[rancid] Palo Alto Networks
Alan McKinnon
alan.mckinnon at gmail.com
Wed Oct 2 16:19:59 UTC 2013
Most likely cause is that you edited rancid-fe in one terminal, then ran
rancid-run in another without saving rancid-fe first.
It's a *very* easy mistake to make and very hard to find later you did
it. Numerous varieties exist too - my favourite is Ctrl-Z to go to the
terminal, do something, fg to go back to the editor, then realize i
didn't save before Ctrl-Z
On 02/10/2013 16:54, Kishore Rajani wrote:
> Hi Doug,
>
> Finally got it working !!!! great thanks :)
> I removed all the files and config related to PAN and applied everything
> again and volla it started working :)
>
> Regards,
> Kishore
>
>
> On 2 October 2013 15:34, Hughes, Doug <Douglas.Hughes at deshawresearch.com
> <mailto:Douglas.Hughes at deshawresearch.com>> wrote:
>
> That message is definitely coming from rancid-fe. It’s just below
> the vendor table. Are you sure that you don’t have ‘another’ version
> of rancid-fe somewhere else in the path? That’s the only explanation
> that I could think of other than a misspelling. You could use strace
> –f –e trace=execve to find out exactly what it’s running.____
>
> __ __
>
> __ __
>
> *From:*Kishore Rajani [mailto:kams19 at gmail.com
> <mailto:kams19 at gmail.com>]
> *Sent:* Wednesday, October 02, 2013 10:24 AM
>
>
> *To:* Hughes, Doug
> *Cc:* Ryan Milton; rancid-discuss at googlegroups.com
> <mailto:rancid-discuss at googlegroups.com>;
> guillaume.dupuis at novidys.com <mailto:guillaume.dupuis at novidys.com>;
> rancid-discuss at shrubbery.net <mailto:rancid-discuss at shrubbery.net>
> *Subject:* Re: [rancid] Palo Alto Networks____
>
> __ __
>
> Just checked, I do have that entry as well:
>
> 'netscaler' => 'nsrancid',
> 'netscreen' => 'nrancid',
> * 'paloalto' => 'panrancid',*
> 'procket' => 'prancid',____
>
> Do you think I have missed it anywhere else.. is there any
> modification needed in the rancid-run script? the cisco devices are
> being backed up without any problem..____
>
> Regards,
> Kishore____
>
> __ __
>
> On 2 October 2013 15:21, Hughes, Doug
> <Douglas.Hughes at deshawresearch.com
> <mailto:Douglas.Hughes at deshawresearch.com>> wrote:____
>
> I suspect you haven’t added the mapping to your vendor table.____
>
> In rancid-fe, find the %vendortable hash (about 2/3 of the way down)____
>
> ____
>
> Add a line:____
>
> 'paloalto' => 'panrancid',____
>
> ____
>
> ____
>
> I put mine in alphabetical order, just below netscreen.____
>
> ____
>
> *From:*Kishore Rajani [mailto:kams19 at gmail.com
> <mailto:kams19 at gmail.com>]
> *Sent:* Wednesday, October 02, 2013 10:14 AM____
>
>
> *To:* Hughes, Doug
> *Cc:* Ryan Milton; rancid-discuss at googlegroups.com
> <mailto:rancid-discuss at googlegroups.com>;
> guillaume.dupuis at novidys.com <mailto:guillaume.dupuis at novidys.com>;
> rancid-discuss at shrubbery.net <mailto:rancid-discuss at shrubbery.net>
> *Subject:* Re: [rancid] Palo Alto Networks____
>
> ____
>
> HI Doug,____
>
> Now that I have my remote site up, here are the logs that are
> generated by rancid-run:
> exec failed router manufacturer paloalto: No such file or directory
> exec failed router manufacturer paloalto: No such file or directory
> exec failed router manufacturer paloalto: No such file or directory
> exec failed router manufacturer paloalto: No such file or directory
> exec failed router manufacturer paloalto: No such file or directory
> exec failed router manufacturer paloalto: No such file or directory
> exec failed router manufacturer paloalto: No such file or directory
> exec failed router manufacturer paloalto: No such file or directory____
>
> Any idea where I could have been wrong. I have the panlogin and
> panrancid in the "/usr/local/rancid/bin/" directory. Also I have
> checked the router.db file and it has the config like:
> FWL1:paloalto:up____
>
> FWL2:paloalto:up
> FWL3:paloalto:up
> FWL4:paloalto:up
> FWL5:paloalto:up____
>
> Thanks and Regards,
> Kishore____
>
> ____
>
> On 25 September 2013 06:48, Kishore Rajani <kams19 at gmail.com
> <mailto:kams19 at gmail.com>> wrote:____
>
> I will use them as soon as the remote site becomes available.. and
> will also let you know how did it go.____
>
> ____
>
> Appreciate your help.____
>
> ____
>
> Regards,____
>
> Kishore____
>
> ____
>
> On 25 September 2013 01:40, Hughes, Doug
> <Douglas.Hughes at deshawresearch.com
> <mailto:Douglas.Hughes at deshawresearch.com>> wrote:____
>
> I just sent you the latest versions. I’m the original creator. I
> can’t say if the other version is older, but if they are different,
> use the ones I sent. (and make sure they are first in the path)____
>
> ____
>
> So you are saying when you run panrancid it doesn’t create the
> config file for you?____
>
> ____
>
> *From:*Kishore Rajani [mailto:kams19 at gmail.com
> <mailto:kams19 at gmail.com>]
> *Sent:* Tuesday, September 24, 2013 5:44 PM
> *To:* Hughes, Doug
> *Cc:* Ryan Milton; rancid-discuss at googlegroups.com
> <mailto:rancid-discuss at googlegroups.com>;
> guillaume.dupuis at novidys.com <mailto:guillaume.dupuis at novidys.com>;
> rancid-discuss at shrubbery.net <mailto:rancid-discuss at shrubbery.net>____
>
>
> *Subject:* Re: [rancid] Palo Alto Networks____
>
> ____
>
> Hi All,____
>
> ____
>
> Thanks for your inputs.. much appreciated.____
>
> ____
>
> I think i had downloaded these files from some other website, not
> sure if you have modified it, Doug..____
>
> ____
>
> In my setup, I am able to login into the device using panlogin..
> however the device config are not backed up. Everything works smooth
> for Cisco devices.____
>
> I have updated the routers.db and other files for PAN devices, but
> no luck yet.____
>
> ____
>
> Unfortunately, I am unable to reach my remote site server at the
> moment, else would have pasted the log file.____
>
> ____
>
> Regards,____
>
> Kishore____
>
> ____
>
> ____
>
> On 24 September 2013 22:01, Hughes, Doug
> <Douglas.Hughes at deshawresearch.com
> <mailto:Douglas.Hughes at deshawresearch.com>> wrote:____
>
> Sure they can. I do it for 3 of them right now.____
>
> ____
>
> Attached. Set your ‘switch type’ to paloalto. Works with names or IP
> addresses.____
>
> ____
>
> *From:*Ryan Milton [mailto:rmilton at mvsusa.com
> <mailto:rmilton at mvsusa.com>]
> *Sent:* Tuesday, September 24, 2013 4:58 PM
> *To:* Hughes, Doug; Kishore Rajani; rancid-discuss at googlegroups.com
> <mailto:rancid-discuss at googlegroups.com>
> *Cc:* guillaume.dupuis at novidys.com
> <mailto:guillaume.dupuis at novidys.com>; rancid-discuss at shrubbery.net
> <mailto:rancid-discuss at shrubbery.net>
> *Subject:* RE: [rancid] Palo Alto Networks____
>
> ____
>
> I would certainly be interested in adding PAN devices to Rancid. I
> thought that they couldn’t be read. That is what I’ve found with my
> HP switches—but that is another matter. Any ideas on getting PAN
> devices read by Rancid would be useful.____
>
> ____
>
> Regards,____
>
> Ryan Milton____
>
> ____
>
> *From:*rancid-discuss-bounces at shrubbery.net
> <mailto:rancid-discuss-bounces at shrubbery.net>
> [mailto:rancid-discuss-bounces at shrubbery.net] *On Behalf Of *Hughes,
> Doug
> *Sent:* Tuesday, September 24, 2013 12:26 PM
> *To:* Kishore Rajani; rancid-discuss at googlegroups.com
> <mailto:rancid-discuss at googlegroups.com>
> *Cc:* guillaume.dupuis at novidys.com
> <mailto:guillaume.dupuis at novidys.com>; rancid-discuss at shrubbery.net
> <mailto:rancid-discuss at shrubbery.net>
> *Subject:* Re: [rancid] Palo Alto Networks____
>
> ____
>
> Yes, I have working panlogin and panrancid and have contributed them
> upstream. Have you not been able to get them to work?____
>
> ____
>
> ____
>
> *From:*rancid-discuss-bounces at shrubbery.net
> <mailto:rancid-discuss-bounces at shrubbery.net>
> [mailto:rancid-discuss-bounces at shrubbery.net] *On Behalf Of *Kishore
> Rajani
> *Sent:* Monday, September 23, 2013 9:52 AM
> *To:* rancid-discuss at googlegroups.com
> <mailto:rancid-discuss at googlegroups.com>
> *Cc:* guillaume.dupuis at novidys.com
> <mailto:guillaume.dupuis at novidys.com>; rancid-discuss at shrubbery.net
> <mailto:rancid-discuss at shrubbery.net>
> *Subject:* Re: [rancid] Palo Alto Networks____
>
> ____
>
> HI,
>
> did you manage to get the RANCID running with PAN?
>
> Regards,
> Kishore
>
> On Thursday, 29 March 2012 13:53:33 UTC+1, Guillaume Dupuis wrote:____
>
> Nate Beck <Nate.Beck <at> jivesoftware.com
> <http://jivesoftware.com>> writes:____
>
> >
> >
> > Has anyone on the list worked with Palo Alto Network firewalls and Rancid? I
> was wondering if anyone has created a *login for them.
> > Thanks-------------------
> > Nathan BeckSr. IT Engineer
> > Jive Software
> > 503.972.9024____
>
> Hi Nate,____
>
> Did you find a *login script for PAN?____
>
> Thanks,____
>
> Guillaume Dupuis____
>
> _______________________________________________
> Rancid-discuss mailing list
> Rancid-... at shrubbery.net <mailto:Rancid-... at shrubbery.net>
> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss____
>
> ____
>
> ____
>
> ____
>
> __ __
>
>
>
>
> _______________________________________________
> Rancid-discuss mailing list
> Rancid-discuss at shrubbery.net
> http://www.shrubbery.net/mailman/listinfo/rancid-discuss
>
--
Alan McKinnon
alan.mckinnon at gmail.com
More information about the Rancid-discuss
mailing list