From heas at shrubbery.net Fri Mar 1 18:26:08 2013 From: heas at shrubbery.net (heasley) Date: Fri, 1 Mar 2013 18:26:08 +0000 Subject: [rancid] Minor fix/update for hlogin ( and *login?). In-Reply-To: <512DBA12.1030909@chalmers.se> References: <512DBA12.1030909@chalmers.se> Message-ID: <20130301182608.GG27275@shrubbery.net> Wed, Feb 27, 2013 at 08:47:30AM +0100, Per-Olof Olsson: > Hello > > > Testing some minor update for hlogin (rancid 2.3.8). > > Sometimes I use hlogin to login to switches but get the session filtered by > hpuifilter. A bit hard to work with that output. I think this helps. I've always liked that it didnt mess with my terminal; ie: truncate it to 24 lines. but, ok; committed. > rancid at host bin]$ diff -c hlogin.in_ORG hlogin.in > *** hlogin.in_ORG 2013-01-21 07:05:47.357345221 +0100 > --- hlogin.in 2013-02-27 07:56:51.332898135 +0100 > *************** > *** 328,336 **** ... > Testing to set negative port number to telnet shows that it don't work on RHlinux > (from "man cloginrc" " Example: add method * {ssh} {telnet:-3000} {rsh}"). > > Tested "add method {telnet:-23}" > > ----------------------- > $ telnet -23 > telnet: invalid option -- '2' > Usage: telnet [-8] [-E] [-L] [-S tos] [-a] [-c] [-d] [-e char] [-l user] > [-n tracefile] [-b hostalias ] [-r] > [host-name [port]] > -------------------- > > I have to add "--" to telnet args in hlogin, "telnet -- $router $port" > > or used positive port number and put > ---------------------- > DEFAULT > mode character > ---------------------- > or > ---------------------- > > mode character > ---------------------- > in ~/.telnetrc > > > Is telnet special for RHlinux or update needed for telnet in all *login scripts > and/or add some notes in man page for cloginrc about ~/.telnetrc? I dont remember which client required the -; could have been BSD/OS. removed. there is a note in the page referring to telnetrc; I dont want to duplicate the manpage there, I would surely get it wrong or miss nuances of particular implementations. From heas at shrubbery.net Fri Mar 1 23:19:45 2013 From: heas at shrubbery.net (heasley) Date: Fri, 1 Mar 2013 23:19:45 +0000 Subject: [rancid] HP procurve Menu logon In-Reply-To: <5125CF67.7000006@chalmers.se> References: <1156DBA5-8167-4772-B42B-620AA8D3ED2F@univ-lr.fr> <20130219051133.GC93736@shrubbery.net> <0FD58A9A-E69C-40E8-AC7E-109AB0EF65FF@univ-lr.fr> <20130219183726.GK12440@shrubbery.net> <8E1B0503-040E-4ABF-992E-AA6A16300A9E@univ-lr.fr> <20130220174317.GG58636@shrubbery.net> <51253DEB.9000301@ale.cx> <5125CF67.7000006@chalmers.se> Message-ID: <20130301231945.GU27275@shrubbery.net> Thu, Feb 21, 2013 at 08:40:23AM +0100, Per-Olof Olsson: > Alex DEKKER skrev 02/20/2013 10:19 PM: > > On 20/02/13 17:43, heasley wrote: > >> btw, is this menu a standard thing with procurves? I've never seen it, > >> but the one that i have is a lower-end model. > > It's not the default on current Procurves, you can access it with 'menu'. From what Marc > > is saying, it sounds like there is a way to make it go straight into the menu on login for > > a given username. > > > > alexd > > _______________________________________________ > > Rancid-discuss mailing list > > Rancid-discuss at shrubbery.net > > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > > Only setting I found for this is in "8. Run Setup" menu > where you select "Logon Default" to "CLI" or "Menu" Would you propose a patch for this, since you can test it? > /Peo > ---------------------------------------------------------- > Per-Olof Olsson Email: peo at chalmers.se > Chalmers tekniska h?gskola IT-service > H?rsalsv?gen 5 412 96 G?teborg > Tel: 031/772 6738 Fax: 031/772 8660 > ---------------------------------------------------------- > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss From peo at chalmers.se Mon Mar 4 15:35:54 2013 From: peo at chalmers.se (Per-Olof Olsson) Date: Mon, 4 Mar 2013 16:35:54 +0100 Subject: [rancid] Minor fix/update for hlogin ( and *login?). In-Reply-To: <20130301182608.GG27275@shrubbery.net> References: <512DBA12.1030909@chalmers.se> <20130301182608.GG27275@shrubbery.net> Message-ID: <5134BF5A.3090704@chalmers.se> On 03/01/2013 07:26 PM, heasley wrote: > Wed, Feb 27, 2013 at 08:47:30AM +0100, Per-Olof Olsson: >> Hello >> >> >> Testing some minor update for hlogin (rancid 2.3.8). >> >> Sometimes I use hlogin to login to switches but get the session filtered by >> hpuifilter. A bit hard to work with that output. I think this helps. > > I've always liked that it didnt mess with my terminal; ie: truncate it to > 24 lines. but, ok; committed. > Yes, good old HP2524 and HP41xx switches using 24 lines window. New switches try to probe window size at login so it works well, using proper window size. >> rancid at host bin]$ diff -c hlogin.in_ORG hlogin.in >> *** hlogin.in_ORG 2013-01-21 07:05:47.357345221 +0100 >> --- hlogin.in 2013-02-27 07:56:51.332898135 +0100 >> *************** >> *** 328,336 **** > ... > >> Testing to set negative port number to telnet shows that it don't work on RHlinux >> (from "man cloginrc" " Example: add method * {ssh} {telnet:-3000} {rsh}"). >> >> Tested "add method {telnet:-23}" >> >> ----------------------- >> $ telnet -23 >> telnet: invalid option -- '2' >> Usage: telnet [-8] [-E] [-L] [-S tos] [-a] [-c] [-d] [-e char] [-l user] >> [-n tracefile] [-b hostalias ] [-r] >> [host-name [port]] >> -------------------- >> >> I have to add "--" to telnet args in hlogin, "telnet -- $router $port" >> >> or used positive port number and put >> ---------------------- >> DEFAULT >> mode character >> ---------------------- >> or >> ---------------------- >> >> mode character >> ---------------------- >> in ~/.telnetrc >> >> >> Is telnet special for RHlinux or update needed for telnet in all *login scripts >> and/or add some notes in man page for cloginrc about ~/.telnetrc? > > I dont remember which client required the -; could have been BSD/OS. removed. > > there is a note in the page referring to telnetrc; I dont want to duplicate the > manpage there, I would surely get it wrong or miss nuances of particular > implementations. > After I look in manuals ones more, I think all info needed is there. It's best to restrict and not use options like "--" and negative port number to telnet command, before tested it on all platforms. Just recomend use of ~/.telnetrc to get "character mode", if port number is used. /Peo From peo at chalmers.se Mon Mar 4 16:00:37 2013 From: peo at chalmers.se (Per-Olof Olsson) Date: Mon, 4 Mar 2013 17:00:37 +0100 Subject: [rancid] HP procurve Menu logon In-Reply-To: <20130301231945.GU27275@shrubbery.net> References: <1156DBA5-8167-4772-B42B-620AA8D3ED2F@univ-lr.fr> <20130219051133.GC93736@shrubbery.net> <0FD58A9A-E69C-40E8-AC7E-109AB0EF65FF@univ-lr.fr> <20130219183726.GK12440@shrubbery.net> <8E1B0503-040E-4ABF-992E-AA6A16300A9E@univ-lr.fr> <20130220174317.GG58636@shrubbery.net> <51253DEB.9000301@ale.cx> <5125CF67.7000006@chalmers.se> <20130301231945.GU27275@shrubbery.net> Message-ID: <5134C525.7020506@chalmers.se> On 03/02/2013 12:19 AM, heasley wrote: > Thu, Feb 21, 2013 at 08:40:23AM +0100, Per-Olof Olsson: >> Alex DEKKER skrev 02/20/2013 10:19 PM: >>> On 20/02/13 17:43, heasley wrote: >>>> btw, is this menu a standard thing with procurves? I've never seen it, >>>> but the one that i have is a lower-end model. >>> It's not the default on current Procurves, you can access it with 'menu'. From what Marc >>> is saying, it sounds like there is a way to make it go straight into the menu on login for >>> a given username. >>> >>> alexd >>> _______________________________________________ >>> Rancid-discuss mailing list >>> Rancid-discuss at shrubbery.net >>> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss >> >> Only setting I found for this is in "8. Run Setup" menu >> where you select "Logon Default" to "CLI" or "Menu" > > Would you propose a patch for this, since you can test it? Yes but it will take some time to have it to work and is fully tested. telnet/ssh login to manager and/or operator level ssh key-login and some switch types. "5" only works if you do direct login to manager level. Login to operator level needs "3" for "CLI exit". And one more thing. When you start menu mode and not saved config "Do you want to save current configuration"-prompt shows up before menu is started, even at login. ... Have part of it working but not all. > >> /Peo >> ---------------------------------------------------------- >> Per-Olof Olsson Email: peo at chalmers.se >> Chalmers tekniska h?gskola IT-service >> H?rsalsv?gen 5 412 96 G?teborg >> Tel: 031/772 6738 Fax: 031/772 8660 >> ---------------------------------------------------------- >> _______________________________________________ >> Rancid-discuss mailing list >> Rancid-discuss at shrubbery.net >> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss /Peo From Robert.Skoog at safelite.com Tue Mar 5 15:14:40 2013 From: Robert.Skoog at safelite.com (Skoog, Robert) Date: Tue, 5 Mar 2013 15:14:40 +0000 Subject: [rancid] fnlogin patch to correct issues with and without multiple vdoms on fortinet devices Message-ID: Hi, We noticed that some devices behaved oddly when the config global command was sent and didn't have VDOMs enabled. This patch looks at the device to first see if VDOMs are enabled and only if they are is the config global command sent. The patch also enables paging again before fnlogin exits leaving the device unchanged. This diff also includes other changes I found on the mailing list to resolve other fortinet issues and can be safely applied to the 2.3.8 version to get fortinet devices working. These changes have been tested over the last 3 months on a group of about 20 test sites. You will also need fnrancid patch which was posted here: http://www.shrubbery.net/pipermail/rancid-discuss/2011-February/005488.html in order for fortinet devices to work well with rancid. Thanks, Rob --- fnlogin.orig 2012-12-04 19:29:52.000000000 -0500 +++ fnlogin 2012-12-10 10:11:31.000000000 -0500 @@ -291,7 +291,7 @@ incr progs -1 if [string match "telnet*" $prog] { regexp {telnet(:([^[:space:]]+))*} $prog command suffix port - if {"$port" == ""} { + if {"$port" != ""} { set retval [ catch {spawn telnet $router} reason ] } else { set retval [ catch {spawn telnet $router $port} reason ] @@ -303,9 +303,8 @@ } elseif [string match "ssh*" $prog] { regexp {ssh(:([^[:space:]]+))*} $prog methcmd suffix port set cmd $sshcmd - if {"$port" == ""} { - #set cmd "$cmd -p $port" - set cmd "$cmd -p 22" + if {"$port" != ""} { + set cmd "$cmd -p $port" } set retval [ catch {eval spawn [split "$cmd -c $cyphertype -x -l $user $router" { }]} reason ] if { $retval } { @@ -445,12 +444,17 @@ global in_proc set in_proc 1 - # For use when vdoms are enabled - send "config global\r" # Disable output paging. - send -- "config system console\r" + log_user 0 + send -- "get system status \r" + expect { + -re "tion: ena" { expect -re $prompt; send "config global\r"} + -re "tion: dis" {} + } + expect -re $prompt; send -- "config system console\r" expect -re $prompt; send -- "set output standard\r" expect -re $prompt; send -- "end\r" + log_user 1 expect -re $prompt; set commands [split $command \;] @@ -461,19 +465,26 @@ -re "$prompt" { send "\r" sleep 0.5 } - -gl "--More--" { send " " + -gl "--More--\[^\n\r]*" { send " " exp_continue - -re "\[\n\r]+" { exp_continue } + -re "\[^\r\n]*\[\n\r]+" { send_user -- "expect_out(buffer)" + exp_continue } } } } expect { -re "$prompt$" { - #send "config global\r" - #send "config system console\r" - #send "set output more\r" - #send "end\r" - send "exit\r" + log_user 0 + send -- "get system status \r" + expect { + -re "tion: ena" { expect -re $prompt; send "config global\r"} + -re "tion: dis" {} + } + expect -re $prompt; send -- "config system console\r" + expect -re $prompt; send -- "set output more\r" + expect -re $prompt; send -- "end\r" + log_user 1 + expect -re $prompt; send "exit\r" sleep 0.5 exp_continue } @@ -579,18 +590,18 @@ } } elseif { $do_script } { # Disable output paging. - # For use when vdoms are enabled - send "config global\r" - send "config system console\r" - send "set output standard\r" - send "end\r" + log_user 0 + send -- "get system status \r" + expect { + -re "tion: ena" { expect -re $prompt; send "config global\r"} + -re "tion: dis" {} + } + expect -re $prompt; send "config system console\r" + expect -re $prompt; send "set output standard\r" + expect -re $prompt; send "end\r" + log_user 1 expect -re $prompt {} source $sfile - #undo paging - #send "config global\r" - #send "config system console\r" - #send "set output more\r" - #send "end\r" catch {close}; } else { label $router ____________________________________________________________ This message, including any attachments, may contain confidential information intended for a specific individual and purpose, and may be protected by law. If you are not the intended recipient please delete this message immediately. Any disclosure, copying or distribution of this message, or the taking of any action based on it, by any unintended recipient is strictly prohibited. -------------- next part -------------- An HTML attachment was scrubbed... URL: From Danica_Alcaraz at fd.org Tue Mar 5 15:41:06 2013 From: Danica_Alcaraz at fd.org (Danica L Alcaraz) Date: Tue, 5 Mar 2013 09:41:06 -0600 Subject: [rancid] The reoccurring question - Cisco ASA Login failures Message-ID: Guys, I'm STILL not able to get my RANCID to successfully login to our Cisco ASA firewalls. We've got TACACS+ (which is not that big a deal) but they insisted on giving usernames that had spaces in them and the script doesn't like anything I've tried to get it to take the string literally (mostly used {user name} or "user name"). I'm using Ubuntu 12.10 with RANCID 2.3.8. It insists that I designate the method ssh so I can't work it like my HP boxes. I need some more suggestions on this if you've got them. I've tried many things based on what I've seen in the blogs but here's my current: add user 192.168.*.* {user name} << or "user name" (or even {"user name"} add password 192.168.*.* {password} {password} add method 192.168.*.* ssh add autoenable 192.168.*.* {1} prompt$ /usr/local/rancid/bin/clogin 192.168.*.* 192.168.*.* spawn ssh -c 3des -x -l user name 192.168.*.* << with quotes or squiggly brackets it still only reads the second word of the username ssh: Couldn't resolve hostname name: Name or service not known Error: Couldn't login: 192.168.*.* Has anyone gotten it to work using another device script? Are there other ways to tell Ubuntu to read the username with a space literally? My HP devices take the string literally without help from {} or "" but only if I remove the add method directive, Hmmm, I wonder if I make it think it's an HP. Any ideas appreciated. Thanks. Sincerely, Danica Alcaraz Network Administrator ODS-ITD NITOAD Branch Administrative Office of the U.S. Courts 7550 IH 10 West, Suite 200 San Antonio, Texas 78229-5821 Direct: (210) 308-3217 Fax: (210) 308-3225 danica_alcaraz at fd.org From mwlucas at blackhelicopters.org Tue Mar 5 15:55:54 2013 From: mwlucas at blackhelicopters.org (Michael W. Lucas) Date: Tue, 5 Mar 2013 10:55:54 -0500 Subject: [rancid] The reoccurring question - Cisco ASA Login failures In-Reply-To: References: Message-ID: <20130305155554.GA19263@bewilderbeast.blackhelicopters.org> Usernames with spaces? Wow. What I normally do with devices that need weird SSH commands is run an external script. (Properly escaping spaces in shell in Tcl in Expect is hard.) You can find an example at http://blather.michaelwlucas.com/archives/422 ==ml On Tue, Mar 05, 2013 at 09:41:06AM -0600, Danica L Alcaraz wrote: > > Guys, > > I'm STILL not able to get my RANCID to successfully login to our Cisco ASA > firewalls. We've got TACACS+ (which is not that big a deal) but they > insisted on giving usernames that had spaces in them and the script doesn't > like anything I've tried to get it to take the string literally (mostly > used {user name} or "user name"). I'm using Ubuntu 12.10 with RANCID > 2.3.8. It insists that I designate the method ssh so I can't work it like > my HP boxes. I need some more suggestions on this if you've got them. > > I've tried many things based on what I've seen in the blogs but here's my > current: > > add user 192.168.*.* {user name} << or "user name" (or even > {"user name"} > add password 192.168.*.* {password} {password} > add method 192.168.*.* ssh > add autoenable 192.168.*.* {1} > > prompt$ /usr/local/rancid/bin/clogin 192.168.*.* > 192.168.*.* > spawn ssh -c 3des -x -l user name 192.168.*.* << with quotes or > squiggly brackets it still only reads the second word of the username > ssh: Couldn't resolve hostname name: Name or service not known > > Error: Couldn't login: 192.168.*.* > > Has anyone gotten it to work using another device script? > Are there other ways to tell Ubuntu to read the username with a space > literally? > My HP devices take the string literally without help from {} or "" but only > if I remove the add method directive, Hmmm, I wonder if I make it think > it's an HP. > > Any ideas appreciated. Thanks. > > > Sincerely, > > > > Danica Alcaraz > Network Administrator > ODS-ITD NITOAD Branch > Administrative Office of the U.S. Courts > 7550 IH 10 West, Suite 200 > San Antonio, Texas 78229-5821 > Direct: (210) 308-3217 > Fax: (210) 308-3225 > danica_alcaraz at fd.org > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss -- Michael W. Lucas - mwlucas at michaelwlucas.com, Twitter @mwlauthor http://www.MichaelWLucas.com/, http://blather.MichaelWLucas.com/ Latest book: Absolute OpenBSD 2/e - http://www.nostarch.com/openbsd2e coupon code "ILUVMICHAEL" gets you 30% off & helps me. From jethro.binks at strath.ac.uk Tue Mar 5 16:03:19 2013 From: jethro.binks at strath.ac.uk (Jethro R Binks) Date: Tue, 5 Mar 2013 16:03:19 +0000 (GMT) Subject: [rancid] The reoccurring question - Cisco ASA Login failures In-Reply-To: References: Message-ID: On Tue, 5 Mar 2013, Danica L Alcaraz wrote: > We've got TACACS+ (which is not that big a deal) but they insisted on > giving usernames that had spaces in them Regardless of the problem with rancid or not, that seems to be decision that is ripe for producing problems in many areas! Not that that means applications shouldn't be able to handle it of course, but it seems somewhat self-inflicted torture when they don't. Jethro. . . . . . . . . . . . . . . . . . . . . . . . . . Jethro R Binks, Network Manager, Information Services Directorate, University Of Strathclyde, Glasgow, UK The University of Strathclyde is a charitable body, registered in Scotland, number SC015263. From peo at chalmers.se Tue Mar 5 17:55:58 2013 From: peo at chalmers.se (Per-Olof Olsson) Date: Tue, 5 Mar 2013 18:55:58 +0100 Subject: [rancid] The reoccurring question - Cisco ASA Login failures In-Reply-To: References: Message-ID: <513631AE.2040301@chalmers.se> Hello Space in user name. Crazy! Impossible or just to fix the scope for "split" and quote the username in clogin... Not tested to do a complete login but the ssh password prompt looks correct including a space. >clogin host ... user name at host's password: ... diff clogin clogin_special 350c350 < set retval [catch {eval spawn [split "$cmd -c $cyphertype -x -l $user $router" { }]} reason] --- > set retval [catch {eval spawn [split "$cmd -c $cyphertype -x -l" { }] \"$user\" $router } reason] /Peo ---------------------------------------------------------- Per-Olof Olsson Email: peo at chalmers.se Chalmers tekniska h?gskola IT-service H?rsalsv?gen 5 412 96 G?teborg Tel: 031/772 6738 Fax: 031/772 8680 ---------------------------------------------------------- Danica L Alcaraz wrote 2013-03-05 16:41: > > Guys, > > I'm STILL not able to get my RANCID to successfully login to our Cisco ASA > firewalls. We've got TACACS+ (which is not that big a deal) but they > insisted on giving usernames that had spaces in them and the script doesn't > like anything I've tried to get it to take the string literally (mostly > used {user name} or "user name"). I'm using Ubuntu 12.10 with RANCID > 2.3.8. It insists that I designate the method ssh so I can't work it like > my HP boxes. I need some more suggestions on this if you've got them. > > I've tried many things based on what I've seen in the blogs but here's my > current: > > add user 192.168.*.* {user name} << or "user name" (or even > {"user name"} > add password 192.168.*.* {password} {password} > add method 192.168.*.* ssh > add autoenable 192.168.*.* {1} > > prompt$ /usr/local/rancid/bin/clogin 192.168.*.* > 192.168.*.* > spawn ssh -c 3des -x -l user name 192.168.*.* << with quotes or > squiggly brackets it still only reads the second word of the username > ssh: Couldn't resolve hostname name: Name or service not known > > Error: Couldn't login: 192.168.*.* > > Has anyone gotten it to work using another device script? > Are there other ways to tell Ubuntu to read the username with a space > literally? > My HP devices take the string literally without help from {} or "" but only > if I remove the add method directive, Hmmm, I wonder if I make it think > it's an HP. > > Any ideas appreciated. Thanks. > > > Sincerely, > > > > Danica Alcaraz > Network Administrator > ODS-ITD NITOAD Branch > Administrative Office of the U.S. Courts > 7550 IH 10 West, Suite 200 > San Antonio, Texas 78229-5821 > Direct: (210) 308-3217 > Fax: (210) 308-3225 > danica_alcaraz at fd.org > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > From Danica_Alcaraz at fd.org Tue Mar 5 18:54:46 2013 From: Danica_Alcaraz at fd.org (Danica L Alcaraz) Date: Tue, 5 Mar 2013 12:54:46 -0600 Subject: [rancid] The reoccurring question - Cisco ASA Login failures In-Reply-To: <513631AE.2040301@chalmers.se> References: <513631AE.2040301@chalmers.se> Message-ID: /PEO, you are a GD genius! You obviously understand all the underlying code that I do not. Can I tell these types of devices to look at the clogin_special script just by using a different device than cisco in the router.db configuration? How to I direct it to do that? Or can I feel safe in loading this change into the clogin file and not impact other devices? Sincerely, Danica Alcaraz Network Administrator ODS-ITD NITOAD Branch Administrative Office of the U.S. Courts 7550 IH 10 West, Suite 200 San Antonio, Texas 78229-5821 Direct: (210) 308-3217 Fax: (210) 308-3225 danica_alcaraz at fd.org From: Per-Olof Olsson To: Danica L Alcaraz , Cc: Date: 03/05/2013 11:56 AM Subject: Re: [rancid] The reoccurring question - Cisco ASA Login failures Hello Space in user name. Crazy! Impossible or just to fix the scope for "split" and quote the username in clogin... Not tested to do a complete login but the ssh password prompt looks correct including a space. >clogin host ... user name at host's password: ... diff clogin clogin_special 350c350 < set retval [catch {eval spawn [split "$cmd -c $cyphertype -x -l $user $router" { }]} reason] --- > set retval [catch {eval spawn [split "$cmd -c $cyphertype -x -l" { }] \"$user\" $router } reason] /Peo ---------------------------------------------------------- Per-Olof Olsson Email: peo at chalmers.se Chalmers tekniska h?gskola IT-service H?rsalsv?gen 5 412 96 G?teborg Tel: 031/772 6738 Fax: 031/772 8680 ---------------------------------------------------------- Danica L Alcaraz wrote 2013-03-05 16:41: > > Guys, > > I'm STILL not able to get my RANCID to successfully login to our Cisco ASA > firewalls. We've got TACACS+ (which is not that big a deal) but they > insisted on giving usernames that had spaces in them and the script doesn't > like anything I've tried to get it to take the string literally (mostly > used {user name} or "user name"). I'm using Ubuntu 12.10 with RANCID > 2.3.8. It insists that I designate the method ssh so I can't work it like > my HP boxes. I need some more suggestions on this if you've got them. > > I've tried many things based on what I've seen in the blogs but here's my > current: > > add user 192.168.*.* {user name} << or "user name" (or even > {"user name"} > add password 192.168.*.* {password} {password} > add method 192.168.*.* ssh > add autoenable 192.168.*.* {1} > > prompt$ /usr/local/rancid/bin/clogin 192.168.*.* > 192.168.*.* > spawn ssh -c 3des -x -l user name 192.168.*.* << with quotes or > squiggly brackets it still only reads the second word of the username > ssh: Couldn't resolve hostname name: Name or service not known > > Error: Couldn't login: 192.168.*.* > > Has anyone gotten it to work using another device script? > Are there other ways to tell Ubuntu to read the username with a space > literally? > My HP devices take the string literally without help from {} or "" but only > if I remove the add method directive, Hmmm, I wonder if I make it think > it's an HP. > > Any ideas appreciated. Thanks. > > > Sincerely, > > > > Danica Alcaraz > Network Administrator > ODS-ITD NITOAD Branch > Administrative Office of the U.S. Courts > 7550 IH 10 West, Suite 200 > San Antonio, Texas 78229-5821 > Direct: (210) 308-3217 > Fax: (210) 308-3225 > danica_alcaraz at fd.org > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > From heas at shrubbery.net Tue Mar 5 19:29:55 2013 From: heas at shrubbery.net (heasley) Date: Tue, 5 Mar 2013 19:29:55 +0000 Subject: [rancid] The reoccurring question - Cisco ASA Login failures In-Reply-To: References: <513631AE.2040301@chalmers.se> Message-ID: <20130305192955.GJ75662@shrubbery.net> Tue, Mar 05, 2013 at 12:54:46PM -0600, Danica L Alcaraz: > /PEO, you are a GD genius! > > You obviously understand all the underlying code that I do not. Can I tell > these types of devices to look at the clogin_special script just by using a > different device than cisco in the router.db configuration? How to I > direct it to do that? Or can I feel safe in loading this change into the > clogin file and not impact other devices? add password glob {foo\ bar} should be all that is necessary, as . clogin -d .... send: sending "foo bar\r" to { exp4 } From Danica_Alcaraz at fd.org Tue Mar 5 19:31:37 2013 From: Danica_Alcaraz at fd.org (Danica L Alcaraz) Date: Tue, 5 Mar 2013 13:31:37 -0600 Subject: [rancid] The reoccurring question - Cisco ASA Login failures In-Reply-To: <20130305192955.GJ75662@shrubbery.net> References: <513631AE.2040301@chalmers.se> <20130305192955.GJ75662@shrubbery.net> Message-ID: That didn't work for me. ~Danica From: heasley To: Danica L Alcaraz , Cc: Per-Olof Olsson , rancid-discuss at shrubbery.net Date: 03/05/2013 01:29 PM Subject: Re: [rancid] The reoccurring question - Cisco ASA Login failures Tue, Mar 05, 2013 at 12:54:46PM -0600, Danica L Alcaraz: > /PEO, you are a GD genius! > > You obviously understand all the underlying code that I do not. Can I tell > these types of devices to look at the clogin_special script just by using a > different device than cisco in the router.db configuration? How to I > direct it to do that? Or can I feel safe in loading this change into the > clogin file and not impact other devices? add password glob {foo\ bar} should be all that is necessary, as . clogin -d .... send: sending "foo bar\r" to { exp4 } From shouldbeq931 at gmail.com Tue Mar 5 20:02:17 2013 From: shouldbeq931 at gmail.com (shouldbe q931) Date: Tue, 5 Mar 2013 20:02:17 +0000 Subject: [rancid] The reoccurring question - Cisco ASA Login failures In-Reply-To: References: Message-ID: On Tue, Mar 5, 2013 at 3:41 PM, Danica L Alcaraz wrote: > > insisted on giving usernames that had spaces in them Somebody should point out to them that enforcing a space is like enforcing _any_ other character. Sounds like security by "management types"... Cheers Arne From heas at shrubbery.net Tue Mar 5 21:15:55 2013 From: heas at shrubbery.net (heasley) Date: Tue, 5 Mar 2013 21:15:55 +0000 Subject: [rancid] The reoccurring question - Cisco ASA Login failures In-Reply-To: References: <513631AE.2040301@chalmers.se> <20130305192955.GJ75662@shrubbery.net> Message-ID: <20130305211555.GS75662@shrubbery.net> Tue, Mar 05, 2013 at 01:31:37PM -0600, Danica L Alcaraz: > That didn't work for me. it should have; dont know why it work for me but not for you. try the -d option and look for what it actually sending. you might also try downloading the original package and installing that, in case ubuntu has modified it in some manner. > From: heasley > To: Danica L Alcaraz , > Cc: Per-Olof Olsson , rancid-discuss at shrubbery.net > Date: 03/05/2013 01:29 PM > Subject: Re: [rancid] The reoccurring question - Cisco ASA Login > failures > > > > Tue, Mar 05, 2013 at 12:54:46PM -0600, Danica L Alcaraz: > > /PEO, you are a GD genius! > > > > You obviously understand all the underlying code that I do not. Can I > tell > > these types of devices to look at the clogin_special script just by using > a > > different device than cisco in the router.db configuration? How to I > > direct it to do that? Or can I feel safe in loading this change into the > > clogin file and not impact other devices? > > add password glob {foo\ bar} > > should be all that is necessary, as . > > clogin -d .... > > send: sending "foo bar\r" to { exp4 } > > From Danica_Alcaraz at fd.org Tue Mar 5 22:30:16 2013 From: Danica_Alcaraz at fd.org (Danica L Alcaraz) Date: Tue, 5 Mar 2013 16:30:16 -0600 Subject: [rancid] The reoccurring question - Cisco ASA Login failures In-Reply-To: <51365E5E.5090901@chalmers.se> References: <513631AE.2040301@chalmers.se> <51365E5E.5090901@chalmers.se> Message-ID: I copied the clogin file to a backup, changed the line in clogin you suggested and ran rancid. SUCCESS! It doesn't appear to have created a problem for any of my other cisco devices. Now I can include all the ASA's without a problem. Thanks again Peo! Here's the change suggested by Peo: diff clogin clogin_special > 350c350 > < set retval [catch {eval spawn [split "$cmd -c $cyphertype -x > -l $user $router" { }]} reason] > --- > > set retval [catch {eval spawn [split "$cmd -c $cyphertype > -x -l" { }] \"$user\" $router } reason] Sincerely, Danica Alcaraz Network Administrator ODS-ITD NITOAD Branch Administrative Office of the U.S. Courts 7550 IH 10 West, Suite 200 San Antonio, Texas 78229-5821 Direct: (210) 308-3217 Fax: (210) 308-3225 danica_alcaraz at fd.org From: Per-Olof Olsson To: Danica L Alcaraz , Date: 03/05/2013 03:06 PM Subject: Re: [rancid] The reoccurring question - Cisco ASA Login failures Hi I don't think this fix will have any impact on other devices that is using clogin. It's important that "split" cover "$cmd" on the changed line. Can't you test some other cisco's if "clogin_special" work even for them. Find a time gap when cron not running rancid-run or trun of cron scrip a short time, replacing clogin and run rancid on a small group of switches? ... To create a new device typ you have to copy files and edit some. No typo!!! Shot one for a "cisco copy". XX,, YY, ZZ unique names. Add new type to translate in rancid-fe. 'XX' => 'YY', copy rancid to YY edit YY to call ZZ instead of clogin. copy clogin to ZZ change device type in routers.db to XX. Read FAQ:n. How to run and test scripts. YY rancid-run -r /Peo Danica L Alcaraz skrev 2013-03-05 19:54: > /PEO, you are a GD genius! > > You obviously understand all the underlying code that I do not. Can I tell > these types of devices to look at the clogin_special script just by using a > different device than cisco in the router.db configuration? How to I > direct it to do that? Or can I feel safe in loading this change into the > clogin file and not impact other devices? > > > Sincerely, > > > > Danica Alcaraz > Network Administrator > ODS-ITD NITOAD Branch > Administrative Office of the U.S. Courts > 7550 IH 10 West, Suite 200 > San Antonio, Texas 78229-5821 > Direct: (210) 308-3217 > Fax: (210) 308-3225 > danica_alcaraz at fd.org > > > > > From: Per-Olof Olsson > To: Danica L Alcaraz , > Cc: > Date: 03/05/2013 11:56 AM > Subject: Re: [rancid] The reoccurring question - Cisco ASA Login > failures > > > > Hello > > Space in user name. Crazy! > > Impossible or just to fix the scope for "split" and quote the username > in clogin... > > Not tested to do a complete login but the ssh password prompt looks > correct including a space. > > >clogin host > ... > user name at host's password: > ... > > diff clogin clogin_special > 350c350 > < set retval [catch {eval spawn [split "$cmd -c $cyphertype -x > -l $user $router" { }]} reason] > --- > > set retval [catch {eval spawn [split "$cmd -c $cyphertype > -x -l" { }] \"$user\" $router } reason] > > > /Peo > ---------------------------------------------------------- > Per-Olof Olsson Email: peo at chalmers.se > Chalmers tekniska h?gskola IT-service > H?rsalsv?gen 5 412 96 G?teborg > Tel: 031/772 6738 Fax: 031/772 8680 > ---------------------------------------------------------- > > Danica L Alcaraz wrote 2013-03-05 16:41: >> >> Guys, >> >> I'm STILL not able to get my RANCID to successfully login to our Cisco > ASA >> firewalls. We've got TACACS+ (which is not that big a deal) but they >> insisted on giving usernames that had spaces in them and the script > doesn't >> like anything I've tried to get it to take the string literally (mostly >> used {user name} or "user name"). I'm using Ubuntu 12.10 with RANCID >> 2.3.8. It insists that I designate the method ssh so I can't work it > like >> my HP boxes. I need some more suggestions on this if you've got them. >> >> I've tried many things based on what I've seen in the blogs but here's my >> current: >> >> add user 192.168.*.* {user name} > << or "user name" (or even >> {"user name"} >> add password 192.168.*.* {password} {password} >> add method 192.168.*.* ssh >> add autoenable 192.168.*.* {1} >> >> prompt$ /usr/local/rancid/bin/clogin 192.168.*.* >> 192.168.*.* >> spawn ssh -c 3des -x -l user name 192.168.*.* << with > quotes or >> squiggly brackets it still only reads the second word of the username >> ssh: Couldn't resolve hostname name: Name or service not known >> >> Error: Couldn't login: 192.168.*.* >> >> Has anyone gotten it to work using another device script? >> Are there other ways to tell Ubuntu to read the username with a space >> literally? >> My HP devices take the string literally without help from {} or "" but > only >> if I remove the add method directive, Hmmm, I wonder if I make it think >> it's an HP. >> >> Any ideas appreciated. Thanks. >> >> >> Sincerely, >> >> >> >> Danica Alcaraz >> Network Administrator >> ODS-ITD NITOAD Branch >> Administrative Office of the U.S. Courts >> 7550 IH 10 West, Suite 200 >> San Antonio, Texas 78229-5821 >> Direct: (210) 308-3217 >> Fax: (210) 308-3225 >> danica_alcaraz at fd.org >> >> _______________________________________________ >> Rancid-discuss mailing list >> Rancid-discuss at shrubbery.net >> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss >> > > > > > From brokenflea at gmail.com Wed Mar 6 08:24:49 2013 From: brokenflea at gmail.com (Khurram Khan) Date: Wed, 6 Mar 2013 01:24:49 -0700 Subject: [rancid] custom command table and grep Message-ID: Hello All, I've got a device that I'm building a custom command table for and trying to grep out a ssh key that I don't want displayed in the configuration. When running the command from cli on the device, the syntax looks like: show configuration | grep -v "ssh " and the cli command does what it's supposed to. How do I incorporate the start/end quotes in the command table? I've tried a couple of variations and the script errors out. @commandtable = ( {'no timestamps' => 'DoNothing' }, {'show configuration | grep -v "ssh "' => 'WriteTerm' }, ); Thanks in advance! -------------- next part -------------- An HTML attachment was scrubbed... URL: From heas at shrubbery.net Wed Mar 6 18:32:40 2013 From: heas at shrubbery.net (heasley) Date: Wed, 6 Mar 2013 18:32:40 +0000 Subject: [rancid] custom command table and grep In-Reply-To: References: Message-ID: <20130306183240.GI3961@shrubbery.net> Wed, Mar 06, 2013 at 01:24:49AM -0700, Khurram Khan: > Hello All, > > I've got a device that I'm building a custom command table for and trying > to grep out a ssh key that I don't want displayed in the configuration. > When running the command from cli on the device, the syntax looks like: > > show configuration | grep -v "ssh " > > and the cli command does what it's supposed to. > > How do I incorporate the start/end quotes in the command table? I've tried > a couple of variations and the script errors out. > > @commandtable = ( > {'no timestamps' => 'DoNothing' }, > {'show configuration | grep -v "ssh "' => 'WriteTerm' }, > ); dont do it that way. add your filter in WriteTerm, if you must. > > Thanks in advance! > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss From brokenflea at gmail.com Wed Mar 6 18:39:46 2013 From: brokenflea at gmail.com (Khurram Khan) Date: Wed, 6 Mar 2013 11:39:46 -0700 Subject: [rancid] custom command table and grep In-Reply-To: <20130306183240.GI3961@shrubbery.net> References: <20130306183240.GI3961@shrubbery.net> Message-ID: I wrote a filter, and perhaps I'm not doing it right but the one I've got in the script is: if (/\s+ssh key \S / && filter_pwds >= 1) { ProcessHistory("ADMIN","","","#ssh key \n"); next; } the configuration from cli looks like this: ssh key +A0xxl6l15l6s800mta4qnknyalr1je5u8s76zlcx3myxhbnhe5v5j0yv721a4x2len02e5hs7wykq0s2u9cemrh4vxfk3e78aegfu9rht1ktf9m7zrnn1p3815woa30nduz2febcn5dxnoa2157i8vvkzys843dhzkexqj5atn2fj6njnnplwoc0li9in2lzgi6m2bue2rckfxrvn0dl92m6k0szbb3rpq8evwyrpkm27awx9clm2rmr0w5zy6rf9bshz3kqsu2vlj9kit30riazgllauvx2zcpfgieuig9e1g8fs73staweu3a0lnaj7j4aem2w58mqw27gby32c0v1rpecks841obelgd5zhwij37jx2qghay3s61nd7ysf8fhqw62i05s1jq85yo009hs7230audxy0wqbe63nb0g601cym5s7q9srpo151dgm4qehv3k1b99cz2amtzwz1y85fbxoj0ahm0jxp01p9xdudo1qgot3l82qcwb2fplrrw2dojjz3bpe5xfhh19lg2xcwnebyvz8jh0489wb5sjd7551ijhpzue3u4a40uqam01a9lhte0nrscnemcj1jc1h4hb8rlapljk3h6gqbdcqg60r0amxoqp67q1912v3nyl556pue015a4euijgbaxw3sf6k05w19gk10xlxaek9rgtbj3nf5mwnmzlfjh1hs9alqm43izz1eei4zk8ind4x2alhshhu2ripv25oa98g7pwbm22cj3kny7ehjib2td35qksn79er1whrzb4pcqqqe3el0fwkke4o2t0dvwhrrsewhlr3lxrw91idqr11 len 488 type v2-rsa On Wed, Mar 6, 2013 at 11:32 AM, heasley wrote: > Wed, Mar 06, 2013 at 01:24:49AM -0700, Khurram Khan: > > Hello All, > > > > I've got a device that I'm building a custom command table for and trying > > to grep out a ssh key that I don't want displayed in the configuration. > > When running the command from cli on the device, the syntax looks like: > > > > show configuration | grep -v "ssh " > > > > and the cli command does what it's supposed to. > > > > How do I incorporate the start/end quotes in the command table? I've > tried > > a couple of variations and the script errors out. > > > > @commandtable = ( > > {'no timestamps' => 'DoNothing' }, > > {'show configuration | grep -v "ssh "' => 'WriteTerm' }, > > ); > > dont do it that way. add your filter in WriteTerm, if you must. > > > > > Thanks in advance! > > > _______________________________________________ > > Rancid-discuss mailing list > > Rancid-discuss at shrubbery.net > > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > > -- - kk -------------- next part -------------- An HTML attachment was scrubbed... URL: From kbonner at gmail.com Thu Mar 7 20:10:48 2013 From: kbonner at gmail.com (Kevin Bonner) Date: Thu, 07 Mar 2013 15:10:48 -0500 Subject: [rancid] h3crancid doesn't filter passwords Message-ID: <2229835.5gRsn0jDSs@casilla> *newly subscribed... sorry for the missing message IDs* I've recently setup rancid to monitor several HP A5120 switches and ran into this same issue. My diff for h3crancid is: --- /home/keb/tmp/h3crancid 2013-03-07 14:57:09.574706088 -0500 +++ ./h3crancid 2013-02-28 11:40:31.725587845 -0500 @@ -361,9 +361,16 @@ # s/\s*---- More ----\s*//; # Filter out some sensitive data: - if (/^( ?snmp-agent community (read|write) )(\S+)/ && - $filter_commstr == 0) { - ProcessHistory("","","","!$1$'"); + if (/^( ?snmp-agent community (read|write) )(\S+)/ && $filter_commstr) { + ProcessHistory("","","","#$1$'"); + next; + } + if (/^( ?password (?:simple|cipher) )(.*)$/ && $filter_pwds >= 1) { + ProcessHistory("","","","#$1$'"); + next; + } + if (/^( ?key (?:authentication|accounting) )(.*)$/ && $filter_pwds >= 1) { + ProcessHistory("","","","#$1$'"); next; } This diff hides the SNMP community string if requested, hides the user passwords (both types!), and also hides RADIUS keys. On the HP A5120 switch, the pound symbol represents a comment line. Not sure if the other models covered by this script have that same behavior. Jethro, if you need someone to test future changes, feel free to contact me. Cheers, -Kevin On 2013.02.04 23:23, Jethro R Binks wrote: > > On Mon, 4 Feb 2013, ignasr at vault13.lt wrote: > > > >> I know H3C is not officially supported in rancid, but maybe someone took > >> the time and already wrote password filtering routines for h3crancid? > >> > >> If not, can I get some pointers on where in h3crancid that filtering > >> should happen? I would use other scripts as examples and write > >> something. > > > > I have a bunch of updates to make to h3crancid at some point. If you can > > give me samples of the lines where you want the passwords removing and the > > context, I can take a look at incorporating them. > > > > Jethro. From daniel.schmidt at wyo.gov Thu Mar 7 21:07:49 2013 From: daniel.schmidt at wyo.gov (Daniel Schmidt) Date: Thu, 7 Mar 2013 14:07:49 -0700 Subject: [rancid] NX-OS sap: In-Reply-To: <20130228215729.GS80425@shrubbery.net> References: <20130228215729.GS80425@shrubbery.net> Message-ID: <2f523c66e7e53a406862b585e161bf0a@mail.gmail.com> Thanks, I may open a tac case out of curiosity. -----Original Message----- From: heasley [mailto:heas at shrubbery.net] Sent: Thursday, February 28, 2013 2:57 PM To: Daniel Schmidt Cc: rancid-discuss at shrubbery.net Subject: Re: [rancid] NX-OS sap: Tue, Feb 26, 2013 at 08:48:21AM -0700, Daniel Schmidt: > Anybody else getting this spurious diff? > > > > + !DEBUG: Could not retrieve info from application sap:28 : Timer > + expired > > > > Might have been discussed before ? apologies if I missed it. i've not noticed anyone mention that before. you'd want something like this...and a TAC ticket. Index: bin/nxrancid.in =================================================================== --- bin/nxrancid.in (revision 2663) +++ bin/nxrancid.in (working copy) @@ -589,6 +589,7 @@ return(1) if /(Invalid input detected|Type help or )/; return(-1) if (/\% Invalid command at /); return(-1) if (/command authorization failed/i); + return(-1) if (/could not retrieve info/i); # XXX return(-1) if (/\% Permission denied/); # NX 5000 bug? "show debug" generates # "Permission denied" when using command authorization. -Per-Olof Olsson E-Mail to and from me, in connection with the transaction of public business, is subject to the Wyoming Public Records Act and may be disclosed to third parties. From kbonner at gmail.com Thu Mar 7 22:15:33 2013 From: kbonner at gmail.com (Kevin Bonner) Date: Thu, 07 Mar 2013 17:15:33 -0500 Subject: [rancid] Force10 inventory for pluggable media Message-ID: <3406216.zLGn2Miez5@casilla> I have several different Force10 switch models and they allow me to view pluggable media using the 'show inventory media' command. That command was introduced in FTOS firmware 7.5.1.0 (released August 2007). I've added the following line to my f10rancid script after the 'show inventory' command: {'show inventory media' => 'ShowInventory'}, Sample output from this addition on a Force10 S50 switch stack: + !Inventory: Slot Port Type Media Serial Number F10Qualified + !Inventory: 0 49 Media not present or accessible + !Inventory: 0 50 XFP 10GBASE-LR ABCDEFG Yes + !Inventory: 0 45 Media not present or accessible + !Inventory: 0 46 Media not present or accessible + !Inventory: 0 47 Media not present or accessible + !Inventory: 0 48 SFP 1000BASE-LX HIJKLMN Yes + !Inventory: 1 49 XFP 10GBASE-LR OPQRSTU Yes + !Inventory: 1 50 Media not present or accessible + !Inventory: 1 45 Media not present or accessible + !Inventory: 1 46 Media not present or accessible + !Inventory: 1 47 Media not present or accessible + !Inventory: 1 48 Media not present or accessible Hope this helps anyone curious about what optics have been inserted / removed in their devices. -Kevin From Douglas.Hughes at DEShawResearch.com Thu Mar 7 22:42:02 2013 From: Douglas.Hughes at DEShawResearch.com (Hughes, Doug) Date: Thu, 7 Mar 2013 22:42:02 +0000 Subject: [rancid] Force10 inventory for pluggable media In-Reply-To: <3406216.zLGn2Miez5@casilla> References: <3406216.zLGn2Miez5@casilla> Message-ID: Nice one, thanks! -----Original Message----- From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Kevin Bonner Sent: Thursday, March 07, 2013 5:16 PM To: rancid-discuss at shrubbery.net Subject: [rancid] Force10 inventory for pluggable media I have several different Force10 switch models and they allow me to view pluggable media using the 'show inventory media' command. That command was introduced in FTOS firmware 7.5.1.0 (released August 2007). I've added the following line to my f10rancid script after the 'show inventory' command: {'show inventory media' => 'ShowInventory'}, Sample output from this addition on a Force10 S50 switch stack: + !Inventory: Slot Port Type Media Serial Number F10Qualified + !Inventory: 0 49 Media not present or accessible + !Inventory: 0 50 XFP 10GBASE-LR ABCDEFG Yes + !Inventory: 0 45 Media not present or accessible + !Inventory: 0 46 Media not present or accessible + !Inventory: 0 47 Media not present or accessible + !Inventory: 0 48 SFP 1000BASE-LX HIJKLMN Yes + !Inventory: 1 49 XFP 10GBASE-LR OPQRSTU Yes + !Inventory: 1 50 Media not present or accessible + !Inventory: 1 45 Media not present or accessible + !Inventory: 1 46 Media not present or accessible + !Inventory: 1 47 Media not present or accessible + !Inventory: 1 48 Media not present or accessible Hope this helps anyone curious about what optics have been inserted / removed in their devices. -Kevin _______________________________________________ Rancid-discuss mailing list Rancid-discuss at shrubbery.net http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss From kbonner at gmail.com Thu Mar 7 23:36:37 2013 From: kbonner at gmail.com (Kevin Bonner) Date: Thu, 07 Mar 2013 18:36:37 -0500 Subject: [rancid] Updated module for APC network management cards Message-ID: <1457752.2i7VtVzyVR@casilla> Hi Terry, I've been using the rancid-apc tarball from rancid FTP contrib to monitor over 90 APC devices successfully for about a month and just wanted to give a success report for this module. The only thing I needed to change was to use passive ftp, but that was easy to get around. If you'd like the diff, just to throw into apcrancid and disabled in the command table by default, just let me know. -Kevin > 7+ years ago, I released a first cut of a RANCID module for pulling > configs from APC network management cards. As part of migrating my > monitoring systems from RANCID 2.3.1 (heavily modified) to 2.3.8, I've > > completely re-done the APC modules. Some of the changes are: > o Based on 2.3.8 clogin / rancid code base - easier to see what I > changed if you want to audit the code > > o Now reports the exact APC model number in the "Chassis Type" com- > ment line > > o Supports 2nd-generation APC management cards such as the AP9630/ > AP9631 > > o Supports a wider variety of FTP clients (different prompts) > o Better handling of configuration errors (such as specifying a non- > standard port number) > > o Better handling of errors from the FTP client - errors are now de- > > tected and reported rather than relying on the timeout mechanism > > o RANCID-CONTENT-TYPE header changed to "apc" from "apc-netmgmt" > o Greatly expanded the amount of info in the 0-README file > > You can download this version from: > http://www.tmk.com/transient/rancid-apc.tar.gz > > If you want the 2005 version for some reason, it is available as: > http://www.tmk.com/transient/rancid-apc-old.tar.gz > > Terry Kennedy http://www.tmk.com > terry at tmk.com New York, NY USA From jethro.binks at strath.ac.uk Fri Mar 8 14:04:34 2013 From: jethro.binks at strath.ac.uk (Jethro R Binks) Date: Fri, 8 Mar 2013 14:04:34 +0000 (GMT) Subject: [rancid] h3crancid doesn't filter passwords In-Reply-To: <2229835.5gRsn0jDSs@casilla> References: <2229835.5gRsn0jDSs@casilla> Message-ID: Noted, I've been extremely lacking in time to do work in h3crancid (or many other things) this year so far :( J. On Thu, 7 Mar 2013, Kevin Bonner wrote: > *newly subscribed... sorry for the missing message IDs* > > I've recently setup rancid to monitor several HP A5120 switches and ran into > this same issue. > > My diff for h3crancid is: > --- /home/keb/tmp/h3crancid 2013-03-07 14:57:09.574706088 -0500 > +++ ./h3crancid 2013-02-28 11:40:31.725587845 -0500 > @@ -361,9 +361,16 @@ > # s/\s*---- More ----\s*//; > > # Filter out some sensitive data: > - if (/^( ?snmp-agent community (read|write) )(\S+)/ && > - $filter_commstr == 0) { > - ProcessHistory("","","","!$1$'"); > + if (/^( ?snmp-agent community (read|write) )(\S+)/ && $filter_commstr) { > + ProcessHistory("","","","#$1$'"); > + next; > + } > + if (/^( ?password (?:simple|cipher) )(.*)$/ && $filter_pwds >= 1) { > + ProcessHistory("","","","#$1$'"); > + next; > + } > + if (/^( ?key (?:authentication|accounting) )(.*)$/ && $filter_pwds >= 1) { > + ProcessHistory("","","","#$1$'"); > next; > } > > This diff hides the SNMP community string if requested, hides the user > passwords (both types!), and also hides RADIUS keys. On the HP A5120 switch, > the pound symbol represents a comment line. Not sure if the other models > covered by this script have that same behavior. > > Jethro, if you need someone to test future changes, feel free to contact me. > > Cheers, > -Kevin > > On 2013.02.04 23:23, Jethro R Binks wrote: > > > On Mon, 4 Feb 2013, ignasr at vault13.lt wrote: > > > > > >> I know H3C is not officially supported in rancid, but maybe someone took > > >> the time and already wrote password filtering routines for h3crancid? > > >> > > >> If not, can I get some pointers on where in h3crancid that filtering > > >> should happen? I would use other scripts as examples and write > > >> something. > > > > > > I have a bunch of updates to make to h3crancid at some point. If you can > > > give me samples of the lines where you want the passwords removing and the > > > context, I can take a look at incorporating them. > > > > > > Jethro. > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > . . . . . . . . . . . . . . . . . . . . . . . . . Jethro R Binks, Network Manager, Information Services Directorate, University Of Strathclyde, Glasgow, UK The University of Strathclyde is a charitable body, registered in Scotland, number SC015263. From stephane.mahier at prolival.fr Mon Mar 11 16:31:03 2013 From: stephane.mahier at prolival.fr (Stephane Mahier) Date: Mon, 11 Mar 2013 17:31:03 +0100 (CET) Subject: [rancid] Trouble with rancid-run execution for HP Blades m6220 and m6348 Message-ID: Hi everyone, I?m working on implementing Rancid in my company but I encounter some issues with HP Blades m6220/m6348, while it works perfectly for others devices (mainly Cisco one). First, I didn?t install Dell package because these devices seems to work like cisco one (the script works perfectly for some Dell PC8024), and the m6220/m6348 seems very similar to me. When, as user rancid, I run ?rancid-run ? (where From scrivnerlarry at gmail.com Mon Mar 11 19:43:42 2013 From: scrivnerlarry at gmail.com (Larry Scrivner) Date: Mon, 11 Mar 2013 14:43:42 -0500 Subject: [rancid] rancid mailing list Message-ID: scrivnerlarry at gmail.com -------------- next part -------------- An HTML attachment was scrubbed... URL: From chris at node-nine.com Tue Mar 12 18:38:30 2013 From: chris at node-nine.com (Chris Moody) Date: Tue, 12 Mar 2013 14:38:30 -0400 Subject: [rancid] new RANCID code for Vyatta Message-ID: <513F7626.4060600@node-nine.com> Apologies if it's bad form on this list to reply to old threads, but I found this in the discuss archives from just a couple months back and am hoping to get in touch with the original sender. If anyone has anything relating to this module, please let me know as I'm starting work on the same topic and would love to just help improve upon something already in existence. Cheers, -Chris Original Message: ----------------- Anyone out there using Vyatta boxes and wants to put them into RANCID? Currently, the only people I've seen doing this are using the wrapper rancid and ssh'ing the config file in themselves. I'm putting together a more RANCID-like solution that runs Vyatta CLI commands via non-interactive ssh (requires public key authentication), and it fetches the running config so you will be able to track unsaved changes. So far it does this: show version show hardware dmi show hardware pci show hardware cpu show configuration commands If you have a Vyatta and would like to try this out, please email me off-list. I'll post the code to the list when it stabilizes. -- Ed -------------- next part -------------- An HTML attachment was scrubbed... URL: From adam.korab at gmail.com Tue Mar 12 18:52:21 2013 From: adam.korab at gmail.com (Adam Korab) Date: Tue, 12 Mar 2013 13:52:21 -0500 Subject: [rancid] new RANCID code for Vyatta In-Reply-To: <513F7626.4060600@node-nine.com> References: <513F7626.4060600@node-nine.com> Message-ID: <-7179998029599781265@unknownmsgid> I must have missed the original post, but I'm interested as well. --Adam -- Adam Korab On Mar 12, 2013, at 1:39 PM, Chris Moody wrote: Apologies if it's bad form on this list to reply to old threads, but I found this in the discuss archives from just a couple months back and am hoping to get in touch with the original sender. If anyone has anything relating to this module, please let me know as I'm starting work on the same topic and would love to just help improve upon something already in existence. Cheers, -Chris Original Message: ----------------- Anyone out there using Vyatta boxes and wants to put them into RANCID? Currently, the only people I've seen doing this are using the wrapper rancid and ssh'ing the config file in themselves. I'm putting together a more RANCID-like solution that runs Vyatta CLI commands via non-interactive ssh (requires public key authentication), and it fetches the running config so you will be able to track unsaved changes. So far it does this: show version show hardware dmi show hardware pci show hardware cpu show configuration commands If you have a Vyatta and would like to try this out, please email me off-list. I'll post the code to the list when it stabilizes. -- Ed _______________________________________________ Rancid-discuss mailing list Rancid-discuss at shrubbery.net http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss -------------- next part -------------- An HTML attachment was scrubbed... URL: From eravin at panix.com Wed Mar 13 03:23:29 2013 From: eravin at panix.com (Ed Ravin) Date: Tue, 12 Mar 2013 23:23:29 -0400 Subject: [rancid] new RANCID code for Vyatta In-Reply-To: <513F7626.4060600@node-nine.com> References: <513F7626.4060600@node-nine.com> Message-ID: <20130313032329.GB21613@panix.com> On Tue, Mar 12, 2013 at 02:38:30PM -0400, Chris Moody wrote: > Apologies if it's bad form on this list to reply to old threads, but I > found this in the discuss archives from just a couple months back and > am hoping to get in touch with the original sender. That would be me. The code is available to anyone who wants to try it out. I'm not working with RANCID stuff anymore, so it's not likely to get any further development unless someone else picks up the work. -- Ed From willie at qis.net Tue Mar 19 12:43:14 2013 From: willie at qis.net (Willie Bollinger) Date: Tue, 19 Mar 2013 08:43:14 -0400 Subject: [rancid] Cisco clock warnings Message-ID: <51485D62.30602@qis.net> We recently installed some adsl cards in some cisco routers that we use for out of band management. Ever since we did this we get the following errors from rancid every time it runs. ! !Interface: FastEthernet0/0, AMD Am79c971 ! DTE Unknown (13) TX and RX clocks detected. - ! DTE Unknown (13) TX clock detected. + ! DTE Unknown (13) TX and RX clocks detected. ! !Slot 0: fru C2620 !Slot 0: type C2620 1FE Mainboard, 4 ports !Slot 0: hvers 6.0 rev B0 Is there a way to make rancid ignore these errors or has anybody come across a similar problem? -- -------------------------------------------------------------------------- Willie Bollinger | Quantum Internet and Telecommunications 410-239-6920 | 2975B Manchester Rd., Manchester, MD 21102 -------------------------------------------------------------------------- From kbonner at gmail.com Wed Mar 20 05:04:04 2013 From: kbonner at gmail.com (Kevin Bonner) Date: Wed, 20 Mar 2013 01:04:04 -0400 Subject: [rancid] Cisco clock warnings In-Reply-To: <51485D62.30602@qis.net> References: <51485D62.30602@qis.net> Message-ID: <2668597.dyrV6c1RB8@casilla> Hi Willie, If you're getting the same email on every rancid run, I would suspect that your revision control system is having problems checking in that change. Do the logs for that host / run indicate that rancid had trouble checking in the change to SVN (or CVS)? -Kevin On Tuesday, March 19, 2013 08:43:14 Willie Bollinger wrote: > We recently installed some adsl cards in some cisco routers that we use > for out of band management. Ever since we did this we get the following > errors from rancid every time it runs. > > ! > !Interface: FastEthernet0/0, AMD Am79c971 > ! DTE Unknown (13) TX and RX clocks detected. > - ! DTE Unknown (13) TX clock detected. > + ! DTE Unknown (13) TX and RX clocks detected. > ! > !Slot 0: fru C2620 > !Slot 0: type C2620 1FE Mainboard, 4 ports > !Slot 0: hvers 6.0 rev B0 > > Is there a way to make rancid ignore these errors or has anybody come > across a similar problem? From peo at chalmers.se Thu Mar 21 12:03:42 2013 From: peo at chalmers.se (Per-Olof Olsson) Date: Thu, 21 Mar 2013 13:03:42 +0100 Subject: [rancid] HP procurve Menu logon In-Reply-To: <5134C525.7020506@chalmers.se> References: <1156DBA5-8167-4772-B42B-620AA8D3ED2F@univ-lr.fr> <20130219051133.GC93736@shrubbery.net> <0FD58A9A-E69C-40E8-AC7E-109AB0EF65FF@univ-lr.fr> <20130219183726.GK12440@shrubbery.net> <8E1B0503-040E-4ABF-992E-AA6A16300A9E@univ-lr.fr> <20130220174317.GG58636@shrubbery.net> <51253DEB.9000301@ale.cx> <5125CF67.7000006@chalmers.se> <20130301231945.GU27275@shrubbery.net> <5134C525.7020506@chalmers.se> Message-ID: <514AF71E.7020506@chalmers.se> Not just a small fix make menu login to work. Found some more that I think needs to be fixed. Now tested on some HP's HP2524, H41xx, HP2510, HP2610, HP2620, HP2824, HP2910 och HP2920. Telnet and ssh login to operator and manager level. Ssh key login to manager level. Also tested just hlogin on some Cisco's. Look like have this to work. How will this new hlogin work for agmrancid and srancid that make use of hlogin? Files from rancid 2.8.3. hrancid: - Fix to prevent hrancid from find/parse "Logout"-text from menu. Looks like code is move to WriteTerm and not used any more. - Also include ShowReloadAt just to get a proper diff output. =================================================================== diff -c hrancid.in_ORG hrancid.in_NEW *** hrancid.in_ORG 2012-08-29 13:39:33.060145292 +0200 --- hrancid.in_NEW 2013-03-18 20:18:31.535617594 +0100 *************** *** 168,173 **** --- 168,192 ---- &ipaddrval($a) <=> &ipaddrval($b); } + # This routine parses "show reload at" + sub ShowReloadAt { + print STDERR " In ShowReloadAt: $_" if ($debug); + + while () { + tr/\015//d; + last if (/^$prompt/); + next if (/^(\s*|\s*$cmd\s*)$/); + return(-1) if (/command authorization failed/i); + return(1) if /^(Invalid|Ambiguous) input:/i; + + next if (/ \(in /); + next if (/ reload is not scheduled/); + + ProcessHistory("COMMENTS","keysort","I0",";$_"); + } + return(0); + } + # This routine parses "show config files" sub ShowConfigFiles { print STDERR " In ShowConfigFiles: $_" if ($debug); *************** *** 533,538 **** --- 552,558 ---- {'show module' => 'ShowModule'}, {'show stack' => 'ShowStack'}, {'show tech transceivers' => 'ShowTechTransceivers'}, + {'show reload at' => 'ShowReloadAt'}, {'show config files' => 'ShowConfigFiles'}, {'show config status' => 'ShowConfigStatus'}, {'write term' => 'WriteTerm'} *************** *** 602,614 **** ProcessHistory("COMMENTS","keysort","F0",";\n"); # showstack ProcessHistory("COMMENTS","keysort","G0",";\n"); # showtechtransceivers ProcessHistory("COMMENTS","keysort","H0",";\n"); # showconfigfiles ! ProcessHistory("COMMENTS","keysort","I0",";\n"); TOP: while() { tr/\015//d; ! if (/$prompt\s*(exit|logout)\s*$/i) { ! $clean_run=1; ! last; ! } if (/^Error:/) { print STDOUT ("$host clogin error: $_"); print STDERR ("$host clogin error: $_") if ($debug); --- 622,641 ---- ProcessHistory("COMMENTS","keysort","F0",";\n"); # showstack ProcessHistory("COMMENTS","keysort","G0",";\n"); # showtechtransceivers ProcessHistory("COMMENTS","keysort","H0",";\n"); # showconfigfiles ! ProcessHistory("COMMENTS","keysort","I0",";\n"); # showreloadat ! ProcessHistory("COMMENTS","keysort","J0",";\n"); ! TOP: while() { tr/\015//d; ! ! # Moved to WriteTerm and not removed from here!!! ! ## "Logout" text in menu! Don't look for exit or logout before prompt is defined ! ## if (/$prompt\s*(exit|logout)\s*$/i) { ! # if (defined($prompt) && /$prompt\s*(exit|logout)\s*$/i) { ! # print STDERR ("EXIT:$_") if ($debug); ! # $clean_run=1; ! # last; ! # } if (/^Error:/) { print STDOUT ("$host clogin error: $_"); print STDERR ("$host clogin error: $_") if ($debug); ============================================= hlogin: - Select "Exit to cli" if menu is default for login. Include answer to "save config" prompter before menu is started. - Handle some more error text to speed up exit on error. - Remove/replace code for two inner expect loops to just have a single expect loop for login. Don't like to duplicate expect code into inner loops. - Include fix for "prompt" characters in banner text. Will handle banner text except if it the match "/#\s*($cmds_regexp)\s*$/" in hrancid - Speed up logout. Don't need to use human wait/type speed. ============================================= diff -c hlogin.in_20130318 hlogin.in_NEW *** hlogin.in_20130318 2013-02-27 07:56:51.332898135 +0100 --- hlogin.in_NEW 2013-03-18 20:16:02.286363285 +0100 *************** *** 412,417 **** --- 412,427 ---- send "\r" exp_continue } + "Do you want to save current configuration" { + send "n" + exp_continue + } + # Menu output "" grab all in menu to not match prompter! + -re "(\[0-9])\\. Command Line \$CLI\$.*" { + set menu_exit "$expect_out(1,string)" + send "$menu_exit" + exp_continue + } -re "(Connection refused|Secure connection \[^\n\r]+ refused|Connection closed by)" { catch {close}; catch {wait}; if !$progs { *************** *** 444,450 **** send_user "\nError: host key mismatch for $router. Update the SSH known_hosts file accordingly.\n" return 1 } ! eof { send_user "\nError: Couldn't login\n"; wait; return 1 } -nocase "unknown host\r" { catch {close}; catch {wait}; send_user "\nError: Unknown host\n"; wait; return 1 --- 454,483 ---- send_user "\nError: host key mismatch for $router. Update the SSH known_hosts file accordingly.\n" return 1 } ! "Could not resolve hostname" { ! send_user "\nError: Could not resolve hostname $router\n"; ! catch {close}; catch {wait}; ! return 1 ! } ! eof { ! send_user "\nError: Couldn't login\n"; ! wait; return 1 ! } ! "Permission denied" { ! send_user "\nError: Permission denied. Check your access to $router\n"; ! catch {close}; catch {wait}; ! return 1 ! } ! "Invalid password" { ! send_user "\nError: Invalid password. Check your passwd for $router\n"; ! catch {close}; catch {wait}; ! return 1 ! } ! "Login invalid" { ! send_user "\nError: Invalid login\n"; ! catch {close}; catch {wait}; ! return 1 ! } -nocase "unknown host\r" { catch {close}; catch {wait}; send_user "\nError: Unknown host\n"; wait; return 1 *************** *** 455,473 **** send -- "$passphrase\r" exp_continue } ! -re "$u_prompt" { send -- "$user\r" ! expect { ! eof { send_user "\nError: Couldn't login\n"; wait; return 1 } ! "Login invalid" { send_user "\nError: Invalid login\n"; ! catch {close}; catch {wait}; ! return 1 } ! -re "$p_prompt" { send -- "$userpswd\r" } ! "$prompt" { set in_proc 0; return 0 } ! "Press any key to continue" { ! send " " ! exp_continue ! } ! } exp_continue } -re "$p_prompt" { --- 488,498 ---- send -- "$passphrase\r" exp_continue } ! -re "\[#>]+.*\[\n\r]+" { ! exp_continue ! } ! -re "$u_prompt" { ! send -- "$user\r" exp_continue } -re "$p_prompt" { *************** *** 476,502 **** } else { send -- "$passwd\r" } - expect { - eof { send_user "\nError: Couldn't login\n"; - wait; - return 1 - } - "Press any key to continue" { - send " "; - exp_continue - } - -re "$e_prompt" { send -- "$enapasswd\r" } - "$prompt" { set in_proc 0; - return 0 - } - } exp_continue } ! "$prompt" { break; } ! denied { send_user "\nError: Check your passwd for $router\n" ! catch {close}; catch {wait}; return 1 ! } ! "% Bad passwords" {send_user "\nError: Check your passwd for $router\n"; return 1 } } } --- 501,519 ---- } else { send -- "$passwd\r" } exp_continue } ! "$prompt" { ! break ! } ! denied { ! send_user "\nError: Check your passwd for $router\n" ! catch {close}; catch {wait}; return 1 ! } ! "% Bad passwords" { ! send_user "\nError: Check your passwd for $router\n" ! return 1 ! } } } *************** *** 583,589 **** } } log_user 1 ! send -h "logout\r" expect { "Do you want to save current configuration" { if {$do_saveconfig} { --- 600,606 ---- } } log_user 1 ! send "logout\r" expect { "Do you want to save current configuration" { if {$do_saveconfig} { ============================================= On 03/04/2013 05:00 PM, Per-Olof Olsson wrote: > On 03/02/2013 12:19 AM, heasley wrote: >> Thu, Feb 21, 2013 at 08:40:23AM +0100, Per-Olof Olsson: >>> Alex DEKKER skrev 02/20/2013 10:19 PM: >>>> On 20/02/13 17:43, heasley wrote: >>>>> btw, is this menu a standard thing with procurves? I've never seen it, >>>>> but the one that i have is a lower-end model. >>>> It's not the default on current Procurves, you can access it with 'menu'. From what Marc >>>> is saying, it sounds like there is a way to make it go straight into the menu on login for >>>> a given username. >>>> >>>> alexd >>>> _______________________________________________ >>>> Rancid-discuss mailing list >>>> Rancid-discuss at shrubbery.net >>>> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss >>> >>> Only setting I found for this is in "8. Run Setup" menu >>> where you select "Logon Default" to "CLI" or "Menu" >> >> Would you propose a patch for this, since you can test it? > > Yes but it will take some time to have it to work and is fully tested. > > telnet/ssh login to manager and/or operator level > ssh key-login > and some switch types. > > "5" only works if you do direct login to manager level. > Login to operator level needs "3" for "CLI exit". > > And one more thing. > When you start menu mode and not saved config > "Do you want to save current configuration"-prompt > shows up before menu is started, even at login. > > ... > > Have part of it working but not all. > >> >>> /Peo >>> ---------------------------------------------------------- >>> Per-Olof Olsson Email: peo at chalmers.se >>> Chalmers tekniska h?gskola IT-service >>> H?rsalsv?gen 5 412 96 G?teborg >>> Tel: 031/772 6738 Fax: 031/772 8660 >>> ---------------------------------------------------------- >>> _______________________________________________ >>> Rancid-discuss mailing list >>> Rancid-discuss at shrubbery.net >>> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > > > /Peo > > > > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > From daniel.schmidt at wyo.gov Wed Mar 27 16:59:12 2013 From: daniel.schmidt at wyo.gov (Daniel Schmidt) Date: Wed, 27 Mar 2013 10:59:12 -0600 Subject: [rancid] FW: NX-OS sap: Message-ID: Sorry, I did try to open a tac case, but without a way to accurately recreate it, it was too time consuming/infuriating to resolve. They did figure it was likely related to the #$(@* half a dozen snmp servers all querying my device. But, for the record: I did try to make Cisco fix it. Anybody else experiencing this and motivated enough to look into it, please contact me. -----Original Message----- From: Daniel Schmidt [mailto:daniel.schmidt at wyo.gov] Sent: Thursday, March 07, 2013 2:08 PM To: 'heasley' Cc: 'rancid-discuss at shrubbery.net' Subject: RE: [rancid] NX-OS sap: Thanks, I may open a tac case out of curiosity. -----Original Message----- From: heasley [mailto:heas at shrubbery.net] Sent: Thursday, February 28, 2013 2:57 PM To: Daniel Schmidt Cc: rancid-discuss at shrubbery.net Subject: Re: [rancid] NX-OS sap: Tue, Feb 26, 2013 at 08:48:21AM -0700, Daniel Schmidt: > Anybody else getting this spurious diff? > > > > + !DEBUG: Could not retrieve info from application sap:28 : Timer > + expired > > > > Might have been discussed before ? apologies if I missed it. i've not noticed anyone mention that before. you'd want something like this...and a TAC ticket. Index: bin/nxrancid.in =================================================================== --- bin/nxrancid.in (revision 2663) +++ bin/nxrancid.in (working copy) @@ -589,6 +589,7 @@ return(1) if /(Invalid input detected|Type help or )/; return(-1) if (/\% Invalid command at /); return(-1) if (/command authorization failed/i); + return(-1) if (/could not retrieve info/i); # XXX return(-1) if (/\% Permission denied/); # NX 5000 bug? "show debug" generates # "Permission denied" when using command authorization. -Per-Olof Olsson E-Mail to and from me, in connection with the transaction of public business, is subject to the Wyoming Public Records Act and may be disclosed to third parties. From gfleming at srk.com Wed Mar 27 17:07:29 2013 From: gfleming at srk.com (Fleming, Graham) Date: Wed, 27 Mar 2013 17:07:29 +0000 Subject: [rancid] Dell Switches with "K" in the host name fail Message-ID: Hello everyone, I'm using the drancid and dlogin scripts from here: http://web.rickyninja.net:81/rancid/ Everything works OK except any Powerconnect switches that have the letter "K" in their hostname will fail. In debugging I notice the script deletes any instance of the K from the prompt so it never matches the prompt and never knows when commands are finished. Therefore, at the end of the script it errors out with: ": missed cmd(s): show version,show running-config,show vlan found_end = 0, clean_run = 0 : End of run not found" Any ideas would be great thanks. From hpatil at securview.com Thu Mar 28 06:05:27 2013 From: hpatil at securview.com (Harshal Patil) Date: Thu, 28 Mar 2013 02:05:27 -0400 Subject: [rancid] Rancid GUI Message-ID: <0B58A828ECF5874E8AF69053B9DB65A9357153F8CB@USNJ01EXC001> Hi, I have installed Rancid software linux base software which takes backup of devices automatically on one my Server but i need to access these devices configuration by GUI. Someone suggested that it would be possible through FreeBSD . So i need your help regarding this situation that where i can get full information that how to install FreeBSD on Rancid. I am looking forward your response soon Regards Harshal ________________________________ Confidentiality: This e-mail and any attachments may be confidential and may also be privileged. If you are not an intended named recipient, please notify the sender immediately and do not disclose the contents to another person use it for any purpose, or store or copy the information in any medium. -------------- next part -------------- An HTML attachment was scrubbed... URL: From peo at chalmers.se Thu Mar 28 09:03:08 2013 From: peo at chalmers.se (Per-Olof Olsson) Date: Thu, 28 Mar 2013 10:03:08 +0100 Subject: [rancid] More ESC-codes used in HP2920 switches. Message-ID: <5154074C.6030104@chalmers.se> Hello New HP2920-switches also use [6n (Ansi u7, user7 code). To prevent from use and echo esc codes add it to hpuifilter.c filter list. [rancid at stats2 bin]$ diff -c hpuifilter.c_ORG hpuifilter.c *** hpuifilter.c_ORG 2010-08-10 03:24:40.000000000 +0200 --- hpuifilter.c 2013-03-25 08:36:34.396596378 +0100 *************** *** 534,540 **** filter(char *buf, int len) { static regmatch_t pmatch[1]; ! #define N_REG 15 /* number of regexes in reg[][] */ #define N_CRs 2 /* number of CR replacements */ static regex_t preg[N_REG]; static char reg[N_REG][50] = { /* vt100/220 escape codes */ --- 539,545 ---- filter(char *buf, int len) { static regmatch_t pmatch[1]; ! #define N_REG 16 /* number of regexes in reg[][] */ #define N_CRs 2 /* number of CR replacements */ static regex_t preg[N_REG]; static char reg[N_REG][50] = { /* vt100/220 escape codes */ *************** *** 553,558 **** --- 558,564 ---- "\x1B\\[\\?25l", /* vi */ "\x1B\\[K", /* ce */ "\x1B\\[7m", /* mr - ansi */ + "\x1B\\[6n", /* u7 - ansi */ "\x07", /* bell */ /* replace these with CR */ /Peo ---------------------------------------------------------- Per-Olof Olsson Email: peo at chalmers.se Chalmers tekniska h?gskola IT-service H?rsalsv?gen 5 412 96 G?teborg Tel: 031/772 6738 Fax: 031/772 8660 ---------------------------------------------------------- From shouldbeq931 at gmail.com Thu Mar 28 11:05:00 2013 From: shouldbeq931 at gmail.com (shouldbeq931) Date: Thu, 28 Mar 2013 11:05:00 +0000 Subject: [rancid] Rancid GUI In-Reply-To: <0B58A828ECF5874E8AF69053B9DB65A9357153F8CB@USNJ01EXC001> References: <0B58A828ECF5874E8AF69053B9DB65A9357153F8CB@USNJ01EXC001> Message-ID: <962CA261-019E-47EF-9E28-D00D94D82D8A@gmail.com> I use viewvc Cheers Arne Sent on the move On 28 Mar 2013, at 06:05, Harshal Patil wrote: > Hi, > > I have installed Rancid software linux base software which takes backup of devices automatically on one my Server but i need to access these devices configuration by GUI. Someone suggested that it would be possible through FreeBSD . > So i need your help regarding this situation that where i can get full information that how to install FreeBSD on Rancid. > I am looking forward your response soon > > Regards > Harshal > > Confidentiality: This e-mail and any attachments may be confidential and may also be privileged. If you are not an intended named recipient, please notify the sender immediately and do not disclose the contents to another person use it for any purpose, or store or copy the information in any medium. > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss -------------- next part -------------- An HTML attachment was scrubbed... URL: From howie at thingy.com Thu Mar 28 11:13:57 2013 From: howie at thingy.com (Howard Jones) Date: Thu, 28 Mar 2013 11:13:57 +0000 Subject: [rancid] Rancid GUI In-Reply-To: <0B58A828ECF5874E8AF69053B9DB65A9357153F8CB@USNJ01EXC001> References: <0B58A828ECF5874E8AF69053B9DB65A9357153F8CB@USNJ01EXC001> Message-ID: <515425F5.6060709@thingy.com> On 28/03/2013 06:05, Harshal Patil wrote: > Hi, > I have installed Rancid software linux base software which > takes backup of devices automatically on one my Server but i need to > access these devices configuration by GUI. Someone suggested that it > would be possible through FreeBSD . > So i need your help regarding this situation that where i can get > full information that how to install FreeBSD on Rancid. > You don't need FreeBSD - all you need is a web-based viewer for CVS (or Subversion if you enabled that option in RANCID). http://www.viewvc.org/ supports CVS and Subversion. There isn't a GUI for *configuring* RANCID though. From mwlucas at blackhelicopters.org Thu Mar 28 11:40:39 2013 From: mwlucas at blackhelicopters.org (Michael W. Lucas) Date: Thu, 28 Mar 2013 07:40:39 -0400 Subject: [rancid] Rancid GUI In-Reply-To: <0B58A828ECF5874E8AF69053B9DB65A9357153F8CB@USNJ01EXC001> References: <0B58A828ECF5874E8AF69053B9DB65A9357153F8CB@USNJ01EXC001> Message-ID: <20130328114038.GA2248@bewilderbeast.blackhelicopters.org> Hello, rancid only backs up devices that can be configured via command line. If you're looking for a GUI interface to the data on your rancid server, look at cvsweb. ==ml On Thu, Mar 28, 2013 at 02:05:27AM -0400, Harshal Patil wrote: > Hi, > > I have installed Rancid software linux base software which takes backup > of devices automatically on one my Server but i need to access these > devices configuration by GUI. Someone suggested that it would be possible > through FreeBSD . > So i need your help regarding this situation that where i can get > full information that how to install FreeBSD on Rancid. > I am looking forward your response soon > > Regards > Harshal > > -------------------------------------------------------------------------- > > Confidentiality: This e-mail and any attachments may be confidential and > may also be privileged. If you are not an intended named recipient, please > notify the sender immediately and do not disclose the contents to another > person use it for any purpose, or store or copy the information in any > medium. > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss -- Michael W. Lucas - mwlucas at michaelwlucas.com, Twitter @mwlauthor http://www.MichaelWLucas.com/, http://blather.MichaelWLucas.com/ Latest book: Absolute OpenBSD 2/e - http://www.nostarch.com/openbsd2e coupon code "ILUVMICHAEL" gets you 30% off & helps me. From smadel at solutionary.com Thu Mar 28 13:25:14 2013 From: smadel at solutionary.com (Steve Madel) Date: Thu, 28 Mar 2013 08:25:14 -0500 Subject: [rancid] Rancid GUI In-Reply-To: <0B58A828ECF5874E8AF69053B9DB65A9357153F8CB@USNJ01EXC001> References: <0B58A828ECF5874E8AF69053B9DB65A9357153F8CB@USNJ01EXC001> Message-ID: <515444BA.1050003@solutionary.com> You could use viewvc for this to view the diffs through a web gui. Information is here. http://www.gossamer-threads.com/lists/rancid/users/2841 On 03/28/2013 01:05 AM, Harshal Patil wrote: > Hi, > I have installed Rancid software linux base software which > takes backup of devices automatically on one my Server but i need to > access these devices configuration by GUI. Someone suggested that it > would be possible through FreeBSD . > So i need your help regarding this situation that where i can get > full information that how to install FreeBSD on Rancid. > I am looking forward your response soon > Regards > Harshal > > ------------------------------------------------------------------------ > Confidentiality: This e-mail and any attachments may be confidential > and may also be privileged. If you are not an intended named > recipient, please notify the sender immediately and do not disclose > the contents to another person use it for any purpose, or store or > copy the information in any medium. -------------- next part -------------- An HTML attachment was scrubbed... URL: From mwlucas at blackhelicopters.org Thu Mar 28 14:03:56 2013 From: mwlucas at blackhelicopters.org (Michael W. Lucas) Date: Thu, 28 Mar 2013 10:03:56 -0400 Subject: [rancid] Rancid GUI In-Reply-To: <0B58A828ECF5874E8AF69053B9DB65A9357153F8CE@USNJ01EXC001> References: <0B58A828ECF5874E8AF69053B9DB65A9357153F8CB@USNJ01EXC001> <20130328114038.GA2248@bewilderbeast.blackhelicopters.org> <0B58A828ECF5874E8AF69053B9DB65A9357153F8CE@USNJ01EXC001> Message-ID: <20130328140355.GA2730@bewilderbeast.blackhelicopters.org> Web server error. Check the error logs. Debugging a web server varies widely depending on which web server, which OS, which version of Perl, etc etc etc. I'd ask on a support forum specializing in your platform. On Thu, Mar 28, 2013 at 09:29:48AM -0400, Harshal Patil wrote: > Hi, > > I have already installed 'cvsweb' packeage and also modified "CVS > repository" in cvsweb. > however currently i m receiving error that "The requested URL > /cgi-bin/cvsweb was not found on this server" . > Could you please help in regarding where issue exactly lies. > > Thanks > > Harshal > > ________________________________________ > From: Michael W. Lucas [mwlucas at blackhelicopters.org] > Sent: Thursday, March 28, 2013 7:40 AM > To: Harshal Patil > Cc: rancid-discuss at shrubbery.net > Subject: Re: [rancid] Rancid GUI > > Hello, > > rancid only backs up devices that can be configured via command line. > > If you're looking for a GUI interface to the data on your rancid > server, look at cvsweb. > > ==ml > > On Thu, Mar 28, 2013 at 02:05:27AM -0400, Harshal Patil wrote: > > Hi, > > > > I have installed Rancid software linux base software which takes > backup > > of devices automatically on one my Server but i need to access these > > devices configuration by GUI. Someone suggested that it would be > possible > > through FreeBSD . > > So i need your help regarding this situation that where i can > get > > full information that how to install FreeBSD on Rancid. > > I am looking forward your response soon > > > > Regards > > Harshal > > > > > -------------------------------------------------------------------------- > > > > Confidentiality: This e-mail and any attachments may be confidential > and > > may also be privileged. If you are not an intended named recipient, > please > > notify the sender immediately and do not disclose the contents to > another > > person use it for any purpose, or store or copy the information in > any > > medium. > > > _______________________________________________ > > Rancid-discuss mailing list > > Rancid-discuss at shrubbery.net > > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > > -- > Michael W. Lucas - mwlucas at michaelwlucas.com, Twitter @mwlauthor > http://www.MichaelWLucas.com/, http://blather.MichaelWLucas.com/ > Latest book: Absolute OpenBSD 2/e - http://www.nostarch.com/openbsd2e > coupon code "ILUVMICHAEL" gets you 30% off & helps me. > > -------------------------------------------------------------------------- > > Confidentiality: This e-mail and any attachments may be confidential and > may also be privileged. If you are not an intended named recipient, please > notify the sender immediately and do not disclose the contents to another > person use it for any purpose, or store or copy the information in any > medium. -- Michael W. Lucas - mwlucas at michaelwlucas.com, Twitter @mwlauthor http://www.MichaelWLucas.com/, http://blather.MichaelWLucas.com/ Latest book: Absolute OpenBSD 2/e - http://www.nostarch.com/openbsd2e coupon code "ILUVMICHAEL" gets you 30% off & helps me. From willie.s.hinote at nasa.gov Thu Mar 28 14:09:50 2013 From: willie.s.hinote at nasa.gov (Hinote, Scotty (MSFC-IS40)[NICS]) Date: Thu, 28 Mar 2013 09:09:50 -0500 Subject: [rancid] Rancid GUI In-Reply-To: <0B58A828ECF5874E8AF69053B9DB65A9357153F8CB@USNJ01EXC001> References: <0B58A828ECF5874E8AF69053B9DB65A9357153F8CB@USNJ01EXC001> Message-ID: <8420D9D639CBE744B778A8916DFFC90FF8261B8C8F@NDMSSCC08.ndc.nasa.gov> Hi Harshal, FreeBSD RANCID install. The article below should list all of the steps needed to install RANCID from ports which is the basic setup. http://uberbruco.wordpress.com/2009/07/09/rancid-on-freebsd/ OpenGrok GUI. I run this on my RHEL servers. It is Java and needs Tomcat to host the webapp but it has a lot of nice features like search which some other GUIs do not. You simply untar it and move it to where you want it reside on the server. It has a deploy option which sets up the app for Tomcat and an index option which you have to run for indexing RANCID's files once they are checked out using subversion. This is a lot more complicated than some other options but you do get extra features. If you are interested in more details I can help you with setup and hooking it into RANCID's subversion. http://opengrok.github.com/OpenGrok/ WebSVN GUI. I used this at first because it is incredibly easy to setup and it works with your subversion directory automatically. It does not require checking out its own subversion copy from RANCID but it has no search capability. You should be able to start with number 8 in the article since the repository is already created by RANCID. http://tgrove.com/2010/10/26/installing-subversion-on-freebsd-from-ports/ If you want something quick and easy to support I would install WebSVN. If you need searching capabilities you will have to use OpenGrok. Other options are desktop clients like TortoiseSVN and NetBeans that users can install themselves. You would only need to setup webdav for Apache and hook it into subversion which is really simple. I hope this helps. If you have questions let me know and I will try to help as much as I can. Regards, Scotty From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Harshal Patil Sent: Thursday, March 28, 2013 1:05 AM To: rancid-discuss at shrubbery.net Subject: [rancid] Rancid GUI Hi, I have installed Rancid software linux base software which takes backup of devices automatically on one my Server but i need to access these devices configuration by GUI. Someone suggested that it would be possible through FreeBSD . So i need your help regarding this situation that where i can get full information that how to install FreeBSD on Rancid. I am looking forward your response soon Regards Harshal ________________________________ Confidentiality: This e-mail and any attachments may be confidential and may also be privileged. If you are not an intended named recipient, please notify the sender immediately and do not disclose the contents to another person use it for any purpose, or store or copy the information in any medium. -------------- next part -------------- An HTML attachment was scrubbed... URL: From daniel.schmidt at wyo.gov Thu Mar 28 16:13:06 2013 From: daniel.schmidt at wyo.gov (Daniel Schmidt) Date: Thu, 28 Mar 2013 10:13:06 -0600 Subject: [rancid] Rancid GUI In-Reply-To: <20130328114038.GA2248@bewilderbeast.blackhelicopters.org> References: <0B58A828ECF5874E8AF69053B9DB65A9357153F8CB@USNJ01EXC001> <20130328114038.GA2248@bewilderbeast.blackhelicopters.org> Message-ID: I second ol' fashion cvsweb. Easier to setup than viewvc, and just as useful. -----Original Message----- From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Michael W. Lucas Sent: Thursday, March 28, 2013 5:41 AM To: Harshal Patil Cc: rancid-discuss at shrubbery.net Subject: Re: [rancid] Rancid GUI Hello, rancid only backs up devices that can be configured via command line. If you're looking for a GUI interface to the data on your rancid server, look at cvsweb. ==ml On Thu, Mar 28, 2013 at 02:05:27AM -0400, Harshal Patil wrote: > Hi, > > I have installed Rancid software linux base software which takes backup > of devices automatically on one my Server but i need to access these > devices configuration by GUI. Someone suggested that it would be possible > through FreeBSD . > So i need your help regarding this situation that where i can get > full information that how to install FreeBSD on Rancid. > I am looking forward your response soon > > Regards > Harshal > > > ---------------------------------------------------------------------- > ---- > > Confidentiality: This e-mail and any attachments may be confidential and > may also be privileged. If you are not an intended named recipient, please > notify the sender immediately and do not disclose the contents to another > person use it for any purpose, or store or copy the information in any > medium. > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss -- Michael W. Lucas - mwlucas at michaelwlucas.com, Twitter @mwlauthor http://www.MichaelWLucas.com/, http://blather.MichaelWLucas.com/ Latest book: Absolute OpenBSD 2/e - http://www.nostarch.com/openbsd2e coupon code "ILUVMICHAEL" gets you 30% off & helps me. _______________________________________________ Rancid-discuss mailing list Rancid-discuss at shrubbery.net http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss E-Mail to and from me, in connection with the transaction of public business, is subject to the Wyoming Public Records Act and may be disclosed to third parties. From tosimpson at forchtgroup.com Thu Mar 28 16:15:19 2013 From: tosimpson at forchtgroup.com (Tom Simpson) Date: Thu, 28 Mar 2013 12:15:19 -0400 Subject: [rancid] Rancid GUI In-Reply-To: References: <0B58A828ECF5874E8AF69053B9DB65A9357153F8CB@USNJ01EXC001> <20130328114038.GA2248@bewilderbeast.blackhelicopters.org> Message-ID: TortoiseSVN works as well from a windows client.... Thanks, Tom Simpson Sent from my iPhone On Mar 28, 2013, at 12:13 PM, "Daniel Schmidt" wrote: > I second ol' fashion cvsweb. Easier to setup than viewvc, and just as > useful. > > -----Original Message----- > From: rancid-discuss-bounces at shrubbery.net > [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Michael W. > Lucas > Sent: Thursday, March 28, 2013 5:41 AM > To: Harshal Patil > Cc: rancid-discuss at shrubbery.net > Subject: Re: [rancid] Rancid GUI > > > Hello, > > rancid only backs up devices that can be configured via command line. > > If you're looking for a GUI interface to the data on your rancid server, > look at cvsweb. > > ==ml > > On Thu, Mar 28, 2013 at 02:05:27AM -0400, Harshal Patil wrote: >> Hi, >> >> I have installed Rancid software linux base software which takes > backup >> of devices automatically on one my Server but i need to access these >> devices configuration by GUI. Someone suggested that it would be > possible >> through FreeBSD . >> So i need your help regarding this situation that where i can > get >> full information that how to install FreeBSD on Rancid. >> I am looking forward your response soon >> >> Regards >> Harshal >> >> >> ---------------------------------------------------------------------- >> ---- >> >> Confidentiality: This e-mail and any attachments may be confidential > and >> may also be privileged. If you are not an intended named recipient, > please >> notify the sender immediately and do not disclose the contents to > another >> person use it for any purpose, or store or copy the information in > any >> medium. > >> _______________________________________________ >> Rancid-discuss mailing list >> Rancid-discuss at shrubbery.net >> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > > > -- > Michael W. Lucas - mwlucas at michaelwlucas.com, Twitter @mwlauthor > http://www.MichaelWLucas.com/, http://blather.MichaelWLucas.com/ Latest > book: Absolute OpenBSD 2/e - http://www.nostarch.com/openbsd2e coupon code > "ILUVMICHAEL" gets you 30% off & helps me. > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > > E-Mail to and from me, in connection with the transaction > of public business, is subject to the Wyoming Public Records > Act and may be disclosed to third parties. > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss CONFIDENTIALITY NOTICE: This message contains confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. E-mail transmission cannot be guaranteed to be secure or error-free as information could be intercepted, corrupted, lost, destroyed, arrive late or incomplete, or contain viruses. The sender therefore does not accept liability for any errors or omissions in the contents of this message, which arise as a result of e-mail transmission. If verification is required please request a hard-copy version. Forcht Group IT, 2400 South Main Street, Corbin, Ky. From rwest at zyedge.com Thu Mar 28 16:20:12 2013 From: rwest at zyedge.com (Ryan West) Date: Thu, 28 Mar 2013 16:20:12 +0000 Subject: [rancid] Rancid GUI In-Reply-To: References: <0B58A828ECF5874E8AF69053B9DB65A9357153F8CB@USNJ01EXC001> <20130328114038.GA2248@bewilderbeast.blackhelicopters.org>

Message-ID: <8903D0A8F70EA74FBE57CA9B846B42C0565F3C16@ZY-MBX1.zyedge.local> On Thu, Mar 28, 2013 at 12:15:19, Tom Simpson wrote: > Cc: Harshal Patil; rancid-discuss at shrubbery.net > Subject: Re: [rancid] Rancid GUI > > TortoiseSVN works as well from a windows client.... > > Thanks, > Tom Simpson > > Sent from my iPhone > > On Mar 28, 2013, at 12:13 PM, "Daniel Schmidt" > > wrote: > > > I second ol' fashion cvsweb. Easier to setup than viewvc, and just > > as useful. > > Websvn here. From tehpopa at gmail.com Fri Mar 29 17:06:16 2013 From: tehpopa at gmail.com (Justin Popa) Date: Fri, 29 Mar 2013 10:06:16 -0700 Subject: [rancid] Cisco ASA in Rancid Message-ID: I've set up a handful of Cisco switches and routers inside Rancid without issue. Unfortunately I cannot get rancid talking to my ASA 5520 no matter what I do. 1) I've checked to make sure that the ASA has the IP of the rancid server allowed to SSH. 2) I tested sshing to the ASA from the rancid server, which worked as expected. 3) I verified the login settings in my cloginrc file, and confirmed the dns name was correct in routers.db. 4) I did a "./clogin -u rancidusername -p r3gularp4ss -e en4blep4ss -c "sh ver" thisismyasa.domain.com" which properly returned a "sh ver" from the ASA. However, despite everything looking normal, when I run "rancid-run" I do not receive alerts about rancid being able to connect to the ASA, nor does the config file in /rancidpath/var/corp/configs/ populate with the ASA's configuration file. It does create a file for the ASA in that directory, but it's 0k. Anyone have any thoughts? -------------- next part -------------- An HTML attachment was scrubbed... URL: From mwlucas at blackhelicopters.org Fri Mar 29 20:00:29 2013 From: mwlucas at blackhelicopters.org (Michael W. Lucas) Date: Fri, 29 Mar 2013 16:00:29 -0400 Subject: [rancid] Cisco ASA in Rancid In-Reply-To: References: Message-ID: <20130329200029.GA8528@bewilderbeast.blackhelicopters.org> Check your log files. Timeouts? You can also do rancid-run -r routername to run rancid on just the one host, to separate out debugging in the log. On Fri, Mar 29, 2013 at 10:06:16AM -0700, Justin Popa wrote: > I've set up a handful of Cisco switches and routers inside Rancid without > issue. Unfortunately I cannot get rancid talking to my ASA 5520 no matter > what I do. > 1) I've checked to make sure that the ASA has the IP of the rancid server > allowed to SSH. > 2) I tested sshing to the ASA from the rancid server, which worked as > expected. > 3) I verified the login settings in my cloginrc file, and confirmed the > dns name was correct in routers.db. > 4) I did a "./clogin -u rancidusername -p r3gularp4ss -e en4blep4ss -c "sh > ver" [1]thisismyasa.domain.com" which properly returned a "sh ver" from > the ASA. > However, despite everything looking normal, when I run "rancid-run" I do > not receive alerts about rancid being able to connect to the ASA, nor does > the config file in /rancidpath/var/corp/configs/ populate with the ASA's > configuration file. It does create a file for the ASA in that directory, > but it's 0k. > Anyone have any thoughts? > > References > > Visible links > 1. http://thisismyasa.domain.com/ > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss -- Michael W. Lucas - mwlucas at michaelwlucas.com, Twitter @mwlauthor http://www.MichaelWLucas.com/, http://blather.MichaelWLucas.com/ Latest book: Absolute OpenBSD 2/e - http://www.nostarch.com/openbsd2e coupon code "ILUVMICHAEL" gets you 30% off & helps me. From rwest at zyedge.com Fri Mar 29 22:01:40 2013 From: rwest at zyedge.com (Ryan West) Date: Fri, 29 Mar 2013 22:01:40 +0000 Subject: [rancid] Cisco ASA in Rancid In-Reply-To: <20130329200029.GA8528@bewilderbeast.blackhelicopters.org> References: <20130329200029.GA8528@bewilderbeast.blackhelicopters.org> Message-ID: <8903D0A8F70EA74FBE57CA9B846B42C0565F9470@ZY-MBX1.zyedge.local> On Fri, Mar 29, 2013 at 16:00:29, Michael W. Lucas wrote: > Cc: rancid-discuss at shrubbery.net > Subject: Re: [rancid] Cisco ASA in Rancid > > > Check your log files. Timeouts? > .com" which properly returned a "sh ver" from > > the ASA. > > However, despite everything looking normal, when I run "rancid-run" I do > > not receive alerts about rancid being able to connect to the ASA, nor does > > the config file in /rancidpath/var/corp/configs/ populate with the ASA's > > configuration file. It does create a file for the ASA in that directory, > > but it's 0k. > > Anyone have any thoughts? Can you post your .cloginrc, sanitized of course. -ryan From tosimpson at forchtgroup.com Fri Mar 29 22:03:26 2013 From: tosimpson at forchtgroup.com (Tom Simpson) Date: Fri, 29 Mar 2013 22:03:26 +0000 Subject: [rancid] Cisco ASA in Rancid In-Reply-To: <8903D0A8F70EA74FBE57CA9B846B42C0565F9470@ZY-MBX1.zyedge.local> References: <20130329200029.GA8528@bewilderbeast.blackhelicopters.org>, <8903D0A8F70EA74FBE57CA9B846B42C0565F9470@ZY-MBX1.zyedge.local> Message-ID: <28E3BE4F-97BF-4490-B19C-E40AEACD5C0D@forchtgroup.com> Are you switching to enable mode when you login? Or more to the point so you enable it in .cloginrc? Thanks, Tom Simpson Sent from my iPhone On Mar 29, 2013, at 6:02 PM, "Ryan West" wrote: > On Fri, Mar 29, 2013 at 16:00:29, Michael W. Lucas wrote: >> Cc: rancid-discuss at shrubbery.net >> Subject: Re: [rancid] Cisco ASA in Rancid >> >> >> Check your log files. Timeouts? > .com" which properly returned a "sh ver" from >>> the ASA. >>> However, despite everything looking normal, when I run "rancid-run" I do >>> not receive alerts about rancid being able to connect to the ASA, nor does >>> the config file in /rancidpath/var/corp/configs/ populate with the ASA's >>> configuration file. It does create a file for the ASA in that directory, >>> but it's 0k. >>> Anyone have any thoughts? > > Can you post your .cloginrc, sanitized of course. > > -ryan > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss ________________________________ CONFIDENTIALITY NOTICE: This message contains confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. E-mail transmission cannot be guaranteed to be secure or error-free as information could be intercepted, corrupted, lost, destroyed, arrive late or incomplete, or contain viruses. The sender therefore does not accept liability for any errors or omissions in the contents of this message, which arise as a result of e-mail transmission. If verification is required please request a hard-copy version. Forcht Group IT, 2400 South Main Street, Corbin, Ky. From hpatil at securview.com Thu Mar 28 11:35:09 2013 From: hpatil at securview.com (Harshal Patil) Date: Thu, 28 Mar 2013 07:35:09 -0400 Subject: [rancid] Rancid GUI In-Reply-To: <962CA261-019E-47EF-9E28-D00D94D82D8A@gmail.com> References: <0B58A828ECF5874E8AF69053B9DB65A9357153F8CB@USNJ01EXC001>, <962CA261-019E-47EF-9E28-D00D94D82D8A@gmail.com> Message-ID: <0B58A828ECF5874E8AF69053B9DB65A9357153F8CC@USNJ01EXC001> Hi Ame, Thanks for the information. i will check Viewvc software whether it will work or not. Could you please share if you have any document or any web link that guide how to install Viewvc software on rancid. Thanks Harshal ________________________________ From: shouldbeq931 [shouldbeq931 at gmail.com] Sent: Thursday, March 28, 2013 7:05 AM To: rancid-discuss at shrubbery.net Cc: Harshal Patil Subject: Re: [rancid] Rancid GUI I use viewvc Cheers Arne Sent on the move On 28 Mar 2013, at 06:05, Harshal Patil > wrote: Hi, I have installed Rancid software linux base software which takes backup of devices automatically on one my Server but i need to access these devices configuration by GUI. Someone suggested that it would be possible through FreeBSD . So i need your help regarding this situation that where i can get full information that how to install FreeBSD on Rancid. I am looking forward your response soon Regards Harshal ________________________________ Confidentiality: This e-mail and any attachments may be confidential and may also be privileged. If you are not an intended named recipient, please notify the sender immediately and do not disclose the contents to another person use it for any purpose, or store or copy the information in any medium. _______________________________________________ Rancid-discuss mailing list Rancid-discuss at shrubbery.net http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss ________________________________ Confidentiality: This e-mail and any attachments may be confidential and may also be privileged. If you are not an intended named recipient, please notify the sender immediately and do not disclose the contents to another person use it for any purpose, or store or copy the information in any medium. -------------- next part -------------- An HTML attachment was scrubbed... URL: From hpatil at securview.com Thu Mar 28 13:29:48 2013 From: hpatil at securview.com (Harshal Patil) Date: Thu, 28 Mar 2013 09:29:48 -0400 Subject: [rancid] Rancid GUI In-Reply-To: <20130328114038.GA2248@bewilderbeast.blackhelicopters.org> References: <0B58A828ECF5874E8AF69053B9DB65A9357153F8CB@USNJ01EXC001>, <20130328114038.GA2248@bewilderbeast.blackhelicopters.org> Message-ID: <0B58A828ECF5874E8AF69053B9DB65A9357153F8CE@USNJ01EXC001> Hi, I have already installed 'cvsweb' packeage and also modified "CVS repository" in cvsweb. however currently i m receiving error that "The requested URL /cgi-bin/cvsweb was not found on this server" . Could you please help in regarding where issue exactly lies. Thanks Harshal ________________________________________ From: Michael W. Lucas [mwlucas at blackhelicopters.org] Sent: Thursday, March 28, 2013 7:40 AM To: Harshal Patil Cc: rancid-discuss at shrubbery.net Subject: Re: [rancid] Rancid GUI Hello, rancid only backs up devices that can be configured via command line. If you're looking for a GUI interface to the data on your rancid server, look at cvsweb. ==ml On Thu, Mar 28, 2013 at 02:05:27AM -0400, Harshal Patil wrote: > Hi, > > I have installed Rancid software linux base software which takes backup > of devices automatically on one my Server but i need to access these > devices configuration by GUI. Someone suggested that it would be possible > through FreeBSD . > So i need your help regarding this situation that where i can get > full information that how to install FreeBSD on Rancid. > I am looking forward your response soon > > Regards > Harshal > > -------------------------------------------------------------------------- > > Confidentiality: This e-mail and any attachments may be confidential and > may also be privileged. If you are not an intended named recipient, please > notify the sender immediately and do not disclose the contents to another > person use it for any purpose, or store or copy the information in any > medium. > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss -- Michael W. Lucas - mwlucas at michaelwlucas.com, Twitter @mwlauthor http://www.MichaelWLucas.com/, http://blather.MichaelWLucas.com/ Latest book: Absolute OpenBSD 2/e - http://www.nostarch.com/openbsd2e coupon code "ILUVMICHAEL" gets you 30% off & helps me. ________________________________ Confidentiality: This e-mail and any attachments may be confidential and may also be privileged. If you are not an intended named recipient, please notify the sender immediately and do not disclose the contents to another person use it for any purpose, or store or copy the information in any medium. -------------- next part -------------- An HTML attachment was scrubbed... URL: From hpatil at securview.com Fri Mar 29 11:48:47 2013 From: hpatil at securview.com (Harshal Patil) Date: Fri, 29 Mar 2013 07:48:47 -0400 Subject: [rancid] Rancid GUI In-Reply-To: <8420D9D639CBE744B778A8916DFFC90FF8261B8C8F@NDMSSCC08.ndc.nasa.gov> References: <0B58A828ECF5874E8AF69053B9DB65A9357153F8CB@USNJ01EXC001>, <8420D9D639CBE744B778A8916DFFC90FF8261B8C8F@NDMSSCC08.ndc.nasa.gov> Message-ID: <0B58A828ECF5874E8AF69053B9DB65A9357153F8D1@USNJ01EXC001> Thanks Scotty. I really appreciated for help. ________________________________ From: Hinote, Scotty (MSFC-IS40)[NICS] [willie.s.hinote at nasa.gov] Sent: Thursday, March 28, 2013 10:09 AM To: Harshal Patil; rancid-discuss at shrubbery.net Subject: RE: Rancid GUI Hi Harshal, FreeBSD RANCID install. The article below should list all of the steps needed to install RANCID from ports which is the basic setup. http://uberbruco.wordpress.com/2009/07/09/rancid-on-freebsd/ OpenGrok GUI. I run this on my RHEL servers. It is Java and needs Tomcat to host the webapp but it has a lot of nice features like search which some other GUIs do not. You simply untar it and move it to where you want it reside on the server. It has a deploy option which sets up the app for Tomcat and an index option which you have to run for indexing RANCID?s files once they are checked out using subversion. This is a lot more complicated than some other options but you do get extra features. If you are interested in more details I can help you with setup and hooking it into RANCID?s subversion. http://opengrok.github.com/OpenGrok/ WebSVN GUI. I used this at first because it is incredibly easy to setup and it works with your subversion directory automatically. It does not require checking out its own subversion copy from RANCID but it has no search capability. You should be able to start with number 8 in the article since the repository is already created by RANCID. http://tgrove.com/2010/10/26/installing-subversion-on-freebsd-from-ports/ If you want something quick and easy to support I would install WebSVN. If you need searching capabilities you will have to use OpenGrok. Other options are desktop clients like TortoiseSVN and NetBeans that users can install themselves. You would only need to setup webdav for Apache and hook it into subversion which is really simple. I hope this helps. If you have questions let me know and I will try to help as much as I can. Regards, Scotty From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Harshal Patil Sent: Thursday, March 28, 2013 1:05 AM To: rancid-discuss at shrubbery.net Subject: [rancid] Rancid GUI Hi, I have installed Rancid software linux base software which takes backup of devices automatically on one my Server but i need to access these devices configuration by GUI. Someone suggested that it would be possible through FreeBSD . So i need your help regarding this situation that where i can get full information that how to install FreeBSD on Rancid. I am looking forward your response soon Regards Harshal ________________________________ Confidentiality: This e-mail and any attachments may be confidential and may also be privileged. If you are not an intended named recipient, please notify the sender immediately and do not disclose the contents to another person use it for any purpose, or store or copy the information in any medium. ________________________________ Confidentiality: This e-mail and any attachments may be confidential and may also be privileged. If you are not an intended named recipient, please notify the sender immediately and do not disclose the contents to another person use it for any purpose, or store or copy the information in any medium. -------------- next part -------------- An HTML attachment was scrubbed... URL: