[rancid] Re: F5 ("bigip") script
Sotiris Tsimbonis
stsimb at irc.gr
Tue Apr 21 19:58:44 UTC 2009
Teun Vink wrote, On 21/04/2009 09:50 AM:
> On Mon, 2009-04-20 at 17:28 +0000, john heasley wrote:
> [...]
>> what is 'LTM'?
>>
>
> The Local Traffic Manager, one of the products of F5.
>
>>> manually downloaded are the certs. All in all this seems to be a great
>>> improvemant. Thanks for making it work.
>> The certs are in the configuration? is there a command or option to get
>> them?
>
> they are stored on local disk in
> /config/ssl/ssl.csr/*
> /config/ssl/ssl.key/*
> /config/ssl/ssl.crl/*
> /config/ssl/ssl.crt/*
>
Here is a small script I've put together and run on our LTM..
----------------------------------------------------------------
bigip01:~# cat /root/rancid-ssl.sh
#!/bin/bash
ls -l /config/ssl/ssl.crt/*.crt
for file in `echo /config/ssl/ssl.crt/*.crt` ; do
if [ $file != "/config/ssl/ssl.crt/ca-bundle.crt" ] ; then
echo " "
echo Contents of $file follow:
cat $file
echo " "
fi
done
ls -l /config/ssl/ssl.key/*.key
for file in `echo /config/ssl/ssl.key/*.key` ; do
echo " "
echo Contents of $file follow:
cat $file
echo " "
done
echo "END-OF-RANCID-SSL"
----------------------------------------------------------------
and the corresponding mods sub in f5rancid ....
@commandtable = (
...
{'/root/rancid-ssl.sh' => 'RancidSSL'},
sub RancidSSL {
print STDERR " In ConfFile: $_" if ($debug);
ProcessHistory("COMMENTS","","BO","!\n!\n! #### Running
$cmd\n!\n!\n");
while (<INPUT>) {
tr/\015//d;
last if (/^END-OF-RANCID-SSL/);
# next if (/^(\s*|\s*$cmd\s*)$/);
ProcessHistory("","","$cmd","$_");
}
# ProcessHistory("","","$cmd","$_");
$found_end = 1;
return(0);
}
Sotiris.
>
> Regards,
> Teun
>
>
> _______________________________________________
> Rancid-discuss mailing list
> Rancid-discuss at shrubbery.net
> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
>
More information about the Rancid-discuss
mailing list