[rancid] Re: F5 load balancer support

Lance rancid at gheek.net
Mon Jul 16 17:20:53 UTC 2007


Sam,

What bldshgalsjd is the prompt is looks for before it sends the
username.

Example, if the the device prompted you for a username like so, you
would use the following.

Your User name: 

#.cloginrc line
add userprompt f5* "Your User name:"

This would only send your username if it found the prompt of "Your User
name:" (minus the ""). So the likely hood that it will find bldshgalsjd
would be slim to almost impossible.

-lance

> -------- Original Message --------
> Subject: Re: [rancid] Re: F5 load balancer support
> From: Sam Munzani <smunzani at comcast.net>
> Date: Mon, July 16, 2007 9:48 am
> To: David Croft <david at infotrek.co.uk>
> Cc: Lance <rancid at gheek.net>,   rancid-discuss at shrubbery.net
> 
> David,
> 
> Thanks a lot for the tip. This worked well. Now f5login goes much more 
> cleaner and the "root" doesn't set sent again. I still have other issues 
> where rancid-run is backing up config properly but I am still 
> troubleshooting it.
> 
> Now here is a question. What does "bldshgalsjd" mean and how does it do 
> this miracle?
> 
> Thanks,
> Sam
> > Thanks for this tip, turns out that this is also the reason the
> > username gets entered at a prompt on the cisco IPS devices. Since it's
> > using SSH and therefore doesn't need a username prompt, solution was
> > to simply add in .cloginrc:
> >
> > add userprompt ids* bldshgalsjd  (<- something that won't get sent 
> > during login)
> >
> > Regards,
> >
> > David
> >
> > On 14/07/07, Lance <rancid at gheek.net> wrote:
> >> Sam,
> >>
> >> Have you tried using telnet to login, if the f5 has it enabled.
> >> You may also want to set auto enable in your .cloginrc for this device
> >> as it looks to clogin as you are already in a cisco equivalent
> equal to
> >> enable since your prompt has a # sign in it.
> >>
> >> Looking at your next email along with this one it looks like you are
> >> already in a cisco equivalent of enable after you login. f5login seems
> >> to be sending your username of root as a command after you get
> connected
> >> because it sees this line "Last login: Fri Jul 13 14:38:03 2007 from
> >> 172.24.100.12" and it matches on the word "Login". See below.
> >>
> >> "(Username|Login|login|user name):"? yes
> >>
> >> expect: set expect_out(0,string) "login:"
> >>
> >> expect: set expect_out(1,string) "login"
> >>
> >> expect: set expect_out(spawn_id) "exp4"
> >>
> >> expect: set expect_out(buffer) " \r\nLast login:"
> >>
> >> send: sending "root\r" to { exp4 }
> >>
> >> expect: continuing expect
> >>
> >> You are just using a Cisco login/parsing script so it expects prompts
> >> from a Cisco device and in this case you have a *nix SSH banner that
> >> gets interrupted. I know you can use RANCID to backup *nix systems. So
> >> it knows how to understand connecting to a *nix system. You might want
> >> to try this email thread which asks about backing up Linux conifgs.
> >> "http://www.shrubbery.net/pipermail/rancid-discuss/2006-August/001649.html"
> 
> >>
> >> Or you could modify the existing f5login like so.
> >>
> >> I think you have to use the carrot before the () to work. I haven't
> >> checked this as I am at home and not on a UNIX system right now. Sorry
> >> to lazy to check it out right now. You might want to uncomment the
> line
> >> below 3. and comment out the line below 2. and see if that works. This
> >> is the only point in the code that I see it look for login in any
> line.
> >> If that doesn't work send me back the debug and I will see what I can
> >> do. I am sure some people that use expect more often then I can
> probably
> >> quickly tell you what to use as syntax there.
> >>
> >> # Figure out prompts
> >>    set u_prompt [find userprompt $router
> >> if { "$u_prompt" == "" } {
> >>        #1. ORIGINAL
> >>        #set u_prompt "^(Username|Login|login|user name):"
> >>        #2. Modified to read for a line beginning with 
> >> Username,Login,login, or
> >> user name.
> >>        set u_prompt "^(Username|Login|login|user name):"
> >>        #3. Modified to read for a line beginning with Login or login. 
> >> but I
> >> may be wrong
> >>        #set u_prompt "^(Username|^Login|^login|user name):"
> >>    } else {
> >>        set u_prompt [join [lindex $u_prompt 0] ""]
> >>
> >>
> >> Let me know if this works for you.
> >>
> >> -Lance
> >>
> >> > -------- Original Message --------
> >> > Subject: Re: [rancid]  F5 load balancer support
> >> > From: Sam Munzani <smunzani at comcast.net>
> >> > Date: Fri, July 13, 2007 2:30 pm
> >> > To: Lance <rancid at gheek.net>
> >> > Cc: rancid-discuss at shrubbery.net
> >> >
> >> > Lance,
> >> >
> >> > F5 login works fine with a minor error.
> >> >
> >> > $ f5login test-f5-01
> >> > test-f5-01
> >> > spawn ssh -c 3des -x -l root test-f5-01
> >> > Password:
> >> > Last login: Fri Jul 13 14:26:28 2007 from 172.24.100.12
> >> > root
> >> > [root at test-f5-01:Active] config # root
> >> > -bash: root: command not found
> >> > [root at test-f5-01:Active] config #
> >> > [root at test-f5-01:Active] config #
> >> > [root at test-f5-01:Active] config #
> >> >
> >> > I don't know how to debug otherwise I would turn on debug too. If
> you
> >> > can provide some hints on debug, I would appreciate it.
> >> >
> >> > Thanks,
> >> > Sam
> >> > > What error(s) do you get when you try to run your f5rancid?
> >> > >
> >> > > Where does it fail if you debug your f5login?
> >> > >
> >> > >
> >> > > -lance
> >> > >
> >> > >
> >> > >> -------- Original Message --------
> >> > >> Subject: [rancid]  F5 load balancer support
> >> > >> From: Sam Munzani <smunzani at comcast.net>
> >> > >> Date: Fri, July 13, 2007 12:45 pm
> >> > >> To: rancid-discuss at shrubbery.net
> >> > >>
> >> > >> Hi,
> >> > >>
> >> > >> Did anybody happened to hack one of Cisco scripts to support 
> >> BigIP F5
> >> > >> boxes? It should be pretty simple. All I want to do is login and
> >> > type "b
> >> > >> list" which is equivalent of "show run" on cisco.
> >> > >>
> >> > >> However for some reason things not working. All I did was copied
> >> > clogin
> >> > >> to f5login, copied rancid to f5rancid and added following to
> >> > rancid-fe.
> >> > >> elsif ($vendor =~ /^f5$/i)              { exec('f5rancid', 
> >> $router); }
> >> > >>
> >> > >> Then modified f5 rancid file and kept only one command in list of
> >> > >> commands "b list".
> >> > >>
> >> > >> For some reason its not working. I can post my configs here if
> >> > somebody
> >> > >> like to see them.
> >> > >>
> >> > >> Thanks,
> >> > >> Sam
> >> > >> _______________________________________________
> >> > >> Rancid-discuss mailing list
> >> > >> Rancid-discuss at shrubbery.net
> >> > >> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
> >> > >>
> >> > >
> >> > >
> >> > >
> >>
> >> _______________________________________________
> >> Rancid-discuss mailing list
> >> Rancid-discuss at shrubbery.net
> >> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
> >>
> >



More information about the Rancid-discuss mailing list