[rancid] Re: Pulling down context configs from a Cisco FWSM
Lance
rancid at gheek.net
Tue Mar 27 14:55:40 UTC 2007
In my opinion it shouldn't be too hard. The hardest part would be
looking at the output from "show contexts" and substringing or
delimiting the line via expect and then dynamically changing to each
one and doing the commands needed needed. The perl part I would like to
think would be the easy part. With some work I am sure I could come up
with something. I am just wrapped up in another project with IP Plan.
Once I finish that I would love to attempt this.
Ed Ravin should be able to code something pretty quick. He has solid
coding skills and should be able to do this in a matter of a few hours
max I would think. That is up to him though.
Other options are Austin Schutz and John Heasley. I know their work is
solid as well.
-Lance
> -------- Original Message --------
> Subject: [rancid] Re: Pulling down context configs from a Cisco FWSM
> From: Rob Shepherd <rob at techniumcast.com>
> Date: Tue, March 27, 2007 3:24 am
> To: rancid-discuss at shrubbery.net
>
> Lance Vermilion wrote:
> > Justin,
> >
> > Great idea. [...] I am not sure how the config looks for the admin view with
> > multiple contexts, but we have only the admin and system contexts and
> > the configs are the same that I can tell.
> >
>
> Here is the output from my system with multiple contexts.
>
> > cast-tec-mr2-c5-fsm1/cast# changeto system
> > cast-tec-mr2-c5-fsm1# show context
> > Context Name Class Interfaces URL
> > *cast cast vlan3,164,501,511 disk:/cast.cfg
> > university university vlan216,316,416,501,511 disk:/university.cfg
> > inspired-broadcast inspired-b vlan217,317,417,501,511 disk:/inspired-broadcast.cfg
> > bdex default vlan218,318,418,501,511 disk:/bdex.cfg
> > cast-shared-servers cast vlan102,511 disk:/cast-shared-servers.cfg
> > alcatel-ipt alcatel-ip vlan511,601,616-626,632 disk:/alcatel-ipt.cfg
> > netability netability vlan219,319,419,501,511 disk:/netability.cfg
> > etl etl vlan223,323,423,501,511 disk:/etl.cfg
> > celeritas celeritas vlan220,320,420,501,511 disk:/celeritas.cfg
> > brandsauce brandsauce vlan221,321,421,501,511 disk:/brandsauce.cfg
> > eon eon vlan222,322,422,501,511 disk:/eon.cfg
> > neat3d neat3d vlan224,324,424,501,511 disk:/neat3d.cfg
> > lightwave-technologies lightwave- vlan225,325,425,501,511 disk:/lightwave-technologies.cfg
> > guest-networks guest-netw vlan426,501,504-505,508,511 disk:/guest-networks.cfg
> > event-networks event-netw vlan501,506-507,511 disk:/event-networks.cfg
> > wag wag vlan226,326,501,511 disk:/wag.cfg
> >
> > Total active Security Contexts: 16
> > cast-tec-mr2-c5-fsm1#
>
> So, in through system context (*).....
>
> login
> enable
> changeto system
> show context | awk '{print $1}' | sed -e 's/\*//g' | while read CTXT
> do
> changeto context $CTXT
> // normal RANCID operations
> changeto system
> done
>
> I would be very interested in having this functionality.
> I would also be interested in helping to code up the changes necessary. However I've never coded in perl, so I can't understand most of rancid.
>
> Does somebody who knows the architecture have the time to block diagram the required changes? And mock up the process by which multiple context
> outputs can go to different files in the repository, just like separate hosts.
>
> I'm eager to get a reliable backup system for my multi context FWSMs.
>
> I've also got Standby-Failover FWSMs, but that a headache for another day.....
>
> Cheers
>
> Rob
>
>
> --
> Rob Shepherd BEng PhD | Computer and Network Engineer | CAST Ltd
> Technium CAST | LL57 4HJ | http://www.techniumcast.com
> rob at techniumcast.com | 01248 675024 | 077988 72480
> _______________________________________________
> Rancid-discuss mailing list
> Rancid-discuss at shrubbery.net
> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
More information about the Rancid-discuss
mailing list