[rancid] Rancid / Fortigate

heasley heas at shrubbery.net
Wed Jun 5 14:48:32 UTC 2013


Wed, Jun 05, 2013 at 12:45:03PM +0000, Richard Savage:
> Hi
> 
> I am currently running rancid 2.3.8-3 on a debian server.

ftp://ftp.shrubbery.net/pub/rancid/rancid-2.3.8.p4.gz

> I am backing up 3 fortinet firewalls and everytime rancid runs it produces a diff against various things changing.  This
> happens on every run even if no config changes have been made to the firewall:
> 
> @@ -2538,7 +2538,7 @@
>    end
>    config system autoupdate tunneling
>        set address ''
> -     set password ENC 7rz3NZFEnq39bkDpQoOq1xFb9S+pQwBXZedGObWBC7hC/QYQBMnsGbxKvbtSLtmBELRLqU631S6JPt8jsr0qKo2r10Vv5UzYddzby6Q3tWIls1IC
> +     set password ENC 51lWQzr6MmALlpq9n4uTbPbGcL9XHTvXmQ4kMLcz3u2Ua8yt9tkanbZp0J5uaKsiLqgLqEIKnQQFQYKoh+qNcGSeDMsFhHk/H18pPn4nuBQ0IxMq
>        set port 0
>        set status disable
>        set username ''
> 
> 
> @@ -7474,23 +7474,23 @@
>    end
>    config vpn certificate local
>        edit "Fortinet_Factory"
> -         set password ENC NNWSYkoMA+edjwo5LVP2a1M6K20cxS0iN/wkGwA6F39glvzYWmk3z9KoN7L//UR86M3u+8+d7Kk0k79NYf63wkLtpZnxRYWrLPTLeunMQLD5Rz2f
> +         set password ENC 0QNWT3omKlWgl1dROK2zvJDEdmhmrOQcre178jDza1qcDDJ4ROArDrJ2mWi5qIFFS6cZs8rIa9rUv34zvfmC/8U/xorbn6g/c1/jKfoCNo5KTP1E
>            set private-key "-----BEGIN RSA PRIVATE KEY-----
>    Proc-Type: 4,ENCRYPTED
> - DEK-Info: DES-EDE3-CBC,A8B9D863C86CD1F9
> - 8+cZant/s9PvQE2cK0010WPxMAXo7cp8BnmhCBpjvo7wEKXux+5yasNhe1ZxDcZm
> - j7PmNrqqO+J6qG5Whd90Hp9BCJ8eNYQJojW0IfB2RPYocD058bk+kjZ7MPov/JBz
> - QgDhnzoP9qFjPzA2GGMQ+1JFMJZI63VlRGUhKnN8xc0X1B9oHnb7U3/d3wipSekM
> - eSKd4Sy6kcZJc726OV273pr6ftJyob1tDmIGXZzMRgAzUehFO1w+2u39hPsTOcq/
> - IyF/RKTcfXoLilPFwZQvpDzIlurzCCv1ySsxhpFCKLScPaCwaTY6g8qz03VTMC6h
> + DEK-Info: DES-EDE3-CBC,39706AFBAD7CE8DF
> + 9KJ7kMJlzqKVFwS8dChmvlalrMbIKd0AxSo9VU/Wa1MSPo6HN8IjCAUtcM9zvbSX
> + E7aCk75D8vglifkuRqa+wtCcT8xVrEdwnHXpkvc9RH2JPs4JRhOyrYUAsnCMkQp3
> + rLS0OditRHWbxG8M5xo5V2dIs7L6wkN7wJ9Rdrj+AKf49bsLayIdTkF4ruG0tBXR
> + ugQDLe6G6lCq2CW3y0m6SA5fQE2bXQy0YztDrHSZzzm5wXHhfpEUzmAU9gR1kl/s
> + V1+fzVRhIXw2sf8CoH83DLvON0wiNOE/J9BhUgvxq9SzbRPhXrUS/58S1cdr7Wz
> 
>    -----END RSA PRIVATE KEY-----"
> 
> 
> I have looked back through the archives and found something similar back in 2010 but would assume that the patch has
> been integrated into the latest version.
> 
> Could any one suggest a fix for this as its getting slightly annoying getting a diff everytime there is a backup.
> 
> Many thanks
> 
> Richard
> This e-mail is sent on behalf of NewNet Limited, a company registered in England and Wales, registered number 03128506, registered office Carnac Lodge, Cams Estate, FAREHAM, Hampshire PO16 8UJ and regulated by Ofcom. The information in this e-mail is confidential and is intended solely for the use of that individual or entity to which it is addressed. Unauthorised use, dissemination, distribution, publication or copying of this communication is strictly prohibited. If you receive this in error, please notify us by email to privacy at newnet.co.uk<mailto:privacy at newnet.co.uk> and delete any copies. For information about how we process data and monitor communications please see our privacy statement<http://www.newnet.co.uk/Bottom-Bar/privacy-policy.php>.
> _______________________________________________
> Rancid-discuss mailing list
> Rancid-discuss at shrubbery.net
> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss


More information about the Rancid-discuss mailing list