[rancid] Fortigate additional tweaks and device filters

Nick Nauwelaerts nick.nauwelaerts at aquafin.be
Wed Aug 1 08:37:03 UTC 2018 

hm,
i actually like to have those versions in the output. if something breaks my first reaction tends to be: "what changed?", and rancid is usually the first place i check.

would it be an option to control this with FILTER_OSC , even though its not quite it's intended application?

thx

// nick


From: Rancid-discuss [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Doug Hughes
Sent: Tuesday, July 31, 2018 23:18
To: rancid-discuss at shrubbery.net
Subject: Re: [rancid] Fortigate additional tweaks and device filters




On 7/31/2018 5:14 PM, heasley wrote:

Fri, Jul 27, 2018 at 08:02:28AM -0500, Chris Wopat:

Hi Heasley and folks,



Sept 2017 i sent a note in with some proposed tweaks to a Fortigate. to

filter out some additional chattiness, see:



http://www.shrubbery.net/pipermail/rancid-discuss/2017-September/009871.html

http://www.shrubbery.net/pipermail/rancid-discuss/2017-June/009643.html



A few people chimed in seeming to be OK with the propsed changes, which are

to filter these things:



next if (/^\s*IPS-ETDB: .*/);

next if (/^\s*APP-DB: .*/);

next if (/^\s*IPS Malicious URL Database: .*/);

next if (/^\s*Botnet DB: .*/);



Mentioning this as 3.8 came out and i didn't notice any of these included.



We have an additional fortigate tweak we make every time we update too,

which to change from 'show full-configuration' to just 'show' in

@commandtable. 'full-configuration' shows default config, just like the

cisco 'full' command. It's really not necessary IMO.



This is from:

r2258 | heas | 2010-10-11 20:49:05 +0000 (Mon, 11 Oct 2010) | 3 lines



fnrancid: update recent fortinet software - Diego Ercolani

Cleaned-up a little by me.



afaict, the justification for full-configuration was so that VDOMs would

be included in the output.  perhaps this behavior has changed since this

change??  I have none of these devices.

I think you are right.. I have a vague recollection of this as well.
--
Doug Hughes
Keystone NAP
Fairless Hills, PA
1.844.KEYBLOCK (439.2562)

[http://www.keystonenap.com/wp-content/themes/keystoneNAP/images/keystone-nap-logo.png]



________________________________

Volg Aquafin op Facebook<https://www.facebook.com/AquafinNV> | Twitter<https://twitter.com/aquafinnv> | YouTube<http://www.youtube.com/channel/UCk_4P5BJ-MtEEDCkCsR_KqQ?feature=mhee> | LinkedIN<http://www.linkedin.com/company/aquafin/products>

In het kader van de uitoefening van onze taken verzamelen we bij Aquafin persoonsgegevens. Hoe we omgaan met deze gegevens en wat de rechten van de betrokkenen zijn, kan je nalezen in onze privacy policy<https://www.aquafin.be/nl-be/privacy-policy>.

[https://www.aquafin.be/sites/aquafin/files/styles/paragraph_with_caption/public/2018-06/email_banner_web.jpg]<https://www.aquafin.be/>
  P Denk aan het milieu. Druk deze mail niet onnodig af.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20180801/b50ea6dd/attachment.html>

More information about the Rancid-discuss mailing list