From simon.leinen at switch.ch Sun Jun 1 17:11:54 2008 From: simon.leinen at switch.ch (Simon Leinen) Date: Sun, 01 Jun 2008 19:11:54 +0200 Subject: [rancid] Re: VLAN portion of rancid-run In-Reply-To: <20080529215206.GJ24141@shrubbery.net> (john heasley's message of "Thu, 29 May 2008 14:52:06 -0700") References: <20080526141032.84mu8pi044co0os8@webmail.iol.pt> <20080528090643.GC4666@mx.ytti.net> <20080528214056.GI26391@shrubbery.net> <20080529180321.GB27405@mx.ytti.net> <20080529215206.GJ24141@shrubbery.net> Message-ID: john heasley writes: > would setting it to something non-zero be a better choice? 128 for example. We have been using "terminal width 80" with RANCID for years. Works fine, but then we only have Cisco boxes. Personally I think either 0 or something in the range 72-80 would be best, generating either short and machine-readable or human-readable diffs. And yes, it would be great if this could be parametrized somewhere, possibly within some hook for specifying device-specific commands, along the lines of Ed Ravin's suggestion in message <20080530133226.GB4452 at panix.com>. -- Simon. From golier at antik.sk Mon Jun 2 11:16:01 2008 From: golier at antik.sk (Richard Golier) Date: Mon, 02 Jun 2008 13:16:01 +0200 Subject: [rancid] procurve 3500 series Message-ID: <4843D671.1010400@antik.sk> Hello all, we have a problem getting configs from HP procurve 3500 series switches with the K.13.09 version firmware. There wasn't problem like this with an older K.12.x series. Rancid version is 2.3.2~a7-3 from debian packages. Below is the error output from the logs. Is there any solution available? Richard. write(spawn_id=1): broken pipe while executing "send_user -- "$expect_out(buffer)"" invoked from within "expect -nobrace -re {^[^ *]*r01#} { send_user -- "$expect_out(buffer)" } -re {^[^ ]*r01#.} { send_user -- "$expect_out(buffer)" exp_c..." invoked from within "expect { -re "^\[^\n\r *]*$reprompt" { send_user -- "$expect_out(buffer)" } -re "^\[^\n\r]*$reprompt." { send_user -- "$expect_out(buffer)" ..." invoked from within "if [ string match "*\;*" "$command" ] { set commands [split $command \;] set num_commands [llength $commands] # the pager can not be turned off on ..." (procedure "run_commands" line 15) invoked from within "run_commands $prompt $command" ("foreach" body line 139) invoked from within "foreach router [lrange $argv $i end] { set router [string tolower $router] send_user "$router\n" # Figure out prompt. # Since autoena..." (file "/var/lib/rancid/bin/hlogin" line 583) From golier at antik.sk Mon Jun 2 11:58:38 2008 From: golier at antik.sk (Richard Golier) Date: Mon, 02 Jun 2008 13:58:38 +0200 Subject: [rancid] Re: procurve 3500 series In-Reply-To: <4843D671.1010400@antik.sk> References: <4843D671.1010400@antik.sk> Message-ID: <4843E06E.8080906@antik.sk> It seems like I found the cause of the problem. In K.12 series of the firmware there was a command 'show system-information'. In K.13 series it has been changed to 'show system information'. After modifying the hrancid script appropriately, configs from the switches with new firmware can be fetched again. Could this be fixed somehow, so that both old and new version would work? Richard Richard Golier wrote: > Hello all, > we have a problem getting configs from HP procurve 3500 series switches > with the K.13.09 version firmware. There wasn't problem like this with > an older K.12.x series. Rancid version is 2.3.2~a7-3 from debian > packages. Below is the error output from the logs. Is there any solution > available? > Richard. > > > write(spawn_id=1): broken pipe > while executing > "send_user -- "$expect_out(buffer)"" > invoked from within > "expect -nobrace -re {^[^ > *]*r01#} { send_user -- "$expect_out(buffer)" > } -re {^[^ > ]*r01#.} { send_user -- "$expect_out(buffer)" > exp_c..." > invoked from within > "expect { > -re "^\[^\n\r *]*$reprompt" { send_user -- > "$expect_out(buffer)" > } > -re "^\[^\n\r]*$reprompt." { send_user -- > "$expect_out(buffer)" > ..." > invoked from within > "if [ string match "*\;*" "$command" ] { > set commands [split $command \;] > set num_commands [llength $commands] > # the pager can not be turned off on ..." > (procedure "run_commands" line 15) > invoked from within > "run_commands $prompt $command" > ("foreach" body line 139) > invoked from within > "foreach router [lrange $argv $i end] { > set router [string tolower $router] > send_user "$router\n" > > # Figure out prompt. > # Since autoena..." > (file "/var/lib/rancid/bin/hlogin" line 583) > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > From tom.duijf at gmail.com Tue Jun 3 16:00:01 2008 From: tom.duijf at gmail.com (Tom Duijf) Date: Tue, 3 Jun 2008 18:00:01 +0200 Subject: [rancid] remote subversion 'hack' + small commit remark patch Message-ID: Hi all, I search the list archived for a way to use a existing remote subversion repository, i couldn't find a solution. So, for those interested here is a small howto in order to achieve this. Besides this howto, at the end of the mail, i wrote a small description of the 2 patch files attached to this mail. It adds a feature where you can prefix all repository checkin comments using a config file variable. Feature only applies if you actually add a directive in the config file. ## Remote / existing subversion repository usage. This short howto only applies to subversion, i never use cvs so i don't know if and how this would apply to cvs. Rancid normally creates a local svn/cvs repos and checks out working copies for each list_group. This is done by rancid-cvs when you are initially setting up rancid or add list_groups to the config file. This is also the _only_ command which uses the repository itself, all other actions / mutations are done on the working copy. Taking the above into account, you can checkout a working copy from any subversion repository (local or remote, svn://, http(s)://, ssh, whatever). The location a subversion repository is contained in the metadata of working copies. There are some things to take into account: - You need to cache the subversion credentials (enable this in ~/.subversion/config ) - You chose to either make a working copy per 'list_group' or make the entire $WORKDIR a working copy. Most importantly, this must be checked in and updated _before_ you run rancid-run. (you might have to svn:ignore some files/dirs if you make $WORKDIR a working copy, such as logs). - If you add a new list_group, you need to touch router.db and create the config/ dir. The rest of the files are auto-created by rancid-run. - Never run rancid-cvs, as this will screw up everything :) I have rancid running with 2 groups (a working copy per group dir) using a larger, more generic configuration store on a remote subversion instance (via http+mod_dav+mod_dav_svnauthz). Works like a charm :) ## Patches One of the drawbacks of the current rancid commits (regardless of svn or cvs), is that the commit remarks (messages) are hard coded in the scripts and don't really describe much ('updates', 'new router', etc). Specially in the above situation, where the rancid tree is part of a larger repository, it's nice to have little more freedom in commit remarks. The attached patches are for control_rancid and rancid-cvs which prefix the commit remarks with a variable from the config file. The reason i didn't include a space (check patch files) between the prefix and the existing message is that i didn't want this to be mandatory. If you don't define the variable in the config file, nothing will change. As the config file is sourced into the script files, you can actually use `` or global variables. Example of the new config file variable: --------------------------8<-------------------------------- ## If you use this, always end your comment with a space! RCSREMARKS="AUTOCOMMIT -- Rancid config backup Comitted on: `date +%Y/%m/%d-%H:%M:%S` Comitted by: ${0} Action: "; export RCSREMARKS --------------------------8<-------------------------------- Extra note1. It would be nice if rancid did an svn/cvs update before using the working copy. This way, for example, router.db could be updated through the repository, and it would prevent conflicts in general. I might submit a patch for this later as i need to dig deeper into the scripts. Extra note2. I think there's a bug in the alteon parser. I am getting a diff of 1 line each run, which i think is caused by the fact that we have 2 alteons in sync mode. I need to look further into this and hopefully commit a patch for this as well. Kind regards, Tom Duijf -------------- next part -------------- A non-text attachment was scrubbed... Name: control_rancid.patch Type: unknown/unknown Size: 1099 bytes Desc: not available Url : http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20080603/a54eb191/attachment.bin -------------- next part -------------- A non-text attachment was scrubbed... Name: rancid-cvs.patch Type: unknown/unknown Size: 493 bytes Desc: not available Url : http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20080603/a54eb191/attachment-0001.bin From smunzani at comcast.net Wed Jun 4 04:23:16 2008 From: smunzani at comcast.net (Sam Munzani) Date: Tue, 03 Jun 2008 23:23:16 -0500 Subject: [rancid] What's difference between "show running-config" and "show config" parsing? Message-ID: <484618B4.3000409@comcast.net> Team, I have a situation where the end user doesn't permit enable access to the rancid user. On return, they allow all "show" commands by doing some "privilege exec" commands on the router. That means, I can't run "show run" command if I am logged in as rancid user. However I can do "show config" command which reads the startup configuration file from the nvram. I compared end of both configuration and they are identical. ---------- show run output last 4 lines ----------- ntp clock-period 17179646 ntp server x.x.x.x prefer ntp server x.x.x.y end -------------------------------------------------- ---------- show config output last 4 lines -------- ntp clock-period 17179646 ntp server x.x.x.x prefer ntp server x.x.x.y end -------------------------------------------------- Literally no difference at all. However following doesn't work and throws "End of run not found" error in the log. 1. Configure .cloginrc with following setup. and modify bin/rancid script to run "show config" command instead of show run. add user * {rancid} add password * {rancidpass} add method * ssh add cyphertype * {3des} add autoenable * 1 # I set autoenable to 1 because rancid account login puts to "#" prompt since its a priv-2 account Technically it should work fine since both commands produces same output and end of file but it doesn't work for some reason. Any advise on how to troubleshoot this one? Thanks, Sam From alex.malberty at babycenter.com Wed Jun 4 16:46:56 2008 From: alex.malberty at babycenter.com (Alex Malberty) Date: Wed, 4 Jun 2008 09:46:56 -0700 Subject: [rancid] Re: What's difference between "show running-config" and "show config" parsing? In-Reply-To: <484618B4.3000409@comcast.net> References: <484618B4.3000409@comcast.net> Message-ID: I had the same problem. I could not get show running-config to show an output using a low privilege user. It is a Cisco IOS configuration that cannot be bypassed. I even opened a ticket with Cisco to find out how to make show running-config show an output. You can use show config, but that is not necessarily what is actually running on the device. So, I had to deal with it using an enable user to get the running-config. ------------------------------------------------------------------------ -- Alejandro A. Malberty Systems Administrator Engineering BabyCenter, LLC amalberty at babycenter.com p: 415.344.7626 http://www.babycenter.com -----Original Message----- From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Sam Munzani Sent: Tuesday, June 03, 2008 9:23 PM To: 'rancid-discuss at shrubbery.net' Subject: [rancid] What's difference between "show running-config" and "show config" parsing? Team, I have a situation where the end user doesn't permit enable access to the rancid user. On return, they allow all "show" commands by doing some "privilege exec" commands on the router. That means, I can't run "show run" command if I am logged in as rancid user. However I can do "show config" command which reads the startup configuration file from the nvram. I compared end of both configuration and they are identical. ---------- show run output last 4 lines ----------- ntp clock-period 17179646 ntp server x.x.x.x prefer ntp server x.x.x.y end -------------------------------------------------- ---------- show config output last 4 lines -------- ntp clock-period 17179646 ntp server x.x.x.x prefer ntp server x.x.x.y end -------------------------------------------------- Literally no difference at all. However following doesn't work and throws "End of run not found" error in the log. 1. Configure .cloginrc with following setup. and modify bin/rancid script to run "show config" command instead of show run. add user * {rancid} add password * {rancidpass} add method * ssh add cyphertype * {3des} add autoenable * 1 # I set autoenable to 1 because rancid account login puts to "#" prompt since its a priv-2 account Technically it should work fine since both commands produces same output and end of file but it doesn't work for some reason. Any advise on how to troubleshoot this one? Thanks, Sam _______________________________________________ Rancid-discuss mailing list Rancid-discuss at shrubbery.net http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss This email message is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply email and destroy all copies of the original message. If you are the intended recipient, please be advised that the content of this message is subject to access, review and disclosure by the sender's Email System Administrator. From jethro.binks at strath.ac.uk Wed Jun 4 19:32:35 2008 From: jethro.binks at strath.ac.uk (Jethro R Binks) Date: Wed, 4 Jun 2008 20:32:35 +0100 (BST) Subject: [rancid] Re: What's difference between "show running-config" and "show config" parsing? In-Reply-To: References: <484618B4.3000409@comcast.net> Message-ID: <20080604202842.A27199@defjam.cc.strath.ac.uk> On Wed, 4 Jun 2008, Alex Malberty wrote: > I had the same problem. I could not get show running-config to show an > output using a low privilege user. It is a Cisco IOS configuration that > cannot be bypassed. I even opened a ticket with Cisco to find out how to > make show running-config show an output. You can use show config, but > that is not necessarily what is actually running on the device. So, I > had to deal with it using an enable user to get the running-config. "write term" may be an alternative. Some devices with Cisco-a-like interfaces also support this, where they don't have "show running-config". Still others have "copy running-config term", or similar. On ASA, I have the rancid user as priv level 7, and specify: privilege cmd level 7 mode exec command dir privilege cmd level 7 mode exec command write privilege cmd level 7 mode exec command terminal privilege show level 7 mode exec command running-config privilege show level 7 mode exec command version privilege show level 7 mode exec command bootvar privilege show level 7 mode exec command vlan privilege show level 7 mode exec command module to permit rancid to do its thing. However, I did also have to add "write term" to the commands sequence as well (and I think there may have been other trickery). Jethro. > > ------------------------------------------------------------------------ > -- > Alejandro A. Malberty > Systems Administrator > Engineering > BabyCenter, LLC > > amalberty at babycenter.com > p: 415.344.7626 > > > > > http://www.babycenter.com > > > -----Original Message----- > From: rancid-discuss-bounces at shrubbery.net > [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Sam Munzani > Sent: Tuesday, June 03, 2008 9:23 PM > To: 'rancid-discuss at shrubbery.net' > Subject: [rancid] What's difference between "show running-config" and > "show config" parsing? > > Team, > > I have a situation where the end user doesn't permit enable access to > the rancid user. On return, they allow all "show" commands by doing some > > "privilege exec" commands on the router. That means, I can't run "show > run" command if I am logged in as rancid user. However I can do "show > config" command which reads the startup configuration file from the > nvram. > > I compared end of both configuration and they are identical. > ---------- show run output last 4 lines ----------- > ntp clock-period 17179646 > ntp server x.x.x.x prefer > ntp server x.x.x.y > end > -------------------------------------------------- > ---------- show config output last 4 lines -------- > ntp clock-period 17179646 > ntp server x.x.x.x prefer > ntp server x.x.x.y > end > -------------------------------------------------- > > Literally no difference at all. > > However following doesn't work and throws "End of run not found" error > in the log. > > 1. Configure .cloginrc with following setup. and modify bin/rancid > script to run "show config" command instead of show run. > add user * {rancid} > add password * {rancidpass} > add method * ssh > add cyphertype * {3des} > add autoenable * 1 # I set autoenable to 1 because rancid account > login puts to "#" prompt since its a priv-2 account > > Technically it should work fine since both commands produces same output > > and end of file but it doesn't work for some reason. Any advise on how > to troubleshoot this one? > > Thanks, > Sam > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > > > This email message is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply email and destroy all copies of the original message. If you are the intended recipient, please be advised that the content of this message is subject to access, review and disclosure by the sender's Email System Administrator. > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Jethro R Binks Computing Officer, IT Services University Of Strathclyde, Glasgow, UK From SMartin at sourceinterlink.com Thu Jun 5 14:16:01 2008 From: SMartin at sourceinterlink.com (Martin, Seth) Date: Thu, 5 Jun 2008 10:16:01 -0400 Subject: [rancid] Term Length/Whitespace issues when running manually Message-ID: <79B77295FBC9F247A32A6C98B67B1E140133FF1D@srv-1exch01.sourceinterlink.com> We've made a habit of manually running rancid on single devices to attach the output to our ticketing system. For whatever reason when we do this we have a large delta of whitespace and line wrap issues. Everything is Cisco IOS or PIXOS/ASA and specified as Cisco in the config. I believe we are using 2.3.2a2, maybe its been resolved in 2.3.2a7... Daily cron job runs don't return white space issues. Also on occasion when running rancid-run -r we get changes in our routers.db file even though nothing has changed there. Doing a full rancid-run from a bash shell also seems to cause similar issues vs the standard cron... Any advice would be greatly appreciated :-) -Seth -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20080605/117a7c48/attachment.html From mpalatnik at wustl.edu Mon Jun 9 04:09:28 2008 From: mpalatnik at wustl.edu (Max Palatnik) Date: Sun, 08 Jun 2008 23:09:28 -0500 Subject: [rancid] CVS Problem? Rancid continually gives error "Assertion failed: key != NULL, file hash.c, line 317" Message-ID: <484CACF8.90201@wustl.edu> Hi all, I just added two new managment vlans to rancid and had it run through and poll the switches. On one subnet it did absolutely fine. On the other -- we continually get the following error lines: Trying to get all of the configs. All routers sucessfully completed. cvs diff: Diffing . cvs diff: Diffing configs cvs diff: configs/cd-wohl-0.nts.wustl.edu is a new entry, no comparison available cvs commit: Examining . cvs commit: Examining configs Assertion failed: key != NULL, file hash.c, line 317 cvs [commit aborted]: received abort signal The process fails and it seems to start from scratch as if the switches had never once been contacted. It seems like this is a CVS problem and I did a google search around and though the error pops up there doesn't seem to be a clear fix. I tried deleting and recreating the group but that lead me to this same problem. I am by no means a CVS expert, so please don't hesitate to mention even the silliest suggestions should they apply here. Cheers, Max From tex at off.org Mon Jun 9 05:29:50 2008 From: tex at off.org (Austin Schutz) Date: Sun, 8 Jun 2008 22:29:50 -0700 Subject: [rancid] Re: CVS Problem? Rancid continually gives error "Assertion failed: key != NULL, file hash.c, line 317" In-Reply-To: <484CACF8.90201@wustl.edu> References: <484CACF8.90201@wustl.edu> Message-ID: <20080609052950.GP17135@gblx.net> On Sun, Jun 08, 2008 at 11:09:28PM -0500, Max Palatnik wrote: > cvs diff: Diffing . > cvs diff: Diffing configs > cvs diff: configs/cd-wohl-0.nts.wustl.edu is a new entry, no comparison > available > cvs commit: Examining . > cvs commit: Examining configs > Assertion failed: key != NULL, file hash.c, line 317 > cvs [commit aborted]: received abort signal > > The process fails and it seems to start from scratch as if the switches > had never once been contacted. It seems like this is a CVS problem and > I did a google search around and though the error pops up there doesn't > seem to be a clear fix. I tried deleting and recreating the group but > that lead me to this same problem. I am by no means a CVS expert, so > please don't hesitate to mention even the silliest suggestions should > they apply here. > Your log output starts at the 'cvs diff' part, which is after the new routers have been contacted and right before it would be committed. The thing I think is interesting about this is the "configs/cd-wohl-0.nts.wustl.edu is a new entry, no comparison" line. When there is a new router it gets cvs added and committed _before_ the router is polled and cvs diff run. Therefore when you reach this point it should _not_ be a new entry. This implies that cvs add and commit failed above where the router was added. You would have to look at your log to verify this. I would try a couple silly things: 1. Remove any files in $CVSROOT//configs/Attic, just in case something about a preexisting file is angering cvs. Also remove $CVSROOT//configs/cd-wohl-0.nts.wustl.edu,v and any other failing files. 2. Check your perms on $CVSROOT and all applicable subdirectories. The fact cvs has been able to add but not commit the file is a little weird. 3. Do a cvs up -dA in . Actually, I would remove (or move) entirely and do cvs -d $CVSROOT checkout to make sure you are all fresh and new, in case you have mismatched entries in CVS/Entries (if you don't know what that is, don't worry about it). That should be good for a few moments of silliness. Also, when in doubt create a tar file of $CVSROOT and before you begin, in case you foo something up while trying out these suggestions. Austin From mpalatnik at wustl.edu Mon Jun 9 15:22:43 2008 From: mpalatnik at wustl.edu (Max Palatnik) Date: Mon, 09 Jun 2008 10:22:43 -0500 Subject: [rancid] Re: CVS Problem? Rancid continually gives error "Assertion failed: key != NULL, file hash.c, line 317" In-Reply-To: <20080609052950.GP17135@gblx.net> References: <484CACF8.90201@wustl.edu> <20080609052950.GP17135@gblx.net> Message-ID: <484D4AC3.1060002@wustl.edu> Well.. the third item did the trick. I recreated the group after moving the old broken one and re-ran rancid-run. The error is no more and everything looks okay. I wonder what happened. Thanks for your help Austin Max Austin Schutz wrote: > On Sun, Jun 08, 2008 at 11:09:28PM -0500, Max Palatnik wrote: > >> cvs diff: Diffing . >> cvs diff: Diffing configs >> cvs diff: configs/cd-wohl-0.nts.wustl.edu is a new entry, no comparison >> available >> cvs commit: Examining . >> cvs commit: Examining configs >> Assertion failed: key != NULL, file hash.c, line 317 >> cvs [commit aborted]: received abort signal >> >> The process fails and it seems to start from scratch as if the switches >> had never once been contacted. It seems like this is a CVS problem and >> I did a google search around and though the error pops up there doesn't >> seem to be a clear fix. I tried deleting and recreating the group but >> that lead me to this same problem. I am by no means a CVS expert, so >> please don't hesitate to mention even the silliest suggestions should >> they apply here. >> >> > > Your log output starts at the 'cvs diff' part, which is after > the new routers have been contacted and right before it would be committed. > The thing I think is interesting about this is the > "configs/cd-wohl-0.nts.wustl.edu is a new entry, no comparison" line. When > there is a new router it gets cvs added and committed _before_ the router > is polled and cvs diff run. Therefore when you reach this point it should > _not_ be a new entry. > This implies that cvs add and commit failed above where the router > was added. You would have to look at your log to verify this. > > I would try a couple silly things: > > 1. Remove any files in $CVSROOT//configs/Attic, just in case > something about a preexisting file is angering cvs. Also remove > $CVSROOT//configs/cd-wohl-0.nts.wustl.edu,v and any other failing > files. > 2. Check your perms on $CVSROOT and all applicable subdirectories. > The fact cvs has been able to add but not commit the file is a little weird. > 3. Do a cvs up -dA in . Actually, I would remove (or move) > entirely and do cvs -d $CVSROOT checkout to make sure you > are all fresh and new, in case you have mismatched entries in > CVS/Entries (if you don't know what that is, don't worry about it). > > That should be good for a few moments of silliness. Also, when in > doubt create a tar file of $CVSROOT and before you begin, in case > you foo something up while trying out these suggestions. > > Austin > From soukoussman at gmail.com Tue Jun 10 09:35:33 2008 From: soukoussman at gmail.com (Marc Guyard) Date: Tue, 10 Jun 2008 11:35:33 +0200 Subject: [rancid] Howto create a backup module for rancid Message-ID: <48A811FC-49B1-4632-B85A-38AF22D8736D@gmail.com> Hi, I'm new on this list. I've know recently rancid because i search a backup system to replace in my office, the backup systemin bash that i has created. I don't have find a documentation to how create a module for backup a appliance. In fact, we work as a network and integrator and we want to have only one software to backup. For the network, many of appliance we use is already create in rancid but in security appliance, nothing. I want to see howto a module but i don't have find a documentation. Do you know where i can find his ? I've see wrancid who is a wrapper of rancid but i've read in the mailinglist that wrancid don't work now this the lastest version of rancid :( Thanks by advance. Regards, SoukoussMan -- soukoussman at gmail.com From jethro.binks at strath.ac.uk Tue Jun 10 22:50:33 2008 From: jethro.binks at strath.ac.uk (Jethro R Binks) Date: Tue, 10 Jun 2008 23:50:33 +0100 (BST) Subject: [rancid] Re: Howto create a backup module for rancid In-Reply-To: <48A811FC-49B1-4632-B85A-38AF22D8736D@gmail.com> References: <48A811FC-49B1-4632-B85A-38AF22D8736D@gmail.com> Message-ID: <20080610215909.Q27199@defjam.cc.strath.ac.uk> On Tue, 10 Jun 2008, Marc Guyard wrote: > I've see wrancid who is a wrapper of rancid but i've read in the > mailinglist that wrancid don't work now this the lastest version of > rancid :( I meant to mention this earlier when it came up the other week. I have now published my update to wrancid (now called wraprancid) at the following location. Another list member has tried and it worked fine for them: http://sites.google.com/site/jrbinks/code/rancid Hope this is useful, Jethro. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Jethro R Binks Computing Officer, IT Services University Of Strathclyde, Glasgow, UK From barry at opensolutions.ie Thu Jun 12 11:46:31 2008 From: barry at opensolutions.ie (Barry O'Donovan) Date: Thu, 12 Jun 2008 12:46:31 +0100 Subject: [rancid] Add new scripts for Netgear? Message-ID: <200806121246.31737.barry@opensolutions.ie> To whom it may concern, I have been using RANCID for quite a few years and find it an invaluable tool for peer review, etc and I'd like to expres smy gratitude to all the developers. I write in relation to a previous post: http://www.shrubbery.net/pipermail/rancid-discuss/2008-April/003037.html and I have CC'd the author. I can additionally confirm that Ed's script also works for Netgear GSM7224. I attach his scripts again as I needed to remove some HTML formatting. I'd love to see these added to RANCID as well as the change to rancid-fe: # diff rancid-fe~ rancid-fe 45a46 > elsif ($vendor =~ /^netgear$/i) { exec('grancid', $router); } I'm happy to help clean/edit/format the scripts to this end. Can someone advise me as to what is required to see this happen? Thanks, Barry O'Donovan -------------- next part -------------- A non-text attachment was scrubbed... Name: grancid Type: application/x-perl Size: 9892 bytes Desc: not available Url : http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20080612/fc7bbea2/attachment.bin -------------- next part -------------- #! /usr/local/bin/expect -- ## ## $Id: tlogin,v 1.4 2008/04/29 02:10:38 root Exp $ ## ## rancid 2.3.2a8 ## Copyright (c) 1997-2007 by Terrapin Communications, Inc. ## All rights reserved. ## ## This code is derived from software contributed to and maintained by ## Terrapin Communications, Inc. by Henry Kilmer, John Heasley, Andrew Partan, ## Pete Whiting, Austin Schutz, and Andrew Fort. ## ## Redistribution and use in source and binary forms, with or without ## modification, are permitted provided that the following conditions ## are met: ## 1. Redistributions of source code must retain the above copyright ## notice, this list of conditions and the following disclaimer. ## 2. Redistributions in binary form must reproduce the above copyright ## notice, this list of conditions and the following disclaimer in the ## documentation and/or other materials provided with the distribution. ## 3. All advertising materials mentioning features or use of this software ## must display the following acknowledgement: ## This product includes software developed by Terrapin Communications, ## Inc. and its contributors for RANCID. ## 4. Neither the name of Terrapin Communications, Inc. nor the names of its ## contributors may be used to endorse or promote products derived from ## this software without specific prior written permission. ## 5. It is requested that non-binding fixes and modifications be contributed ## back to Terrapin Communications, Inc. ## ## THIS SOFTWARE IS PROVIDED BY Terrapin Communications, INC. AND CONTRIBUTORS ## ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED ## TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR ## PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COMPANY OR CONTRIBUTORS ## BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR ## CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF ## SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS ## INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN ## CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ## ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE ## POSSIBILITY OF SUCH DAMAGE. # # The expect login scripts were based on Erik Sherk's gwtn, by permission. # # tlogin - Netopia and Netgear extensions to clogin. # # Most options are intuitive for logging into a Cisco router. # The default is to enable (thus -noenable). Some folks have # setup tacacs to have a user login at priv-lvl = 15 (enabled) # so the -autoenable flag was added for this case (don't go through # the process of enabling and the prompt will be the "#" prompt. # The default username password is the same as the vty password. # # Usage line set usage "Usage: $argv0 \[-dV\] \[-autoenable\] \[-noenable\] \[-c command\] \ \[-Evar=x\] \[-e enable-password\] \[-f cloginrc-file\] \[-p user-password\] \ \[-s script-file\] \[-t timeout\] \[-u username\] \ \[-v vty-password\] \[-w enable-username\] \[-x command-file\] \ \[-y ssh_cypher_type\] router \[router...\]\n" # env(CLOGIN) may contain: # x == do not set xterm banner or name # Password file set password_file $env(HOME)/.cloginrc # Default is to login to the router set do_command 0 set do_script 0 # The default is to automatically enable set avenable 1 # The default is that you login non-enabled (tacacs can have you login already # enabled) set avautoenable 0 # The default is to look in the password file to find the passwords. This # tracks if we receive them on the command line. set do_passwd 1 set do_enapasswd 1 # set send_human {.4 .4 .7 .3 5} # Find the user in the ENV, or use the unix userid. if {[ info exists env(CISCO_USER) ]} { set default_user $env(CISCO_USER) } elseif {[ info exists env(USER) ]} { set default_user $env(USER) } elseif {[ info exists env(LOGNAME) ]} { set default_user $env(LOGNAME) } else { # This uses "id" which I think is portable. At least it has existed # (without options) on all machines/OSes I've been on recently - # unlike whoami or id -nu. if [ catch {exec id} reason ] { send_error "\nError: could not exec id: $reason\n" exit 1 } regexp {\(([^)]*)} "$reason" junk default_user } if {[ info exists env(CLOGINRC) ]} { set password_file $env(CLOGINRC) } # Sometimes routers take awhile to answer (the default is 10 sec) set timeout 45 # Process the command line for {set i 0} {$i < $argc} {incr i} { set arg [lindex $argv $i] switch -glob -- $arg { # Expect debug mode -d* { exp_internal 1 # Username } -u* - -U* { if {! [ regexp .\[uU\](.+) $arg ignore user]} { incr i set username [ lindex $argv $i ] } # VTY Password } -p* - -P* { if {! [ regexp .\[pP\](.+) $arg ignore userpasswd]} { incr i set userpasswd [ lindex $argv $i ] } set do_passwd 0 # VTY Password } -v* { if {! [ regexp .\[vV\](.+) $arg ignore passwd]} { incr i set passwd [ lindex $argv $i ] } set do_passwd 0 # Version string } -V* { send_user "rancid 2.3.2a8\n" exit 0 # Enable Username } -w* - -W* { if {! [ regexp .\[wW\](.+) $arg ignore enauser]} { incr i set enausername [ lindex $argv $i ] } # Environment variable to pass to -s scripts } -E* { if {[ regexp .\[E\](.+)=(.+) $arg ignore varname varvalue]} { set E$varname $varvalue } else { send_user "\nError: invalid format for -E in $arg\n" exit 1 } # Enable Password } -e* { if {! [ regexp .\[e\](.+) $arg ignore enapasswd]} { incr i set enapasswd [ lindex $argv $i ] } set do_enapasswd 0 # Command to run. } -c* - -C* { if {! [ regexp .\[cC\](.+) $arg ignore command]} { incr i set command [ lindex $argv $i ] } set do_command 1 # Expect script to run. } -s* - -S* { if {! [ regexp .\[sS\](.+) $arg ignore sfile]} { incr i set sfile [ lindex $argv $i ] } if { ! [ file readable $sfile ] } { send_user "\nError: Can't read $sfile\n" exit 1 } set do_script 1 # 'ssh -c' cypher type } -y* - -Y* { if {! [ regexp .\[eE\](.+) $arg ignore cypher]} { incr i set cypher [ lindex $argv $i ] } # alternate cloginrc file } -f* - -F* { if {! [ regexp .\[fF\](.+) $arg ignore password_file]} { incr i set password_file [ lindex $argv $i ] } # Timeout } -t* - -T* { if {! [ regexp .\[tT\](.+) $arg ignore timeout]} { incr i set timeout [ lindex $argv $i ] } # Command file } -x* - -X { if {! [ regexp .\[xX\](.+) $arg ignore cmd_file]} { incr i set cmd_file [ lindex $argv $i ] } if [ catch {set cmd_fd [open $cmd_file r]} reason ] { send_user "\nError: $reason\n" exit 1 } set cmd_text [read $cmd_fd] close $cmd_fd set command [join [split $cmd_text \n] \;] set do_command 1 # Do we enable? } -noenable { set avenable 0 # Does tacacs automatically enable us? } -autoenable { set avautoenable 1 set avenable 0 } -* { send_user "\nError: Unknown argument! $arg\n" send_user $usage exit 1 } default { break } } } # Process routers...no routers listed is an error. if { $i == $argc } { send_user "\nError: $usage" } # Only be quiet if we are running a script (it can log its output # on its own) if { $do_script } { log_user 0 } else { log_user 1 } # # Done configuration/variable setting. Now run with it... # # Sets Xterm title if interactive...if its an xterm and the user cares proc label { host } { global env # if CLOGIN has an 'x' in it, don't set the xterm name/banner if [info exists env(CLOGIN)] { if {[string first "x" $env(CLOGIN)] != -1} { return } } # take host from ENV(TERM) if [info exists env(TERM)] { if [regexp \^(xterm|vs) $env(TERM) ignore ] { send_user "\033]1;[lindex [split $host "."] 0]\a" send_user "\033]2;$host\a" } } } # This is a helper function to make the password file easier to # maintain. Using this the password file has the form: # add password sl* pete cow # add password at* steve # add password * hanky-pie proc add {var args} { global int_$var ; lappend int_$var $args} proc include {args} { global env regsub -all "(^{|}$)" $args {} args if { [ regexp "^/" $args ignore ] == 0 } { set args $env(HOME)/$args } source_password_file $args } proc find {var router} { upvar int_$var list if { [info exists list] } { foreach line $list { if { [string match [lindex $line 0] $router ] } { return [lrange $line 1 end] } } } return {} } # Loads the password file. Note that as this file is tcl, and that # it is sourced, the user better know what to put in there, as it # could install more than just password info... I will assume however, # that a "bad guy" could just as easy put such code in the clogin # script, so I will leave .cloginrc as just an extention of that script proc source_password_file { password_file } { global env if { ! [file exists $password_file] } { send_user "\nError: password file ($password_file) does not exist\n" exit 1 } file stat $password_file fileinfo if { [expr ($fileinfo(mode) & 007)] != 0000 } { send_user "\nError: $password_file must not be world readable/writable\n" exit 1 } if [ catch {source $password_file} reason ] { send_user "\nError: $reason\n" exit 1 } } # Log into the router. # returns: 0 on success, 1 on failure, -1 if rsh was used successfully proc login { router user userpswd passwd enapasswd cmethod cyphertype } { global command spawn_id in_proc do_command do_script platform global prompt u_prompt p_prompt e_prompt sshcmd set in_proc 1 set uprompt_seen 0 # try each of the connection methods in $cmethod until one is successful set progs [llength $cmethod] foreach prog [lrange $cmethod 0 end] { incr progs -1 if [string match "telnet*" $prog] { regexp {telnet(:([^[:space:]]+))*} $prog methcmd suffix port if {"$port" == ""} { set retval [ catch {spawn telnet $router} reason ] } else { set retval [ catch {spawn telnet $router $port} reason ] } if { $retval } { send_user "\nError: telnet failed: $reason\n" return 1 } } elseif [string match "ssh*" $prog] { regexp {ssh(:([^[:space:]]+))*} $prog methcmd suffix port if {"$port" == ""} { set retval [ catch {spawn $sshcmd -c $cyphertype -x -l $user $router} reason ] } else { set retval [ catch {spawn $sshcmd -c $cyphertype -x -l $user -p $port $router} reason ] } if { $retval } { send_user "\nError: $sshcmd failed: $reason\n" return 1 } } elseif ![string compare $prog "rsh"] { if { ! $do_command } { if { [llength $cmethod] == 1 } { send_user "\nError: rsh is an invalid method for -x and " send_user "interactive logins\n" } if { $progs == 0 } { return 1 } continue; } set commands [split $command \;] set num_commands [llength $commands] set rshfail 0 for {set i 0} {$i < $num_commands && !$rshfail} { incr i} { log_user 0 set retval [ catch {spawn rsh $user@$router [lindex $commands $i] } reason ] if { $retval } { send_user "\nError: rsh failed: $reason\n" log_user 1; return 1 } send_user "$router# [lindex $commands $i]\n" # rcmd does not get a pager and no prompts, so we just have to # look for failures & lines. expect { "Connection refused" { catch {close}; catch {wait}; send_user "\nError: Connection\ Refused ($prog): $router\n" set rshfail 1 } -re "(Connection closed by|Connection to \[^\n\r]+ closed)" { catch {close}; catch {wait}; send_user "\nError: Connection\ closed ($prog): $router\n" set rshfail 1 } "Host is unreachable" { catch {close}; catch {wait}; send_user "\nError: Host Unreachable:\ $router\n" set rshfail 1 } "No address associated with" { catch {close}; catch {wait}; send_user "\nError: Unknown host\ $router\n" set rshfail 1 } -re "\b+" { exp_continue } -re "\[\n\r]+" { send_user -- "$expect_out(buffer)" exp_continue } timeout { catch {close}; catch {wait}; send_user "\nError: TIMEOUT reached\n" set rshfail 1 } eof { catch {close}; catch {wait}; } } log_user 1 } if { $rshfail } { if { !$progs } { return 1 } else { continue } } # fake the end of the session for rancid. send_user "$router# exit\n" # return rsh "success" return -1 } else { send_user "\nError: unknown connection method: $prog\n" return 1 } sleep 0.3 # This helps cleanup each expect clause. expect_after { timeout { send_user "\nError: TIMEOUT reached\n" catch {close}; catch {wait}; if { $in_proc} { return 1 } else { continue } } eof { send_user "\nError: EOF received\n" catch {close}; catch {wait}; if { $in_proc} { return 1 } else { continue } } } # Here we get a little tricky. There are several possibilities: # the router can ask for a username and passwd and then # talk to the TACACS server to authenticate you, or if the # TACACS server is not working, then it will use the enable # passwd. Or, the router might not have TACACS turned on, # then it will just send the passwd. # if telnet fails with connection refused, try ssh expect { -re "(Connection refused|Secure connection \[^\n\r]+ refused)" { catch {close}; catch {wait}; if !$progs { send_user "\nError: Connection Refused ($prog): $router\n" return 1 } } -re "(Connection closed by|Connection to \[^\n\r]+ closed)" { catch {close}; catch {wait}; if !$progs { send_user "\nError: Connection closed ($prog): $router\n" return 1 } } eof { send_user "\nError: Couldn't login: $router\n"; wait; return 1 } -nocase "unknown host\r" { catch {close}; catch {wait}; send_user "\nError: Unknown host $router\n"; wait; return 1 } "Host is unreachable" { catch {close}; catch {wait}; send_user "\nError: Host Unreachable: $router\n"; wait; return 1 } "No address associated with name" { catch {close}; catch {wait}; send_user "\nError: Unknown host $router\n"; wait; return 1 } -re "(Host key not found |The authenticity of host .* be established).*\(yes\/no\)\?" { send "yes\r" send_user "\nHost $router added to the list of known hosts.\n" exp_continue } -re "HOST IDENTIFICATION HAS CHANGED.* \(yes\/no\)\?" { send "no\r" send_user "\nError: The host key for $router has changed. Update the SSH known_hosts file accordingly.\n" return 1 } -re "Offending key for .* \(yes\/no\)\?" { send "no\r" send_user "\nError: host key mismatch for $router. Update the SSH known_hosts file accordingly.\n" return 1 } -re "(denied|Sorry)" { send_user "\nError: Check your passwd for $router\n" catch {close}; catch {wait}; return 1 } "Login failed" { send_user "\nError: Check your passwd for $router\n" return 1 } -re "% (Bad passwords|Authentication failed)" { send_user "\nError: Check your passwd for $router\n" return 1 } "Press any key to continue" { # send_user "Pressing the ANY key\n" send "\r" exp_continue } -re "Enter Selection: " { # Catalyst 1900s have some lame menu. Enter # K to reach a command-line. send "K\r" exp_continue } -re "Netopia.*always start from this main screen" { # control-N to escape from the Netopia Playskool menu send "\x0e" set platform "netopia" set prompt "#" set autoenable 1 return 0 } -re "Last login:" { exp_continue } -re "@\[^\r\n]+ $p_prompt" { # ssh pwd prompt sleep 1 send "$userpswd\r" exp_continue } -re "$u_prompt" { send "$user\r" set uprompt_seen 1 exp_continue } -re "$p_prompt" { sleep 1 if {$uprompt_seen == 1} { send "$userpswd\r" } else { send "$passwd\r" } exp_continue } -re "$prompt" { break; } "Login invalid" { send_user "\nError: Invalid login: $router\n"; catch {close}; catch {wait}; return 1 } } } set in_proc 0 return 0 } # Enable proc do_enable { enauser enapasswd } { global prompt in_proc global u_prompt e_prompt set in_proc 1 send "enable\r" expect { -re "$u_prompt" { send "$enauser\r"; exp_continue} -re "$e_prompt" { send "$enapasswd\r"; exp_continue} "#" { set prompt "#" } "(enable)" { set prompt "> (enable) " } -re "(denied|Sorry|Incorrect)" { # % Access denied - from local auth and poss. others send_user "\nError: Check your Enable passwd\n"; return 1 } "% Error in authentication" { send_user "\nError: Check your Enable passwd\n" return 1 } "% Bad passwords" { send_user "\nError: Check your Enable passwd\n" return 1 } } # We set the prompt variable (above) so script files don't need # to know what it is. set in_proc 0 return 0 } # Run commands given on the command line. proc run_commands { prompt command } { global in_proc platform set in_proc 1 # If the prompt is (enable), then we are on a switch and the # command is "set length 0"; otherwise its "term length 0". # skip if its an extreme (since the pager can not be disabled on a # per-vty basis). if { [ string compare "extreme" "$platform" ] } { if [ regexp -- ".*> .*enable" "$prompt" ] { send "set length 0\r" # This is ugly, but reduces code duplication, allowing the # subsequent expects to handle everything as normal. set command "set logging session disable;$command" } elseif { ![ string compare "netopia" "$platform" ] } { # kludge - should instead skip re-sensing prompt if platform netopia set prompt "#" } else { send "term length 0\r" } # limit matching of the prompt to the first umpteen characters regsub -all {^(.{1,11}).*([#>])} $prompt {\1\2} reprompt # escape any parens in the prompt, such as "(enable)" # as well as any other regexp special chars that confuse parsing regsub -all {[+*.|(){}[\]]} $prompt {\\&} reprompt # match cisco config mode prompts too, such as router(config-if)#, # but catalyst does not change in this fashion. regsub -all {([#>])$} $reprompt {([^#>\r\n]+)?[#>](\\([^)\\r\\n]+\\))?} reprompt expect { -re $reprompt {} -re "\[\n\r]+" { exp_continue } } } else { regsub -all "\[)(]" $prompt {\\&} reprompt } # this is the only way i see to get rid of more prompts in o/p..grrrrr log_user 0 # Is this a multi-command? if [ string match "*\;*" "$command" ] { set commands [split $command \;] set num_commands [llength $commands] # the pager can not be turned off on the PIX, so we have to look # for the "More" prompt. the extreme is equally obnoxious, with a # global switch in the config. for {set i 0} {$i < $num_commands} { incr i} { send "[subst -nocommands [lindex $commands $i]]\r" expect { -re "\b+" { exp_continue } -re "^\[^\n\r *]*$reprompt" { send_user -- "$expect_out(buffer)" } -re "^\[^\n\r]*$reprompt." { send_user -- "$expect_out(buffer)" exp_continue } -re "^--More--\[\r\n]+" { # specific match c1900 pager send " " exp_continue } -re "\[\n\r]+" { send_user -- "$expect_out(buffer)" exp_continue } -re "\[^\r\n]*Press to cont\[^\r\n]*" { send " " # bloody ^[[2K after " " expect { -re "^\[^\r\n]*\r" {} } exp_continue } -re "^ *--More--\[^\n\r]*" { send " " exp_continue } -re "^<-+ More -+>\[^\n\r]*" { send_user -- "$expect_out(buffer)" send " " exp_continue } } } } else { # the pager can not be turned off on the PIX, so we have to look # for the "More" prompt. the extreme is equally obnoxious, with a # global switch in the config. send "[subst -nocommands $command]\r" expect { -re "\b+" { exp_continue } -re "^\[^\n\r *]*$reprompt" { send_user -- "$expect_out(buffer)" } -re "^\[^\n\r]*$reprompt." { send_user -- "$expect_out(buffer)" exp_continue } -re "^--More--\r\n" { # specific match c1900 pager send " " exp_continue } -re "\[\n\r]+" { send_user -- "$expect_out(buffer)" exp_continue } -re "\[^\r\n]*Press to cont\[^\r\n]*" { send " " # bloody ^[[2K after " " expect { -re "^\[^\r\n]*\r" {} } exp_continue } -re "^ *--More--\[^\n\r]*" { send " " exp_continue } -re "^<-+ More -+>\[^\n\r]*" { send_user -- "$expect_out(buffer)" send " " exp_continue } } } log_user 1 if { [ string compare "extreme" "$platform" ] } { send -h "exit\r" } else { send -h "quit\r" } expect { -re "^\[^\n\r *]*$reprompt" { # the Cisco CE and Jnx ERX # and Netgear GSM switches # return to non-enabled mode # on exit in enabled mode. # And Netgear wants "logout" # in non-enabled mode, so # send 'em both: send "exit\rlogout\r" exp_continue; } "Would you like to save them now" { # Force10 and Netgear send "n\r" exp_continue } "Configuration changes have occurred.*" { # Cisco CSS send "n\r" exp_continue } -re "Do you wish to save your configuration changes" { send "n\r" exp_continue } -re "\[\n\r]+" { exp_continue } timeout { catch {close}; catch {wait}; return 0 } eof { return 0 } } set in_proc 0 } # # For each router... (this is main loop) # source_password_file $password_file set in_proc 0 set exitval 0 foreach router [lrange $argv $i end] { set router [string tolower $router] # attempt at platform switching. set platform "" send_user -- "$router\n" # Figure out the prompt. # autoenable is off by default. If we have it defined, it was done # on the command line. If it is not specifically set on the command # line, check the password file. if $avautoenable { set autoenable 1 set enable 0 set prompt "(#| \\(enable\\))" } else { set ae [find autoenable $router] if { "$ae" == "1" } { set autoenable 1 set enable 0 set prompt "(#| \\(enable\\))" } else { set autoenable 0 set enable $avenable set prompt ">" } } # look for noenable option in .cloginrc if { [find noenable $router] != "" } { set enable 0 } # Figure out passwords if { $do_passwd || $do_enapasswd } { set pswd [find password $router] if { [llength $pswd] == 0 } { send_user -- "\nError: no password for $router in $password_file.\n" continue } if { $enable && $do_enapasswd && $autoenable == 0 && [llength $pswd] < 2 } { send_user -- "\nError: no enable password for $router in $password_file.\n" continue } set passwd [join [lindex $pswd 0] ""] set enapasswd [join [lindex $pswd 1] ""] } else { set passwd $userpasswd set enapasswd $enapasswd } # Figure out username if {[info exists username]} { # command line username set ruser $username } else { set ruser [join [find user $router] ""] if { "$ruser" == "" } { set ruser $default_user } } # Figure out username's password (if different from the vty password) if {[info exists userpasswd]} { # command line username set userpswd $userpasswd } else { set userpswd [join [find userpassword $router] ""] if { "$userpswd" == "" } { set userpswd $passwd } } # Figure out enable username if {[info exists enausername]} { # command line enausername set enauser $enausername } else { set enauser [join [find enauser $router] ""] if { "$enauser" == "" } { set enauser $ruser } } # Figure out prompts set u_prompt [find userprompt $router] if { "$u_prompt" == "" } { set u_prompt "(Username|Login|login|user name|name|User):" } else { set u_prompt [join [lindex $u_prompt 0] ""] } set p_prompt [find passprompt $router] if { "$p_prompt" == "" } { set p_prompt "(\[Pp]assword|passwd):" } else { set p_prompt [join [lindex $p_prompt 0] ""] } set e_prompt [find enableprompt $router] if { "$e_prompt" == "" } { set e_prompt "\[Pp]assword:" } else { set e_prompt [join [lindex $e_prompt 0] ""] } # Figure out cypher type if {[info exists cypher]} { # command line cypher type set cyphertype $cypher } else { set cyphertype [find cyphertype $router] if { "$cyphertype" == "" } { set cyphertype "3des" } } # Figure out connection method set cmethod [find method $router] if { "$cmethod" == "" } { set cmethod {{telnet} {ssh}} } # Figure out the SSH executable name set sshcmd [find sshcmd $router] if { "$sshcmd" == "" } { set sshcmd {ssh} } # Login to the router if {[login $router $ruser $userpswd $passwd $enapasswd $cmethod $cyphertype]} { incr exitval # if login failed or rsh was unsuccessful, move on to the next device continue } if { $enable } { if {[do_enable $enauser $enapasswd]} { if { $do_command || $do_script } { incr exitval catch {close}; catch {wait}; continue } } } # we are logged in, now figure out the full prompt send "\r" expect { -re "\[\r\n]+" { exp_continue; } -re "^(.+\[:.])1 ($prompt)" { # stoopid extreme cmd-line numbers and # prompt based on state of config changes, # which may have an * at the beginning. set junk $expect_out(1,string) regsub -all "^\\\* " $expect_out(1,string) {} junk set prompt ".? ?$junk\[0-9]+ $expect_out(2,string)"; set platform "extreme" } -re "^.+$prompt" { set junk $expect_out(0,string); regsub -all "\[\]\[]" $junk {\\&} prompt; } -re "^.+> \\\(enable\\\)" { set junk $expect_out(0,string); regsub -all "\[\]\[]" $junk {\\&} prompt; } } if { $do_command } { if {[run_commands $prompt $command]} { incr exitval continue } } elseif { $do_script } { # If the prompt is (enable), then we are on a switch and the # command is "set length 0"; otherwise its "term length 0". if [ regexp -- ".*> .*enable" "$prompt" ] { send "set length 0\r" send "set logging session disable\r" } elseif { ![ string compare "netopia" "$platform" ] } { # do nothing, not supported in netopia } else { send "term length 0\r" } expect -re $prompt {} source $sfile catch {close}; } else { label $router log_user 1 interact } # End of for each router catch {wait}; sleep 0.3 } exit $exitval From victor at impulse.net Tue Jun 17 19:58:52 2008 From: victor at impulse.net (Victor Breen) Date: Tue, 17 Jun 2008 12:58:52 -0700 (PDT) Subject: [rancid] Can't poll a cat5 switch. clogin works fine manually In-Reply-To: <240527949.169561213729074758.JavaMail.root@lavender.impulse.net> Message-ID: <1712999349.173411213732732512.JavaMail.root@lavender.impulse.net> Hello! I am having some pretty aggravating issues getting a Cisco Cat switch working in Rancid. Perhaps I'm missing something dumb? I'm hoping someone out there can hit me with the clue-by-four. I am using Rancid 2.3.1 on a FreeBSD box. The "cisco" devices I have set up poll just fine. This is the only cat5 device I'm attempting to poll so I can't say I've ever gotten one to work before. Just the same, clogin seems to work when I run it manually. Here's an example of clogin working fine with the cat5 switch. It does complete but I've snipped the output for less noise: rancid$ /usr/local/rancid/bin/clogin -autoenable -c "write term" -f /home/rancid/.cloginrc -u rancid -p (masked) -t 30 10.10.10.7 spawn telnet 10.10.10.7 Trying 10.10.10.7... Connected to 10.10.10.7. Escape character is '^]'. Cisco Systems, Inc. Console Username: rancid Password: sw2> (enable) sw2> (enable) set length 0 Screen length for this session set to 0. sw2> (enable) set logging session disable System logging messages will not be sent to the current login session. sw2> (enable) sw2> (enable)write term This command shows non-default configurations only. Use 'write terminal all' to show both default and non-default configurations. ................. ............................. ............................. .. begin ! # ***** NON-DEFAULT CONFIGURATION ***** ! ! #time: Mon Jun 16 2008, 23:43:28 ! #version 8.4(11)GLX When I run /usr/local/rancid/bin/rancid-run to test the automated method, I see this show up in the log output: starting: Mon Jun 16 17:09:03 PDT 2008 Trying to get all of the configs. 10.10.10.7: missed cmd(s): write term all ===================================== Getting missed routers: round 1. 10.10.10.7: missed cmd(s): write term all ===================================== Getting missed routers: round 2. 10.10.10.7: missed cmd(s): write term all ===================================== Getting missed routers: round 3. 10.10.10.7: missed cmd(s): write term all ===================================== Getting missed routers: round 4. 10.10.10.7: missed cmd(s): write term all cvs diff: Diffing . cvs diff: Diffing configs cvs commit: Examining . cvs commit: Examining configs done ending: Mon Jun 16 17:14:02 PDT 2008 Any help would be greatly appreciated! -- ============================================| Victor Breen victor at impulse.net |==========================================*| From victor at impulse.net Tue Jun 17 20:48:23 2008 From: victor at impulse.net (Victor Breen) Date: Tue, 17 Jun 2008 13:48:23 -0700 (PDT) Subject: [rancid] Re: Can't poll a cat5 switch. clogin works fine manually In-Reply-To: <1053918300.175751213735440331.JavaMail.root@lavender.impulse.net> Message-ID: <667899616.175941213735703672.JavaMail.root@lavender.impulse.net> Hi Gareth, I'd rather not send the entire file, of course. It contains about 200 user/pass combos for different routers ;>) I ran "clogin 10.10.10.7" and it definitely failed to work without all of the arguments. Here are the only lines I'm using now. add user 10.10.10.7 {rancid} add password 10.10.10.7 {Masked} {Masked} add method 10.10.10.7 telnet The current behavior using clogin with no extra args is it logs in with the "rancid" username, gets to the unprivileged prompt, it types "enable" and enters the password then it hangs there. I'm not sure why it's doing that. Thanks for your help! --Victor ----- Original Message ----- From: "Gareth Hopkins" To: "Victor Breen" Cc: rancid-discuss at shrubbery.net Sent: Tuesday, June 17, 2008 1:10:50 PM GMT -08:00 US/Canada Pacific Subject: Re: [rancid] Can't poll a cat5 switch. clogin works fine manually Hi, What does your .cloginrc file look like? I'd hazard a guess that something is missing in there. The following config should work for your device add user 10.10.10.7 username add password 10.10.10.7 {password} add autoenable 10.10.10.7 1 You can always run clogin 10.10.10.7 (without all the options) to see if your .cloginrc file is being used correctly. Cheers, Gabba On Tue, Jun 17, 2008 at 9:58 PM, Victor Breen < victor at impulse.net > wrote: Hello! I am having some pretty aggravating issues getting a Cisco Cat switch working in Rancid. Perhaps I'm missing something dumb? I'm hoping someone out there can hit me with the clue-by-four. I am using Rancid 2.3.1 on a FreeBSD box. The "cisco" devices I have set up poll just fine. This is the only cat5 device I'm attempting to poll so I can't say I've ever gotten one to work before. Just the same, clogin seems to work when I run it manually. Here's an example of clogin working fine with the cat5 switch. It does complete but I've snipped the output for less noise: rancid$ /usr/local/rancid/bin/clogin -autoenable -c "write term" -f /home/rancid/.cloginrc -u rancid -p (masked) -t 30 10.10.10.7 spawn telnet 10.10.10.7 Trying 10.10.10.7... Connected to 10.10.10.7 . Escape character is '^]'. Cisco Systems, Inc. Console Username: rancid Password: sw2> (enable) sw2> (enable) set length 0 Screen length for this session set to 0. sw2> (enable) set logging session disable System logging messages will not be sent to the current login session. sw2> (enable) sw2> (enable)write term This command shows non-default configurations only. Use 'write terminal all' to show both default and non-default configurations. ................. ............................. ............................. .. begin ! # ***** NON-DEFAULT CONFIGURATION ***** ! ! #time: Mon Jun 16 2008, 23:43:28 ! #version 8.4(11)GLX When I run /usr/local/rancid/bin/rancid-run to test the automated method, I see this show up in the log output: starting: Mon Jun 16 17:09:03 PDT 2008 Trying to get all of the configs. 10.10.10.7 : missed cmd(s): write term all ===================================== Getting missed routers: round 1. 10.10.10.7 : missed cmd(s): write term all ===================================== Getting missed routers: round 2. 10.10.10.7 : missed cmd(s): write term all ===================================== Getting missed routers: round 3. 10.10.10.7 : missed cmd(s): write term all ===================================== Getting missed routers: round 4. 10.10.10.7 : missed cmd(s): write term all cvs diff: Diffing . cvs diff: Diffing configs cvs commit: Examining . cvs commit: Examining configs done ending: Mon Jun 16 17:14:02 PDT 2008 Any help would be greatly appreciated! -- ============================================| Victor Breen victor at impulse.net |==========================================*| _______________________________________________ Rancid-discuss mailing list Rancid-discuss at shrubbery.net http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss From SMartin at sourceinterlink.com Tue Jun 17 20:54:46 2008 From: SMartin at sourceinterlink.com (Martin, Seth) Date: Tue, 17 Jun 2008 16:54:46 -0400 Subject: [rancid] Re: Can't poll a cat5 switch. clogin works fine manually In-Reply-To: <667899616.175941213735703672.JavaMail.root@lavender.impulse.net> Message-ID: <79B77295FBC9F247A32A6C98B67B1E1401411160@srv-1exch01.sourceinterlink.com> add autoenable 10.10.10.7 0 If you are logging in with a privileged user then you don't have to enable. But if your clogin gets an unprivileged prompt then you need to turn off autoenable for the host. _____________________________________________________________________ Seth Martin -----Original Message----- From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Victor Breen Sent: Tuesday, June 17, 2008 4:48 PM To: Gareth Hopkins Cc: rancid-discuss at shrubbery.net Subject: [rancid] Re: Can't poll a cat5 switch. clogin works fine manually Hi Gareth, I'd rather not send the entire file, of course. It contains about 200 user/pass combos for different routers ;>) I ran "clogin 10.10.10.7" and it definitely failed to work without all of the arguments. Here are the only lines I'm using now. add user 10.10.10.7 {rancid} add password 10.10.10.7 {Masked} {Masked} add method 10.10.10.7 telnet The current behavior using clogin with no extra args is it logs in with the "rancid" username, gets to the unprivileged prompt, it types "enable" and enters the password then it hangs there. I'm not sure why it's doing that. Thanks for your help! --Victor ----- Original Message ----- From: "Gareth Hopkins" To: "Victor Breen" Cc: rancid-discuss at shrubbery.net Sent: Tuesday, June 17, 2008 1:10:50 PM GMT -08:00 US/Canada Pacific Subject: Re: [rancid] Can't poll a cat5 switch. clogin works fine manually Hi, What does your .cloginrc file look like? I'd hazard a guess that something is missing in there. The following config should work for your device add user 10.10.10.7 username add password 10.10.10.7 {password} add autoenable 10.10.10.7 1 You can always run clogin 10.10.10.7 (without all the options) to see if your .cloginrc file is being used correctly. Cheers, Gabba On Tue, Jun 17, 2008 at 9:58 PM, Victor Breen < victor at impulse.net > wrote: Hello! I am having some pretty aggravating issues getting a Cisco Cat switch working in Rancid. Perhaps I'm missing something dumb? I'm hoping someone out there can hit me with the clue-by-four. I am using Rancid 2.3.1 on a FreeBSD box. The "cisco" devices I have set up poll just fine. This is the only cat5 device I'm attempting to poll so I can't say I've ever gotten one to work before. Just the same, clogin seems to work when I run it manually. Here's an example of clogin working fine with the cat5 switch. It does complete but I've snipped the output for less noise: rancid$ /usr/local/rancid/bin/clogin -autoenable -c "write term" -f /home/rancid/.cloginrc -u rancid -p (masked) -t 30 10.10.10.7 spawn telnet 10.10.10.7 Trying 10.10.10.7... Connected to 10.10.10.7 . Escape character is '^]'. Cisco Systems, Inc. Console Username: rancid Password: sw2> (enable) sw2> (enable) set length 0 Screen length for this session set to 0. sw2> (enable) set logging session disable System logging messages will not be sent to the current login session. sw2> (enable) sw2> (enable)write term This command shows non-default configurations only. Use 'write terminal all' to show both default and non-default configurations. ................. ............................. ............................. . begin ! # ***** NON-DEFAULT CONFIGURATION ***** ! ! #time: Mon Jun 16 2008, 23:43:28 ! #version 8.4(11)GLX When I run /usr/local/rancid/bin/rancid-run to test the automated method, I see this show up in the log output: starting: Mon Jun 16 17:09:03 PDT 2008 Trying to get all of the configs. 10.10.10.7 : missed cmd(s): write term all ===================================== Getting missed routers: round 1. 10.10.10.7 : missed cmd(s): write term all ===================================== Getting missed routers: round 2. 10.10.10.7 : missed cmd(s): write term all ===================================== Getting missed routers: round 3. 10.10.10.7 : missed cmd(s): write term all ===================================== Getting missed routers: round 4. 10.10.10.7 : missed cmd(s): write term all cvs diff: Diffing . cvs diff: Diffing configs cvs commit: Examining . cvs commit: Examining configs done ending: Mon Jun 16 17:14:02 PDT 2008 Any help would be greatly appreciated! -- ============================================| Victor Breen victor at impulse.net |==========================================*| _______________________________________________ Rancid-discuss mailing list Rancid-discuss at shrubbery.net http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss _______________________________________________ Rancid-discuss mailing list Rancid-discuss at shrubbery.net http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss From gabbawp at gmail.com Tue Jun 17 20:10:50 2008 From: gabbawp at gmail.com (Gareth Hopkins) Date: Tue, 17 Jun 2008 22:10:50 +0200 Subject: [rancid] Re: Can't poll a cat5 switch. clogin works fine manually In-Reply-To: <1712999349.173411213732732512.JavaMail.root@lavender.impulse.net> References: <240527949.169561213729074758.JavaMail.root@lavender.impulse.net> <1712999349.173411213732732512.JavaMail.root@lavender.impulse.net> Message-ID: <9a0178110806171310u2fc5d6b0v6e676efc6c7bdc77@mail.gmail.com> Hi, What does your .cloginrc file look like? I'd hazard a guess that something is missing in there. The following config should work for your device add user 10.10.10.7 username add password 10.10.10.7 {password} add autoenable 10.10.10.7 1 You can always run clogin 10.10.10.7 (without all the options) to see if your .cloginrc file is being used correctly. Cheers, Gabba On Tue, Jun 17, 2008 at 9:58 PM, Victor Breen wrote: > Hello! > > I am having some pretty aggravating issues getting a Cisco Cat switch > working in Rancid. Perhaps I'm missing something dumb? I'm hoping someone > out there can hit me with the clue-by-four. > > I am using Rancid 2.3.1 on a FreeBSD box. The "cisco" devices I have set > up poll just fine. This is the only cat5 device I'm attempting to poll so I > can't say I've ever gotten one to work before. Just the same, clogin seems > to work when I run it manually. > > Here's an example of clogin working fine with the cat5 switch. It does > complete but I've snipped the output for less noise: > > > > rancid$ /usr/local/rancid/bin/clogin -autoenable -c "write term" -f > /home/rancid/.cloginrc -u rancid -p (masked) -t 30 > 10.10.10.7 > > spawn telnet 10.10.10.7 > Trying 10.10.10.7... > Connected to 10.10.10.7. > Escape character is '^]'. > > > Cisco Systems, Inc. Console > > > > > Username: rancid > > > Password: > sw2> (enable) > sw2> (enable) set length 0 > Screen length for this session set to 0. > sw2> (enable) set logging session disable > System logging messages will not be sent to the current login session. > sw2> (enable) > sw2> (enable)write term > This command shows non-default configurations only. > Use 'write terminal all' to show both default and non-default > configurations. > ................. > > ............................. > ............................. > .. > > begin > ! > # ***** NON-DEFAULT CONFIGURATION ***** > ! > ! > #time: Mon Jun 16 2008, 23:43:28 > ! > #version 8.4(11)GLX > > > > > When I run /usr/local/rancid/bin/rancid-run to test the automated method, I > see this show up in the log output: > > > > starting: Mon Jun 16 17:09:03 PDT 2008 > > > > Trying to get all of the configs. > 10.10.10.7: missed cmd(s): write term all > ===================================== > Getting missed routers: round 1. > 10.10.10.7: missed cmd(s): write term all > ===================================== > Getting missed routers: round 2. > 10.10.10.7: missed cmd(s): write term all > ===================================== > Getting missed routers: round 3. > 10.10.10.7: missed cmd(s): write term all > ===================================== > Getting missed routers: round 4. > 10.10.10.7: missed cmd(s): write term all > > cvs diff: Diffing . > cvs diff: Diffing configs > cvs commit: Examining . > cvs commit: Examining configs > done > > ending: Mon Jun 16 17:14:02 PDT 2008 > > > > > Any help would be greatly appreciated! > > > -- > ============================================| > Victor Breen > victor at impulse.net > |==========================================*| > > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20080617/cc55c8f1/attachment.html From victor at impulse.net Tue Jun 17 21:07:16 2008 From: victor at impulse.net (Victor Breen) Date: Tue, 17 Jun 2008 14:07:16 -0700 (PDT) Subject: [rancid] Re: Can't poll a cat5 switch. clogin works fine manually In-Reply-To: <114110855.178151213736632306.JavaMail.root@lavender.impulse.net> Message-ID: <861813490.178331213736836297.JavaMail.root@lavender.impulse.net> Seth, I added the "add autoenable 10.10.10.7 0" line but it didn't change how it's behaving. I have included the terminal output for scrutiny. After it enables, an additional carriage return is being sent with no command, then it hangs until I manually kill it. rancid$ /usr/local/rancid/bin/clogin 10.10.10.7 10.10.10.7 spawn telnet 10.10.10.7 Trying 10.10.10.7... Connected to 10.10.10.7 Escape character is '^]'. Cisco Systems, Inc. Console Username: rancid Password: sw2> enable Password: sw2> (enable) sw2> (enable) Anything else I could be missing? Thanks again! -- Victor ----- Original Message ----- From: "Seth Martin" To: "Victor Breen" , "Gareth Hopkins" Cc: rancid-discuss at shrubbery.net Sent: Tuesday, June 17, 2008 1:54:46 PM GMT -08:00 US/Canada Pacific Subject: RE: [rancid] Re: Can't poll a cat5 switch. clogin works fine manually add autoenable 10.10.10.7 0 If you are logging in with a privileged user then you don't have to enable. But if your clogin gets an unprivileged prompt then you need to turn off autoenable for the host. _____________________________________________________________________ Seth Martin -----Original Message----- From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Victor Breen Sent: Tuesday, June 17, 2008 4:48 PM To: Gareth Hopkins Cc: rancid-discuss at shrubbery.net Subject: [rancid] Re: Can't poll a cat5 switch. clogin works fine manually Hi Gareth, I'd rather not send the entire file, of course. It contains about 200 user/pass combos for different routers ;>) I ran "clogin 10.10.10.7" and it definitely failed to work without all of the arguments. Here are the only lines I'm using now. add user 10.10.10.7 {rancid} add password 10.10.10.7 {Masked} {Masked} add method 10.10.10.7 telnet The current behavior using clogin with no extra args is it logs in with the "rancid" username, gets to the unprivileged prompt, it types "enable" and enters the password then it hangs there. I'm not sure why it's doing that. Thanks for your help! --Victor ----- Original Message ----- From: "Gareth Hopkins" To: "Victor Breen" Cc: rancid-discuss at shrubbery.net Sent: Tuesday, June 17, 2008 1:10:50 PM GMT -08:00 US/Canada Pacific Subject: Re: [rancid] Can't poll a cat5 switch. clogin works fine manually Hi, What does your .cloginrc file look like? I'd hazard a guess that something is missing in there. The following config should work for your device add user 10.10.10.7 username add password 10.10.10.7 {password} add autoenable 10.10.10.7 1 You can always run clogin 10.10.10.7 (without all the options) to see if your .cloginrc file is being used correctly. Cheers, Gabba On Tue, Jun 17, 2008 at 9:58 PM, Victor Breen < victor at impulse.net > wrote: Hello! I am having some pretty aggravating issues getting a Cisco Cat switch working in Rancid. Perhaps I'm missing something dumb? I'm hoping someone out there can hit me with the clue-by-four. I am using Rancid 2.3.1 on a FreeBSD box. The "cisco" devices I have set up poll just fine. This is the only cat5 device I'm attempting to poll so I can't say I've ever gotten one to work before. Just the same, clogin seems to work when I run it manually. Here's an example of clogin working fine with the cat5 switch. It does complete but I've snipped the output for less noise: rancid$ /usr/local/rancid/bin/clogin -autoenable -c "write term" -f /home/rancid/.cloginrc -u rancid -p (masked) -t 30 10.10.10.7 spawn telnet 10.10.10.7 Trying 10.10.10.7... Connected to 10.10.10.7 . Escape character is '^]'. Cisco Systems, Inc. Console Username: rancid Password: sw2> (enable) sw2> (enable) set length 0 Screen length for this session set to 0. sw2> (enable) set logging session disable System logging messages will not be sent to the current login session. sw2> (enable) sw2> (enable)write term This command shows non-default configurations only. Use 'write terminal all' to show both default and non-default configurations. ................. ............................. ............................. . begin ! # ***** NON-DEFAULT CONFIGURATION ***** ! ! #time: Mon Jun 16 2008, 23:43:28 ! #version 8.4(11)GLX When I run /usr/local/rancid/bin/rancid-run to test the automated method, I see this show up in the log output: starting: Mon Jun 16 17:09:03 PDT 2008 Trying to get all of the configs. 10.10.10.7 : missed cmd(s): write term all ===================================== Getting missed routers: round 1. 10.10.10.7 : missed cmd(s): write term all ===================================== Getting missed routers: round 2. 10.10.10.7 : missed cmd(s): write term all ===================================== Getting missed routers: round 3. 10.10.10.7 : missed cmd(s): write term all ===================================== Getting missed routers: round 4. 10.10.10.7 : missed cmd(s): write term all cvs diff: Diffing . cvs diff: Diffing configs cvs commit: Examining . cvs commit: Examining configs done ending: Mon Jun 16 17:14:02 PDT 2008 Any help would be greatly appreciated! -- ============================================| Victor Breen victor at impulse.net |==========================================*| _______________________________________________ Rancid-discuss mailing list Rancid-discuss at shrubbery.net http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss _______________________________________________ Rancid-discuss mailing list Rancid-discuss at shrubbery.net http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss From gabbawp at gmail.com Wed Jun 18 07:35:55 2008 From: gabbawp at gmail.com (Gareth Hopkins) Date: Wed, 18 Jun 2008 09:35:55 +0200 Subject: [rancid] Re: Can't poll a cat5 switch. clogin works fine manually In-Reply-To: <861813490.178331213736836297.JavaMail.root@lavender.impulse.net> References: <114110855.178151213736632306.JavaMail.root@lavender.impulse.net> <861813490.178331213736836297.JavaMail.root@lavender.impulse.net> Message-ID: <9a0178110806180035q6da506d5n9a29ba29f4301c60@mail.gmail.com> Hi, Looks like that worked though as all you are doing with that command is logging in. Remember clogin is only the login mechanism. Try the following clogin 10.10.10.7 -c "show version" That should login, go into enable mode, do a show version, and exit. On Tue, Jun 17, 2008 at 11:07 PM, Victor Breen wrote: > Seth, > > I added the "add autoenable 10.10.10.7 0" line but it didn't change how > it's behaving. > > I have included the terminal output for scrutiny. After it enables, an > additional carriage return is being sent with no command, then it hangs > until I manually kill it. > > > rancid$ /usr/local/rancid/bin/clogin 10.10.10.7 > 10.10.10.7 > spawn telnet 10.10.10.7 > Trying 10.10.10.7... > Connected to 10.10.10.7 > Escape character is '^]'. > > > Cisco Systems, Inc. Console > > > > > Username: rancid > > > Password: > sw2> enable > > Password: > sw2> (enable) > sw2> (enable) > > > > > Anything else I could be missing? > > Thanks again! > > > -- Victor > > > > ----- Original Message ----- > From: "Seth Martin" > To: "Victor Breen" , "Gareth Hopkins" < > gabbawp at gmail.com> > Cc: rancid-discuss at shrubbery.net > Sent: Tuesday, June 17, 2008 1:54:46 PM GMT -08:00 US/Canada Pacific > Subject: RE: [rancid] Re: Can't poll a cat5 switch. clogin works fine > manually > > add autoenable 10.10.10.7 0 > > If you are logging in with a privileged user then you don't have to > enable. But if your clogin gets an unprivileged prompt then you need to > turn off autoenable for the host. > > _____________________________________________________________________ > Seth Martin > > > -----Original Message----- > From: rancid-discuss-bounces at shrubbery.net > [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Victor Breen > Sent: Tuesday, June 17, 2008 4:48 PM > To: Gareth Hopkins > Cc: rancid-discuss at shrubbery.net > Subject: [rancid] Re: Can't poll a cat5 switch. clogin works fine > manually > > Hi Gareth, > > I'd rather not send the entire file, of course. It contains about 200 > user/pass combos for different routers ;>) > > I ran "clogin 10.10.10.7" and it definitely failed to work without all > of the arguments. Here are the only lines I'm using now. > > add user 10.10.10.7 {rancid} > add password 10.10.10.7 {Masked} {Masked} > add method 10.10.10.7 telnet > > The current behavior using clogin with no extra args is it logs in with > the "rancid" username, gets to the unprivileged prompt, it types > "enable" and enters the password then it hangs there. I'm not sure why > it's doing that. > > Thanks for your help! > > > --Victor > > > > ----- Original Message ----- > From: "Gareth Hopkins" > To: "Victor Breen" > Cc: rancid-discuss at shrubbery.net > Sent: Tuesday, June 17, 2008 1:10:50 PM GMT -08:00 US/Canada Pacific > Subject: Re: [rancid] Can't poll a cat5 switch. clogin works fine > manually > > Hi, > > What does your .cloginrc file look like? I'd hazard a guess that > something is missing in there. > > The following config should work for your device > > add user 10.10.10.7 username > add password 10.10.10.7 {password} > add autoenable 10.10.10.7 1 > > You can always run clogin 10.10.10.7 (without all the options) to see if > your .cloginrc file is being used correctly. > > Cheers, > > Gabba > > > On Tue, Jun 17, 2008 at 9:58 PM, Victor Breen < victor at impulse.net > > wrote: > > > Hello! > > I am having some pretty aggravating issues getting a Cisco Cat switch > working in Rancid. Perhaps I'm missing something dumb? I'm hoping > someone out there can hit me with the clue-by-four. > > I am using Rancid 2.3.1 on a FreeBSD box. The "cisco" devices I have set > up poll just fine. This is the only cat5 device I'm attempting to poll > so I can't say I've ever gotten one to work before. Just the same, > clogin seems to work when I run it manually. > > Here's an example of clogin working fine with the cat5 switch. It does > complete but I've snipped the output for less noise: > > > > rancid$ /usr/local/rancid/bin/clogin -autoenable -c "write term" -f > /home/rancid/.cloginrc -u rancid -p (masked) -t 30 > 10.10.10.7 > > spawn telnet 10.10.10.7 > Trying 10.10.10.7... > Connected to 10.10.10.7 . > Escape character is '^]'. > > > Cisco Systems, Inc. Console > > > > > Username: rancid > > > Password: > sw2> (enable) > sw2> (enable) set length 0 > Screen length for this session set to 0. > sw2> (enable) set logging session disable > System logging messages will not be sent to the current login session. > sw2> (enable) > sw2> (enable)write term > This command shows non-default configurations only. > Use 'write terminal all' to show both default and non-default > configurations. > ................. > > ............................. > ............................. > . > > begin > ! > # ***** NON-DEFAULT CONFIGURATION ***** > ! > ! > #time: Mon Jun 16 2008, 23:43:28 > ! > #version 8.4(11)GLX > > > > > When I run /usr/local/rancid/bin/rancid-run to test the automated > method, I see this show up in the log output: > > > > starting: Mon Jun 16 17:09:03 PDT 2008 > > > > Trying to get all of the configs. > 10.10.10.7 : missed cmd(s): write term all > ===================================== > Getting missed routers: round 1. > 10.10.10.7 : missed cmd(s): write term all > ===================================== > Getting missed routers: round 2. > 10.10.10.7 : missed cmd(s): write term all > ===================================== > Getting missed routers: round 3. > 10.10.10.7 : missed cmd(s): write term all > ===================================== > Getting missed routers: round 4. > 10.10.10.7 : missed cmd(s): write term all > > cvs diff: Diffing . > cvs diff: Diffing configs > cvs commit: Examining . > cvs commit: Examining configs > done > > ending: Mon Jun 16 17:14:02 PDT 2008 > > > > > Any help would be greatly appreciated! > > > -- > ============================================| > Victor Breen > victor at impulse.net > |==========================================*| > > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20080618/6f93e2c1/attachment.html From ccusmith at aol.com Thu Jun 19 18:44:14 2008 From: ccusmith at aol.com (ccusmith at aol.com) Date: Thu, 19 Jun 2008 14:44:14 -0400 Subject: [rancid] PHP creating a telnet session via Expect Message-ID: <8CAA0539B6562CD-C84-24A3@webmail-dd09.sysops.aol.com> I have a webpage that is in HTML and PHP. ?In PHP I have tried using exec, system, shell_exec and passthru functions to call an Expect Script file (temp.exp). ?This expects file spawns a telnet session that uses "expect/send" commands to retrieve information from an environmental unit (not a normal server). ?This data is placed in a file and then loaded to the webpage. ? The problem is if I call "./temp.exp" it runs great, but when I call the same program from the webpage exec("./temp.exp") using PHP (because it retrieves the data is displayed in the webpage), it will connect but then stops responding.? It never returns the password prompt to achieve a yes to move on. ? I inserted ?exp_internal 1? in the expect file to produce the diagnostic results. ? When temp.exp is ran manually spawn telnet 111.111.11.111 parent: waiting for sync byte parent: telling child to go ahead parent: now unsynchronized from child spawn: returns {18790} expect: does "" (spawn_id exp5) match glob pattern "Password:"? no Trying 111.111.11.111... Connected to 111.111.11.111. Escape character is '^]'. Password: expect: does "Trying 111.111.11.111...\r\nConnected to 111.111.11.111.\r\nEscape character is '^]'.\r\nPassword: " (spawn_id exp5) match glob pattern "Password:"? yes expect: set expect_out(0,string) "Password:" expect: set expect_out(spawn_id) "exp5" When temp.exp is called from the webpage spawn telnet 111.111.11.111 parent: waiting for sync byte parent: telling child to go ahead parent: now unsynchronized from child spawn: returns {19909} expect: does "" (spawn_id exp19) match glob pattern "Password:"? no Trying 111.111.11.111... Connected to 111.111.11.111. Escape character is '^]'. expect: does "Trying 111.111.11.111...\r\nConnected to 111.111.11.111.\r\nEscape character is '^]'.\r\n" (spawn_id exp19) match glob pattern "Password:"? no expect: timed out I have checked/changed the Apache user, the permissions and ownership of the files are fine. ??I have put debug on the expect and the telnet sessions. ?I have specified the telnet used and the port.? I have upgraded my Tcl/Tk. ? The link http://unix.derkeiler.com/Newsgroups/comp.unix.shell/2005-06/0454.html is similar but I am not getting the "setsocket(SO_DEBUG):Permission denied" error and that solution did not work for me. ?? ? System info # find / -name telnet /usr/bin/telnet /usr/ucb/telnet # expect -v expect version 5.40.0 ? Below are versions that I have tried. ? The script 1 #!/usr/local/bin/expect exp_internal -f /opt/xampp/htdocs/temp/diag.txt 1 spawn -nottycopy /bin/telnet -d 111.11.11.111 23 sleep 3 expect "Password:" send "OMNI\r" expect "X. Exit (end connection)" send "p\r" expect ">" log_file -noappend -a "/opt/xampp/htdocs/temp/data.txt" ? #Sensor Name???? POS3????? Temp Sensor???? 1 send "GET 3052.5.1.1.1.1.4.3.1.1\r" sleep 3 expect "1.3.6.1.4.1.3052.5.1.1.1.1.4.3.1.1" ? #Read Out??????? POS3????? Temp Sensor???? 1 send "GET 3052.5.1.1.1.1.6.3.1.1\r" sleep 3 expect "1.3.6.1.4.1.3052.5.1.1.1.1.6.3.1.1" ? #Read Out??????? POS3????? Humidity Sensor 2 send "GET 3052.5.1.1.1.1.6.3.3.1\r" sleep 3 expect "1.3.6.1.4.1.3052.5.1.1.1.1.6.3.3.1" ? log_file send "BYE\r" exit 0 ? ? ? ? The script 2 #!/usr/local/bin/expect -f exp_internal -f /opt/xampp/htdocs/temp/diag.txt 1 set force_conservative 1 ;# set to 1 to force conservative mode even if ????????????????????????? ;# script wasn't run conservatively originally if {$force_conservative} { ??????? set send_slow {1 .1} ??????? proc send {ignore arg} { ??????????????? sleep .1 ??????????????? exp_send -s -- $arg ??????? } } set timeout 3 spawn $env(SHELL) match_max 100000 send -- "telnet 111.11.11.111\r" expect "Password: " send -- "OMNI\r" expect "X. Exit (end connection)" send -- "p\r" expect ">" log_file -noappend -a "/opt/xampp/htdocs/temp/data.txt" ? #Sensor Name???? POS3????? Temp Sensor???? 1 send -- "GET 3052.5.1.1.1.1.4.3.1.1\r" sleep 3 expect "1.3.6.1.4.1.3052.5.1.1.1.1.4.3.1.1" ? #Read Out??????? POS3????? Temp Sensor???? 1 send -- "GET 3052.5.1.1.1.1.6.3.1.1\r" sleep 3 expect "1.3.6.1.4.1.3052.5.1.1.1.1.6.3.1.1" ? #Read Out??????? POS3????? Humidity Sensor 2 send -- "GET 3052.5.1.1.1.1.6.3.3.1\r" sleep 3 expect "1.3.6.1.4.1.3052.5.1.1.1.1.6.3.3.1" ? log_file send -- "BYE\r" exit 0 -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20080619/0595f3a7/attachment.html From rancid at gheek.net Thu Jun 19 19:27:40 2008 From: rancid at gheek.net (Lance Vermilion) Date: Thu, 19 Jun 2008 12:27:40 -0700 Subject: [rancid] Re: PHP creating a telnet session via Expect In-Reply-To: <8CAA0539B6562CD-C84-24A3@webmail-dd09.sysops.aol.com> References: <8CAA0539B6562CD-C84-24A3@webmail-dd09.sysops.aol.com> Message-ID: <8423e7bb0806191227i6028a7bflfb525aba9a2f6502@mail.gmail.com> I would look at what term you are using and how that differs from PHP to expect. Also create a basic php script to execute the expect script and see if it works through cli. if that works then check through apache. if it fails through apache it might be because of a term issue. On Thu, Jun 19, 2008 at 11:44 AM, wrote: > I have a webpage that is in HTML and PHP. In PHP I have tried using exec, > system, shell_exec and passthru functions to call an Expect Script file > (temp.exp). This expects file spawns a telnet session that uses > "expect/send" commands to retrieve information from an environmental unit > (not a normal server). This data is placed in a file and then loaded to the > webpage. > > The problem is if I call "./temp.exp" it runs great, but when I call the > same program from the webpage exec("./temp.exp") using PHP (because it > retrieves the data is displayed in the webpage), it will connect but then > stops responding. It never returns the password prompt to achieve a yes to > move on. > > I inserted "exp_internal 1" in the expect file to produce the diagnostic > results. > > *When temp.exp is ran manually* > spawn telnet 111.111.11.111 > parent: waiting for sync byte > parent: telling child to go ahead > parent: now unsynchronized from child > spawn: returns {18790} > expect: does "" (spawn_id exp5) match glob pattern "Password:"? no > Trying 111.111.11.111... > Connected to 111.111.11.111. > Escape character is '^]'. > Password: > expect: does "Trying 111.111.11.111...\r\nConnected to > 111.111.11.111.\r\nEscape character is '^]'.\r\n*Password: " (spawn_id > exp5) match glob pattern "Password:"? yes* > expect: set expect_out(0,string) "Password:" > expect: set expect_out(spawn_id) "exp5" > > > *When temp.exp is called from the webpage* > spawn telnet 111.111.11.111 > parent: waiting for sync byte > parent: telling child to go ahead > parent: now unsynchronized from child > spawn: returns {19909} > expect: does "" (spawn_id exp19) match glob pattern "Password:"? no > Trying 111.111.11.111... > Connected to 111.111.11.111. > Escape character is '^]'. > expect: does "Trying 111.111.11.111...\r\nConnected to > 111.111.11.111.\r\nEscape character is '^]'.\r\n*" (spawn_id exp19) match > glob pattern "Password:"? no* > expect: timed out > > I have checked/changed the Apache user, the permissions and ownership of > the files are fine. I have put debug on the expect and the telnet > sessions. I have specified the telnet used and the port. I have upgraded > my Tcl/Tk. The link > http://unix.derkeiler.com/Newsgroups/comp.unix.shell/2005-06/0454.html is > similar but I am not getting the "setsocket(SO_DEBUG):Permission denied" > error and that solution did not work for me. > > *System info* > # find / -name telnet > /usr/bin/telnet > /usr/ucb/telnet > # expect -v > expect version 5.40.0 > > Below are versions that I have tried. > > *The script 1* > #!/usr/local/bin/expect > exp_internal -f /opt/xampp/htdocs/temp/diag.txt 1 > spawn -nottycopy /bin/telnet -d 111.11.11.111 23 > sleep 3 > expect "Password:" > send "OMNI\r" > expect "X. Exit (end connection)" > send "p\r" > expect ">" > log_file -noappend -a "/opt/xampp/htdocs/temp/data.txt" > > #Sensor Name POS3 Temp Sensor 1 > send "GET 3052.5.1.1.1.1.4.3.1.1\r" > sleep 3 > expect "1.3.6.1.4.1.3052.5.1.1.1.1.4.3.1.1" > > #Read Out POS3 Temp Sensor 1 > send "GET 3052.5.1.1.1.1.6.3.1.1\r" > sleep 3 > expect "1.3.6.1.4.1.3052.5.1.1.1.1.6.3.1.1" > > #Read Out POS3 Humidity Sensor 2 > send "GET 3052.5.1.1.1.1.6.3.3.1\r" > sleep 3 > expect "1.3.6.1.4.1.3052.5.1.1.1.1.6.3.3.1" > > log_file > send "BYE\r" > exit 0 > > > > > *The script 2* > #!/usr/local/bin/expect -f > exp_internal -f /opt/xampp/htdocs/temp/diag.txt 1 > set force_conservative 1 ;# set to 1 to force conservative mode even if > ;# script wasn't run conservatively originally > if {$force_conservative} { > set send_slow {1 .1} > proc send {ignore arg} { > sleep .1 > exp_send -s -- $arg > } > } > set timeout 3 > spawn $env(SHELL) > match_max 100000 > send -- "telnet 111.11.11.111\r" > expect "Password: " > send -- "OMNI\r" > expect "X. Exit (end connection)" > send -- "p\r" > expect ">" > log_file -noappend -a "/opt/xampp/htdocs/temp/data.txt" > > #Sensor Name POS3 Temp Sensor 1 > send -- "GET 3052.5.1.1.1.1.4.3.1.1\r" > sleep 3 > expect "1.3.6.1.4.1.3052.5.1.1.1.1.4.3.1.1" > > #Read Out POS3 Temp Sensor 1 > send -- "GET 3052.5.1.1.1.1.6.3.1.1\r" > sleep 3 > expect "1.3.6.1.4.1.3052.5.1.1.1.1.6.3.1.1" > > #Read Out POS3 Humidity Sensor 2 > send -- "GET 3052.5.1.1.1.1.6.3.3.1\r" > sleep 3 > expect "1.3.6.1.4.1.3052.5.1.1.1.1.6.3.3.1" > > log_file > send -- "BYE\r" > exit 0 > ------------------------------ > Get the Moviefone Toolbar. > Showtimes, theaters, movie news, & more! > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20080619/3c57d826/attachment.html From jhigham at epri.com Thu Jun 19 21:27:22 2008 From: jhigham at epri.com (Higham, Josh) Date: Thu, 19 Jun 2008 14:27:22 -0700 Subject: [rancid] Looking for a short-term contractor in the Bay Area Message-ID: <4C3B8C75B5899943AEC675BA6DD46273FD49F7@uspalex02.epri.com> Hopefully this is acceptable on the list, otherwise please ignore. I am looking for a contractor to help us get some additional devices being managed by RANCID. This work would need to be done onsite at our facility in Palo Alto. Our current installation backs up most Cisco devices, but we need to add the following: Cisco wireless LAN controllers Packeteer Packetshapers Nortel Contivity F5 BigIP Juniper SSL VPN Avocent Cyclades Any changes not containing proprietary or confidential information would be released back to the Rancid project. If you or someone you know is interested and available, please drop me a note. As a side note, the contact number on the shrubbery.net site is no longer in service. Thanks, Josh From barry at opensolutions.ie Tue Jun 24 09:00:55 2008 From: barry at opensolutions.ie (Barry O'Donovan) Date: Tue, 24 Jun 2008 10:00:55 +0100 Subject: [rancid] Re: Add new scripts for Netgear? In-Reply-To: <200806121246.31737.barry@opensolutions.ie> References: <200806121246.31737.barry@opensolutions.ie> Message-ID: <200806241000.55787.barry@opensolutions.ie> Hi folks, Can anyone advise on the below or a more appropriate forum? Thanks, Barry On Thursday 12 June 2008 12:46:31 Barry O'Donovan wrote: > To whom it may concern, > > I have been using RANCID for quite a few years and find it an invaluable > tool for peer review, etc and I'd like to expres smy gratitude to all the > developers. > > I write in relation to a previous post: > > http://www.shrubbery.net/pipermail/rancid-discuss/2008-April/003037.html > > and I have CC'd the author. I can additionally confirm that Ed's script > also works for Netgear GSM7224. > > I attach his scripts again as I needed to remove some HTML formatting. > > I'd love to see these added to RANCID as well as the change to rancid-fe: > > # diff rancid-fe~ rancid-fe > 45a46 > > > elsif ($vendor =~ /^netgear$/i) { exec('grancid', $router); > > } > > I'm happy to help clean/edit/format the scripts to this end. > > Can someone advise me as to what is required to see this happen? > > Thanks, > Barry O'Donovan From stpierce at att.com Tue Jun 24 13:51:59 2008 From: stpierce at att.com (PIERCE, STEVEN T (STEVE), ATTOPS) Date: Tue, 24 Jun 2008 09:51:59 -0400 Subject: [rancid] Cisco WAE and Bluecoat Message-ID: I've implemented some acceleration devices for testing (Riverbed, Cisco WAAS and Bluecoat) and would like to use RANCID to archive the configurations. I searched the archives and was able to get the Riverbed working. However, I'm still getting 'End of run not found' errors on the WAEs. I tried the suggestion posted earlier this year in the forums but it did not work (pasted below). Is there something else to be tried? Also, has anyone developed a Bluecoat script? [rancid] Re: WAE devices Joachim Jerberg Jensen joaje at dongenergy.dk Fri Jan 4 15:16:00 UTC 2008 * Previous message: [rancid] WAE devices * Next message: [rancid] HP Procurve (hlogin): interaction in configure mode: possible? * Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] ________________________________ >From: Fox, Brad ;Sent: Friday, January 04, 2008 2:59 PM > >Gentlemen, > >Is anyone currently catching configurations for Cisco Wide Area Application Engine's? I attempted a while back but because the EOF for WAE boxes is different of that of other Cisco >devices I have since excluded them from Rancid. Thanks, > > >From WAAS: > >exit > >! End of WAAS configuration Try to edit rancid. Go to line 1402 Replace: if (/^(: +)?end$/) { With: if (/^End of WAAS configuration/i) { This should set $found_end = 1; when it detects " End of WAAS configuration". It's a hack that means backup of some other cisco stuff will fail, but try to test it. (you can always add it) I haven't tried it on WAE's, but I did something similar on some Extreme boxes to make it work. BR Joachim Jerberg Jensen -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20080624/d751c8a5/attachment.html From steve at host-it.co.uk Thu Jun 26 09:01:23 2008 From: steve at host-it.co.uk (Steve Ousley) Date: Thu, 26 Jun 2008 10:01:23 +0100 Subject: [rancid] Email notifications Message-ID: <06ad01c8d76b$35868520$a0938f60$@co.uk> Hi We have just noticed that our rancid cron job was not running, and therefore the devices were not being backed up. Does anyone know of a way that you could get this to email when rancid has run, wether it changed anything or not, so that we at least get a notification that this has run. Hopefully with this being the case, we should be able to notice if it's not working again, and sort it a lot sooner than the month or so that it took to notice it this time. Alternatively, if anyone knows of a way to get the cron job to mail a successful/unsuccessful run of rancid-run, then this would also be useful. Thanks in advance. Steve Ousley - SO620-RIPE Nuco Technologies Ltd steve at host-it.co.uk www.nucotechnologies.com Tel. 0870 165 1300 Nuco Technologies Ltd is a company registered in England and Wales with company number 04470751 -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20080626/7b9a5c91/attachment.html From steve at host-it.co.uk Thu Jun 26 12:27:39 2008 From: steve at host-it.co.uk (Steve Ousley) Date: Thu, 26 Jun 2008 13:27:39 +0100 Subject: [rancid] Re: Email notifications In-Reply-To: References: <06ad01c8d76b$35868520$a0938f60$@co.uk> Message-ID: <06f801c8d788$05c352b0$1149f810$@co.uk> OK, upon further investigation, it wasn't in fact cron that was failing. The cron was running the script no problems, however having implemented a new script that also backs the configs up, we hadn't added the "rancid-run" command to this (it takes a little while to run, and wanted to know it would copy the files ok). I think your solution (with this in mind) is the best way to go about it. Since that will also report if cron fails, OR if rancid-run fails. Is there a file that gets updated every time rancid runs? Or is it best to simply add in something like: echo "" >> /path/to/rancid/did.it.run so that when it runs, it will update that file, and therefore the modification time on that file. You think this would be the best way? Steve Ousley - SO620-RIPE -----Original Message----- From: Burton Windle [mailto:bwindle at fint.org] Sent: 26 June 2008 13:21 To: Steve Ousley Subject: Re: [rancid] Email notifications Perhaps something that monitors the RANCID log directory, and takes note when no files have been added recently? What was causing cron to fail? -- Burton Windle bwindle at fint.org On Thu, 26 Jun 2008, Steve Ousley wrote: > > Hi > > ? > > We have just noticed that our rancid cron job was not running, and therefore the devices were not being backed up.? Does anyone know of a > way that you could get this to email when rancid has run, wether it changed anything or not, so that we at least get a notification that > this has run. > > ? > > Hopefully with this being the case, we should be able to notice if it?s not working again, and sort it a lot sooner than the month or so > that it took to notice it this time. > > ? > > Alternatively, if anyone knows of a way to get the cron job to mail a successful/unsuccessful run of rancid-run, then this would also be > useful. > > ? > > Thanks in advance. > > ? > > Steve Ousley - SO620-RIPE > From steve at host-it.co.uk Thu Jun 26 13:00:27 2008 From: steve at host-it.co.uk (Steve Ousley) Date: Thu, 26 Jun 2008 14:00:27 +0100 Subject: [rancid] Re: Email notifications In-Reply-To: <20080626125654.GA13263@pretend.net> References: <06ad01c8d76b$35868520$a0938f60$@co.uk> <06f801c8d788$05c352b0$1149f810$@co.uk> <20080626125654.GA13263@pretend.net> Message-ID: <06f901c8d78c$9b12c130$d1384390$@co.uk> That should work :) I actually have a script that runs that runs rancid-run and then the file backup anyway, so I might just add a bit to the end of that that mails us on successful completion of that, and then use this method in cron to mail if it failed. Thanks Tom :) Steve Ousley - SO620-RIPE -----Original Message----- From: Thomas C. Knoeller [mailto:tck at pretend.net] Sent: 26 June 2008 13:57 To: Steve Ousley Subject: Re: [rancid] Re: Email notifications How about something in cron like this? rancid-run && backup-files || mail -s 'rancid or backup of rancid failed' interested at my.domain References: <06ad01c8d76b$35868520$a0938f60$@co.uk> <3c9a5bae0806261037q45836d07sbce1130c038ac14b@mail.gmail.com> Message-ID: <072e01c8d7d1$06ad8170$14088450$@co.uk> Of Course! I forgot about the rancid log locations :D Steve Ousley - SO620-RIPE Nuco Technologies Ltd steve at host-it.co.uk www.nucotechnologies.com Tel. 0870 165 1300 Nuco Technologies Ltd is a company registered in England and Wales with company number 04470751 -----Original Message----- From: Bill Jacqmein [mailto:wrjacqmein at gmail.com] Sent: 26 June 2008 18:38 To: Steve Ousley Cc: rancid-discuss at shrubbery.net Subject: Re: [rancid] Email notifications Steve, Files should be created under the log directory (default: /home/rancid/var/logs) RouterLocation.YYYYMMDD.HHMMSS They might be more useful then creating another file. Enjoy, Bill On Thu, Jun 26, 2008 at 5:01 AM, Steve Ousley wrote: > Hi > > > > We have just noticed that our rancid cron job was not running, and therefore > the devices were not being backed up. Does anyone know of a way that you > could get this to email when rancid has run, wether it changed anything or > not, so that we at least get a notification that this has run. > > > > Hopefully with this being the case, we should be able to notice if it's not > working again, and sort it a lot sooner than the month or so that it took to > notice it this time. > > > > Alternatively, if anyone knows of a way to get the cron job to mail a > successful/unsuccessful run of rancid-run, then this would also be useful. > > > > Thanks in advance. > > > > Steve Ousley - SO620-RIPE > > Nuco Technologies Ltd > > steve at host-it.co.uk > > www.nucotechnologies.com > > Tel. 0870 165 1300 > > > > Nuco Technologies Ltd is a company registered in England and Wales > with company number 04470751 > > > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > From sub at yuss.org Fri Jun 27 09:20:44 2008 From: sub at yuss.org (Mark Sumner) Date: Fri, 27 Jun 2008 10:20:44 +0100 Subject: [rancid] Strange rancid behaviour on Solaris Message-ID: <20080627092044.GB16629@rolf.yuss.org> Hello, I've recently moved my rancid install from linux to Solaris and have had some strange behaviour since. Certain hosts (all cisco) no fail to allow rancid to log in. The peculiarity that they exhibit is that rancid never appears to send the username from it's configuration and sends a carriage return instead, so I see the following: User Access Verification Username: Username: % Username: timeout expired! The configurations are identical and I have tried this on both Solaris 10 and OpenSolaris 112008 using both the official expect package and the latest blastwave version. Has anyone else seen this happen or does anything have any pointers as to what could be causing it? I've tried running it verbosely but I can't see anything that doesn't match in the outputs between accessing from Linux or Solaris From wrjacqmein at gmail.com Thu Jun 26 17:37:51 2008 From: wrjacqmein at gmail.com (Bill Jacqmein) Date: Thu, 26 Jun 2008 13:37:51 -0400 Subject: [rancid] Re: Email notifications In-Reply-To: <06ad01c8d76b$35868520$a0938f60$@co.uk> References: <06ad01c8d76b$35868520$a0938f60$@co.uk> Message-ID: <3c9a5bae0806261037q45836d07sbce1130c038ac14b@mail.gmail.com> Steve, Files should be created under the log directory (default: /home/rancid/var/logs) RouterLocation.YYYYMMDD.HHMMSS They might be more useful then creating another file. Enjoy, Bill On Thu, Jun 26, 2008 at 5:01 AM, Steve Ousley wrote: > Hi > > > > We have just noticed that our rancid cron job was not running, and therefore > the devices were not being backed up. Does anyone know of a way that you > could get this to email when rancid has run, wether it changed anything or > not, so that we at least get a notification that this has run. > > > > Hopefully with this being the case, we should be able to notice if it's not > working again, and sort it a lot sooner than the month or so that it took to > notice it this time. > > > > Alternatively, if anyone knows of a way to get the cron job to mail a > successful/unsuccessful run of rancid-run, then this would also be useful. > > > > Thanks in advance. > > > > Steve Ousley - SO620-RIPE > > Nuco Technologies Ltd > > steve at host-it.co.uk > > www.nucotechnologies.com > > Tel. 0870 165 1300 > > > > Nuco Technologies Ltd is a company registered in England and Wales > with company number 04470751 > > > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > From rancid at ale.cx Fri Jun 27 11:11:21 2008 From: rancid at ale.cx (alex) Date: Fri, 27 Jun 2008 12:11:21 +0100 Subject: [rancid] Re: Strange rancid behaviour on Solaris In-Reply-To: <20080627092044.GB16629@rolf.yuss.org> References: <20080627092044.GB16629@rolf.yuss.org> Message-ID: <200806271211.21522.rancid@ale.cx> On Friday 27 June 2008 10:20:44 Mark Sumner wrote: > The configurations are identical and I have tried this on both Solaris > 10 and OpenSolaris 112008 using both the official expect package and the > latest blastwave version. SSH or Telnet [I'm guessing telnet]. You could try configuring SSH instead. alexd From ab at lists.gxis.de Mon Jun 30 16:27:15 2008 From: ab at lists.gxis.de (Alexander Bochmann) Date: Mon, 30 Jun 2008 18:27:15 +0200 Subject: [rancid] Re: VLAN portion of rancid-run In-Reply-To: <6ug0ut$fmiik1@neti04smtpa.hdi.tvcabo> References: <20080530133226.GB4452@panix.com> <6ug0ut$fmiik1@neti04smtpa.hdi.tvcabo> Message-ID: <20080630162715.GB4540@gxis.de> ...on Sat, May 31, 2008 at 02:44:05PM +0100, Zarahel wrote: > I?ve seen alot of inputs, but the problem remains. The Revisions continue to > increase randomly because of Vlan terminal Output. I don?t know how to solve > this.. Just writing (a month late) to note that terminal width is not the only reason for this problem to occur: show vlan output also changes when a switchport changes it's state (a device attached to a switchport is (dis)connected between rancid runs). This can make using rancid to collect data from access switches quite a nuisance. Alex. From ab at lists.gxis.de Mon Jun 30 17:03:43 2008 From: ab at lists.gxis.de (Alexander Bochmann) Date: Mon, 30 Jun 2008 19:03:43 +0200 Subject: [rancid] Rancid & Alcatel Omniswitch Message-ID: <20080630170343.GC4540@gxis.de> Hi, a couple of weeks ago I hacked a version of clogin / rancid to collect data from Alcatel Omniswitch systems. Unfortunately it's in the form of yet another modified version of those scripts at the moment, and still very much in a "works for me but there is no error handling and I couldn't understand a few things in the code anyway" - state. Is that of any use to anyone nevertheless? Alex. From cgauthier at mapscu.com Mon Jun 30 17:55:21 2008 From: cgauthier at mapscu.com (Chris Gauthier) Date: Mon, 30 Jun 2008 10:55:21 -0700 Subject: [rancid] Re: [SPAM] - Rancid & Alcatel Omniswitch - Found word(s) list error in the Text body In-Reply-To: <20080630170343.GC4540@gxis.de> References: <20080630170343.GC4540@gxis.de> Message-ID: <0A9A5A2BC1C0A94C981AF5FCF2D2F33812466805@mshin01.mapscu.com> My thought is to contribute your mod with the caveat of what you just said. Maybe someone else will pick up on it. Chris -----Original Message----- From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Alexander Bochmann Sent: Monday, June 30, 2008 10:04 AM To: rancid-discuss at shrubbery.net Subject: [SPAM] - [rancid] Rancid & Alcatel Omniswitch - Found word(s) list error in the Text body Hi, a couple of weeks ago I hacked a version of clogin / rancid to collect data from Alcatel Omniswitch systems. Unfortunately it's in the form of yet another modified version of those scripts at the moment, and still very much in a "works for me but there is no error handling and I couldn't understand a few things in the code anyway" - state. Is that of any use to anyone nevertheless? Alex. _______________________________________________ Rancid-discuss mailing list Rancid-discuss at shrubbery.net http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss From rancid at gheek.net Mon Jun 30 17:57:02 2008 From: rancid at gheek.net (Lance Vermilion) Date: Mon, 30 Jun 2008 10:57:02 -0700 Subject: [rancid] Re: Rancid & Alcatel Omniswitch In-Reply-To: <20080630170343.GC4540@gxis.de> References: <20080630170343.GC4540@gxis.de> Message-ID: <8423e7bb0806301057h5939d6b3i18d9753d4bf8782b@mail.gmail.com> Alex, It never hurts to post it to the list. That way people can find it and look over it and even try it without having to get a hold of you. -Lance On Mon, Jun 30, 2008 at 10:03 AM, Alexander Bochmann wrote: > Hi, > > a couple of weeks ago I hacked a version of clogin / rancid > to collect data from Alcatel Omniswitch systems. > > Unfortunately it's in the form of yet another modified > version of those scripts at the moment, and still > very much in a "works for me but there is no error > handling and I couldn't understand a few things in > the code anyway" - state. > > Is that of any use to anyone nevertheless? > > Alex. > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20080630/8b87d11e/attachment.html