[rancid] Re: Pulling down context configs from a Cisco FWSM

Rob Shepherd rob at techniumcast.com
Wed Mar 28 10:16:52 UTC 2007 

Ed Ravin wrote:
> On Tue, Mar 27, 2007 at 07:55:40AM -0700, Lance wrote:
>> In my opinion it shouldn't be too hard. The hardest part would be
>> looking at the output from "show contexts" and substringing or
>> delimiting the line via expect and then dynamically changing to each
>> one and doing the commands needed needed.
> 
> The problem is that we're asking the *login scripts to do something
> that is outside their model - normally the *rancid scripts send the
> list of exact commands to run, the *login scripts run them and put the
> output in a file, and then the *rancid scripts parse the output.
> 
> There's just no hook for dynamic / interactive commands, or returning
> multiple files.  You've got the ability to "plugin" an external script,
> maybe that would be the place to start, to write a TCL script that can
> be called with the "-s" option to clogin, that would deliver the
> individual files for each context.
> 
> But then we have to get the files into the *rancid program.  It
> would be nice to do this without some ugly hack, like the ones I
> usually code to get around RANCID's limitations.
> 
>> Ed Ravin should be able to code something pretty quick. He has solid
>> coding skills and should be able to do this in a matter of a few hours
>> max I would think. That is up to him though.
> 
> Thanks for the flowers, but you are being awfully generous with my time!
> I have a suspicion that Austin and John are also otherwise engaged.

1) An option would be to have a seperate component for discovering the contexts and laying them out in a file like hosts are at present.

I'd be happy to do this manually as I only add contexts every 3-4 months anyway.

2) An additional command, after "enable" select the correct context.

...would this be a variation of clogin?

I guess clogin can perform the enable command... and enter the password. Does it detect the change in prompt? to decide if it's in enable mode?

The prompt changes also when in context mode....

Here's the output of a login session. it goes straight to the admin context, then I switch to the system context, then to another context.

> rob at penguin:/tmp >ssh 172.16.3.254
> rob at 172.16.3.254's password:
> Type help or '?' for a list of available commands.
> cast-tec-mr2-c5-fsm1/cast>
> cast-tec-mr2-c5-fsm1/cast> enable
> Password: ****
> cast-tec-mr2-c5-fsm1/cast# changeto system
> cast-tec-mr2-c5-fsm1# changeto context etl
> cast-tec-mr2-c5-fsm1/etl#

Would this be a case of entending clogin to perform a context switch?

Cheers

Rob


-- 
Rob Shepherd BEng PhD | Computer and Network Engineer | CAST Ltd
Technium CAST | LL57 4HJ | http://www.techniumcast.com
rob at techniumcast.com | 01248 675024 | 077988 72480

More information about the Rancid-discuss mailing list