[rancid] Re: Modify rancid scripts to enter on Cisco devices level 7 (enable 7 command)

Thu Jun 10 07:27:24 UTC 2010

Hi again.

Sorry I sent the last email to Jethro directly, not to the list... :P

Anyway, it works perfect!!! I have created rancid7, clogin7 and modified
rancid-fe script ,and now I can get the configs.

*rancid at nagios3:~/bin$ clogin7 -t 90 172.16.20.1
172.16.20.1
spawn telnet 172.16.20.1
Trying 172.16.20.1...
Connected to 172.16.20.1.
Escape character is '^]'.
.
.
.
User Access Verification

Username: rancid
Password:

gw1>enable 7
Password:
gw1#
*

Thanks a lot for your help, is nice to see a gurus like you.

Regards,
Julian

2010/6/10 Julian Salmeron <jsalmeron at gmail.com>

> Hi John/Jethro.
>
> Thanks for the quick reply.
>
> I'll try to create the separate scripts and let you know.
>
> Regards,
> Julian
>
> 2010/6/9 Jethro R Binks <jethro.binks at strath.ac.uk>
>
> On Wed, 9 Jun 2010, john heasley wrote:
>>
>> > > If the facility to change it ever gets added in via .cloginrc, I at
>> least
>> > > had part of the framework there, and in the meantime it reminds me to
>> > > think about it again every so often.
>> >
>> > i'd have created a separate script for that one, especially because its
>> a
>> > 3com.  yes, i won't hide my disdain for 3com.
>>
>> :)  But I did: h3clogin.  That's where I put the simple framework, Just In
>> Case.
>>
>> > but, 'enablecmd' is what i was thinking about.  however, because folks
>> > would be inclined to do things like julian is, it affects authorization
>> > for other commands and quickly becomes far more complicated.
>>
>> I was just thinking about the general case of "a device where the enable
>> command isn't literally 'enable'", rather than Julian's more specialised
>> case where he is specifying a particular priv level, but you are correct
>> that in that case it can get complicated.
>>
>> As it happens, my rancid logs into a ASA/PIX with a user of lower priv
>> level; I did have to make some of the commands available to the lower priv
>> level.
>>
>> My 'framework', such as it was, was really an example of my continuing
>> view (mentioned before) that the more system-specific detail can be
>> abstracted out from the scripts themselves, then the less different the
>> scripts become.  It then becomes much easier to:
>>
>> 1. abstract common functions out from the scripts;
>>
>> 2. make updates to general functionality across all the scripts;
>>
>> 3. write a script for a new device, concentrating on just the stuff that
>> really is different rather than trying to cobble something together
>> comparing different scripts for other different devices
>>
>> Obviously some devices really are quite different, or pernikity, but if
>> you can abstract even the simple things like "what's the command to run to
>> get to privileged mode", and "how do i turn off paging" to the clogin
>> level, or a simple config file listing the vendors and the equivalent
>> commands, then you might get some way down that road.
>> Net::Appliance::Session attempts to do something like this, by the use of
>> vendor-specific 'phrasebooks', e.g.:
>>
>>
>> http://cpansearch.perl.org/src/OLIVER/Net-Appliance-Phrasebook-1.8/lib/Net/Appliance/Phrasebook/nas-pb.yml
>>
>> Jethro.
>>
>> .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .
>> Jethro R Binks
>> Computing Officer, IT Services, University Of Strathclyde, Glasgow, UK
>> _______________________________________________
>> Rancid-discuss mailing list
>> Rancid-discuss at shrubbery.net
>> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20100610/48b2af84/attachment.html 