[rancid] Fortigate Cluster uptime

heasley heas at shrubbery.net
Tue Aug 1 17:58:21 UTC 2017


Mon, Jul 31, 2017 at 10:39:40PM +0000, Ryan:
> Hi,
> 
> 
> Thanks for the help. "get system status" also produces the line:

Index: bin/fnrancid.in
===================================================================
--- bin/fnrancid.in     (revision 3719)
+++ bin/fnrancid.in     (working copy)
@@ -188,6 +188,8 @@
        next if (/^\s*Extended DB: .*/);
        next if (/^\s*IPS-DB: .*/);
        next if (/^FortiClient application signature package:/);
+       # Cluster uptime
+       next if (/^\s*Cluster uptime:/);
 
        ProcessHistory("","","","#$_");
     }

> DCPGFW1 # get system status
> <some other lines here>
> Current HA mode: a-p, master
> Cluster uptime: 37 days, 10 hours, 14 minutes, 55 seconds
> System time: Tue Aug  1 10:35:45 2017
> 
> FYI I removed the ! from the line (next if (/^\s*Cluster uptime:/);) but I get a mail with the following:
> 
> 
>   #FIPS-CC mode: disable
> 
>   #Current HA mode: a-p, master
> 
> - #Cluster uptime: 35 days, 20 hours, 37 minutes, 22 seconds
> 
> + #Cluster uptime: 37 days, 10 hours, 16 minutes, 50 seconds
> 
> 
> Thanks again.
> 
> 
> 
> ________________________________
> From: heasley <heas at shrubbery.net>
> Sent: 31 July 2017 21:47:43
> To: Ryan
> Cc: rancid-discuss at shrubbery.net
> Subject: Re: [rancid] Fortigate Cluster uptime
> 
> Sun, Jul 30, 2017 at 09:26:18AM +0000, Ryan:
> > Hi All,
> >
> >
> > Sorry to mail this out but I have searched through a number of groups and cant find anything that actually works. I recently upgraded my Fortinet FW cluster and, unfortunately, the config status displays a new line, "Cluster uptime", from the "get system ha status" cli. e.g.
> >
> 
> rancid does not use that command.  it uses only get system status.  is that
> command including this output now or have you changed your distribution?
> 
> >   !Virtual domains status: 1 in NAT mode, 0 in TP mode
> >
> >   !Virtual domain configuration: disable
> >
> >   !FIPS-CC mode: disable
> >
> >   !Current HA mode: a-p, master
> >
> > - !Cluster uptime: 35 days, 19 hours, 40 minutes, 13 seconds
> >
> > + !Cluster uptime: 35 days, 20 hours, 40 minutes, 13 seconds
> >
> >   !Branch point: 1449
> >
> >   !Release Version Information: GA
> >
> >
> > The "Cluster uptime" means that I get an updated FW version mailed to me every hour of the day. I have tried a number of things to resolve this including:
> >
> >
> >   1.  I updated the fnrancid file with the below but both attempts failed:
> >
> >
> > sub GetConf {
> >     print STDERR "    In GetConf: $_" if ($debug);
> >
> >     while (<INPUT>) {
> >         tr/\015//d;
> >         next if /^\s*$/;
> >         last if (/$prompt/);
> >
> >         # System time is fortigate extraction time
> >         next if (/^\s*!System time:/);
> >         # remove occurrances of conf_file_ver
> >         next if (/^#?conf_file_ver=/);
> >
> >
> > # First think I tried
> >
> > #remove occurances of Cluster Uptime
> >         next if (/^\s*!Cluster uptime:/);
> 
> no !.
> 
> >
> > # next thing I tried.
> >
> >         #if (/^\s*!Cluster uptime:/) {
> >         #    ProcessHistory("","","","","","#$_");
> >         #    next;
> >         #}
> >
> >
> > 2. I tried other options e.g. writing something similar to the cycling password but I am afraid I reached the end of my skillset.
> >
> > 3. Finally I thought my Rancid server is pretty old 2.3.6 so I built a new rancid server (3.3.0) using Ubuntu 16.04 and updated the fnrancid again without success.
> >
> >
> > Two questions if I may:
> >
> >   1.  Anyone know how I can ignore the Cluster uptime line?
> >   2.  If I move to using the new server is there a way to export the CVS history on the old server and import it on the new?
> >
> >
> > Thanks in advance! Your help is appreciated!
> >
> >
> > Cheers,
> >
> 
> > _______________________________________________
> > Rancid-discuss mailing list
> > Rancid-discuss at shrubbery.net
> > http://www.shrubbery.net/mailman/listinfo/rancid-discuss
> 



More information about the Rancid-discuss mailing list