From jandrewartha at ccgs.wa.edu.au Fri Mar 1 10:29:23 2019 From: jandrewartha at ccgs.wa.edu.au (James Andrewartha) Date: Fri, 1 Mar 2019 18:29:23 +0800 Subject: [rancid] Extreme 200-series switches Message-ID: Hi, These switches are Broadcom FASTPATH based, like Ubiquiti EdgeMAX switches, however using the edgemax config doesn't quite work. One thing is you need to use quit instead of exit in clogin - it seems to be detected as an Extreme switch, but it's not really. If I change this code (line 841 of clogin r3943 from Debian stretch backports 3.9-1~bpo9+1) if { [string compare "extreme" "$platform"] } { send -h "exit\r" } else { send -h "quit\r" } to send -h "quit\r" then it quits ok, although it then doesn't detect end of run. I don't really understand the Extreme platform detection, particularly since ExtremeXOS uses xlogin anyway. Any thoughts on how to get this model to work? Thanks, -- James Andrewartha Network & Projects Engineer Christ Church Grammar School Claremont, Western Australia Ph. (08) 9442 1757 Mob. 0424 160 877 From heas at shrubbery.net Mon Mar 4 20:03:26 2019 From: heas at shrubbery.net (heasley) Date: Mon, 4 Mar 2019 20:03:26 +0000 Subject: [rancid] Filter/Change filesize thresholds IOS-XE/NXOS In-Reply-To: References: Message-ID: <20190304200326.GJ75516@shrubbery.net> Wed, Feb 27, 2019 at 08:24:12PM +0000, Kenneth Lind: > We have been long time members of this list and see similar issues mentioned but we would like to be able to fine tune some of the controls related to how diffs are generated in relation to file size changes such as the following: > > NXOS: > - !Flash: logflash: 7 GB total (89% free) > + !Flash: logflash: 7 GB total (90% free) > > IOSXE: > - !Flash: harddisk: 118084341760 bytes total (104 GB free) > + !Flash: harddisk: 118084341760 bytes total (103 GB free) > > > We are on RANCiD latest (v3.9) and everything is working great as always. I would simply like to reduce the chatter emails. We know we can remove the checks altogether but think there is a more elegant solution that would perhaps allow us to not care about the 1GB changes (as big logs sometimes churn on our IOS-XE devices). you can create your own device type that does not include the dir commands or one with your own filter function for the dir commands that removes the usage line. otherwise, i havent currently an easier way to filter. I am thinking that a user-specified post-filter might be useful for such things. I think that ought to be per-device type. Should there also be a pre-filter? Sexier would be a context aware filter that retained the changes but filtered the diffs. > Thank you Heasley and everyone that has made this such a great product! > > --Ken > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss From emille at abccommunications.com Mon Mar 4 20:20:10 2019 From: emille at abccommunications.com (Emille Blanc) Date: Mon, 4 Mar 2019 12:20:10 -0800 Subject: [rancid] Filter/Change filesize thresholds IOS-XE/NXOS In-Reply-To: <20190304200326.GJ75516@shrubbery.net> References: <20190304200326.GJ75516@shrubbery.net> Message-ID: <4FBAFC2ECF5D6244BA4A26C1C94A1E2715261C4F5C@exchange> > am thinking that a user-specified post-filter might be useful for such things. I think that ought to be per-device type. Indeed - We added a couple of device types to cover the nuisance diffs for situations such as this, as it was the easiest way to control when and when not to do things. A post-filter would simplify a lot of that, though - as I currently maintain close to a dozen diffs between updates for our niche cases. > Should there also be a pre-filter? Not sure about a pre-filter... I could see that having unanticipated results with output from stock rancid functions and cases. Unless pre-filtered lines include an identifier "this was pre-filtered. Don't touch it" check to avoid such calamities and or confusion. -----Original Message----- From: Rancid-discuss [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of heasley Sent: Monday, March 04, 2019 12:03 PM To: Kenneth Lind Cc: rancid-discuss at shrubbery.net Subject: Re: [rancid] Filter/Change filesize thresholds IOS-XE/NXOS Wed, Feb 27, 2019 at 08:24:12PM +0000, Kenneth Lind: > We have been long time members of this list and see similar issues mentioned but we would like to be able to fine tune some of the controls related to how diffs are generated in relation to file size changes such as the following: > > NXOS: > - !Flash: logflash: 7 GB total (89% free) > + !Flash: logflash: 7 GB total (90% free) > > IOSXE: > - !Flash: harddisk: 118084341760 bytes total (104 GB free) > + !Flash: harddisk: 118084341760 bytes total (103 GB free) > > > We are on RANCiD latest (v3.9) and everything is working great as always. I would simply like to reduce the chatter emails. We know we can remove the checks altogether but think there is a more elegant solution that would perhaps allow us to not care about the 1GB changes (as big logs sometimes churn on our IOS-XE devices). you can create your own device type that does not include the dir commands or one with your own filter function for the dir commands that removes the usage line. otherwise, i havent currently an easier way to filter. I am thinking that a user-specified post-filter might be useful for such things. I think that ought to be per-device type. Should there also be a pre-filter? Sexier would be a context aware filter that retained the changes but filtered the diffs. > Thank you Heasley and everyone that has made this such a great product! > > --Ken > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss _______________________________________________ Rancid-discuss mailing list Rancid-discuss at shrubbery.net http://www.shrubbery.net/mailman/listinfo/rancid-discuss From linuxthreads at gmail.com Fri Mar 8 11:43:53 2019 From: linuxthreads at gmail.com (Linux Threads) Date: Fri, 8 Mar 2019 13:43:53 +0200 Subject: [rancid] Fortigate VDOMs Message-ID: Hi Rancid Community, I am backing up Fortigate devices with the new Debian Rancid ver. 3.9.1, however 1 FGT Device has no VDOMs and 2 more does not have VDOMs router.db one has to specify fortigate or fortigate-full depending on your needs thus when configuring fortigate-full no VDOM config is pulled, however when running show full-configuration is run on the affected units running VDOMs one can see the VDOM config with IPSECs and all, help would be apprenticed greatly extract /etc/rancid/rancid.types.base # Fortinet Fortigate firewall # Normal or FULL configuration fortigate;script;rancid -t fortigate fortigate;login;fnlogin fortigate;timeout;90 fortigate;module;fortigate fortigate;inloop;fortigate::inloop fortigate;command;fortigate::GetSystem;get system status fortigate;command;fortigate::GetConf;show # fortigate-full;script;rancid -t fortigate fortigate-full;login;fnlogin fortigate-full;timeout;90 fortigate-full;module;fortigate fortigate-full;inloop;fortigate::inloop fortigate-full;command;fortigate::GetSystem;get system status fortigate-full;command;fortigate::GetConf;show full-configuration Regards Juan -------------- next part -------------- An HTML attachment was scrubbed... URL: From nick.nauwelaerts at aquafin.be Fri Mar 8 12:32:22 2019 From: nick.nauwelaerts at aquafin.be (Nick Nauwelaerts) Date: Fri, 8 Mar 2019 12:32:22 +0000 Subject: [rancid] Fortigate VDOMs In-Reply-To: References: Message-ID: <9d04c709272e4c7cbdd7295408a90a3c@aquafin.be> what version of fortios was this tested on, since on my 5.6.8 both fortigate & fortigate-full pull vdom configs. // nick From: Rancid-discuss [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Linux Threads Sent: Friday, March 8, 2019 12:44 To: rancid-discuss at shrubbery.net Subject: [rancid] Fortigate VDOMs Hi Rancid Community, I am backing up Fortigate devices with the new Debian Rancid ver. 3.9.1, however 1 FGT Device has no VDOMs and 2 more does not have VDOMs router.db one has to specify fortigate or fortigate-full depending on your needs thus when configuring fortigate-full no VDOM config is pulled, however when running show full-configuration is run on the affected units running VDOMs one can see the VDOM config with IPSECs and all, help would be apprenticed greatly extract /etc/rancid/rancid.types.base # Fortinet Fortigate firewall # Normal or FULL configuration fortigate;script;rancid -t fortigate fortigate;login;fnlogin fortigate;timeout;90 fortigate;module;fortigate fortigate;inloop;fortigate::inloop fortigate;command;fortigate::GetSystem;get system status fortigate;command;fortigate::GetConf;show # fortigate-full;script;rancid -t fortigate fortigate-full;login;fnlogin fortigate-full;timeout;90 fortigate-full;module;fortigate fortigate-full;inloop;fortigate::inloop fortigate-full;command;fortigate::GetSystem;get system status fortigate-full;command;fortigate::GetConf;show full-configuration Regards Juan ________________________________ Volg Aquafin op Facebook | Twitter | YouTube | LinkedIN | Instagram In het kader van de uitoefening van onze taken verzamelen we bij Aquafin persoonsgegevens. Hoe we omgaan met deze gegevens en wat de rechten van de betrokkenen zijn, kan je nalezen in onze privacy policy. P Denk aan het milieu. Druk deze mail niet onnodig af. -------------- next part -------------- An HTML attachment was scrubbed... URL: From linuxthreads at gmail.com Fri Mar 8 13:53:01 2019 From: linuxthreads at gmail.com (Linux Threads) Date: Fri, 8 Mar 2019 15:53:01 +0200 Subject: [rancid] Fortigate VDOMs In-Reply-To: <9d04c709272e4c7cbdd7295408a90a3c@aquafin.be> References: <9d04c709272e4c7cbdd7295408a90a3c@aquafin.be> Message-ID: Hi it is still on ver 5.2.7 however the Service provider managed, should that be the problem? Regards Juan On Fri, 8 Mar 2019 at 14:32, Nick Nauwelaerts wrote: > what version of fortios was this tested on, since on my 5.6.8 both > fortigate & fortigate-full pull vdom configs. > > > > // nick > > > > > > > > *From:* Rancid-discuss [mailto:rancid-discuss-bounces at shrubbery.net] *On > Behalf Of *Linux Threads > *Sent:* Friday, March 8, 2019 12:44 > *To:* rancid-discuss at shrubbery.net > *Subject:* [rancid] Fortigate VDOMs > > > > Hi Rancid Community, > > > > I am backing up Fortigate devices with the new Debian Rancid ver. 3.9.1, > however 1 FGT Device has no VDOMs and 2 more does not have VDOMs > > > > router.db one has to specify fortigate or fortigate-full depending on your > needs thus when configuring fortigate-full no VDOM config is pulled, > however when running show full-configuration is run on the affected units > running VDOMs one can see the VDOM config with IPSECs and all, > > > > help would be apprenticed greatly > > > > extract /etc/rancid/rancid.types.base > > # Fortinet Fortigate firewall > # Normal or FULL configuration > fortigate;script;rancid -t fortigate > fortigate;login;fnlogin > fortigate;timeout;90 > fortigate;module;fortigate > fortigate;inloop;fortigate::inloop > fortigate;command;fortigate::GetSystem;get system status > fortigate;command;fortigate::GetConf;show > # > fortigate-full;script;rancid -t fortigate > fortigate-full;login;fnlogin > fortigate-full;timeout;90 > fortigate-full;module;fortigate > fortigate-full;inloop;fortigate::inloop > fortigate-full;command;fortigate::GetSystem;get system status > fortigate-full;command;fortigate::GetConf;show full-configuration > > > > Regards > > > > Juan > > > > > > ------------------------------ > > *Volg Aquafin op Facebook | Twitter > | YouTube > | > LinkedIN | Instagram > * > > In het kader van de uitoefening van onze taken verzamelen we bij Aquafin > persoonsgegevens. Hoe we omgaan met deze gegevens en wat de rechten van de > betrokkenen zijn, kan je nalezen in onze privacy policy > . > > P Denk aan het milieu. Druk deze mail niet onnodig af. > -------------- next part -------------- An HTML attachment was scrubbed... URL: From nineoften at hotmail.com Fri Mar 8 16:17:32 2019 From: nineoften at hotmail.com (Ni Ne) Date: Fri, 8 Mar 2019 16:17:32 +0000 Subject: [rancid] Fortigate VDOMs In-Reply-To: References: , Message-ID: Check that the user account rancid is logging in as in .cloginrc has permissions to all VDOMs. You can test it yourself by logging to the firewall as that user and seeing what it sees. Using the "show full" mode should not be necessary to see all VDOMs. It just shows the default settings, still at their default values, that would normally be hidden. ________________________________ From: Rancid-discuss on behalf of Linux Threads Sent: Friday, March 8, 2019 5:43 AM To: rancid-discuss at shrubbery.net Subject: [rancid] Fortigate VDOMs Hi Rancid Community, I am backing up Fortigate devices with the new Debian Rancid ver. 3.9.1, however 1 FGT Device has no VDOMs and 2 more does not have VDOMs router.db one has to specify fortigate or fortigate-full depending on your needs thus when configuring fortigate-full no VDOM config is pulled, however when running show full-configuration is run on the affected units running VDOMs one can see the VDOM config with IPSECs and all, help would be apprenticed greatly extract /etc/rancid/rancid.types.base # Fortinet Fortigate firewall # Normal or FULL configuration fortigate;script;rancid -t fortigate fortigate;login;fnlogin fortigate;timeout;90 fortigate;module;fortigate fortigate;inloop;fortigate::inloop fortigate;command;fortigate::GetSystem;get system status fortigate;command;fortigate::GetConf;show # fortigate-full;script;rancid -t fortigate fortigate-full;login;fnlogin fortigate-full;timeout;90 fortigate-full;module;fortigate fortigate-full;inloop;fortigate::inloop fortigate-full;command;fortigate::GetSystem;get system status fortigate-full;command;fortigate::GetConf;show full-configuration Regards Juan -------------- next part -------------- An HTML attachment was scrubbed... URL: From fusionfoto at gmail.com Fri Mar 8 17:05:24 2019 From: fusionfoto at gmail.com (FF) Date: Fri, 8 Mar 2019 12:05:24 -0500 Subject: [rancid] Cisco NX "chatty" with Power info Message-ID: !Env: Power Actual Total !Env: Supply Model Input Capacity Status !Env: (Watts ) (Watts ) !Env: ------- ---------- --------------- ------ ---------- -------------------- - !Env: 1 N9K-PAC-1200W-B 180 W 1200 W Ok + !Env: 1 N9K-PAC-1200W-B 182 W 1200 W Ok !Env: 2 N9K-PAC-1200W-B 162 W 1200 W Ok !Env: Power Usage Summary: Every time Rancid runs, we get erroneous reports because the power usage fluctuates by 1-2 watts per run. Any suggestions on how to keep the good information (availability, etc) without getting this level of detail? thanks in advance! -- FF -------------- next part -------------- An HTML attachment was scrubbed... URL: From nineoften at hotmail.com Fri Mar 8 18:21:09 2019 From: nineoften at hotmail.com (Ni Ne) Date: Fri, 8 Mar 2019 18:21:09 +0000 Subject: [rancid] Cisco NX "chatty" with Power info In-Reply-To: References: Message-ID: The best way is to stop rancid from running the commands that generate non-config output. There is no easy way to have rancid grab that output, but not send out alert emails for it, or somehow ignore it for checking in purposes. The standard way to do this is to create new config blocks in rancid.types.conf for a given type and give it a unique name, and leave off all of the commands you don't need. Then reference that new type name in your router.db files. Check this previous thread, and the reply at the very bottom by heasly for a better description: https://lists.gt.net/rancid/users/8150 Mailing List Archive: How to ignore certain output? - GT.net Gossamer Mailing List Archive. I should add, that I did modify f5rancid a while back based on a suggestion from this list, but that doesn't seem to be working: lists.gt.net ________________________________ From: Rancid-discuss on behalf of FF Sent: Friday, March 8, 2019 11:05 AM To: rancid-discuss at shrubbery.net Subject: [rancid] Cisco NX "chatty" with Power info !Env: Power Actual Total !Env: Supply Model Input Capacity Status !Env: (Watts ) (Watts ) !Env: ------- ---------- --------------- ------ ---------- -------------------- - !Env: 1 N9K-PAC-1200W-B 180 W 1200 W Ok + !Env: 1 N9K-PAC-1200W-B 182 W 1200 W Ok !Env: 2 N9K-PAC-1200W-B 162 W 1200 W Ok !Env: Power Usage Summary: Every time Rancid runs, we get erroneous reports because the power usage fluctuates by 1-2 watts per run. Any suggestions on how to keep the good information (availability, etc) without getting this level of detail? thanks in advance! -- FF -------------- next part -------------- An HTML attachment was scrubbed... URL: From nick.nauwelaerts at aquafin.be Fri Mar 8 19:06:45 2019 From: nick.nauwelaerts at aquafin.be (Nick Nauwelaerts) Date: Fri, 8 Mar 2019 19:06:45 +0000 Subject: [rancid] [SPAM?] Cisco NX "chatty" with Power info In-Reply-To: References: Message-ID: <50cc4a0483d54568a4d3e2547471fece@aquafin.be> what version of rancid & nx-os are you running? i notice you only have 1 column less as me, you seem to miss "actual output". // nick From: Rancid-discuss [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of FF Sent: Friday, March 8, 2019 18:05 To: rancid-discuss at shrubbery.net Subject: [SPAM?] [rancid] Cisco NX "chatty" with Power info !Env: Power Actual Total !Env: Supply Model Input Capacity Status !Env: (Watts ) (Watts ) !Env: ------- ---------- --------------- ------ ---------- -------------------- - !Env: 1 N9K-PAC-1200W-B 180 W 1200 W Ok + !Env: 1 N9K-PAC-1200W-B 182 W 1200 W Ok !Env: 2 N9K-PAC-1200W-B 162 W 1200 W Ok !Env: Power Usage Summary: Every time Rancid runs, we get erroneous reports because the power usage fluctuates by 1-2 watts per run. Any suggestions on how to keep the good information (availability, etc) without getting this level of detail? thanks in advance! -- FF ________________________________ Volg Aquafin op Facebook | Twitter | YouTube | LinkedIN | Instagram In het kader van de uitoefening van onze taken verzamelen we bij Aquafin persoonsgegevens. Hoe we omgaan met deze gegevens en wat de rechten van de betrokkenen zijn, kan je nalezen in onze privacy policy. P Denk aan het milieu. Druk deze mail niet onnodig af. -------------- next part -------------- An HTML attachment was scrubbed... URL: From linuxthreads at gmail.com Sat Mar 9 06:25:57 2019 From: linuxthreads at gmail.com (Linux Threads) Date: Sat, 9 Mar 2019 08:25:57 +0200 Subject: [rancid] Fortigate VDOMs In-Reply-To: References: Message-ID: HI, Thank you for all your inputs seems like permissions on the FGT was the problem I am able to pull full-config now, Kind Regards Juan On Fri, 8 Mar 2019 at 18:17, Ni Ne wrote: > Check that the user account rancid is logging in as in .cloginrc has > permissions to all VDOMs. You can test it yourself by logging to the > firewall as that user and seeing what it sees. > > Using the "show full" mode should not be necessary to see all VDOMs. It > just shows the default settings, still at their default values, that would > normally be hidden. > > ------------------------------ > *From:* Rancid-discuss on behalf > of Linux Threads > *Sent:* Friday, March 8, 2019 5:43 AM > *To:* rancid-discuss at shrubbery.net > *Subject:* [rancid] Fortigate VDOMs > > Hi Rancid Community, > > I am backing up Fortigate devices with the new Debian Rancid ver. 3.9.1, > however 1 FGT Device has no VDOMs and 2 more does not have VDOMs > > router.db one has to specify fortigate or fortigate-full depending on your > needs thus when configuring fortigate-full no VDOM config is pulled, > however when running show full-configuration is run on the affected units > running VDOMs one can see the VDOM config with IPSECs and all, > > help would be apprenticed greatly > > extract /etc/rancid/rancid.types.base > # Fortinet Fortigate firewall > # Normal or FULL configuration > fortigate;script;rancid -t fortigate > fortigate;login;fnlogin > fortigate;timeout;90 > fortigate;module;fortigate > fortigate;inloop;fortigate::inloop > fortigate;command;fortigate::GetSystem;get system status > fortigate;command;fortigate::GetConf;show > # > fortigate-full;script;rancid -t fortigate > fortigate-full;login;fnlogin > fortigate-full;timeout;90 > fortigate-full;module;fortigate > fortigate-full;inloop;fortigate::inloop > fortigate-full;command;fortigate::GetSystem;get system status > fortigate-full;command;fortigate::GetConf;show full-configuration > > Regards > > Juan > > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss > -------------- next part -------------- An HTML attachment was scrubbed... URL: From adrianleroux at icloud.com Sat Mar 9 06:29:01 2019 From: adrianleroux at icloud.com (Adriaan Le Roux) Date: Sat, 9 Mar 2019 08:29:01 +0200 Subject: [rancid] Fortigate VDOMs In-Reply-To: References: Message-ID: <04EF2E03-DCB0-490C-9D50-261374A79FC2@icloud.com> Hi Everyone I have been a part of this rancid forum for years now and only doing my first post now. BTW very nice email list to be a a part of. I am busy inter grating rancid to backup Huawei devices. Please can anyone shed some light as to where the best scripts are for these devices OLT?s and switches. Your input would be greatly appreciated Best Regards Adrian le Roux Sent from my iPhone > On 09 Mar 2019, at 08:25, Linux Threads wrote: > > HI, > > Thank you for all your inputs seems like permissions on the FGT was the problem I am able to pull full-config now, > > Kind Regards > > Juan > >> On Fri, 8 Mar 2019 at 18:17, Ni Ne wrote: >> Check that the user account rancid is logging in as in .cloginrc has permissions to all VDOMs. You can test it yourself by logging to the firewall as that user and seeing what it sees. >> >> Using the "show full" mode should not be necessary to see all VDOMs. It just shows the default settings, still at their default values, that would normally be hidden. >> >> From: Rancid-discuss on behalf of Linux Threads >> Sent: Friday, March 8, 2019 5:43 AM >> To: rancid-discuss at shrubbery.net >> Subject: [rancid] Fortigate VDOMs >> >> Hi Rancid Community, >> >> I am backing up Fortigate devices with the new Debian Rancid ver. 3.9.1, however 1 FGT Device has no VDOMs and 2 more does not have VDOMs >> >> router.db one has to specify fortigate or fortigate-full depending on your needs thus when configuring fortigate-full no VDOM config is pulled, however when running show full-configuration is run on the affected units running VDOMs one can see the VDOM config with IPSECs and all, >> >> help would be apprenticed greatly >> >> extract /etc/rancid/rancid.types.base >> # Fortinet Fortigate firewall >> # Normal or FULL configuration >> fortigate;script;rancid -t fortigate >> fortigate;login;fnlogin >> fortigate;timeout;90 >> fortigate;module;fortigate >> fortigate;inloop;fortigate::inloop >> fortigate;command;fortigate::GetSystem;get system status >> fortigate;command;fortigate::GetConf;show >> # >> fortigate-full;script;rancid -t fortigate >> fortigate-full;login;fnlogin >> fortigate-full;timeout;90 >> fortigate-full;module;fortigate >> fortigate-full;inloop;fortigate::inloop >> fortigate-full;command;fortigate::GetSystem;get system status >> fortigate-full;command;fortigate::GetConf;show full-configuration >> >> Regards >> >> Juan >> >> >> _______________________________________________ >> Rancid-discuss mailing list >> Rancid-discuss at shrubbery.net >> http://www.shrubbery.net/mailman/listinfo/rancid-discuss > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss -------------- next part -------------- An HTML attachment was scrubbed... URL: From heas at shrubbery.net Mon Mar 11 20:31:17 2019 From: heas at shrubbery.net (heasley) Date: Mon, 11 Mar 2019 20:31:17 +0000 Subject: [rancid] Fortigate VDOMs In-Reply-To: <04EF2E03-DCB0-490C-9D50-261374A79FC2@icloud.com> References: <04EF2E03-DCB0-490C-9D50-261374A79FC2@icloud.com> Message-ID: <20190311203117.GF30597@shrubbery.net> Sat, Mar 09, 2019 at 08:29:01AM +0200, Adriaan Le Roux: > I am busy inter grating rancid to backup Huawei devices. > > Please can anyone shed some light as to where the best scripts are for these devices OLT?s and switches. There is support in rancid already for Hauwei VRP. afaict, when i was writing the module, VRP is the name of the O/S on the S5720. maybe your devices also runs VRP. From heas at shrubbery.net Mon Mar 11 20:47:33 2019 From: heas at shrubbery.net (heasley) Date: Mon, 11 Mar 2019 20:47:33 +0000 Subject: [rancid] [SPAM?] Cisco NX "chatty" with Power info In-Reply-To: <50cc4a0483d54568a4d3e2547471fece@aquafin.be> References: <50cc4a0483d54568a4d3e2547471fece@aquafin.be> Message-ID: <20190311204733.GI30597@shrubbery.net> Fri, Mar 08, 2019 at 07:06:45PM +0000, Nick Nauwelaerts: > what version of rancid & nx-os are you running? good question. if the answer is 3.9, please show us the complete output of show environment power > i notice you only have 1 column less as me, you seem to miss "actual output". > > > // nick > > > > > From: Rancid-discuss [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of FF > Sent: Friday, March 8, 2019 18:05 > To: rancid-discuss at shrubbery.net > Subject: [SPAM?] [rancid] Cisco NX "chatty" with Power info > > > !Env: Power Actual Total > > !Env: Supply Model Input Capacity Status > > !Env: (Watts ) (Watts ) > > !Env: ------- ---------- --------------- ------ ---------- -------------------- > > - !Env: 1 N9K-PAC-1200W-B 180 W 1200 W Ok > > + !Env: 1 N9K-PAC-1200W-B 182 W 1200 W Ok > > !Env: 2 N9K-PAC-1200W-B 162 W 1200 W Ok > > !Env: Power Usage Summary: > > Every time Rancid runs, we get erroneous reports because the power usage fluctuates by 1-2 watts per run. Any suggestions on how to keep the good information (availability, etc) without getting this level of detail? > > thanks in advance! > > > -- > FF > > ________________________________ > > Volg Aquafin op Facebook | Twitter | YouTube | LinkedIN | Instagram > > In het kader van de uitoefening van onze taken verzamelen we bij Aquafin persoonsgegevens. Hoe we omgaan met deze gegevens en wat de rechten van de betrokkenen zijn, kan je nalezen in onze privacy policy. > > P Denk aan het milieu. Druk deze mail niet onnodig af. > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss From fusionfoto at gmail.com Mon Mar 11 21:02:42 2019 From: fusionfoto at gmail.com (FF) Date: Mon, 11 Mar 2019 17:02:42 -0400 Subject: [rancid] [SPAM?] Cisco NX "chatty" with Power info In-Reply-To: <20190311204733.GI30597@shrubbery.net> References: <50cc4a0483d54568a4d3e2547471fece@aquafin.be> <20190311204733.GI30597@shrubbery.net> Message-ID: Apparently I'm running a massively old version (2.3.8). I'll try upgrading to 3.9 first. thanks in advance On Mon, Mar 11, 2019 at 4:47 PM heasley wrote: > Fri, Mar 08, 2019 at 07:06:45PM +0000, Nick Nauwelaerts: > > what version of rancid & nx-os are you running? > > good question. > > if the answer is 3.9, please show us the complete output of show > environment power > > > i notice you only have 1 column less as me, you seem to miss "actual > output". > > > > > > // nick > > > > > > > > > > From: Rancid-discuss [mailto:rancid-discuss-bounces at shrubbery.net] On > Behalf Of FF > > Sent: Friday, March 8, 2019 18:05 > > To: rancid-discuss at shrubbery.net > > Subject: [SPAM?] [rancid] Cisco NX "chatty" with Power info > > > > > > !Env: Power Actual Total > > > > !Env: Supply Model Input Capacity > Status > > > > !Env: (Watts ) (Watts ) > > > > !Env: ------- ---------- --------------- ------ ---------- > -------------------- > > > > - !Env: 1 N9K-PAC-1200W-B 180 W 1200 W > Ok > > > > + !Env: 1 N9K-PAC-1200W-B 182 W 1200 W > Ok > > > > !Env: 2 N9K-PAC-1200W-B 162 W 1200 W > Ok > > > > !Env: Power Usage Summary: > > > > Every time Rancid runs, we get erroneous reports because the power usage > fluctuates by 1-2 watts per run. Any suggestions on how to keep the good > information (availability, etc) without getting this level of detail? > > > > thanks in advance! > > > > > > -- > > FF > > > > ________________________________ > > > > Volg Aquafin op Facebook | Twitter< > https://twitter.com/aquafinnv> | YouTube< > http://www.youtube.com/channel/UCk_4P5BJ-MtEEDCkCsR_KqQ?feature=mhee> | > LinkedIN | Instagram< > https://www.instagram.com/aquafin_nv/> > > > > In het kader van de uitoefening van onze taken verzamelen we bij Aquafin > persoonsgegevens. Hoe we omgaan met deze gegevens en wat de rechten van de > betrokkenen zijn, kan je nalezen in onze privacy policy< > https://www.aquafin.be/nl-be/privacy-policy>. > > > > P Denk aan het milieu. Druk deze mail niet onnodig af. > > > _______________________________________________ > > Rancid-discuss mailing list > > Rancid-discuss at shrubbery.net > > http://www.shrubbery.net/mailman/listinfo/rancid-discuss > > -- FF -------------- next part -------------- An HTML attachment was scrubbed... URL: From heas at shrubbery.net Tue Mar 12 20:42:02 2019 From: heas at shrubbery.net (heasley) Date: Tue, 12 Mar 2019 20:42:02 +0000 Subject: [rancid] Extreme 200-series switches In-Reply-To: References: Message-ID: <20190312204202.GD30988@shrubbery.net> Fri, Mar 01, 2019 at 06:29:23PM +0800, James Andrewartha: > Hi, > > These switches are Broadcom FASTPATH based, like Ubiquiti EdgeMAX > switches, however using the edgemax config doesn't quite work. One thing > is you need to use quit instead of exit in clogin - it seems to be > detected as an Extreme switch, but it's not really. If I change this > code (line 841 of clogin r3943 from Debian stretch backports 3.9-1~bpo9+1) > > if { [string compare "extreme" "$platform"] } { > send -h "exit\r" > } else { > send -h "quit\r" > } > > to send -h "quit\r" then it quits ok, although it then doesn't detect > end of run. I don't really understand the Extreme platform detection, > particularly since ExtremeXOS uses xlogin anyway. Any thoughts on how to > get this model to work? I can't seem to find an example of the config, just commands. it does not seem to be like an edgemax, but i could be wrong. Perhaps show us the equivalent of show config and a login/logout sequence. it seem to have netconf support too. From jandrewartha at ccgs.wa.edu.au Fri Mar 15 06:01:43 2019 From: jandrewartha at ccgs.wa.edu.au (James Andrewartha) Date: Fri, 15 Mar 2019 14:01:43 +0800 Subject: [rancid] Extreme 200-series switches In-Reply-To: <20190312204202.GD30988@shrubbery.net> References: <20190312204202.GD30988@shrubbery.net> Message-ID: On 13/03/19 04:42, heasley wrote: > Fri, Mar 01, 2019 at 06:29:23PM +0800, James Andrewartha: >> These switches are Broadcom FASTPATH based, like Ubiquiti EdgeMAX >> switches, however using the edgemax config doesn't quite work. One thing >> is you need to use quit instead of exit in clogin - it seems to be >> detected as an Extreme switch, but it's not really. If I change this >> code (line 841 of clogin r3943 from Debian stretch backports 3.9-1~bpo9+1) >> >> if { [string compare "extreme" "$platform"] } { >> send -h "exit\r" >> } else { >> send -h "quit\r" >> } >> >> to send -h "quit\r" then it quits ok, although it then doesn't detect >> end of run. I don't really understand the Extreme platform detection, >> particularly since ExtremeXOS uses xlogin anyway. Any thoughts on how to >> get this model to work? > > I can't seem to find an example of the config, just commands. it does > not seem to be like an edgemax, but i could be wrong. Perhaps show us > the equivalent of show config and a login/logout sequence. it seem to > have netconf support too. Here you go (with a bit of line-wrapping unfortunately). As mentioned, you have to use quit to disconnect. exit will leave enable but won't disconnect. aludra:~# ssh admin at 10.40.21.117 admin at 10.40.21.117's password: (dinnovation7) >en (dinnovation7) # (dinnovation7) #show version Switch: 1 System Description............................. Extreme 210-Series 12GE PoE+, 2 1GbE SFP ports, 1 Fixed AC PSU, L2 Switching, 1.2.3.5, Linux 3.6.5, U-Boot 2012.10-00003-g56c397c (Mar 28 2017 - 15:11:08) Machine Type................................... Extreme 210-Series 12GE PoE+, 2 1GbE SFP ports, 1 Fixed AC PSU, L2 Switching Machine Model.................................. 210-12p-GE2 Serial Number.................................. 1834N-41130 Part Number.................................... 800852-00-07 Maintenance Level.............................. 3 Manufacturer................................... 0xbc00 Burned In MAC Address.......................... 00:04:96:B0:43:20 Software Version............................... 1.2.3.5 Operating System............................... Linux 3.6.5 Network Processing Device...................... BCM53344_A0 Additional Packages............................ FASTPATH QOS FASTPATH IPv6 Management FASTPATH Routing FASTPATH OpEN API show hardware is the same as show version. (dinnovation7) #show bootvar Image Descriptions active : backup : Images currently available on Flash ---- ------------ ------------ ----------------- ----------------- unit active backup current-active next-active ---- ------------ ------------ ----------------- ----------------- 1 1.2.3.5 1.2.3.5 1.2.3.5 1.2.3.5 (dinnovation7) #show environment Temp (C)....................................... 27 Temperature traps range: 0 to 45 degrees (Celsius) Temperature Sensors: Unit Sensor Description Temp (C) State Max_Temp (C) ---- ------ ---------------- ---------- -------------- -------------- 1 1 LM75 27 Normal 29 Fans: Unit Fan Description Type Speed Duty level State ---- --- -------------- --------- ------------- ------------- -------------- 1 1 Fan-1 Fixed Not Supported Not Supported Operational Power Modules: Unit Power supply Description Type State ---- ------------ ---------------- ---------- -------------- 1 1 PS-1 Fixed Operational Disk usage information: Unit Total space (KB) Free space (KB) Used space (KB) Utilization (%) ---- ---------------- --------------- --------------- --------------- 1 27,584 25,804 1,780 6 (dinnovation7) #show running-config !Current Configuration: ! !System Description "Extreme 210-Series 12GE PoE+, 2 1GbE SFP ports, 1 Fixed AC PSU, L2 Switching, 1.2.3.5, Linux 3.6.5, U-Boot 2012.10-00003-g56c397c (Mar 28 2017 - 15:11:08)" !System Software Version "1.2.3.5" !System Up Time "1 days 8 hrs 59 mins 14 secs" !Additional Packages FASTPATH QOS,FASTPATH IPv6 Management,FASTPATH Routing !Current SNTP Synchronized Time: Mar 15 05:50:00 2019 UTC ! hostname "dinnovation7" network protocol none network parms 10.40.21.117 255.255.0.0 10.40.0.1 vlan database vlan 20,45 vlan name 20 "Staff" vlan name 45 "NVX" set igmp 1 set igmp fast-leave 1 exit ip ssh server enable no ip telnet server enable configure sntp client mode unicast sntp server "time.contoso.com" clock timezone 8 minutes 0 zone "AWST" ip domain name "contoso.com" ip name server 10.43.0.3 10.43.0.4 logging email logging email from-addr dinnovation7 at contoso.com logging email message-type urgent to-addr example at contoso.com mail-server "mail.contoso.com" security none username admin password admin exit username "admin" password hashgoeshere level 15 encrypted line console exit line telnet exit line ssh exit snmp-server sysname "dinnovation7" snmp-server location "Contoso/D/D232" snmp-server contact "James Andrewartha " ! snmp-server user "snmpuser" DefaultRead auth-md5-key hashgoeshere priv-des-key hashgoeshere set igmp set igmp querier interface 0/1 set igmp set igmp fast-leave switchport mode trunk lldp transmit-tlv port-desc lldp transmit-tlv sys-name lldp transmit-tlv sys-desc lldp transmit-tlv sys-cap lldp transmit-mgmt exit interface 0/2 set igmp set igmp fast-leave exit interface 0/3 set igmp set igmp fast-leave switchport mode access switchport access vlan 45 switchport trunk native vlan 45 no poe exit interface 0/4 set igmp set igmp fast-leave exit interface 0/5 set igmp set igmp fast-leave switchport mode access switchport access vlan 45 switchport trunk native vlan 45 no poe exit interface 0/6 set igmp set igmp fast-leave exit interface 0/7 set igmp set igmp fast-leave exit interface 0/8 set igmp set igmp fast-leave exit interface 0/9 set igmp set igmp fast-leave switchport mode access switchport access vlan 20 switchport trunk native vlan 20 exit interface 0/10 set igmp set igmp fast-leave exit interface 0/11 set igmp set igmp fast-leave exit interface 0/12 set igmp set igmp fast-leave exit interface 0/13 set igmp set igmp fast-leave exit interface 0/14 set igmp set igmp fast-leave exit exit (dinnovation7) #exit (dinnovation7) >exit ^ % Invalid input detected at '^' marker. (dinnovation7) >quitConnection to 10.40.21.117 closed. -- James Andrewartha Network & Projects Engineer Christ Church Grammar School Claremont, Western Australia Ph. (08) 9442 1757 Mob. 0424 160 877 From nmaxpierson at gmail.com Wed Mar 20 13:37:16 2019 From: nmaxpierson at gmail.com (N. Max Pierson) Date: Wed, 20 Mar 2019 08:37:16 -0500 Subject: [rancid] issues with mail and aliases Message-ID: Hi List, I have a new install on Centos 7 (supplied rpm rancid 3.2) and I am having issues with the regular emails that go out when rancid is run. I have installed sendmail and couldn't get it to work nor is postfix working. When I tail the maillog it shows the messages going to rancid-@ mydomain.com and it seems as though the aliases that I have entered isn't being resolved. I'm ignorant when it comes to email so can anyone point me in the right direction that has seen this before? Regards, Max -------------- next part -------------- An HTML attachment was scrubbed... URL: From heas at shrubbery.net Wed Mar 20 13:48:07 2019 From: heas at shrubbery.net (heasley) Date: Wed, 20 Mar 2019 13:48:07 +0000 Subject: [rancid] issues with mail and aliases In-Reply-To: References: Message-ID: <20190320134807.GE19585@shrubbery.net> Wed, Mar 20, 2019 at 08:37:16AM -0500, N. Max Pierson: > Hi List, > > I have a new install on Centos 7 (supplied rpm rancid 3.2) and I am having > issues with the regular emails that go out when rancid is run. I have > installed sendmail and couldn't get it to work nor is postfix working. When > I tail the maillog it shows the messages going to rancid-@ > mydomain.com and it seems as though the aliases that I have entered isn't > being resolved. I'm ignorant when it comes to email so can anyone point me > in the right direction that has seen this before? newaliases(8). use postfix. From cra at wpi.edu Wed Mar 20 13:56:06 2019 From: cra at wpi.edu (Anderson, Charles R) Date: Wed, 20 Mar 2019 13:56:06 +0000 Subject: [rancid] issues with mail and aliases In-Reply-To: Message-ID: <20190320135603.ftn4ipitdjfz4mak@angus.ind.wpi.edu> After editing /etc/aliases, you must run "newaliases". I maintain the Centos 7 EPEL package for rancid. It is updated to 3.9--you should get the update in the next update batch (whenever that happens I'm not sure), or you can get it now from epel-testing. On Wed, Mar 20, 2019 at 08:37:16AM -0500, N. Max Pierson wrote: > Hi List, > > I have a new install on Centos 7 (supplied rpm rancid 3.2) and I am having > issues with the regular emails that go out when rancid is run. I have > installed sendmail and couldn't get it to work nor is postfix working. When > I tail the maillog it shows the messages going to rancid-@ > mydomain.com and it seems as though the aliases that I have entered isn't > being resolved. I'm ignorant when it comes to email so can anyone point me > in the right direction that has seen this before? > > Regards, > Max From nmaxpierson at gmail.com Wed Mar 20 13:58:36 2019 From: nmaxpierson at gmail.com (N. Max Pierson) Date: Wed, 20 Mar 2019 08:58:36 -0500 Subject: [rancid] issues with mail and aliases In-Reply-To: <20190320135603.ftn4ipitdjfz4mak@angus.ind.wpi.edu> References: <20190320135603.ftn4ipitdjfz4mak@angus.ind.wpi.edu> Message-ID: Thanks for the replies. On all occasions, I have edited the /etc/aliases file and ran the newaliases command without any success. Regards, Max On Wed, Mar 20, 2019 at 8:56 AM Anderson, Charles R wrote: > After editing /etc/aliases, you must run "newaliases". > > I maintain the Centos 7 EPEL package for rancid. It is updated to > 3.9--you should get the update in the next update batch (whenever that > happens I'm not sure), or you can get it now from epel-testing. > > On Wed, Mar 20, 2019 at 08:37:16AM -0500, N. Max Pierson wrote: > > Hi List, > > > > I have a new install on Centos 7 (supplied rpm rancid 3.2) and I am > having > > issues with the regular emails that go out when rancid is run. I have > > installed sendmail and couldn't get it to work nor is postfix working. > When > > I tail the maillog it shows the messages going to rancid-@ > > mydomain.com and it seems as though the aliases that I have entered > isn't > > being resolved. I'm ignorant when it comes to email so can anyone point > me > > in the right direction that has seen this before? > > > > Regards, > > Max > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss > -------------- next part -------------- An HTML attachment was scrubbed... URL: From djones at ena.com Wed Mar 20 14:00:11 2019 From: djones at ena.com (David Jones) Date: Wed, 20 Mar 2019 14:00:11 +0000 Subject: [rancid] issues with mail and aliases In-Reply-To: <20190320134807.GE19585@shrubbery.net> References: , <20190320134807.GE19585@shrubbery.net> Message-ID: Here's the best way I have found to handle this since I have an automated process that adds and removes Rancid groups in the rancid.conf file. /etc/postfix/main.cf smtp_generic_maps = hash:/usr/local/rancid/etc/generic Then setup a script to generate the generic file: LIST_OF_GROUPS=`/bin/grep "^LIST_OF_GROUPS=" /usr/local/rancid/etc/rancid.conf | /bin/cut -f2 -d\"` cp /dev/null generic for GROUP in $LIST_OF_GROUPS; do /bin/echo -e "rancid-$GROUP at mydomain.com\t\tmailbox at mydomain.com" >> generic /bin/echo -e "rancid-admin-$GROUP at mydomain.com\tmailbox at mydomain.com" >> generic done postmap generic Hope this helps, Dave Jones ________________________________ From: Rancid-discuss on behalf of heasley Sent: Wednesday, March 20, 2019 8:48 AM To: N. Max Pierson Cc: rancid-discuss at shrubbery.net Subject: Re: [rancid] issues with mail and aliases Wed, Mar 20, 2019 at 08:37:16AM -0500, N. Max Pierson: > Hi List, > > I have a new install on Centos 7 (supplied rpm rancid 3.2) and I am having > issues with the regular emails that go out when rancid is run. I have > installed sendmail and couldn't get it to work nor is postfix working. When > I tail the maillog it shows the messages going to rancid-@ > mydomain.com and it seems as though the aliases that I have entered isn't > being resolved. I'm ignorant when it comes to email so can anyone point me > in the right direction that has seen this before? newaliases(8). use postfix. _______________________________________________ Rancid-discuss mailing list Rancid-discuss at shrubbery.net http://www.shrubbery.net/mailman/listinfo/rancid-discuss -------------- next part -------------- An HTML attachment was scrubbed... URL: From heas at shrubbery.net Wed Mar 20 14:01:15 2019 From: heas at shrubbery.net (heasley) Date: Wed, 20 Mar 2019 14:01:15 +0000 Subject: [rancid] issues with mail and aliases In-Reply-To: References: <20190320135603.ftn4ipitdjfz4mak@angus.ind.wpi.edu> Message-ID: <20190320140115.GF19585@shrubbery.net> Wed, Mar 20, 2019 at 08:58:36AM -0500, N. Max Pierson: > Thanks for the replies. On all occasions, I have edited the /etc/aliases > file and ran the newaliases command without any success. - test mail to the alias manually - make sure that you have the correct aliases file - ask the postfix support mail list/forum From heas at shrubbery.net Sun Mar 24 16:09:44 2019 From: heas at shrubbery.net (heasley) Date: Sun, 24 Mar 2019 16:09:44 +0000 Subject: [rancid] [PATCH] Nortel/Avaya BayStack/ERS support In-Reply-To: <20190221185305.stwkzag5zzeizhyc@angus.ind.wpi.edu> References: <20190221185305.stwkzag5zzeizhyc@angus.ind.wpi.edu> Message-ID: <20190324160944.GA33399@shrubbery.net> Thu, Feb 21, 2019 at 06:53:07PM +0000, Anderson, Charles R: > The attached files add support for Bay Networks/Nortel/Avaya BayStack/BPS/ERS switches. I based these changes on ones we've been running in production for over a decade and I've tested this extensively on models BPS 2000, 470, and ERS 25xx/45xx/55xx/56xx. > > Initially I copied clogin to bslogin, but I've attached a diff from the original clogin because I believe it should be safe to apply to the original and eliminate the need for a separate login script. I rearranged a few conditionals related to Extreme support to make the logic easier for the BayStack and other future differences. > > It was a PITA to get past the BayStack login banner, but I finally found a workable solution that should hopefully not interfere with other device types and should support BayStacks that have the stock banner, a custom banner, or the banner turned off. The only potential concern for impact to non-BayStack devices is the matching on "##+" used to skip past the banner to avoid it being interpreted as a "#" prompt character. I'm now running this in production as my "clogin" and so far there have been no impacts to Aruba devices, the only other devices I have that use clogin. Has, or can, anyone test this module to verify that it works well? I have none of these devices to test. > rancid.types.conf entry: > > # Nortel BayStack > baystack;script;rancid -t baystack > baystack;login;clogin > baystack;module;baystack > baystack;inloop;baystack::inloop > baystack;command;baystack::ShowSysInfo;show sys-info > baystack;command;baystack::ShowSysInfo;show stack-info > baystack;command;baystack::ShowSysInfo;show system verbose > baystack;command;baystack::ShowSysInfo;show interfaces gbic-info > baystack;command;baystack::ShowConfig;show running-config > --- /usr/libexec/rancid/clogin 2019-02-06 02:03:27.000000000 -0500 > +++ /usr/local/libexec/rancid/bslogin 2019-02-20 15:40:04.747945375 -0500 > @@ -1,7 +1,5 @@ > #! /usr/bin/expect -- > ## > -## $Id: clogin.in 3943 2019-01-18 16:18:34Z heas $ > -## > ## rancid 3.9 > ## Copyright (c) 1997-2018 by Henry Kilmer and John Heasley > ## All rights reserved. > @@ -46,7 +44,8 @@ > # The original looking glass software was written by Ed Kern, provided by > # permission and modified beyond recognition. > # > -# clogin - Cisco login > +# bslogin - Bay Networks/Nortel/Avaya BayStack/BPS/ERS login script > +# Supports models BPS 2000, 470, ERS 25xx/45xx/55xx/56xx. > # > # Most options are intuitive for logging into a Cisco router. > # The default is to enable (thus -noenable). Some folks have > @@ -646,6 +645,23 @@ > -re "Press the key \[^\r\n]+\[\r\n]+" { > exp_continue > } > + -re "##+" { > + # BayStacks have a default banner that spells out NORTEL or AVAYA in huge > + # letters made from ## that look like prompt characters, so we need to skip > + # over them. > + exp_continue > + } > + -re "Enter Ctrl-Y to begin" { > + # After the default or custom banner, BayStacks prompt for Ctrl-Y and > + # then display a static banner with model and version info surrounded > + # by an asterisk border. Discard the top and bottom of the border and > + # send a Ctrl-Y and remember that this is a baystack for logout procedure. > + set platform "baystack" > + expect -ex "***************************************************************" {} > + expect -ex "***************************************************************" {} > + send "\031" > + exp_continue > + } > -re "@\[^\r\n]+ $p_prompt" { > # ssh pwd prompt > sleep 1 > @@ -803,10 +819,16 @@ > return 0 > } > > - if { [string compare "extreme" "$platform"] } { > - send -h "exit\r" > - } else { > + if { ![string compare "extreme" "$platform"] } { > send -h "quit\r" > + } elseif { ![string compare "baystack" "$platform"] } { > + # BayStacks use logout to completely exit, but they > + # can also exit back to a menu interface, so send L > + # to logout from the menu too just in case. > + send -- "logout\r" > + send -- "L" > + } else { > + send -h "exit\r" > } > expect { > -re "^\[^\n\r *]*$reprompt" { > @@ -1058,7 +1080,15 @@ > } > } > if { $do_command || $do_script } { > - if { [string compare "extreme" "$platform"] } { > + if { ![string compare "extreme" "$platform"] } { > + send "disable clipaging\r" > + expect -re $prompt {} > + } elseif { ![string compare "baystack" "$platform"] } { > + send -- "terminal length 0\r" > + expect -re $prompt {} > + send -- "terminal width 131\r" > + expect -re $prompt {} > + } else { > # If the prompt is (enable), then we are on a cataylyst switch and > # the command is "set length 0"; otherwise its "terminal length 0". > if [regexp -- ".*> .*enable" "$prompt"] { > @@ -1073,9 +1103,6 @@ > send "terminal width 132\r" > } > expect -re $prompt {} > - } else { > - send "disable clipaging\r" > - expect -re $prompt {} > } > } > if { $do_command } { > package baystack; > ## > ## rancid 3.9 > ## Copyright (c) 1997-2018 by Henry Kilmer and John Heasley > ## All rights reserved. > ## > ## This code is derived from software contributed to and maintained by > ## Henry Kilmer, John Heasley, Andrew Partan, > ## Pete Whiting, Austin Schutz, and Andrew Fort. > ## > ## Redistribution and use in source and binary forms, with or without > ## modification, are permitted provided that the following conditions > ## are met: > ## 1. Redistributions of source code must retain the above copyright > ## notice, this list of conditions and the following disclaimer. > ## 2. Redistributions in binary form must reproduce the above copyright > ## notice, this list of conditions and the following disclaimer in the > ## documentation and/or other materials provided with the distribution. > ## 3. Neither the name of RANCID nor the names of its > ## contributors may be used to endorse or promote products derived from > ## this software without specific prior written permission. > ## > ## THIS SOFTWARE IS PROVIDED BY Henry Kilmer, John Heasley AND CONTRIBUTORS > ## ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED > ## TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR > ## PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COMPANY OR CONTRIBUTORS > ## BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR > ## CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF > ## SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS > ## INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN > ## CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) > ## ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE > ## POSSIBILITY OF SUCH DAMAGE. > ## > ## It is the request of the authors, but not a condition of license, that > ## parties packaging or redistributing RANCID NOT distribute altered versions > ## of the etc/rancid.types.base file nor alter how this file is processed nor > ## when in relation to etc/rancid.types.conf. The goal of this is to help > ## suppress our support costs. If it becomes a problem, this could become a > ## condition of license. > # > # The expect login scripts were based on Erik Sherk's gwtn, by permission. > # > # The original looking glass software was written by Ed Kern, provided by > # permission and modified beyond recognition. > # > # RANCID - Really Awesome New Cisco confIg Differ > # > # baystack.pm - Bay Networks/Nortel/Avaya BayStack rancid procedures > # > > use 5.010; > use strict 'vars'; > use warnings; > require(Exporter); > our @ISA = qw(Exporter); > $Exporter::Verbose=1; > > use rancid 3.9; > > @ISA = qw(Exporter rancid main); > #our @EXPORT = qw($VERSION) > > # load-time initialization > sub import { > 0; > } > > # post-open(collection file) initialization > sub init { > # add content lines and separators > ProcessHistory("","","","!RANCID-CONTENT-TYPE: $devtype\n!\n"); > > 0; > } > > # main loop of input of device output > sub inloop { > my($INPUT, $OUTPUT) = @_; > my($cmd, $rval); > > TOP: > while(<$INPUT>) { > tr/\015//d; > if ( (/(>|#)\s?logout/) || $found_end ) { > print STDERR "Found logout statement, ending\n" if ($debug); > delete($commands{'logout'}); > $clean_run=1; > last; > } > if (/^Error:/) { > print STDOUT ("$host bslogin error: $_"); > print STDERR ("$host bslogin error: $_") if ($debug); > $clean_run=0; > last; > } > while (/(^.*[>|#])\s*($cmds_regexp)\s*$/) { > $cmd = $2; > print STDERR "Doing $cmd\n"; > if (!defined($prompt)) { > $prompt = $1; > print STDERR ("PROMPT MATCH: $prompt\n") if ($debug); > } > print STDERR ("HIT COMMAND:$_") if ($debug); > if (! defined($commands{$cmd})) { > print STDERR "$host: found unexpected command - \"$cmd\"\n"; > $clean_run = 0; > last TOP; > } > if (! defined(&{$commands{$cmd}})) { > printf(STDERR "$host: undefined function - \"%s\"\n", > $commands{$cmd}); > $clean_run = 0; > last TOP; > } > print STDERR "Calling \"$cmd\"\n" if ($debug); > $rval = &{$commands{$cmd}}($INPUT, $OUTPUT, $cmd); > delete($commands{$cmd}); > if ($rval == -1) { > $clean_run = 0; > last TOP; > } > } > } > } > > # This routine parses "show running-config" > sub ShowConfig { > my($INPUT, $OUTPUT, $cmd) = @_; > my($lines) = 0; > print STDERR " In ShowConfig: $_" if ($debug); > > ProcessHistory("","","","! $_"); > > # baystacks refuse to turn off linewrapping, so we have to > # carefully reconstruct the unwrapped line > my $line = ''; > my $bit; > while ($bit = <$INPUT>) { > $bit =~ tr/\015//d; > if (length($bit) >= 132) { > # tack onto previous > chomp($line); > $line .= $bit; > } else { > if ($line) { > chomp($line); > $line .= $bit; > } else { > $line = $bit; > } > $line =~ tr/\015//d; > > if ($line =~ /^\s*\^\s*$/) { > $line = ''; > next; > } > return(1) if $line =~ /invalid command name/; > return(1) if $line =~ /Invalid input detected at/; > > if ($line =~ /^$prompt/) { > print STDERR "Found prompt, finishing ShowConfig\n" if ($debug); > $found_end++; > last; > } > > $lines++; > > if ($line =~ /^! clock set /) { > ProcessHistory("","","","! clock set \n"); > $line = ''; > next; > } > > if ($filter_pwds >= 1) { > if ($line =~ /(cli password .* read-.*\b )/) { > ProcessHistory("","","","! $1\n"); > $line = ''; > next; > } elsif ($line =~ /(radius-server (key|password) )/) { > ProcessHistory("","","","! $1\n"); > $line = ''; > next; > } > } > > if ($filter_commstr) { > if ($line =~ /(snmp-server community ).*( r[o|w])/) { > ProcessHistory("","","","! $1$2\n"); > $line = ''; > next; > } > } > > ProcessHistory("","","","$line"); > $line = ''; > } > } > > $_ = $line; > > if ($lines < 3) { > printf(STDERR "ERROR: $host configuration appears truncated.\n"); > $found_end = 0; > return(-1); > } > > return(0); > } > > # This routine parses "show sys-info" and "show stack-info" > sub ShowSysInfo { > my($INPUT, $OUTPUT, $cmd) = @_; > print STDERR " In ShowSysInfo: $_" if $debug; > print STDERR " prompt is \"$prompt\"\n" if $debug; > > while(<$INPUT>){ > tr/\015//d; > > next if /^\s*\^\s*$/; > return(1) if /invalid command name/; > return(1) if /Invalid input detected at/; > > next if /Reset Count:/; > next if /Last Reset Type:/; > next if /sysUpTime:/; > next if /sysNtpTime/; > next if /sysRtcTime/; > > > if(/^$prompt/){ > print STDERR "Found prompt, finishing ShowSysInfo\n" if $debug; > ProcessHistory("SYSINFO","","","! \n"); > return(0); > } > ProcessHistory("SYSINFO","","","!SYSINFO: $_"); > } > > ProcessHistory("SYSINFO","","","! \n"); > return(0); > } > > 1; From heas at shrubbery.net Sun Mar 24 16:38:03 2019 From: heas at shrubbery.net (heasley) Date: Sun, 24 Mar 2019 16:38:03 +0000 Subject: [rancid] Extreme 200-series switches In-Reply-To: <20190324163658.63301D3DDD@sea.shrubbery.net> Message-ID: <20190324163803.GC33399@shrubbery.net> Fri, Mar 15, 2019 at 02:01:43PM +0800, James Andrewartha: > On 13/03/19 04:42, heasley wrote: > > Fri, Mar 01, 2019 at 06:29:23PM +0800, James Andrewartha: > >> These switches are Broadcom FASTPATH based, like Ubiquiti EdgeMAX > >> switches, however using the edgemax config doesn't quite work. One thing > >> is you need to use quit instead of exit in clogin - it seems to be > >> detected as an Extreme switch, but it's not really. If I change this > >> code (line 841 of clogin r3943 from Debian stretch backports 3.9-1~bpo9+1) > >> > >> if { [string compare "extreme" "$platform"] } { > >> send -h "exit\r" > >> } else { > >> send -h "quit\r" > >> } > >> > >> to send -h "quit\r" then it quits ok, although it then doesn't detect > >> end of run. I don't really understand the Extreme platform detection, > >> particularly since ExtremeXOS uses xlogin anyway. Any thoughts on how to > >> get this model to work? > > > > I can't seem to find an example of the config, just commands. it does > > not seem to be like an edgemax, but i could be wrong. Perhaps show us > > the equivalent of show config and a login/logout sequence. it seem to > > have netconf support too. > > Here you go (with a bit of line-wrapping unfortunately). As mentioned, > you have to use quit to disconnect. exit will leave enable but won't > disconnect. > > aludra:~# ssh admin at 10.40.21.117 > admin at 10.40.21.117's password: ... Perhaps this Index: bin/clogin.in =================================================================== --- bin/clogin.in (revision 3966) +++ bin/clogin.in (working copy) @@ -452,6 +452,12 @@ send -h "quit\r" exp_continue; } + -re "^\% Invalid input detected at " { + # Broadcom Fastpath based + # Extreme 200 series + send -h "quit\r" + exp_continue; + } "The system has unsaved changes" { # Force10 SFTOS if {$do_saveconfig} { catch {send "y\r"} From heas at shrubbery.net Sun Mar 24 17:04:30 2019 From: heas at shrubbery.net (heasley) Date: Sun, 24 Mar 2019 17:04:30 +0000 Subject: [rancid] netscreen login script (nlogin) Message-ID: <20190324170430.GE85813@shrubbery.net> A user is having trouble collecting a netscreen box from a centos7 host. We've discovered that the following change fixes the problem, but the cause is unclear. So, I'm reluctant to commit this with knowing that it does not break collection for some sample of users. Could other netscreen owners try this patchi, please? Index: bin/nlogin.in =================================================================== --- bin/nlogin.in (revision 3966) +++ bin/nlogin.in (working copy) @@ -543,6 +543,15 @@ source_password_file $password_file set in_proc 0 set exitval 0 +# if we have dont have a tty, we need some additional terminal settings +if [catch {open /dev/tty w} ttyid] { + # no tty, ie: cron + set spawnopts "-nottycopy" + set stty_init "raw -echo cols 132" +} else { + set stty_init "raw -echo" + catch {close ttyid} reason +} foreach router [lrange $argv $i end] { set router [string tolower $router] send_user -- "$router\n" From jandrewartha at ccgs.wa.edu.au Mon Mar 25 07:11:38 2019 From: jandrewartha at ccgs.wa.edu.au (James Andrewartha) Date: Mon, 25 Mar 2019 15:11:38 +0800 Subject: [rancid] Extreme 200-series switches In-Reply-To: <20190324163803.GC33399@shrubbery.net> References: <20190324163803.GC33399@shrubbery.net> Message-ID: Hi, On 25/03/19 00:38, heasley wrote: > Perhaps this > > Index: bin/clogin.in > =================================================================== > --- bin/clogin.in (revision 3966) > +++ bin/clogin.in (working copy) > @@ -452,6 +452,12 @@ > send -h "quit\r" > exp_continue; > } > + -re "^\% Invalid input detected at " { > + # Broadcom Fastpath based > + # Extreme 200 series > + send -h "quit\r" > + exp_continue; > + } > "The system has unsaved changes" { # Force10 SFTOS > if {$do_saveconfig} { > catch {send "y\r"} > That works a treat, thanks. I haven't yet tested it when there's an unsaved config change though. Also I'll need to filter out these changing parts, where in the code is this done in 3.x? ! - !Temp (C)....................................... 26 + !Temp (C)....................................... 27 !Temperature traps range: 0 to 45 !Fans: !Unit Fan Description Type Speed Duty !---- --- -------------- --------- ------------- ------------- !1 1 Fan-1 Fixed Not !Power Modules: !Unit Power supply Description Type State !---- ------------ ---------------- ---------- -------------- !1 1 PS-1 Fixed Operational !Disk usage information: !Unit Total space (KB) Free space !---- ---------------- --------------- --------------- --------------- - !1 27,584 25,828 1,756 6 + !1 27,584 25,784 1,800 6 ! -- James Andrewartha Network & Projects Engineer Christ Church Grammar School Claremont, Western Australia Ph. (08) 9442 1757 Mob. 0424 160 877 From nick.nauwelaerts at aquafin.be Tue Mar 26 12:36:41 2019 From: nick.nauwelaerts at aquafin.be (Nick Nauwelaerts) Date: Tue, 26 Mar 2019 12:36:41 +0000 Subject: [rancid] Extreme 200-series switches In-Reply-To: References: <20190324163803.GC33399@shrubbery.net> Message-ID: <0084ea4efe704e1abfac80a1ee379fd8@aquafin.be> heya, while i don't have extreme devices, the code seems to live in lib/exos.pm.in. i would guess temperature & diskspace and such could perhaps be gated with the FILTER_OSC setting (see man rancid.conf), fortigate.pm.in has some examples which can get you started. rancid.pm.in has some helper functions if you want to parse storage usage to human readable form or % space remaining, this can also reduce the amount of diffs you receive for minor changes in free space. // nick > -----Original Message----- > From: Rancid-discuss [mailto:rancid-discuss-bounces at shrubbery.net] On > Behalf Of James Andrewartha > Sent: Monday, March 25, 2019 08:12 > To: heasley > Cc: rancid-discuss at shrubbery.net > Subject: Re: [rancid] Extreme 200-series switches > > Hi, > > On 25/03/19 00:38, heasley wrote: > > Perhaps this > > > > Index: bin/clogin.in > > > ========================================================== > ========= > > --- bin/clogin.in(revision 3966) > > +++ bin/clogin.in(working copy) > > @@ -452,6 +452,12 @@ > > send -h "quit\r" > > exp_continue; > > } > > +-re "^\% Invalid input detected at "{ > > + # Broadcom Fastpath based > > + # Extreme 200 series > > + send -h "quit\r" > > + exp_continue; > > +} > > "The system has unsaved changes"{ # Force10 SFTOS > > if {$do_saveconfig} { > > catch {send "y\r"} > > > > That works a treat, thanks. I haven't yet tested it when there's an > unsaved config change though. Also I'll need to filter out these > changing parts, where in the code is this done in 3.x? > > ! > - !Temp (C)....................................... 26 > + !Temp (C)....................................... 27 > !Temperature traps range: 0 to 45 > !Fans: > !Unit Fan Description Type Speed Duty > !---- --- -------------- --------- ------------- ------------- > !1 1 Fan-1 Fixed Not > !Power Modules: > !Unit Power supply Description Type State > !---- ------------ ---------------- ---------- -------------- > !1 1 PS-1 Fixed Operational > !Disk usage information: > !Unit Total space (KB) Free space > !---- ---------------- --------------- --------------- > --------------- > - !1 27,584 25,828 1,756 > 6 > + !1 27,584 25,784 1,800 > 6 > ! > > -- > James Andrewartha > Network & Projects Engineer > Christ Church Grammar School > Claremont, Western Australia > Ph. (08) 9442 1757 > Mob. 0424 160 877 > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss ________________________________ Volg Aquafin op Facebook | Twitter | YouTube | LinkedIN | Instagram In het kader van de uitoefening van onze taken verzamelen we bij Aquafin persoonsgegevens. Hoe we omgaan met deze gegevens en wat de rechten van de betrokkenen zijn, kan je nalezen in onze privacy policy. P Denk aan het milieu. Druk deze mail niet onnodig af. From nandhakumar.a0519 at gmail.com Wed Mar 27 09:41:02 2019 From: nandhakumar.a0519 at gmail.com (nandhakumar a) Date: Wed, 27 Mar 2019 17:41:02 +0800 Subject: [rancid] Racnid Issue Message-ID: Dear Team, I am facing on this below issue, please help me on the right path, where the mistake is. ************************************EMail Received from Rancid to my box************ The following routers have not been successfully contacted for more than 24 hours -rw-r----- 1 rancid user 0 Dec 13 11:07 x.x.x.x -rw-r----- 1 rancid user 0 Dec 13 11:07 x.x.x.x -rw-r----- 1 rancid user 0 Dec 13 11:08 x.x.x.x ************************************ Inside the log file i found this, i seen the log for corresponding hosts Trying to get all of the configs. x.x.x.x: missed cmd(s): write term,show running-config x.x.x.x: missed cmd(s): write term,show running-config x.x.x.x: missed cmd(s): write term,show running-config Please let me know where is the issue, i have checked with password file, router.db and i am able to login the device using clogin, its screwing my head, help me to out of this. With Regards Nandhu -------------- next part -------------- An HTML attachment was scrubbed... URL: From cgauthier at comscore.com Wed Mar 27 17:58:25 2019 From: cgauthier at comscore.com (Gauthier, Chris) Date: Wed, 27 Mar 2019 17:58:25 +0000 Subject: [rancid] Racnid Issue In-Reply-To: References: Message-ID: <06BEEFB5-344A-4802-A3CD-C75C5E67066B@comscore.com> I can?t remember where it is documented, but the following info has been discussed multiple times on this list (even by me, iirc): As the rancid user, run the following with the appropriate substitutions: export NOPIPE=YES; ~/bin/rancid -d -t DEVICE_TYPE DEVICE_NAME_IN_ROUTER.DB Then, look at the output files. One will be the DEVICE_NAME_IN_ROUTER.DB.raw and the other will end in .new. The .raw file will be the most helpful for this kind of troubleshooting. Chris Gauthier Senior Network Engineer | Comscore t +1 (503) 331-2704 | cgauthier at comscore.com comscore.com ???This e-mail (including any attachments) may contain information that is private, confidential, or protected by attorney-client or other privilege. If you received this e-mail in error, please delete it from your system and notify sender. From: Rancid-discuss on behalf of nandhakumar a Date: Wednesday, March 27, 2019 at 2:41 AM To: "rancid-discuss at shrubbery.net" Subject: [rancid] Racnid Issue Dear Team, I am facing on this below issue, please help me on the right path, where the mistake is. ************************************EMail Received from Rancid to my box************ The following routers have not been successfully contacted for more than 24 hours -rw-r----- 1 rancid user 0 Dec 13 11:07 x.x.x.x -rw-r----- 1 rancid user 0 Dec 13 11:07 x.x.x.x -rw-r----- 1 rancid user 0 Dec 13 11:08 x.x.x.x ************************************ Inside the log file i found this, i seen the log for corresponding hosts Trying to get all of the configs. x.x.x.x: missed cmd(s): write term,show running-config x.x.x.x: missed cmd(s): write term,show running-config x.x.x.x: missed cmd(s): write term,show running-config Please let me know where is the issue, i have checked with password file, router.db and i am able to login the device using clogin, its screwing my head, help me to out of this. With Regards Nandhu -------------- next part -------------- An HTML attachment was scrubbed... URL: From linuxthreads at gmail.com Fri Mar 29 11:45:26 2019 From: linuxthreads at gmail.com (Linux Threads) Date: Fri, 29 Mar 2019 13:45:26 +0200 Subject: [rancid] Fortigate updates Antivirus db IPS db hogging rancid Message-ID: Hi Rancid Community, I am backing up Fortigate devices with the new Debian Rancid ver. 3.9.1, but the updates for antivirus IPS are hogging rancid, I have commented out "get system status" as below however I am still getting system statuses help would be apprenticed greatly extract /etc/rancid/rancid.types.base # fortigate-full;script;rancid -t fortigate fortigate-full;login;fnlogin fortigate-full;timeout;90 fortigate-full;module;fortigate fortigate-full;inloop;fortigate::inloop #fortigate-full;command;fortigate::GetSystem;get system status fortigate-full;command;fortigate::GetConf;show full-configuration eg: output in rancid update retrieving revision 1.176 diff -u -4 -r1.176 fortigate-fw @@ -1,9 +1,9 @@ #RANCID-CONTENT-TYPE: fortigate # #Version: FortiGate-100E v6.0.3,build0200,181009 (GA) - #Virus-DB: 67.00399(2019-03-29 23:15) - #Extended DB: 67.00399(2019-03-29 23:15) + #Virus-DB: 67.00401(2019-03-29 01:15) + #Extended DB: 67.00401(2019-03-29 01:15) #IPS-DB: 14.00582(2019-03-28 00:00) #IPS-ETDB: 0.00000(2001-01-01 00:00) #APP-DB: 14.00582(2019-03-28 00:00) #INDUSTRIAL-DB: 6.00741(2015-12-01 02:30) Regards Juan -------------- next part -------------- An HTML attachment was scrubbed... URL: From heas at shrubbery.net Fri Mar 29 16:24:47 2019 From: heas at shrubbery.net (heasley) Date: Fri, 29 Mar 2019 16:24:47 +0000 Subject: [rancid] Fortigate updates Antivirus db IPS db hogging rancid In-Reply-To: References: Message-ID: <20190329162447.GE92250@shrubbery.net> Fri, Mar 29, 2019 at 01:45:26PM +0200, Linux Threads: > Hi Rancid Community, > > I am backing up Fortigate devices with the new Debian Rancid ver. 3.9.1, > > but the updates for antivirus IPS are hogging rancid, I have commented out > "get system status" as below however I am still getting system statuses > > help would be apprenticed greatly > > extract /etc/rancid/rancid.types.base > > # > fortigate-full;script;rancid -t fortigate > fortigate-full;login;fnlogin > fortigate-full;timeout;90 > fortigate-full;module;fortigate > fortigate-full;inloop;fortigate::inloop > #fortigate-full;command;fortigate::GetSystem;get system status > fortigate-full;command;fortigate::GetConf;show full-configuration > > eg: output in rancid update > > retrieving revision 1.176 > diff -u -4 -r1.176 fortigate-fw > @@ -1,9 +1,9 @@ > #RANCID-CONTENT-TYPE: fortigate > # > #Version: FortiGate-100E v6.0.3,build0200,181009 (GA) > - #Virus-DB: 67.00399(2019-03-29 23:15) > - #Extended DB: 67.00399(2019-03-29 23:15) > + #Virus-DB: 67.00401(2019-03-29 01:15) > + #Extended DB: 67.00401(2019-03-29 01:15) these will be filtered with rancid.conf:FILTER_OSC=ALL > #IPS-DB: 14.00582(2019-03-28 00:00) > #IPS-ETDB: 0.00000(2001-01-01 00:00) > #APP-DB: 14.00582(2019-03-28 00:00) > #INDUSTRIAL-DB: 6.00741(2015-12-01 02:30) > > Regards > > Juan > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss