[rancid] Re: F5 load balancer support

Lance rancid at gheek.net
Mon Jul 16 18:54:53 UTC 2007


Sam,

Is that the whole file? Attach the whole file to make sure you aren't
missing anything.

Does the f5 have a pager of sort? Meaning if you run b list does it have
a <-- More --> prompt or anything else other than the config that may
show up?

Email me your IM names and we might be able to solve it faster and then
post back to the list?

-lance

> -------- Original Message --------
> Subject: Re: [rancid] Re: F5 load balancer support
> From: Sam Munzani <smunzani at comcast.net>
> Date: Mon, July 16, 2007 11:00 am
> To: Lance <rancid at gheek.net>
> Cc: rancid-discuss at shrubbery.net,  David Croft <david at infotrek.co.uk>
> 
> Lance,
> 
> That makes perfect sense. Thanks a lot for a very good logical
> explanation.
> 
> BTW, this is what I did in f5rancid(a copy of rancid). Modified it as
> below.
> 
> # This routine processes a "write term"
> sub BList {
>     print STDERR "    In BList: $_" if ($debug);
>     my($lineauto,$comment,$linecnt) = (0,0,0);
>        
>     while (<INPUT>) {
>         tr/\015//d;
>         last if(/^$prompt/);
>         return(-1) if (/command not found/i);      
>         $linecnt++;                 
>         $lineauto = 0 if (/^[^ ]/);                 
>         # some versions have other crap mixed in with the bits in the
>        
>     }
>     # The ContentEngine lacks a definitive "end of config" marker.  If we
>     # know that it is a CE and we have seen at least 5 lines of b list
>     # o/p, we can be reasonably sure that we got the config.
>     if ($linecnt > 5) {
>         $found_end = 1;
>         return(1);
>     }
> 
>     return(0);
> }
>    
> # dummy function  
> sub DoNothing {print STDOUT;}
> 
> # Main
> %commands=(
>         'b list'                => "BList"
> );
> # keys() doesnt return things in the order entered and the order of the
> # cmds is important (show version first and write term last). pita
> @commands=(
>         "b list"
> );
> $cisco_cmds=join(";", at commands);
> $cmds_regexp=join("|", at commands);
> 
> All I did was changed "write term" to "b list" and changed function name 
> too. I also changed a little bit around finding the end of input 
> variable. However it still doesn't work. I get following in my logs.
> 
> starting: Mon Jul 16 12:49:05 CDT 2007
> 
> 
> 
> Trying to get all of the configs.
> test-f5-01: End of run not found
> !
> =====================================
> Getting missed routers: round 1.
> test-f5-01: End of run not found
> !
> =====================================
> Getting missed routers: round 2.
> test-f5-01: End of run not found
> !
> =====================================
> Getting missed routers: round 3.
> test-f5-01: End of run not found
> !
> =====================================
> Getting missed routers: round 4.
> test-f5-01: End of run not found
> !
> 
> cvs diff: Diffing .
> cvs diff: Diffing configs
> cvs diff: cannot find configs/test-f5-01
> cvs commit: Examining .
> cvs commit: Examining configs
> cvs commit: Up-to-date check failed for `configs/test-f5-01'
> cvs [commit aborted]: correct above errors first!
> ls: test-f5-01: No such file or directory
> 
> ending: Mon Jul 16 12:49:32 CDT 2007
> 
> Any hints would be appreciated.
> 
> Thanks,
> Sam
> > Sam,
> >
> > What bldshgalsjd is the prompt is looks for before it sends the
> > username.
> >
> > Example, if the the device prompted you for a username like so, you
> > would use the following.
> >
> > Your User name: 
> >
> > #.cloginrc line
> > add userprompt f5* "Your User name:"
> >
> > This would only send your username if it found the prompt of "Your User
> > name:" (minus the ""). So the likely hood that it will find bldshgalsjd
> > would be slim to almost impossible.
> >
> > -lance
> >
> >   
> >> -------- Original Message --------
> >> Subject: Re: [rancid] Re: F5 load balancer support
> >> From: Sam Munzani <smunzani at comcast.net>
> >> Date: Mon, July 16, 2007 9:48 am
> >> To: David Croft <david at infotrek.co.uk>
> >> Cc: Lance <rancid at gheek.net>,   rancid-discuss at shrubbery.net
> >>
> >> David,
> >>
> >> Thanks a lot for the tip. This worked well. Now f5login goes much
> more 
> >> cleaner and the "root" doesn't set sent again. I still have other
> issues 
> >> where rancid-run is backing up config properly but I am still 
> >> troubleshooting it.
> >>
> >> Now here is a question. What does "bldshgalsjd" mean and how does
> it do 
> >> this miracle?
> >>
> >> Thanks,
> >> Sam
> >>     
> >>> Thanks for this tip, turns out that this is also the reason the
> >>> username gets entered at a prompt on the cisco IPS devices. Since
> it's
> >>> using SSH and therefore doesn't need a username prompt, solution was
> >>> to simply add in .cloginrc:
> >>>
> >>> add userprompt ids* bldshgalsjd  (<- something that won't get sent 
> >>> during login)
> >>>
> >>> Regards,
> >>>
> >>> David
> >>>
> >>> On 14/07/07, Lance <rancid at gheek.net> wrote:
> >>>       
> >>>> Sam,
> >>>>
> >>>> Have you tried using telnet to login, if the f5 has it enabled.
> >>>> You may also want to set auto enable in your .cloginrc for this
> device
> >>>> as it looks to clogin as you are already in a cisco equivalent
> >>>>         
> >> equal to
> >>     
> >>>> enable since your prompt has a # sign in it.
> >>>>
> >>>> Looking at your next email along with this one it looks like you are
> >>>> already in a cisco equivalent of enable after you login. f5login
> seems
> >>>> to be sending your username of root as a command after you get
> >>>>         
> >> connected
> >>     
> >>>> because it sees this line "Last login: Fri Jul 13 14:38:03 2007 from
> >>>> 172.24.100.12" and it matches on the word "Login". See below.
> >>>>
> >>>> "(Username|Login|login|user name):"? yes
> >>>>
> >>>> expect: set expect_out(0,string) "login:"
> >>>>
> >>>> expect: set expect_out(1,string) "login"
> >>>>
> >>>> expect: set expect_out(spawn_id) "exp4"
> >>>>
> >>>> expect: set expect_out(buffer) " \r\nLast login:"
> >>>>
> >>>> send: sending "root\r" to { exp4 }
> >>>>
> >>>> expect: continuing expect
> >>>>
> >>>> You are just using a Cisco login/parsing script so it expects
> prompts
> >>>> from a Cisco device and in this case you have a *nix SSH banner that
> >>>> gets interrupted. I know you can use RANCID to backup *nix
> systems. So
> >>>> it knows how to understand connecting to a *nix system. You might
> want
> >>>> to try this email thread which asks about backing up Linux conifgs.
> >>>> "http://www.shrubbery.net/pipermail/rancid-discuss/2006-August/001649.html"
> >>>>         
> >>>> Or you could modify the existing f5login like so.
> >>>>
> >>>> I think you have to use the carrot before the () to work. I haven't
> >>>> checked this as I am at home and not on a UNIX system right now.
> Sorry
> >>>> to lazy to check it out right now. You might want to uncomment the
> >>>>         
> >> line
> >>     
> >>>> below 3. and comment out the line below 2. and see if that works.
> This
> >>>> is the only point in the code that I see it look for login in any
> >>>>         
> >> line.
> >>     
> >>>> If that doesn't work send me back the debug and I will see what I
> can
> >>>> do. I am sure some people that use expect more often then I can
> >>>>         
> >> probably
> >>     
> >>>> quickly tell you what to use as syntax there.
> >>>>
> >>>> # Figure out prompts
> >>>>    set u_prompt [find userprompt $router
> >>>> if { "$u_prompt" == "" } {
> >>>>        #1. ORIGINAL
> >>>>        #set u_prompt "^(Username|Login|login|user name):"
> >>>>        #2. Modified to read for a line beginning with 
> >>>> Username,Login,login, or
> >>>> user name.
> >>>>        set u_prompt "^(Username|Login|login|user name):"
> >>>>        #3. Modified to read for a line beginning with Login or
> login. 
> >>>> but I
> >>>> may be wrong
> >>>>        #set u_prompt "^(Username|^Login|^login|user name):"
> >>>>    } else {
> >>>>        set u_prompt [join [lindex $u_prompt 0] ""]
> >>>>
> >>>>
> >>>> Let me know if this works for you.
> >>>>
> >>>> -Lance
> >>>>
> >>>>         
> >>>>> -------- Original Message --------
> >>>>> Subject: Re: [rancid]  F5 load balancer support
> >>>>> From: Sam Munzani <smunzani at comcast.net>
> >>>>> Date: Fri, July 13, 2007 2:30 pm
> >>>>> To: Lance <rancid at gheek.net>
> >>>>> Cc: rancid-discuss at shrubbery.net
> >>>>>
> >>>>> Lance,
> >>>>>
> >>>>> F5 login works fine with a minor error.
> >>>>>
> >>>>> $ f5login test-f5-01
> >>>>> test-f5-01
> >>>>> spawn ssh -c 3des -x -l root test-f5-01
> >>>>> Password:
> >>>>> Last login: Fri Jul 13 14:26:28 2007 from 172.24.100.12
> >>>>> root
> >>>>> [root at test-f5-01:Active] config # root
> >>>>> -bash: root: command not found
> >>>>> [root at test-f5-01:Active] config #
> >>>>> [root at test-f5-01:Active] config #
> >>>>> [root at test-f5-01:Active] config #
> >>>>>
> >>>>> I don't know how to debug otherwise I would turn on debug too. If
> >>>>>           
> >> you
> >>     
> >>>>> can provide some hints on debug, I would appreciate it.
> >>>>>
> >>>>> Thanks,
> >>>>> Sam
> >>>>>           
> >>>>>> What error(s) do you get when you try to run your f5rancid?
> >>>>>>
> >>>>>> Where does it fail if you debug your f5login?
> >>>>>>
> >>>>>>
> >>>>>> -lance
> >>>>>>
> >>>>>>
> >>>>>>             
> >>>>>>> -------- Original Message --------
> >>>>>>> Subject: [rancid]  F5 load balancer support
> >>>>>>> From: Sam Munzani <smunzani at comcast.net>
> >>>>>>> Date: Fri, July 13, 2007 12:45 pm
> >>>>>>> To: rancid-discuss at shrubbery.net
> >>>>>>>
> >>>>>>> Hi,
> >>>>>>>
> >>>>>>> Did anybody happened to hack one of Cisco scripts to support 
> >>>>>>>               
> >>>> BigIP F5
> >>>>         
> >>>>>>> boxes? It should be pretty simple. All I want to do is login and
> >>>>>>>               
> >>>>> type "b
> >>>>>           
> >>>>>>> list" which is equivalent of "show run" on cisco.
> >>>>>>>
> >>>>>>> However for some reason things not working. All I did was copied
> >>>>>>>               
> >>>>> clogin
> >>>>>           
> >>>>>>> to f5login, copied rancid to f5rancid and added following to
> >>>>>>>               
> >>>>> rancid-fe.
> >>>>>           
> >>>>>>> elsif ($vendor =~ /^f5$/i)              { exec('f5rancid', 
> >>>>>>>               
> >>>> $router); }
> >>>>         
> >>>>>>> Then modified f5 rancid file and kept only one command in list of
> >>>>>>> commands "b list".
> >>>>>>>
> >>>>>>> For some reason its not working. I can post my configs here if
> >>>>>>>               
> >>>>> somebody
> >>>>>           
> >>>>>>> like to see them.
> >>>>>>>
> >>>>>>> Thanks,
> >>>>>>> Sam
> >>>>>>> _______________________________________________
> >>>>>>> Rancid-discuss mailing list
> >>>>>>> Rancid-discuss at shrubbery.net
> >>>>>>> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
> >>>>>>>
> >>>>>>>               
> >>>>>>
> >>>>>>             
> >>>> _______________________________________________
> >>>> Rancid-discuss mailing list
> >>>> Rancid-discuss at shrubbery.net
> >>>> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
> >>>>
> >>>>         
> >
> >
> >



More information about the Rancid-discuss mailing list