For an admin account the prompt is (sans quotes):<br><br>"FGT[model][s/n] # "<br><br>Please note the trailing space<br><br>For a read only account it is the same but with a $ instead of a #<br><br>-Jeff Moorse<br>
<br><div class="gmail_quote">On Tue, Apr 28, 2009 at 12:04 PM, john heasley <span dir="ltr"><<a href="mailto:heas@shrubbery.net">heas@shrubbery.net</a>></span> wrote:<br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
Thu, Apr 23, 2009 at 11:19:03AM -0400, Mina Eskander:<br>
> I changed the -> in the nlogin script to ~ $ and it still does not work, here is the output I get<br>
<br>
Would someone who knows the fortigate well please confirm the prompt format?<br>
I was told '-> ', but reading through the manual that I found online, it<br>
seems that the prompt is '$ ' and gives no indication that it changes with<br>
elevated permissions. But, the manual for their CLI seems poorly written.<br>
<br>
> [rancid@pwcolocacti bin]$ nlogin -d -t 90 -c"get system status;get conf" pwcolofgt100c<br>
<div class="im">> pwcolofgt100c<br>
> spawn ssh -c 3des -x -l meskander pwcolofgt100c<br>
> parent: waiting for sync byte<br>
> parent: telling child to go ahead<br>
> parent: now unsynchronized from child<br>
</div>> spawn: returns {16963}<br>
<div><div></div><div class="h5">><br>
> expect: does "" (spawn_id exp6) match glob pattern "Connection refused"? no<br>
> "Unknown host\r\n"? no<br>
> "Host is unreachable"? no<br>
> "No address associated with name"? no<br>
> "Are you sure you want to continue connecting .*"? no<br>
> "Host key not found .* (yes/no)?"? no<br>
> "HOST IDENTIFICATION HAS CHANGED.* (yes/no)?"? no<br>
> "Offending key for .* (yes/no)?"? no<br>
> "denied"? no<br>
> " ### Login failed"? no<br>
> "(login:)"? no<br>
> "@[^\r\n]+[Pp]assword:"? no<br>
> "[Pp]assword:"? no<br>
> "~ $ "? no<br>
> meskander@pwcolofgt100c's password:<br>
> expect: does "meskander@pwcolofgt100c's password: " (spawn_id exp6) match glob pattern "Connection refused"? no<br>
> "Unknown host\r\n"? no<br>
> "Host is unreachable"? no<br>
> "No address associated with name"? no<br>
> "Are you sure you want to continue connecting .*"? no<br>
> "Host key not found .* (yes/no)?"? no<br>
> "HOST IDENTIFICATION HAS CHANGED.* (yes/no)?"? no<br>
> "Offending key for .* (yes/no)?"? no<br>
> "denied"? no<br>
> " ### Login failed"? no<br>
> "(login:)"? no<br>
> "@[^\r\n]+[Pp]assword:"? yes<br>
> expect: set expect_out(0,string) "@pwcolofgt100c's password:"<br>
> expect: set expect_out(spawn_id) "exp6"<br>
> expect: set expect_out(buffer) "meskander@pwcolofgt100c's password:"<br>
> send: sending "G0ds@v3s\r" to { exp6 }<br>
> expect: continuing expect<br>
><br>
> expect: does " " (spawn_id exp6) match glob pattern "Connection refused"? no<br>
> "Unknown host\r\n"? no<br>
> "Host is unreachable"? no<br>
> "No address associated with name"? no<br>
> "Are you sure you want to continue connecting .*"? no<br>
> "Host key not found .* (yes/no)?"? no<br>
> "HOST IDENTIFICATION HAS CHANGED.* (yes/no)?"? no<br>
> "Offending key for .* (yes/no)?"? no<br>
> "denied"? no<br>
> " ### Login failed"? no<br>
> "(login:)"? no<br>
> "@[^\r\n]+[Pp]assword:"? no<br>
> "[Pp]assword:"? no<br>
> "~ $ "? no<br>
><br>
><br>
> expect: does " \r\n" (spawn_id exp6) match glob pattern "Connection refused"? no<br>
> "Unknown host\r\n"? no<br>
> "Host is unreachable"? no<br>
> "No address associated with name"? no<br>
> "Are you sure you want to continue connecting .*"? no<br>
> "Host key not found .* (yes/no)?"? no<br>
> "HOST IDENTIFICATION HAS CHANGED.* (yes/no)?"? no<br>
> "Offending key for .* (yes/no)?"? no<br>
> "denied"? no<br>
> " ### Login failed"? no<br>
> "(login:)"? no<br>
> "@[^\r\n]+[Pp]assword:"? no<br>
> "[Pp]assword:"? no<br>
> "~ $ "? no<br>
> FGT100C3G0860259~ $<br>
> expect: does " \r\nFGT100C3G0860259~ $ " (spawn_id exp6) match glob pattern "Connection refused"? no<br>
> "Unknown host\r\n"? no<br>
> "Host is unreachable"? no<br>
> "No address associated with name"? no<br>
> "Are you sure you want to continue connecting .*"? no<br>
> "Host key not found .* (yes/no)?"? no<br>
> "HOST IDENTIFICATION HAS CHANGED.* (yes/no)?"? no<br>
> "Offending key for .* (yes/no)?"? no<br>
> "denied"? no<br>
> " ### Login failed"? no<br>
> "(login:)"? no<br>
> "@[^\r\n]+[Pp]assword:"? no<br>
> "[Pp]assword:"? no<br>
</div></div>> "~ $ "? yes<br>
> expect: set expect_out(0,string) "~ $ "<br>
<div class="im">> expect: set expect_out(spawn_id) "exp6"<br>
</div>> expect: set expect_out(buffer) " \r\nFGT100C3G0860259~ $ "<br>
> send: sending "\r" to { exp6 }<br>
><br>
> expect: does "" (spawn_id exp6) match regular expression "[\r\n]+"? no<br>
> "^(.+~ $ )"? no<br>
><br>
><br>
> expect: does "\r\r\n" (spawn_id exp6) match regular expression "[\r\n]+"? yes<br>
> expect: set expect_out(0,string) "\r\r\n"<br>
<div class="im">> expect: set expect_out(spawn_id) "exp6"<br>
</div>> expect: set expect_out(buffer) "\r\r\n"<br>
> expect: continuing expect<br>
><br>
> expect: does "" (spawn_id exp6) match regular expression "[\r\n]+"? no<br>
> "^(.+~ $ )"? no<br>
> FGT100C3G0860259~ $<br>
> expect: does "FGT100C3G0860259~ $ " (spawn_id exp6) match regular expression "[\r\n]+"? no<br>
<div class="im">> "^(.+~ $ )"? no<br>
> expect: timed out<br>
><br>
> Error: TIMEOUT reached<br>
> write() failed to write anything - will sleep(1) and retry...<br>
</div>> [rancid@pwcolocacti bin]$<br>
><br>
> From: <a href="mailto:rancid-discuss-bounces@shrubbery.net">rancid-discuss-bounces@shrubbery.net</a> [mailto:<a href="mailto:rancid-discuss-bounces@shrubbery.net">rancid-discuss-bounces@shrubbery.net</a>] On Behalf Of Jeff Moorse<br>
> Sent: Monday, April 20, 2009 11:06 PM<br>
> To: <a href="mailto:rancid-discuss@shrubbery.net">rancid-discuss@shrubbery.net</a><br>
> Subject: [rancid] Re: Rancid with Fortigate Devices?<br>
<div class="im">><br>
> Anyone know what the correct syntax for the expect script would be to match prompt (assuming the string of #'s following FGT is variable)?<br>
><br>
> I have experienced similar problems<br>
><br>
> Thanks<br>
</div><div class="im">> On Mon, Apr 20, 2009 at 10:45 AM, john heasley <<a href="mailto:heas@shrubbery.net">heas@shrubbery.net</a><mailto:<a href="mailto:heas@shrubbery.net">heas@shrubbery.net</a>>> wrote:<br>
> yep, your prompt is nFGT100C3G0860259~ $<br>
> but the script expects -><br>
><br>
> _______________________________________________<br>
> Rancid-discuss mailing list<br>
</div>> <a href="mailto:Rancid-discuss@shrubbery.net">Rancid-discuss@shrubbery.net</a><mailto:<a href="mailto:Rancid-discuss@shrubbery.net">Rancid-discuss@shrubbery.net</a>><br>
<div><div></div><div class="h5">> <a href="http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss" target="_blank">http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss</a><br>
><br>
><br>
><br>
> --<br>
> -- Jeff Moorse --<br>
<br>
> _______________________________________________<br>
> Rancid-discuss mailing list<br>
> <a href="mailto:Rancid-discuss@shrubbery.net">Rancid-discuss@shrubbery.net</a><br>
> <a href="http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss" target="_blank">http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss</a><br>
</div></div></blockquote></div><br><br clear="all"><br>-- <br>-- Jeff Moorse --<br>