[rancid] RANCID Router Login
Piegorsch, Weylin William
weylin at bu.edu
Fri Oct 13 22:12:22 UTC 2017
My predecessor created a small script for changing a device’s name in router.db; we change the device name occasionally (for example when we find a device with a type-o in the name compared against our standard), but we want to keep the change history in one place in CVS. Copying here, in case you find it useful.
Weylin
[rancid at nsgv-prod-59 usrdir]$ cat rename-node.sh
#!/bin/bash
# Uncomment this for extended logging
# DEBUG=1
NumParms=$#
ORIGHOST=$1
NEWHOST=$2
GROUP=$3
function ShowHelpText () {
echo "$0 <original device name> <new device name> <rancid group> [options]"
echo
echo "Available Options:"
echo " -d, --debug Set the internal debug flag"
echo " -h, --help Show this text, then exit"
echo
echo "-h and --help may come in any position. All other options MUST"
echo "be listed at the end of the command. If they are listed in one"
echo "of the first three positions, they will be treated as parameters"
echo "as indicated."
echo
echo "Please note that the contents will not be affected. So, for example,"
echo "if this rename is being performed for maintenance purposes but the"
echo "device configuration is not also changing, no record will be kept"
echo "in rancid of this change."
}
# if any position parameter equals either -h or --help
while [ $1 ]
do
if [ $1 = -h -o $1 = --help ]
then
ShowHelpText
exit
elif [ $1 = -d -o $1 = --debug ]
then
DEBUG=1
NumParms=$[$NumParms-1]
fi
shift
done
if [ $NumParms -gt 3 ]
then
# only got here if -h or --help was not specified
ShowHelpText >&2
echo >&2
echo Too many parameters passed. Exiting. >&2
exit
fi
if [ ! `whoami` = "rancid" ]
then
echo Must be run as user rancid
exit
fi
if [ $ORIGHOST ]
then
echo -n ""
else
echo >&2
ShowHelpText >&2
echo >&2
echo "*Error: Missing original device name" >&2
echo >&2
exit
fi
if [ $NEWHOST ]
then
echo -n ""
else
echo >&2
ShowHelpText >&2
echo >&2
echo "*Error: Missing new device name" >&2
echo >&2
exit
fi
if [ $GROUP ]
then
echo -n ""
else
echo >&2
ShowHelpText >&2
echo >&2
echo "*Error: Missing rancid group" >&2
echo >&2
exit
fi
ORIGHOST=`echo $ORIGHOST | /usr/bin/awk '{print tolower($0)}'`
NEWHOST=`echo $NEWHOST | /usr/bin/awk '{print tolower($0)}'`
cd /usr/local/rancid/var
if [ ! -f $GROUP/router.db ]
then
echo Error: $GROUP/router.db does not exist. >&2
exit
fi
if [ ! -f $GROUP/configs/$ORIGHOST ]
then
echo Error: $GROUP/configs/$ORIGHOST does not exist. >&2
exit
fi
if [ ! -f CVS/$GROUP/configs/$ORIGHOST,v ]
then
echo Error: CVS/$GROUP/configs/$ORIGHOST,v does not exist - CVS error!!!. >&2
exit
fi
if [ $DEBUG ]
then
echo
echo "Renaming $ORIGHOST as $NEWHOST in $GROUP"
fi
cd /usr/local/rancid/var
# TYPEANDSTATE=`grep -i '^$ORIGHOST;' $GROUP/router.db | sed 's/^$ORIGHOST;//'`
TYPEANDSTATE=`grep -i "^$ORIGHOST;" $GROUP/router.db | sed "s/^$ORIGHOST;//"`
if [ $TYPEANDSTATE ]
then
echo " Found $ORIGHOST in $GROUP"
else
echo " $ORIGHOST not found in $GROUP"
echo
exit
fi
if [ $DEBUG ]
then
echo " Renaming $ORIGHOST as $NEWHOST in $GROUP group file with type and state $TYPEANDSTATE"
fi
# removing old
grep -v "^$ORIGHOST;" $GROUP/router.db > /tmp/$GROUP-router.db
mv -f /tmp/$GROUP-router.db $GROUP/router.db || exit
# adding new
echo "$NEWHOST;$TYPEANDSTATE" >> $GROUP/router.db
/bin/sort -u $GROUP/router.db | /usr/bin/awk '{print tolower($0)}' > /tmp/$GROUP-router.db
mv -f /tmp/$GROUP-router.db $GROUP/router.db
if [ $DEBUG ]
then
echo " Moving Configuration and CVS archive to new name"
fi
mv -f CVS/$GROUP/configs/$ORIGHOST,v CVS/$GROUP/configs/$NEWHOST,v
mv -f $GROUP/configs/$ORIGHOST $GROUP/configs/$NEWHOST
if [ $DEBUG ]
then
echo " Validating CVS synchronization"
fi
cd $GROUP/configs
cvs update
if [ $DEBUG ]
then
echo " Move complete"
echo
fi
exit
[rancid at nsgv-prod-59 usrdir]$
From: "Munoz-Persinger, Axel @ CSG - CSE" <Axel.Munoz-Persinger at L3T.com>
Date: Thursday, October 12, 2017 at 15:47
To: "rancid-discuss at shrubbery.net" <rancid-discuss at shrubbery.net>
Cc: "Auer, Kyle @ CSG - CSE" <Kyle.Auer at L3T.com>, "Zaveri, Sundeep @ CSG - CSE" <Sundeep.Zaveri at L3T.com>, "Dowd, Daniel @ CSG - CSE" <daniel.dowd at L3T.com>
Subject: [rancid] RANCID Router Login
Hello,
Our organization uses RANCID for gathering data from our Cisco routers, but we recently faced an issue with a change we’re trying to make.
We simply want to change what the address that the scripts use to log into the routers. Let’s say in the routers.db file we have:
Router1:cisco:up
Router2:cisco:up
Router3:cisco:up
We’d like to change it to:
Router1.XYZ:cisco:up
Router2.XYZ:cisco:up
Router3.XYZ:cisco:up
We didn’t want to change the actual router names in the routers.db file, since this would most likely have other side effects like modifying the CVS. We tried changing clogin:750(ish) from
if {[login $router $ruser $userpswd $passwd $enapasswd $cmethod $cyphertype]} {
to
if {[login $router.XYZ $ruser $userpswd $passwd $enapasswd $cmethod $cyphertype]} {
However, by watching the tcpdump output, we see that it’s still reaching out to the original address.
Do you have any ideas that could help us?
Thanks,
Axel Munoz-Persinger
Security Analyst
Axel.Munoz-Persinger at L3T.com<mailto:Axel.Munoz-Persinger at L3T.com>
(856) 338-4103
CONFIDENTIALITY NOTICE: This email and any attachments are for the sole use of the intended recipient and may contain material that is proprietary, confidential, privileged or otherwise legally protected or restricted under applicable government laws. Any review, disclosure, distributing or other use without expressed permission of the sender is strictly prohibited. If you are not the intended recipient, please contact the sender and delete all copies without reading, printing, or saving.
Effective immediately my new email address is Axel.Munoz-Persinger at L3T.com. Please update your records.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20171013/38603963/attachment.html>
More information about the Rancid-discuss
mailing list