[rancid] xrrancid destroys ipv[46] ACLs

Mon Aug 13 14:46:13 UTC 2012

Hello,

It was really awful to see that the problem still exists...
So here is adopted patch from Josh for rancid 2.3.8 with rancid-2.3.8.p2 applied. It also contain quick fix for ending ip addresses being eated by sorting routine for thous who like sorting.

cat /usr/ports/net-mgmt/rancid/files/xrrrancid.acl.sort

--- bin/xrrancid.in     Mon Aug 13 15:41:30 2012
+++ bin/xrrancid.in     Mon Aug 13 18:11:03 2012
@@ -67,6 +67,7 @@
 my($config_register);                  # configuration register value
 my($filter_commstr);                   # SNMP community string filtering
 my($filter_pwds);                      # password filtering mode
+my($aclstripseq);                      # Strip ACL sequence numbers

 # This routine is used to print out the router configuration
 sub ProcessHistory {
@@ -1094,12 +1095,22 @@
            while (<INPUT>) {
                tr/\015//d;
                last if (/^$prompt/ || /^\S/);
-               ($seq, $cmd, $misc, $ip) = ($_ =~ /^\s+(\d+) (\w+) (.*\s)(\w+)/);
+               ($seq, $cmd, $misc, $ip, $other) = ($_ =~ /^\s+(\d+) (\w+) (.*\s)(\w+)(.*)$/);
                if ($cmd =~ /(permit|deny)/) {
-                   ProcessHistory("ACL $nlri $key $cmd","$aclsort","$ip",
-                                  " $cmd $misc$ip\n");
+                   if ($aclstripseq == 0) {
+                       ProcessHistory("ACL $seq $nlri $key $cmd","$aclsort","$ip","$_");
+                   }
+                   if ($aclstripseq == 1) {
+                       ProcessHistory("ACL $nlri $key $cmd","$aclsort","$ip",
+                               " $cmd $misc$ip$other\n");
+                   }
                } else {
-                   ProcessHistory("ACL $nlri $key","",""," $cmd $misc$ip\n");
+                   if ($aclstripseq == 0) {
+                       ProcessHistory("ACL $seq $nlri $key","","","$_");
+                   }
+                   if ($aclstripseq == 1) {
+                       ProcessHistory("ACL $nlri $key","",""," $cmd $misc$ip$other\n");
+                   }
                }
            }
        }
@@ -1319,6 +1330,16 @@

 # determine ACL sorting mode
 if ($ENV{"ACLSORT"} =~ /no/i) {
+    $aclsort = "";
+}
+# determine if we want to strip ACL sequence numbers
+if ($ENV{"ACLSTRIPSEQ"} =~ /yes/i) {
+    $aclstripseq = 1;
+}
+else {
+# If you are not stripping ACL sequence numbers
+# you cannot sort ACLs
+    $aclstripseq = 0;
     $aclsort = "";
 }
 # determine community string filtering mode

-- 
wbr,
 Roman Sokolov
 mailto:rps at cheater.ru
