From dale.shaw+rancid-discuss at gmail.com Tue May 1 05:31:26 2012 From: dale.shaw+rancid-discuss at gmail.com (Dale Shaw) Date: Tue, 1 May 2012 13:31:26 +0800 Subject: [rancid] F5 BIG-IP devices - any tricks? In-Reply-To: <5DC4853C6CC3EE4788779E0726E034DD011A1D19@zy-ex1.zyedge.local> References: <20120428072205.GA24822@shrubbery.net> <5DC4853C6CC3EE4788779E0726E034DD011A1D19@zy-ex1.zyedge.local> Message-ID: Hi, On Sat, Apr 28, 2012 at 10:30 PM, Ryan West wrote: > > The link that was provided earlier by Matthew seems promising. ?I was able to run all commands on both v10 and v11 devices. >?The patch, however, did not apply properly against a 2.3.8 build and my attempts to manually input the lines worked except for this routine, where it fails at the end: [...] > > Here is the link to the full changes. ?If anyone can tell me how to fix the last line, I should be able to quickly test it against v11 and v10 devices that we monitor. > http://blog.routedlogic.net/2011/12/08/rancid-monitoring-of-f5s-with-bigip-v11-x/ Concur; patch as displayed in blog post seems broken. Link to .diff 404's. Cc'ing the blog owner. Happy to help test this in our small environment (4 x LTMs running BIG-IP 10.1.0 3341.0). cheers, Dale From rwest at zyedge.com Tue May 1 08:25:10 2012 From: rwest at zyedge.com (Ryan West) Date: Tue, 1 May 2012 08:25:10 +0000 Subject: [rancid] F5 BIG-IP devices - any tricks? In-Reply-To: References: <20120428072205.GA24822@shrubbery.net> <5DC4853C6CC3EE4788779E0726E034DD011A1D19@zy-ex1.zyedge.local> Message-ID: <5DC4853C6CC3EE4788779E0726E034DD011AAD54@zy-ex1.zyedge.local> Hey Colin, I have tested on v11 and v10.[12].x boxes and the tmsh commands work on both. I don't have anymore 9.x to work with, so I think just having a working tmsh example should do the trick. Not sure if you caught my email to John Heasley, but it seems the last function before the commandtable is broken. Just clearing that up should be enough to do a little testing. Let me know if you need anymore information. Thanks, -ryan -----Original Message----- From: Colin Stubbs [mailto:cstubbs at gmail.com] Sent: Tuesday, May 01, 2012 3:59 AM To: Dale Shaw Cc: Ryan West; rancid-discuss at shrubbery.net Subject: Re: [rancid] F5 BIG-IP devices - any tricks? Hmm, looks like gmail is spam dropping some of this list for me. This is the first email that came thru re: this subject :-( Given I wrote the first patch I'm happy to get cracking on updating it. I have actually already been doing various things related to that due to working with BIGIP v11. There's a bit that needs to change for v11 - anyone else on the list using it yet and need to monitor devices with it ? bigpipe command will no longer work and TMSH command syntax is sufficiently different to bigpipe that they're basically different device types. Would need fork f5rancid into two different types, provide a configuration option to specify version, or auto-detect v11 or < v11 and use a different command set based on that. Suggestions ? -Colin cstubbs @ gmail . com [smtp, g+, fb, msn] Phone: +61 468 311 061 Skype: c.stubbs Pub Key ID: 0xC857AC24 On 1 May 2012 15:31, Dale Shaw wrote: > Hi, > > On Sat, Apr 28, 2012 at 10:30 PM, Ryan West wrote: >> >> The link that was provided earlier by Matthew seems promising. ?I was able to run all commands on both v10 and v11 devices. >?The patch, however, did not apply properly against a 2.3.8 build and my attempts to manually input the lines worked except for this routine, where it fails at the end: > [...] >> >> Here is the link to the full changes. ?If anyone can tell me how to fix the last line, I should be able to quickly test it against v11 and v10 devices that we monitor. >> http://blog.routedlogic.net/2011/12/08/rancid-monitoring-of-f5s-with- >> bigip-v11-x/ > > Concur; patch as displayed in blog post seems broken. Link to .diff > 404's. Cc'ing the blog owner. > > Happy to help test this in our small environment (4 x LTMs running > BIG-IP 10.1.0 3341.0). > > cheers, > Dale From rancid at gheek.net Tue May 1 14:05:11 2012 From: rancid at gheek.net (Lance Vermilion) Date: Tue, 1 May 2012 07:05:11 -0700 Subject: [rancid] F5 BIG-IP devices - any tricks? In-Reply-To: <5DC4853C6CC3EE4788779E0726E034DD011AAD54@zy-ex1.zyedge.local> References: <20120428072205.GA24822@shrubbery.net> <5DC4853C6CC3EE4788779E0726E034DD011A1D19@zy-ex1.zyedge.local> <5DC4853C6CC3EE4788779E0726E034DD011AAD54@zy-ex1.zyedge.local> Message-ID: A new device type setting would be the static method otherwise a version check would be needed for dynamic. Simply run a bigpipe command and if the response is not what we expect run tmsh and if that fails exit with a failure for that node. -------------- next part -------------- An HTML attachment was scrubbed... URL: From cstubbs at gmail.com Tue May 1 07:59:27 2012 From: cstubbs at gmail.com (Colin Stubbs) Date: Tue, 1 May 2012 17:59:27 +1000 Subject: [rancid] F5 BIG-IP devices - any tricks? In-Reply-To: References: <20120428072205.GA24822@shrubbery.net> <5DC4853C6CC3EE4788779E0726E034DD011A1D19@zy-ex1.zyedge.local> Message-ID: Hmm, looks like gmail is spam dropping some of this list for me. This is the first email that came thru re: this subject :-( Given I wrote the first patch I'm happy to get cracking on updating it. I have actually already been doing various things related to that due to working with BIGIP v11. There's a bit that needs to change for v11 - anyone else on the list using it yet and need to monitor devices with it ? bigpipe command will no longer work and TMSH command syntax is sufficiently different to bigpipe that they're basically different device types. Would need fork f5rancid into two different types, provide a configuration option to specify version, or auto-detect v11 or < v11 and use a different command set based on that. Suggestions ? -Colin cstubbs @ gmail . com [smtp, g+, fb, msn] Phone: +61 468 311 061 Skype: c.stubbs Pub Key ID: 0xC857AC24 On 1 May 2012 15:31, Dale Shaw wrote: > Hi, > > On Sat, Apr 28, 2012 at 10:30 PM, Ryan West wrote: >> >> The link that was provided earlier by Matthew seems promising. ?I was able to run all commands on both v10 and v11 devices. >?The patch, however, did not apply properly against a 2.3.8 build and my attempts to manually input the lines worked except for this routine, where it fails at the end: > [...] >> >> Here is the link to the full changes. ?If anyone can tell me how to fix the last line, I should be able to quickly test it against v11 and v10 devices that we monitor. >> http://blog.routedlogic.net/2011/12/08/rancid-monitoring-of-f5s-with-bigip-v11-x/ > > Concur; patch as displayed in blog post seems broken. Link to .diff > 404's. Cc'ing the blog owner. > > Happy to help test this in our small environment (4 x LTMs running > BIG-IP 10.1.0 3341.0). > > cheers, > Dale From cstubbs at gmail.com Sun May 6 06:32:37 2012 From: cstubbs at gmail.com (Colin Stubbs) Date: Sun, 6 May 2012 16:32:37 +1000 Subject: [rancid] F5 BIG-IP devices - any tricks? In-Reply-To: References: <20120428072205.GA24822@shrubbery.net> <5DC4853C6CC3EE4788779E0726E034DD011A1D19@zy-ex1.zyedge.local> <5DC4853C6CC3EE4788779E0726E034DD011AAD54@zy-ex1.zyedge.local> Message-ID: Patch attached for 2.3.8. It uses `bigpipe version`'s response to determine if it should use tmsh or not, and switches command table as appropriate. So it will only use tmsh on a BIGIP v11 F5, as they respond like this, [root at localhost:] ~ # bp version /usr/bin/bp: bigpipe is no longer supported; please use tmsh. [root at localhost:] ~ # This should keep things the same for existing users and avoid unexpected config diff after upgrade. Tested against, bigip1.f5.routedlogic.net:#Sys::Version bigip1.f5.routedlogic.net-# Main Package bigip1.f5.routedlogic.net-# Product BIG-IP bigip1.f5.routedlogic.net-# Version 10.2.3 bigip1.f5.routedlogic.net-# Build 112.0 bigip1.f5.routedlogic.net-# Edition Final -- bigip2.f5.routedlogic.net:#Sys::Version bigip2.f5.routedlogic.net-# Main Package bigip2.f5.routedlogic.net-# Product BIG-IP bigip2.f5.routedlogic.net-# Version 11.1.0 bigip2.f5.routedlogic.net-# Build 1943.0 bigip2.f5.routedlogic.net-# Edition Final -- bigip3.f5.routedlogic.net:#Sys::Version bigip3.f5.routedlogic.net-# Main Package bigip3.f5.routedlogic.net-# Product BIG-IP bigip3.f5.routedlogic.net-# Version 10.1.0 bigip3.f5.routedlogic.net-# Build 3341.1084 bigip3.f5.routedlogic.net-# Edition Final -Colin On 2 May 2012 00:05, Lance Vermilion wrote: > A new device type setting would be the static method otherwise a version > check would be needed for dynamic. > > Simply run a bigpipe command? and if the response is not what we expect run > tmsh and if that fails exit with a failure for that node. -------------- next part -------------- A non-text attachment was scrubbed... Name: rancid-2.3.8-f5rancid.in.patch Type: application/octet-stream Size: 7324 bytes Desc: not available URL: From rwest at zyedge.com Sun May 6 19:20:11 2012 From: rwest at zyedge.com (Ryan West) Date: Sun, 6 May 2012 19:20:11 +0000 Subject: [rancid] F5 BIG-IP devices - any tricks? In-Reply-To: References: <20120428072205.GA24822@shrubbery.net> <5DC4853C6CC3EE4788779E0726E034DD011A1D19@zy-ex1.zyedge.local> <5DC4853C6CC3EE4788779E0726E034DD011AAD54@zy-ex1.zyedge.local> Message-ID: <5DC4853C6CC3EE4788779E0726E034DD011D3210@zy-ex1.zyedge.local> On Sun, May 06, 2012 at 02:32:37, Colin Stubbs wrote: > rancid at shrubbery.net > Subject: Re: [rancid] F5 BIG-IP devices - any tricks? > > Patch attached for 2.3.8. > > It uses `bigpipe version`'s response to determine if it should use > tmsh or not, and switches command table as appropriate. > > So it will only use tmsh on a BIGIP v11 F5, as they respond like this, > > [root at localhost:] ~ # bp version > /usr/bin/bp: bigpipe is no longer supported; please use tmsh. > [root at localhost:] ~ # > > This should keep things the same for existing users and avoid > unexpected config diff after upgrade. > > Tested against, > > bigip1.f5.routedlogic.net:#Sys::Version > bigip1.f5.routedlogic.net-# Main Package > bigip1.f5.routedlogic.net-# Product BIG-IP > bigip1.f5.routedlogic.net-# Version 10.2.3 > bigip1.f5.routedlogic.net-# Build 112.0 > bigip1.f5.routedlogic.net-# Edition Final > -- > bigip2.f5.routedlogic.net:#Sys::Version > bigip2.f5.routedlogic.net-# Main Package > bigip2.f5.routedlogic.net-# Product BIG-IP > bigip2.f5.routedlogic.net-# Version 11.1.0 > bigip2.f5.routedlogic.net-# Build 1943.0 > bigip2.f5.routedlogic.net-# Edition Final > -- > bigip3.f5.routedlogic.net:#Sys::Version > bigip3.f5.routedlogic.net-# Main Package > bigip3.f5.routedlogic.net-# Product BIG-IP > bigip3.f5.routedlogic.net-# Version 10.1.0 > bigip3.f5.routedlogic.net-# Build 3341.1084 > bigip3.f5.routedlogic.net-# Edition Final > > Colin, Works for me too. Thanks for the patch. -ryan From matthew at walster.org Mon May 14 11:13:01 2012 From: matthew at walster.org (Matthew Walster) Date: Mon, 14 May 2012 12:13:01 +0100 Subject: [rancid] F5 BIG-IP devices - any tricks? In-Reply-To: <5DC4853C6CC3EE4788779E0726E034DD011D3210@zy-ex1.zyedge.local> References: <20120428072205.GA24822@shrubbery.net> <5DC4853C6CC3EE4788779E0726E034DD011A1D19@zy-ex1.zyedge.local> <5DC4853C6CC3EE4788779E0726E034DD011AAD54@zy-ex1.zyedge.local> <5DC4853C6CC3EE4788779E0726E034DD011D3210@zy-ex1.zyedge.local> Message-ID: On 6 May 2012 20:20, Ryan West wrote: > > Works for me too. Thanks for the patch. Since applying the patch, I started to get a few "has not been able to contact for 24 hours" messages. The logs say: starting: Mon May 14 10:01:01 UTC 2012 Trying to get all of the configs. myloadbalancer2: missed cmd(s): ls --full-time --color=never /config/ssl/ssl.crt,ls --full-time --color=never /config/ssl/ssl.key ===================================== Getting missed routers: round 1. myloadbalancer2: missed cmd(s): ls --full-time --color=never /config/ssl/ssl.crt,ls --full-time --color=never /config/ssl/ssl.key ===================================== Getting missed routers: round 2. myloadbalancer2: missed cmd(s): ls --full-time --color=never /config/ssl/ssl.crt,ls --full-time --color=never /config/ssl/ssl.key ===================================== Getting missed routers: round 3. myloadbalancer2: missed cmd(s): ls --full-time --color=never /config/ssl/ssl.crt,ls --full-time --color=never /config/ssl/ssl.key ===================================== Getting missed routers: round 4. devlb02.dev.tradefair: missed cmd(s): ls --full-time --color=never /config/ssl/ssl.crt,ls --full-time --color=never /config/ssl/ssl.key Sending configs/myloadbalancer1 Transmitting file data ... Committed revision 11893. ending: Mon May 14 10:06:26 UTC 2012 In order to fix these, I just commented out the licence checks lines in the two command tables, then everything worked fine! Has anyone else come across this issue? Matthew Walster -------------- next part -------------- An HTML attachment was scrubbed... URL: From rwest at zyedge.com Mon May 14 12:24:10 2012 From: rwest at zyedge.com (Ryan West) Date: Mon, 14 May 2012 12:24:10 +0000 Subject: [rancid] F5 BIG-IP devices - any tricks? In-Reply-To: References: <20120428072205.GA24822@shrubbery.net> <5DC4853C6CC3EE4788779E0726E034DD011A1D19@zy-ex1.zyedge.local> <5DC4853C6CC3EE4788779E0726E034DD011AAD54@zy-ex1.zyedge.local> <5DC4853C6CC3EE4788779E0726E034DD011D3210@zy-ex1.zyedge.local>, Message-ID: <61180D03-DD3F-4203-9B1F-A2A4B3A753EC@zyedge.com> Comment those lines out, they have never worked for me. I've recompiled expect for the bug and it doesn't seem to help. Sent from handheld On May 14, 2012, at 7:13 AM, "Matthew Walster" > wrote: On 6 May 2012 20:20, Ryan West > wrote: Works for me too. Thanks for the patch. Since applying the patch, I started to get a few "has not been able to contact for 24 hours" messages. The logs say: starting: Mon May 14 10:01:01 UTC 2012 Trying to get all of the configs. myloadbalancer2: missed cmd(s): ls --full-time --color=never /config/ssl/ssl.crt,ls --full-time --color=never /config/ssl/ssl.key ===================================== Getting missed routers: round 1. myloadbalancer2: missed cmd(s): ls --full-time --color=never /config/ssl/ssl.crt,ls --full-time --color=never /config/ssl/ssl.key ===================================== Getting missed routers: round 2. myloadbalancer2: missed cmd(s): ls --full-time --color=never /config/ssl/ssl.crt,ls --full-time --color=never /config/ssl/ssl.key ===================================== Getting missed routers: round 3. myloadbalancer2: missed cmd(s): ls --full-time --color=never /config/ssl/ssl.crt,ls --full-time --color=never /config/ssl/ssl.key ===================================== Getting missed routers: round 4. devlb02.dev.tradefair: missed cmd(s): ls --full-time --color=never /config/ssl/ssl.crt,ls --full-time --color=never /config/ssl/ssl.key Sending configs/myloadbalancer1 Transmitting file data ... Committed revision 11893. ending: Mon May 14 10:06:26 UTC 2012 In order to fix these, I just commented out the licence checks lines in the two command tables, then everything worked fine! Has anyone else come across this issue? Matthew Walster -------------- next part -------------- An HTML attachment was scrubbed... URL: From cstubbs at gmail.com Mon May 14 21:58:45 2012 From: cstubbs at gmail.com (Colin Stubbs) Date: Tue, 15 May 2012 07:58:45 +1000 Subject: [rancid] F5 BIG-IP devices - any tricks? In-Reply-To: <61180D03-DD3F-4203-9B1F-A2A4B3A753EC@zyedge.com> References: <20120428072205.GA24822@shrubbery.net> <5DC4853C6CC3EE4788779E0726E034DD011A1D19@zy-ex1.zyedge.local> <5DC4853C6CC3EE4788779E0726E034DD011AAD54@zy-ex1.zyedge.local> <5DC4853C6CC3EE4788779E0726E034DD011D3210@zy-ex1.zyedge.local> <61180D03-DD3F-4203-9B1F-A2A4B3A753EC@zyedge.com> Message-ID: What O/S or distro you running RANCID on? Expect versions? BIGIP versions? etc I've seen the same thing back on EL3/4 a few years ago. Mostly rancid used to have issues with the ls /config/ssl/ssl.xxx commands for me. Again, I either commented them out, or replaced the command with something else that worked without issue (a script on the F5 that did the same thing at one point). I havn't had any issues for quite awhile though, mostly since moving away from EL3/4 and using EL5/6 in production and Fedora 14/15/16 at home. On 14 May 2012 22:24, Ryan West wrote: > Comment those lines out, they have never worked for me. I've recompiled > expect for the bug and it doesn't seem to help. > > Sent from handheld > > On May 14, 2012, at 7:13 AM, "Matthew Walster" wrote: > > > > On 6 May 2012 20:20, Ryan West wrote: >> >> Works for me too. ?Thanks for the patch. > > > Since applying the patch, I started to get a few "has not been able to > contact for 24 hours" messages. > > The logs say: > > starting: Mon May 14 10:01:01 UTC 2012 > > > > Trying to get all of the configs. > myloadbalancer2: missed cmd(s): ls --full-time --color=never > /config/ssl/ssl.crt,ls --full-time --color=never /config/ssl/ssl.key > ===================================== > Getting missed routers: round 1. > myloadbalancer2: missed cmd(s): ls --full-time --color=never > /config/ssl/ssl.crt,ls --full-time --color=never /config/ssl/ssl.key > ===================================== > Getting missed routers: round 2. > myloadbalancer2: missed cmd(s): ls --full-time --color=never > /config/ssl/ssl.crt,ls --full-time --color=never /config/ssl/ssl.key > ===================================== > Getting missed routers: round 3. > myloadbalancer2: missed cmd(s): ls --full-time --color=never > /config/ssl/ssl.crt,ls --full-time --color=never /config/ssl/ssl.key > ===================================== > Getting missed routers: round 4. > devlb02.dev.tradefair: missed cmd(s): ls --full-time --color=never > /config/ssl/ssl.crt,ls --full-time --color=never /config/ssl/ssl.key > > Sending ? ? ? ?configs/myloadbalancer1 > Transmitting file data ... > Committed revision 11893. > > ending: Mon May 14 10:06:26 UTC 2012 > > > In order to fix these, I just commented out the licence checks lines in the > two command tables, then everything worked fine! Has anyone else come across > this issue? > > Matthew Walster > From rwest at zyedge.com Tue May 15 00:56:20 2012 From: rwest at zyedge.com (Ryan West) Date: Tue, 15 May 2012 00:56:20 +0000 Subject: [rancid] F5 BIG-IP devices - any tricks? In-Reply-To: References: <20120428072205.GA24822@shrubbery.net> <5DC4853C6CC3EE4788779E0726E034DD011A1D19@zy-ex1.zyedge.local> <5DC4853C6CC3EE4788779E0726E034DD011AAD54@zy-ex1.zyedge.local> <5DC4853C6CC3EE4788779E0726E034DD011D3210@zy-ex1.zyedge.local> <61180D03-DD3F-4203-9B1F-A2A4B3A753EC@zyedge.com> Message-ID: <5DC4853C6CC3EE4788779E0726E034DD013AD78B@zy-ex1.zyedge.local> On Mon, May 14, 2012 at 17:58:45, Colin Stubbs wrote: > discuss at shrubbery.net > Subject: Re: [rancid] F5 BIG-IP devices - any tricks? > > What O/S or distro you running RANCID on? Expect versions? BIGIP versions? > etc > Debian 6.0.5, compiled expect 5.45, RANCID 2.3.8, LTM 11.0.0/10.2.3/10.2.0/10.0.1/9.4.8 It always works with rancid-run -r for that device, but never completes a normal run unless the 'ls -al' command is stripped. > I've seen the same thing back on EL3/4 a few years ago. Mostly rancid > used to have issues with the ls /config/ssl/ssl.xxx commands for me. > Again, I either commented them out, or replaced the command with > something else that worked without issue (a script on the F5 that did > the same thing at one point). > > I havn't had any issues for quite awhile though, mostly since moving > away from EL3/4 and using EL5/6 in production and Fedora 14/15/16 at home. > > On 14 May 2012 22:24, Ryan West wrote: > > Comment those lines out, they have never worked for me. I've > > recompiled expect for the bug and it doesn't seem to help. > > From ler762 at gmail.com Fri May 18 02:53:07 2012 From: ler762 at gmail.com (Lee) Date: Thu, 17 May 2012 22:53:07 -0400 Subject: [rancid] F5 BIG-IP devices - any tricks? In-Reply-To: References: <20120428072205.GA24822@shrubbery.net> <5DC4853C6CC3EE4788779E0726E034DD011A1D19@zy-ex1.zyedge.local> <5DC4853C6CC3EE4788779E0726E034DD011AAD54@zy-ex1.zyedge.local> <5DC4853C6CC3EE4788779E0726E034DD011D3210@zy-ex1.zyedge.local> Message-ID: On 5/14/12, Matthew Walster wrote: > On 6 May 2012 20:20, Ryan West wrote: >> >> Works for me too. Thanks for the patch. > > > Since applying the patch, I started to get a few "has not been able to > contact for 24 hours" messages. > > The logs say: > > starting: Mon May 14 10:01:01 UTC 2012 > > > > Trying to get all of the configs. > myloadbalancer2: missed cmd(s): ls --full-time --color=never > /config/ssl/ssl.crt,ls --full-time --color=never /config/ssl/ssl.key > ===================================== > Getting missed routers: round 1. > myloadbalancer2: missed cmd(s): ls --full-time --color=never > /config/ssl/ssl.crt,ls --full-time --color=never /config/ssl/ssl.key > ===================================== > Getting missed routers: round 2. > myloadbalancer2: missed cmd(s): ls --full-time --color=never > /config/ssl/ssl.crt,ls --full-time --color=never /config/ssl/ssl.key > ===================================== > Getting missed routers: round 3. > myloadbalancer2: missed cmd(s): ls --full-time --color=never > /config/ssl/ssl.crt,ls --full-time --color=never /config/ssl/ssl.key > ===================================== > Getting missed routers: round 4. > devlb02.dev.tradefair: missed cmd(s): ls --full-time --color=never > /config/ssl/ssl.crt,ls --full-time --color=never /config/ssl/ssl.key > > Sending configs/myloadbalancer1 > Transmitting file data ... > Committed revision 11893. > > ending: Mon May 14 10:06:26 UTC 2012 > > > In order to fix these, I just commented out the licence checks lines in the > two command tables, then everything worked fine! Has anyone else come > across this issue? I think so - I didn't bother to comment the changes I made in f5rancid, so not sure :( I don't remember if getting rid of [space][cr] is needed or a remnant of trying to figure out the problem, but commenting out the 'return (1) if ...' did the trick: # This routine parses "ls --full-time --color=never /config/ssl/ssl.key" sub ShowSslKey { print STDERR " In ShowSslKey: $_" if ($debug); while () { s/ \015//; # -LR- tr/\015//d; # v9 software license does not have CR at EOF s/^#-+($prompt.*)/$1/; last if (/^$prompt/); next if (/^(\s*|\s*$cmd\s*)$/); ## LR return(1) if /^\s*\^\s*$/; and # This routine parses "ls --full-time --color=never /config/ssl/ssl.crt" sub ShowSslCrt { print STDERR " In ShowSslCrt: $_" if ($debug); while () { s/ \015//; # -LR- [space][cr] tr/\015//d; # v9 software license does not have CR at EOF s/^#-+($prompt.*)/$1/; last if (/^$prompt/); next if (/^(\s*|\s*$cmd\s*)$/); ## LR return(1) if /^\s*\^\s*$/; Regards, Lee From rwest at zyedge.com Sun May 20 23:50:17 2012 From: rwest at zyedge.com (Ryan West) Date: Sun, 20 May 2012 23:50:17 +0000 Subject: [rancid] F5 BIG-IP devices - any tricks? In-Reply-To: References: <20120428072205.GA24822@shrubbery.net> <5DC4853C6CC3EE4788779E0726E034DD011A1D19@zy-ex1.zyedge.local> <5DC4853C6CC3EE4788779E0726E034DD011AAD54@zy-ex1.zyedge.local> <5DC4853C6CC3EE4788779E0726E034DD011D3210@zy-ex1.zyedge.local> Message-ID: <5DC4853C6CC3EE4788779E0726E034DD013C4727@zy-ex1.zyedge.local> On Thu, May 17, 2012 at 22:53:07, Lee wrote: > Subject: Re: [rancid] F5 BIG-IP devices - any tricks? > > On 5/14/12, Matthew Walster wrote: > > On 6 May 2012 20:20, Ryan West wrote: > >> > >> Works for me too. Thanks for the patch. > > > > > > Since applying the patch, I started to get a few "has not been able > > to contact for 24 hours" messages. > > > > I think so - I didn't bother to comment the changes I made in > f5rancid, so not sure :( I don't remember if getting rid of > [space][cr] is needed or a remnant of trying to figure out the > problem, but commenting out the 'return > (1) if ...' did the trick: > > # This routine parses "ls --full-time --color=never /config/ssl/ssl.key" > sub ShowSslKey { > print STDERR " In ShowSslKey: $_" if ($debug); > > while () { > s/ \015//; # -LR- > tr/\015//d; > # v9 software license does not have CR at EOF > s/^#-+($prompt.*)/$1/; > last if (/^$prompt/); > next if (/^(\s*|\s*$cmd\s*)$/); > ## LR return(1) if /^\s*\^\s*$/; > > and > > # This routine parses "ls --full-time --color=never /config/ssl/ssl.crt" > sub ShowSslCrt { > print STDERR " In ShowSslCrt: $_" if ($debug); > > while () { > s/ \015//; # -LR- [space][cr] > tr/\015//d; > # v9 software license does not have CR at EOF > s/^#-+($prompt.*)/$1/; > last if (/^$prompt/); > next if (/^(\s*|\s*$cmd\s*)$/); > ## LR return(1) if /^\s*\^\s*$/; > Lee, I tried both variants and neither seemed to help. I've always been able to run a full backup of the devices with rancid-run -r , but the cron continues to fail on those two routines. Thanks, -ryan From jamesc at image-engine.com Tue May 22 20:38:03 2012 From: jamesc at image-engine.com (James Clendenan) Date: Tue, 22 May 2012 20:38:03 +0000 Subject: [rancid] packaging Rancid 2.3.8 for rhel6/centos6 Message-ID: Hi everyone, I've re-packed the latest version of rancid 2.3.8 on Centos6 and included a patch for the HP components as well. Hope you find it useful. James -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: rancid-2.3.8-1.el6.src.rpm Type: application/x-rpm Size: 386114 bytes Desc: rancid-2.3.8-1.el6.src.rpm URL: From michael6at at yahoo.de Thu May 24 15:01:00 2012 From: michael6at at yahoo.de (Michael) Date: Thu, 24 May 2012 15:01:00 +0000 (UTC) Subject: [rancid] Rancid enable problem Message-ID: Hy Guy?s, I have a really crazy Problem with Rancid on Ubuntu, I have now ca. 70 Devices in my cloginrc file from simple switch to ASA Firewalls everything runs perfekt. Now I have added another ASA5510. I try to login with clogin IP and I could log in, but the enable command doesn?t come. In my Rancid logs I see the following: missed cmd(s): write term,show redundancy secondary End of run not found !DEBUG: ^ My cloginrc entry for this device looks like the following: add password 193.186.1.2 {userpw} {enablepw} add autoenable 193.186.1.2 1 I don?t understand whats going on here, this is the only Device that doesn?t work. I hope somebody help me From rwest at zyedge.com Thu May 24 15:14:06 2012 From: rwest at zyedge.com (Ryan West) Date: Thu, 24 May 2012 15:14:06 +0000 Subject: [rancid] Rancid enable problem In-Reply-To: References: Message-ID: Set autoenable to 0 Sent from handheld On May 24, 2012, at 11:11 AM, "Michael" wrote: > Hy Guy?s, > > I have a really crazy Problem with Rancid on Ubuntu, > I have now ca. 70 Devices in my cloginrc file > from simple switch to ASA Firewalls everything runs perfekt. > Now I have added another ASA5510. > I try to login with clogin IP and I could log > in, but the enable command doesn?t come. > In my Rancid logs I see the following: > > missed cmd(s): write term,show redundancy secondary > End of run not found > !DEBUG: ^ > > My cloginrc entry for this device looks like the following: > add password 193.186.1.2 {userpw} {enablepw} > add autoenable 193.186.1.2 1 > > > I don?t understand whats going on here, this > is the only Device that doesn?t work. > > I hope somebody help me > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss From teddyalf at gmail.com Thu May 24 15:17:37 2012 From: teddyalf at gmail.com (teddyalf) Date: Thu, 24 May 2012 17:17:37 +0200 Subject: [rancid] ASA Cisco autocommand Message-ID: Hi all, I have a problem with an user connecting to a cisco ASA. I'm using the auto command "feature" for the rancid user so it logs in and then the firewall shows its config. After that the connection is closed. It seems that rancid 2.3.8 doesn't like this behaviour so I receive these errors: clogin error: Error: TIMEOUT reached 10.20.20.1: End of run not found Anybody tried and solved the problem? I tried with another with no auto command "feature" and everything work. Byeee and thank you, Teddy. From rwest at zyedge.com Thu May 24 16:06:22 2012 From: rwest at zyedge.com (Ryan West) Date: Thu, 24 May 2012 16:06:22 +0000 Subject: [rancid] ASA Cisco autocommand In-Reply-To: References: Message-ID: <7D5D3A03-8DA2-4659-A340-DAB2AA95D7E9@zyedge.com> Can you give an example of autocommand? Not sure what you mean. Sent from handheld On May 24, 2012, at 11:47 AM, "teddyalf" wrote: > Hi all, > I have a problem with an user connecting to a cisco ASA. > I'm using the auto command "feature" for the rancid user so it logs in > and then the firewall shows its config. After that the connection is > closed. It seems that rancid 2.3.8 doesn't like this behaviour so I > receive these errors: > > clogin error: Error: TIMEOUT reached > 10.20.20.1: End of run not found > > Anybody tried and solved the problem? > I tried with another with no auto command "feature" and everything work. > > Byeee and thank you, > > Teddy. > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss From adam.korab at gmail.com Thu May 24 16:45:05 2012 From: adam.korab at gmail.com (Adam Korab) Date: Thu, 24 May 2012 11:45:05 -0500 Subject: [rancid] Rancid enable problem In-Reply-To: References: Message-ID: <-5898066504269475923@unknownmsgid> And as always remember that the first match in cloginrc wins, so make sure you place the autoenable statement in the right place for the given device. --Adam -- Adam Korab On May 24, 2012, at 10:14, Ryan West wrote: > Set autoenable to 0 > > Sent from handheld > > On May 24, 2012, at 11:11 AM, "Michael" wrote: > >> Hy Guy?s, >> >> I have a really crazy Problem with Rancid on Ubuntu, >> I have now ca. 70 Devices in my cloginrc file >> from simple switch to ASA Firewalls everything runs perfekt. >> Now I have added another ASA5510. >> I try to login with clogin IP and I could log >> in, but the enable command doesn?t come. >> In my Rancid logs I see the following: >> >> missed cmd(s): write term,show redundancy secondary >> End of run not found >> !DEBUG: ^ >> >> My cloginrc entry for this device looks like the following: >> add password 193.186.1.2 {userpw} {enablepw} >> add autoenable 193.186.1.2 1 >> >> >> I don?t understand whats going on here, this >> is the only Device that doesn?t work. >> >> I hope somebody help me >> >> _______________________________________________ >> Rancid-discuss mailing list >> Rancid-discuss at shrubbery.net >> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss From michael6at at yahoo.de Fri May 25 06:25:31 2012 From: michael6at at yahoo.de (michael schnatterer) Date: Fri, 25 May 2012 07:25:31 +0100 (BST) Subject: [rancid] Rancid enable problem In-Reply-To: <-5898066504269475923@unknownmsgid> References: <-5898066504269475923@unknownmsgid> Message-ID: <1337927131.82040.YahooMailNeo@web29012.mail.ird.yahoo.com> Hy Guy's, Thanks for the answers. I try to set the autoenable value to 0 with the same success... Yes it looks for me also, that the device doesn't have autoenable, but how could i resolve the problem? Maybe you could tell me,I'am a rancid newbie sorry. Where should i place the autoenable command? Thanks and best regards ________________________________ Von: Adam Korab An: Ryan West CC: Michael ; "rancid-discuss at shrubbery.net" Gesendet: 18:45 Donnerstag, 24.Mai 2012 Betreff: Re: [rancid] Rancid enable problem And as always remember that the first match in cloginrc wins, so make sure you place the autoenable statement in the right place for the given device. --Adam -- Adam Korab On May 24, 2012, at 10:14, Ryan West wrote: > Set autoenable to 0 > > Sent from handheld > > On May 24, 2012, at 11:11 AM, "Michael" wrote: > >> Hy Guy?s, >> >> I have a really crazy Problem with Rancid on Ubuntu, >> I have now ca. 70 Devices in my cloginrc file >> from simple switch to ASA Firewalls everything runs perfekt. >> Now I have added another ASA5510. >> I try to login with clogin IP and I could log >> in, but the enable command doesn?t come. >> In my Rancid logs I see the following: >> >> missed cmd(s): write term,show redundancy secondary >> End of run not found >> !DEBUG:? ? ? ? ? ? ? ^ >> >> My cloginrc entry for this device looks like the following: >> add password 193.186.1.2 {userpw} {enablepw} >> add autoenable 193.186.1.2 1 >> >> >> I don?t understand whats going on here, this >> is the only Device that doesn?t work. >> >> I hope somebody? help me >> >> _______________________________________________ >> Rancid-discuss mailing list >> Rancid-discuss at shrubbery.net >> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss -------------- next part -------------- An HTML attachment was scrubbed... URL: From ambis28 at yahoo.com Fri May 25 06:36:45 2012 From: ambis28 at yahoo.com (hari haran) Date: Fri, 25 May 2012 14:36:45 +0800 (SGT) Subject: [rancid] Subcription details Message-ID: <1337927805.38348.YahooMailNeo@web193206.mail.sg3.yahoo.com> Hi Team, Please send my subscription login name and password Regards Hariharan -------------- next part -------------- An HTML attachment was scrubbed... URL: From ambis28 at yahoo.com Fri May 25 06:39:59 2012 From: ambis28 at yahoo.com (hari haran) Date: Fri, 25 May 2012 14:39:59 +0800 (SGT) Subject: [rancid] Need help for Alcatel Omni Switch login Message-ID: <1337927999.91558.YahooMailNeo@web193203.mail.sg3.yahoo.com> Hi Team, Unable to login to Alcatel omni switch. Error Timeout reached. Regards Hariharan -------------- next part -------------- An HTML attachment was scrubbed... URL: From teddyalf at gmail.com Fri May 25 07:04:00 2012 From: teddyalf at gmail.com (teddyalf) Date: Fri, 25 May 2012 09:04:00 +0200 Subject: [rancid] ASA Cisco autocommand In-Reply-To: <7D5D3A03-8DA2-4659-A340-DAB2AA95D7E9@zyedge.com> References: <7D5D3A03-8DA2-4659-A340-DAB2AA95D7E9@zyedge.com> Message-ID: username rancid privilege 15 autocommand show running-config view full On Thu, May 24, 2012 at 6:06 PM, Ryan West wrote: > Can you give an example of autocommand? ?Not sure what you mean. > > Sent from handheld > > On May 24, 2012, at 11:47 AM, "teddyalf" wrote: > >> Hi all, >> I have a problem with an user connecting to a cisco ASA. >> I'm using the auto command "feature" for the rancid user so it logs in >> and then the firewall shows its config. After that the connection is >> closed. It seems that rancid 2.3.8 doesn't like this behaviour so I >> receive these errors: >> >> clogin error: Error: TIMEOUT reached >> 10.20.20.1: End of run not found >> >> Anybody tried and solved the problem? >> I tried with another with no auto command "feature" and everything work. >> >> Byeee and thank you, >> >> Teddy. >> _______________________________________________ >> Rancid-discuss mailing list >> Rancid-discuss at shrubbery.net >> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss From ambis28 at gmail.com Fri May 25 09:14:24 2012 From: ambis28 at gmail.com (hari haran) Date: Fri, 25 May 2012 02:14:24 -0700 Subject: [rancid] login issue : timeout reached for Omniswitch Message-ID: Hi All, I have downloaded ologin and orancid for Alcatel omni switch. But when i execute bin/ologin Give Error : Timeout reached. unable to login. Please help to resolve this issue. Regards Hari -------------- next part -------------- An HTML attachment was scrubbed... URL: From heas at shrubbery.net Fri May 25 12:46:37 2012 From: heas at shrubbery.net (heasley) Date: Fri, 25 May 2012 12:46:37 +0000 Subject: [rancid] ASA Cisco autocommand In-Reply-To: References: <7D5D3A03-8DA2-4659-A340-DAB2AA95D7E9@zyedge.com> Message-ID: <20120525124637.GG79529@shrubbery.net> Fri, May 25, 2012 at 09:04:00AM +0200, teddyalf: > username rancid privilege 15 autocommand show running-config view full i have to ask; why would you do that? > On Thu, May 24, 2012 at 6:06 PM, Ryan West wrote: > > Can you give an example of autocommand? ?Not sure what you mean. > > > > Sent from handheld > > > > On May 24, 2012, at 11:47 AM, "teddyalf" wrote: > > > >> Hi all, > >> I have a problem with an user connecting to a cisco ASA. > >> I'm using the auto command "feature" for the rancid user so it logs in > >> and then the firewall shows its config. After that the connection is > >> closed. It seems that rancid 2.3.8 doesn't like this behaviour so I > >> receive these errors: > >> > >> clogin error: Error: TIMEOUT reached > >> 10.20.20.1: End of run not found > >> > >> Anybody tried and solved the problem? > >> I tried with another with no auto command "feature" and everything work. > >> > >> Byeee and thank you, > >> > >> Teddy. > >> _______________________________________________ > >> Rancid-discuss mailing list > >> Rancid-discuss at shrubbery.net > >> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss From rwest at zyedge.com Fri May 25 13:26:06 2012 From: rwest at zyedge.com (Ryan West) Date: Fri, 25 May 2012 13:26:06 +0000 Subject: [rancid] Rancid enable problem In-Reply-To: <1337927131.82040.YahooMailNeo@web29012.mail.ird.yahoo.com> References: <-5898066504269475923@unknownmsgid> <1337927131.82040.YahooMailNeo@web29012.mail.ird.yahoo.com> Message-ID: <5DC4853C6CC3EE4788779E0726E034DD013DC4D0@zy-ex1.zyedge.local> On Fri, May 25, 2012 at 02:25:31, michael schnatterer wrote: > Subject: Re: [rancid] Rancid enable problem > > Hy Guy's, > > Thanks for the answers. > I try to set the autoenable value to 0 with the same success... > Yes it looks for me also, that the device doesn't have autoenable, but > how could i resolve the problem? > Maybe you could tell me,I'am a rancid newbie sorry. > > Where should i place the autoenable command? > Here's an example of a typical ASA for me: # AEI Firewalls add user customer-fw* username add password customer-fw* {password} {password} add autoenable customer-fw* 0 add method customer-fw* ssh From michael6at at yahoo.de Tue May 29 06:47:51 2012 From: michael6at at yahoo.de (michael schnatterer) Date: Tue, 29 May 2012 07:47:51 +0100 (BST) Subject: [rancid] Rancid enable problem In-Reply-To: <5DC4853C6CC3EE4788779E0726E034DD013DC4D0@zy-ex1.zyedge.local> References: <-5898066504269475923@unknownmsgid> <1337927131.82040.YahooMailNeo@web29012.mail.ird.yahoo.com> <5DC4853C6CC3EE4788779E0726E034DD013DC4D0@zy-ex1.zyedge.local> Message-ID: <1338274071.77675.YahooMailNeo@web29003.mail.ird.yahoo.com> Hy Guy's Thanks for your help, but it wouldn't work... I tried with clogin -autoenable 193.186.1.2 but the enable command doesn't come. I tried to write the add autoenable 193.186.1.2 1 or 0 on the top of my cloginrc, without success. I'am a little bit frustrated about the problem :( have anybody any other idea? Realy thanks for every help ________________________________ Von: Ryan West An: michael schnatterer ; Adam Korab CC: "rancid-discuss at shrubbery.net" Gesendet: 15:26 Freitag, 25.Mai 2012 Betreff: RE: [rancid] Rancid enable problem On Fri, May 25, 2012 at 02:25:31, michael schnatterer wrote: > Subject: Re: [rancid] Rancid enable problem > > Hy Guy's, > > Thanks for the answers. > I try to set the autoenable value to 0 with the same success... > Yes it looks for me also, that the device doesn't have autoenable, but > how could i resolve the problem? > Maybe you could tell me,I'am a rancid newbie sorry. > > Where should i place the autoenable command? > Here's an example of a typical ASA for me: # AEI Firewalls add user customer-fw*? ? ? ? ? username add password customer-fw*? ? ? {password}??? {password} add autoenable customer-fw*? ? 0 add method customer-fw*? ? ? ? ? ? ? ? ssh -------------- next part -------------- An HTML attachment was scrubbed... URL: From rwest at zyedge.com Tue May 29 11:56:26 2012 From: rwest at zyedge.com (Ryan West) Date: Tue, 29 May 2012 11:56:26 +0000 Subject: [rancid] Rancid enable problem In-Reply-To: <1338274071.77675.YahooMailNeo@web29003.mail.ird.yahoo.com> References: <-5898066504269475923@unknownmsgid> <1337927131.82040.YahooMailNeo@web29012.mail.ird.yahoo.com> <5DC4853C6CC3EE4788779E0726E034DD013DC4D0@zy-ex1.zyedge.local> <1338274071.77675.YahooMailNeo@web29003.mail.ird.yahoo.com> Message-ID: <5DC4853C6CC3EE4788779E0726E034DD013F98A1@zy-ex1.zyedge.local> On Tue, May 29, 2012 at 02:47:51, michael schnatterer wrote: > Subject: Re: [rancid] Rancid enable problem > > Hy Guy's > > Thanks for your help, but it wouldn't work... > I tried with clogin -autoenable 193.186.1.2 but the enable command > doesn't come. > I tried to write the add autoenable 193.186.1.2 1 or 0 on the top of > my cloginrc, without success. > > I'am a little bit frustrated about the problem :( > > have anybody any other idea? > > Realy thanks for every help When you login to the device manually with the RANCID username, what exactly do you type? Is it {username}, followed by {password}, then enable, followed by the same {password}? From michael6at at yahoo.de Tue May 29 12:46:50 2012 From: michael6at at yahoo.de (michael schnatterer) Date: Tue, 29 May 2012 13:46:50 +0100 (BST) Subject: [rancid] Rancid enable problem In-Reply-To: <5DC4853C6CC3EE4788779E0726E034DD013F98A1@zy-ex1.zyedge.local> References: <-5898066504269475923@unknownmsgid> <1337927131.82040.YahooMailNeo@web29012.mail.ird.yahoo.com> <5DC4853C6CC3EE4788779E0726E034DD013DC4D0@zy-ex1.zyedge.local> <1338274071.77675.YahooMailNeo@web29003.mail.ird.yahoo.com> <5DC4853C6CC3EE4788779E0726E034DD013F98A1@zy-ex1.zyedge.local> Message-ID: <1338295610.94640.YahooMailNeo@web29011.mail.ird.yahoo.com> In this case i have an other username as RANCID, but this username is entered in the cloginrc too. add user 193.186.1.2 {User} I login with the User and a password, after that i write enable and enter an other password as the first one. Thanks ________________________________ Von: Ryan West An: michael schnatterer ; Adam Korab CC: "rancid-discuss at shrubbery.net" Gesendet: 13:56 Dienstag, 29.Mai 2012 Betreff: RE: [rancid] Rancid enable problem On Tue, May 29, 2012 at 02:47:51, michael schnatterer wrote: > Subject: Re: [rancid] Rancid enable problem > > Hy Guy's > > Thanks for your help, but it wouldn't work... > I tried with clogin -autoenable 193.186.1.2 but the enable command > doesn't come. > I tried to write the add autoenable 193.186.1.2 1 or 0 on the top of > my cloginrc, without success. > > I'am a little bit frustrated about the problem :( > > have anybody any other idea? > > Realy thanks for every help When you login to the device manually with the RANCID username, what exactly do you type?? Is it {username}, followed by {password}, then enable, followed by the same {password}? -------------- next part -------------- An HTML attachment was scrubbed... URL: From rwest at zyedge.com Tue May 29 12:49:43 2012 From: rwest at zyedge.com (Ryan West) Date: Tue, 29 May 2012 12:49:43 +0000 Subject: [rancid] Rancid enable problem In-Reply-To: <1338295610.94640.YahooMailNeo@web29011.mail.ird.yahoo.com> References: <-5898066504269475923@unknownmsgid> <1337927131.82040.YahooMailNeo@web29012.mail.ird.yahoo.com> <5DC4853C6CC3EE4788779E0726E034DD013DC4D0@zy-ex1.zyedge.local> <1338274071.77675.YahooMailNeo@web29003.mail.ird.yahoo.com> <5DC4853C6CC3EE4788779E0726E034DD013F98A1@zy-ex1.zyedge.local>, <1338295610.94640.YahooMailNeo@web29011.mail.ird.yahoo.com> Message-ID: Paste a sanitized version of your .cloginrc file. Sent from handheld On May 29, 2012, at 8:46 AM, "michael schnatterer" > wrote: In this case i have an other username as RANCID, but this username is entered in the cloginrc too. add user 193.186.1.2 {User} I login with the User and a password, after that i write enable and enter an other password as the first one. Thanks ________________________________ Von: Ryan West > An: michael schnatterer >; Adam Korab > CC: "rancid-discuss at shrubbery.net" > Gesendet: 13:56 Dienstag, 29.Mai 2012 Betreff: RE: [rancid] Rancid enable problem On Tue, May 29, 2012 at 02:47:51, michael schnatterer wrote: > Subject: Re: [rancid] Rancid enable problem > > Hy Guy's > > Thanks for your help, but it wouldn't work... > I tried with clogin -autoenable 193.186.1.2 but the enable command > doesn't come. > I tried to write the add autoenable 193.186.1.2 1 or 0 on the top of > my cloginrc, without success. > > I'am a little bit frustrated about the problem :( > > have anybody any other idea? > > Realy thanks for every help When you login to the device manually with the RANCID username, what exactly do you type? Is it {username}, followed by {password}, then enable, followed by the same {password}? -------------- next part -------------- An HTML attachment was scrubbed... URL: From michael6at at yahoo.de Tue May 29 14:38:36 2012 From: michael6at at yahoo.de (michael schnatterer) Date: Tue, 29 May 2012 15:38:36 +0100 (BST) Subject: [rancid] Rancid enable problem In-Reply-To: References: <-5898066504269475923@unknownmsgid> <1337927131.82040.YahooMailNeo@web29012.mail.ird.yahoo.com> <5DC4853C6CC3EE4788779E0726E034DD013DC4D0@zy-ex1.zyedge.local> <1338274071.77675.YahooMailNeo@web29003.mail.ird.yahoo.com> <5DC4853C6CC3EE4788779E0726E034DD013F98A1@zy-ex1.zyedge.local>, <1338295610.94640.YahooMailNeo@web29011.mail.ird.yahoo.com> Message-ID: <1338302316.46729.YahooMailNeo@web29001.mail.ird.yahoo.com> .cloginrc add user user1 {password} add user * {rancid} #Firewall add password 193.186.1.2 {userpassword} {enablepassword} add autoenable 193.186.1.2 1 or 0 add method * {ssh} {telnet} Thats it, how i said in my further post on every asa firewall work this config Best regards and thanks ________________________________ Von: Ryan West An: michael schnatterer CC: Adam Korab ; "rancid-discuss at shrubbery.net" Gesendet: 14:49 Dienstag, 29.Mai 2012 Betreff: Re: [rancid] Rancid enable problem Paste a sanitized version of your .cloginrc file.? Sent from handheld? On May 29, 2012, at 8:46 AM, "michael schnatterer" wrote: In this case i have an other username as RANCID, but this username is entered in the cloginrc too. > > >add user 193.186.1.2 {User} >I login with the User and a password, after that i write enable and enter an other password as the first one. > > >Thanks > > > > >________________________________ > Von: Ryan West >An: michael schnatterer ; Adam Korab >CC: "rancid-discuss at shrubbery.net" >Gesendet: 13:56 Dienstag, 29.Mai 2012 >Betreff: RE: [rancid] Rancid enable problem > >On Tue, May 29, 2012 at 02:47:51, michael schnatterer wrote: >> Subject: Re: [rancid] Rancid enable problem >> >> Hy Guy's >> >> Thanks for your help, but it wouldn't work... >> I tried with clogin -autoenable 193.186.1.2 but the enable command >> doesn't come. >> I tried to write the add autoenable 193.186.1.2 1 or 0 on the top of >> my cloginrc, without success. >> >> I'am a little bit frustrated about the problem :( >> >> have anybody any other idea? >> >> Realy thanks for every help > >When you login to the device manually with the RANCID username, what exactly do you type?? Is it {username}, followed by {password}, then enable, followed by the same {password}? > > > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From rwest at zyedge.com Tue May 29 15:42:52 2012 From: rwest at zyedge.com (Ryan West) Date: Tue, 29 May 2012 15:42:52 +0000 Subject: [rancid] Rancid enable problem In-Reply-To: <1338302316.46729.YahooMailNeo@web29001.mail.ird.yahoo.com> References: <-5898066504269475923@unknownmsgid> <1337927131.82040.YahooMailNeo@web29012.mail.ird.yahoo.com> <5DC4853C6CC3EE4788779E0726E034DD013DC4D0@zy-ex1.zyedge.local> <1338274071.77675.YahooMailNeo@web29003.mail.ird.yahoo.com> <5DC4853C6CC3EE4788779E0726E034DD013F98A1@zy-ex1.zyedge.local>, <1338295610.94640.YahooMailNeo@web29011.mail.ird.yahoo.com> <1338302316.46729.YahooMailNeo@web29001.mail.ird.yahoo.com> Message-ID: <5DC4853C6CC3EE4788779E0726E034DD013FAEE9@zy-ex1.zyedge.local> The autoenable should be set to 0 for your config. -ryan From: michael schnatterer [mailto:michael6at at yahoo.de] Sent: Tuesday, May 29, 2012 10:39 AM To: Ryan West Cc: Adam Korab; rancid-discuss at shrubbery.net Subject: Re: [rancid] Rancid enable problem .cloginrc add user user1 {password} add user * {rancid} #Firewall add password 193.186.1.2 {userpassword} {enablepassword} add autoenable 193.186.1.2 1 or 0 add method * {ssh} {telnet} Thats it, how i said in my further post on every asa firewall work this config Best regards and thanks ________________________________ Von: Ryan West > An: michael schnatterer > CC: Adam Korab >; "rancid-discuss at shrubbery.net" > Gesendet: 14:49 Dienstag, 29.Mai 2012 Betreff: Re: [rancid] Rancid enable problem Paste a sanitized version of your .cloginrc file. Sent from handheld On May 29, 2012, at 8:46 AM, "michael schnatterer" > wrote: In this case i have an other username as RANCID, but this username is entered in the cloginrc too. add user 193.186.1.2 {User} I login with the User and a password, after that i write enable and enter an other password as the first one. Thanks ________________________________ Von: Ryan West > An: michael schnatterer >; Adam Korab > CC: "rancid-discuss at shrubbery.net" > Gesendet: 13:56 Dienstag, 29.Mai 2012 Betreff: RE: [rancid] Rancid enable problem On Tue, May 29, 2012 at 02:47:51, michael schnatterer wrote: > Subject: Re: [rancid] Rancid enable problem > > Hy Guy's > > Thanks for your help, but it wouldn't work... > I tried with clogin -autoenable 193.186.1.2 but the enable command > doesn't come. > I tried to write the add autoenable 193.186.1.2 1 or 0 on the top of > my cloginrc, without success. > > I'am a little bit frustrated about the problem :( > > have anybody any other idea? > > Realy thanks for every help When you login to the device manually with the RANCID username, what exactly do you type? Is it {username}, followed by {password}, then enable, followed by the same {password}? -------------- next part -------------- An HTML attachment was scrubbed... URL: From michael6at at yahoo.de Wed May 30 14:07:26 2012 From: michael6at at yahoo.de (michael schnatterer) Date: Wed, 30 May 2012 15:07:26 +0100 (BST) Subject: [rancid] Rancid enable problem In-Reply-To: <5DC4853C6CC3EE4788779E0726E034DD013FAEE9@zy-ex1.zyedge.local> References: <-5898066504269475923@unknownmsgid> <1337927131.82040.YahooMailNeo@web29012.mail.ird.yahoo.com> <5DC4853C6CC3EE4788779E0726E034DD013DC4D0@zy-ex1.zyedge.local> <1338274071.77675.YahooMailNeo@web29003.mail.ird.yahoo.com> <5DC4853C6CC3EE4788779E0726E034DD013F98A1@zy-ex1.zyedge.local>, <1338295610.94640.YahooMailNeo@web29011.mail.ird.yahoo.com> <1338302316.46729.YahooMailNeo@web29001.mail.ird.yahoo.com> <5DC4853C6CC3EE4788779E0726E034DD013FAEE9@zy-ex1.zyedge.local> Message-ID: <1338386846.76936.YahooMailNeo@web29014.mail.ird.yahoo.com> Hy, Thanks for your Reply, But i have tried 0 and 1 already... ________________________________ Von: Ryan West An: michael schnatterer CC: Adam Korab ; "rancid-discuss at shrubbery.net" Gesendet: 17:42 Dienstag, 29.Mai 2012 Betreff: RE: [rancid] Rancid enable problem The autoenable should be set to 0 for your config. ? -ryan ? From:michael schnatterer [mailto:michael6at at yahoo.de] Sent: Tuesday, May 29, 2012 10:39 AM To: Ryan West Cc: Adam Korab; rancid-discuss at shrubbery.net Subject: Re: [rancid] Rancid enable problem ? .cloginrc ? add user user1 {password} add user * {rancid} #Firewall add password 193.186.1.2 {userpassword} {enablepassword} add autoenable 193.186.1.2 1 or 0 add method * {ssh} {telnet} Thats it, how i said in my further post on every asa firewall work this config Best regards and thanks ? ________________________________ Von:Ryan West An: michael schnatterer CC: Adam Korab ; "rancid-discuss at shrubbery.net" Gesendet: 14:49 Dienstag, 29.Mai 2012 Betreff: Re: [rancid] Rancid enable problem ? Paste a sanitized version of your .cloginrc file.? Sent from handheld? On May 29, 2012, at 8:46 AM, "michael schnatterer" wrote: In this case i have an other username as RANCID, but this username is entered in the cloginrc too. >? >add user 193.186.1.2 {User} >I login with the User and a password, after that i write enable and enter an other password as the first one. >? >Thanks >? > >________________________________ > >Von:Ryan West >An: michael schnatterer ; Adam Korab >CC: "rancid-discuss at shrubbery.net" >Gesendet: 13:56 Dienstag, 29.Mai 2012 >Betreff: RE: [rancid] Rancid enable problem > >On Tue, May 29, 2012 at 02:47:51, michael schnatterer wrote: >> Subject: Re: [rancid] Rancid enable problem >> >> Hy Guy's >> >> Thanks for your help, but it wouldn't work... >> I tried with clogin -autoenable 193.186.1.2 but the enable command >> doesn't come. >> I tried to write the add autoenable 193.186.1.2 1 or 0 on the top of >> my cloginrc, without success. >> >> I'am a little bit frustrated about the problem :( >> >> have anybody any other idea? >> >> Realy thanks for every help > >When you login to the device manually with the RANCID username, what exactly do you type?? Is it {username}, followed by {password}, then enable, followed by the same {password}? > > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From d.meyers at lancaster.ac.uk Wed May 30 16:19:44 2012 From: d.meyers at lancaster.ac.uk (Meyers, Dan) Date: Wed, 30 May 2012 16:19:44 +0000 Subject: [rancid] Failure logging in to HP Procurve switches Message-ID: I'm having trouble getting rancid to play nicely with some HP Procurve switches we've got on our network. The error I'm getting in the logs is a timeout. If I run hlogin manually with debugging turned on I can see that when it connects to the HPs it does not receive the 'correct' prompt back. If I specify a command to run using -c "sh run" (for example) rancid is expecting to see "Press any key to continue". What it actually sees varies depending on the device in question. Normally it is something like "Prekey any key to continue" or "Press any key to ctntieue". Neither of these match the expected regexp, so of course a timeout occurs. The odd thing is that if you don't specify a command to run with -c both of these prompts always display and are parsed correctly. These prompts are always displayed correctly when logging into the switch myself from the same server using the same username, password and method. However rancid running via the rancid-run command still has issues with these switches, so I am not sure if it is doing the equivalent of a -c "" or not. Running hlogin manually with no command gives the following when it hits the prompt: ---------- H2h2hroEP1 drop xpect: does " \r\r\n\u001b1H\u001b[2h\u001b[?[2h\u001b[2?[2h\u001b[241 droEP1 drop\u001b \u001b" (spawn_id exp6) match regular expression "[\r\n]+"? (No Gate, RE only) gate=yes re=yes expect: set expect_out(0,string) "\r\r\n" expect: set expect_out(spawn_id) "exp6" expect: set expect_out(buffer) " \r\r\n" expect: continuing expect expect: does "\u001b1H\u001b[2h\u001b[?[2h\u001b[2?[2h\u001b[241 droEP1 drop\u001b \u001b" (spawn_id exp6) match regular expression "[\r\n]+"? (No Gate, RE only) gate=yes re=no "^.+#"? Gate "*#"? gate=no expect: timed out Error: TIMEOUT reached ---------- What that prompt *actually*reads, if you log into it manually on the command line, is 'RNEP1 drop# '. I'm not sure where all the control characters in the debug output are coming from, and whether they are actually a problem or not. The log for the rancid-run run contains stuff like this: ---------- Trying to get all of the configs. 172.29.1.18 clogin error: Error: TIMEOUT reached 172.29.1.18: missed cmd(s): show stack,show module,show flash,show version,show system-information,write term,show system information 172.29.1.18: End of run not found ; ===================================== Getting missed routers: round 1. 172.29.1.18 clogin error: Error: TIMEOUT reached 172.29.1.18: missed cmd(s): show stack,show module,show flash,show version,show system-information,write term,show system information 172.29.1.18: End of run not found ; ===================================== Getting missed routers: round 2. 172.29.1.18 clogin error: Error: TIMEOUT reached 172.29.1.18: missed cmd(s): show stack,show module,show flash,show version,show system-information,write term,show system information 172.29.1.18: End of run not found ; ===================================== Getting missed routers: round 3. 172.29.1.18 clogin error: Error: TIMEOUT reached 172.29.1.18: missed cmd(s): show stack,show module,show flash,show version,show system-information,write term,show system information 172.29.1.18: End of run not found ; ===================================== Getting missed routers: round 4. 172.29.1.18 clogin error: Error: TIMEOUT reached 172.29.1.18: missed cmd(s): show stack,show module,show flash,show version,show system-information,write term,show system information 172.29.1.18: End of run not found ; ---------- I note that that says 'clogin error'. Does that mean it's trying to use clogin instead of hlogin even though I've specified in the router.b file that these devices are of type 'hp'? If that is the case, how do I get it to use hlogin? If I have more than 1 router specified in my router.db file then I get some extra output in the log from some of those, as follows: ---------- Getting missed routers: round 1. couldn't compile regular expression pattern: parentheses () not balanced while executing "expect { -re $reprompt {} -re "\[\n\r]+" { exp_continue } }" (procedure "run_commands" line 10) invoked from within "run_commands $prompt $command" ("foreach" body line 142) invoked from within "foreach router [lrange $argv $i end] { set router [string tolower $router] send_user "$router\n" # Figure out prompt. # Since autoena..." (file "/usr/lib/rancid/bin/hlogin" line 595)^M 172.29.4.18: missed cmd(s): show stack,show module,show flash,show version,show system-information,write term,show system information 172.29.4.18: End of run not found ---------- All this is running on an Ubuntu 10.04 LTS 4 bit box installed a few months back. If there is a known issue with the release contained therein (2.3.2) I'm happy to upgrade to 12.04 as it's now out, but I figured it was more likely to be something I was doing wrong so I'd ask on here. All the Ciscos and Junipers we have on the network back up fine, it's just all the HPs I'm having a problem with... -- Dan Meyers Network Support Specialist, Lancaster University From GMourani at prival.ca Wed May 30 17:06:57 2012 From: GMourani at prival.ca (Gerhard Mourani) Date: Wed, 30 May 2012 17:06:57 +0000 Subject: [rancid] missed cmd(s): show full-configuration,get system status Message-ID: <312FF37225924E42A1D3D228EDBD11930E67F242@PRIVALEX.PrivalODC.lan> Helo list, After an update to Rancid version 2.3.8, the method used to login into FortiGate device no longer work and report the following error in the log file. Getting missed routers: round 4. 192.168.2.1 fnlogin error: Error: Couldn't login: 192.168.2.1 192.168.2.1: missed cmd(s): show full-configuration,get system status 0: found end 192.168.2.1: End of run not found With previous version of Rancid, everything worked correctly. According to the above error I've run the following commands to verify if the missed cmd is true or not. /usr/bin/clogin -f /usr/share/rancid/.cloginrc 192.168.2.1 The above works and I can manually run the 'show full-configuration' or 'get system status' command without problem! Therefore no idea about why this error occur now and from which part it's really coming from! Gerhard, -------------- next part -------------- An HTML attachment was scrubbed... URL: From david.byers at liu.se Wed May 30 17:26:11 2012 From: david.byers at liu.se (David Byers) Date: Wed, 30 May 2012 19:26:11 +0200 Subject: [rancid] Failure logging in to HP Procurve switches In-Reply-To: References: Message-ID: <4FC65833.5010309@liu.se> On 05/30/2012 06:19 PM, Meyers, Dan wrote: > I'm having trouble getting rancid to play nicely with some HP Procurve switches we've got on our network. The error I'm getting in the logs is a timeout. If I run hlogin manually with debugging turned on I can see that when it connects to the HPs it does not receive the 'correct' prompt back. > > If I specify a command to run using -c "sh run" (for example) rancid is expecting to see "Press any key to continue". What it actually sees varies depending on the device in question. Normally it is something like "Prekey any key to continue" or "Press any key to ctntieue". Neither of these match the expected regexp, so of course a timeout occurs. The odd thing is that if you don't specify a command to run with -c both of these prompts always display and are parsed correctly. These prompts are always displayed correctly when logging into the switch myself from the same server using the same username, password and method. > > However rancid running via the rancid-run command still has issues with these switches, so I am not sure if it is doing the equivalent of a -c "" or not. Running hlogin manually with no command gives the following when it hits the prompt: You're probably running into a bug in hpuifilter that manifests on certain versions of glibc on 64-bit Linux. Have a look at this message in February for a patch: http://www.gossamer-threads.com/lists/rancid/users/6202 (Though I accidentally reversed the patch.) -- David Byers Link?ping University -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 490 bytes Desc: OpenPGP digital signature URL: From gabbawp at gmail.com Thu May 31 08:30:13 2012 From: gabbawp at gmail.com (Gareth Hopkins) Date: Thu, 31 May 2012 10:30:13 +0200 Subject: [rancid] missed cmd(s): show full-configuration, get system status In-Reply-To: <312FF37225924E42A1D3D228EDBD11930E67F242@PRIVALEX.PrivalODC.lan> References: <312FF37225924E42A1D3D228EDBD11930E67F242@PRIVALEX.PrivalODC.lan> Message-ID: <4092C9D4-A315-47CB-8ECE-6FFB21BE79D8@gmail.com> Hi, If you run fnlogin instead of clogin, you'll see it complains about an ssh port not being specified. I ran into exactly the same problem and mailed the list a couple of weeks ago but heard nothing back unfortunately. A quick work around is to add the following to your cloginrc file add method device_name {ssh:22} I hope someone can take a look at this though. Cheers, Gareth On 30 May 2012, at 7:06 PM, Gerhard Mourani wrote: > Helo list, > > After an update to Rancid version 2.3.8, the method used to login into FortiGate device no longer work and report the following error in the log file. > > Getting missed routers: round 4. > 192.168.2.1 fnlogin error: Error: Couldn't login: 192.168.2.1 > 192.168.2.1: missed cmd(s): show full-configuration,get system status > 0: found end > 192.168.2.1: End of run not found > > With previous version of Rancid, everything worked correctly. According to the above error I?ve run the following commands to verify if the missed cmd is true or not. > > /usr/bin/clogin -f /usr/share/rancid/.cloginrc 192.168.2.1 > The above works and I can manually run the ?show full-configuration? or ?get system status? command without problem! > > Therefore no idea about why this error occur now and from which part it?s really coming from! > > Gerhard, > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss -------------- next part -------------- An HTML attachment was scrubbed... URL: From d.meyers at lancaster.ac.uk Thu May 31 10:10:12 2012 From: d.meyers at lancaster.ac.uk (Meyers, Dan) Date: Thu, 31 May 2012 10:10:12 +0000 Subject: [rancid] Failure logging in to HP Procurve switches In-Reply-To: <4FC65833.5010309@liu.se> References: <4FC65833.5010309@liu.se> Message-ID: > You're probably running into a bug in hpuifilter that manifests on certain > versions of glibc on 64-bit Linux. > > Have a look at this message in February for a patch: > > http://www.gossamer-threads.com/lists/rancid/users/6202 > > (Though I accidentally reversed the patch.) Thanks for this, it does look like my issue :) However as I'm running Ubuntu 10.04 LTS with rancid from packages I'm only on 2.3.2, not whatever version that patch was written for. The code in those areas of hpuifilter.c is somewhat different, making use of strcpy not memcpy/memmove, with surrounding lines having changes as well. For the time being, as it's only a few (5) switches that are not often altered, I'll do manual backups. When 12.04 has its first point release in July I'll upgrade to that, which will give me rancid 2.3.6, then have another look at your patch if I'm still having issues. Dan From GMourani at prival.ca Thu May 31 12:20:30 2012 From: GMourani at prival.ca (Gerhard Mourani) Date: Thu, 31 May 2012 12:20:30 +0000 Subject: [rancid] missed cmd(s): show full-configuration, get system status In-Reply-To: <4092C9D4-A315-47CB-8ECE-6FFB21BE79D8@gmail.com> References: <312FF37225924E42A1D3D228EDBD11930E67F242@PRIVALEX.PrivalODC.lan> <4092C9D4-A315-47CB-8ECE-6FFB21BE79D8@gmail.com> Message-ID: <312FF37225924E42A1D3D228EDBD11930E67F9C5@PRIVALEX.PrivalODC.lan> Thanks Gareth, That's worked for me too. Gerhard, From: Gareth Hopkins [mailto:gabbawp at gmail.com] Sent: May-31-12 4:30 AM To: Gerhard Mourani Cc: rancid-discuss at shrubbery.net Subject: Re: [rancid] missed cmd(s): show full-configuration,get system status Hi, If you run fnlogin instead of clogin, you'll see it complains about an ssh port not being specified. I ran into exactly the same problem and mailed the list a couple of weeks ago but heard nothing back unfortunately. A quick work around is to add the following to your cloginrc file add method device_name {ssh:22} I hope someone can take a look at this though. Cheers, Gareth On 30 May 2012, at 7:06 PM, Gerhard Mourani wrote: Helo list, After an update to Rancid version 2.3.8, the method used to login into FortiGate device no longer work and report the following error in the log file. Getting missed routers: round 4. 192.168.2.1 fnlogin error: Error: Couldn't login: 192.168.2.1 192.168.2.1: missed cmd(s): show full-configuration,get system status 0: found end 192.168.2.1: End of run not found With previous version of Rancid, everything worked correctly. According to the above error I've run the following commands to verify if the missed cmd is true or not. /usr/bin/clogin -f /usr/share/rancid/.cloginrc 192.168.2.1 The above works and I can manually run the 'show full-configuration' or 'get system status' command without problem! Therefore no idea about why this error occur now and from which part it's really coming from! Gerhard, _______________________________________________ Rancid-discuss mailing list Rancid-discuss at shrubbery.net http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss -------------- next part -------------- An HTML attachment was scrubbed... URL: From michael6at at yahoo.de Thu May 31 13:24:57 2012 From: michael6at at yahoo.de (michael schnatterer) Date: Thu, 31 May 2012 14:24:57 +0100 (BST) Subject: [rancid] Rancid enable problem In-Reply-To: <5DC4853C6CC3EE4788779E0726E034DD013FAEE9@zy-ex1.zyedge.local> References: <-5898066504269475923@unknownmsgid> <1337927131.82040.YahooMailNeo@web29012.mail.ird.yahoo.com> <5DC4853C6CC3EE4788779E0726E034DD013DC4D0@zy-ex1.zyedge.local> <1338274071.77675.YahooMailNeo@web29003.mail.ird.yahoo.com> <5DC4853C6CC3EE4788779E0726E034DD013F98A1@zy-ex1.zyedge.local>, <1338295610.94640.YahooMailNeo@web29011.mail.ird.yahoo.com> <1338302316.46729.YahooMailNeo@web29001.mail.ird.yahoo.com> <5DC4853C6CC3EE4788779E0726E034DD013FAEE9@zy-ex1.zyedge.local> Message-ID: <1338470697.62318.YahooMailNeo@web29003.mail.ird.yahoo.com> Hy, Here is my Output: rancid at srv01: /home/rancid/bin/clogin -c show version "hostname" version spawn ssh -c 3des -x -l rancid version ssh: Could not resolve hostname version: Name or service not known Error: Couldn't login: version "hostname" spawn ssh -c 3des -x -l "User" "hostname" "user"@"hostnames" password: #######ASA Firewall ######## ASA-FW> ASA-FW> termin terminal length 0 ????????? ^ ERROR: % Invalid input detected at '^' marker. ERROR: Command authorization failed ASA-FW>show INFO: % Type "show ?" for a list of subcommands ASA-FW> exit ________________________________ Von: Ryan West An: michael schnatterer CC: Adam Korab ; "rancid-discuss at shrubbery.net" Gesendet: 17:42 Dienstag, 29.Mai 2012 Betreff: RE: [rancid] Rancid enable problem The autoenable should be set to 0 for your config. ? -ryan ? From:michael schnatterer [mailto:michael6at at yahoo.de] Sent: Tuesday, May 29, 2012 10:39 AM To: Ryan West Cc: Adam Korab; rancid-discuss at shrubbery.net Subject: Re: [rancid] Rancid enable problem ? .cloginrc ? add user user1 {password} add user * {rancid} #Firewall add password 193.186.1.2 {userpassword} {enablepassword} add autoenable 193.186.1.2 1 or 0 add method * {ssh} {telnet} Thats it, how i said in my further post on every asa firewall work this config Best regards and thanks ? ________________________________ Von:Ryan West An: michael schnatterer CC: Adam Korab ; "rancid-discuss at shrubbery.net" Gesendet: 14:49 Dienstag, 29.Mai 2012 Betreff: Re: [rancid] Rancid enable problem ? Paste a sanitized version of your .cloginrc file.? Sent from handheld? On May 29, 2012, at 8:46 AM, "michael schnatterer" wrote: In this case i have an other username as RANCID, but this username is entered in the cloginrc too. >? >add user 193.186.1.2 {User} >I login with the User and a password, after that i write enable and enter an other password as the first one. >? >Thanks >? > >________________________________ > >Von:Ryan West >An: michael schnatterer ; Adam Korab >CC: "rancid-discuss at shrubbery.net" >Gesendet: 13:56 Dienstag, 29.Mai 2012 >Betreff: RE: [rancid] Rancid enable problem > >On Tue, May 29, 2012 at 02:47:51, michael schnatterer wrote: >> Subject: Re: [rancid] Rancid enable problem >> >> Hy Guy's >> >> Thanks for your help, but it wouldn't work... >> I tried with clogin -autoenable 193.186.1.2 but the enable command >> doesn't come. >> I tried to write the add autoenable 193.186.1.2 1 or 0 on the top of >> my cloginrc, without success. >> >> I'am a little bit frustrated about the problem :( >> >> have anybody any other idea? >> >> Realy thanks for every help > >When you login to the device manually with the RANCID username, what exactly do you type?? Is it {username}, followed by {password}, then enable, followed by the same {password}? > > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From rwest at zyedge.com Thu May 31 14:24:14 2012 From: rwest at zyedge.com (Ryan West) Date: Thu, 31 May 2012 14:24:14 +0000 Subject: [rancid] Rancid enable problem In-Reply-To: <1338470697.62318.YahooMailNeo@web29003.mail.ird.yahoo.com> References: <-5898066504269475923@unknownmsgid> <1337927131.82040.YahooMailNeo@web29012.mail.ird.yahoo.com> <5DC4853C6CC3EE4788779E0726E034DD013DC4D0@zy-ex1.zyedge.local> <1338274071.77675.YahooMailNeo@web29003.mail.ird.yahoo.com> <5DC4853C6CC3EE4788779E0726E034DD013F98A1@zy-ex1.zyedge.local>, <1338295610.94640.YahooMailNeo@web29011.mail.ird.yahoo.com> <1338302316.46729.YahooMailNeo@web29001.mail.ird.yahoo.com> <5DC4853C6CC3EE4788779E0726E034DD013FAEE9@zy-ex1.zyedge.local>, <1338470697.62318.YahooMailNeo@web29003.mail.ird.yahoo.com> Message-ID: <14C91AC7-1EC9-4626-8C97-F0DAA20C7EF4@zyedge.com> You're never issuing enable, which is why you need autoenable 0. Post the same output with autoenable 0. Sent from handheld On May 31, 2012, at 9:25 AM, "michael schnatterer" > wrote: Hy, Here is my Output: rancid at srv01: /home/rancid/bin/clogin -c show version "hostname" version spawn ssh -c 3des -x -l rancid version ssh: Could not resolve hostname version: Name or service not known Error: Couldn't login: version "hostname" spawn ssh -c 3des -x -l "User" "hostname" "user"@"hostnames" password: #######ASA Firewall ######## ASA-FW> ASA-FW> termin terminal length 0 ^ ERROR: % Invalid input detected at '^' marker. ERROR: Command authorization failed ASA-FW>show INFO: % Type "show ?" for a list of subcommands ASA-FW> exit ________________________________ Von: Ryan West > An: michael schnatterer > CC: Adam Korab >; "rancid-discuss at shrubbery.net" > Gesendet: 17:42 Dienstag, 29.Mai 2012 Betreff: RE: [rancid] Rancid enable problem The autoenable should be set to 0 for your config. -ryan From: michael schnatterer [mailto:michael6at at yahoo.de] Sent: Tuesday, May 29, 2012 10:39 AM To: Ryan West Cc: Adam Korab; rancid-discuss at shrubbery.net Subject: Re: [rancid] Rancid enable problem .cloginrc add user user1 {password} add user * {rancid} #Firewall add password 193.186.1.2 {userpassword} {enablepassword} add autoenable 193.186.1.2 1 or 0 add method * {ssh} {telnet} Thats it, how i said in my further post on every asa firewall work this config Best regards and thanks ________________________________ Von: Ryan West > An: michael schnatterer > CC: Adam Korab >; "rancid-discuss at shrubbery.net" > Gesendet: 14:49 Dienstag, 29.Mai 2012 Betreff: Re: [rancid] Rancid enable problem Paste a sanitized version of your .cloginrc file. Sent from handheld On May 29, 2012, at 8:46 AM, "michael schnatterer" > wrote: In this case i have an other username as RANCID, but this username is entered in the cloginrc too. add user 193.186.1.2 {User} I login with the User and a password, after that i write enable and enter an other password as the first one. Thanks ________________________________ Von: Ryan West > An: michael schnatterer >; Adam Korab > CC: "rancid-discuss at shrubbery.net" > Gesendet: 13:56 Dienstag, 29.Mai 2012 Betreff: RE: [rancid] Rancid enable problem On Tue, May 29, 2012 at 02:47:51, michael schnatterer wrote: > Subject: Re: [rancid] Rancid enable problem > > Hy Guy's > > Thanks for your help, but it wouldn't work... > I tried with clogin -autoenable 193.186.1.2 but the enable command > doesn't come. > I tried to write the add autoenable 193.186.1.2 1 or 0 on the top of > my cloginrc, without success. > > I'am a little bit frustrated about the problem :( > > have anybody any other idea? > > Realy thanks for every help When you login to the device manually with the RANCID username, what exactly do you type? Is it {username}, followed by {password}, then enable, followed by the same {password}? -------------- next part -------------- An HTML attachment was scrubbed... URL: From heas at shrubbery.net Thu May 31 14:40:01 2012 From: heas at shrubbery.net (heasley) Date: Thu, 31 May 2012 07:40:01 -0700 Subject: [rancid] Failure logging in to HP Procurve switches In-Reply-To: References: <4FC65833.5010309@liu.se> Message-ID: <20120531144001.GK219@shrubbery.net> Thu, May 31, 2012 at 10:10:12AM +0000, Meyers, Dan: > Thanks for this, it does look like my issue :) However as I'm running Ubuntu 10.04 LTS with rancid from packages I'm only on 2.3.2, not whatever version that patch was written for. The code in those areas of hpuifilter.c is somewhat different, making use of strcpy not memcpy/memmove, with surrounding lines having changes as well. For the time being, as it's only a few (5) switches that are not often altered, I'll do manual backups. When 12.04 has its first point release in July I'll upgrade to that, which will give me rancid 2.3.6, then have another look at your patch if I'm still having issues. just download 2.3.8, build it, and copy hpuifilter over whatever your package system installed. or stop using the package system for rancid.