[rancid] Couple of Questions. upgrading and Fortinet issue.

Wed Aug 7 20:09:04 UTC 2013

That is the way they are set up.   It seemed strange to me but it all works.  

Chris

-----Original Message-----
From: heasley [mailto:heas at shrubbery.net] 
Sent: Tuesday, July 23, 2013 5:20 PM
To: Chris Davis
Cc: 'Richard Savage'; 'rancid-discuss at shrubbery.net'
Subject: Re: [rancid] Couple of Questions. upgrading and Fortinet issue.

Mon, Jul 15, 2013 at 09:42:03PM +0000, Chris Davis:
> Here is what I am seeing in my rancid reports.
> 
> Index: configs/x.x.x.x
> ===================================================================
> retrieving revision 1.150
> diff -U 4 -r1.150 x.x.x.x
> @@ -17,9 +17,9 @@
>   !Distribution: International
>   !Branch point: 665
>   !Release Version Information: MR3 Patch 14
>   !FortiOS x86-64: Yes
> - !System time: Mon Jul 15 15:06:58 2013
> + !System time: Mon Jul 15 16:07:02 2013

see patch below

>   config system global
>       set access-banner disable
>       set admin-concurrent enable
> @@ -9112,22 +9112,22 @@
>       edit "Fortinet_Factory"
>   !set password ENC <removed> 
>           set private-key "-----BEGIN RSA PRIVATE KEY-----
>   Proc-Type: 4,ENCRYPTED
> 
> And then my old key and then the new key.  I'm not sure if it's getting confused on the master/slave issue because the fortinet's have the same IP address, even though there are two separate firewalls.  Could be the time issue too.  

seems like a rather odd configuration for the primary and standy by answer on the same management address when they're both active??

Index: bin/fnrancid.in
===================================================================

--- bin/fnrancid.in	(revision 2279)
+++ bin/fnrancid.in	(revision 2280)
@@ -175,7 +175,7 @@
 	next if /^\s*$/;
 	last if (/$prompt/);
 
-	next if (/^System Time:/);
+	next if (/^system time:/i);
 	next if (/^\s*Virus-DB: .*/);
 	next if (/^\s*Extended DB: .*/);
 	next if (/^\s*IPS-DB: .*/);
@@ -207,7 +207,7 @@
 	# System time is fortigate extraction time
 	next if (/^\s*!System time:/);
 	# remove occurrances of conf_file_ver
-	next if (/^conf_file_ver=/);
+	next if (/^#?conf_file_ver=/);
 	# filter variabilities between configurations.  password encryption
 	# upon each display of the configuration.
 	if (/^\s*(set [^\s]*)\s(Enc\s[^\s]+)(.*)/i && $filter_pwds > 0 ) {

