From vchopov at digifonica.com Thu Feb 1 20:02:27 2007 From: vchopov at digifonica.com (Valentin S. Chopov) Date: Thu, 01 Feb 2007 12:02:27 -0800 Subject: [rancid] Re: Using a remote subversion repository In-Reply-To: <6A490BD35632EF48871355D69A79517C4326F1@IOWAEVS02.iowa.uiowa.edu> References: <6A490BD35632EF48871355D69A79517C4326F1@IOWAEVS02.iowa.uiowa.edu> Message-ID: <45C24753.5020409@digifonica.com> Hi Neil, Please check out my post from 2 months ago: http://www.shrubbery.net/pipermail/rancid-discuss/2006-November/001883.html Cheers, Val Johnson, Neil M wrote: > I would like to run RANCID on a UNIX box and locate the SVN repository on a > Windows machine (don't blame me, I'm just the messenger). > > Can you do it with SVN or do you have to use CVS ? > > Thanks. > > -- > Neil Johnson > Network Engineering Group > Telecommunications and Network Services > The University of Iowa > 319 384-0938 (Work) > 319 330-2235 (Cell) > > > ------------------------------------------------------------------------ > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss -- Valentin S. Chopov, CC[NDS]P Senior Systems Administrator Digifonica Canada Limited (604) 628-8900 ext. 0058 ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ From yuvalba at netvision.net.il Fri Feb 2 11:29:16 2007 From: yuvalba at netvision.net.il (Yuval Ben-Ari) Date: Fri, 2 Feb 2007 13:29:16 +0200 Subject: [rancid] Re: sub groups References: <20070128184747.8e114e4890519e5179c192e02d6bca26.dae73c687e.wbe@email.secureserver.net> Message-ID: <58D14E53A4F69C4EAF4D29171C447CC491FFC9@NTX-CL.forest.netvision.net.il> sorry, for some reason did not see the reply because each company also has it's internal groups (i.e core, access, border, etc ...) so what I want to have is a directory structure of: $rancid_home/var/companyA/core $rancid_home/var/companyA/access $rancid_home/var/companyA/lan $rancid_home/var/companyB/core $rancid_home/var/companyB/access $rancid_home/var/companyB/lan or similar Actually I just tried to add this under rancid.conf: LIST_OF_GROUPS="test/subtest" and it seems to work I need to see if it can do the job ... Yuval -----Original Message----- From: Lance [mailto:rancid at gheek.net] Sent: Monday, January 29, 2007 3:48 AM To: Yuval Ben-Ari Cc: Rancid-discuss at shrubbery.net Subject: RE: [rancid] sub groups Why not just create a network group for each company? -Lance > -------- Original Message -------- > Subject: [rancid] sub groups > From: "Yuval Ben-Ari" > Date: Sun, January 28, 2007 3:57 am > To: > > Hi, Is it possible to configure sub groups in rancid ? I want to create a group that will have it's own group's inside. (think of scenario where two networks merge etc ...) Thanks > --------------------------------------------------------------------- > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss From rancid at gheek.net Fri Feb 2 23:38:32 2007 From: rancid at gheek.net (Lance) Date: Fri, 02 Feb 2007 16:38:32 -0700 Subject: [rancid] Re: sub groups Message-ID: <20070202163832.8e114e4890519e5179c192e02d6bca26.6acaa2c441.wbe@email.secureserver.net> Yuval, Interesting...if that / works, let me know. That would be interesting/helpful. > -------- Original Message -------- > Subject: RE: [rancid] sub groups > From: "Yuval Ben-Ari" > Date: Fri, February 02, 2007 4:29 am > To: "Lance" > Cc: > > sorry, for some reason did not see the reply > > because each company also has it's internal groups (i.e core, access, > border, etc ...) > so what I want to have is a directory structure of: > > $rancid_home/var/companyA/core > $rancid_home/var/companyA/access > $rancid_home/var/companyA/lan > > $rancid_home/var/companyB/core > $rancid_home/var/companyB/access > $rancid_home/var/companyB/lan > > or similar > > Actually I just tried to add this under rancid.conf: > LIST_OF_GROUPS="test/subtest" and it seems to work > I need to see if it can do the job ... > > Yuval > > -----Original Message----- > From: Lance [mailto:rancid at gheek.net] > Sent: Monday, January 29, 2007 3:48 AM > To: Yuval Ben-Ari > Cc: Rancid-discuss at shrubbery.net > Subject: RE: [rancid] sub groups > > Why not just create a network group for each company? > > -Lance > > -------- Original Message -------- > > Subject: [rancid] sub groups > > From: "Yuval Ben-Ari" > > Date: Sun, January 28, 2007 3:57 am > > To: > > > > Hi, Is it possible to configure sub groups in rancid ? I want > to create a group that will have it's own group's inside. (think of > scenario where two networks merge etc ...) Thanks > > --------------------------------------------------------------------- > > _______________________________________________ > > Rancid-discuss mailing list > > Rancid-discuss at shrubbery.net > > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss From babydr at baby-dragons.com Sat Feb 3 00:30:43 2007 From: babydr at baby-dragons.com (Mr. James W. Laferriere) Date: Fri, 2 Feb 2007 16:30:43 -0800 (PST) Subject: [rancid] Re: svn: Out of date: , On very first run . In-Reply-To: References: Message-ID: Hello All , Ooops . Forgotten information included below . On Fri, 2 Feb 2007, Mr. James W. Laferriere wrote: > Hello All , I've done a tad bit of googling on the error(warning) > mentioned in the Subject and have essentially come up rather empty handed . > Particularly where it concerns references for 'rancid AND svn' and > that error . Someone mentioned they 'Removed update from rancid-run & > control_rancid' and they no longer had this error beating them over the head > . > Tho no patch or mention of what to remove . I've done a grep for > update in both of the mentioned files & only control_rancid had any 'update*' > entries , tho none of them looked like candidates for being removed . > > The message (cat'd) in below is repeated every time I do a rancid-run > & I have even totally removed the rancid user directory & started over . > > Below is the history of what actions I've performed . > attached is my rancid.conf > Tia , JimL > > <----> > > # as root . > > useradd -c"rancid user" rancid > cd rancid-2.3.2a7 > > make install <<< using /home/rancid for --prefix.. >>> > > # add the groups aliases . > nano -zw /etc/aliases > newaliases > > > # as rancid user . > > cp share/rancid/cloginrc.sample .cloginrc > nano -zw .cloginrc > chmod a-rwx,u+rw .cloginrc > clogin ourouter.ourdomain.com > # Everything to here a OK . > > cp -i rancid.conf etc/rancid.conf <<< see attached >>> > rancid-cvs > > cp nyc1-router.db var/nyc1/router.db > cp sjc1-router.db var/sjc1/router.db > cp office1-router.db var/office1/router.db > > # had to do a run or two to remember I had to do this . > mkdir var/tmp > > rancid-run nyc1 > > cat var/logs/nyc1.20070202.234735 starting: Fri Feb 2 23:47:35 GMT 2007 > > property 'svn:ignore' set on '.' > A ourouter.nyc1.ourdomain.com > Adding ourouter.nyc1.ourdomain.com > Transmitting file data . > Committed revision 10. > Added ourouter.nyc1.ourdomain.com > > > > Trying to get all of the configs. > All routers sucessfully completed. > > svn: Commit failed (details follow): > svn: Out of date: '/nyc1' in transaction 'b' > Sending . > > ending: Fri Feb 2 23:47:55 GMT 2007 > <----> #OS & Version CentOS release 4.4 (Final) Linux rancidhost.ourdomanname.com 2.6.9-42.0.3.ELsmp #1 SMP Fri Oct 6 06:21:39 CDT 2006 i686 i686 i386 GNU/Linux #Expect version . # expect -v expect version 5.42.1 #svn version . # svn --version svn, version 1.1.4 (r13838) compiled Aug 21 2005, 20:56:55 -- +-----------------------------------------------------------------+ | James W. Laferriere | System Techniques | Give me VMS | | Network Engineer | 663 Beaumont Blvd | Give me Linux | | babydr at baby-dragons.com | Pacifica, CA. 94044 | only on AXP | +-----------------------------------------------------------------+ -------------- next part -------------- # rancid 2.3.2a7 # This file sets up the environment used for rancid. see rancid.conf(5) # # This will be site specific # TERM=network;export TERM # # Create files w/o world read/write/exec permissions, but read/exec permissions # for group. umask 027 # # Under BASEDIR (i.e.: --localstatedir), there will be a "logs" directory for # the logs from rancid and a directory for each group of routers defined in # LIST_OF_GROUPS (below). In addition to these, there will be a "CVS" # directory which is the cvs (or Subversion) repository. # # Use a full path (no sym-links) for BASEDIR. # Be careful changing this, it affects CVSROOT below. BASEDIR=/home/rancid/var; export BASEDIR PATH=/home/rancid/bin:/usr/bin:/usr/sbin:/bin:/usr/kerberos/bin:/usr/local/bin:/usr/bin; export PATH # TMPDIR=$BASEDIR/tmp; export TMPDIR # Location of the CVS/SVN repository. Be careful changing this. CVSROOT=$BASEDIR/CVS; export CVSROOT # Location of log files produced by rancid-run(1). LOGDIR=$BASEDIR/logs; export LOGDIR # # Select which RCS system to use, "cvs" (default) or "svn". Do not change # this after CVSROOT has been created with rancid-cvs. Changing between these # requires manual conversions. RCSSYS=svn; export RCSSYS # # if NOPIPE is set, temp files will be used instead of a cmd pipe during # collection from the router(s). NOPIPE=YES; export NOPIPE # # FILTER_PWDS determines which passwords are filtered from configs by the # value set (NO | YES | ALL). see rancid.conf(5). FILTER_PWDS=ALL; export FILTER_PWDS # # if NOCOMMSTR is set, snmp community strings will be stripped from the configs NOCOMMSTR=YES; export NOCOMMSTR # # How many times failed collections are retried (for each run) before # giving up. Minimum: 1 #MAX_ROUNDS=4; export MAX_ROUNDS # # How many hours should pass before complaining about routers that # can not be reached. The value should be greater than the number # of hours between your rancid-run cron job. OLDTIME=25; export OLDTIME # # How many hours should pass before complaining that a group's collection # (the age of it's lock file) is hung. #LOCKTIME=4; export LOCKTIME # # The number of devices to collect simultaneously. #PAR_COUNT=5; export PAR_COUNT # # list of rancid groups #LIST_OF_GROUPS="sl joebobisp" # more groups... #LIST_OF_GROUPS="$LIST_OF_GROUPS noc billybobisp" LIST_OF_GROUPS="sjc1 nyc1 office1" # # For each group, define a list of people to receive the diffs. # in sendmail's /etc/aliases. # rancid-group: joe,moe at foo # rancid-admin-group: hostmaster # be sure to read ../README regarding aliases. # # If your MTA configuration is broken or you want mail to be forwarded to a # domain not the same the local one, define that domain here. "@" must be # included, as this is simply appended to the usual recipients. It is NOT # appended to recipients specified in rancid-run's -m option. #MAILDOMAIN="@example.com"; export MAILDOMAIN # # By default, rancid mail is marked with precedence "bulk". This may be # changed by setting the MAILHEADERS variable; for example no header by setting # it to "" or adding X- style headers. Individual headers must be separated # by a \n. #MAILHEADERS="Precedence: bulk"; export MAILHEADERS From babydr at baby-dragons.com Fri Feb 2 23:25:15 2007 From: babydr at baby-dragons.com (Mr. James W. Laferriere) Date: Fri, 2 Feb 2007 15:25:15 -0800 (PST) Subject: [rancid] svn: Out of date: , On very first run . Message-ID: Hello All , I've done a tad bit of googling on the error(warning) mentioned in the Subject and have essentially come up rather empty handed . Particularly where it concerns references for 'rancid AND svn' and that error . Someone mentioned they 'Removed update from rancid-run & control_rancid' and they no longer had this error beating them over the head . Tho no patch or mention of what to remove . I've done a grep for update in both of the mentioned files & only control_rancid had any 'update*' entries , tho none of them looked like candidates for being removed . The message (cat'd) in below is repeated every time I do a rancid-run & I have even totally removed the rancid user directory & started over . Below is the history of what actions I've performed . attached is my rancid.conf Tia , JimL <----> # as root . useradd -c"rancid user" rancid cd rancid-2.3.2a7 make install <<< using /home/rancid for --prefix.. >>> # add the groups aliases . nano -zw /etc/aliases newaliases # as rancid user . cp share/rancid/cloginrc.sample .cloginrc nano -zw .cloginrc chmod a-rwx,u+rw .cloginrc clogin ourouter.ourdomain.com # Everything to here a OK . cp -i rancid.conf etc/rancid.conf <<< see attached >>> rancid-cvs cp nyc1-router.db var/nyc1/router.db cp sjc1-router.db var/sjc1/router.db cp office1-router.db var/office1/router.db # had to do a run or two to remember I had to do this . mkdir var/tmp rancid-run nyc1 cat var/logs/nyc1.20070202.234735 starting: Fri Feb 2 23:47:35 GMT 2007 property 'svn:ignore' set on '.' A ourouter.nyc1.ourdomain.com Adding ourouter.nyc1.ourdomain.com Transmitting file data . Committed revision 10. Added ourouter.nyc1.ourdomain.com Trying to get all of the configs. All routers sucessfully completed. svn: Commit failed (details follow): svn: Out of date: '/nyc1' in transaction 'b' Sending . ending: Fri Feb 2 23:47:55 GMT 2007 <----> -- +-----------------------------------------------------------------+ | James W. Laferriere | System Techniques | Give me VMS | | Network Engineer | 663 Beaumont Blvd | Give me Linux | | babydr at baby-dragons.com | Pacifica, CA. 94044 | only on AXP | +-----------------------------------------------------------------+ -------------- next part -------------- # rancid 2.3.2a7 # This file sets up the environment used for rancid. see rancid.conf(5) # # This will be site specific # TERM=network;export TERM # # Create files w/o world read/write/exec permissions, but read/exec permissions # for group. umask 027 # # Under BASEDIR (i.e.: --localstatedir), there will be a "logs" directory for # the logs from rancid and a directory for each group of routers defined in # LIST_OF_GROUPS (below). In addition to these, there will be a "CVS" # directory which is the cvs (or Subversion) repository. # # Use a full path (no sym-links) for BASEDIR. # Be careful changing this, it affects CVSROOT below. BASEDIR=/home/rancid/var; export BASEDIR PATH=/home/rancid/bin:/usr/bin:/usr/sbin:/bin:/usr/kerberos/bin:/usr/local/bin:/usr/bin; export PATH # TMPDIR=$BASEDIR/tmp; export TMPDIR # Location of the CVS/SVN repository. Be careful changing this. CVSROOT=$BASEDIR/CVS; export CVSROOT # Location of log files produced by rancid-run(1). LOGDIR=$BASEDIR/logs; export LOGDIR # # Select which RCS system to use, "cvs" (default) or "svn". Do not change # this after CVSROOT has been created with rancid-cvs. Changing between these # requires manual conversions. RCSSYS=svn; export RCSSYS # # if NOPIPE is set, temp files will be used instead of a cmd pipe during # collection from the router(s). NOPIPE=YES; export NOPIPE # # FILTER_PWDS determines which passwords are filtered from configs by the # value set (NO | YES | ALL). see rancid.conf(5). FILTER_PWDS=ALL; export FILTER_PWDS # # if NOCOMMSTR is set, snmp community strings will be stripped from the configs NOCOMMSTR=YES; export NOCOMMSTR # # How many times failed collections are retried (for each run) before # giving up. Minimum: 1 #MAX_ROUNDS=4; export MAX_ROUNDS # # How many hours should pass before complaining about routers that # can not be reached. The value should be greater than the number # of hours between your rancid-run cron job. OLDTIME=25; export OLDTIME # # How many hours should pass before complaining that a group's collection # (the age of it's lock file) is hung. #LOCKTIME=4; export LOCKTIME # # The number of devices to collect simultaneously. #PAR_COUNT=5; export PAR_COUNT # # list of rancid groups #LIST_OF_GROUPS="sl joebobisp" # more groups... #LIST_OF_GROUPS="$LIST_OF_GROUPS noc billybobisp" LIST_OF_GROUPS="sjc1 nyc1 office1" # # For each group, define a list of people to receive the diffs. # in sendmail's /etc/aliases. # rancid-group: joe,moe at foo # rancid-admin-group: hostmaster # be sure to read ../README regarding aliases. # # If your MTA configuration is broken or you want mail to be forwarded to a # domain not the same the local one, define that domain here. "@" must be # included, as this is simply appended to the usual recipients. It is NOT # appended to recipients specified in rancid-run's -m option. #MAILDOMAIN="@example.com"; export MAILDOMAIN # # By default, rancid mail is marked with precedence "bulk". This may be # changed by setting the MAILHEADERS variable; for example no header by setting # it to "" or adding X- style headers. Individual headers must be separated # by a \n. #MAILHEADERS="Precedence: bulk"; export MAILHEADERS From johan.bergstrom at tietoenator.com Tue Feb 6 13:26:21 2007 From: johan.bergstrom at tietoenator.com (Johan =?ISO-8859-1?Q?Bergstr=F6m?=) Date: Tue, 06 Feb 2007 14:26:21 +0100 Subject: [rancid] AAA Service login Message-ID: <1170768381.4221.5.camel@satyr.eu.tieto.com> I've reconfigured my switches/routers to use an aaa model for logging in using domain accounts. I've added the rancid user to a exec group that has level 15 access directly on login, so it ends up directly in enable mode when it logs in. This turned into a problem with rancid, since clogin is waiting for the > prompt to enable itself. Can I fix this easily in rancid, or do I need to change the rancid user to a normal user again and make him enable as usual ? Johan From gaurav at inwire.net Tue Feb 6 13:46:33 2007 From: gaurav at inwire.net (Gaurav Sabharwal) Date: Tue, 06 Feb 2007 14:46:33 +0100 Subject: [rancid] Re: AAA Service login In-Reply-To: <1170768381.4221.5.camel@satyr.eu.tieto.com> References: <1170768381.4221.5.camel@satyr.eu.tieto.com> Message-ID: <45C886B9.7050205@inwire.net> on 02/06/2007 02:26 PM Johan Bergstr?m said the following: > I've reconfigured my switches/routers to use an aaa model for logging in > using domain accounts. > > I've added the rancid user to a exec group that has level 15 access > directly on login, so it ends up directly in enable mode when it logs > in. This turned into a problem with rancid, since clogin is waiting for > the > prompt to enable itself. > > Can I fix this easily in rancid, or do I need to change the rancid user > to a normal user again and make him enable as usual ? In the .cloginrc set the autoenable to 1 add autoenable *.inwire.net 1 - Gaurav From johan.bergstrom at tietoenator.com Tue Feb 6 14:07:40 2007 From: johan.bergstrom at tietoenator.com (Johan =?ISO-8859-1?Q?Bergstr=F6m?=) Date: Tue, 06 Feb 2007 15:07:40 +0100 Subject: [rancid] Re: AAA Service login In-Reply-To: <45C886B9.7050205@inwire.net> References: <1170768381.4221.5.camel@satyr.eu.tieto.com> <45C886B9.7050205@inwire.net> Message-ID: <1170770860.4221.8.camel@satyr.eu.tieto.com> Ahh, didn't read the manpage before asking, should have. But that works like a charm ofcourse. Thanks. Johan On Tue, 2007-02-06 at 14:46 +0100, Gaurav Sabharwal wrote: > on 02/06/2007 02:26 PM Johan Bergstr?m said the following: > > I've reconfigured my switches/routers to use an aaa model for logging in > > using domain accounts. > > > > I've added the rancid user to a exec group that has level 15 access > > directly on login, so it ends up directly in enable mode when it logs > > in. This turned into a problem with rancid, since clogin is waiting for > > the > prompt to enable itself. > > > > Can I fix this easily in rancid, or do I need to change the rancid user > > to a normal user again and make him enable as usual ? > > In the .cloginrc set the autoenable to 1 > > add autoenable *.inwire.net 1 > > - Gaurav > From babydr at baby-dragons.com Wed Feb 7 05:14:30 2007 From: babydr at baby-dragons.com (Mr. James W. Laferriere) Date: Tue, 6 Feb 2007 21:14:30 -0800 (PST) Subject: [rancid] Re: svn: Out of date: , On very first run . In-Reply-To: References: Message-ID: Hello All , I take it that no one has seen the difficulty I have , nor has a work around . Everything in the install & faq documents say DO NOT do anything to the repo's manually . ie: you'll bugger them up . If anyone has a work around please pipe up . Tia , JimL -- +-----------------------------------------------------------------+ | James W. Laferriere | System Techniques | Give me VMS | | Network Engineer | 663 Beaumont Blvd | Give me Linux | | babydr at baby-dragons.com | Pacifica, CA. 94044 | only on AXP | +-----------------------------------------------------------------+ From mstefani at redhat.com Wed Feb 7 13:06:57 2007 From: mstefani at redhat.com (Michael Stefaniuc) Date: Wed, 07 Feb 2007 14:06:57 +0100 Subject: [rancid] Re: 2.3.2.a5: Cat2948s do not have "show inventory" In-Reply-To: <44E451AB.9050309@redhat.com> References: <44E451AB.9050309@redhat.com> Message-ID: <45C9CEF1.1070701@redhat.com> Any reason why this patch didn't make it to 2.3.2.a6? If it's due to the copyright i'm changing it to whatever it takes to get the patch in (thought i said that already in a later email). bye michael Michael Stefaniuc wrote: > The Cisco Catalyst 2948 switches (WS-C2948G and WS-C2948G-GE-TX) do not > have the "show inventory" command. The attached patch prevents the line > Unknown command "show inventory". Use 'show help' for more info. > to be added to the saved config file of those devices. > > > ------------------------------------------------------------------------ > > Copyright Michael Stefaniuc for Red Hat > > The Cisco Cat2948s do not have the "show inventory" command. > > --- ./bin/cat5rancid.in.inv 2006-08-17 13:03:13.000000000 +0200 > +++ ./bin/cat5rancid.in 2006-08-17 13:14:39.000000000 +0200 > @@ -676,6 +676,7 @@ > last if (/^$prompt/); > next if (/^(\s*|\s*$cmd\s*)$/); > return(-1) if (/command authorization failed/i); > + return(1) if (/Unknown command/); > # the pager can not be disabled per-session on the PIX > s/^<-+ More -+>\s*//; > > > > ------------------------------------------------------------------------ > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss -- Michael Stefaniuc Tel.: +49-711-96437-199 Sr. Network Engineer Fax.: +49-711-96437-111 Red Hat GmbH Email: mstefani at redhat.com Hauptstaetterstr. 58 http://www.redhat.de/ D-70178 Stuttgart From mstefani at redhat.com Wed Feb 7 14:20:19 2007 From: mstefani at redhat.com (Michael Stefaniuc) Date: Wed, 07 Feb 2007 15:20:19 +0100 Subject: [rancid] rancid-2.3.2a6: Fix tacacs server key removal on old IOS versions Message-ID: <45C9E023.7060405@redhat.com> Hello, license/copyright is whatever it needs to be to get this patch accepted upstream. bye michael -- Michael Stefaniuc Tel.: +49-711-96437-199 Sr. Network Engineer Fax.: +49-711-96437-111 Red Hat GmbH Email: mstefani at redhat.com Hauptstaetterstr. 58 http://www.redhat.de/ D-70178 Stuttgart -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: rancid-2.3.2a6-tacacs.patch Url: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20070207/5821782e/attachment.ksh From shlomo at dubrowin.org Wed Feb 7 14:40:57 2007 From: shlomo at dubrowin.org (Shlomo Dubrowin) Date: Wed, 7 Feb 2007 16:40:57 +0200 Subject: [rancid] Cisco Firewall Failover Message-ID: When Cisco PIXs failover, they swap IP Addresses. This is great, the machines they are protecting continue to function properly. However, when Rancid tries to SSH to them afterwards, the ssh key stored in the known_hosts file is now incorrect and Rancid fails to back them up. Does anyone have a good solution on how to deal with this problem besides changing permissions on the known_hosts file so the keys don't get stored in the first place? This solution seems less secure since it's susceptible to a man-in-the-middle attack. Thank you. Shlomo From jlavoie at bowdoin.edu Wed Feb 7 16:40:14 2007 From: jlavoie at bowdoin.edu (Jason Lavoie) Date: Wed, 07 Feb 2007 11:40:14 -0500 Subject: [rancid] Re: Cisco Firewall Failover In-Reply-To: References: Message-ID: <0F6E0188-BF28-450A-A819-2C8D9573A8D7@bowdoin.edu> On Feb 7, 2007, at 9:40 AM, Shlomo Dubrowin wrote: > When Cisco PIXs failover, they swap IP Addresses. [...] > Does anyone have a good solution on how to deal with this problem You can list multiple hosts for each key in known_hosts, by separating them with commas. Something like: fw-standy,fw-active,10.0.0.1,10.0.2 fw-standy,fw-active,10.0.0.1,10.0.2 This way, both hosts can use either key. HTH, -j -- Jason Lavoie jlavoie at bowdoin.edu From babydr at baby-dragons.com Tue Feb 13 20:37:04 2007 From: babydr at baby-dragons.com (Mr. James W. Laferriere) Date: Tue, 13 Feb 2007 12:37:04 -0800 (PST) Subject: [rancid] Re: svn: Out of date: , On very first run . In-Reply-To: <06408167A123B74796B1B4A25951F8E20107C991@gwrc-exchange1.GW.LOCAL> References: <06408167A123B74796B1B4A25951F8E20107C991@gwrc-exchange1.GW.LOCAL> Message-ID: Hello Eric , On Mon, 12 Feb 2007, Eric Klocko wrote: > Yes I have seen this issue. You will have to go into the group and do > an svn update. The command is "svn update" (root# below is the > prompt). > root# svn update > Then do a rancid-run again. (sometimes I do it a couple of times. > Finally check your logs. > I haven't really looked into it to much as I'm no expert on rancid nor > subversion. But From the look of it, if your master repository wasn't > created by rancid. Or if you've deleted things in there or played > around with different rancid configs the repository is not concurrent > with your local config downloads. Thus if you do an svn update it will > push the empty repository to local configs. They will then be blank. > So note all "local" configs will be blank. So you should run rancid-run > manually right after your svn update. I highly recommend setting up > websvn. It's an easy way to look at your svn repository and it's got > some really cool comparison functions wich allow you to visually compare > revisions. I finally found Vince Hoang's patch(*) in the archive & it did the trick quite nicely . As you say I had to run 'rancid-run' twice & the error/warning message went away . Everything as far as rancid is concerned so far has been fine . Now if I could just get ViewVC(**) working so I can view the repo's direct it'd be great . But it appears that rancid doesn't build a repo but uses working copies . So I may have to find a differant viewer . Tahnk you for responding . JimL (*)Aug 19 2006 Vince Hoang [rancid] [PATCH] subversion with rancid 2.3.2a5 (**) http://viewvc.tigris.org/ > -----Original Message----- > From: rancid-discuss-bounces at shrubbery.net > [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Mr. James W. Laferriere > Sent: Tuesday, February 06, 2007 10:15 PM > To: rancid > Subject: [rancid] Re: svn: Out of date: , On very first run . > > Hello All , I take it that no one has seen the difficulty I > have , nor > has a work around . Everything in the install & faq documents say DO > NOT do > anything to the repo's manually . ie: you'll bugger them up . > If anyone has a work around please pipe up . Tia , JimL -- +-----------------------------------------------------------------+ | James W. Laferriere | System Techniques | Give me VMS | | Network Engineer | 663 Beaumont Blvd | Give me Linux | | babydr at baby-dragons.com | Pacifica, CA. 94044 | only on AXP | +-----------------------------------------------------------------+ From babydr at baby-dragons.com Tue Feb 13 22:27:55 2007 From: babydr at baby-dragons.com (Mr. James W. Laferriere) Date: Tue, 13 Feb 2007 14:27:55 -0800 (PST) Subject: [rancid] view rancid repositories with ViewVC , How to ? Message-ID: Hello All , I have been trying to get ViewVC(**) working with rancid & SVN so I can view the repo's direct . But it appears that rancid doesn't build a svn repo but uses working copies . I have seen in the list archive that at least one person has gotten viewvc to work with CVS so I am hoping that it can be made to work with svn . I am hoping that that individual will share their configs of viewvc and CVS that allows viewvc to read the repo's/working copies . (**) http://viewvc.tigris.org/ -- +-----------------------------------------------------------------+ | James W. Laferriere | System Techniques | Give me VMS | | Network Engineer | 663 Beaumont Blvd | Give me Linux | | babydr at baby-dragons.com | Pacifica, CA. 94044 | only on AXP | +-----------------------------------------------------------------+ From rmordasiewicz at samuelmanutech.com Wed Feb 14 14:45:59 2007 From: rmordasiewicz at samuelmanutech.com (Robin Mordasiewicz) Date: Wed, 14 Feb 2007 09:45:59 -0500 (EST) Subject: [rancid] Re: view rancid repositories with ViewVC , How to ? In-Reply-To: References: Message-ID: On Tue, 13 Feb 2007, Mr. James W. Laferriere wrote: > Hello All , I have been trying to get ViewVC(**) working with rancid > & SVN so I can view the repo's direct . But it appears that rancid doesn't > build a svn repo but uses working copies . > I have seen in the list archive that at least one person has gotten > viewvc to work with CVS so I am hoping that it can be made to work with svn . > I am hoping that that individual will share their configs of viewvc and > CVS that allows viewvc to read the repo's/working copies . > > (**) http://viewvc.tigris.org/ Personally I prefer trac http://trac.edgewall.org/ From antonio.pena at Intelsat.com Thu Feb 15 22:12:35 2007 From: antonio.pena at Intelsat.com (Pena, Antonio) Date: Thu, 15 Feb 2007 17:12:35 -0500 Subject: [rancid] Re: view rancid repositories with ViewVC , How to ? In-Reply-To: Message-ID: <642DFC23A5122746BB964E35A5F26D20789488@US-EX2.na.ds.intelsat.com> Hello Robin I found very interested this option to get access to Rancid CVS using WEB interface, I installed already Trac on my server, but have some questions about how to configure the trac.ini option "repository_dir =" what is the path used? Thank you -----Original Message----- From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Robin Mordasiewicz Sent: Wednesday, 14 February, 2007 9:46 AM To: Mr. James W. Laferriere Cc: rancid Subject: [rancid] Re: view rancid repositories with ViewVC , How to ? On Tue, 13 Feb 2007, Mr. James W. Laferriere wrote: > Hello All , I have been trying to get ViewVC(**) working with rancid > & SVN so I can view the repo's direct . But it appears that rancid doesn't > build a svn repo but uses working copies . > I have seen in the list archive that at least one person has gotten > viewvc to work with CVS so I am hoping that it can be made to work with svn . > I am hoping that that individual will share their configs of viewvc and > CVS that allows viewvc to read the repo's/working copies . > > (**) http://viewvc.tigris.org/ Personally I prefer trac http://trac.edgewall.org/ _______________________________________________ Rancid-discuss mailing list Rancid-discuss at shrubbery.net http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss Intelsat is the world's largest provider of fixed satellite services. Real-time, constant communications with people anywhere in the world is closer, by far. For more information about Intelsat, visit www.intelsat.com. This email message is for the sole use of the intended recipients and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply email and destroy all copies of the original message. Any views expressed in this message are those of the individual sender, except where the sender specifically states them to be the views of Intelsat, Ltd. and its subsidiaries. From Stephane.Malo at bell.ca Fri Feb 16 19:08:45 2007 From: Stephane.Malo at bell.ca (Stephane.Malo at bell.ca) Date: Fri, 16 Feb 2007 14:08:45 -0500 Subject: [rancid] RANCID CISCO CAT OS prompt problem Message-ID: <99A8888A4F0C5B4E9956F96E217C10F2381381@toroondc267.bell.corp.bce.ca> I'm sorry to be bringing this up again but I've search in the past post but never found any step-by-step (idiot proof) instructions for my problem. I have a Cisco WS-C6509 and would need RANCID to be able to get its configuration. As I'm not CISCO switch savy nor a Rancid expert I'm left turning in circles and loosing my hair. I must have multiple problems like: 1- command prompt which is c3c01s> (enable) How do I change it so that I have # instead of >? 2-Do I need to upgrade my version of Rancid and/or expect? If yes how can I determine which version I'm currently running? Here is a snapshot of a manual telnet session to the switch: [smadmin at dcoc4v etc]$ telnet c3c01s Destination c3c01s found for customer 3CS. Connecting to c3c01s using source IP of the client 3CS (198.235.125.28) Trying 192.168.248.65... Connected to 192.168.248.65. Escape character is '^]'. Cisco Systems Console c ****************************************************************************** * SYSTEME INFORMATIQUE PRIVE. RESERVE AUX PERSONNES AUTORISEES. TOUT ACCES * * NON AUTORISE AU DELA DE CE POINT ENTRAINERA DES POURSUITES JUDICIAIRES. * *---------------------------------------------------------------------------* * PRIVATE COMPUTER SYSTEM, RESERVED FOR AUTHORIZED USERS. * * ANY NON-AUTHORIZED ACCESS BEYOND THIS POINT MAY INVOLVE PROSECUTION. * *----------------------------------------------------------------------------* * Gere par/Managed by BELL CANADA et/by Connexim * ****************************************************************************** Enter password: c3c01s> en Enter password: c3c01s> (enable) sh ver WS-C6509 Software, Version NmpSW: 8.3(6) Copyright (c) 1995-2005 by Cisco Systems NMP S/W compiled on Feb 8 2005, 13:10:10 System Bootstrap Version: 5.3(1) System Boot Image File is 'bootflash:cat6000-supk8.8-3-6.bin' System Configuration register is 0x2122 Hardware Version: 2.0 Model: WS-C6509 Serial #: SCA044000YW PS1 Module: WS-CAC-1300W Serial #: SON04331283 PS2 Module: WS-CAC-1300W Serial #: SON04330467 Mod Port Model Serial # Versions --- ---- ------------------- ----------- -------------------------------------- 1 2 WS-X6K-SUP1A-2GE SAD05020STG Hw : 7.3 Fw : 5.3(1) Fw1: 5.4(2) Sw : 8.3(6) Sw1: 8.3(6) WS-F6K-PFC SAD050303KG Hw : 1.1 Sw : WS-X6K-SUP1A-2GE SAD05020STG Hw : 7.3 Sw : 2 2 WS-X6K-SUP1A-2GE SAD05020R9G Hw : 7.0 Fw : 5.3(1) Fw1: 5.4(2) Sw : 8.3(6) Sw1: 8.3(6) WS-F6K-PFC SAD05020EE6 Hw : 1.1 Sw : WS-X6K-SUP1A-2GE SAD05020R9G Hw : 7.0 Sw : 3 48 WS-X6348-RJ-45 SAD04340E68 Hw : 1.1 Fw : 5.4(2) Sw : 8.3(6) 4 48 WS-X6348-RJ-45 SAL050958KT Hw : 2.2 Fw : 5.4(2) Sw : 8.3(6) 5 8 WS-X6408A-GBIC SAL05031CNP Hw : 1.3 Fw : 5.4(2) Sw : 8.3(6) 6 8 WS-X6408A-GBIC SAL05031FWA Hw : 1.3 Fw : 5.4(2) Sw : 8.3(6) 8 48 WS-X6148-GE-TX SAD07510BEK Hw : 6.1 Fw : 7.2(1) Sw : 8.3(6) 9 8 WS-X6608-T1 SAD075001YG Hw : 1.4 Fw : 5.4(2) Sw : 8.3(6) HP1: D004040009E2; DSP1: D0054320 (4.3.201) HP2: D004040009E2; DSP2: D0054320 (4.3.201) HP3: D004040009E2; DSP3: D0054320 (4.3.201) HP4: D004I3A0; DSP4: D005H300 (3.6.12) HP5: C00104000001; DSP5: C002E031 (3.3.2) HP6: C00104000001; DSP6: C002E031 (3.3.2) HP7: C00104000001; DSP7: C002E031 (3.3.2) HP8: C00104000001; DSP8: C002E031 (3.3.2) 15 1 WS-F6K-MSFC2 SAD050301BS Hw : 1.7 Fw : 12.1(20)E2 Sw : 12.1(20)E2 16 1 WS-F6K-MSFC2 SAD05020GLD Hw : 1.1 Fw : 12.1(20)E2 Sw : 12.1(20)E2 DRAM FLASH NVRAM Module Total Used Free Total Used Free Total Used Free ------ ------- ------- ------- ------- ------- ------- ----- ----- ----- 1 130944K 62471K 68473K 16384K 12611K 3773K 512K 374K 138K Uptime is 213 days, 10 hours, 18 minutes c3c01s> (enable) St?phane Malo Bell Solutions d'impartition en T.I.C. Sp?cialiste gestion des syst?mes Bureau : (514) 499-7273 Cellulaire: (514) 514-963-6256 stephane.malo at bell.ca -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20070216/ca9f7697/attachment.html From jerojasro at gmail.com Sat Feb 17 21:51:35 2007 From: jerojasro at gmail.com (Javier Rojas) Date: Sat, 17 Feb 2007 16:51:35 -0500 Subject: [rancid] how to program a custom device Message-ID: <20070217215135.GA1696@abu.cable.net.co> Hi, I have a fortinet firewall and a few allied telesis switches. They are not supported in rancid, and I'm willing to write the necessary scripts for supporting them, so the questions are: 1. Will I be able to reuse some of the *clogin scripts? on which cases is it good to reuse them? 2. What are supossed to do the *login and *rancid scripts? which are their inputs and outputs? Is there any dev-doc for doing this? ... to quote other post in this list, "I'm not the Perl Gods's gift to the mankind", which is why I'd like a language-agnostic definition of what do theses scripts do Thanks -- Javier Rojas GPG Key ID: 0xA1C57061 -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20070217/4d2c32ab/attachment.bin From yuvalba at netvision.net.il Sun Feb 18 15:06:01 2007 From: yuvalba at netvision.net.il (Yuval Ben-Ari) Date: Sun, 18 Feb 2007 17:06:01 +0200 Subject: [rancid] Re: sub groups References: <20070202163832.8e114e4890519e5179c192e02d6bca26.6acaa2c441.wbe@email.secureserver.net> Message-ID: <58D14E53A4F69C4EAF4D29171C447CC492005C@NTX-CL.forest.netvision.net.il> Hi, I got it working eventually. basically I configure the groups normally using LIST_OF_GROUPS="company/group" however it causes some problems that I had to fix on few on the rancid scripts. I did not do it too cleanly to post a patch. If someone interested I can share the changes needed. It might need to be considered as future feature. Yuval -----Original Message----- From: Lance [mailto:rancid at gheek.net] Sent: Saturday, February 03, 2007 1:39 AM To: Yuval Ben-Ari Cc: Rancid-discuss at shrubbery.net Subject: RE: [rancid] sub groups Yuval, Interesting...if that / works, let me know. That would be interesting/helpful. > -------- Original Message -------- > Subject: RE: [rancid] sub groups > From: "Yuval Ben-Ari" > Date: Fri, February 02, 2007 4:29 am > To: "Lance" > Cc: > > sorry, for some reason did not see the reply > > because each company also has it's internal groups (i.e core, access, > border, etc ...) > so what I want to have is a directory structure of: > > $rancid_home/var/companyA/core > $rancid_home/var/companyA/access > $rancid_home/var/companyA/lan > > $rancid_home/var/companyB/core > $rancid_home/var/companyB/access > $rancid_home/var/companyB/lan > > or similar > > Actually I just tried to add this under rancid.conf: > LIST_OF_GROUPS="test/subtest" and it seems to work > I need to see if it can do the job ... > > Yuval > > -----Original Message----- > From: Lance [mailto:rancid at gheek.net] > Sent: Monday, January 29, 2007 3:48 AM > To: Yuval Ben-Ari > Cc: Rancid-discuss at shrubbery.net > Subject: RE: [rancid] sub groups > > Why not just create a network group for each company? > > -Lance > > -------- Original Message -------- > > Subject: [rancid] sub groups > > From: "Yuval Ben-Ari" > > Date: Sun, January 28, 2007 3:57 am > > To: > > > > Hi, Is it possible to configure sub groups in rancid ? I want > to create a group that will have it's own group's inside. (think of > scenario where two networks merge etc ...) Thanks > > --------------------------------------------------------------------- > > _______________________________________________ > > Rancid-discuss mailing list > > Rancid-discuss at shrubbery.net > > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss From heas at shrubbery.net Mon Feb 19 17:52:03 2007 From: heas at shrubbery.net (john heasley) Date: Mon, 19 Feb 2007 17:52:03 +0000 Subject: [rancid] Re: how to program a custom device In-Reply-To: <20070217215135.GA1696@abu.cable.net.co> References: <20070217215135.GA1696@abu.cable.net.co> Message-ID: <20070219175203.GA3440@shrubbery.net> Sat, Feb 17, 2007 at 04:51:35PM -0500, Javier Rojas: > Hi, > > I have a fortinet firewall and a few allied telesis switches. They are > not supported in rancid, and I'm willing to write the necessary scripts > for supporting them, so the questions are: > 1. Will I be able to reuse some of the *clogin scripts? on which cases > is it good to reuse them? reuse an existing script if matches the behavior of the device. if there is a script that is close and the modifications can be done in a clean way, then reuse. > 2. What are supossed to do the *login and *rancid scripts? which are > their inputs and outputs? Is there any dev-doc for doing this? see rancid_intro(1). > ... to quote other post in this list, "I'm not the Perl Gods's gift to the > mankind", which is why I'd like a language-agnostic definition of what > do theses scripts do > > Thanks > -- > Javier Rojas > > GPG Key ID: 0xA1C57061 > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss From geecla at mail.nih.gov Wed Feb 21 19:29:35 2007 From: geecla at mail.nih.gov (Gee-clough, Aaron (NIH/CIT) [C]) Date: Wed, 21 Feb 2007 14:29:35 -0500 Subject: [rancid] Cisco PIX (version 7) tacacs server key Message-ID: <574EDBCEEAD4F84C8DBBE177B7AC8CD101AB55A8@NIHCESMLBX3.nih.gov> Hello, I'm running rancid against a number of Cisco PIXs quite happily, but have noticed a problem with PIX 7 and rancid: PIX 7 stores the TACACS server key differently than IOS. It's stored in the PIX 7 config like this: aaa-server tacacs host x.x.x.x key xxxxxxxxx So, the existing regex to remove the tacacs key in rancid aren't catching this, since the "key" bit is on a new line. I'm thinking about adding a regex to rancid that's just: /^\s+key (\S+)$/ to catch the line with a starting space, then the word "key", but I'm concerned that this would have a pretty high false positive rate and might cut out other useful stuff. Does anyone have any better ideas as to how to properly purge the TACACS key from a PIX config? Thanks. aaron ------------------ Aaron Gee-Clough CIT/DNST/NEB/NSS Contractor. Geek. From rancid at gheek.net Wed Feb 21 20:07:46 2007 From: rancid at gheek.net (Lance) Date: Wed, 21 Feb 2007 13:07:46 -0700 Subject: [rancid] Re: RANCID CISCO CAT OS prompt problem Message-ID: <20070221130746.8e114e4890519e5179c192e02d6bca26.707188a522.wbe@email.secureserver.net> Stephane, What exactly are you having problems with? You are running catos. Make sure in your router.db you have c3c01s defined as cat5. Make sure you have your proper login username/password specified in your .cloginrc Your router.db should look something like this if you only have that one device in it. /usr/local/rancid/var//router.db c3c01s:cat5:up Have you tried doing a "clogin c3c01s"? 1- command prompt which is c3c01s> (enable) How do I change it so that I have # instead of >? Your prompts are fine. That is normal for a catos device. 2-Do I need to upgrade my version of Rancid and/or expect? If yes how can I determine which version I?m currently running? Your Rancid version should be fine if you downloaded it anytime in the last 5 years. The version I am running are listed below. Check your perl/expect version too. perl -v expect -v I am running the following with no problem on a suse box. expect -v expect version 5.41.0 perl -v This is perl, v5.8.6 built for i586-linux-thread-multi Simply do this to get your version of your scripts (if you installed to the default location). cd /usr/local/rancid/bin grep 'Id:' * | grep in alogin:## $Id: alogin.in,v 1.30 2005/06/14 20:20:43 heas Exp $ arancid:## $Id: arancid.in,v 1.20 2005/09/25 17:48:28 heas Exp $ blogin:## $Id: blogin.in,v 1.28 2005/06/14 20:20:43 heas Exp $ brancid:## $Id: brancid.in,v 1.22 2005/09/25 17:48:28 heas Exp $ cat5rancid:## $Id: cat5rancid.in,v 1.45 2005/09/25 17:48:29 heas Exp $ clogin:## $Id: clogin.in,v 1.94 2006/04/28 15:37:40 heas Exp $ control_rancid:## $Id: control_rancid.in,v 1.76 2006/05/04 21:31:20 heas Exp $ cssrancid:## $Id: cssrancid.in,v 1.11 2005/09/25 17:48:29 heas Exp $ elogin:## $Id: elogin.in,v 1.33 2005/06/14 20:20:43 heas Exp $ erancid:## $Id: erancid.in,v 1.24 2005/09/25 17:48:29 heas Exp $ f10rancid:## $Id: f10rancid.in,v 1.17 2005/09/25 17:48:29 heas Exp $ flogin:## $Id: flogin.in,v 1.39 2005/06/14 20:20:43 heas Exp $ fnrancid:## $Id: fnrancid.in,v 1.9 2005/09/25 17:48:29 heas Exp $ francid:## $Id: francid.in,v 1.35 2005/09/25 17:48:29 heas Exp $ hlogin:## $Id: hlogin.in,v 1.31 2006/02/07 19:06:55 heas Exp $ hrancid:## $Id: hrancid.in,v 1.23 2005/09/25 17:48:29 heas Exp $ htlogin:## $Id: htlogin.in,v 1.13 2005/06/14 20:20:43 heas Exp $ htrancid:## $Id: htrancid.in,v 1.11 2005/09/25 17:48:30 heas Exp $ jerancid:## $Id: jerancid.in,v 1.34 2005/09/25 17:48:30 heas Exp $ jlogin:## $Id: jlogin.in,v 1.51 2005/06/14 20:20:43 heas Exp $ jrancid:## $Id: jrancid.in,v 1.70 2005/09/28 22:07:57 heas Exp $ lg.cgi:## $Id: lg.cgi.in,v 1.52 2005/12/07 19:19:46 heas Exp $ lgform.cgi:## $Id: lgform.cgi.in,v 1.29 2004/09/03 18:41:25 heas Exp $ mrancid:## $Id: mrancid.in,v 1.16 2005/09/25 17:48:30 heas Exp $ nclogin:## $Id: clogin.in,v 1.89 2005/08/14 20:18:19 heas Exp $ nlogin:## $Id: nlogin.in,v 1.27 2006/01/26 22:14:28 heas Exp $ nrancid:## $Id: nrancid.in,v 1.25 2005/10/12 01:35:31 heas Exp $ nslogin:## $Id: nslogin.in,v 1.17 2005/06/14 22:23:44 heas Exp $ nsrancid:## $Id: nsrancid.in,v 1.12 2005/09/25 17:48:30 heas Exp $ par:## $Id: par.in,v 1.11 2005/06/14 20:20:44 heas Exp $ prancid:## $Id: prancid.in,v 1.33 2005/09/25 17:48:30 heas Exp $ rancid:## $Id: rancid.in,v 1.203 2006/04/06 21:14:05 heas Exp $ rancid-cvs:## $Id: rancid-cvs.in,v 1.17 2005/08/15 00:42:50 heas Exp $ rancid-fe:## $Id: rancid-fe.in,v 1.37 2005/06/14 20:20:44 heas Exp $ rancid-run:## $Id: rancid-run.in,v 1.32 2005/06/14 20:20:44 heas Exp $ rivlogin:## $Id: rivlogin.in,v 1.19 2005/06/14 20:20:44 heas Exp $ rivrancid:## $Id: rivrancid.in,v 1.15 2005/09/25 17:48:30 heas Exp $ rrancid:## $Id: rrancid.in,v 1.24 2005/09/25 17:48:31 heas Exp $ tntlogin:## $Id: tntlogin.in,v 1.17 2005/06/14 20:20:44 heas Exp $ tntrancid:## $Id: tntrancid.in,v 1.15 2005/09/25 17:48:31 heas Exp $ wlclogin:## $Id: clogin.in,v 1.89 2005/08/14 20:18:19 heas Exp $ xrancid:## $Id: xrancid.in,v 1.39 2006/03/23 18:43:01 heas Exp $ zrancid:## $Id: zrancid.in,v 1.12 2005/09/25 17:48:31 heas Exp $ -lance > -------- Original Message -------- > Subject: [rancid] RANCID CISCO CAT OS prompt problem > From: Stephane.Malo at bell.ca > Date: Fri, February 16, 2007 12:08 pm > To: > Cc: stephane.malo at gmail.com > > Im sorry to be bringing this up again but Ive search in the past post but never found any step-by-step (idiot proof) instructions for my problem. I have a Cisco WS-C6509 and would need RANCID to be able to get its configuration. As Im not CISCO switch savy nor a Rancid expert Im left turning in circles and loosing my hair. I must have multiple problems like: 1- command prompt which is c3c01s> (enable) How do I change it so that I have # instead of >? 2-Do I need to upgrade my version of Rancid and/or expect? If yes how can I determine which version Im currently running? Here is a snapshot of a manual telnet session to the switch: [smadmin at dcoc4v etc]$ telnet c3c01s Destination c3c01s found for customer 3CS. Connecting to c3c01s using source IP of the client 3CS (198.235.125.28) Trying 192.168.248.65... Connected to 192.168.248.65. Escape character is '^]'. Cisco Systems Console c ************** **************************************************************** * SYSTEME INFORMATIQUE PRIVE. RESERVE AUX PERSONNES AUTORISEES. TOUT ACCES * * NON AUTORISE AU DELA DE CE POINT ENTRAINERA DES POURSUITES JUDICIAIRES. * *---------------------------------------------------------------------------* * PRIVATE COMPUTER SYSTEM, RESERVED FOR AUTHORIZED USERS. * * ANY NON-AUTHORIZED ACCESS BEYOND THIS POINT MAY INVOLVE PROSECUTION. * *----------------------------------------------------------------------------* * Gere par/Managed by BELL CANADA et/by Connexim * ****************************************************************************** Enter password: c3c01s> en Enter password: c3c01s> (enable) sh ver WS-C6509 Software, Version NmpSW: 8.3(6) Copyright (c) 1995-2005 by Cisco Systems NMP S/W compiled on Feb 8 2005, 13:10:10 System Bootstrap Version: 5.3(1) System Boot Image File is 'bootflash:cat6000-supk8.8-3-6. bin' System Configuration register is 0x2122 Hardware Version: 2.0 Model: WS-C6509 Serial #: SCA044000YW PS1 Module: WS-CAC-1300W Serial #: SON04331283 PS2 Module: WS-CAC-1300W Serial #: SON04330467 Mod Port Model Serial # Versions --- ---- ------------------- ----------- -------------------------------------- 1 2 WS-X6K-SUP1A-2GE SAD05020STG Hw : 7.3 Fw : 5.3(1) Fw1: 5.4(2) Sw : 8.3(6) Sw1: 8.3(6) WS-F6K-PFC SAD050303KG Hw : 1.1 Sw : WS-X6K-SUP1A-2GE SAD05020STG Hw : 7.3 Sw : 2 2 WS-X6K-SUP1A-2GE SAD05020R9G Hw : 7.0 Fw : 5.3(1) Fw1: 5.4(2) Sw : 8.3(6) Sw1: 8.3(6) WS-F6K-PFC SAD05020EE6 Hw : 1.1 Sw : WS-X6K-SUP1A-2GE SAD05020R9G Hw : 7.0 Sw : 3 48 WS-X6348-RJ-45 SAD04340E68 Hw : 1.1 Fw : 5.4(2) Sw : 8.3(6) 4 48 WS-X6348-RJ-45 SAL050958KT Hw : 2.2 Fw : 5.4(2) Sw : 8.3(6) 5 8 WS-X6408A-GBIC SAL05031CNP Hw : 1.3 Fw : 5.4(2) Sw : 8.3(6) 6 8 WS-X6408A-GBIC SAL05031FWA Hw : 1.3 Fw : 5.4(2) Sw : 8.3(6) 8 48 WS-X6148-GE-TX SAD07510BEK Hw : 6.1 Fw : 7.2(1) Sw : 8.3(6) 9 8 WS-X6608-T1 SAD075001YG Hw : 1.4 Fw : 5.4(2) Sw : 8.3(6) HP1: D004040009E2; DSP1: D0054320 (4.3.201) HP2: D004040009E2; DSP2: D0054320 (4.3.201) HP3: D004040009E2; DSP3: D0054320 (4.3.201) HP4: D004I3A0; DSP4: D005H300 (3.6.12) HP5: C00104000001; DSP5: C002E031 (3.3.2) HP6: C00104000001; DSP6: C002E031 (3.3.2) HP7: C00104000001; DSP7: C002E031 (3.3.2) HP8: C00104000001; DSP8: C002E031 (3.3.2) 15 1 WS-F6K-MSFC2 SAD050301BS Hw : 1.7 Fw : 12.1(20)E2 Sw : 12.1(20)E2 16 1 WS-F6K-MSFC2 SAD05020GLD Hw : 1.1 Fw : 12.1(20)E2 Sw : 12.1(20)E2 DRAM FLASH NVRAM Module Total Used Free Total Used Free Total Used Free ------ ------- ------- ------- ------- ------- ------- ----- ----- ----- 1 130944K 62471K 68473K 16384K 12611K 3773K 512K 374K 138K Uptime is 213 days, 10 hours, 18 minutes c3c01s> (enable) > > St?phane Malo > Bell Solutions d'impartition en T.I.C. > Sp?cialiste gestion des syst?mes > Bureau : (514) 499-7273 > Cellulaire: (514) 514-963-6256 > stephane.malo at bell.ca > --------------------------------------------------------------------- > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss From jmccourt at jeremymccourt.com Thu Feb 22 03:22:42 2007 From: jmccourt at jeremymccourt.com (Jeremy McCourt) Date: Wed, 21 Feb 2007 20:22:42 -0700 Subject: [rancid] : missed cmd(s): write term, show redundancy secondary Message-ID: <45DD0C82.4030108@jeremymccourt.com> Has anyone seen this .. it seems to be happening with most of my devices recently : missed cmd(s): write term,show redundancy secondary or : missed cmd(s): write term Which causes rancid-run to retry until the limit is reached. I am using rancid-run version ## $Id: rancid-run.in,v 1.30 2004/03/12 23:17:28 heas Exp $ Regards, -Jeremy From rancid at gheek.net Fri Feb 23 19:13:45 2007 From: rancid at gheek.net (Lance) Date: Fri, 23 Feb 2007 12:13:45 -0700 Subject: [rancid] Timeout on pix even when the prompt is recognized. Message-ID: <20070223121344.8e114e4890519e5179c192e02d6bca26.877933feb4.wbe@email.secureserver.net> Hey All, I am not sure why this happens. Running just clogin with the -c flag for write term, it hangs and times out. Yet if I do not use the -c flag I have no problem what so ever. Any hints? I have included the output for both logins, with/without the -c flag below. -Lance ### ### With the -c flag ### clogin -t 90 -c "write term" yyz-pix-01 Escape character is '^]'. UNAUTHORIZED ACCESS TO THIS DEVISE IS PROHIBITED. Permission to access or configure this device is required. Violations of this policy may result in disciplinary or other action and may be reported to law enforcement. All activity may be logged. User Access Verification Username: joeuser Password: *********** Type help or '?' for a list of available commands. yyz-pix-01> enable Password: ************* yyz-pix-01# yyz-pix-01# t ### ### No -c flag ### clogin -t 90 yyz-pix-01 Escape character is '^]'. UNAUTHORIZED ACCESS TO THIS DEVISE IS PROHIBITED. Permission to access or configure this device is required. Violations of this policy may result in disciplinary or other action and may be reported to law enforcement. All activity may be logged. User Access Verification Username: joeuser Password: *********** Type help or '?' for a list of available commands. yyz-pix-01> enable Password: ************* yyz-pix-01# yyz-pix-01# sh ver Cisco PIX Firewall Version 6.3(3) Cisco PIX Device Manager Version 3.0(2) Compiled on Wed 13-Aug-03 13:55 by morlee yyz-pix-01 up 63 days 22 hours Hardware: PIX-515E, 64 MB RAM, CPU Pentium II 433 MHz Flash E28F128J3 @ 0x300, 16MB BIOS Flash AM29F400B @ 0xfffd8000, 32KB Encryption hardware device : Crypto5823 (revision 0x1) 0: ethernet0: address is 000e.83c9.ecc1, irq 10 1: ethernet1: address is 000e.83c9.ecc2, irq 11 2: ethernet2: address is 0090.2757.73b2, irq 11 3: ethernet3: address is 0090.2757.73b1, irq 10 4: ethernet4: address is 0090.2757.73b0, irq 9 5: ethernet5: address is 0090.2757.73af, irq 5 Licensed Features: Failover: Enabled VPN-DES: Enabled VPN-3DES-AES: Enabled Maximum Physical Interfaces: 6 Maximum Interfaces: 10 Cut-through Proxy: Enabled Guards: Enabled URL-filtering: Enabled Inside Hosts: Unlimited Throughput: Unlimited IKE peers: Unlimited This PIX has an Unrestricted (UR) license. Serial Number: xxxxxx Running Activation Key: xxxxxxxxx From max.clark at gmail.com Sat Feb 24 17:17:10 2007 From: max.clark at gmail.com (Max Clark) Date: Sat, 24 Feb 2007 09:17:10 -0800 Subject: [rancid] Timeouts with rancid-run Message-ID: <2fa1e1780702240917u1b6de4cfm48a1ca7fb69fbb6a@mail.gmail.com> Hi all, I have a device (Cisco 6500) that I can ssh into directly as a user from the rancid host without issue (i.e. % ssh switch02) and execute "show log" and "show run" commands. When I run "% clogin switch02" as the rancid user it logs me into the switch and enables but when I execute "show run" it hangs and then timesout and drops the ssh session. How do I debug/resolve this? TIA, Max -- Max Clark http://www.clarksys.com From deviousz at gmail.com Mon Feb 26 03:39:12 2007 From: deviousz at gmail.com (Dustin) Date: Sun, 25 Feb 2007 19:39:12 -0800 Subject: [rancid] rancid freakin out Message-ID: <844950720702251939w53e783e8xd2d94f54749c9f0d@mail.gmail.com> Hi, I screwed something up, and not sure how to resolve it. To explain, I added a few (4) devices to router.db and rancid ran and backed up the devices. I then removed those same devices from router.db and deleted the configs created in: /usr/local/rancid/var/CVS/networking/configs But now every time rancid runs, it sees the same changes to router.db, and a few other devices. To clarify, rancid detects the same changes to multiple configs (which have NOT changed) every time it runs. Know what I did? TIA! -Dustin From bpeck at chimesnet.com Mon Feb 26 15:34:09 2007 From: bpeck at chimesnet.com (Bob Peck) Date: Mon, 26 Feb 2007 10:34:09 -0500 Subject: [rancid] removing device Message-ID: <45E2FDF1.8010303@chimesnet.com> Whats the best practice for removing a device out of rancid. This is what I did to remove one switch that was no longer in production. I removed device login from .cloginrc, then I removed device from rancid.db, then I moved device CVS config into the Attic directory, lastly the device config I deleted since I don't need. After I did this I'm getting following error in log for the past several days as well as rancid keeps sending emails of changes I made last week... I'm wondering if I need to run a script after the manual removal... I'm not rancid savy... cvs diff: Diffing . cvs diff: Diffing configs *cvs diff: cannot find configs/gige-core4.level3.chc-chimes.com* cvs commit: Examining . cvs commit: Examining configs *cvs commit: Up-to-date check failed for `configs/gige-core4.level3.chc-chimes.com' cvs [commit aborted]: correct above errors first!* Thanks for any help... -- Bob Peck Network Architect Chimes, Inc 5455 Corporate Drive, Suite 303 Troy MI 48098 office (248) 293-6767 ext 270 mobile (586) 604-4665 -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20070226/9f7eff4d/attachment.html From heas at shrubbery.net Mon Feb 26 16:06:55 2007 From: heas at shrubbery.net (john heasley) Date: Mon, 26 Feb 2007 16:06:55 +0000 Subject: [rancid] Re: removing device In-Reply-To: <45E2FDF1.8010303@chimesnet.com> References: <45E2FDF1.8010303@chimesnet.com> Message-ID: <20070226160655.GA9884@shrubbery.net> Mon, Feb 26, 2007 at 10:34:09AM -0500, Bob Peck: > Whats the best practice for removing a device out of rancid. > > This is what I did to remove one switch that was no longer in production. > > I removed device login from .cloginrc, then I removed device from > rancid.db, ^^^^^^router.db stop there. > then I moved device CVS config into the Attic directory, > lastly the device config I deleted since I don't need. After I did this please people...please stop messing with the cvs repository. > I'm getting following error in log for the past several days as well as > rancid keeps sending emails of changes I made last week... > > I'm wondering if I need to run a script after the manual removal... I'm > not rancid savy... > > cvs diff: Diffing . > cvs diff: Diffing configs > *cvs diff: cannot find configs/gige-core4.level3.chc-chimes.com* > cvs commit: Examining . > cvs commit: Examining configs > *cvs commit: Up-to-date check failed for > `configs/gige-core4.level3.chc-chimes.com' > cvs [commit aborted]: correct above errors first!* you will need to run cvs update now. From bpeck at chimesnet.com Mon Feb 26 16:18:01 2007 From: bpeck at chimesnet.com (Bob Peck) Date: Mon, 26 Feb 2007 11:18:01 -0500 Subject: [rancid] Restored config to switch Message-ID: <45E30839.8090805@chimesnet.com> Anybody, How would I restore a config from rancid onto a new switch that replaced a failed one rancid was monitoring. Thanks!! -- Bob Peck Network Architect Chimes, Inc 5455 Corporate Drive, Suite 303 Troy MI 48098 office (248) 293-6767 ext 270 mobile (586) 604-4665 From rancid at gheek.net Mon Feb 26 16:29:52 2007 From: rancid at gheek.net (Lance) Date: Mon, 26 Feb 2007 09:29:52 -0700 Subject: [rancid] Re: Timeouts with rancid-run Message-ID: <20070226092952.8e114e4890519e5179c192e02d6bca26.fd3904122d.wbe@email.secureserver.net> Max, I have had that issue before and currently. From my experience it all depends what OS and version of software you have. I have never had an issue with FreeBSD but with Suse and Redhad I have had issues. I am running suse 9.3 right now with the following version of expect, ssh, and perl and have the issue. OpenSSH_3.9p1, OpenSSL 0.9.7e 25 Oct 2004 expect version 5.41.0 This is perl, v5.8.6 built for i586-linux-thread-multi -Lance > -------- Original Message -------- > Subject: [rancid] Timeouts with rancid-run > From: "Max Clark" > Date: Sat, February 24, 2007 10:17 am > To: rancid-discuss at shrubbery.net > > Hi all, > > I have a device (Cisco 6500) that I can ssh into directly as a user > from the rancid host without issue (i.e. % ssh switch02) and execute > "show log" and "show run" commands. When I run "% clogin switch02" as > the rancid user it logs me into the switch and enables but when I > execute "show run" it hangs and then timesout and drops the ssh > session. > > How do I debug/resolve this? > > TIA, > Max > > -- > Max Clark > http://www.clarksys.com > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss From rancid at gheek.net Mon Feb 26 16:32:24 2007 From: rancid at gheek.net (Lance) Date: Mon, 26 Feb 2007 09:32:24 -0700 Subject: [rancid] Re: rancid freakin out Message-ID: <20070226093224.8e114e4890519e5179c192e02d6bca26.9ab5de69f7.wbe@email.secureserver.net> Dustin, Have you checked to make sure your CVS is upto date. You may want to just remove the install and trash your CVS for rancid and start again if all else fails. > -------- Original Message -------- > Subject: [rancid] rancid freakin out > From: Dustin > Date: Sun, February 25, 2007 8:39 pm > To: rancid-discuss at shrubbery.net > > Hi, I screwed something up, and not sure how to resolve it. To > explain, I added a few (4) devices to router.db and rancid ran and > backed up the devices. I then removed those same devices from > router.db and deleted the configs created in: > > /usr/local/rancid/var/CVS/networking/configs > > But now every time rancid runs, it sees the same changes to router.db, > and a few other devices. To clarify, rancid detects the same changes > to multiple configs (which have NOT changed) every time it runs. > > Know what I did? TIA! > > -Dustin > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss From rancid at gheek.net Mon Feb 26 16:36:41 2007 From: rancid at gheek.net (Lance) Date: Mon, 26 Feb 2007 09:36:41 -0700 Subject: [rancid] Re: Restored config to switch Message-ID: <20070226093641.8e114e4890519e5179c192e02d6bca26.3981647284.wbe@email.secureserver.net> Bob, FTP(if available), TFTP, copy paste......not sure what else other than SNMP. > -------- Original Message -------- > Subject: [rancid] Restored config to switch > From: Bob Peck > Date: Mon, February 26, 2007 9:18 am > To: rancid-discuss at shrubbery.net > > Anybody, > > How would I restore a config from rancid onto a new switch that replaced > a failed one rancid was monitoring. > > Thanks!! > > -- > Bob Peck > Network Architect > Chimes, Inc > 5455 Corporate Drive, Suite 303 > Troy MI 48098 > > office (248) 293-6767 ext 270 > mobile (586) 604-4665 > > > > > > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss From heas at shrubbery.net Mon Feb 26 17:59:39 2007 From: heas at shrubbery.net (john heasley) Date: Mon, 26 Feb 2007 09:59:39 -0800 Subject: [rancid] Re: Restored config to switch In-Reply-To: <45E30839.8090805@chimesnet.com> References: <45E30839.8090805@chimesnet.com> Message-ID: <20070226175939.GE15857@shrubbery.net> Mon, Feb 26, 2007 at 11:18:01AM -0500, Bob Peck: > Anybody, > > How would I restore a config from rancid onto a new switch that replaced > a failed one rancid was monitoring. take a copy of the config. replace any instances of as appropriate. tftp/ftp/rcp the config to the router. eg cisco copy rcp start reload From lance at gheek.net Mon Feb 26 16:34:21 2007 From: lance at gheek.net (Lance Vermilion) Date: Mon, 26 Feb 2007 09:34:21 -0700 Subject: [rancid] Re: Restored config to switch Message-ID: <20070226093421.8e114e4890519e5179c192e02d6bca26.bade77fcf0.wbe@email.secureserver.net> Bob, FTP(if available), TFTP, copy paste......not sure what else other than SNMP. > -------- Original Message -------- > Subject: [rancid] Restored config to switch > From: Bob Peck > Date: Mon, February 26, 2007 9:18 am > To: rancid-discuss at shrubbery.net > > Anybody, > > How would I restore a config from rancid onto a new switch that replaced > a failed one rancid was monitoring. > > Thanks!! > > -- > Bob Peck > Network Architect > Chimes, Inc > 5455 Corporate Drive, Suite 303 > Troy MI 48098 > > office (248) 293-6767 ext 270 > mobile (586) 604-4665 > > > > > > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss From deviousz at gmail.com Mon Feb 26 18:04:22 2007 From: deviousz at gmail.com (Dustin) Date: Mon, 26 Feb 2007 10:04:22 -0800 Subject: [rancid] Re: rancid freakin out In-Reply-To: <20070226053740.GB29361@shrubbery.net> References: <844950720702251939w53e783e8xd2d94f54749c9f0d@mail.gmail.com> <20070226035050.GC24225@shrubbery.net> <844950720702251958g6c914b47t7bc44be17f4b5876@mail.gmail.com> <20070226042406.GD24225@shrubbery.net> <844950720702252129s424e75fbgf52f0ac4e68dbea@mail.gmail.com> <20070226053740.GB29361@shrubbery.net> Message-ID: <844950720702261004q2d69591cu7d8b0f55ca37b57f@mail.gmail.com> That did it John, thx so much! -Dustin On 2/25/07, john heasley wrote: > Sun, Feb 25, 2007 at 09:29:45PM -0800, Dustin: > > hmm, i'm not following you here. Not sure at all what you mean by > > backbone or group name. > > > > And by configs directory do you mean this directory:? > > > > /usr/local/rancid/var/networking/configs > > cd /usr/local/rancid/var/networking > rm * configs/* > cvs update -A > > > > > If so, thats where I deleted the configs already..... > > if you deleted the files and rancid ran, i'm suspecting theres just > stuff out of sync. > > > > > On 2/25/07, john heasley wrote: > > >Sun, Feb 25, 2007 at 07:58:14PM -0800, Dustin: > > >> >cd > > >> > > >> What director would that be? > > > > > >cd ~/rancid/backbone > > > > > >or whatever the group name is. > > > > > >> >rm * configs/* > > >> > > >> I don't want to remove all my configs? > > > > > >you delete the copy and ge ta new one from the repository > > > > From bostjan.fele at guest.arnes.si Wed Feb 28 04:32:15 2007 From: bostjan.fele at guest.arnes.si (bostjan.fele at guest.arnes.si) Date: Wed, 28 Feb 2007 05:32:15 +0100 Subject: [rancid] accessing routers from another router Message-ID: <20070228_043215_002607.bostjan.fele@guest.arnes.si> Hi everyone, I need to collect the config from routers that are not directly reachable by the host that rancid runs on. I can ssh to the first router, then telnet to the ones that I need the config from. Was searching mailing list and found two threads but none of them works for me. http://www.shrubbery.net/pipermail/rancid-discuss/2004-November/000905.html http://www.shrubbery.net/pipermail/rancid-discuss/2006-May/001490.html Does anybody have implemented hop-by-hop accessing to the routers? Bostjan From randy at psg.com Wed Feb 28 04:32:55 2007 From: randy at psg.com (Randy Bush) Date: Wed, 28 Feb 2007 13:32:55 +0900 Subject: [rancid] Re: accessing routers from another router References: <20070228_043215_002607.bostjan.fele@guest.arnes.si> Message-ID: <17893.1527.406143.356792@roam.psg.com> > I need to collect the config from routers that are not directly > reachable by the host that rancid runs on. I can ssh to the first > router, then telnet to the ones that I need the config from. if you can telnet to them (from anywhere), then why bother? they're dead meat anyway. randy From eravin at panix.com Wed Feb 28 06:08:27 2007 From: eravin at panix.com (Ed Ravin) Date: Wed, 28 Feb 2007 01:08:27 -0500 Subject: [rancid] Re: accessing routers from another router In-Reply-To: <20070228_043215_002607.bostjan.fele@guest.arnes.si> References: <20070228_043215_002607.bostjan.fele@guest.arnes.si> Message-ID: <20070228060827.GE17272@panix.com> On Wed, Feb 28, 2007 at 05:32:15AM +0100, bostjan.fele at guest.arnes.si wrote: > I need to collect the config from routers that are not directly > reachable by the host that rancid runs on. I can ssh to the first > router, then telnet to the ones that I need the config from. > Was searching mailing list and found two threads but none of them > works for me. > > http://www.shrubbery.net/pipermail/rancid-discuss/2004-November/000905.html I didn't know about that one, but even if I had, I think I would have still written the patch mentioned here: > http://www.shrubbery.net/pipermail/rancid-discuss/2006-May/001490.html since it's more generic and can use any program, not just telnet/ssh, to make the first hop. Why didn't my "out of band" patch work for you? From cvicente at network-services.uoregon.edu Wed Feb 28 18:01:14 2007 From: cvicente at network-services.uoregon.edu (Carlos Vicente) Date: Wed, 28 Feb 2007 10:01:14 -0800 Subject: [rancid] rancid-cvs2svn Message-ID: <1172685674.7339.350.camel@tiroloco.uoregon.edu> Hi all, I used this script when converting our rancid repository from CVS to SVN. I thought it might be useful to include something like this in the package eventually. BTW, the patch mentioned in the following post was needed to run rancid-cvs with SVN on 2.3.2a6: http://www.shrubbery.net/pipermail/rancid-discuss/2006-August/001679.html Notice that instead of file://localhost/$CVSROOT/ you can also say file:///$CVSROOT/ Regards, cv -------------- next part -------------- A non-text attachment was scrubbed... Name: rancid-cvs2svn Type: application/x-shellscript Size: 1683 bytes Desc: not available Url : http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20070228/d6815b84/attachment.bin From babydr at baby-dragons.com Wed Feb 28 21:49:37 2007 From: babydr at baby-dragons.com (Mr. James W. Laferriere) Date: Wed, 28 Feb 2007 13:49:37 -0800 (PST) Subject: [rancid] Re: rancid-cvs2svn In-Reply-To: <1172685674.7339.350.camel@tiroloco.uoregon.edu> References: <1172685674.7339.350.camel@tiroloco.uoregon.edu> Message-ID: Hello Carlos , On Wed, 28 Feb 2007, Carlos Vicente wrote: > Hi all, > I used this script when converting our rancid repository from CVS to > SVN. I thought it might be useful to include something like this in the > package eventually. > BTW, the patch mentioned in the following post was needed to run > rancid-cvs with SVN on 2.3.2a6: > http://www.shrubbery.net/pipermail/rancid-discuss/2006-August/001679.html > Notice that instead of > > file://localhost/$CVSROOT/ > > you can also say > > file:///$CVSROOT/ > > Regards, > > cv Thank you for the script . Another method of the above patch that I made was to change 'localhost' to '$LocalHost' which if undefined gives you the same as you showed below 'you can also say' . Hth , JimL -- +-----------------------------------------------------------------+ | James W. Laferriere | System Techniques | Give me VMS | | Network Engineer | 663 Beaumont Blvd | Give me Linux | | babydr at baby-dragons.com | Pacifica, CA. 94044 | only on AXP | +-----------------------------------------------------------------+ From Bostjan.Fele at avtenta.si Wed Feb 28 04:21:09 2007 From: Bostjan.Fele at avtenta.si (=?iso-8859-2?Q?Bo=B9tjan_Fele?=) Date: Wed, 28 Feb 2007 05:21:09 +0100 Subject: [rancid] accessing routers from another router Message-ID: Hi everyone, I need to collect the config from routers that are not directly reachable by the host that rancid runs on. I can ssh to the first router, then telnet to the ones that I need the config from. Was searching mailing list and found two threads but none of them works for me. http://www.shrubbery.net/pipermail/rancid-discuss/2004-November/000905.html http://www.shrubbery.net/pipermail/rancid-discuss/2006-May/001490.html Does anybody have implemented hop-by-hop accessing to the routers? Bostjan -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20070228/08f54481/attachment.html