # cpan> install MIME::Lite > >>> >> > >>> >> Alternatively, try out the following command: > >>> >> # cpan -i MIME::Lite > >>> >> > >>> >> On Thu, May 25, 2017 at 10:17 AM, heasley > wrote: > >>> >> > Thu, May 25, 2017 at 01:17:56PM +0800, Tarranum Kamal: > >>> >> >> 0down votefavorite > >>> >> >> > >>> >> >> > >>> >> >> I am beginner to server world and in general scripting and OS. I > >>> >> >> have > >>> >> >> managed to run Rancid on my server running Freebsd. Now i am > trying > >>> >> >> to > >>> >> >> confiugre RANCID Looking glass, i have followed REAMDE.lg that > >>> >> >> comes > >>> >> >> with > >>> >> >> rancid package but to be honest this is too difficult to > understand > >>> >> >> with > >>> >> >> lots of hidden assumptions . ANyways i followed the instricution > in > >>> >> >> it > >>> >> >> ) > >>> >> >> (whatever I could understand) , when I try to access it thru > >>> >> >> browser it > >>> >> >> displays text instead webpage, now I am clueless. The readme says > >>> >> >> it > >>> >> >> required CGI and Lockfile perl modules, how can I check if these > >>> >> >> modules > >>> >> >> are present on my servers > >>> >> >> > >>> >> >> I would appreciate if anyone has installed rancid looking glass > who > >>> >> >> can > >>> >> >> help me out or if anyone can provide me a better installation > guide > >>> >> >> for > >>> >> >> freebsd. > >>> >> > > >>> >> > its been a while since i've setup the lg freshly and the i have > yet > >>> >> > to > >>> >> > review the suggestion last week from another user on the cisco-nsp > >>> >> > list. > >>> >> > i'll try to do that next week, otherwise the README.lg file is the > >>> >> > only > >>> >> > instruction I have for you ATM. > >>> >> > > >>> >> > _______________________________________________ > >>> >> > Rancid-discuss mailing list > >>> >> > Rancid-discuss at shrubbery.net > >>> >> > http://www.shrubbery.net/mailman/listinfo/rancid-discuss > >>> > > >>> > > >> > >> > > > -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: nklogin Type: application/octet-stream Size: 41985 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: nkrancid Type: application/octet-stream Size: 14133 bytes Desc: not available URL: From tannerlyle at gmail.com Wed Jun 7 14:57:54 2017 From: tannerlyle at gmail.com (Tanner Lyle) Date: Wed, 7 Jun 2017 09:57:54 -0500 Subject: [rancid] help ciena-ws trouble on Rancid 3.6.2 In-Reply-To: References: <20170606045412.GA36856@shrubbery.net> Message-ID: I should of changed it back to hlogin before i ran the debug, the custom script is identical to hlogin with the suggested change by heasely, Mine is not making as far or failing the same way yours is, i would feel better about it if it was i never make it to the prompt match output stage. [rancid at localhost logs]$ rancid -d -t ciena-ws 192.168.168.32 loadtype: device type ciena-ws loadtype: found device type ciena-ws in /usr/local/rancid/etc/rancid.types.base executing hlogin -t 120 -c"software show;chassis show;configuration show" 192.168.168.32 192.168.168.32: missed cmd(s): all commands 192.168.168.32: End of run not found [rancid at localhost bin]$ diff hlogin cienawslogin 640c640 < -re "^.+>" { --- > -re "^.+\[#>]" { On Tue, Jun 6, 2017 at 3:17 PM, Chris Wopat wrote: > Date: Tue, 6 Jun 2017 04:54:13 +0000 >> From: heasley >> hlogin needs a small change to catch that; as follows. does it fix this? >> >> Index: bin/hlogin.in >> =================================================================== >> --- bin/hlogin.in (revision 3655) >> +++ bin/hlogin.in (working copy) >> @@ -332,7 +332,7 @@ >> exp_continue >> } >> -re "\[\r\n]+" { exp_continue } >> - -re "^.+>" { >> + -re "^.+\[#>]" { >> catch {send -h "exit\r"} >> exp_continue >> } >> > > I believe it's effectively ignoring the 'logout' part, but still getting > end of run not found and hence not succeeding. > > > $ rancid -d -t ciena-ws my-waveserver > loadtype: device type ciena-ws > loadtype: found device type ciena-ws in /usr/local/rancid/etc/rancid.t > ypes.base > executing hlogin -t 120 -c"software show;chassis show;configuration show" > my-waveserver > PROMPT MATCH: my-waveserver> > HIT COMMAND:my-waveserver> software show > In ShowVersion: my-waveserver> software show > HIT COMMAND:my-waveserver> chassis show > In ShowChassisClocks: my-waveserver> chassis show > HIT COMMAND:my-waveserver> configuration show > In ShowConfiguration: my-waveserver> configuration show > my-waveserver: End of run not found > my-waveserver^>logout > > > This looks similar to Tanner, although he's still using a custom > 'cienawslogin' instead of 'hlogin'. > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss > -------------- next part -------------- An HTML attachment was scrubbed... URL: From AGriesser at anexia-it.com Thu Jun 8 06:30:56 2017 From: AGriesser at anexia-it.com (Griesser Alexander) Date: Thu, 8 Jun 2017 06:30:56 +0000 Subject: [rancid] Fortigate - tweak suggestion as well as issue with spacing FortiOS >5.4+ In-Reply-To: <887a272e-a66c-d34f-7b3a-7a13bc2d30c8@falz.net> References: <20170606064338.GD36856@shrubbery.net> <887a272e-a66c-d34f-7b3a-7a13bc2d30c8@falz.net> Message-ID: Hey, > >> 1) feature - i'd suggest changing the config it fetches from 'show full-configuration' to just 'show', which will show only non-default stuff. 'show full-configuration' is equivilant to IOS's 'show running-config full'. 'show' seems to match > >> better with how most devices are handled. >> >> I do not know the platform; you folks tell me. or, covert it to a >> module and have more than one spec. > >I'd like to hear if others are on board with this, if so the quick and dirty is just adjusting @commandtable's > > {'show full-configuration' => 'GetConf'} > >to > > {'show' => 'GetConf'} I think default values might change from time to time, so I do usually prefer to have a full config dump of my devices, just in case I need to recover from an older version of the configuration after an upgrade - but I'm not exactly sure how Forti* handles these kinds of things, so basically, I do not really have a strong opinion on that. > Another patch that I hope others agree on would be to add this to sub GetSystem {} > > next if (/^\s*IPS-ETDB: .*/); > next if (/^\s*APP-DB: .*/); > next if (/^\s*IPS Malicious URL Database: .*/); > next if (/^\s*Botnet DB: .*/); > > There are already a few lines like this in there, this may be fixes for newer versions of those names or newer features. +1 on that, good point. Best, Alex From AGriesser at anexia-it.com Thu Jun 8 06:36:15 2017 From: AGriesser at anexia-it.com (Griesser Alexander) Date: Thu, 8 Jun 2017 06:36:15 +0000 Subject: [rancid] Fortigate - tweak suggestion as well as issue with spacing FortiOS >5.4+ In-Reply-To: <20170606064338.GD36856@shrubbery.net> References: <20170606064338.GD36856@shrubbery.net> Message-ID: <94cf124f1cd746c78d0da65f9ad2a7aa@anx-i-dag01.anx.local> > > - next > > + next > > end > > can be fixed by adding "ignore-whitespace" as a diff option which would make sense in all situations I guess; not sure if there's any router/switch/firewall which really cares about whitespace syntax-wise. > True, but this would filter spaces that are legitimate. :) Like which ones? I'm not aware of any legitimate spaces in the configuration of networking devices - does anyone have a syntax example for any device which makes a difference between one or two spaces in the configuration? Best, Alex From tannerlyle at gmail.com Thu Jun 8 12:29:35 2017 From: tannerlyle at gmail.com (Tanner Lyle) Date: Thu, 8 Jun 2017 07:29:35 -0500 Subject: [rancid] Help ciena-ws Rancid 3.6.2 Message-ID: I cannot get a Ciena Waveserver (192.168.168.32 in the files) to complete, all commands run and login works but never makes it to the parse output or get a PROMPT MATCH: like it's trying to run the perl module against the device. Trying to gain some traction on this, out of ideas and know how to trouble shoot it. Any suggestions, i think the problem is still in hlogin or in the wavesvros.pm. [rancid at localhost logs]$ export NOPIPE=YES && rancid -d -t ciena-ws 192.168.168.32 loadtype: device type ciena-ws loadtype: found device type ciena-ws in /usr/local/rancid/etc/rancid.types.base executing hlogin -t 120 -c"software show;chassis show;configuration show" 192.168.168.32 192.168.168.32: missed cmd(s): all commands 192.168.168.32: End of run not found ! I can get different devices to complete and run so i don't think it's a permissions or install issue [rancid at localhost logs]$ export NOPIPE=YES && rancid -d -t foundry 10.0.2.2 loadtype: device type foundry loadtype: found device type foundry in /usr/local/rancid/etc/rancid.types.base executing flogin -t 90 -c"show version;show chassis;show module;show media;show media validation;show flash;write term;show running-config" 10.0.2.2 PROMPT MATCH: telnet at LAB_MLX16# HIT COMMAND:telnet at LAB_MLX16#show version In ShowVersion: telnet at LAB_MLX16#show version HIT COMMAND:telnet at LAB_MLX16#show chassis In ShowChassis: telnet at LAB_MLX16#show chassis HIT COMMAND:telnet at LAB_MLX16#show module In ShowModule: telnet at LAB_MLX16#show module HIT COMMAND:telnet at LAB_MLX16#show media In ShowMedia: telnet at LAB_MLX16#show media HIT COMMAND:telnet at LAB_MLX16#show media validation In ShowMedia: telnet at LAB_MLX16#show media validation HIT COMMAND:telnet at LAB_MLX16#show flash In ShowFlash: telnet at LAB_MLX16#show flash HIT COMMAND:telnet at LAB_MLX16#write term In WriteTerm: telnet at LAB_MLX16#write term HIT COMMAND:telnet at LAB_MLX16#show running-config In WriteTerm: telnet at LAB_MLX16#show running-config -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: 10.0.2.2.new Type: application/octet-stream Size: 32557 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: 10.0.2.2.raw Type: image/raw Size: 49258 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: 192.168.168.32.new Type: application/octet-stream Size: 33 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: 192.168.168.32.raw Type: image/raw Size: 15910 bytes Desc: not available URL: From me at falz.net Thu Jun 8 14:37:35 2017 From: me at falz.net (Chris Wopat) Date: Thu, 8 Jun 2017 09:37:35 -0500 Subject: [rancid] Fortigate - tweak suggestion as well as issue with spacing FortiOS >5.4+ In-Reply-To: References: <20170606064338.GD36856@shrubbery.net> <887a272e-a66c-d34f-7b3a-7a13bc2d30c8@falz.net> Message-ID: On Thu, Jun 8, 2017 at 1:30 AM, Griesser Alexander wrote: > > I think default values might change from time to time, so I do usually > prefer to have a full config dump of my devices, just in case I need to > recover from an older version of the configuration after an upgrade - but > I'm not exactly sure how Forti* handles these kinds of things, so > basically, I do not really have a strong opinion on that. > > Curious of others thoughts if anyone else uses forti*. I've not used them extensively enough to know if they change defaults often, I'm only really involved in this as they're devices on net and they should use our common backup mechanism. > +1 on that, good point. Guessing these are universally supported as they're super chatty. I can submit a patch for this if that's the more official method to do so. --Chris -------------- next part -------------- An HTML attachment was scrubbed... URL: From LSOMMERARD at owentis.com Thu Jun 8 14:37:39 2017 From: LSOMMERARD at owentis.com (Lucas SOMMERARD) Date: Thu, 8 Jun 2017 14:37:39 +0000 Subject: [rancid] hlogin HP J9626A RA.16.02.0016 Message-ID: <3aead39a34ac49a0bf11b367ce7c392b@OZISRVBAL02.OZITEM.LAN> Hello, I have some issues with Rancid to backup configuration of an HP switch since it has been update to RA.16.02.0016. I'm using rancid 3.2 on CentOs 6.9. This is the error I get using hlogin in debug : Your previous successful login (as manager) was on 2017-06-08 16:17:53 from 192.168.1.22 LT1-2650-01# expect: does "\u001b[?7hYour previous successful login (as manager) was on 2017-06-08 16:17:53 \r\r\n from 192.168.1.22\r\r\nLT1-2650-01# " (spawn_id exp3) match glob pattern "Press any key to continue"? no "[Pp]assword"? Gate "?assword"? gate=no "#"? yes expect: set expect_out(0,string) "#" expect: set expect_out(spawn_id) "exp3" expect: set expect_out(buffer) "\u001b[?7hYour previous successful login (as manager) was on 2017-06-08 16:17:53 \r\r\n from 192.168.1.22\r\r\nLT1-2650-01#" send: sending "\r" to { exp3 } Gate keeper glob pattern for '[ ]+' is ''. Not usable, disabling the performance booster. Gate keeper glob pattern for '^.+#' is '*#'. Activating booster. expect: does " " (spawn_id exp3) match regular expression "[\r\n]+"? (No Gate, RE only) gate=yes re=no "^.+#"? Gate "*#"? gate=no LT1-2650-01# expect: does " \u001b[1M\u001b[1LLT1-2650-01# " (spawn_id exp3) match regular expression "[\r\n]+"? (No Gate, RE only) gate=yes re=no "^.+#"? Gate "*#"? gate=yes re=yes expect: set expect_out(0,string) " \u001b[1M\u001b[1LLT1-2650-01#" expect: set expect_out(spawn_id) "exp3" expect: set expect_out(buffer) " \u001b[1M\u001b[1LLT1-2650-01#" send: sending "no page\r" to { exp3 } LT([^#>\r\n]+)?[#>](\\([^)\\r\\n]+\\))? couldn't compile regular expression pattern: parentheses () not balanced while executing "expect { -re $reprompt {} -re "\[\n\r]+" { exp_continue } }" (procedure "run_commands" line 20) invoked from within "run_commands $prompt $command" ("foreach" body line 161) invoked from within "foreach router [lrange $argv $i end] { set router [string tolower $router] send_user "$router\n" # device timeout set timeout [find t..." (file "/usr/libexec/rancid/hlogin2" line 662) I've seen this subbject : http://www.shrubbery.net/pipermail/rancid-discuss/2010-June/004995.html And I've tried to upgrade rancid to 3.6.2 using source but I still have a problem : couldn't compile regular expression pattern: brackets [] not balanced while executing "expect -re $prompt {}" ("foreach" body line 163) invoked from within "foreach router [lrange $argv $i end] { set router [string tolower $router] send_user "$router\n" # device timeout set timeout [find t..." (file "/usr/local/rancid/bin/hlogin" line 666) Thank you for your help. Regards, Lucas Sommerard [cid:signature-de-mail-535x165px-OUA2017_deec520d-65e5-4b99-b50a-15a623384ca4.jpg] Les informations figurant sur cet e-mail ont un caract?re strictement confidentiel et sont exclusivement adress?es au destinataire mentionn? ci-dessus. Tout usage, reproduction ou divulgation de cet e-mail est strictement interdit si vous n'en ?tes pas le destinataire. Dans ce cas, veuillez nous en avertir imm?diatement par la m?me voie et d?truire l'original. P Avant d'imprimer, pensez ? l'environnement ? -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: signature-de-mail-535x165px-OUA2017_deec520d-65e5-4b99-b50a-15a623384ca4.jpg Type: image/jpeg Size: 84088 bytes Desc: signature-de-mail-535x165px-OUA2017_deec520d-65e5-4b99-b50a-15a623384ca4.jpg URL: From LSOMMERARD at owentis.com Thu Jun 8 14:28:24 2017 From: LSOMMERARD at owentis.com (Lucas SOMMERARD) Date: Thu, 8 Jun 2017 14:28:24 +0000 Subject: [rancid] hlogin HP J9626A RA.16.02.0016 Message-ID: Hello, I have some issues with Rancid to backup configuration of an HP switch since it has been update to RA.16.02.0016. I'm using rancid 3.2 on CentOs 6.9. This is the error I get using hlogin in debug : Your previous successful login (as manager) was on 2017-06-08 16:17:53 from 192.168.1.22 LT1-2650-01# expect: does "\u001b[?7hYour previous successful login (as manager) was on 2017-06-08 16:17:53 \r\r\n from 192.168.1.22\r\r\nLT1-2650-01# " (spawn_id exp3) match glob pattern "Press any key to continue"? no "[Pp]assword"? Gate "?assword"? gate=no "#"? yes expect: set expect_out(0,string) "#" expect: set expect_out(spawn_id) "exp3" expect: set expect_out(buffer) "\u001b[?7hYour previous successful login (as manager) was on 2017-06-08 16:17:53 \r\r\n from 192.168.1.22\r\r\nLT1-2650-01#" send: sending "\r" to { exp3 } Gate keeper glob pattern for '[ ]+' is ''. Not usable, disabling the performance booster. Gate keeper glob pattern for '^.+#' is '*#'. Activating booster. expect: does " " (spawn_id exp3) match regular expression "[\r\n]+"? (No Gate, RE only) gate=yes re=no "^.+#"? Gate "*#"? gate=no LT1-2650-01# expect: does " \u001b[1M\u001b[1LLT1-2650-01# " (spawn_id exp3) match regular expression "[\r\n]+"? (No Gate, RE only) gate=yes re=no "^.+#"? Gate "*#"? gate=yes re=yes expect: set expect_out(0,string) " \u001b[1M\u001b[1LLT1-2650-01#" expect: set expect_out(spawn_id) "exp3" expect: set expect_out(buffer) " \u001b[1M\u001b[1LLT1-2650-01#" send: sending "no page\r" to { exp3 } LT([^#>\r\n]+)?[#>](\\([^)\\r\\n]+\\))? couldn't compile regular expression pattern: parentheses () not balanced while executing "expect { -re $reprompt {} -re "\[\n\r]+" { exp_continue } }" (procedure "run_commands" line 20) invoked from within "run_commands $prompt $command" ("foreach" body line 161) invoked from within "foreach router [lrange $argv $i end] { set router [string tolower $router] send_user "$router\n" # device timeout set timeout [find t..." (file "/usr/libexec/rancid/hlogin2" line 662) I've seen this subbject : http://www.shrubbery.net/pipermail/rancid-discuss/2010-June/004995.html And I've tried to upgrade rancid to 3.6.2 using source but I still have a problem : couldn't compile regular expression pattern: brackets [] not balanced while executing "expect -re $prompt {}" ("foreach" body line 163) invoked from within "foreach router [lrange $argv $i end] { set router [string tolower $router] send_user "$router\n" # device timeout set timeout [find t..." (file "/usr/local/rancid/bin/hlogin" line 666) Thank you for your help. Regards, Lucas Sommerard [cid:signature-de-mail-535x165px-OUA2017_deec520d-65e5-4b99-b50a-15a623384ca4.jpg] Les informations figurant sur cet e-mail ont un caract?re strictement confidentiel et sont exclusivement adress?es au destinataire mentionn? ci-dessus. Tout usage, reproduction ou divulgation de cet e-mail est strictement interdit si vous n'en ?tes pas le destinataire. Dans ce cas, veuillez nous en avertir imm?diatement par la m?me voie et d?truire l'original. P Avant d'imprimer, pensez ? l'environnement ? -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: signature-de-mail-535x165px-OUA2017_deec520d-65e5-4b99-b50a-15a623384ca4.jpg Type: image/jpeg Size: 84088 bytes Desc: signature-de-mail-535x165px-OUA2017_deec520d-65e5-4b99-b50a-15a623384ca4.jpg URL: From doug.hughes at keystonenap.com Fri Jun 9 02:09:57 2017 From: doug.hughes at keystonenap.com (Doug Hughes) Date: Thu, 8 Jun 2017 22:09:57 -0400 Subject: [rancid] hlogin HP J9626A RA.16.02.0016 In-Reply-To: <3aead39a34ac49a0bf11b367ce7c392b@OZISRVBAL02.OZITEM.LAN> References: <3aead39a34ac49a0bf11b367ce7c392b@OZISRVBAL02.OZITEM.LAN> Message-ID: the ssh key of the device has changed. Login or sudo to rancid and then remove the old ssh key from ~rancid/.ssh/known_hosts and then hlogin to the device to get the new host key. That should fix it. On 6/8/2017 10:37 AM, Lucas SOMMERARD wrote: > > Hello, > > > > I have some issues with Rancid to backup configuration of an HP switch > since it has been update to RA.16.02.0016. > > I?m using rancid 3.2 on CentOs 6.9. > > > > This is the error I get using hlogin in debug : > > Your previous successful login (as manager) was on 2017-06-08 16:17:53 > > from 192.168.1.22 > > LT1-2650-01# > > expect: does "\u001b[?7hYour previous successful login (as manager) > was on 2017-06-08 16:17:53 \r\r\n from > 192.168.1.22\r\r\nLT1-2650-01# " (spawn_id exp3) match glob pattern > "Press any key to continue"? no > > "[Pp]assword"? Gate "?assword"? gate=no > > "#"? yes > > expect: set expect_out(0,string) "#" > > expect: set expect_out(spawn_id) "exp3" > > expect: set expect_out(buffer) "\u001b[?7hYour previous successful > login (as manager) was on 2017-06-08 16:17:53 \r\r\n from > 192.168.1.22\r\r\nLT1-2650-01#" > > send: sending "\r" to { exp3 } > > Gate keeper glob pattern for '[ > > ]+' is ''. Not usable, disabling the performance booster. > > Gate keeper glob pattern for '^.+#' is '*#'. Activating booster. > > > > expect: does " " (spawn_id exp3) match regular expression "[\r\n]+"? > (No Gate, RE only) gate=yes re=no > > "^.+#"? Gate "*#"? gate=no > > LT1-2650-01# > > expect: does " \u001b[1M\u001b[1LLT1-2650-01# " (spawn_id exp3) match > regular expression "[\r\n]+"? (No Gate, RE only) gate=yes re=no > > "^.+#"? Gate "*#"? gate=yes re=yes > > expect: set expect_out(0,string) " \u001b[1M\u001b[1LLT1-2650-01#" > > expect: set expect_out(spawn_id) "exp3" > > expect: set expect_out(buffer) " \u001b[1M\u001b[1LLT1-2650-01#" > > send: sending "no page\r" to { exp3 } > > > LT([^#>\r\n]+)?[#>](\\([^)\\r\\n]+\\)) > ? couldn't compile regular > expression pattern: parentheses () not balanced > > while executing > > "expect { > > -re $reprompt {} > > -re "\[\n\r]+" { exp_continue } > > }" > > (procedure "run_commands" line 20) > > invoked from within > > "run_commands $prompt $command" > > ("foreach" body line 161) > > invoked from within > > "foreach router [lrange $argv $i end] { > > set router [string tolower $router] > > send_user "$router\n" > > > > # device timeout > > set timeout [find t..." > > (file "/usr/libexec/rancid/hlogin2" line 662) > > > > I?ve seen this subbject : > http://www.shrubbery.net/pipermail/rancid-discuss/2010-June/004995.html > > And I?ve tried to upgrade rancid to 3.6.2 using source but I still > have a problem : > > couldn't compile regular expression pattern: brackets [] not balanced > > while executing > > "expect -re $prompt {}" > > ("foreach" body line 163) > > invoked from within > > "foreach router [lrange $argv $i end] { > > set router [string tolower $router] > > send_user "$router\n" > > > > # device timeout > > set timeout [find t..." > > (file "/usr/local/rancid/bin/hlogin" line 666) > > > > Thank you for your help. > > > > Regards, > > > > Lucas Sommerard > > > > Les informations figurant sur cet e-mail ont un caract?re strictement > confidentiel et sont exclusivement adress?es au destinataire mentionn? > ci-dessus. Tout usage, reproduction ou divulgation de cet e-mail est > strictement interdit si vous n'en ?tes pas le destinataire. Dans ce > cas, veuillez nous en avertir imm?diatement par la m?me voie et > d?truire l'original. > > PAvant d'imprimer,pensez? l'environnement *?* > > > > > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss -- Doug Hughes Keystone NAP Fairless Hills, PA 1.844.KEYBLOCK (539.2562) -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: signature-de-mail-535x165px-OUA2017_deec520d-65e5-4b99-b50a-15a623384ca4.jpg Type: image/jpeg Size: 84088 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: keystone-nap.png Type: image/png Size: 3476 bytes Desc: not available URL: From tarranum.kamal at gmail.com Fri Jun 9 04:49:34 2017 From: tarranum.kamal at gmail.com (Tarranum Kamal) Date: Fri, 9 Jun 2017 12:49:34 +0800 Subject: [rancid] HELP RACNID LOOKING GLASS In-Reply-To: References: <20170525141718.GH24772@shrubbery.net> Message-ID: Hi Forum Any advice ? It seems to me that LG script is not able to login to router as i do not see any login attempts from server IP on my router. However rancid can login (i tested following instrustions on http://joe-ma-how-to.blogspot.sg/search/label/Rancid Thanks for your kindl advice. BR On Wed, Jun 7, 2017 at 11:36 AM, Tarranum Kamal wrote: > Hi Aaron > > Yes you are right, the original equipment is from Alcatel running SROS. > Its a Unix like machine and I am trying to test ping for now. I am attached > my type.conf , nkrancid and nklogin files. I gor nkrancid from > https://github.com/buraglio/alurancid (after fixing one line it worked > fine for me) however alulogin file on the same repositiory is meant to work > for old version of rancid so i just copied jlogin that comes wih rancid3.0 > and renamed it , is it right thing to do ? > > files on my systems are attached. > > Thanks for your help. > > BR > Tarranum > > On Tue, Jun 6, 2017 at 7:56 PM, Aaron Dudek wrote: > >> I would look to see what there is for Alcatel Lucent or SROS instead of >> Nokia >> >> On Fri, Jun 2, 2017 at 2:36 AM, Tarranum Kamal >> wrote: >> > Anyone who can answer my query. I have fixed my previous issues and now >> when >> > try to execute ping from my LG webpage, it gives me error "Unknown >> device >> > type nokia: . I am trying to configure it for Nokia routers (formerly >> > Alcatel Lucent). >> > >> > Here is how my rancid.types.conf looks like >> > >> > nokia;script;nkrancid >> > nokia;login;nklogin >> > nokia;module;timos >> > nokia;command;timos::ping >> > nokia;inloop;timos::inloop >> > >> > and nklogin /nkrancid are located in /usr/local/libexc/rancid and are >> > writeable by rancid user only. >> > >> > Thanks for your reply. >> > >> > BR >> > >> > On Fri, May 26, 2017 at 1:12 PM, Tarranum Kamal < >> tarranum.kamal at gmail.com> >> > wrote: >> >> >> >> I use your method. The location of perl i think I am sure (see below) >> >> >> >> /usr/local/htdocs/lg % cd /usr/local/bin/perl >> >> perl* perl5* perl5.24.1* perlbug* perldoc* perlivp* >> >> perlthanks* >> >> >> >> >> >> Perl version in use: >> >> >> >> perl -v >> >> >> >> This is perl 5, version 24, subversion 1 (v5.24.1) built for >> >> amd64-freebsd-thread-multi >> >> (with 1 registered patch, see perl -V for more detail) >> >> >> >> Copyright 1987-2016, Larry Wall >> >> >> >> Perl may be copied only under the terms of either the Artistic License >> or >> >> the >> >> GNU General Public License, which may be found in the Perl 5 source >> kit. >> >> >> >> Complete documentation for Perl, including FAQ lists, should be found >> on >> >> this system using "man perl" or "perldoc perl". If you have access to >> the >> >> Internet, point your browser at http://www.perl.org/, the Perl Home >> Page. >> >> >> >> Thanks for replying >> >> >> >> BR >> >> >> >> On Fri, May 26, 2017 at 12:52 AM, Aaron Dudek >> wrote: >> >>> >> >>> Did you install the modules using the method I gave? >> >>> Are you sure about the location of the perl modules? >> >>> >> >>> I've never played with the LG and I don't do http. >> >>> >> >>> On Thu, May 25, 2017 at 11:57 AM, Tarranum Kamal >> >>> wrote: >> >>> > Hi Aaron >> >>> > >> >>> > Thanks for your swift reply. Is this going to install CGI and >> Lockfile >> >>> > module for me ? >> >>> > >> >>> > FYI, httpd.conf file >> >>> > >> >>> > >> >>> > LoadModule cgid_module libexec/apache24/mod_cgid.so >> >>> > >> >>> > >> >>> > LoadModule cgi_module libexec/apache24/mod_cgi.so >> >>> > LoadModule perl_module libexec/apache24/mod_perl.so >> >>> > >> >>> > ScriptAlias /lg /usr/local/htdocs/lg >> >>> > >> >>> > >> >>> > AllowOverride None >> >>> > AddHandler cgi-script .cgi .pl >> >>> > Options ExecCGI >> >>> > DirectoryIndex lgform.cgi >> >>> > Require all granted >> >>> > >> >>> > >> >>> > When I see httpd-error.log, I see below: >> >>> > >> >>> > [Thu May 25 16:01:48.035497 2017] [cgi:error] [pid 17135] [client >> > >>> > address:port>] AH01215: (8)Exec format error: exec of >> >>> > '/usr/local/htdocs/lg/index.html' failed: >> >>> > /usr/local/htdocs/lg/index.html >> >>> > [Thu May 25 16:01:48.035557 2017] [cgi:error] [pid 17135] [client >> > >>> > address:port>] End of script output before headers: index.html >> >>> > >> >>> > Best Regards >> >>> > >> >>> > >> >>> > >> >>> > On Thu, May 25, 2017 at 10:22 PM, Aaron Dudek >> >>> > wrote: >> >>> >> >> >>> >> As far as the Perl stuff >> >>> >> try >> >>> >> A) Start CPAN Shell: >> >>> >> # perl -MCPAN -e shell >> >>> >> >> >>> >> B) Install a perl module: >> >>> >> At cpan> shell prompt install module using install module::Name >> >>> >> command. For example install module called MIME::Lite: >> >>> >> # cpan> install MIME::Lite >> >>> >> >> >>> >> Alternatively, try out the following command: >> >>> >> # cpan -i MIME::Lite >> >>> >> >> >>> >> On Thu, May 25, 2017 at 10:17 AM, heasley >> wrote: >> >>> >> > Thu, May 25, 2017 at 01:17:56PM +0800, Tarranum Kamal: >> >>> >> >> 0down votefavorite >> >>> >> >> > > >> >>> >> >> >> >>> >> >> I am beginner to server world and in general scripting and OS. I >> >>> >> >> have >> >>> >> >> managed to run Rancid on my server running Freebsd. Now i am >> trying >> >>> >> >> to >> >>> >> >> confiugre RANCID Looking glass, i have followed REAMDE.lg that >> >>> >> >> comes >> >>> >> >> with >> >>> >> >> rancid package but to be honest this is too difficult to >> understand >> >>> >> >> with >> >>> >> >> lots of hidden assumptions . ANyways i followed the >> instricution in >> >>> >> >> it >> >>> >> >> ) >> >>> >> >> (whatever I could understand) , when I try to access it thru >> >>> >> >> browser it >> >>> >> >> displays text instead webpage, now I am clueless. The readme >> says >> >>> >> >> it >> >>> >> >> required CGI and Lockfile perl modules, how can I check if these >> >>> >> >> modules >> >>> >> >> are present on my servers >> >>> >> >> >> >>> >> >> I would appreciate if anyone has installed rancid looking glass >> who >> >>> >> >> can >> >>> >> >> help me out or if anyone can provide me a better installation >> guide >> >>> >> >> for >> >>> >> >> freebsd. >> >>> >> > >> >>> >> > its been a while since i've setup the lg freshly and the i have >> yet >> >>> >> > to >> >>> >> > review the suggestion last week from another user on the >> cisco-nsp >> >>> >> > list. >> >>> >> > i'll try to do that next week, otherwise the README.lg file is >> the >> >>> >> > only >> >>> >> > instruction I have for you ATM. >> >>> >> > >> >>> >> > _______________________________________________ >> >>> >> > Rancid-discuss mailing list >> >>> >> > Rancid-discuss at shrubbery.net >> >>> >> > http://www.shrubbery.net/mailman/listinfo/rancid-discuss >> >>> > >> >>> > >> >> >> >> >> > >> > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From peo at chalmers.se Fri Jun 9 08:34:06 2017 From: peo at chalmers.se (Per-Olof Olsson) Date: Fri, 9 Jun 2017 10:34:06 +0200 Subject: [rancid] hlogin HP J9626A RA.16.02.0016 In-Reply-To: <3aead39a34ac49a0bf11b367ce7c392b@OZISRVBAL02.OZITEM.LAN> References: <3aead39a34ac49a0bf11b367ce7c392b@OZISRVBAL02.OZITEM.LAN> Message-ID: <833ebbe1-3e82-3170-5606-380bc6b06001@chalmers.se> Hello Is it new ESC-codes added in late HP/Aruba versionens that make the login problem? It's possible that You need to patch hpuifilter.c and add filters for ?[?7h?, ?[1L?, and ?[1M?. ... > LT1-2650-01# > > expect: does "\u001b[?7hYour previous successful login (as manager) was on 2017-06-08 ... --------^^^^ Look for Subject "rancid with hp5412 J8697A or hp5406" posted on this list mars 24 2017. /Peo ---------------------------------------------------------- Per-Olof Olsson Email: peo at chalmers.se Chalmers tekniska h?gskola IT-avdelningen Arvid Hedvalls backe 6 412 96 G?teborg Tel: 031/772 6738 Mob: 0707 88 3708 ---------------------------------------------------------- Den 2017-06-08 kl. 16:37, skrev Lucas SOMMERARD: > Hello, > > > > I have some issues with Rancid to backup configuration of an HP switch since it has been > update to RA.16.02.0016. > > I?m using rancid 3.2 on CentOs 6.9. > > > > This is the error I get using hlogin in debug : > > Your previous successful login (as manager) was on 2017-06-08 16:17:53 > > from 192.168.1.22 > > LT1-2650-01# > > expect: does "\u001b[?7hYour previous successful login (as manager) was on 2017-06-08 > 16:17:53 \r\r\n from 192.168.1.22\r\r\nLT1-2650-01# " (spawn_id exp3) match glob > pattern "Press any key to continue"? no > > "[Pp]assword"? Gate "?assword"? gate=no > > "#"? yes > > expect: set expect_out(0,string) "#" > > expect: set expect_out(spawn_id) "exp3" > > expect: set expect_out(buffer) "\u001b[?7hYour previous successful login (as manager) was > on 2017-06-08 16:17:53 \r\r\n from 192.168.1.22\r\r\nLT1-2650-01#" > > send: sending "\r" to { exp3 } > > Gate keeper glob pattern for '[ > > ]+' is ''. Not usable, disabling the performance booster. > > Gate keeper glob pattern for '^.+#' is '*#'. Activating booster. > > > > expect: does " " (spawn_id exp3) match regular expression "[\r\n]+"? (No Gate, RE only) > gate=yes re=no > > "^.+#"? Gate "*#"? gate=no > > LT1-2650-01# > > expect: does " \u001b[1M\u001b[1LLT1-2650-01# " (spawn_id exp3) match regular expression > "[\r\n]+"? (No Gate, RE only) gate=yes re=no > > "^.+#"? Gate "*#"? gate=yes re=yes > > expect: set expect_out(0,string) " \u001b[1M\u001b[1LLT1-2650-01#" > > expect: set expect_out(spawn_id) "exp3" > > expect: set expect_out(buffer) " \u001b[1M\u001b[1LLT1-2650-01#" > > send: sending "no page\r" to { exp3 } > > > LT([^#>\r\n]+)?[#>](\\([^)\\r\\n]+\\)) ? couldn't compile > regular expression pattern: parentheses () not balanced > > while executing > > "expect { > > -re $reprompt {} > > -re "\[\n\r]+" { exp_continue } > > }" > > (procedure "run_commands" line 20) > > invoked from within > > "run_commands $prompt $command" > > ("foreach" body line 161) > > invoked from within > > "foreach router [lrange $argv $i end] { > > set router [string tolower $router] > > send_user "$router\n" > > > > # device timeout > > set timeout [find t..." > > (file "/usr/libexec/rancid/hlogin2" line 662) > > > > I?ve seen this subbject : > http://www.shrubbery.net/pipermail/rancid-discuss/2010-June/004995.html > > And I?ve tried to upgrade rancid to 3.6.2 using source but I still have a problem : > > couldn't compile regular expression pattern: brackets [] not balanced > > while executing > > "expect -re $prompt {}" > > ("foreach" body line 163) > > invoked from within > > "foreach router [lrange $argv $i end] { > > set router [string tolower $router] > > send_user "$router\n" > > > > # device timeout > > set timeout [find t..." > > (file "/usr/local/rancid/bin/hlogin" line 666) > > > > Thank you for your help. > > > > Regards, > > > > Lucas Sommerard > > > > > > > > > > > > > > > > > > > > > > > > > > Les informations figurant sur cet e-mail ont un caract?re strictement confidentiel et sont > exclusivement adress?es au destinataire mentionn? ci-dessus. Tout usage, reproduction ou > divulgation de cet e-mail est strictement interdit si vous n'en ?tes pas le destinataire. > Dans ce cas, veuillez nous en avertir imm?diatement par la m?me voie et d?truire l'original. > > PAvant d'imprimer,pensez? l'environnement *?* > > > > > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss > From weylin at bu.edu Fri Jun 9 10:58:22 2017 From: weylin at bu.edu (Piegorsch, Weylin William) Date: Fri, 9 Jun 2017 10:58:22 +0000 Subject: [rancid] Fortigate - tweak suggestion as well as issue with spacing FortiOS >5.4+ In-Reply-To: <94cf124f1cd746c78d0da65f9ad2a7aa@anx-i-dag01.anx.local> References: <20170606064338.GD36856@shrubbery.net> <94cf124f1cd746c78d0da65f9ad2a7aa@anx-i-dag01.anx.local> Message-ID: <008D0235-B66F-468A-BC67-DDC346AD148B@bu.edu> If you?re asking ?any? device - in Cisco descriptions (FEX descriptions, interface descriptions...) I?ll sometimes add whitespace so that under some ?show? commands I get output alignment. Makes it easy to visually identify errors (typeos, etc) and I?m playing with similar Regex-based automated verification in my vendor tools (PRIME Infrastructure and so forth), and under normal operation non-alignment makes it a bit of a challenge to quickly scan and find the information I?m looking for. I don?t know Forti*, not sure if that applies here. weylin -----Original Message----- From: Griesser Alexander Date: Thursday, June 8, 2017 at 02:36 To: heasley Cc: Chris Wopat , "rancid-discuss at shrubbery.net" Subject: Re: [rancid] Fortigate - tweak suggestion as well as issue with spacing FortiOS >5.4+ > > - next > > + next > > end > > can be fixed by adding "ignore-whitespace" as a diff option which would make sense in all situations I guess; not sure if there's any router/switch/firewall which really cares about whitespace syntax-wise. > True, but this would filter spaces that are legitimate. :) Like which ones? I'm not aware of any legitimate spaces in the configuration of networking devices - does anyone have a syntax example for any device which makes a difference between one or two spaces in the configuration? Best, Alex From AGriesser at anexia-it.com Fri Jun 9 12:15:07 2017 From: AGriesser at anexia-it.com (Alexander Griesser) Date: Fri, 9 Jun 2017 12:15:07 +0000 Subject: [rancid] Fortigate - tweak suggestion as well as issue with spacing FortiOS >5.4+ In-Reply-To: <008D0235-B66F-468A-BC67-DDC346AD148B@bu.edu> References: <20170606064338.GD36856@shrubbery.net> <94cf124f1cd746c78d0da65f9ad2a7aa@anx-i-dag01.anx.local> <008D0235-B66F-468A-BC67-DDC346AD148B@bu.edu> Message-ID: <94307236e1a145988e5d27b87454c72f@anx-i-dag01.anx.local> Good point, totally missed that. Best, Alexander Griesser Head of Systems Operations ANEXIA Internetdienstleistungs GmbH E-Mail: AGriesser at anexia-it.com Web: http://www.anexia-it.com Anschrift Hauptsitz Klagenfurt: Feldkirchnerstra?e 140, 9020 Klagenfurt Gesch?ftsf?hrer: Alexander Windbichler Firmenbuch: FN 289918a | Gerichtsstand: Klagenfurt | UID-Nummer: AT U63216601 -----Urspr?ngliche Nachricht----- Von: Piegorsch, Weylin William [mailto:weylin at bu.edu] Gesendet: Freitag, 9. Juni 2017 12:58 An: Alexander Griesser ; heasley Cc: Chris Wopat ; rancid-discuss at shrubbery.net Betreff: Re: [rancid] Fortigate - tweak suggestion as well as issue with spacing FortiOS >5.4+ If you?re asking ?any? device - in Cisco descriptions (FEX descriptions, interface descriptions...) I?ll sometimes add whitespace so that under some ?show? commands I get output alignment. Makes it easy to visually identify errors (typeos, etc) and I?m playing with similar Regex-based automated verification in my vendor tools (PRIME Infrastructure and so forth), and under normal operation non-alignment makes it a bit of a challenge to quickly scan and find the information I?m looking for. I don?t know Forti*, not sure if that applies here. weylin -----Original Message----- From: Griesser Alexander Date: Thursday, June 8, 2017 at 02:36 To: heasley Cc: Chris Wopat , "rancid-discuss at shrubbery.net" Subject: Re: [rancid] Fortigate - tweak suggestion as well as issue with spacing FortiOS >5.4+ > > - next > > + next > > end > > can be fixed by adding "ignore-whitespace" as a diff option which would make sense in all situations I guess; not sure if there's any router/switch/firewall which really cares about whitespace syntax-wise. > True, but this would filter spaces that are legitimate. :) Like which ones? I'm not aware of any legitimate spaces in the configuration of networking devices - does anyone have a syntax example for any device which makes a difference between one or two spaces in the configuration? Best, Alex From kirk.mccann at gmail.com Tue Jun 13 18:55:37 2017 From: kirk.mccann at gmail.com (Kirk D Mccann) Date: Tue, 13 Jun 2017 13:55:37 -0500 Subject: [rancid] Cisco Nexus copy command Message-ID: I added a rancid user in my switch how can I determine what the exact copy command is so I can add it to the role? Are there any instructions on switching to git instead of cvs? Thanks -------------- next part -------------- An HTML attachment was scrubbed... URL: From heas at shrubbery.net Wed Jun 14 04:33:34 2017 From: heas at shrubbery.net (heasley) Date: Wed, 14 Jun 2017 04:33:34 +0000 Subject: [rancid] Cisco Nexus copy command In-Reply-To: References: Message-ID: <20170614043334.GB84062@shrubbery.net> Tue, Jun 13, 2017 at 01:55:37PM -0500, Kirk D Mccann: > I added a rancid user in my switch how can I determine what the exact copy > command is so I can add it to the role? rancid -t -C > Are there any instructions on switching to git instead of cvs? no, google for the import process. for the rancid part, run use the alpha version for git, and update the SCM in rancid.conf. From LSOMMERARD at owentis.com Wed Jun 14 12:52:22 2017 From: LSOMMERARD at owentis.com (Lucas SOMMERARD) Date: Wed, 14 Jun 2017 12:52:22 +0000 Subject: [rancid] hlogin HP J9626A RA.16.02.0016 In-Reply-To: <833ebbe1-3e82-3170-5606-380bc6b06001@chalmers.se> References: <3aead39a34ac49a0bf11b367ce7c392b@OZISRVBAL02.OZITEM.LAN> <833ebbe1-3e82-3170-5606-380bc6b06001@chalmers.se> Message-ID: <1b1604b032714cfaaa52bb16663914ff@OZISRVBAL02.OZITEM.LAN> Hello, Indeed It works well after adding these filter to hpuifilter. Thanks a lot ! Regards, Lucas SOMMERARD https://fr.surveymonkey.com/r/eventbyowentis Les informations figurant sur cet e-mail ont un caract?re strictement confidentiel et sont exclusivement adress?es au destinataire mentionn? ci-dessus. Tout usage, reproduction ou divulgation de cet e-mail est strictement interdit si vous n'en ?tes pas le destinataire. Dans ce cas, veuillez nous en avertir imm?diatement par la m?me voie et d?truire l'original. Avant d'imprimer, pensez ? l'environnement -----Message d'origine----- De : Per-Olof Olsson [mailto:peo at chalmers.se] Envoy? : vendredi 9 juin 2017 10:34 ? : Lucas SOMMERARD ; rancid-discuss at shrubbery.net Objet : Re: [rancid] hlogin HP J9626A RA.16.02.0016 Hello Is it new ESC-codes added in late HP/Aruba versionens that make the login problem? It's possible that You need to patch hpuifilter.c and add filters for ?[?7h?, ?[1L?, and ?[1M?. ... > LT1-2650-01# > > expect: does "\u001b[?7hYour previous successful login (as manager) was on 2017-06-08 ... --------^^^^ Look for Subject "rancid with hp5412 J8697A or hp5406" posted on this list mars 24 2017. /Peo ---------------------------------------------------------- Per-Olof Olsson Email: peo at chalmers.se Chalmers tekniska h?gskola IT-avdelningen Arvid Hedvalls backe 6 412 96 G?teborg Tel: 031/772 6738 Mob: 0707 88 3708 ---------------------------------------------------------- Den 2017-06-08 kl. 16:37, skrev Lucas SOMMERARD: > Hello, > > > > I have some issues with Rancid to backup configuration of an HP switch > since it has been update to RA.16.02.0016. > > I?m using rancid 3.2 on CentOs 6.9. > > > > This is the error I get using hlogin in debug : > > Your previous successful login (as manager) was on 2017-06-08 16:17:53 > > from 192.168.1.22 > > LT1-2650-01# > > expect: does "\u001b[?7hYour previous successful login (as manager) was on 2017-06-08 > 16:17:53 \r\r\n from 192.168.1.22\r\r\nLT1-2650-01# " (spawn_id exp3) match glob > pattern "Press any key to continue"? no > > "[Pp]assword"? Gate "?assword"? gate=no > > "#"? yes > > expect: set expect_out(0,string) "#" > > expect: set expect_out(spawn_id) "exp3" > > expect: set expect_out(buffer) "\u001b[?7hYour previous successful login (as manager) was > on 2017-06-08 16:17:53 \r\r\n from 192.168.1.22\r\r\nLT1-2650-01#" > > send: sending "\r" to { exp3 } > > Gate keeper glob pattern for '[ > > ]+' is ''. Not usable, disabling the performance booster. > > Gate keeper glob pattern for '^.+#' is '*#'. Activating booster. > > > > expect: does " " (spawn_id exp3) match regular expression "[\r\n]+"? > (No Gate, RE only) gate=yes re=no > > "^.+#"? Gate "*#"? gate=no > > LT1-2650-01# > > expect: does " \u001b[1M\u001b[1LLT1-2650-01# " (spawn_id exp3) match > regular expression "[\r\n]+"? (No Gate, RE only) gate=yes re=no > > "^.+#"? Gate "*#"? gate=yes re=yes > > expect: set expect_out(0,string) " \u001b[1M\u001b[1LLT1-2650-01#" > > expect: set expect_out(spawn_id) "exp3" > > expect: set expect_out(buffer) " \u001b[1M\u001b[1LLT1-2650-01#" > > send: sending "no page\r" to { exp3 } > > > LT([^#>\r\n]+)?[#>](\\([^)\\r\\n]+\\)) ? couldn't compile > regular expression pattern: parentheses () not balanced > > while executing > > "expect { > > -re $reprompt {} > > -re "\[\n\r]+" { exp_continue } > > }" > > (procedure "run_commands" line 20) > > invoked from within > > "run_commands $prompt $command" > > ("foreach" body line 161) > > invoked from within > > "foreach router [lrange $argv $i end] { > > set router [string tolower $router] > > send_user "$router\n" > > > > # device timeout > > set timeout [find t..." > > (file "/usr/libexec/rancid/hlogin2" line 662) > > > > I?ve seen this subbject : > http://www.shrubbery.net/pipermail/rancid-discuss/2010-June/004995.htm > l > > And I?ve tried to upgrade rancid to 3.6.2 using source but I still have a problem : > > couldn't compile regular expression pattern: brackets [] not balanced > > while executing > > "expect -re $prompt {}" > > ("foreach" body line 163) > > invoked from within > > "foreach router [lrange $argv $i end] { > > set router [string tolower $router] > > send_user "$router\n" > > > > # device timeout > > set timeout [find t..." > > (file "/usr/local/rancid/bin/hlogin" line 666) > > > > Thank you for your help. > > > > Regards, > > > > Lucas Sommerard > > > > > > > > > > > > ml> > > ozitem-participe-au-challenge-contre-la-faim.html> > > > > > > > > > > > > Les informations figurant sur cet e-mail ont un caract?re strictement > confidentiel et sont exclusivement adress?es au destinataire mentionn? > ci-dessus. Tout usage, reproduction ou divulgation de cet e-mail est strictement interdit si vous n'en ?tes pas le destinataire. > Dans ce cas, veuillez nous en avertir imm?diatement par la m?me voie et d?truire l'original. > > PAvant d'imprimer,pensez? l'environnement *?* > > > > > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss > From kirk.mccann at gmail.com Wed Jun 14 18:28:47 2017 From: kirk.mccann at gmail.com (Kirk D Mccann) Date: Wed, 14 Jun 2017 13:28:47 -0500 Subject: [rancid] Cisco Nexus copy command In-Reply-To: <20170614043334.GB84062@shrubbery.net> References: <20170614043334.GB84062@shrubbery.net> Message-ID: Looking in the rancid type base file I found the cisco-nx type. To get the full functionality out of rancid should I allow all the commands listed in there for that user? -Kirk On Tue, Jun 13, 2017 at 11:33 PM, heasley wrote: > Tue, Jun 13, 2017 at 01:55:37PM -0500, Kirk D Mccann: > > I added a rancid user in my switch how can I determine what the exact > copy > > command is so I can add it to the role? > > rancid -t -C > > > Are there any instructions on switching to git instead of cvs? > > no, google for the import process. for the rancid part, run use the alpha > version for git, and update the SCM in rancid.conf. > -------------- next part -------------- An HTML attachment was scrubbed... URL: From heas at shrubbery.net Wed Jun 14 22:29:18 2017 From: heas at shrubbery.net (heasley) Date: Wed, 14 Jun 2017 22:29:18 +0000 Subject: [rancid] Cisco Nexus copy command In-Reply-To: References: <20170614043334.GB84062@shrubbery.net> Message-ID: <20170614222918.GP89424@shrubbery.net> Wed, Jun 14, 2017 at 01:28:47PM -0500, Kirk D Mccann: > Looking in the rancid type base file I found the cisco-nx type. To get the > full functionality out of rancid should I allow all the commands listed in > there for that user? in general, yes. it run all of those commands, plus disable the tty pager and alter the length and width of the tty. > -Kirk > > On Tue, Jun 13, 2017 at 11:33 PM, heasley wrote: > > > Tue, Jun 13, 2017 at 01:55:37PM -0500, Kirk D Mccann: > > > I added a rancid user in my switch how can I determine what the exact > > copy > > > command is so I can add it to the role? > > > > rancid -t -C > > > > > Are there any instructions on switching to git instead of cvs? > > > > no, google for the import process. for the rancid part, run use the alpha > > version for git, and update the SCM in rancid.conf. > > From howie at thingy.com Thu Jun 15 08:29:16 2017 From: howie at thingy.com (Howard Jones) Date: Thu, 15 Jun 2017 09:29:16 +0100 Subject: [rancid] "Stuttering" and line-ending mangling on ASR9000? Message-ID: <00b27adc-6171-104e-0140-cdb06f129363@thingy.com> We have an ASR9001 that registers a change a few times a day that looks like this: --- bgp1 (revision 17595) +++ bgp1 (revision 17596) @@ -1,6 +1,4 @@ -!RANCID-CONTENT-TYPE: cisco -! -!Ch!Chassis type: ASR-9001 - a ASR9K Series router +!RANCID-CONTENT-TYPE: cisco-xr!Ch!Chassis type: ASR-9001 - a ASR9K Series router !CPU: P4040 ! !Memory: main 8388608K Or back the other way. That is, the line endings of the internally generated RANCID content seem to be changing. Also, there is a stutter in there (!Ch!Chassis) in both variations. Also, the content-type switches between cisco and cisco-xr (or is truncated perhaps). Any ideas on where this might be coming from? It would have to be between bin/rancid and lib/rancid/rancid.pm, wouldn't it? This is with rancid 3.6.2, plus a few local patches, but nothing to do with output processing (file naming only). Same install has a couple hundred other devices (no other IOS XR though, I don't think) all working happily. Thanks in advance, Howard From dan.w.anderson at gmail.com Thu Jun 15 12:06:42 2017 From: dan.w.anderson at gmail.com (Dan Anderson) Date: Thu, 15 Jun 2017 08:06:42 -0400 Subject: [rancid] "Stuttering" and line-ending mangling on ASR9000? In-Reply-To: <00b27adc-6171-104e-0140-cdb06f129363@thingy.com> References: <00b27adc-6171-104e-0140-cdb06f129363@thingy.com> Message-ID: <368cba36-a959-4579-8817-dc1f2e04109b@Spark> Do you have multiple entries in your router.db file for the same device (one as type cisco and another as type cisco-xr)? -- Dan On Jun 15, 2017, 7:33 AM -0400, Howard Jones , wrote: > We have an ASR9001 that registers a change a few times a day that looks > like this: > > > --- bgp1 (revision 17595) > +++ bgp1 (revision 17596) > @@ -1,6 +1,4 @@ > -!RANCID-CONTENT-TYPE: cisco > -! > -!Ch!Chassis type: ASR-9001 - a ASR9K Series router > +!RANCID-CONTENT-TYPE: cisco-xr!Ch!Chassis type: ASR-9001 - a ASR9K > Series router > !CPU: P4040 > ! > !Memory: main 8388608K > > > Or back the other way. That is, the line endings of the internally > generated RANCID content seem to be changing. Also, there is a stutter > in there (!Ch!Chassis) in both variations. Also, the content-type > switches between cisco and cisco-xr (or is truncated perhaps). > > Any ideas on where this might be coming from? It would have to be > between bin/rancid and lib/rancid/rancid.pm, wouldn't it? > > This is with rancid 3.6.2, plus a few local patches, but nothing to do > with output processing (file naming only). Same install has a couple > hundred other devices (no other IOS XR though, I don't think) all > working happily. > > Thanks in advance, > > Howard > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss -------------- next part -------------- An HTML attachment was scrubbed... URL: From howie at thingy.com Thu Jun 15 15:16:05 2017 From: howie at thingy.com (Howard Jones) Date: Thu, 15 Jun 2017 16:16:05 +0100 Subject: [rancid] "Stuttering" and line-ending mangling on ASR9000? In-Reply-To: <368cba36-a959-4579-8817-dc1f2e04109b@Spark> References: <00b27adc-6171-104e-0140-cdb06f129363@thingy.com> <368cba36-a959-4579-8817-dc1f2e04109b@Spark> Message-ID: <4c078975-19f4-7b50-0907-52c9031bbbe5@thingy.com> Good catch :-) I guess I was seeing two competing processes writing to the same temp file... Thanks Dan! On 15/06/2017 13:06, Dan Anderson wrote: > Do you have multiple entries in your router.db file for the same > device (one as type cisco and another as type cisco-xr)? > > -- > Dan > > On Jun 15, 2017, 7:33 AM -0400, Howard Jones , wrote: >> We have an ASR9001 that registers a change a few times a day that looks >> like this: >> >> >> --- bgp1 (revision 17595) >> +++ bgp1 (revision 17596) >> @@ -1,6 +1,4 @@ >> -!RANCID-CONTENT-TYPE: cisco >> -! >> -!Ch!Chassis type: ASR-9001 - a ASR9K Series router >> +!RANCID-CONTENT-TYPE: cisco-xr!Ch!Chassis type: ASR-9001 - a ASR9K >> Series router >> !CPU: P4040 >> ! >> !Memory: main 8388608K >> >> >> Or back the other way. That is, the line endings of the internally >> generated RANCID content seem to be changing. Also, there is a stutter >> in there (!Ch!Chassis) in both variations. Also, the content-type >> switches between cisco and cisco-xr (or is truncated perhaps). >> >> Any ideas on where this might be coming from? It would have to be >> between bin/rancid and lib/rancid/rancid.pm, wouldn't it? >> >> This is with rancid 3.6.2, plus a few local patches, but nothing to do >> with output processing (file naming only). Same install has a couple >> hundred other devices (no other IOS XR though, I don't think) all >> working happily. >> >> Thanks in advance, >> >> Howard >> >> _______________________________________________ >> Rancid-discuss mailing list >> Rancid-discuss at shrubbery.net >> http://www.shrubbery.net/mailman/listinfo/rancid-discuss From daniel.schmidt at wyo.gov Fri Jun 16 16:57:12 2017 From: daniel.schmidt at wyo.gov (Daniel Schmidt) Date: Fri, 16 Jun 2017 10:57:12 -0600 Subject: [rancid] Dell PowerConnect Message-ID: User Name: Error: TIMEOUT reached There's a #@(* space in the user name prompt. clogin and dllogin don't like it. flogin likes it, but obviously that won't work. Anybody seen this and made it work? Much thanks. -- E-Mail to and from me, in connection with the transaction of public business, is subject to the Wyoming Public Records Act and may be disclosed to third parties. -------------- next part -------------- An HTML attachment was scrubbed... URL: From AGriesser at anexia-it.com Fri Jun 16 16:59:53 2017 From: AGriesser at anexia-it.com (Alexander Griesser) Date: Fri, 16 Jun 2017 16:59:53 +0000 Subject: [rancid] Dell PowerConnect In-Reply-To: References: Message-ID: <44be4d5c59154d03b7052f56e16183ac@anx-i-dag01.anx.local> Hey, I?m using those two which work well for me. http://mirror.anexia.at/ag/drancid http://mirror.anexia.at/ag/dlogin Best, Alexander Griesser Head of Systems Operations ANEXIA Internetdienstleistungs GmbH E-Mail: AGriesser at anexia-it.com Web: http://www.anexia-it.com Anschrift Hauptsitz Klagenfurt: Feldkirchnerstra?e 140, 9020 Klagenfurt Gesch?ftsf?hrer: Alexander Windbichler Firmenbuch: FN 289918a | Gerichtsstand: Klagenfurt | UID-Nummer: AT U63216601 Von: Rancid-discuss [mailto:rancid-discuss-bounces at shrubbery.net] Im Auftrag von Daniel Schmidt Gesendet: Freitag, 16. Juni 2017 18:57 An: rancid-discuss at shrubbery.net Betreff: [rancid] Dell PowerConnect User Name: Error: TIMEOUT reached There's a #@(* space in the user name prompt. clogin and dllogin don't like it. flogin likes it, but obviously that won't work. Anybody seen this and made it work? Much thanks. E-Mail to and from me, in connection with the transaction of public business, is subject to the Wyoming Public Records Act and may be disclosed to third parties. -------------- next part -------------- An HTML attachment was scrubbed... URL: From daniel.schmidt at wyo.gov Fri Jun 16 19:07:29 2017 From: daniel.schmidt at wyo.gov (Daniel Schmidt) Date: Fri, 16 Jun 2017 13:07:29 -0600 Subject: [rancid] Dell PowerConnect In-Reply-To: <44be4d5c59154d03b7052f56e16183ac@anx-i-dag01.anx.local> References: <44be4d5c59154d03b7052f56e16183ac@anx-i-dag01.anx.local> Message-ID: Cyphertype should have been optional, but I was lazy and didn't fix it correctly. But, that works - Thanks rancid at nacho:~$ diff bin/dlogin dlogin.bak 315,316c315 < # set retval [ catch {spawn $sshcmd -c $cyphertype -x -l $user $router} reason ] < set retval [ catch {spawn $sshcmd -x -l $user $router} reason ] --- > set retval [ catch {spawn $sshcmd -c $cyphertype -x -l $user $router} reason ] 319,320c318 < set retval [ catch {spawn $sshcmd -x -l $user -p $port $router} reason ] < # set retval [ catch {spawn $sshcmd -c $cyphertype -x -l $user -p $port $router} reason ] --- > set retval [ catch {spawn $sshcmd -c $cyphertype -x -l $user -p $port $router} reason ] On Fri, Jun 16, 2017 at 10:59 AM, Alexander Griesser < AGriesser at anexia-it.com> wrote: > Hey, > > > > I?m using those two which work well for me. > > > > http://mirror.anexia.at/ag/drancid > > http://mirror.anexia.at/ag/dlogin > > > > Best, > > > > *Alexander Griesser* > > Head of Systems Operations > > > > ANEXIA Internetdienstleistungs GmbH > > > > E-Mail: AGriesser at anexia-it.com > > Web: http://www.anexia-it.com > > > > Anschrift Hauptsitz Klagenfurt: Feldkirchnerstra?e 140, 9020 Klagenfurt > > Gesch?ftsf?hrer: Alexander Windbichler > > Firmenbuch: FN 289918a | Gerichtsstand: Klagenfurt | UID-Nummer: AT > U63216601 > > > > *Von:* Rancid-discuss [mailto:rancid-discuss-bounces at shrubbery.net] *Im > Auftrag von *Daniel Schmidt > *Gesendet:* Freitag, 16. Juni 2017 18:57 > *An:* rancid-discuss at shrubbery.net > *Betreff:* [rancid] Dell PowerConnect > > > > User Name: > Error: TIMEOUT reached > > There's a #@(* space in the user name prompt. clogin and dllogin don't > like it. flogin likes it, but obviously that won't work. Anybody seen > this and made it work? Much thanks. > > > > E-Mail to and from me, in connection with the transaction > of public business, is subject to the Wyoming Public Records > Act and may be disclosed to third parties. > -- E-Mail to and from me, in connection with the transaction of public business, is subject to the Wyoming Public Records Act and may be disclosed to third parties. -------------- next part -------------- An HTML attachment was scrubbed... URL: From heas at shrubbery.net Fri Jun 16 20:18:22 2017 From: heas at shrubbery.net (heasley) Date: Fri, 16 Jun 2017 20:18:22 +0000 Subject: [rancid] Dell PowerConnect In-Reply-To: <20170616201633.47A7127E7B@sea.shrubbery.net> Message-ID: <20170616201822.GJ32152@shrubbery.net> Fri, Jun 16, 2017 at 10:57:12AM -0600, Daniel Schmidt: > User Name: > Error: TIMEOUT reached > > There's a #@(* space in the user name prompt. clogin and dllogin don't > like it. flogin likes it, but obviously that won't work. Anybody seen > this and made it work? Much thanks. > which powerconnect? use aaa? # SMC and Dell PowerConnect N2048, 35xx (3524, 3524P, 3548, 3548P), N4032F, # N4064, M6348, 64xx (6428), 7048, and M8024(-k) smc;script;srancid smc;login;hlogin Index: bin/hlogin.in =================================================================== --- bin/hlogin.in (revision 3655) +++ bin/hlogin.in (working copy) @@ -441,7 +441,7 @@ # Figure out prompts set u_prompt [find userprompt $router] if { "$u_prompt" == "" } { - set u_prompt "(\[Uu]sername|\[Ll]ogin|user name|Login Name):" + set u_prompt "(\[Uu]sername|\[Ll]ogin|\[Uu]ser \[Nn]ame|Login Name):" } else { set u_prompt [join [lindex $u_prompt 0] ""] } From heas at shrubbery.net Sat Jun 17 02:39:04 2017 From: heas at shrubbery.net (Heasley) Date: Fri, 16 Jun 2017 19:39:04 -0700 Subject: [rancid] hlogin HP J9626A RA.16.02.0016 In-Reply-To: <1b1604b032714cfaaa52bb16663914ff@OZISRVBAL02.OZITEM.LAN> References: <3aead39a34ac49a0bf11b367ce7c392b@OZISRVBAL02.OZITEM.LAN> <833ebbe1-3e82-3170-5606-380bc6b06001@chalmers.se> <1b1604b032714cfaaa52bb16663914ff@OZISRVBAL02.OZITEM.LAN> Message-ID: > Am 14.06.2017 um 05:52 schrieb Lucas SOMMERARD : > > Hello, > > Indeed It works well after adding these filter to hpuifilter. > > Thanks a lot ! > > Regards, > > Lucas SOMMERARD > > > > > > https://fr.surveymonkey.com/r/eventbyowentis > > Les informations figurant sur cet e-mail ont un caract?re strictement confidentiel et sont exclusivement adress?es au destinataire mentionn? ci-dessus. Tout usage, reproduction ou divulgation de cet e-mail est strictement interdit si vous n'en ?tes pas le destinataire. Dans ce cas, veuillez nous en avertir imm?diatement par la m?me voie et d?truire l'original. > Avant d'imprimer, pensez ? l'environnement > > -----Message d'origine----- > De : Per-Olof Olsson [mailto:peo at chalmers.se] > Envoy? : vendredi 9 juin 2017 10:34 > ? : Lucas SOMMERARD ; rancid-discuss at shrubbery.net > Objet : Re: [rancid] hlogin HP J9626A RA.16.02.0016 > > Hello > > Is it new ESC-codes added in late HP/Aruba versionens that make the login problem? > It's possible that You need to patch hpuifilter.c and add filters for ?[?7h?, ?[1L?, and ?[1M?. > > ... >> LT1-2650-01# >> >> expect: does "\u001b[?7hYour previous successful login (as manager) was on 2017-06-08 > ... --------^^^^ > > Look for Subject "rancid with hp5412 J8697A or hp5406" posted on this list mars 24 2017. > These were added to the alpha image and will be in 4.0. > > /Peo > ---------------------------------------------------------- > Per-Olof Olsson Email: peo at chalmers.se > Chalmers tekniska h?gskola IT-avdelningen > Arvid Hedvalls backe 6 412 96 G?teborg > Tel: 031/772 6738 Mob: 0707 88 3708 > ---------------------------------------------------------- > >> Den 2017-06-08 kl. 16:37, skrev Lucas SOMMERARD: >> Hello, >> >> >> >> I have some issues with Rancid to backup configuration of an HP switch >> since it has been update to RA.16.02.0016. >> >> I?m using rancid 3.2 on CentOs 6.9. >> >> >> >> This is the error I get using hlogin in debug : >> >> Your previous successful login (as manager) was on 2017-06-08 16:17:53 >> >> from 192.168.1.22 >> >> LT1-2650-01# >> >> expect: does "\u001b[?7hYour previous successful login (as manager) was on 2017-06-08 >> 16:17:53 \r\r\n from 192.168.1.22\r\r\nLT1-2650-01# " (spawn_id exp3) match glob >> pattern "Press any key to continue"? no >> >> "[Pp]assword"? Gate "?assword"? gate=no >> >> "#"? yes >> >> expect: set expect_out(0,string) "#" >> >> expect: set expect_out(spawn_id) "exp3" >> >> expect: set expect_out(buffer) "\u001b[?7hYour previous successful login (as manager) was >> on 2017-06-08 16:17:53 \r\r\n from 192.168.1.22\r\r\nLT1-2650-01#" >> >> send: sending "\r" to { exp3 } >> >> Gate keeper glob pattern for '[ >> >> ]+' is ''. Not usable, disabling the performance booster. >> >> Gate keeper glob pattern for '^.+#' is '*#'. Activating booster. >> >> >> >> expect: does " " (spawn_id exp3) match regular expression "[\r\n]+"? >> (No Gate, RE only) gate=yes re=no >> >> "^.+#"? Gate "*#"? gate=no >> >> LT1-2650-01# >> >> expect: does " \u001b[1M\u001b[1LLT1-2650-01# " (spawn_id exp3) match >> regular expression "[\r\n]+"? (No Gate, RE only) gate=yes re=no >> >> "^.+#"? Gate "*#"? gate=yes re=yes >> >> expect: set expect_out(0,string) " \u001b[1M\u001b[1LLT1-2650-01#" >> >> expect: set expect_out(spawn_id) "exp3" >> >> expect: set expect_out(buffer) " \u001b[1M\u001b[1LLT1-2650-01#" >> >> send: sending "no page\r" to { exp3 } >> >> >> LT([^#>\r\n]+)?[#>](\\([^)\\r\\n]+\\)) ? couldn't compile >> regular expression pattern: parentheses () not balanced >> >> while executing >> >> "expect { >> >> -re $reprompt {} >> >> -re "\[\n\r]+" { exp_continue } >> >> }" >> >> (procedure "run_commands" line 20) >> >> invoked from within >> >> "run_commands $prompt $command" >> >> ("foreach" body line 161) >> >> invoked from within >> >> "foreach router [lrange $argv $i end] { >> >> set router [string tolower $router] >> >> send_user "$router\n" >> >> >> >> # device timeout >> >> set timeout [find t..." >> >> (file "/usr/libexec/rancid/hlogin2" line 662) >> >> >> >> I?ve seen this subbject : >> http://www.shrubbery.net/pipermail/rancid-discuss/2010-June/004995.htm >> l >> >> And I?ve tried to upgrade rancid to 3.6.2 using source but I still have a problem : >> >> couldn't compile regular expression pattern: brackets [] not balanced >> >> while executing >> >> "expect -re $prompt {}" >> >> ("foreach" body line 163) >> >> invoked from within >> >> "foreach router [lrange $argv $i end] { >> >> set router [string tolower $router] >> >> send_user "$router\n" >> >> >> >> # device timeout >> >> set timeout [find t..." >> >> (file "/usr/local/rancid/bin/hlogin" line 666) >> >> >> >> Thank you for your help. >> >> >> >> Regards, >> >> >> >> Lucas Sommerard >> >> >> >> >> >> >> >> >> >> >> >> > ml> >> >> > ozitem-participe-au-challenge-contre-la-faim.html> >> >> >> >> >> >> >> >> >> >> >> >> Les informations figurant sur cet e-mail ont un caract?re strictement >> confidentiel et sont exclusivement adress?es au destinataire mentionn? >> ci-dessus. Tout usage, reproduction ou divulgation de cet e-mail est strictement interdit si vous n'en ?tes pas le destinataire. >> Dans ce cas, veuillez nous en avertir imm?diatement par la m?me voie et d?truire l'original. >> >> PAvant d'imprimer,pensez? l'environnement *?* >> >> >> >> >> >> _______________________________________________ >> Rancid-discuss mailing list >> Rancid-discuss at shrubbery.net >> http://www.shrubbery.net/mailman/listinfo/rancid-discuss >> > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss From howard at leadmon.net Sat Jun 17 19:45:40 2017 From: howard at leadmon.net (Howard Leadmon) Date: Sat, 17 Jun 2017 15:45:40 -0400 Subject: [rancid] Quit lines in current rancid.. Message-ID: <941a3015-b0c4-02c4-87d6-2ae0292d9872@leadmon.net> A few weeks ago I updated to the current rancid version of 3.6.2 as it fixed some known issues I was running into with the older versions of rancid. The update went well, and it did resolve some of my ASA and WLC issues I was having grabbing Cisco configs, but now I seem to have a new one. As you will see below, I end up with it capturing bits and pieces of the quit messages, so I keep getting + and - updates every run as it backs in and out the bits that aren't being dropped at part of the configs. Mostly seems to happen on our 5508 wireless controllers, but at times I do see it on other devices. Any ideas how to resolve this, as I am not a coder, and it didn't use to do this on the runs.. Index: configs/algmwewircon1 =================================================================== retrieving revision 1.91 diff -u -4 -r1.91 algmwewircon1 @@ -241,8 +241,9 @@ switchconfig strong-pwd consecutive-check enabled switchconfig strong-pwd default-check enabled switchconfig strong-pwd username-check enabled switchconfig strong-pwd position-check disabled + q)uit switchconfig strong-pwd case-digit-check disabled switchconfig strong-pwd minimum upper-case 0 switchconfig strong-pwd minimum lower-case 0 switchconfig strong-pwd minimum digits-chars 0 Index: configs/algmwewircon2 =================================================================== retrieving revision 1.20 diff -u -4 -r1.20 algmwewircon2 @@ -417,8 +417,9 @@ wlan security wpa akm cckm timestamp-tolerance 1000 1 wlan security wpa gtk-random disable 1 wlan security pmf association-comeback 1 1 wlan security pmf saquery-retrytimeout 200 1 + it wlan profiling radius dhcp disable 1 wlan profiling radius http disable 1 wlan enable 1 license boot base Then stuff like this from an earlier run.. Index: configs/algmwewircon2 =================================================================== retrieving revision 1.17 diff -u -4 -r1.17 algmwewircon2 @@ -417,9 +417,8 @@ wlan security wpa akm cckm timestamp-tolerance 1000 1 wlan security wpa gtk-random disable 1 wlan security pmf association-comeback 1 1 wlan security pmf saquery-retrytimeout 200 1 - it wlan profiling radius dhcp disable 1 wlan profiling radius http disable 1 wlan enable 1 license boot base --- Howard Leadmon PBW Communications, LLC http://www.pbwcomm.com From howie at thingy.com Mon Jun 19 14:07:54 2017 From: howie at thingy.com (Howard Jones) Date: Mon, 19 Jun 2017 15:07:54 +0100 Subject: [rancid] Disabling commands without altering rancid.types.base Message-ID: <33f25169-7f23-6b26-da81-0aa1404f634a@thingy.com> I have a few nexus 7000 switches where the contents of bootflash changes very regularly, causing spurious changes. For now, I've commented out some commands in etc/rancid.types.base, against the advice of the manpage. Is there a way to remove commands in rancid.types.conf for an existing device type? # cisco-nx;command;nxos::DirSlotN;dir bootflash: #cisco-nx;command;nxos::DirSlotN;dir debug: #cisco-nx;command;nxos::DirSlotN;dir logflash: #cisco-nx;command;nxos::DirSlotN;dir slot0: #cisco-nx;command;nxos::DirSlotN;dir usb1: #cisco-nx;command;nxos::DirSlotN;dir usb2: #cisco-nx;command;nxos::DirSlotN;dir volatile: From heas at shrubbery.net Mon Jun 19 16:10:09 2017 From: heas at shrubbery.net (heasley) Date: Mon, 19 Jun 2017 16:10:09 +0000 Subject: [rancid] Disabling commands without altering rancid.types.base In-Reply-To: <33f25169-7f23-6b26-da81-0aa1404f634a@thingy.com> References: <33f25169-7f23-6b26-da81-0aa1404f634a@thingy.com> Message-ID: <20170619161009.GC13657@shrubbery.net> Mon, Jun 19, 2017 at 03:07:54PM +0100, Howard Jones: > I have a few nexus 7000 switches where the contents of bootflash changes > very regularly, causing spurious changes. For now, I've commented out > some commands in etc/rancid.types.base, against the advice of the > manpage. Is there a way to remove commands in rancid.types.conf for an > existing device type? > > # cisco-nx;command;nxos::DirSlotN;dir bootflash: > #cisco-nx;command;nxos::DirSlotN;dir debug: > #cisco-nx;command;nxos::DirSlotN;dir logflash: > #cisco-nx;command;nxos::DirSlotN;dir slot0: > #cisco-nx;command;nxos::DirSlotN;dir usb1: > #cisco-nx;command;nxos::DirSlotN;dir usb2: > #cisco-nx;command;nxos::DirSlotN;dir volatile: only by creating a different device definition, such as cisco-nx-thingie, in rancid.types.conf. These changes in the next version (and in the current alpha) might help: nxos.pm: drop bootvar_debug.* log files reported on the ML nxof.pm: Filter vtp_debug.log and vtp_debug_old.log CDETS bug CSCuy87611 - Mark Felder From tannerlyle at gmail.com Mon Jun 19 17:11:28 2017 From: tannerlyle at gmail.com (Tanner Lyle) Date: Mon, 19 Jun 2017 12:11:28 -0500 Subject: [rancid] Fwd: Help ciena-ws Rancid 3.6.2 In-Reply-To: References: Message-ID: Ciena Engineer provided the changes needed, prompts were not matching make following changes to your wavesvros.pm file in /usr/local/rancid/lib/rancid/ [rancid at localhost rancid]$ pwd /usr/local/rancid/lib/rancid *wavesvros.pm * *Line 112* *change this line* while (/>\s*($cmds_regexp)\s*$/) { *to this * while (/[#]\s*($cmds_regexp)\s*$/) { *Line 115* *change this line* $prompt = ($_ =~ /^([^>]+>)/)[0]; *to this* $prompt = ($_ =~ /^([^#]+#)/)[0]; *Line 140* *change this line* if (/>\s*exit/) { *to this* if (/\s*exit/) { *Line 207 add * $found_end = 0; *from this* # This routine parses "configuration show" sub WriteTerm { my($INPUT, $OUTPUT, $cmd) = @_; my($snmp) = 0; print STDERR " In ShowConfiguration: $_" if ($debug); # include the command *to this* # This routine parses "configuration show" sub WriteTerm { my($INPUT, $OUTPUT, $cmd) = @_; my($snmp) = 0; $found_end = 0; print STDERR " In ShowConfiguration: $_" if ($debug); # include the command *Original line 212 now line 214* *from this * while (<$INPUT>) { tr/\015//d; last if (/^$prompt/); /no matching entry found/ && return(-1); # unknown cmd *to this* while (<$INPUT>) { tr/\015//d; return (0) if (/^$prompt/); /no matching entry found/ && return(-1); # unknown cmd return (0) if ($found_end == 1); *Change Line 265* *from this* if (/^! END OF CONFIG:/) { *to this* if (/! END OF CONFIG:/) { For those of you better at reading diffs than me [rancid at localhost rancid]$ diff wavesvros.pm wavesvros.pm.orig 112c112 < while (/[#]\s*($cmds_regexp)\s*$/) { --- > while (/>\s*($cmds_regexp)\s*$/) { 115c115 < $prompt = ($_ =~ /^([^#]+#)/)[0]; --- > $prompt = ($_ =~ /^([^>]+>)/)[0]; 140c140 < if (/\s*exit/) { --- > if (/>\s*exit/) { 207d206 < $found_end = 0; 215c214 < return (0) if (/^$prompt/); --- > last if (/^$prompt/); 217d215 < return (0) if ($found_end == 1); 265c263 < if (/! END OF CONFIG:/) { --- > if (/^! END OF CONFIG:/) { ---------- Forwarded message ---------- From: Tanner Lyle Date: Thu, Jun 8, 2017 at 7:29 AM Subject: Help ciena-ws Rancid 3.6.2 To: rancid-discuss at shrubbery.net I cannot get a Ciena Waveserver (192.168.168.32 in the files) to complete, all commands run and login works but never makes it to the parse output or get a PROMPT MATCH: like it's trying to run the perl module against the device. Trying to gain some traction on this, out of ideas and know how to trouble shoot it. Any suggestions, i think the problem is still in hlogin or in the wavesvros.pm. [rancid at localhost logs]$ export NOPIPE=YES && rancid -d -t ciena-ws 192.168.168.32 loadtype: device type ciena-ws loadtype: found device type ciena-ws in /usr/local/rancid/etc/rancid. types.base executing hlogin -t 120 -c"software show;chassis show;configuration show" 192.168.168.32 192.168.168.32: missed cmd(s): all commands 192.168.168.32: End of run not found ! I can get different devices to complete and run so i don't think it's a permissions or install issue [rancid at localhost logs]$ export NOPIPE=YES && rancid -d -t foundry 10.0.2.2 loadtype: device type foundry loadtype: found device type foundry in /usr/local/rancid/etc/rancid. types.base executing flogin -t 90 -c"show version;show chassis;show module;show media;show media validation;show flash;write term;show running-config" 10.0.2.2 PROMPT MATCH: telnet at LAB_MLX16# HIT COMMAND:telnet at LAB_MLX16#show version In ShowVersion: telnet at LAB_MLX16#show version HIT COMMAND:telnet at LAB_MLX16#show chassis In ShowChassis: telnet at LAB_MLX16#show chassis HIT COMMAND:telnet at LAB_MLX16#show module In ShowModule: telnet at LAB_MLX16#show module HIT COMMAND:telnet at LAB_MLX16#show media In ShowMedia: telnet at LAB_MLX16#show media HIT COMMAND:telnet at LAB_MLX16#show media validation In ShowMedia: telnet at LAB_MLX16#show media validation HIT COMMAND:telnet at LAB_MLX16#show flash In ShowFlash: telnet at LAB_MLX16#show flash HIT COMMAND:telnet at LAB_MLX16#write term In WriteTerm: telnet at LAB_MLX16#write term HIT COMMAND:telnet at LAB_MLX16#show running-config In WriteTerm: telnet at LAB_MLX16#show running-config -------------- next part -------------- An HTML attachment was scrubbed... URL: From daniel.schmidt at wyo.gov Mon Jun 19 17:43:02 2017 From: daniel.schmidt at wyo.gov (Daniel Schmidt) Date: Mon, 19 Jun 2017 11:43:02 -0600 Subject: [rancid] Dell PowerConnect In-Reply-To: <20170616201822.GJ32152@shrubbery.net> References: <20170616201633.47A7127E7B@sea.shrubbery.net> <20170616201822.GJ32152@shrubbery.net> Message-ID: AAA, Dell R1-2401. Set to SMC, change one line, seems to work fine. One annoyance: - !username admin password - !username sysad password The password are no longer removed and they should be. Thanks Heas. On Fri, Jun 16, 2017 at 2:18 PM, heasley wrote: > Fri, Jun 16, 2017 at 10:57:12AM -0600, Daniel Schmidt: > > User Name: > > Error: TIMEOUT reached > > > > There's a #@(* space in the user name prompt. clogin and dllogin don't > > like it. flogin likes it, but obviously that won't work. Anybody seen > > this and made it work? Much thanks. > > > > which powerconnect? use aaa? > > # SMC and Dell PowerConnect N2048, 35xx (3524, 3524P, 3548, 3548P), N4032F, > # N4064, M6348, 64xx (6428), 7048, and M8024(-k) > smc;script;srancid > smc;login;hlogin > > > Index: bin/hlogin.in > =================================================================== > --- bin/hlogin.in (revision 3655) > +++ bin/hlogin.in (working copy) > @@ -441,7 +441,7 @@ > # Figure out prompts > set u_prompt [find userprompt $router] > if { "$u_prompt" == "" } { > - set u_prompt "(\[Uu]sername|\[Ll]ogin|user name|Login Name):" > + set u_prompt "(\[Uu]sername|\[Ll]ogin|\[Uu]ser \[Nn]ame|Login > Name):" > } else { > set u_prompt [join [lindex $u_prompt 0] ""] > } > > -- E-Mail to and from me, in connection with the transaction of public business, is subject to the Wyoming Public Records Act and may be disclosed to third parties. -------------- next part -------------- An HTML attachment was scrubbed... URL: From howie at thingy.com Tue Jun 20 09:00:02 2017 From: howie at thingy.com (Howard Jones) Date: Tue, 20 Jun 2017 10:00:02 +0100 Subject: [rancid] patch for Nexus 9000 'show environment power' Message-ID: <0debc9bc-038d-fc15-b6ef-689b17205dde@thingy.com> On N9K (our 9508 at least), the current power usage has decimal places. !Env: Xb26 N9K-C9508-FM 119.00 W 250.80 W Powered-Up !Env: 27 N9K-SUP-B 76.00 W 79.92 W Powered-Up !Env: 28 N9K-SUP-B 58.00 W 79.92 W Powered-Up !Env: 29 N9K-SC-A 12.00 W 25.20 W Powered-Up !Env: 30 N9K-SC-A 12.00 W 25.20 W Powered-Up I only changed the two-value clause below, since that's the one that fixed my issue. --- nxos.pm-dist 2017-06-20 09:52:44.627985639 +0100 +++ nxos.pm 2017-06-20 09:53:37.712598200 +0100 @@ -468,7 +468,7 @@ # nexus# if (/(.* +)(\d+ W +\d+ W)( +\d+ W.+)/) { $_ = sprintf("%s%-". length($2)."s%s\n", $1, "", $3); - } elsif (/(.* +)(\d+ W)( +\d+ W.+)/) { + } elsif (/(.* +)(\d+\.?\d* W)( +\d+\.?\d* W.+)/) { $_ = sprintf("%s%-". length($2)."s%s\n", $1, "", $3); } From merijn at trans-ix.nl Tue Jun 20 09:09:21 2017 From: merijn at trans-ix.nl (Merijn Evertse) Date: Tue, 20 Jun 2017 09:09:21 +0000 Subject: [rancid] Fortigate OSPF md5-key Message-ID: Hi, We implemented OSPF with md5 keys on our Fortigates and get a diff every hour because of changing hash for the md5-key. I added the following to fnrancid to fix this: # filter ospf md5-keys if (/^(\s*set)\smd5-key\s(.)\s(.*)/ && $filter_osc) { ProcessHistory("","","","#$1 md5-key $2 \n"); next; } Merijn Evertse CTO Aanwezig: maandag t/m donderdag [http://trans-ix.nl/images/trans-ix%20handtekening%20kleur%20trans.png] Disclaimer - De inhoud van dit bericht is alleen bestemd voor de geadresseerde en kan vertrouwelijke of persoonlijke informatie bevatten. Als u dit bericht onbedoeld heeft ontvangen verzoeken wij u het te vernietigen en de afzender te informeren. Het is niet toegestaan om een bericht dat niet voor u bestemd is te vermenigvuldigen dan wel te verspreiden. Aan dit bericht inclusief de bijlagen kunnen geen rechten ontleend worden, tenzij schriftelijk anders wordt overeengekomen. Trans-iX B.V. aanvaardt geen enkele aansprakelijkheid voor schade en/of kosten die voortvloeien uit onvolledige en/of foutieve informatie in e-mailberichten. [https://www.trans-ix.nl/images/Denk%20aan%20milieu%20logo%20trans.png] -------------- next part -------------- An HTML attachment was scrubbed... URL: From merijn at trans-ix.nl Tue Jun 20 10:18:15 2017 From: merijn at trans-ix.nl (Merijn Evertse) Date: Tue, 20 Jun 2017 10:18:15 +0000 Subject: [rancid] Fortigate - tweak suggestion as well as issue with spacing FortiOS >5.4+ In-Reply-To: <94307236e1a145988e5d27b87454c72f@anx-i-dag01.anx.local> References: <20170606064338.GD36856@shrubbery.net> <94cf124f1cd746c78d0da65f9ad2a7aa@anx-i-dag01.anx.local> <008D0235-B66F-468A-BC67-DDC346AD148B@bu.edu> <94307236e1a145988e5d27b87454c72f@anx-i-dag01.anx.local> Message-ID: <0d384ff406ad429090d1619d0022cd6f@exch02.cloudhosted.local> Hi, Latest alpha release still has this issue with FortiOS 5.0. - set two-factor-ftm-expiry 72 + set two-fac + tor-ftm-expiry 72 And - set - admin-https-ssl-versions tlsv1-1 tlsv1-2 + set admin-https-ssl-versions tlsv1-1 tlsv1-2 Merijn Evertse -----Oorspronkelijk bericht----- Van: Rancid-discuss [mailto:rancid-discuss-bounces at shrubbery.net] Namens Alexander Griesser Verzonden: vrijdag 9 juni 2017 14:15 Aan: Piegorsch, Weylin William ; heasley CC: Chris Wopat ; rancid-discuss at shrubbery.net Onderwerp: Re: [rancid] Fortigate - tweak suggestion as well as issue with spacing FortiOS >5.4+ Good point, totally missed that. Best, Alexander Griesser Head of Systems Operations ANEXIA Internetdienstleistungs GmbH E-Mail: AGriesser at anexia-it.com Web: http://www.anexia-it.com Anschrift Hauptsitz Klagenfurt: Feldkirchnerstra?e 140, 9020 Klagenfurt Gesch?ftsf?hrer: Alexander Windbichler Firmenbuch: FN 289918a | Gerichtsstand: Klagenfurt | UID-Nummer: AT U63216601 -----Urspr?ngliche Nachricht----- Von: Piegorsch, Weylin William [mailto:weylin at bu.edu] Gesendet: Freitag, 9. Juni 2017 12:58 An: Alexander Griesser ; heasley Cc: Chris Wopat ; rancid-discuss at shrubbery.net Betreff: Re: [rancid] Fortigate - tweak suggestion as well as issue with spacing FortiOS >5.4+ If you?re asking ?any? device - in Cisco descriptions (FEX descriptions, interface descriptions...) I?ll sometimes add whitespace so that under some ?show? commands I get output alignment. Makes it easy to visually identify errors (typeos, etc) and I?m playing with similar Regex-based automated verification in my vendor tools (PRIME Infrastructure and so forth), and under normal operation non-alignment makes it a bit of a challenge to quickly scan and find the information I?m looking for. I don?t know Forti*, not sure if that applies here. weylin -----Original Message----- From: Griesser Alexander Date: Thursday, June 8, 2017 at 02:36 To: heasley Cc: Chris Wopat , "rancid-discuss at shrubbery.net" Subject: Re: [rancid] Fortigate - tweak suggestion as well as issue with spacing FortiOS >5.4+ > > - next > > + next > > end > > can be fixed by adding "ignore-whitespace" as a diff option which would make sense in all situations I guess; not sure if there's any router/switch/firewall which really cares about whitespace syntax-wise. > True, but this would filter spaces that are legitimate. :) Like which ones? I'm not aware of any legitimate spaces in the configuration of networking devices - does anyone have a syntax example for any device which makes a difference between one or two spaces in the configuration? Best, Alex _______________________________________________ Rancid-discuss mailing list Rancid-discuss at shrubbery.net http://www.shrubbery.net/mailman/listinfo/rancid-discuss From tannerlyle at gmail.com Mon Jun 19 17:14:37 2017 From: tannerlyle at gmail.com (Tanner Lyle) Date: Mon, 19 Jun 2017 12:14:37 -0500 Subject: [rancid] Fixed Ciena-ws Rancid 3.6.2 Message-ID: Ciena Engineer provided the changes needed, prompts were not matching make following changes to your wavesvros.pm file in /usr/local/rancid/lib/rancid/ [rancid at localhost rancid]$ pwd /usr/local/rancid/lib/rancid *wavesvros.pm * *Line 112* *change this line* while (/>\s*($cmds_regexp)\s*$/) { *to this * while (/[#]\s*($cmds_regexp)\s*$/) { *Line 115* *change this line* $prompt = ($_ =~ /^([^>]+>)/)[0]; *to this* $prompt = ($_ =~ /^([^#]+#)/)[0]; *Line 140* *change this line* if (/>\s*exit/) { *to this* if (/\s*exit/) { *Line 207 add * $found_end = 0; *from this* # This routine parses "configuration show" sub WriteTerm { my($INPUT, $OUTPUT, $cmd) = @_; my($snmp) = 0; print STDERR " In ShowConfiguration: $_" if ($debug); # include the command *to this* # This routine parses "configuration show" sub WriteTerm { my($INPUT, $OUTPUT, $cmd) = @_; my($snmp) = 0; $found_end = 0; print STDERR " In ShowConfiguration: $_" if ($debug); # include the command *Original line 212 now line 214* *from this * while (<$INPUT>) { tr/\015//d; last if (/^$prompt/); /no matching entry found/ && return(-1); # unknown cmd *to this* while (<$INPUT>) { tr/\015//d; return (0) if (/^$prompt/); /no matching entry found/ && return(-1); # unknown cmd return (0) if ($found_end == 1); *Change Line 265* *from this* if (/^! END OF CONFIG:/) { *to this* if (/! END OF CONFIG:/) { For those of you better at reading diffs than me [rancid at localhost rancid]$ diff wavesvros.pm wavesvros.pm.orig 112c112 < while (/[#]\s*($cmds_regexp)\s*$/) { --- > while (/>\s*($cmds_regexp)\s*$/) { 115c115 < $prompt = ($_ =~ /^([^#]+#)/)[0]; --- > $prompt = ($_ =~ /^([^>]+>)/)[0]; 140c140 < if (/\s*exit/) { --- > if (/>\s*exit/) { 207d206 < $found_end = 0; 215c214 < return (0) if (/^$prompt/); --- > last if (/^$prompt/); 217d215 < return (0) if ($found_end == 1); 265c263 < if (/! END OF CONFIG:/) { --- > if (/^! END OF CONFIG:/) { ---------- Forwarded message ---------- From: Tanner Lyle Date: Thu, Jun 8, 2017 at 7:29 AM Subject: Help ciena-ws Rancid 3.6.2 To: rancid-discuss at shrubbery.net I cannot get a Ciena Waveserver (192.168.168.32 in the files) to complete, all commands run and login works but never makes it to the parse output or get a PROMPT MATCH: like it's trying to run the perl module against the device. Trying to gain some traction on this, out of ideas and know how to trouble shoot it. Any suggestions, i think the problem is still in hlogin or in the wavesvros.pm. [rancid at localhost logs]$ export NOPIPE=YES && rancid -d -t ciena-ws 192.168.168.32 loadtype: device type ciena-ws loadtype: found device type ciena-ws in /usr/local/rancid/etc/rancid.t ypes.base executing hlogin -t 120 -c"software show;chassis show;configuration show" 192.168.168.32 192.168.168.32: missed cmd(s): all commands 192.168.168.32: End of run not found ! I can get different devices to complete and run so i don't think it's a permissions or install issue [rancid at localhost logs]$ export NOPIPE=YES && rancid -d -t foundry 10.0.2.2 loadtype: device type foundry loadtype: found device type foundry in /usr/local/rancid/etc/rancid.t ypes.base executing flogin -t 90 -c"show version;show chassis;show module;show media;show media validation;show flash;write term;show running-config" 10.0.2.2 PROMPT MATCH: telnet at LAB_MLX16# HIT COMMAND:telnet at LAB_MLX16#show version In ShowVersion: telnet at LAB_MLX16#show version HIT COMMAND:telnet at LAB_MLX16#show chassis In ShowChassis: telnet at LAB_MLX16#show chassis HIT COMMAND:telnet at LAB_MLX16#show module In ShowModule: telnet at LAB_MLX16#show module HIT COMMAND:telnet at LAB_MLX16#show media In ShowMedia: telnet at LAB_MLX16#show media HIT COMMAND:telnet at LAB_MLX16#show media validation In ShowMedia: telnet at LAB_MLX16#show media validation HIT COMMAND:telnet at LAB_MLX16#show flash In ShowFlash: telnet at LAB_MLX16#show flash HIT COMMAND:telnet at LAB_MLX16#write term In WriteTerm: telnet at LAB_MLX16#write term HIT COMMAND:telnet at LAB_MLX16#show running-config In WriteTerm: telnet at LAB_MLX16#show running-config -------------- next part -------------- An HTML attachment was scrubbed... URL: From howie at thingy.com Tue Jun 20 22:06:56 2017 From: howie at thingy.com (Howard Jones) Date: Tue, 20 Jun 2017 23:06:56 +0100 Subject: [rancid] Throttling per-host (odd situation) Message-ID: <2d5b806b-5a31-7b21-709b-ec850716e297@thingy.com> I have a homegrown script for grabbing individual configs from a multi-tenant firewall. It works in conjunction with a small hack to bin/rancid and bin/control_rancid, so that I can have a "host" called firewall1[TENANT1], and it knows to take the part in [] off, and use the remains as a hostname, and also not smash the case of the filename. The upshot of this though, is that I have many connections to the same device as part of a rancid run. The device has a limit on the number of incoming ssh sessions, and even if it didn't I don't really want to DOS it with rancid. I know I can change PAR_COUNT so that it's less than the number of allowed connections, but then a complete run takes over an hour (there are plenty of other devices here) instead of the already-quite-long 30ish minutes with a PAR_COUNT of 10. So - is there any convenient way to have rancid throttle connections for particular devices, groups, or hostnames matching a pattern? Or is it just a case of turn the timeouts up, and the retries up and let it grind through? (each attempt will get connection refused until a slot is open - so I suppose I'd need num_tenants/max_sessions retries, at least, which itself would be dynamic. I realise this is not at all a standard situation, but maybe someone else has similar? Or, e.g. something with access via a serial console server that has similar limitations? Without re-engineering the guts of rancid too much, I'm thinking about something like a pool of lockfiles that clogin (or rancid before it starts clogin) waits on... Thanks in advance for any pointers... Howard From heas at shrubbery.net Tue Jun 20 22:56:30 2017 From: heas at shrubbery.net (heasley) Date: Tue, 20 Jun 2017 22:56:30 +0000 Subject: [rancid] Dell PowerConnect In-Reply-To: <20170620225304.881ED910D4@sea.shrubbery.net> Message-ID: <20170620225630.GK23908@shrubbery.net> Mon, Jun 19, 2017 at 11:43:02AM -0600, Daniel Schmidt: > AAA, Dell R1-2401. Set to SMC, change one line, seems to work fine. > > One annoyance: > - !username admin password > - !username sysad password > > The password are no longer removed and they should be. Thanks Heas. Does this handle it? Or does it have an encryption type indicator? Index: bin/srancid.in =================================================================== --- bin/srancid.in (revision 3660) +++ bin/srancid.in (working copy) @@ -20,6 +20,7 @@ # DELL PowerConnect 62xx # DELL PowerConnect 7048 # DELL 34xx (partially; configuration is incomplete) +# DELL R1-2401 # use 5.010; no warnings 'uninitialized'; @@ -299,6 +300,16 @@ /^oob host config/i && ProcessHistory("","","","!$_") && next; /^empty configuration/i && ProcessHistory("","","","!$_") && next; + if (/^username (\S+)(\s.*)? password \S+|\S+)/) { + if ($filter_pwds >= 1) { + ProcessHistory("USER","keysort","$1", + "!username $1$2 password \n"); + } else { + ProcessHistory("USER","keysort","$1","$_"); + } + next; + } + if (/^password (\S+) encrypted/ && $filter_pwds > 1) { ProcessHistory("","","","!password encrypted\n"); next; From heas at shrubbery.net Tue Jun 20 23:43:12 2017 From: heas at shrubbery.net (heasley) Date: Tue, 20 Jun 2017 23:43:12 +0000 Subject: [rancid] Throttling per-host (odd situation) In-Reply-To: <2d5b806b-5a31-7b21-709b-ec850716e297@thingy.com> References: <2d5b806b-5a31-7b21-709b-ec850716e297@thingy.com> Message-ID: <20170620234312.GL23908@shrubbery.net> Tue, Jun 20, 2017 at 11:06:56PM +0100, Howard Jones: > I have a homegrown script for grabbing individual configs from a > multi-tenant firewall. It works in conjunction with a small hack to > bin/rancid and bin/control_rancid, so that I can have a "host" called > firewall1[TENANT1], and it knows to take the part in [] off, and use the > remains as a hostname, and also not smash the case of the filename. is there a way to collect those configs from a single login? > The upshot of this though, is that I have many connections to the same > device as part of a rancid run. The device has a limit on the number of > incoming ssh sessions, and even if it didn't I don't really want to DOS > it with rancid. I know I can change PAR_COUNT so that it's less than the > number of allowed connections, but then a complete run takes over an > hour (there are plenty of other devices here) instead of the > already-quite-long 30ish minutes with a PAR_COUNT of 10. > > So - is there any convenient way to have rancid throttle connections for > particular devices, groups, or hostnames matching a pattern? Or is it > just a case of turn the timeouts up, and the retries up and let it grind > through? (each attempt will get connection refused until a slot is open > - so I suppose I'd need num_tenants/max_sessions retries, at least, > which itself would be dynamic. > > I realise this is not at all a standard situation, but maybe someone > else has similar? Or, e.g. something with access via a serial console > server that has similar limitations? no; multiple groups, # connections per-device per group? > Without re-engineering the guts of rancid too much, I'm thinking about > something like a pool of lockfiles that clogin (or rancid before it > starts clogin) waits on... you could alter that one script to remove the [] portion of the device name and use that for a lock name. so long as the par could was large enough to avoid all the proc blocking on one device, ... > Thanks in advance for any pointers... > > Howard > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss From Wayne.Eisenberg at CarolinasIT.com Wed Jun 21 06:26:51 2017 From: Wayne.Eisenberg at CarolinasIT.com (Wayne Eisenberg) Date: Wed, 21 Jun 2017 06:26:51 +0000 Subject: [rancid] ssh problems In-Reply-To: <20170515221403.GD20701@shrubbery.net> References: <20170511144354.GB7377@shrubbery.net> <20170512154253.GB22183@shrubbery.net> <20170515221403.GD20701@shrubbery.net> Message-ID: No change. If we can get that filtering device dealt with, I'll update you. -----Original Message----- From: 'heasley' [mailto:heas at shrubbery.net] Sent: Monday, May 15, 2017 6:14 PM To: Wayne Eisenberg Cc: 'heasley'; 'Scott Granados'; 'rancid-discuss at shrubbery.net' Subject: Re: [rancid] ssh problems Mon, May 15, 2017 at 07:49:52PM +0000, Wayne Eisenberg: > Well, I did as you suggested and nothing changed. There are no problems contacting dozens of other devices with the exact same key. I'll let you know how it goes once that other device is updated. it should no longer produce the same error though; correct? ________________________________ The information in this Internet e-mail (and any attachments) is confidential, may be legally privileged and is intended solely for the Addressee(s) named above. If you are not the intended recipient, or the employee or agent responsible for delivering it to the intended recipient, then any dissemination or copying of this e-mail (and any attachments) is prohibited and may be unlawful. If you received this e-mail in error, please immediately notify us by e-mail or telephone, then delete the message. Thank you. From Wayne.Eisenberg at CarolinasIT.com Wed Jun 21 06:36:34 2017 From: Wayne.Eisenberg at CarolinasIT.com (Wayne Eisenberg) Date: Wed, 21 Jun 2017 06:36:34 +0000 Subject: [rancid] svn replication Message-ID: Anyone have any experience with replicating the rancid svn database between sites that are firewalled off from each other? ________________________________ The information in this Internet e-mail (and any attachments) is confidential, may be legally privileged and is intended solely for the Addressee(s) named above. If you are not the intended recipient, or the employee or agent responsible for delivering it to the intended recipient, then any dissemination or copying of this e-mail (and any attachments) is prohibited and may be unlawful. If you received this e-mail in error, please immediately notify us by e-mail or telephone, then delete the message. Thank you. -------------- next part -------------- An HTML attachment was scrubbed... URL: From merijn at trans-ix.nl Wed Jun 21 11:51:58 2017 From: merijn at trans-ix.nl (Merijn Evertse) Date: Wed, 21 Jun 2017 11:51:58 +0000 Subject: [rancid] Fortigate issue with alpha release Message-ID: <418a672ef2b644eaab91323293a83005@exch02.cloudhosted.local> Hi, I upgraded rancid to Alpha release and came across a problem with FortiGate systems. Fnlogin # invalid command name " # " while executing "$junk = "(^\\$ $)"" invoked from within "expect { -re "\[\r\n]+" { exp_continue; } -re "^(.+$prompt)" { set junk $expect_out(0,string); if {[$junk = "(^\\$ $)"]} { set prom..." ("foreach" body line 79) invoked from within "foreach router [lrange $argv $i end] { set router [string tolower $router] send_user "$router\n" # FortiOS 2.x prompts can end in either ..." (file "/home/rancid/bin/fnlogin" line 569) Will investigate further myself, but maybe someone already knows what is causing this. Regards, Merijn Evertse Trans-iX -------------- next part -------------- An HTML attachment was scrubbed... URL: From heas at shrubbery.net Wed Jun 21 16:00:10 2017 From: heas at shrubbery.net (heasley) Date: Wed, 21 Jun 2017 16:00:10 +0000 Subject: [rancid] Fortigate issue with alpha release In-Reply-To: <418a672ef2b644eaab91323293a83005@exch02.cloudhosted.local> References: <418a672ef2b644eaab91323293a83005@exch02.cloudhosted.local> Message-ID: <20170621160010.GC24264@shrubbery.net> Wed, Jun 21, 2017 at 11:51:58AM +0000, Merijn Evertse: > Hi, > > I upgraded rancid to Alpha release and came across a problem with FortiGate systems. > > Fnlogin > # invalid command name " # " > while executing > "$junk = "(^\\$ $)"" ^ == but that does not seem like the intended behavior. This is probably better: Index: bin/fnlogin.in =================================================================== --- bin/fnlogin.in (revision 3660) +++ bin/fnlogin.in (working copy) @@ -599,12 +599,11 @@ send "\r" expect { -re "\[\r\n]+" { exp_continue; } - -re "^(.+$prompt)" { set junk $expect_out(0,string); } - if {[$junk = "(^\\$ $)"]} { - set prompt $junk; - } else { - if {[$junk = "(^# $)"]} { set prompt $junk ; } - }; + -re "^(.+$prompt)" { + regsub -all "^[#\\$]+[#\\$] " $expect_out(0,string) {} junk + regsub -all "\[\]\[\(\)]" $junk {\\&} junk; + set prompt "^$junk"; + } } if { $do_command || $do_script } { would you verify that this works, please? grumble. I wish that I had one of every device to test against. > invoked from within > "expect { > -re "\[\r\n]+" { exp_continue; } > -re "^(.+$prompt)" { set junk $expect_out(0,string); > if {[$junk = "(^\\$ $)"]} { > set prom..." > ("foreach" body line 79) > invoked from within > "foreach router [lrange $argv $i end] { > set router [string tolower $router] > send_user "$router\n" > > # FortiOS 2.x prompts can end in either ..." > (file "/home/rancid/bin/fnlogin" line 569) > > Will investigate further myself, but maybe someone already knows what is causing this. > > Regards, > > Merijn Evertse > Trans-iX > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss From merijn at trans-ix.nl Wed Jun 21 16:08:16 2017 From: merijn at trans-ix.nl (Merijn Evertse) Date: Wed, 21 Jun 2017 16:08:16 +0000 Subject: [rancid] Fortigate issue with alpha release In-Reply-To: <20170621160010.GC24264@shrubbery.net> References: <418a672ef2b644eaab91323293a83005@exch02.cloudhosted.local> <20170621160010.GC24264@shrubbery.net> Message-ID: Hi, # missing close-bracket while executing "regsub -all "^[" invoked from within "expect { -re "\[\r\n]+" { exp_continue; } -re "^(.+$prompt)" { regsub -all "^[#\\$]+[#\\$] " $expect_out(0,s..." ("foreach" body line 79) invoked from within "foreach router [lrange $argv $i end] { set router [string tolower $router] send_user "$router\n" # FortiOS 2.x prompts can end in either ..." (file "/home/rancid/bin/fnlogin" line 569) Merijn Evertse Trans-iX -----Oorspronkelijk bericht----- Van: heasley [mailto:heas at shrubbery.net] Verzonden: woensdag 21 juni 2017 18:00 Aan: Merijn Evertse CC: rancid-discuss at shrubbery.net Onderwerp: Re: [rancid] Fortigate issue with alpha release Wed, Jun 21, 2017 at 11:51:58AM +0000, Merijn Evertse: > Hi, > > I upgraded rancid to Alpha release and came across a problem with FortiGate systems. > > Fnlogin > # invalid command name " # " > while executing > "$junk = "(^\\$ $)"" ^ == but that does not seem like the intended behavior. This is probably better: Index: bin/fnlogin.in =================================================================== --- bin/fnlogin.in (revision 3660) +++ bin/fnlogin.in (working copy) @@ -599,12 +599,11 @@ send "\r" expect { -re "\[\r\n]+" { exp_continue; } - -re "^(.+$prompt)" { set junk $expect_out(0,string); } - if {[$junk = "(^\\$ $)"]} { - set prompt $junk; - } else { - if {[$junk = "(^# $)"]} { set prompt $junk ; } - }; + -re "^(.+$prompt)" { + regsub -all "^[#\\$]+[#\\$] " $expect_out(0,string) {} junk + regsub -all "\[\]\[\(\)]" $junk {\\&} junk; + set prompt "^$junk"; + } } if { $do_command || $do_script } { would you verify that this works, please? grumble. I wish that I had one of every device to test against. > invoked from within > "expect { > -re "\[\r\n]+" { exp_continue; } > -re "^(.+$prompt)" { set junk $expect_out(0,string); > if {[$junk = "(^\\$ $)"]} { > set prom..." > ("foreach" body line 79) > invoked from within > "foreach router [lrange $argv $i end] { > set router [string tolower $router] > send_user "$router\n" > > # FortiOS 2.x prompts can end in either ..." > (file "/home/rancid/bin/fnlogin" line 569) > > Will investigate further myself, but maybe someone already knows what is causing this. > > Regards, > > Merijn Evertse > Trans-iX > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss From heas at shrubbery.net Wed Jun 21 16:17:17 2017 From: heas at shrubbery.net (heasley) Date: Wed, 21 Jun 2017 16:17:17 +0000 Subject: [rancid] Fortigate issue with alpha release In-Reply-To: References: <418a672ef2b644eaab91323293a83005@exch02.cloudhosted.local> <20170621160010.GC24264@shrubbery.net> Message-ID: <20170621161717.GB94345@shrubbery.net> Wed, Jun 21, 2017 at 04:08:16PM +0000, Merijn Evertse: > Hi, > > # missing close-bracket > while executing > "regsub -all "^[" > invoked from within > "expect { > -re "\[\r\n]+" { exp_continue; } > -re "^(.+$prompt)" { > regsub -all "^[#\\$]+[#\\$] " $expect_out(0,s..." grumble. the [s need a \ > ("foreach" body line 79) > invoked from within > "foreach router [lrange $argv $i end] { > set router [string tolower $router] > send_user "$router\n" > > # FortiOS 2.x prompts can end in either ..." > (file "/home/rancid/bin/fnlogin" line 569) > > Merijn Evertse > Trans-iX > > -----Oorspronkelijk bericht----- > Van: heasley [mailto:heas at shrubbery.net] > Verzonden: woensdag 21 juni 2017 18:00 > Aan: Merijn Evertse > CC: rancid-discuss at shrubbery.net > Onderwerp: Re: [rancid] Fortigate issue with alpha release > > Wed, Jun 21, 2017 at 11:51:58AM +0000, Merijn Evertse: > > Hi, > > > > I upgraded rancid to Alpha release and came across a problem with FortiGate systems. > > > > Fnlogin > > # invalid command name " # " > > while executing > > "$junk = "(^\\$ $)"" > ^ == > > but that does not seem like the intended behavior. This is probably > better: > > Index: bin/fnlogin.in > =================================================================== > --- bin/fnlogin.in (revision 3660) > +++ bin/fnlogin.in (working copy) > @@ -599,12 +599,11 @@ > send "\r" > expect { > -re "\[\r\n]+" { exp_continue; } > - -re "^(.+$prompt)" { set junk $expect_out(0,string); } > - if {[$junk = "(^\\$ $)"]} { > - set prompt $junk; > - } else { > - if {[$junk = "(^# $)"]} { set prompt $junk ; } > - }; > + -re "^(.+$prompt)" { > + regsub -all "^[#\\$]+[#\\$] " $expect_out(0,string) {} junk > + regsub -all "\[\]\[\(\)]" $junk {\\&} junk; > + set prompt "^$junk"; > + } > } > > if { $do_command || $do_script } { > > would you verify that this works, please? > > grumble. I wish that I had one of every device to test against. > > > invoked from within > > "expect { > > -re "\[\r\n]+" { exp_continue; } > > -re "^(.+$prompt)" { set junk $expect_out(0,string); > > if {[$junk = "(^\\$ $)"]} { > > set prom..." > > ("foreach" body line 79) > > invoked from within > > "foreach router [lrange $argv $i end] { > > set router [string tolower $router] > > send_user "$router\n" > > > > # FortiOS 2.x prompts can end in either ..." > > (file "/home/rancid/bin/fnlogin" line 569) > > > > Will investigate further myself, but maybe someone already knows what is causing this. > > > > Regards, > > > > Merijn Evertse > > Trans-iX > > > _______________________________________________ > > Rancid-discuss mailing list > > Rancid-discuss at shrubbery.net > > http://www.shrubbery.net/mailman/listinfo/rancid-discuss From merijn at trans-ix.nl Wed Jun 21 16:32:09 2017 From: merijn at trans-ix.nl (Merijn Evertse) Date: Wed, 21 Jun 2017 16:32:09 +0000 Subject: [rancid] Fortigate issue with alpha release In-Reply-To: <20170621161717.GB94345@shrubbery.net> References: <418a672ef2b644eaab91323293a83005@exch02.cloudhosted.local> <20170621160010.GC24264@shrubbery.net> <20170621161717.GB94345@shrubbery.net> Message-ID: <994e27701fd94f94ad8bbd4e48103a60@exch02.cloudhosted.local> Hi, Yes, working: -re "^(.+$prompt)" { regsub -all "^\[#\\$\]+\[#\\$\] " $expect_out(0,string) {} junk; regsub -all "\[\]\[\(\)\]" $junk {\\&} junk; set prompt "^$junk"; } Thanks, I will run it on a batch of Fortigate units. Merijn Evertse -----Oorspronkelijk bericht----- Van: heasley [mailto:heas at shrubbery.net] Verzonden: woensdag 21 juni 2017 18:17 Aan: Merijn Evertse CC: heasley ; rancid-discuss at shrubbery.net Onderwerp: Re: [rancid] Fortigate issue with alpha release Wed, Jun 21, 2017 at 04:08:16PM +0000, Merijn Evertse: > Hi, > > # missing close-bracket > while executing > "regsub -all "^[" > invoked from within > "expect { > -re "\[\r\n]+" { exp_continue; } > -re "^(.+$prompt)" { > regsub -all "^[#\\$]+[#\\$] " $expect_out(0,s..." grumble. the [s need a \ > ("foreach" body line 79) > invoked from within > "foreach router [lrange $argv $i end] { > set router [string tolower $router] > send_user "$router\n" > > # FortiOS 2.x prompts can end in either ..." > (file "/home/rancid/bin/fnlogin" line 569) > > Merijn Evertse > Trans-iX > > -----Oorspronkelijk bericht----- > Van: heasley [mailto:heas at shrubbery.net] > Verzonden: woensdag 21 juni 2017 18:00 > Aan: Merijn Evertse > CC: rancid-discuss at shrubbery.net > Onderwerp: Re: [rancid] Fortigate issue with alpha release > > Wed, Jun 21, 2017 at 11:51:58AM +0000, Merijn Evertse: > > Hi, > > > > I upgraded rancid to Alpha release and came across a problem with FortiGate systems. > > > > Fnlogin > > # invalid command name " # " > > while executing > > "$junk = "(^\\$ $)"" > ^ == > > but that does not seem like the intended behavior. This is probably > better: > > Index: bin/fnlogin.in > =================================================================== > --- bin/fnlogin.in (revision 3660) > +++ bin/fnlogin.in (working copy) > @@ -599,12 +599,11 @@ > send "\r" > expect { > -re "\[\r\n]+" { exp_continue; } > - -re "^(.+$prompt)" { set junk $expect_out(0,string); } > - if {[$junk = "(^\\$ $)"]} { > - set prompt $junk; > - } else { > - if {[$junk = "(^# $)"]} { set prompt $junk ; } > - }; > + -re "^(.+$prompt)" { > + regsub -all "^[#\\$]+[#\\$] " $expect_out(0,string) {} junk > + regsub -all "\[\]\[\(\)]" $junk {\\&} junk; > + set prompt "^$junk"; > + } > } > > if { $do_command || $do_script } { > > would you verify that this works, please? > > grumble. I wish that I had one of every device to test against. > > > invoked from within > > "expect { > > -re "\[\r\n]+" { exp_continue; } > > -re "^(.+$prompt)" { set junk $expect_out(0,string); > > if {[$junk = "(^\\$ $)"]} { > > set prom..." > > ("foreach" body line 79) > > invoked from within > > "foreach router [lrange $argv $i end] { > > set router [string tolower $router] > > send_user "$router\n" > > > > # FortiOS 2.x prompts can end in either ..." > > (file "/home/rancid/bin/fnlogin" line 569) > > > > Will investigate further myself, but maybe someone already knows what is causing this. > > > > Regards, > > > > Merijn Evertse > > Trans-iX > > > _______________________________________________ > > Rancid-discuss mailing list > > Rancid-discuss at shrubbery.net > > http://www.shrubbery.net/mailman/listinfo/rancid-discuss From heas at shrubbery.net Wed Jun 21 16:39:55 2017 From: heas at shrubbery.net (heasley) Date: Wed, 21 Jun 2017 16:39:55 +0000 Subject: [rancid] Fortigate issue with alpha release In-Reply-To: <994e27701fd94f94ad8bbd4e48103a60@exch02.cloudhosted.local> References: <418a672ef2b644eaab91323293a83005@exch02.cloudhosted.local> <20170621160010.GC24264@shrubbery.net> <20170621161717.GB94345@shrubbery.net> <994e27701fd94f94ad8bbd4e48103a60@exch02.cloudhosted.local> Message-ID: <20170621163954.GC94345@shrubbery.net> Wed, Jun 21, 2017 at 04:32:09PM +0000, Merijn Evertse: > Hi, > > Yes, working: > -re "^(.+$prompt)" { > regsub -all "^\[#\\$\]+\[#\\$\] " $expect_out(0,string) {} junk; > regsub -all "\[\]\[\(\)\]" $junk {\\&} junk; > set prompt "^$junk"; > } > > Thanks, I will run it on a batch of Fortigate units. excellent. Please verify that -x works too and that $prompt is receiving a proper value, which should be something like "^hostname # " From heas at shrubbery.net Wed Jun 21 18:38:10 2017 From: heas at shrubbery.net (heasley) Date: Wed, 21 Jun 2017 18:38:10 +0000 Subject: [rancid] patch for Nexus 9000 'show environment power' In-Reply-To: <0debc9bc-038d-fc15-b6ef-689b17205dde@thingy.com> References: <0debc9bc-038d-fc15-b6ef-689b17205dde@thingy.com> Message-ID: <20170621183810.GG94345@shrubbery.net> Tue, Jun 20, 2017 at 10:00:02AM +0100, Howard Jones: > On N9K (our 9508 at least), the current power usage has decimal places. > > !Env: Xb26 N9K-C9508-FM 119.00 W 250.80 W Powered-Up > !Env: 27 N9K-SUP-B 76.00 W 79.92 W Powered-Up > !Env: 28 N9K-SUP-B 58.00 W 79.92 W Powered-Up > !Env: 29 N9K-SC-A 12.00 W 25.20 W Powered-Up > !Env: 30 N9K-SC-A 12.00 W 25.20 W Powered-Up > > I only changed the two-value clause below, since that's the one that > fixed my issue. > > --- nxos.pm-dist 2017-06-20 09:52:44.627985639 +0100 > +++ nxos.pm 2017-06-20 09:53:37.712598200 +0100 > @@ -468,7 +468,7 @@ > # nexus# > if (/(.* +)(\d+ W +\d+ W)( +\d+ W.+)/) { > $_ = sprintf("%s%-". length($2)."s%s\n", $1, "", $3); > - } elsif (/(.* +)(\d+ W)( +\d+ W.+)/) { > + } elsif (/(.* +)(\d+\.?\d* W)( +\d+\.?\d* W.+)/) { > $_ = sprintf("%s%-". length($2)."s%s\n", $1, "", $3); > } > afaict, it is not consistent, perhaps by o/s version. Perhaps this instead? Index: lib/nxos.pm.in =================================================================== --- lib/nxos.pm.in (revision 3660) +++ lib/nxos.pm.in (working copy) @@ -421,8 +421,8 @@ # nexus# if (/(.* +)(\d+ W +\d+ W)( +\d+ W.+)/) { $_ = sprintf("%s%-". length($2)."s%s\n", $1, "", $3); - } elsif (/(.* +)(\d+ W)( +\d+ W.+)/) { - $_ = sprintf("%s%-". length($2)."s%s\n", $1, "", $3); + } elsif (/(.* +)(\d+(\.\d+)? W)( +\d+(\.\d+)? W.+)/) { + $_ = sprintf("%s%-". length($2)."s%s\n", $1, "", $4); } /actual draw/ && next; # Drop changing total power output. Does that work? From merijn at trans-ix.nl Wed Jun 21 19:02:44 2017 From: merijn at trans-ix.nl (Merijn Evertse) Date: Wed, 21 Jun 2017 19:02:44 +0000 Subject: [rancid] Fortigate issue with alpha release In-Reply-To: <20170621163954.GC94345@shrubbery.net> References: <418a672ef2b644eaab91323293a83005@exch02.cloudhosted.local> <20170621160010.GC24264@shrubbery.net> <20170621161717.GB94345@shrubbery.net> <994e27701fd94f94ad8bbd4e48103a60@exch02.cloudhosted.local> <20170621163954.GC94345@shrubbery.net> Message-ID: <8eadbf5f94ac4462ab73612fdb6b7cb7@exch02.cloudhosted.local> Hi, How do i use -x? The devices fail during the run with 'End of run not found' Merijn Evertse -----Oorspronkelijk bericht----- Van: heasley [mailto:heas at shrubbery.net] Verzonden: woensdag 21 juni 2017 18:40 Aan: Merijn Evertse CC: heasley ; rancid-discuss at shrubbery.net Onderwerp: Re: [rancid] Fortigate issue with alpha release Wed, Jun 21, 2017 at 04:32:09PM +0000, Merijn Evertse: > Hi, > > Yes, working: > -re "^(.+$prompt)" { > regsub -all "^\[#\\$\]+\[#\\$\] " $expect_out(0,string) {} junk; > regsub -all "\[\]\[\(\)\]" $junk {\\&} junk; > set prompt "^$junk"; > } > > Thanks, I will run it on a batch of Fortigate units. excellent. Please verify that -x works too and that $prompt is receiving a proper value, which should be something like "^hostname # " From heas at shrubbery.net Wed Jun 21 19:09:42 2017 From: heas at shrubbery.net (heasley) Date: Wed, 21 Jun 2017 19:09:42 +0000 Subject: [rancid] Fortigate issue with alpha release In-Reply-To: <8eadbf5f94ac4462ab73612fdb6b7cb7@exch02.cloudhosted.local> References: <418a672ef2b644eaab91323293a83005@exch02.cloudhosted.local> <20170621160010.GC24264@shrubbery.net> <20170621161717.GB94345@shrubbery.net> <994e27701fd94f94ad8bbd4e48103a60@exch02.cloudhosted.local> <20170621163954.GC94345@shrubbery.net> <8eadbf5f94ac4462ab73612fdb6b7cb7@exch02.cloudhosted.local> Message-ID: <20170621190942.GK94345@shrubbery.net> Wed, Jun 21, 2017 at 07:02:44PM +0000, Merijn Evertse: > Hi, > > How do i use -x? fnlogin -x inputfile device -x Similar to the -c option; -x specifies a file with commands to run on each of the routers. The commands must not expect additional input, such as 'copy rcp startup-config' does. For example: show version show logging > The devices fail during the run with 'End of run not found' hmm, lets take this offlist to save folk's mailboxes. > Merijn Evertse > > -----Oorspronkelijk bericht----- > Van: heasley [mailto:heas at shrubbery.net] > Verzonden: woensdag 21 juni 2017 18:40 > Aan: Merijn Evertse > CC: heasley ; rancid-discuss at shrubbery.net > Onderwerp: Re: [rancid] Fortigate issue with alpha release > > Wed, Jun 21, 2017 at 04:32:09PM +0000, Merijn Evertse: > > Hi, > > > > Yes, working: > > -re "^(.+$prompt)" { > > regsub -all "^\[#\\$\]+\[#\\$\] " $expect_out(0,string) {} junk; > > regsub -all "\[\]\[\(\)\]" $junk {\\&} junk; > > set prompt "^$junk"; > > } > > > > Thanks, I will run it on a batch of Fortigate units. > > excellent. Please verify that -x works too and that $prompt is receiving a proper value, which should be something like "^hostname # " From weylin at bu.edu Wed Jun 21 20:52:52 2017 From: weylin at bu.edu (Piegorsch, Weylin William) Date: Wed, 21 Jun 2017 20:52:52 +0000 Subject: [rancid] Throttling per-host (odd situation) In-Reply-To: <2d5b806b-5a31-7b21-709b-ec850716e297@thingy.com> References: <2d5b806b-5a31-7b21-709b-ec850716e297@thingy.com> Message-ID: Hello, This might not be using rancid to independently solve your challenge, but whatever. Can you split this into multiple groups, each tenant gets it?s own group (with one device in router.db), and then you can schedule do-diffs for the various groups at staggered times? weylin -----Original Message----- From: Howard Jones Date: Tuesday, June 20, 2017 at 18:06 To: Subject: [rancid] Throttling per-host (odd situation) I have a homegrown script for grabbing individual configs from a multi-tenant firewall. It works in conjunction with a small hack to bin/rancid and bin/control_rancid, so that I can have a "host" called firewall1[TENANT1], and it knows to take the part in [] off, and use the remains as a hostname, and also not smash the case of the filename. The upshot of this though, is that I have many connections to the same device as part of a rancid run. The device has a limit on the number of incoming ssh sessions, and even if it didn't I don't really want to DOS it with rancid. I know I can change PAR_COUNT so that it's less than the number of allowed connections, but then a complete run takes over an hour (there are plenty of other devices here) instead of the already-quite-long 30ish minutes with a PAR_COUNT of 10. So - is there any convenient way to have rancid throttle connections for particular devices, groups, or hostnames matching a pattern? Or is it just a case of turn the timeouts up, and the retries up and let it grind through? (each attempt will get connection refused until a slot is open - so I suppose I'd need num_tenants/max_sessions retries, at least, which itself would be dynamic. I realise this is not at all a standard situation, but maybe someone else has similar? Or, e.g. something with access via a serial console server that has similar limitations? Without re-engineering the guts of rancid too much, I'm thinking about something like a pool of lockfiles that clogin (or rancid before it starts clogin) waits on... Thanks in advance for any pointers... Howard From daniel.schmidt at wyo.gov Thu Jun 22 18:21:03 2017 From: daniel.schmidt at wyo.gov (Daniel Schmidt) Date: Thu, 22 Jun 2017 12:21:03 -0600 Subject: [rancid] Dell PowerConnect In-Reply-To: <20170620225630.GK23908@shrubbery.net> References: <20170620225304.881ED910D4@sea.shrubbery.net> <20170620225630.GK23908@shrubbery.net> Message-ID: Unmatched ) in regex; marked by <-- HERE in m/^username (\S+)(\s.*)? password \S+|\S+) <-- HERE / at /var/lib/rancid/bin/srancid line 336. I really should get a book on regex, I'm no good at it. Backslash wrong way? On Tue, Jun 20, 2017 at 4:56 PM, heasley wrote: > Mon, Jun 19, 2017 at 11:43:02AM -0600, Daniel Schmidt: > > AAA, Dell R1-2401. Set to SMC, change one line, seems to work fine. > > > > One annoyance: > > - !username admin password > > - !username sysad password > > > > The password are no longer removed and they should be. Thanks Heas. > > Does this handle it? Or does it have an encryption type indicator? > > Index: bin/srancid.in > =================================================================== > --- bin/srancid.in (revision 3660) > +++ bin/srancid.in (working copy) > @@ -20,6 +20,7 @@ > # DELL PowerConnect 62xx > # DELL PowerConnect 7048 > # DELL 34xx (partially; configuration is incomplete) > +# DELL R1-2401 > # > use 5.010; > no warnings 'uninitialized'; > @@ -299,6 +300,16 @@ > /^oob host config/i && ProcessHistory("","","","!$_") && next; > /^empty configuration/i && ProcessHistory("","","","!$_") && next; > > + if (/^username (\S+)(\s.*)? password \S+|\S+)/) { > + if ($filter_pwds >= 1) { > + ProcessHistory("USER","keysort","$1", > + "!username $1$2 password \n"); > + } else { > + ProcessHistory("USER","keysort","$1","$_"); > + } > + next; > + } > + > if (/^password (\S+) encrypted/ && $filter_pwds > 1) { > ProcessHistory("","","","!password encrypted\n"); > next; > > -- E-Mail to and from me, in connection with the transaction of public business, is subject to the Wyoming Public Records Act and may be disclosed to third parties. -------------- next part -------------- An HTML attachment was scrubbed... URL: From AGriesser at anexia-it.com Thu Jun 22 18:34:21 2017 From: AGriesser at anexia-it.com (Alexander Griesser) Date: Thu, 22 Jun 2017 18:34:21 +0000 Subject: [rancid] Dell PowerConnect In-Reply-To: References: <20170620225304.881ED910D4@sea.shrubbery.net> <20170620225630.GK23908@shrubbery.net> Message-ID: <092f3a44f55f4df285f0c6dd0c18f5a6@anx-i-dag01.anx.local> There?s a superfluent ) at the end or a missing one somewhere before, don#t know what exactly you want to do here, but maybe you could try: m/^username (\S+)(\s.*)? password (\S+|\s+)/ If you want to match case insensitive string, you could also add ?i? at the end, f.ex.: m/^username (\S+)(\s.*)? password (\S+|\s+)/i but I?m not sure if this does what you want it to do. What are you trying to match here? Your regex matches: * the string ?username? followed by a space * at least one non-whitespace character * optional whitespace * a mandatory space * the string ?password? followed by another space * at least one none-whitespace character or at least one whitespace character Is that what it should match? Alexander Griesser Head of Systems Operations ANEXIA Internetdienstleistungs GmbH E-Mail: AGriesser at anexia-it.com Web: http://www.anexia-it.com Anschrift Hauptsitz Klagenfurt: Feldkirchnerstra?e 140, 9020 Klagenfurt Gesch?ftsf?hrer: Alexander Windbichler Firmenbuch: FN 289918a | Gerichtsstand: Klagenfurt | UID-Nummer: AT U63216601 Von: Rancid-discuss [mailto:rancid-discuss-bounces at shrubbery.net] Im Auftrag von Daniel Schmidt Gesendet: Donnerstag, 22. Juni 2017 20:21 An: heasley Cc: rancid-discuss at shrubbery.net Betreff: Re: [rancid] Dell PowerConnect Unmatched ) in regex; marked by <-- HERE in m/^username (\S+)(\s.*)? password \S+|\S+) <-- HERE / at /var/lib/rancid/bin/srancid line 336. I really should get a book on regex, I'm no good at it. Backslash wrong way? On Tue, Jun 20, 2017 at 4:56 PM, heasley > wrote: Mon, Jun 19, 2017 at 11:43:02AM -0600, Daniel Schmidt: > AAA, Dell R1-2401. Set to SMC, change one line, seems to work fine. > > One annoyance: > - !username admin password > - !username sysad password > > The password are no longer removed and they should be. Thanks Heas. Does this handle it? Or does it have an encryption type indicator? Index: bin/srancid.in =================================================================== --- bin/srancid.in (revision 3660) +++ bin/srancid.in (working copy) @@ -20,6 +20,7 @@ # DELL PowerConnect 62xx # DELL PowerConnect 7048 # DELL 34xx (partially; configuration is incomplete) +# DELL R1-2401 # use 5.010; no warnings 'uninitialized'; @@ -299,6 +300,16 @@ /^oob host config/i && ProcessHistory("","","","!$_") && next; /^empty configuration/i && ProcessHistory("","","","!$_") && next; + if (/^username (\S+)(\s.*)? password \S+|\S+)/) { + if ($filter_pwds >= 1) { + ProcessHistory("USER","keysort","$1", + "!username $1$2 password \n"); + } else { + ProcessHistory("USER","keysort","$1","$_"); + } + next; + } + if (/^password (\S+) encrypted/ && $filter_pwds > 1) { ProcessHistory("","","","!password encrypted\n"); next; E-Mail to and from me, in connection with the transaction of public business, is subject to the Wyoming Public Records Act and may be disclosed to third parties. -------------- next part -------------- An HTML attachment was scrubbed... URL: From doug.hughes at keystonenap.com Thu Jun 22 18:34:51 2017 From: doug.hughes at keystonenap.com (Doug Hughes) Date: Thu, 22 Jun 2017 14:34:51 -0400 Subject: [rancid] Dell PowerConnect In-Reply-To: References: <20170620225304.881ED910D4@sea.shrubbery.net> <20170620225630.GK23908@shrubbery.net> Message-ID: <81cecf60-8771-3bd8-13ea-2c5dcaaf8ec8@keystonenap.com> regex are notoriously tough to debug and just take practice. I think your problem here is that the m syntax is m// and you appear to be missing the second / that surrounds the regex On 6/22/2017 2:21 PM, Daniel Schmidt wrote: > Unmatched ) in regex; marked by <-- HERE in m/^username (\S+)(\s.*)? > password \S+|\S+) <-- HERE / at /var/lib/rancid/bin/srancid line 336. > > I really should get a book on regex, I'm no good at it. Backslash > wrong way? > > > > On Tue, Jun 20, 2017 at 4:56 PM, heasley > wrote: > > Mon, Jun 19, 2017 at 11:43:02AM -0600, Daniel Schmidt: > > AAA, Dell R1-2401. Set to SMC, change one line, seems to work fine. > > > > One annoyance: > > - !username admin password > > - !username sysad password > > > > The password are no longer removed and they should be. Thanks Heas. > > Does this handle it? Or does it have an encryption type indicator? > > Index: bin/srancid.in > =================================================================== > --- bin/srancid.in (revision 3660) > +++ bin/srancid.in (working copy) > @@ -20,6 +20,7 @@ > # DELL PowerConnect 62xx > # DELL PowerConnect 7048 > # DELL 34xx (partially; configuration is incomplete) > +# DELL R1-2401 > # > use 5.010; > no warnings 'uninitialized'; > @@ -299,6 +300,16 @@ > /^oob host config/i && ProcessHistory("","","","!$_") && next; > /^empty configuration/i && ProcessHistory("","","","!$_") > && next; > > + if (/^username (\S+)(\s.*)? password \S+|\S+)/) { > + if ($filter_pwds >= 1) { > + ProcessHistory("USER","keysort","$1", > + "!username $1$2 password \n"); > + } else { > + ProcessHistory("USER","keysort","$1","$_"); > + } > + next; > + } > + > if (/^password (\S+) encrypted/ && $filter_pwds > 1) { > ProcessHistory("","","","!password > encrypted\n"); > next; > > > > > E-Mail to and from me, in connection with the transaction > of public business, is subject to the Wyoming Public Records > Act and may be disclosed to third parties. > > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss -- Doug Hughes Keystone NAP Fairless Hills, PA 1.844.KEYBLOCK (539.2562) -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: keystone-nap.png Type: image/png Size: 3476 bytes Desc: not available URL: From heas at shrubbery.net Thu Jun 22 18:48:34 2017 From: heas at shrubbery.net (heasley) Date: Thu, 22 Jun 2017 18:48:34 +0000 Subject: [rancid] Dell PowerConnect In-Reply-To: References: <20170620225304.881ED910D4@sea.shrubbery.net> <20170620225630.GK23908@shrubbery.net> Message-ID: <20170622184834.GK63048@shrubbery.net> Thu, Jun 22, 2017 at 12:21:03PM -0600, Daniel Schmidt: > Unmatched ) in regex; marked by <-- HERE in m/^username (\S+)(\s.*)? > password \S+|\S+) <-- HERE / at /var/lib/rancid/bin/srancid line 336. > > I really should get a book on regex, I'm no good at it. Backslash wrong > way? > please try the last one that I sent you on Tue; or ftp://ftp.shrubbery.net/pub/rancid/alpha/ > > On Tue, Jun 20, 2017 at 4:56 PM, heasley wrote: > > > Mon, Jun 19, 2017 at 11:43:02AM -0600, Daniel Schmidt: > > > AAA, Dell R1-2401. Set to SMC, change one line, seems to work fine. > > > > > > One annoyance: > > > - !username admin password > > > - !username sysad password > > > > > > The password are no longer removed and they should be. Thanks Heas. > > > > Does this handle it? Or does it have an encryption type indicator? > > > > Index: bin/srancid.in > > =================================================================== > > --- bin/srancid.in (revision 3660) > > +++ bin/srancid.in (working copy) > > @@ -20,6 +20,7 @@ > > # DELL PowerConnect 62xx > > # DELL PowerConnect 7048 > > # DELL 34xx (partially; configuration is incomplete) > > +# DELL R1-2401 > > # > > use 5.010; > > no warnings 'uninitialized'; > > @@ -299,6 +300,16 @@ > > /^oob host config/i && ProcessHistory("","","","!$_") && next; > > /^empty configuration/i && ProcessHistory("","","","!$_") && next; > > > > + if (/^username (\S+)(\s.*)? password \S+|\S+)/) { > > + if ($filter_pwds >= 1) { > > + ProcessHistory("USER","keysort","$1", > > + "!username $1$2 password \n"); > > + } else { > > + ProcessHistory("USER","keysort","$1","$_"); > > + } > > + next; > > + } > > + > > if (/^password (\S+) encrypted/ && $filter_pwds > 1) { > > ProcessHistory("","","","!password encrypted\n"); > > next; > > > > > > -- > > E-Mail to and from me, in connection with the transaction > of public business, is subject to the Wyoming Public Records > Act and may be disclosed to third parties. From Vicky_Ingle at bose.com Fri Jun 23 19:06:53 2017 From: Vicky_Ingle at bose.com (Ingle, Vicky) Date: Fri, 23 Jun 2017 19:06:53 +0000 Subject: [rancid] Rancid CVS issue In-Reply-To: References: <20170616170906.GF32152@shrubbery.net> Message-ID: Hi team, Can someone assist me here. Thanks & Regards, Vicky Ingle CIS I&O Operations Command Center Desk: 508-215-0999 / Ext: 69280 -----Original Message----- From: Ingle, Vicky Sent: Friday, June 16, 2017 1:50 PM To: 'rancid-discuss at shrubbery.net' Subject: FW: Rancid CVS issue Hi team, Can anyone assist me on this issue? Thanks & Regards, Vicky Ingle CIS I&O Operations Command Center Desk: 508-215-0999 / Ext: 69280 -----Original Message----- From: heas at shrubbery.net [mailto:heas at shrubbery.net] Sent: Friday, June 16, 2017 1:09 PM To: Ingle, Vicky Cc: rancid at shrubbery.net Subject: Re: Rancid CVS issue Fri, Jun 16, 2017 at 04:10:40PM +0000, Ingle, Vicky: > Hi, > > I'm having issues with our rancid/CVS config, as its not updating in a timely manner. We do have a cronjob. > > Let me know if someone from the technical team can work with me on this. please see rancid FAQ for various CVS FAQs and/or email to rancid-discuss at shrubbery.net with contents of the group's logs and the output of cvs update for the group. From doug.hughes at keystonenap.com Fri Jun 23 20:39:53 2017 From: doug.hughes at keystonenap.com (Doug Hughes) Date: Fri, 23 Jun 2017 16:39:53 -0400 Subject: [rancid] Rancid CVS issue In-Reply-To: References: <20170616170906.GF32152@shrubbery.net> Message-ID: can you include more information? Is it that rancid is not storing in CVS, that your CVS check-out is not updating from your rancid info, or other? On 6/23/2017 3:06 PM, Ingle, Vicky wrote: > Hi team, > > Can someone assist me here. > > Thanks & Regards, > Vicky Ingle > CIS I&O Operations Command Center > Desk: 508-215-0999 / Ext: 69280 > > > -----Original Message----- > From: Ingle, Vicky > Sent: Friday, June 16, 2017 1:50 PM > To: 'rancid-discuss at shrubbery.net' > Subject: FW: Rancid CVS issue > > Hi team, > > Can anyone assist me on this issue? > > Thanks & Regards, > Vicky Ingle > CIS I&O Operations Command Center > Desk: 508-215-0999 / Ext: 69280 > > > -----Original Message----- > From: heas at shrubbery.net [mailto:heas at shrubbery.net] > Sent: Friday, June 16, 2017 1:09 PM > To: Ingle, Vicky > Cc: rancid at shrubbery.net > Subject: Re: Rancid CVS issue > > Fri, Jun 16, 2017 at 04:10:40PM +0000, Ingle, Vicky: >> Hi, >> >> I'm having issues with our rancid/CVS config, as its not updating in a timely manner. We do have a cronjob. >> >> Let me know if someone from the technical team can work with me on this. > please see rancid FAQ for various CVS FAQs and/or email to rancid-discuss at shrubbery.net with contents of the group's logs and the output of cvs update for the group. > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss -- Doug Hughes Keystone NAP Fairless Hills, PA 1.844.KEYBLOCK (539.2562) -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: keystone-nap.png Type: image/png Size: 3476 bytes Desc: not available URL: From merijn at trans-ix.nl Mon Jun 26 07:30:59 2017 From: merijn at trans-ix.nl (Merijn Evertse) Date: Mon, 26 Jun 2017 07:30:59 +0000 Subject: [rancid] Vyos config with Alpha release Message-ID: Goodmorning, Starting with the alpha release Rancid we get the following diff a couple of times a day: - translation { + show configuration commands | no-more + translation { So the command is captured in the output. For now it seems that the line ending issue we had before is resolved/replaced with this ? This happens on Vyos 1.1.7, on several different installations. Merijn Evertse Trans-iX -------------- next part -------------- An HTML attachment was scrubbed... URL: From merijn at trans-ix.nl Mon Jun 26 07:41:46 2017 From: merijn at trans-ix.nl (Merijn Evertse) Date: Mon, 26 Jun 2017 07:41:46 +0000 Subject: [rancid] Vyos config with Alpha release In-Reply-To: References: Message-ID: <67c93318092a497c865a44754a61d675@exch02.cloudhosted.local> Hi, Another example - # bios_vendor: show hardware pci - # American Megatrends Inc. + # bios_vendor: American Megatrends Inc. Different command. Regards, Merijn Evertse Van: Rancid-discuss [mailto:rancid-discuss-bounces at shrubbery.net] Namens Merijn Evertse Verzonden: maandag 26 juni 2017 09:31 Aan: rancid-discuss at shrubbery.net Onderwerp: [rancid] Vyos config with Alpha release Goodmorning, Starting with the alpha release Rancid we get the following diff a couple of times a day: - translation { + show configuration commands | no-more + translation { So the command is captured in the output. For now it seems that the line ending issue we had before is resolved/replaced with this ? This happens on Vyos 1.1.7, on several different installations. Merijn Evertse Trans-iX -------------- next part -------------- An HTML attachment was scrubbed... URL: From Vicky_Ingle at bose.com Mon Jun 26 12:10:11 2017 From: Vicky_Ingle at bose.com (Ingle, Vicky) Date: Mon, 26 Jun 2017 12:10:11 +0000 Subject: [rancid] Rancid CVS issue In-Reply-To: References: <20170616170906.GF32152@shrubbery.net> Message-ID: We have a linux server where in Rancid 3.1 and below is the cronjob (run as user pp71402) root at neptune:(06-24 23:14): /root # su - pp71402 pp71402 at neptune:(06-24 23:14): /users/pp71402/aws # crontab -l 30 0 * * * /usr/bin/php /users/pp71402/public_html/netadmin/rancid.php 30 1 * * * /users/pp71402/rancid/bin/rancid-run 30 5 * * * /usr/bin/sudo /bin/chmod a+rw /users/pp71402/rancid/var/MA/configs/* 30 6 * * * /usr/bin/php /users/pp71402/public_html/netadmin/getinfo.php So we can see that the rancid-run is scheduled to be run every night. But it's not downloading the configs for all the devices. I have verified that I'm able to login to those devices via clogin without any issues, I have checked the router.db file and they are listed correctly. Secondly routers.up files reports the devices as up. When I try to see the logs, the devices are not listed in it. So not sure what parameters/logs to check for further troubleshooting Thanks & Regards, Vicky Ingle CIS I&O Operations Command Center Desk: 508-215-0999 / Ext: 69280 -----Original Message----- From: Ingle, Vicky Sent: Friday, June 23, 2017 3:23 PM To: 'rancid-discuss at shrubbery.net' Subject: RE: Rancid CVS issue Please approve this query, let me know if there are no updates on the device will it download the configs? I have scheduled rancid to run every night, but when I try to see the updates it now getting updated on a daily basis. Need assistance on priority, as we are running on a production environment. Thanks & Regards, Vicky Ingle CIS I&O Operations Command Center Desk: 508-215-0999 / Ext: 69280 -----Original Message----- From: Ingle, Vicky Sent: Friday, June 23, 2017 3:07 PM To: 'rancid-discuss at shrubbery.net' Subject: RE: Rancid CVS issue Hi team, Can someone assist me here. Thanks & Regards, Vicky Ingle CIS I&O Operations Command Center Desk: 508-215-0999 / Ext: 69280 -----Original Message----- From: Ingle, Vicky Sent: Friday, June 16, 2017 1:50 PM To: 'rancid-discuss at shrubbery.net' Subject: FW: Rancid CVS issue Hi team, Can anyone assist me on this issue? Thanks & Regards, Vicky Ingle CIS I&O Operations Command Center Desk: 508-215-0999 / Ext: 69280 -----Original Message----- From: heas at shrubbery.net [mailto:heas at shrubbery.net] Sent: Friday, June 16, 2017 1:09 PM To: Ingle, Vicky Cc: rancid at shrubbery.net Subject: Re: Rancid CVS issue Fri, Jun 16, 2017 at 04:10:40PM +0000, Ingle, Vicky: > Hi, > > I'm having issues with our rancid/CVS config, as its not updating in a timely manner. We do have a cronjob. > > Let me know if someone from the technical team can work with me on this. please see rancid FAQ for various CVS FAQs and/or email to rancid-discuss at shrubbery.net with contents of the group's logs and the output of cvs update for the group. From heas at shrubbery.net Mon Jun 26 14:37:10 2017 From: heas at shrubbery.net ('heasley') Date: Mon, 26 Jun 2017 14:37:10 +0000 Subject: [rancid] Avoid Boot Flash :Flash changes in cisco routers In-Reply-To: <047601d2ee82$e2143520$a63c9f60$@sltnet.lk> References: <008a01d2e4bf$c5a706f0$50f514d0$@sltnet.lk> <20170614045102.GD84062@shrubbery.net> <047601d2ee82$e2143520$a63c9f60$@sltnet.lk> Message-ID: <20170626143710.GA31559@shrubbery.net> Mon, Jun 26, 2017 at 07:18:25PM +0530, Nalin Fernando: > Dear Rancid Team, > > > > I have Rancid running. I have the problem of getting mails about Changes of > Router ROM and Flash In Cisco routers, which is really disturbing. Even > without any config change, still I am getting rancid mails regard to Boot > Flash NVRAM, Flash changes. Please let me know how to avoid these details in > Frequent emails. > > I upgraded the Rancid to latest version rancid-3.6.2. but still I have the > problem of getting unwanted output of Flash and boot flash in mails. > > Please let me know how to resolve this issue. > > !Image: disk0:asr9k-os-mbi-5.3.4/0x100305/mbiasr9k-rsp3.vm > > - !Image: Wed Jun 14 15:40:36.981 IST i suspect that you are limiting what commands the rancid user can run. it must be able to run all the commands in rancid -C -t cisco-xr From heas at shrubbery.net Mon Jun 26 14:50:05 2017 From: heas at shrubbery.net ('heasley') Date: Mon, 26 Jun 2017 14:50:05 +0000 Subject: [rancid] Avoid Boot Flash :Flash changes in cisco routers In-Reply-To: <047e01d2ee8a$fe1a7510$fa4f5f30$@sltnet.lk> References: <008a01d2e4bf$c5a706f0$50f514d0$@sltnet.lk> <20170614045102.GD84062@shrubbery.net> <047601d2ee82$e2143520$a63c9f60$@sltnet.lk> <20170626143710.GA31559@shrubbery.net> <047e01d2ee8a$fe1a7510$fa4f5f30$@sltnet.lk> Message-ID: <20170626145005.GB31559@shrubbery.net> Mon, Jun 26, 2017 at 08:16:28PM +0530, Nalin Fernando: > Dear Mr.Heasley, > > I have not limited the commands. I want rancid to stop sending mails about > frequent Flash, NVRAM, BootFlash changes of cisco xr routers. I have set to > run Rancid hourly. So every Hour I am getting below mail for cisco xr > routers. > > !Image: disk0:asr9k-os-mbi-5.3.4/0x100305/mbiasr9k-rsp3.vm > - !Image: Mon Jun 26 19:02:05.124 IST > + !Image: Mon Jun 26 20:02:04.335 IST the line is from the tty timestamp mis-feature, disabled with on of terminal no-timestamp terminal exec prompt no-timestamp if you want to disable dir commands in rancid, see rancid.types.conf(5). From kpnalin at sltnet.lk Mon Jun 26 14:46:28 2017 From: kpnalin at sltnet.lk (Nalin Fernando) Date: Mon, 26 Jun 2017 20:16:28 +0530 Subject: [rancid] Avoid Boot Flash :Flash changes in cisco routers In-Reply-To: <20170626143710.GA31559@shrubbery.net> References: <008a01d2e4bf$c5a706f0$50f514d0$@sltnet.lk> <20170614045102.GD84062@shrubbery.net> <047601d2ee82$e2143520$a63c9f60$@sltnet.lk> <20170626143710.GA31559@shrubbery.net> Message-ID: <047e01d2ee8a$fe1a7510$fa4f5f30$@sltnet.lk> Dear Mr.Heasley, I have not limited the commands. I want rancid to stop sending mails about frequent Flash, NVRAM, BootFlash changes of cisco xr routers. I have set to run Rancid hourly. So every Hour I am getting below mail for cisco xr routers. retrieving revision 1.635 diff -u -4 -r1.635 dr-tr-1 @@ -7,9 +7,9 @@ ! ! ! !Image: disk0:asr9k-os-mbi-5.3.4/0x100305/mbiasr9k-rsp3.vm - !Image: Mon Jun 26 19:02:05.124 IST + !Image: Mon Jun 26 20:02:04.335 IST !Image: Secure Domain Router: Owner !Image: Node 0/RSP0/CPU0 [RP] [SDR: Owner] !Image: Boot Device: disk0: !Image: Boot Image: /disk0/asr9k-os-mbi-5.3.4/0x100305/mbiasr9k-rsp3.vm @@ -45,33 +45,33 @@ ! !ROM Bootstrap: Version 0.75(c) 1994-2012 by Cisco Systems, Inc. ! ! - !BootFlash: Mon Jun 26 19:02:12.460 IST + !BootFlash: Mon Jun 26 20:02:11.661 IST !BootFlash: BOOT variable = disk0:asr9k-os-mbi-5.3.4/0x100305/mbiasr9k-rsp3.vm,1; !BootFlash: CONFREG variable = 0x2102 ! - !BootFlash: Mon Jun 26 19:02:12.533 IST + !BootFlash: Mon Jun 26 20:02:11.727 IST !BootFlash: BOOT variable = disk0:asr9k-os-mbi-5.3.4/0x100305/mbiasr9k-rsp3.vm,1; !BootFlash: CONFREG variable = 0x2102 ! - !BootFlash: Mon Jun 26 19:02:12.594 IST + !BootFlash: Mon Jun 26 20:02:11.797 IST !BootFlash: BOOT variable = disk0:asr9k-os-mbi-5.3.4/0x100305/mbiasr9k-rsp3.vm,1; !BootFlash: CONFREG variable = 0x2102 ! - ! Mon Jun 26 19:02:12.672 IST + ! Mon Jun 26 20:02:11.865 IST ! Info : There are no features or licenses to display. ! - ! Mon Jun 26 19:02:12.759 IST + ! Mon Jun 26 20:02:11.961 IST ! Info : There are no features or licenses to display. ! - ! Mon Jun 26 19:02:12.852 IST + ! Mon Jun 26 20:02:12.042 IST ! Info : There are no features or licenses to display. ! - ! Mon Jun 26 19:02:12.939 IST + ! Mon Jun 26 20:02:12.142 IST ! Info : There are no features or licenses to display. ! - !Flash: nvram: Mon Jun 26 19:02:13.115 IST + !Flash: nvram: Mon Jun 26 20:02:12.304 IST !Flash: nvram: Directory of nvram: !Flash: nvram: 504 -r-- 5 classic-public-config !Flash: nvram: 505 -r-- 254 classic-rommon-var !Flash: nvram: 1 -rw- 142 spm_db @@ -81,11 +81,11 @@ !Flash: nvram: 5 -rw- 21002 samlog !Flash: nvram: 27 -rw- 135 redfs_ocb_force_sync !Flash: nvram: 515072 bytes total (476 KB free) ! - !Flash: bootflash: Mon Jun 26 19:02:13.178 IST - !Flash: slot0: Mon Jun 26 19:02:13.241 IST - !Flash: disk0: Mon Jun 26 19:02:13.287 IST + !Flash: bootflash: Mon Jun 26 20:02:12.367 IST + !Flash: slot0: Mon Jun 26 20:02:12.414 IST + !Flash: disk0: Mon Jun 26 20:02:12.480 IST !Flash: disk0: Directory of disk0: !Flash: disk0: 46194 -r-- 2954492 Sat Apr 1 22:41:14 2045 .bitmap !Flash: disk0: 17 -r-- 2220032 Sat Apr 1 22:41:14 2045 .inodes !Flash: disk0: 18 -rw- 0 Sat Apr 1 22:41:14 2045 .boot @@ -162,10 +162,10 @@ !Flash: disk0: 13457093 drwx 4096 Tue Mar 28 01:26:11 2017 cfgmgr !Flash: disk0: 7509692 -rw- 7291 Tue Mar 28 01:28:39 2017 sam_certdb !Flash: disk0: 12101599232 bytes total (9 GB free) ! - !Flash: slot1: Mon Jun 26 19:02:13.376 IST - !Flash: disk1: Mon Jun 26 19:02:13.441 IST + !Flash: slot1: Mon Jun 26 20:02:12.564 IST + !Flash: disk1: Mon Jun 26 20:02:12.612 IST !Flash: disk1: Directory of disk1: !Flash: disk1: 46194 -r-- 2954492 Sat Apr 1 22:41:15 2045 .bitmap !Flash: disk1: 17 -r-- 8192 Sat Apr 1 22:41:15 2045 .inodes !Flash: disk1: 18 -rw- 0 Sat Apr 1 22:41:15 2045 .boot @@ -174,11 +174,11 @@ !Flash: disk1: 46200 -r-- 0 Sat Apr 1 22:41:15 2045 .longfilenames !Flash: disk1: 46201 drwx 4096 Wed Apr 1 22:49:06 2015 LOST.DIR !Flash: disk1: 12101599232 bytes total (11 GB free) ! - !Flash: slot2: Mon Jun 26 19:02:13.504 IST - !Flash: disk2: Mon Jun 26 19:02:13.546 IST - !Flash: harddisk: Mon Jun 26 19:02:13.593 IST + !Flash: slot2: Mon Jun 26 20:02:12.684 IST + !Flash: disk2: Mon Jun 26 20:02:12.748 IST + !Flash: harddisk: Mon Jun 26 20:02:12.792 IST !Flash: harddisk: Directory of harddisk: !Flash: harddisk: 24490 -r-- 1565436 Sat Apr 1 22:41:16 2045 .bitmap !Flash: harddisk: 17 -r-- 8192 Sat Apr 1 22:41:16 2045 .inodes !Flash: harddisk: 18 -rw- 0 Sat Apr 1 22:41:16 2045 .boot @@ -215,9 +215,9 @@ !Flash: harddisk: 24524 -rw- 0 Tue Mar 28 01:10:00 2017 errmsg_cont !Flash: harddisk: 24525 drwx 4096 Tue Mar 28 01:20:31 2017 zllog !Flash: harddisk: 6412025856 bytes total (4 GB free) ! - !Flash: harddiska: Mon Jun 26 19:02:13.666 IST + !Flash: harddiska: Mon Jun 26 20:02:12.857 IST !Flash: harddiska: Directory of harddiska: !Flash: harddiska: 3090 -r-- 195840 Sat Apr 1 22:41:22 2045 .bitmap !Flash: harddiska: 17 -r-- 8192 Sat Apr 1 22:41:22 2045 .inodes !Flash: harddiska: 18 -rw- 0 Sat Apr 1 22:41:22 2045 .boot @@ -225,48 +225,48 @@ !Flash: harddiska: 3095 drwx 4096 Wed Apr 1 22:49:12 2015 LOST.DIR !Flash: harddiska: 3096 -r-- 0 Sat Apr 1 22:41:22 2045 .longfilenames !Flash: harddiska: 3097 -rw- 1136 Tue Mar 28 01:28:57 2017 uptime_hist !Flash: harddiska: 3153 -rw- 40 Tue Mar 28 01:28:57 2017 uptime_static_data - !Flash: harddiska: 3099 -rw- 87680 Mon Jun 26 18:50:00 2017 uptime_cont + !Flash: harddiska: 3099 -rw- 87720 Mon Jun 26 19:50:00 2017 uptime_cont !Flash: harddiska: 3100 -rw- 36 Tue Mar 28 01:28:59 2017 env_static_data !Flash: harddiska: 3101 -rw- 0 Tue Mar 28 01:08:41 2017 env_hist !Flash: harddiska: 3102 -rw- 156 Tue Mar 28 01:29:01 2017 env_cont !Flash: harddiska: 3103 -rw- 268 Tue Mar 28 01:10:33 2017 temp_static_data !Flash: harddiska: 3104 -rw- 0 Tue Mar 28 01:08:41 2017 temp_hist - !Flash: harddiska: 3105 -rw- 147000 Mon Jun 26 18:55:43 2017 temp_cont + !Flash: harddiska: 3105 -rw- 147072 Mon Jun 26 20:00:29 2017 temp_cont !Flash: harddiska: 3106 -rw- 1196 Tue Mar 28 01:10:37 2017 volt_static_data !Flash: harddiska: 3107 -rw- 0 Tue Mar 28 01:08:41 2017 volt_hist - !Flash: harddiska: 3108 -rw- 293112 Mon Jun 26 18:43:31 2017 volt_cont + !Flash: harddiska: 3108 -rw- 293256 Mon Jun 26 19:48:20 2017 volt_cont !Flash: harddiska: 3109 -rw- 0 Tue Mar 28 01:08:41 2017 errmsg_hist !Flash: harddiska: 3110 -rw- 758 Tue Mar 28 01:52:52 2017 errmsg_cont !Flash: harddiska: 3111 -rw- 24 Wed Apr 1 16:56:46 2015 diag_hist !Flash: harddiska: 3112 -rw- 24 Wed Apr 1 16:56:48 2015 diag_cont !Flash: harddiska: 802160640 bytes total (764 MB free) ! - !Flash: harddiskb: Mon Jun 26 19:02:13.725 IST + !Flash: harddiskb: Mon Jun 26 20:02:12.922 IST !Flash: harddiskb: Directory of harddiskb: !Flash: harddiskb: 3 drwx 4096 Wed Apr 1 22:49:12 2015 LOST.DIR !Flash: harddiskb: 767090688 bytes total (731 MB free) ! - !Flash: sup-bootdisk: Mon Jun 26 19:02:13.771 IST - !Flash: sup-microcode: Mon Jun 26 19:02:13.879 IST - !Flash: slavenvram: Mon Jun 26 19:02:13.923 IST - !Flash: slavebootflash: Mon Jun 26 19:02:13.967 IST - !Flash: slaveslot0: Mon Jun 26 19:02:14.008 IST - !Flash: slavedisk0: Mon Jun 26 19:02:14.054 IST - !Flash: slaveslot1: Mon Jun 26 19:02:14.100 IST - !Flash: slavedisk1: Mon Jun 26 19:02:14.149 IST - !Flash: slaveslot2: Mon Jun 26 19:02:14.205 IST - !Flash: slavedisk2: Mon Jun 26 19:02:14.252 IST - !Flash: slavesup-bootflash: Mon Jun 26 19:02:14.299 IST - !Flash: sec-nvram: Mon Jun 26 19:02:14.367 IST - !Flash: sec-bootflash: Mon Jun 26 19:02:14.411 IST - !Flash: sec-slot0: Mon Jun 26 19:02:14.473 IST - !Flash: sec-disk0: Mon Jun 26 19:02:14.536 IST - !Flash: sec-slot1: Mon Jun 26 19:02:14.579 IST - !Flash: sec-disk1: Mon Jun 26 19:02:14.626 IST - !Flash: sec-slot2: Mon Jun 26 19:02:14.701 IST - !Flash: sec-disk2: Mon Jun 26 19:02:14.758 IST + !Flash: sup-bootdisk: Mon Jun 26 20:02:12.967 IST + !Flash: sup-microcode: Mon Jun 26 20:02:13.100 IST + !Flash: slavenvram: Mon Jun 26 20:02:13.162 IST + !Flash: slavebootflash: Mon Jun 26 20:02:13.205 IST + !Flash: slaveslot0: Mon Jun 26 20:02:13.250 IST + !Flash: slavedisk0: Mon Jun 26 20:02:13.296 IST + !Flash: slaveslot1: Mon Jun 26 20:02:13.361 IST + !Flash: slavedisk1: Mon Jun 26 20:02:13.425 IST + !Flash: slaveslot2: Mon Jun 26 20:02:13.466 IST + !Flash: slavedisk2: Mon Jun 26 20:02:13.510 IST + !Flash: slavesup-bootflash: Mon Jun 26 20:02:13.582 IST + !Flash: sec-nvram: Mon Jun 26 20:02:13.649 IST + !Flash: sec-bootflash: Mon Jun 26 20:02:13.712 IST + !Flash: sec-slot0: Mon Jun 26 20:02:13.753 IST + !Flash: sec-disk0: Mon Jun 26 20:02:13.797 IST + !Flash: sec-slot1: Mon Jun 26 20:02:13.843 IST + !Flash: sec-disk1: Mon Jun 26 20:02:13.887 IST + !Flash: sec-slot2: Mon Jun 26 20:02:13.935 IST + !Flash: sec-disk2: Mon Jun 26 20:02:13.977 IST !Slot /MAIN: part S/N: FOC1910P5GW !Slot /MAIN: part S/N: FOC1910P5GQ !Slot /MAIN: part S/N: FOC1910P6YZ !Slot /MAIN: part 68-3959-07 rev A0, dev N/A, serial FOC1913N89D @@ -288,9 +288,9 @@ !Slot /ROMMON: version 0.75 [ASR9K x86 ROMMON], !Slot /ROMMON: version 2.13(20141031:100345) [ASR9K ROMMON] !Slot /ROMMON: version 2.13(20141031:100345) [ASR9K ROMMON] ! - !Mon Jun 26 19:02:16.420 IST + !Mon Jun 26 20:02:15.704 IST !NAME: "module 0/RSP0/CPU0", DESCR: "ASR9K Route Switch Processor with 440G/slot Fabric and 6GB" !PID: A9K-RSP440-TR Thanks and Regards, Nalin Fernando SLTNet Team ISP Operations Section | Sri Lanka Telecom PLC 6 th Floor, OTS Building, SLT HQ, Colombo-1, Sri Lanka Work: +94112029600 |7 Fax: +94112391324 Email:nwadmin at sltnet.lk| Web:www.sltnet.lk -----Original Message----- From: 'heasley' [mailto:heas at shrubbery.net] Sent: Monday, June 26, 2017 8:07 PM To: Nalin Fernando Cc: 'heasley'; rancid at shrubbery.net; rancid-discuss at shrubbery.net; Mathiruban; Rajagopal Mathiruban Subject: Re: Avoid Boot Flash :Flash changes in cisco routers Mon, Jun 26, 2017 at 07:18:25PM +0530, Nalin Fernando: > Dear Rancid Team, > > > > I have Rancid running. I have the problem of getting mails about > Changes of Router ROM and Flash In Cisco routers, which is really > disturbing. Even without any config change, still I am getting rancid > mails regard to Boot Flash NVRAM, Flash changes. Please let me know > how to avoid these details in Frequent emails. > > I upgraded the Rancid to latest version rancid-3.6.2. but still I have > the problem of getting unwanted output of Flash and boot flash in mails. > > Please let me know how to resolve this issue. > > !Image: disk0:asr9k-os-mbi-5.3.4/0x100305/mbiasr9k-rsp3.vm > > - !Image: Wed Jun 14 15:40:36.981 IST i suspect that you are limiting what commands the rancid user can run. it must be able to run all the commands in rancid -C -t cisco-xr From kpnalin at sltnet.lk Mon Jun 26 15:13:37 2017 From: kpnalin at sltnet.lk (Nalin Fernando) Date: Mon, 26 Jun 2017 20:43:37 +0530 Subject: [rancid] Avoid Boot Flash :Flash changes in cisco routers In-Reply-To: <20170626145005.GB31559@shrubbery.net> References: <008a01d2e4bf$c5a706f0$50f514d0$@sltnet.lk> <20170614045102.GD84062@shrubbery.net> <047601d2ee82$e2143520$a63c9f60$@sltnet.lk> <20170626143710.GA31559@shrubbery.net> <047e01d2ee8a$fe1a7510$fa4f5f30$@sltnet.lk> <20170626145005.GB31559@shrubbery.net> Message-ID: <047f01d2ee8e$c94c1920$5be44b60$@sltnet.lk> Dear Mr.Heasley, I do not want to disable anything in Routers, Please guide me how to disable those commands in Rancid. Thanks and Regards, Nalin Fernando SLTNet Team ISP Operations Section | Sri Lanka Telecom PLC 6 th Floor, OTS Building, SLT HQ, Colombo-1, Sri Lanka Work: +94112029600 |7 Fax: +94112391324 Email:nwadmin at sltnet.lk| Web:www.sltnet.lk -----Original Message----- From: 'heasley' [mailto:heas at shrubbery.net] Sent: Monday, June 26, 2017 8:20 PM To: Nalin Fernando Cc: 'heasley'; rancid-discuss at shrubbery.net; rancid at shrubbery.net; 'Mathiruban'; Rajagopal Mathiruban Subject: Re: Avoid Boot Flash :Flash changes in cisco routers Mon, Jun 26, 2017 at 08:16:28PM +0530, Nalin Fernando: > Dear Mr.Heasley, > > I have not limited the commands. I want rancid to stop sending mails > about frequent Flash, NVRAM, BootFlash changes of cisco xr routers. I > have set to run Rancid hourly. So every Hour I am getting below mail > for cisco xr routers. > > !Image: disk0:asr9k-os-mbi-5.3.4/0x100305/mbiasr9k-rsp3.vm > - !Image: Mon Jun 26 19:02:05.124 IST > + !Image: Mon Jun 26 20:02:04.335 IST the line is from the tty timestamp mis-feature, disabled with on of terminal no-timestamp terminal exec prompt no-timestamp if you want to disable dir commands in rancid, see rancid.types.conf(5). From nick at foobar.org Mon Jun 26 16:54:49 2017 From: nick at foobar.org (Nick Hilliard) Date: Mon, 26 Jun 2017 17:54:49 +0100 Subject: [rancid] Avoid Boot Flash :Flash changes in cisco routers In-Reply-To: <20170626145005.GB31559@shrubbery.net> References: <008a01d2e4bf$c5a706f0$50f514d0$@sltnet.lk> <20170614045102.GD84062@shrubbery.net> <047601d2ee82$e2143520$a63c9f60$@sltnet.lk> <20170626143710.GA31559@shrubbery.net> <047e01d2ee8a$fe1a7510$fa4f5f30$@sltnet.lk> <20170626145005.GB31559@shrubbery.net> Message-ID: <59513C59.2020809@foobar.org> 'heasley' wrote: > the line is from the tty timestamp mis-feature, disabled with on of > > terminal no-timestamp > terminal exec prompt no-timestamp > > if you want to disable dir commands in rancid, see rancid.types.conf(5). incidentally, this mechanism doesn't work on XRv for the admin commands. Here's some sample output: > RP/0/RP0/CPU0:Router#admin show license > > nick connected from 127.0.0.1 using console on xr-vm_node0_RP0_CPU0 > sysadmin-vm:0_RP0# terminal length 0 > Mon Jun 26 16:52:28.311 UTC > sysadmin-vm:0_RP0# show license > ------------------------^ > syntax error: element does not exist > sysadmin-vm:0_RP0# > > RP/0/RP0/CPU0:Router# In this instance, there's no way to disable the CLI timestamps in admin mode, so rancid picks them up in the config generation. Nick From Robert.Remsik at colostate.edu Mon Jun 26 16:38:46 2017 From: Robert.Remsik at colostate.edu (Remsik,Robert) Date: Mon, 26 Jun 2017 16:38:46 +0000 Subject: [rancid] CIDR Ranges in .clogit file Message-ID: Hello! I'm trying to setup entries in the .clogit file per credentials aligned with CIDR ranges. Can rancid handle CIDR ranges? It looks like RANCID just does globbing, but I'm having trouble setting the up the globs properly. I'm using the globtester ( http://www.globtester.com/#p=eJwz1DPSM9aLNtA1NIutMYRxLGPBBABh%2BwbV&r=eJzNldEKgjAUhl9leFVQ6o5aU%2BfeRc1CEBUnUT19hhkES6nYYTe7OMP%2F%2BzzCLz%2BUZ5JXqZSJZQlqg%2B3ZlDvDVPC3Ky7btCayv1ZFYuVN1XQR6U7ZisGGUMaGI2TrmBybut%2FK8lZEw8CG9hJPqcCdR4TgWSe0ALwJ8HvQ6Dam6FD0zVcMzFfcma%2B4N1%2BRma8Yald8Fp67qP9ZktJvim0mB1Rv%2B%2B%2FaZ3jKvtTIU5afRp6yyTTylLWkjwfIvBCZR11sIPYXpNgrBeyVgo8NDNBaZun519%2FgDnPzhow%3D& ) to help debug the syntax. For example the x.y.z.2-16 use {abc creds} and x.y.z.17-254 use {def creds}. Or is there a better way to accomplish what I'm looking to do? Thank you in advance, Robert Remsik ACNS Desk Phone: 970 491 7120 Robert.Remsik at colostate.edu -------------- next part -------------- An HTML attachment was scrubbed... URL: From heas at shrubbery.net Mon Jun 26 18:34:34 2017 From: heas at shrubbery.net (heasley) Date: Mon, 26 Jun 2017 18:34:34 +0000 Subject: [rancid] CIDR Ranges in .clogit file In-Reply-To: References: Message-ID: <20170626183433.GF3198@shrubbery.net> Mon, Jun 26, 2017 at 04:38:46PM +0000, Remsik,Robert: > Hello! > > > I'm trying to setup entries in the .clogit file per credentials aligned with CIDR ranges. Can rancid handle CIDR ranges? It looks like RANCID just does globbing, but I'm having trouble setting the up the globs properly. globs only. > I'm using the globtester ( http://www.globtester.com/#p=eJwz1DPSM9aLNtA1NIutMYRxLGPBBABh%2BwbV&r=eJzNldEKgjAUhl9leFVQ6o5aU%2BfeRc1CEBUnUT19hhkES6nYYTe7OMP%2F%2BzzCLz%2BUZ5JXqZSJZQlqg%2B3ZlDvDVPC3Ky7btCayv1ZFYuVN1XQR6U7ZisGGUMaGI2TrmBybut%2FK8lZEw8CG9hJPqcCdR4TgWSe0ALwJ8HvQ6Dam6FD0zVcMzFfcma%2B4N1%2BRma8Yald8Fp67qP9ZktJvim0mB1Rv%2B%2B%2FaZ3jKvtTIU5afRp6yyTTylLWkjwfIvBCZR11sIPYXpNgrBeyVgo8NDNBaZun519%2FgDnPzhow%3D& ) to help debug the syntax. For example the x.y.z.2-16 use {abc creds} and x.y.z.17-254 use {def creds}. > https://www.tcl.tk/man/tcl/TclCmd/glob.htm [] matches a single character [2-9] 2 thru 9 [2-17] 2-1 (no idea if that works) or 7 From Robert.Remsik at colostate.edu Mon Jun 26 18:39:51 2017 From: Robert.Remsik at colostate.edu (Remsik,Robert) Date: Mon, 26 Jun 2017 18:39:51 +0000 Subject: [rancid] CIDR Ranges in .clogit file In-Reply-To: <20170626183433.GF3198@shrubbery.net> References: , <20170626183433.GF3198@shrubbery.net> Message-ID: Nuts, that's what I thought. Thank you for confirmation. Can I ask for that as a feature request to be able to parse/use CIDR someday? Robert Remsik ACNS Desk Phone: 970 491 7120 Robert.Remsik at colostate.edu ________________________________ From: heasley Sent: Monday, June 26, 2017 12:34:34 PM To: Remsik,Robert Cc: rancid-discuss at shrubbery.net Subject: Re: [rancid] CIDR Ranges in .clogit file Mon, Jun 26, 2017 at 04:38:46PM +0000, Remsik,Robert: > Hello! > > > I'm trying to setup entries in the .clogit file per credentials aligned with CIDR ranges. Can rancid handle CIDR ranges? It looks like RANCID just does globbing, but I'm having trouble setting the up the globs properly. globs only. > I'm using the globtester ( http://www.globtester.com/#p=eJwz1DPSM9aLNtA1NIutMYRxLGPBBABh%2BwbV&r=eJzNldEKgjAUhl9leFVQ6o5aU%2BfeRc1CEBUnUT19hhkES6nYYTe7OMP%2F%2BzzCLz%2BUZ5JXqZSJZQlqg%2B3ZlDvDVPC3Ky7btCayv1ZFYuVN1XQR6U7ZisGGUMaGI2TrmBybut%2FK8lZEw8CG9hJPqcCdR4TgWSe0ALwJ8HvQ6Dam6FD0zVcMzFfcma%2B4N1%2BRma8Yald8Fp67qP9ZktJvim0mB1Rv%2B%2B%2FaZ3jKvtTIU5afRp6yyTTylLWkjwfIvBCZR11sIPYXpNgrBeyVgo8NDNBaZun519%2FgDnPzhow%3D& ) to help debug the syntax. For example the x.y.z.2-16 use {abc creds} and x.y.z.17-254 use {def creds}. > https://www.tcl.tk/man/tcl/TclCmd/glob.htm [] matches a single character [2-9] 2 thru 9 [2-17] 2-1 (no idea if that works) or 7 -------------- next part -------------- An HTML attachment was scrubbed... URL: From heas at shrubbery.net Mon Jun 26 18:50:46 2017 From: heas at shrubbery.net ('heasley') Date: Mon, 26 Jun 2017 18:50:46 +0000 Subject: [rancid] Avoid Boot Flash :Flash changes in cisco routers In-Reply-To: <59513C59.2020809@foobar.org> References: <008a01d2e4bf$c5a706f0$50f514d0$@sltnet.lk> <20170614045102.GD84062@shrubbery.net> <047601d2ee82$e2143520$a63c9f60$@sltnet.lk> <20170626143710.GA31559@shrubbery.net> <047e01d2ee8a$fe1a7510$fa4f5f30$@sltnet.lk> <20170626145005.GB31559@shrubbery.net> <59513C59.2020809@foobar.org> Message-ID: <20170626185046.GG3198@shrubbery.net> Mon, Jun 26, 2017 at 05:54:49PM +0100, Nick Hilliard: > 'heasley' wrote: > > the line is from the tty timestamp mis-feature, disabled with on of > > > > terminal no-timestamp > > terminal exec prompt no-timestamp > > > > if you want to disable dir commands in rancid, see rancid.types.conf(5). > > incidentally, this mechanism doesn't work on XRv for the admin commands. > Here's some sample output: > > > RP/0/RP0/CPU0:Router#admin show license > > > > nick connected from 127.0.0.1 using console on xr-vm_node0_RP0_CPU0 > > sysadmin-vm:0_RP0# terminal length 0 > > Mon Jun 26 16:52:28.311 UTC > > sysadmin-vm:0_RP0# show license > > ------------------------^ > > syntax error: element does not exist > > sysadmin-vm:0_RP0# > > > > RP/0/RP0/CPU0:Router# > > In this instance, there's no way to disable the CLI timestamps in admin > mode, so rancid picks them up in the config generation. > > Nick i vaguely remember opening a DDTS for that and other cli bugs for xrv. I'll check the list; then you too can subscribe to it or open your own. From heas at shrubbery.net Mon Jun 26 18:56:42 2017 From: heas at shrubbery.net (heasley) Date: Mon, 26 Jun 2017 18:56:42 +0000 Subject: [rancid] CIDR Ranges in .clogit file In-Reply-To: References: <20170626183433.GF3198@shrubbery.net> Message-ID: <20170626185642.GH3198@shrubbery.net> Mon, Jun 26, 2017 at 06:39:51PM +0000, Remsik,Robert: > Nuts, that's what I thought. Thank you for confirmation. > > > Can I ask for that as a feature request to be able to parse/use CIDR someday? you don't really want cidr either, given your example. ie: what cidr prefix is x.y.z.2-16? none that i know of. maybe a regex would be helpful? > > > > Robert Remsik > > ACNS > > Desk Phone: 970 491 7120 > > Robert.Remsik at colostate.edu > > ________________________________ > From: heasley > Sent: Monday, June 26, 2017 12:34:34 PM > To: Remsik,Robert > Cc: rancid-discuss at shrubbery.net > Subject: Re: [rancid] CIDR Ranges in .clogit file > > Mon, Jun 26, 2017 at 04:38:46PM +0000, Remsik,Robert: > > Hello! > > > > > > I'm trying to setup entries in the .clogit file per credentials aligned with CIDR ranges. Can rancid handle CIDR ranges? It looks like RANCID just does globbing, but I'm having trouble setting the up the globs properly. > > globs only. > > > I'm using the globtester ( http://www.globtester.com/#p=eJwz1DPSM9aLNtA1NIutMYRxLGPBBABh%2BwbV&r=eJzNldEKgjAUhl9leFVQ6o5aU%2BfeRc1CEBUnUT19hhkES6nYYTe7OMP%2F%2BzzCLz%2BUZ5JXqZSJZQlqg%2B3ZlDvDVPC3Ky7btCayv1ZFYuVN1XQR6U7ZisGGUMaGI2TrmBybut%2FK8lZEw8CG9hJPqcCdR4TgWSe0ALwJ8HvQ6Dam6FD0zVcMzFfcma%2B4N1%2BRma8Yald8Fp67qP9ZktJvim0mB1Rv%2B%2B%2FaZ3jKvtTIU5afRp6yyTTylLWkjwfIvBCZR11sIPYXpNgrBeyVgo8NDNBaZun519%2FgDnPzhow%3D& ) to help debug the syntax. For example the x.y.z.2-16 use {abc creds} and x.y.z.17-254 use {def creds}. > > > > https://www.tcl.tk/man/tcl/TclCmd/glob.htm > > [] matches a single character > > [2-9] 2 thru 9 > [2-17] 2-1 (no idea if that works) or 7 From nick at foobar.org Mon Jun 26 22:39:13 2017 From: nick at foobar.org (Nick Hilliard) Date: Mon, 26 Jun 2017 23:39:13 +0100 Subject: [rancid] Rancid CVS issue In-Reply-To: References: <20170616170906.GF32152@shrubbery.net> Message-ID: <59518D11.20708@foobar.org> Ingle, Vicky wrote: > We have a linux server where in Rancid 3.1 and below is the cronjob > (run as user pp71402) does clogin work when you su to username pp71402? Nick From Robert.Remsik at colostate.edu Mon Jun 26 19:00:49 2017 From: Robert.Remsik at colostate.edu (Remsik,Robert) Date: Mon, 26 Jun 2017 19:00:49 +0000 Subject: [rancid] CIDR Ranges in .clogit file In-Reply-To: <20170626185642.GH3198@shrubbery.net> References: <20170626183433.GF3198@shrubbery.net> , <20170626185642.GH3198@shrubbery.net> Message-ID: We'd use a /28 and then from there not have .1 respond. Mostly CIDR would (at least on a quick blush without thinking it through deeply) be useful as it's how we structure IP address layouts currently. You are right, a reg-ex could be as well useful in accomplishing the task as well. Robert Remsik ACNS Desk Phone: 970 491 7120 Robert.Remsik at colostate.edu ________________________________ From: heasley Sent: Monday, June 26, 2017 12:56:42 PM To: Remsik,Robert Cc: heasley; rancid-discuss at shrubbery.net Subject: Re: [rancid] CIDR Ranges in .clogit file Mon, Jun 26, 2017 at 06:39:51PM +0000, Remsik,Robert: > Nuts, that's what I thought. Thank you for confirmation. > > > Can I ask for that as a feature request to be able to parse/use CIDR someday? you don't really want cidr either, given your example. ie: what cidr prefix is x.y.z.2-16? none that i know of. maybe a regex would be helpful? > > > > Robert Remsik > > ACNS > > Desk Phone: 970 491 7120 > > Robert.Remsik at colostate.edu > > ________________________________ > From: heasley > Sent: Monday, June 26, 2017 12:34:34 PM > To: Remsik,Robert > Cc: rancid-discuss at shrubbery.net > Subject: Re: [rancid] CIDR Ranges in .clogit file > > Mon, Jun 26, 2017 at 04:38:46PM +0000, Remsik,Robert: > > Hello! > > > > > > I'm trying to setup entries in the .clogit file per credentials aligned with CIDR ranges. Can rancid handle CIDR ranges? It looks like RANCID just does globbing, but I'm having trouble setting the up the globs properly. > > globs only. > > > I'm using the globtester ( http://www.globtester.com/#p=eJwz1DPSM9aLNtA1NIutMYRxLGPBBABh%2BwbV&r=eJzNldEKgjAUhl9leFVQ6o5aU%2BfeRc1CEBUnUT19hhkES6nYYTe7OMP%2F%2BzzCLz%2BUZ5JXqZSJZQlqg%2B3ZlDvDVPC3Ky7btCayv1ZFYuVN1XQR6U7ZisGGUMaGI2TrmBybut%2FK8lZEw8CG9hJPqcCdR4TgWSe0ALwJ8HvQ6Dam6FD0zVcMzFfcma%2B4N1%2BRma8Yald8Fp67qP9ZktJvim0mB1Rv%2B%2B%2FaZ3jKvtTIU5afRp6yyTTylLWkjwfIvBCZR11sIPYXpNgrBeyVgo8NDNBaZun519%2FgDnPzhow%3D& ) to help debug the syntax. For example the x.y.z.2-16 use {abc creds} and x.y.z.17-254 use {def creds}. > > > > https://www.tcl.tk/man/tcl/TclCmd/glob.htm > > [] matches a single character > > [2-9] 2 thru 9 > [2-17] 2-1 (no idea if that works) or 7 -------------- next part -------------- An HTML attachment was scrubbed... URL: From Vicky_Ingle at bose.com Mon Jun 26 22:47:34 2017 From: Vicky_Ingle at bose.com (Ingle, Vicky) Date: Mon, 26 Jun 2017 22:47:34 +0000 Subject: [rancid] Rancid CVS issue In-Reply-To: <59518D11.20708@foobar.org> References: <20170616170906.GF32152@shrubbery.net> , <59518D11.20708@foobar.org> Message-ID: Hi Nick, I'm so glad that you replied for this issue. Yes, it works fine. I don't see anything in the logs for the failed devices. If there is no change in the decide config, does it skip downloading the config? If yes, where can see those skipped logs.. Thanks, Vicky Ingle ________________________________ From: Nick Hilliard Sent: Monday, June 26, 2017 6:39:13 PM To: Ingle, Vicky Cc: rancid-discuss at shrubbery.net Subject: Re: [rancid] Rancid CVS issue Ingle, Vicky wrote: > We have a linux server where in Rancid 3.1 and below is the cronjob > (run as user pp71402) does clogin work when you su to username pp71402? Nick -------------- next part -------------- An HTML attachment was scrubbed... URL: From doug.hughes at keystonenap.com Tue Jun 27 15:00:58 2017 From: doug.hughes at keystonenap.com (Doug Hughes) Date: Tue, 27 Jun 2017 11:00:58 -0400 Subject: [rancid] Rancid CVS issue In-Reply-To: References: <20170616170906.GF32152@shrubbery.net> <59518D11.20708@foobar.org> Message-ID: <5e4d52c3-c97b-a6f6-1d46-8ebc2a021cf3@keystonenap.com> rancid doesn't make a log entry if there are no changes to the device, unless there is an error. The log files are there to record errors and anomalies, not success. It is true with cvs, svn, git, etc. that if there are no changes, then there will be no commit into the version control. This is by design and a good thing! It means you only get emails (if you enable them) when there's a change, it also means that if you setup a websvn or webcvs viewer, the choices for the device will only be for when there are new changes made and you can see exactly what changed in the diffs and when they happened. On 6/26/2017 6:47 PM, Ingle, Vicky wrote: > Hi Nick, > > I'm so glad that you replied for this issue. > Yes, it works fine. I don't see anything in the logs for the failed > devices. If there is no change in the decide config, does it skip > downloading the config? If yes, where can see those skipped logs.. > > Thanks, > Vicky Ingle > > ------------------------------------------------------------------------ > *From:* Nick Hilliard > *Sent:* Monday, June 26, 2017 6:39:13 PM > *To:* Ingle, Vicky > *Cc:* rancid-discuss at shrubbery.net > *Subject:* Re: [rancid] Rancid CVS issue > > Ingle, Vicky wrote: > > We have a linux server where in Rancid 3.1 and below is the cronjob > > (run as user pp71402) > > does clogin work when you su to username pp71402? > > Nick > > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss -- Doug Hughes Keystone NAP Fairless Hills, PA 1.844.KEYBLOCK (539.2562) -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: keystone-nap.png Type: image/png Size: 3476 bytes Desc: not available URL: From heas at shrubbery.net Tue Jun 27 22:12:18 2017 From: heas at shrubbery.net (heasley) Date: Tue, 27 Jun 2017 22:12:18 +0000 Subject: [rancid] Problems with hpuifilter / hlogin In-Reply-To: References: Message-ID: <20170627221218.GD1198@shrubbery.net> Fri, May 19, 2017 at 03:54:33PM +0100, Brian Candler: > Back in 2015, I submitted a fix to hpuifilter: > http://www.shrubbery.net/pipermail/rancid-discuss/2015-December/008823.html > > This was incorporated into rancid 3.3.0. Unfortunately, rancid 3.3.0 > from Ubuntu 16.04 still doesn't work with HP, and it turns out there are > a couple of problems. > > (1) When the patch was merged, it seems an error was added in > bin/hpuifilter.c, function complete_esc(). The line which now says > > return(i + 10); > > should have been > > return(i + 1); > > That's a simple fix to make, and still is apparently required in 3.6.2. [^1] done; thanks. > (2) hlogin from 3.3.0 was having problems with the prompt, which I was > able to replicate like this to a J9775A: > > /usr/lib/rancid/bin/hlogin -d -t 20 -c"show version;show flash;show > system-information;show system information;show module;show stack;show > tech transceivers;show config files;show config status;write term" > ix-edgesw-r1b1b.int.example.net > > ... > > send: sending "no page\r" to { exp5 } > Gate keeper glob pattern for 'ix-edgesw-r' is 'ix-edgesw-r'. Activating > booster. > Gate keeper glob pattern for '[ > ]+' is ''. Not usable, disabling the performance booster. > > expect: does "" (spawn_id exp5) match regular expression "ix-edgesw-r"? > Gate "ix-edgesw-r"? gate=no > "[\n\r]+"? (No Gate, RE only) gate=yes re=no > no page > ix-edgesw-r1b1b# > expect: does "no page\r\r\nix-edgesw-r1b1b# " (spawn_id exp5) match > regular expression "ix-edgesw-r"? Gate "ix-edgesw-r"? gate=yes re=yes > expect: set expect_out(0,string) "ix-edgesw-r" > expect: set expect_out(spawn_id) "exp5" > expect: set expect_out(buffer) "no page\r\r\nix-edgesw-r" > Gate keeper glob pattern for > 'ix-edgesw-r([^#>\r\n]+)?[#>](\\([^)\\r\\n]+\\))?' is 'ix-edgesw-r*'. > Activating booster. > Gate keeper glob pattern for 'Invalid input: 0[ > ]+' is 'Invalid input: 0*'. Activating booster. > Gate keeper glob pattern for '[ > ]+' is ''. Not usable, disabling the performance booster. > > expect: does "1b1b# " (spawn_id exp5) match regular expression > "ix-edgesw-r([^#>\r\n]+)?[#>](\\([^)\\r\\n]+\\))?"? Gate "ix-edgesw-r*"? > gate=no > "Invalid input: 0[\n\r]+"? Gate "Invalid input: 0*"? gate=no > "[\n\r]+"? (No Gate, RE only) gate=yes re=no > <<>> > expect: timed out > > Error: TIMEOUT reached > > However, the version of hlogin from 2.3.6 works fine (from ubuntu > 12.04), and also hlogin from 3.6.2 (current code), so I've just replaced > hlogin with the new one rather than digging any further. Comparing 3.3 to current, I do not see a cause for this. Please mention it, if it occurs again. > Regards, > > Brian. > > > [^1] The same line in in the 3.6.2 tarball, but for testing purposes I'm > just rebuilding hpuifilter from 3.3.0 like this: > > apt-get install dpkg-dev > apt-get source rancid > cd rancid-3.3.0 > ./configure > cd bin > # apply patch by hand: vi hpuifilter.c > make hpuifilter > sudo cp -p hpuifilter /usr/lib/rancid/bin/ > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss From adrian.dimitrov at efellows.bg Wed Jun 28 07:23:54 2017 From: adrian.dimitrov at efellows.bg (Adrian Dimitrov) Date: Wed, 28 Jun 2017 07:23:54 +0000 Subject: [rancid] Avaya switch Issue Message-ID: <490FA8C6CC4CDA44A7D3E449D75BF1F7435919@exchanger.efellows.bg> Hello Team, I have trouble with one avaya device. Running it with rancid-run, it is timing out and never gets the backup. I tried to login to the device using blogin and I was able to do it, but Avaya wants to press "ctrl+y" and then let you to insert username and password. The issue seems to be on pressing "ctrl+y", it just doesn't accept it, so I cannot enter the username and password. System Description of the device: Ethernet Routing Switch 4524GT HW:09 FW:5.1.0.8 SW:v5.4.0.008 BN:08 (c) Nortel Networks Best Regards, Adrian Dimitrov System Administrator [eFellows-Mark-RGB_Sign] -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image001.png Type: image/png Size: 8632 bytes Desc: image001.png URL: From c.o.hopkins at gmail.com Wed Jun 28 09:10:23 2017 From: c.o.hopkins at gmail.com (Craig Hopkins) Date: Wed, 28 Jun 2017 10:10:23 +0100 Subject: [rancid] Cisco commands in 3.6.2 Message-ID: Hi, rancid is happily backing up my ASAs and switches, but in rancid.types.base I can see cisco;command;ios::ShowInventory;show inventory raw How do I get rancid to run this command on a Cisco? It isn't currently. It looks like it's just doing show version, show flash and show running. Cheers, Craig -------------- next part -------------- An HTML attachment was scrubbed... URL: From heas at shrubbery.net Wed Jun 28 17:32:56 2017 From: heas at shrubbery.net (heasley) Date: Wed, 28 Jun 2017 17:32:56 +0000 Subject: [rancid] Cisco commands in 3.6.2 In-Reply-To: References: Message-ID: <20170628173255.GB55221@shrubbery.net> Wed, Jun 28, 2017 at 10:10:23AM +0100, Craig Hopkins: > Hi, > > rancid is happily backing up my ASAs and switches, but in rancid.types.base > I can see > > cisco;command;ios::ShowInventory;show inventory raw > > How do I get rancid to run this command on a Cisco? It isn't currently. It > looks like it's just doing show version, show flash and show running. it is run; but if the command is not supported by the device or is different on the ASA (because cisco is incapable of consistency between platforms) and therefore is "ambiguous", that failure will be ignored by rancid. if you know what the correct command is for the ASA, lmk. From weylin at bu.edu Wed Jun 28 20:30:32 2017 From: weylin at bu.edu (Piegorsch, Weylin William) Date: Wed, 28 Jun 2017 20:30:32 +0000 Subject: [rancid] Cisco commands in 3.6.2 In-Reply-To: <20170628173255.GB55221@shrubbery.net> References: <20170628173255.GB55221@shrubbery.net> Message-ID: <03E1DBC5-BFD3-4526-8A90-33A320FC3431@bu.edu> Does this help? I just ran this on an ASA I currently have in Rancid (v3.4). weylin ASA5545-X-version9.4(4)5/pri/act# sh inventory ? <0-3> Inventory slot number | Output modifiers ASA5545-X-version9.4(4)5/pri/act# sh inventory -----Original Message----- From: heasley Date: Wednesday, June 28, 2017 at 13:32 To: Craig Hopkins Cc: Subject: Re: [rancid] Cisco commands in 3.6.2 Wed, Jun 28, 2017 at 10:10:23AM +0100, Craig Hopkins: > Hi, > > rancid is happily backing up my ASAs and switches, but in rancid.types.base > I can see > > cisco;command;ios::ShowInventory;show inventory raw > > How do I get rancid to run this command on a Cisco? It isn't currently. It > looks like it's just doing show version, show flash and show running. it is run; but if the command is not supported by the device or is different on the ASA (because cisco is incapable of consistency between platforms) and therefore is "ambiguous", that failure will be ignored by rancid. if you know what the correct command is for the ASA, lmk. From heas at shrubbery.net Wed Jun 28 22:07:44 2017 From: heas at shrubbery.net (heasley) Date: Wed, 28 Jun 2017 22:07:44 +0000 Subject: [rancid] Cisco commands in 3.6.2 In-Reply-To: <03E1DBC5-BFD3-4526-8A90-33A320FC3431@bu.edu> References: <20170628173255.GB55221@shrubbery.net> <03E1DBC5-BFD3-4526-8A90-33A320FC3431@bu.edu> Message-ID: <20170628220744.GA48233@shrubbery.net> Wed, Jun 28, 2017 at 08:30:32PM +0000, Piegorsch, Weylin William: > Does this help? I just ran this on an ASA I currently have in Rancid (v3.4). > weylin > > ASA5545-X-version9.4(4)5/pri/act# sh inventory ? > > <0-3> Inventory slot number > | Output modifiers > > ASA5545-X-version9.4(4)5/pri/act# sh inventory yes; it doesnt support the raw keyword. What does the o/p look like (w/o a slot speicfied)? > -----Original Message----- > From: heasley > Date: Wednesday, June 28, 2017 at 13:32 > To: Craig Hopkins > Cc: > Subject: Re: [rancid] Cisco commands in 3.6.2 > > Wed, Jun 28, 2017 at 10:10:23AM +0100, Craig Hopkins: > > Hi, > > > > rancid is happily backing up my ASAs and switches, but in rancid.types.base > > I can see > > > > cisco;command;ios::ShowInventory;show inventory raw > > > > How do I get rancid to run this command on a Cisco? It isn't currently. It > > looks like it's just doing show version, show flash and show running. > > it is run; but if the command is not supported by the device or is different > on the ASA (because cisco is incapable of consistency between platforms) and > therefore is "ambiguous", that failure will be ignored by rancid. if you > know what the correct command is for the ASA, lmk. > > > > From heas at shrubbery.net Wed Jun 28 22:13:11 2017 From: heas at shrubbery.net ('heasley') Date: Wed, 28 Jun 2017 22:13:11 +0000 Subject: [rancid] Avoid Boot Flash :Flash changes in cisco routers In-Reply-To: <20170626185046.GG3198@shrubbery.net> References: <008a01d2e4bf$c5a706f0$50f514d0$@sltnet.lk> <20170614045102.GD84062@shrubbery.net> <047601d2ee82$e2143520$a63c9f60$@sltnet.lk> <20170626143710.GA31559@shrubbery.net> <047e01d2ee8a$fe1a7510$fa4f5f30$@sltnet.lk> <20170626145005.GB31559@shrubbery.net> <59513C59.2020809@foobar.org> <20170626185046.GG3198@shrubbery.net> Message-ID: <20170628221311.GE74817@shrubbery.net> Mon, Jun 26, 2017 at 06:50:46PM +0000, 'heasley': > Mon, Jun 26, 2017 at 05:54:49PM +0100, Nick Hilliard: > > 'heasley' wrote: > > > the line is from the tty timestamp mis-feature, disabled with on of > > > > > > terminal no-timestamp > > > terminal exec prompt no-timestamp > > > > > > if you want to disable dir commands in rancid, see rancid.types.conf(5). > > > > incidentally, this mechanism doesn't work on XRv for the admin commands. > > Here's some sample output: > > > > > RP/0/RP0/CPU0:Router#admin show license > > > > > > nick connected from 127.0.0.1 using console on xr-vm_node0_RP0_CPU0 > > > sysadmin-vm:0_RP0# terminal length 0 > > > Mon Jun 26 16:52:28.311 UTC > > > sysadmin-vm:0_RP0# show license > > > ------------------------^ > > > syntax error: element does not exist > > > sysadmin-vm:0_RP0# > > > > > > RP/0/RP0/CPU0:Router# > > > > In this instance, there's no way to disable the CLI timestamps in admin > > mode, so rancid picks them up in the config generation. > > > > Nick > > i vaguely remember opening a DDTS for that and other cli bugs for xrv. I'll > check the list; then you too can subscribe to it or open your own. I've looked; I can't find that a DDTS was opened for us; it was only an EFT complaint. we'll open one. you should too - please. From weylin at bu.edu Wed Jun 28 22:13:41 2017 From: weylin at bu.edu (Piegorsch, Weylin William) Date: Wed, 28 Jun 2017 22:13:41 +0000 Subject: [rancid] Cisco commands in 3.6.2 In-Reply-To: <20170628220744.GA48233@shrubbery.net> References: <20170628173255.GB55221@shrubbery.net> <03E1DBC5-BFD3-4526-8A90-33A320FC3431@bu.edu> <20170628220744.GA48233@shrubbery.net> Message-ID: <9E57FD93-8320-4D24-B3D2-424E80C9611C@bu.edu> ASA5545-X-version9.4(4)5/pri/act# sh inventory Name: "Chassis", DESCR: "ASA 5545-X with SW, 8 GE Data, 1 GE Mgmt" PID: ASA5545 , VID: V02 , SN: FTX184410TS Name: "power supply 0", DESCR: "ASA 5545-X/5555-X AC Power Supply" PID: ASA-PWR-AC , VID: N/A , SN: 48V1FE Name: "power supply 1", DESCR: "ASA 5545-X/5555-X AC Power Supply" PID: ASA-PWR-AC , VID: N/A , SN: 48V1FF Name: "Storage Device 1", DESCR: "Model Number: Micron_M550_MTFDDAK128MAY" PID: N/A , VID: N/A , SN: MXA183501WN Name: "Storage Device 2", DESCR: "Model Number: Micron_M550_MTFDDAK128MAY" PID: N/A , VID: N/A , SN: MXA183501QL ASA5545-X-version9.4(4)5/pri/act# -----Original Message----- From: heasley Date: Wednesday, June 28, 2017 at 18:07 To: Weylin Piegorsch Cc: heasley , Craig Hopkins , "rancid-discuss at shrubbery.net" Subject: Re: [rancid] Cisco commands in 3.6.2 Wed, Jun 28, 2017 at 08:30:32PM +0000, Piegorsch, Weylin William: > Does this help? I just ran this on an ASA I currently have in Rancid (v3.4). > weylin > > ASA5545-X-version9.4(4)5/pri/act# sh inventory ? > > <0-3> Inventory slot number > | Output modifiers > > ASA5545-X-version9.4(4)5/pri/act# sh inventory yes; it doesnt support the raw keyword. What does the o/p look like (w/o a slot speicfied)? > -----Original Message----- > From: heasley > Date: Wednesday, June 28, 2017 at 13:32 > To: Craig Hopkins > Cc: > Subject: Re: [rancid] Cisco commands in 3.6.2 > > Wed, Jun 28, 2017 at 10:10:23AM +0100, Craig Hopkins: > > Hi, > > > > rancid is happily backing up my ASAs and switches, but in rancid.types.base > > I can see > > > > cisco;command;ios::ShowInventory;show inventory raw > > > > How do I get rancid to run this command on a Cisco? It isn't currently. It > > looks like it's just doing show version, show flash and show running. > > it is run; but if the command is not supported by the device or is different > on the ASA (because cisco is incapable of consistency between platforms) and > therefore is "ambiguous", that failure will be ignored by rancid. if you > know what the correct command is for the ASA, lmk. > > > > From c.o.hopkins at gmail.com Thu Jun 29 10:18:00 2017 From: c.o.hopkins at gmail.com (Craig Hopkins) Date: Thu, 29 Jun 2017 11:18:00 +0100 Subject: [rancid] Cisco commands in 3.6.2 In-Reply-To: <9E57FD93-8320-4D24-B3D2-424E80C9611C@bu.edu> References: <20170628173255.GB55221@shrubbery.net> <03E1DBC5-BFD3-4526-8A90-33A320FC3431@bu.edu> <20170628220744.GA48233@shrubbery.net> <9E57FD93-8320-4D24-B3D2-424E80C9611C@bu.edu> Message-ID: On a Catalyst switch: #show inventory ? WORD Entity name raw Show every entity in the container hierarchy | Output modifiers so raw is supported, and I can see that in the backups. The ASAs only support show inventory, though. So should I just remove raw from the end of the command in rancid base types, and then it will work for all devices? On 28 June 2017 at 23:13, Piegorsch, Weylin William wrote: > ASA5545-X-version9.4(4)5/pri/act# sh inventory > Name: "Chassis", DESCR: "ASA 5545-X with SW, 8 GE Data, 1 GE Mgmt" > PID: ASA5545 , VID: V02 , SN: FTX184410TS > > Name: "power supply 0", DESCR: "ASA 5545-X/5555-X AC Power Supply" > PID: ASA-PWR-AC , VID: N/A , SN: 48V1FE > > Name: "power supply 1", DESCR: "ASA 5545-X/5555-X AC Power Supply" > PID: ASA-PWR-AC , VID: N/A , SN: 48V1FF > > Name: "Storage Device 1", DESCR: "Model Number: Micron_M550_MTFDDAK128MAY" > PID: N/A , VID: N/A , SN: MXA183501WN > > Name: "Storage Device 2", DESCR: "Model Number: Micron_M550_MTFDDAK128MAY" > PID: N/A , VID: N/A , SN: MXA183501QL > > ASA5545-X-version9.4(4)5/pri/act# > > -----Original Message----- > From: heasley > Date: Wednesday, June 28, 2017 at 18:07 > To: Weylin Piegorsch > Cc: heasley , Craig Hopkins , " > rancid-discuss at shrubbery.net" > Subject: Re: [rancid] Cisco commands in 3.6.2 > > Wed, Jun 28, 2017 at 08:30:32PM +0000, Piegorsch, Weylin William: > > Does this help? I just ran this on an ASA I currently have in > Rancid (v3.4). > > weylin > > > > ASA5545-X-version9.4(4)5/pri/act# sh inventory ? > > > > <0-3> Inventory slot number > > | Output modifiers > > > > ASA5545-X-version9.4(4)5/pri/act# sh inventory > > yes; it doesnt support the raw keyword. What does the o/p look like > (w/o a > slot speicfied)? > > > -----Original Message----- > > From: heasley > > Date: Wednesday, June 28, 2017 at 13:32 > > To: Craig Hopkins > > Cc: > > Subject: Re: [rancid] Cisco commands in 3.6.2 > > > > Wed, Jun 28, 2017 at 10:10:23AM +0100, Craig Hopkins: > > > Hi, > > > > > > rancid is happily backing up my ASAs and switches, but in > rancid.types.base > > > I can see > > > > > > cisco;command;ios::ShowInventory;show inventory raw > > > > > > How do I get rancid to run this command on a Cisco? It isn't > currently. It > > > looks like it's just doing show version, show flash and show > running. > > > > it is run; but if the command is not supported by the device or > is different > > on the ASA (because cisco is incapable of consistency between > platforms) and > > therefore is "ambiguous", that failure will be ignored by > rancid. if you > > know what the correct command is for the ASA, lmk. > > > > > > > > > > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From jason at biel-tech.com Thu Jun 29 11:15:53 2017 From: jason at biel-tech.com (Jason Biel) Date: Thu, 29 Jun 2017 06:15:53 -0500 Subject: [rancid] Collaborative development for rancid (e.g. git / github) In-Reply-To: References: <1423237280.15902.16.camel@seaknight.telkomsa.net> <20170511175246.GL7377@shrubbery.net> <2bd5ba3e-ef58-3daa-95fc-9df5017fb98e@ale.cx> Message-ID: Any progress on this? On Fri, May 12, 2017 at 5:30 AM, Jason Biel wrote: > Github would be the best idea. Would easily allow for syncing of module > changes/additions for devices. > > On Thu, May 11, 2017 at 4:29 PM, Alex DEKKER wrote: > >> On 11/05/17 18:52, heasley wrote: >> >>> >>> We have decided, today, that we will make available an interface to the >>> repo. I first need to separate some proprietary info from the repo that >>> can not be made public. >>> >>> We need to decided which method is easiest for us; it will either be an >>> interface to the svn repo, to which git has a builtin "bridge" as git >>> calls it in the docs, or i'll push to github on a regular basis. >>> >>> In the meantime, ftp://ftp.shrubbery.net/pub/rancid/alpah/ is kept >>> reasonably up to date with HEAD. >>> >>> Great stuff! >> >> alexd >> >> >> _______________________________________________ >> Rancid-discuss mailing list >> Rancid-discuss at shrubbery.net >> http://www.shrubbery.net/mailman/listinfo/rancid-discuss >> > > > > -- > Jason > -- Jason -------------- next part -------------- An HTML attachment was scrubbed... URL: From c.o.hopkins at gmail.com Thu Jun 29 12:33:08 2017 From: c.o.hopkins at gmail.com (Craig Hopkins) Date: Thu, 29 Jun 2017 13:33:08 +0100 Subject: [rancid] Cisco commands in 3.6.2 In-Reply-To: References: <20170628173255.GB55221@shrubbery.net> <03E1DBC5-BFD3-4526-8A90-33A320FC3431@bu.edu> <20170628220744.GA48233@shrubbery.net> <9E57FD93-8320-4D24-B3D2-424E80C9611C@bu.edu> Message-ID: Just for fun, I've made that change anyway, and it's giving me what I need. Thanks for everyone for the input. On 29 June 2017 at 11:18, Craig Hopkins wrote: > On a Catalyst switch: > > #show inventory ? > WORD Entity name > raw Show every entity in the container hierarchy > | Output modifiers > > > so raw is supported, and I can see that in the backups. > > The ASAs only support show inventory, though. > > So should I just remove raw from the end of the command in rancid base > types, and then it will work for all devices? > > On 28 June 2017 at 23:13, Piegorsch, Weylin William wrote: > >> ASA5545-X-version9.4(4)5/pri/act# sh inventory >> Name: "Chassis", DESCR: "ASA 5545-X with SW, 8 GE Data, 1 GE Mgmt" >> PID: ASA5545 , VID: V02 , SN: FTX184410TS >> >> Name: "power supply 0", DESCR: "ASA 5545-X/5555-X AC Power Supply" >> PID: ASA-PWR-AC , VID: N/A , SN: 48V1FE >> >> Name: "power supply 1", DESCR: "ASA 5545-X/5555-X AC Power Supply" >> PID: ASA-PWR-AC , VID: N/A , SN: 48V1FF >> >> Name: "Storage Device 1", DESCR: "Model Number: Micron_M550_MTFDDAK128MAY" >> PID: N/A , VID: N/A , SN: MXA183501WN >> >> Name: "Storage Device 2", DESCR: "Model Number: Micron_M550_MTFDDAK128MAY" >> PID: N/A , VID: N/A , SN: MXA183501QL >> >> ASA5545-X-version9.4(4)5/pri/act# >> >> -----Original Message----- >> From: heasley >> Date: Wednesday, June 28, 2017 at 18:07 >> To: Weylin Piegorsch >> Cc: heasley , Craig Hopkins , >> "rancid-discuss at shrubbery.net" >> Subject: Re: [rancid] Cisco commands in 3.6.2 >> >> Wed, Jun 28, 2017 at 08:30:32PM +0000, Piegorsch, Weylin William: >> > Does this help? I just ran this on an ASA I currently have in >> Rancid (v3.4). >> > weylin >> > >> > ASA5545-X-version9.4(4)5/pri/act# sh inventory ? >> > >> > <0-3> Inventory slot number >> > | Output modifiers >> > >> > ASA5545-X-version9.4(4)5/pri/act# sh inventory >> >> yes; it doesnt support the raw keyword. What does the o/p look like >> (w/o a >> slot speicfied)? >> >> > -----Original Message----- >> > From: heasley >> > Date: Wednesday, June 28, 2017 at 13:32 >> > To: Craig Hopkins >> > Cc: >> > Subject: Re: [rancid] Cisco commands in 3.6.2 >> > >> > Wed, Jun 28, 2017 at 10:10:23AM +0100, Craig Hopkins: >> > > Hi, >> > > >> > > rancid is happily backing up my ASAs and switches, but in >> rancid.types.base >> > > I can see >> > > >> > > cisco;command;ios::ShowInventory;show inventory raw >> > > >> > > How do I get rancid to run this command on a Cisco? It isn't >> currently. It >> > > looks like it's just doing show version, show flash and show >> running. >> > >> > it is run; but if the command is not supported by the device or >> is different >> > on the ASA (because cisco is incapable of consistency between >> platforms) and >> > therefore is "ambiguous", that failure will be ignored by >> rancid. if you >> > know what the correct command is for the ASA, lmk. >> > >> > >> > >> > >> >> >> > -------------- next part -------------- An HTML attachment was scrubbed... URL: From heas at shrubbery.net Thu Jun 29 16:35:31 2017 From: heas at shrubbery.net (heasley) Date: Thu, 29 Jun 2017 16:35:31 +0000 Subject: [rancid] Cisco commands in 3.6.2 In-Reply-To: <20170629162034.0C42E9BE99@sea.shrubbery.net> Message-ID: <20170629163530.GF13357@shrubbery.net> Thu, Jun 29, 2017 at 01:33:08PM +0100, Craig Hopkins: > Just for fun, I've made that change anyway, and it's giving me what I need. > Thanks for everyone for the input. > > On 29 June 2017 at 11:18, Craig Hopkins wrote: > > > On a Catalyst switch: > > > > #show inventory ? > > WORD Entity name > > raw Show every entity in the container hierarchy > > | Output modifiers > > > > > > so raw is supported, and I can see that in the backups. > > > > The ASAs only support show inventory, though. > > > > So should I just remove raw from the end of the command in rancid base > > types, and then it will work for all devices? > > > > On 28 June 2017 at 23:13, Piegorsch, Weylin William wrote: > > > >> ASA5545-X-version9.4(4)5/pri/act# sh inventory > >> Name: "Chassis", DESCR: "ASA 5545-X with SW, 8 GE Data, 1 GE Mgmt" > >> PID: ASA5545 , VID: V02 , SN: FTX184410TS > >> > >> Name: "power supply 0", DESCR: "ASA 5545-X/5555-X AC Power Supply" > >> PID: ASA-PWR-AC , VID: N/A , SN: 48V1FE > >> > >> Name: "power supply 1", DESCR: "ASA 5545-X/5555-X AC Power Supply" > >> PID: ASA-PWR-AC , VID: N/A , SN: 48V1FF > >> > >> Name: "Storage Device 1", DESCR: "Model Number: Micron_M550_MTFDDAK128MAY" > >> PID: N/A , VID: N/A , SN: MXA183501WN > >> > >> Name: "Storage Device 2", DESCR: "Model Number: Micron_M550_MTFDDAK128MAY" > >> PID: N/A , VID: N/A , SN: MXA183501QL > >> > >> ASA5545-X-version9.4(4)5/pri/act# thanks; this should do it. Index: etc/rancid.types.base =================================================================== --- etc/rancid.types.base (revision 3683) +++ etc/rancid.types.base (working copy) @@ -164,6 +164,7 @@ cisco;command;ios::ShowC7200;show c7200 cisco;command;ios::ShowCellular;show cellular 0 profile;Cellular modem cisco;command;ios::ShowInventory;show inventory raw +cisco;command;ios::ShowInventory;show inventory;ASA/PIX cisco;command;ios::ShowVTP;show vtp status cisco;command;ios::ShowVLAN;show vlan cisco;command;ios::ShowVLAN;show vlan-switch Index: lib/ios.pm.in =================================================================== --- lib/ios.pm.in (revision 3660) +++ lib/ios.pm.in (working copy) @@ -23,6 +23,7 @@ our $found_version; our $found_env; our $found_diag; +our $found_inventory; our $config_register; # configuration register value our %hwbuf; # defined in ShowContCbus @@ -58,6 +59,7 @@ $found_version = 0; $found_env = 0; $found_diag = 0; + $found_inventory = 0; $config_register = undef; # configuration register value $supbootdisk = 0; # skip sup-bootflash if sup-bootdisk @@ -1693,12 +1695,13 @@ while (<$INPUT>) { tr/\015//d; return if (/^\s*\^$/); - last if (/^$prompt/); + if (/^$prompt/) { $found_inventory = 1; last}; next if (/^(\s*|\s*$cmd\s*)$/); return(1) if (/Line has invalid autocommand /); next if (/^\s+\^\s*$/); return(1) if (/(invalid (input|command) detected|type help or )/i); return(-1) if (/command authorization failed/i); + return(0) if ($found_inventory); # Only do this routine once # the pager can not be disabled per-session on the PIX if (/^(<-+ More -+>)/) { my($len) = length($1); From allonon at gmail.com Thu Jun 29 20:03:07 2017 From: allonon at gmail.com (allonon) Date: Thu, 29 Jun 2017 13:03:07 -0700 Subject: [rancid] ignoring files in flash Message-ID: Hi, Unfortunately my lack of programming skils requires me to ask this question. I updated our config to write an archived config copy to flash every night. That has the side affect of having rancid email me for the changes. I found the area in ios.pm to to drop files entirely, addded the following "|archived\-config*" to the line (without the double quotes) but it's not ignoring the daily files. Please help me ignore these files Thanks -------------- next part -------------- An HTML attachment was scrubbed... URL: From heas at shrubbery.net Fri Jun 30 19:08:54 2017 From: heas at shrubbery.net (heasley) Date: Fri, 30 Jun 2017 19:08:54 +0000 Subject: [rancid] Brocade - ignore secure-mac-address changes In-Reply-To: References: Message-ID: <20170630190854.GC43575@shrubbery.net> Tue, Jun 06, 2017 at 11:42:11AM -0400, Gerhard Mourani: > Hello, > > I'm using Rancid 3.2 on CentOS 6.8 and would like to ensure that any change in secure-mac-address in my Brocade config is hidden or removed. Here I guest is the corresponding line of code in foundry.pm to sort those lines. > > /secure-mac-address (\S+)/ && > ProcessHistory("SECMAC","keysort","$1","$_") && next; > > How to make the above to ignore secure-mac-address changes ? I'm not sure what to do about this particular config line. IIUC, this is configuration that could appear by manual intervention or automatically; which is a subject of annoyance for me, that ephemeral configuration like this would appear in the show running config. I understand how this could be annoying, but that some might wish to retain it, while others may wish to filter it. I'm inclined to add a knob similar to FILTER_OSC, but it seems like there are 4 classes of such things; beyond what FILTER_OSC filters, there are 2) this auto-configuration (VTP vlans), 3) auto-configuration that can also be manually configured (secure-mac), 4) informational stuff that changes frequently (flash space). It does not seem like one knob could/should address all of these. Comments/suggestions?