From vom513 at gmail.com Tue Jun 9 16:50:31 2020 From: vom513 at gmail.com (vom513) Date: Tue, 9 Jun 2020 12:50:31 -0400 Subject: [rancid] Cisco Mobility Express (WLC) woes (garbage in config...) Message-ID: <97123018-A2D9-4A75-BAF6-48F8CCAC7C9A@gmail.com> Hello, I see this thread: https://shrubbery.net/pipermail/rancid-discuss/2019-October/010838.html Looks like pretty much what I am experiencing. (Almost) Every time rancid runs for me - I get a ?change? and some garbage characters in the config. Here is an example diff email showing the strings flipping around: ? Index: configs/ap-me =================================================================== retrieving revision 1.6 diff -u -4 -r1.6 ap-me @@ -478,9 +478,9 @@ wlan radio 1 802.11a-only wlan session-timeout 1 disable wlan flexconnect local-switching 1 enable wlan flexconnect learn-ipaddr 1 enable - ?4?4 + ?>?4?>?4 wlan wmm require 1 wlan avc 1 visibility enable wlan wgb broadcast-tagging disable 1 wlan wgb prp disable 1 ? Looks like in that thread, there were two solutions - making some changes to wlogin or ciscowlc.pm. I?ve put these in manually as a test, but rancid is still detecting a change (almost) every time it runs. I?m running rancid 3.9 on Debian 9 (running Debian?s packages, pulling from stretch-backports to get me from 3.6.x previously to 3.9). ?WLC? is really Mobility Express running on an 1832i - running latest stable 8.10.121.0 Did I misunderstand that thread ? Anyone else has ran into this and has a fix ? Many thanks in advance - I don?t want to remove this from rancid, but I can?t have the diff?s and emails filling up every hour either... -------------- next part -------------- An HTML attachment was scrubbed... URL: From vom513 at gmail.com Wed Jun 10 02:56:17 2020 From: vom513 at gmail.com (vom513) Date: Tue, 9 Jun 2020 22:56:17 -0400 Subject: [rancid] Cisco Mobility Express (WLC) woes (garbage in config...) In-Reply-To: <97123018-A2D9-4A75-BAF6-48F8CCAC7C9A@gmail.com> References: <97123018-A2D9-4A75-BAF6-48F8CCAC7C9A@gmail.com> Message-ID: > On Jun 9, 2020, at 12:50 PM, vom513 wrote: > > Hello, > > I see this thread: > > https://shrubbery.net/pipermail/rancid-discuss/2019-October/010838.html > > Looks like pretty much what I am experiencing. (Almost) Every time rancid runs for me - I get a ?change? and some garbage characters in the config. Here is an example diff email showing the strings flipping around: Sorry to self reply - but I took some more time and read through what Bjarne was saying in his post. He had also made a change in the base types file for the cisco-wlc8. Doing this does seem to have gotten rid of the garbage characters (fingers crossed). However, an unfortunate side effect is that now a CDP neighbor line is coming in with the current hold timer (which changes every second)? So back to registering a diff every time we run? This is absolutely not an elegant solution, but I put another line into the same spot Bjarne was talking about in ciscowlc.pm to ignore ?wired0?. That seems to be the only line in the config that otherwise references ?wired0". Rancid runs now and doesn?t register a config change every time. Neverthless, I?m not a huge fan of hand hacking code like this. I?d still love to hear from anyone that has a Cisco WLC version 8.x humming along nice in RANCID. If part of my issue is that I?m actually on Mobility Express then fair enough. Just want to see if there?s something I could be doing better to handle this particular device. Thanks. -------------- next part -------------- An HTML attachment was scrubbed... URL: From kfrauendienst at mconsult.us Wed Jun 10 21:53:01 2020 From: kfrauendienst at mconsult.us (Karl Frauendienst) Date: Wed, 10 Jun 2020 16:53:01 -0500 Subject: [rancid] Problems with Ruckus ICX 6610 Message-ID: Good afternoon, I'm having problems gathering configs from Ruckus (Foundry) ICX 6610 switches. Some (not all) of them fail, and some of them pick up during the "getting missed routers" phase. I have ICX 6430, ICX 7250, and ICX 7450 switches with essentially the same configuration on this network, and not a single one of them fails. Only ICX 6610, and only some of them, and not always every run. I have been able to confirm that each 6610 that failed was a stack of at least two switches. No standalones failed. To put that in perspective, out of 49 ICX 6610 switches/stacks, I had 24 failures on the first run. 3 of those succeeded on the 2nd pass, and so on. By the final pass I had 18 that it didn't get. Each one produces the same log error every time: cchsu_mdf: missed cmd(s): show flash I have confirmed that I can run flogin as the rancid user, and it has no problems logging in. What can I do? Thanks -------------- next part -------------- An HTML attachment was scrubbed... URL: From absolutely_free at libero.it Wed Jun 24 09:58:58 2020 From: absolutely_free at libero.it (absolutely_free at libero.it) Date: Wed, 24 Jun 2020 11:58:58 +0200 (CEST) Subject: [rancid] Issue with Huawei device NE40E-M2K-B Message-ID: <1721486727.715950.1592992738485@mail1.libero.it> Hi, I am using: $ bin/rancid -V rancid 3.6.2 $ /usr/bin/expect -v expect version 5.45 $ /usr/bin/perl -v This is perl 5, version 24, subversion 1 (v5.24.1) built for x86_64-linux-gnu-thread-multi $ lsb_release -a No LSB modules are available. Distributor ID: Debian Description: Debian GNU/Linux 9.12 (stretch) Release: 9.12 Codename: stretch I am trying to get configs from Huawei devices (NE40E-M2K-B). I used these scripts: https://github.com/ssinyagin/rancid-ssi/blob/master/bin/hulogin.in https://github.com/ssinyagin/rancid-ssi/blob/master/bin/hurancid.in with very little changes (only shebang). I can successfully login with hulogin script but "display version" never completes: rancid at rancido:~/bin$ ./hulogin -t 5 -c"display version" c1-huawei c1-huawei spawn ssh -c aes128-ctr -x -l root c1-huawei User Authentication Enter password: Info: The max number of VTY users is 15, the number of current VTY users online is 2, and total number of terminal users online is 2. The current login time is 2020-06-24 11:47:26+02:00 DST. The last login time is 2020-06-24 11:37:36+02:00 DST from xxx.yyy.www.zzz through SSH. display version Huawei Versatile Routing Platform Software VRP (R) software, Version 8.190 (NE40E V800R011C10SPC100) Copyright (C) 2012-2019 Huawei Technologies Co., Ltd. HUAWEI NE40E-M2K-B uptime is 155 days, 0 hour, 46 minutes Patch Version: V800R011SPH023 NE40E-M2K-B version information: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - BKP version information: PCB Version : CX68BKP01D REV A IPU Slot Quantity : 1 CARD Slot Quantity : 3 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - IPU version information: IPU (Master) 3 : uptime is 155 days, 0 hour, 45 minutes StartupTime 2020/01/21 10:01:40 SDRAM Memory Size : 16384 M bytes FLASH Memory Size : 128 M bytes CFCARD Memory Size : 4096 M bytes IPU CR5B0BKP0393 version information CPU PCB Version : CX68E4NLAXFB REV B EPLD Version : 004 FPGA Version : 009 FPGA2 Version : 008 (nothing happens here) <============================ Error: TIMEOUT reached - 2 While hurancid -d gives me this: rancid at rancido:~/bin$ ./hurancid -d c1-huawei Can't use 'defined(%hash)' (Maybe you should just omit the defined()?) at ./hurancid line 46. Any suggestion? Thank you! From kevin.moralez at gmail.com Wed Jun 24 13:30:52 2020 From: kevin.moralez at gmail.com (Kevin Morales) Date: Wed, 24 Jun 2020 07:30:52 -0600 Subject: [rancid] Issue with Huawei device NE40E-M2K-B In-Reply-To: <1721486727.715950.1592992738485@mail1.libero.it> References: <1721486727.715950.1592992738485@mail1.libero.it> Message-ID: Hi, could you try to use this script: https://github.com/kmorales026/script On Wed, Jun 24, 2020 at 3:59 AM wrote: > Hi, > I am using: > > $ bin/rancid -V > rancid 3.6.2 > > $ /usr/bin/expect -v > expect version 5.45 > > $ /usr/bin/perl -v > > This is perl 5, version 24, subversion 1 (v5.24.1) built for > x86_64-linux-gnu-thread-multi > > $ lsb_release -a > No LSB modules are available. > Distributor ID: Debian > Description: Debian GNU/Linux 9.12 (stretch) > Release: 9.12 > Codename: stretch > > I am trying to get configs from Huawei devices (NE40E-M2K-B). > I used these scripts: > > https://github.com/ssinyagin/rancid-ssi/blob/master/bin/hulogin.in > https://github.com/ssinyagin/rancid-ssi/blob/master/bin/hurancid.in > > with very little changes (only shebang). > > I can successfully login with hulogin script but "display version" never > completes: > > rancid at rancido:~/bin$ ./hulogin -t 5 -c"display version" c1-huawei > c1-huawei > spawn ssh -c aes128-ctr -x -l root c1-huawei > User Authentication > Enter password: > > Info: The max number of VTY users is 15, the number of current VTY users > online is 2, and total number of terminal users online is 2. > The current login time is 2020-06-24 11:47:26+02:00 DST. > The last login time is 2020-06-24 11:37:36+02:00 DST from > xxx.yyy.www.zzz through SSH. > display version > Huawei Versatile Routing Platform Software > VRP (R) software, Version 8.190 (NE40E V800R011C10SPC100) > Copyright (C) 2012-2019 Huawei Technologies Co., Ltd. > HUAWEI NE40E-M2K-B uptime is 155 days, 0 hour, 46 minutes > Patch Version: V800R011SPH023 > > NE40E-M2K-B version information: > - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - > BKP version information: > PCB Version : CX68BKP01D REV A > IPU Slot Quantity : 1 > CARD Slot Quantity : 3 > - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - > IPU version information: > > IPU (Master) 3 : uptime is 155 days, 0 hour, 45 minutes > StartupTime 2020/01/21 10:01:40 > SDRAM Memory Size : 16384 M bytes > FLASH Memory Size : 128 M bytes > CFCARD Memory Size : 4096 M bytes > IPU CR5B0BKP0393 version information > CPU PCB Version : CX68E4NLAXFB REV B > EPLD Version : 004 > FPGA Version : 009 > FPGA2 Version : 008 > (nothing happens here) <============================ > Error: TIMEOUT reached - 2 > > > > While hurancid -d gives me this: > > rancid at rancido:~/bin$ ./hurancid -d c1-huawei > Can't use 'defined(%hash)' (Maybe you should just omit the defined()?) at > ./hurancid line 46. > > Any suggestion? > Thank you! > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at www.shrubbery.net > https://www.shrubbery.net/mailman/listinfo/rancid-discuss > -- *Kevin Morales* -------------- next part -------------- An HTML attachment was scrubbed... URL: From absolutely_free at libero.it Wed Jun 24 15:39:06 2020 From: absolutely_free at libero.it (absolutely_free at libero.it) Date: Wed, 24 Jun 2020 17:39:06 +0200 (CEST) Subject: [rancid] Issue with Huawei device NE40E-M2K-B In-Reply-To: References: <1721486727.715950.1592992738485@mail1.libero.it> Message-ID: <895245982.747057.1593013146794@mail1.libero.it> Hi, ./hwclogin -c"display version" c1-huawei worked fine. With other script, I get similar error: rancid at rancido:~/bin$ ./h3crancid -d c1-huawei Can't use 'defined(%hash)' (Maybe you should just omit the defined()?) at ./h3crancid line 121. Thank you again > Il 24 giugno 2020 alle 15.30 Kevin Morales ha scritto: > > Hi, could you try to use this script: > https://github.com/kmorales026/script > > On Wed, Jun 24, 2020 at 3:59 AM < absolutely_free at libero.it> wrote: > > Hi, > > I am using: > > > > $ bin/rancid -V > > rancid 3.6.2 > > > > $ /usr/bin/expect -v > > expect version 5.45 > > > > $ /usr/bin/perl -v > > > > This is perl 5, version 24, subversion 1 (v5.24.1) built for x86_64-linux-gnu-thread-multi > > > > $ lsb_release -a > > No LSB modules are available. > > Distributor ID: Debian > > Description: Debian GNU/Linux 9.12 (stretch) > > Release: 9.12 > > Codename: stretch > > > > I am trying to get configs from Huawei devices (NE40E-M2K-B). > > I used these scripts: > > > > https://github.com/ssinyagin/rancid-ssi/blob/master/bin/hulogin.in > > https://github.com/ssinyagin/rancid-ssi/blob/master/bin/hurancid.in > > > > with very little changes (only shebang). > > > > I can successfully login with hulogin script but "display version" never completes: > > > > rancid at rancido:~/bin$ ./hulogin -t 5 -c"display version" c1-huawei > > c1-huawei > > spawn ssh -c aes128-ctr -x -l root c1-huawei > > User Authentication > > Enter password: > > > > Info: The max number of VTY users is 15, the number of current VTY users online is 2, and total number of terminal users online is 2. > > The current login time is 2020-06-24 11:47:26+02:00 DST. > > The last login time is 2020-06-24 11:37:36+02:00 DST from xxx.yyy.www.zzz through SSH. > > display version > > Huawei Versatile Routing Platform Software > > VRP (R) software, Version 8.190 (NE40E V800R011C10SPC100) > > Copyright (C) 2012-2019 Huawei Technologies Co., Ltd. > > HUAWEI NE40E-M2K-B uptime is 155 days, 0 hour, 46 minutes > > Patch Version: V800R011SPH023 > > > > NE40E-M2K-B version information: > > - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - > > BKP version information: > > PCB Version : CX68BKP01D REV A > > IPU Slot Quantity : 1 > > CARD Slot Quantity : 3 > > - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - > > IPU version information: > > > > IPU (Master) 3 : uptime is 155 days, 0 hour, 45 minutes > > StartupTime 2020/01/21 10:01:40 > > SDRAM Memory Size : 16384 M bytes > > FLASH Memory Size : 128 M bytes > > CFCARD Memory Size : 4096 M bytes > > IPU CR5B0BKP0393 version information > > CPU PCB Version : CX68E4NLAXFB REV B > > EPLD Version : 004 > > FPGA Version : 009 > > FPGA2 Version : 008 > > (nothing happens here) <============================ > > Error: TIMEOUT reached - 2 > > > > > > While hurancid -d gives me this: > > > > rancid at rancido:~/bin$ ./hurancid -d c1-huawei > > Can't use 'defined(%hash)' (Maybe you should just omit the defined()?) at ./hurancid line 46. > > > > Any suggestion? > > Thank you! > > > > _______________________________________________ > > Rancid-discuss mailing list > > Rancid-discuss at www.shrubbery.net > > https://www.shrubbery.net/mailman/listinfo/rancid-discuss > > -- > Kevin Morales From kevin.moralez at gmail.com Wed Jun 24 22:18:56 2020 From: kevin.moralez at gmail.com (Kevin Morales) Date: Wed, 24 Jun 2020 16:18:56 -0600 Subject: [rancid] How to avoid Notifications Rancid Mail Message-ID: Hi, How can I do to avoid Rancid notifications about change in the configurations when it doesn't happened?. the mail Rancid Send about the change is: - timestamp_write: 01:24:05 06/23/2020 + timestamp_write: 01:24:04 06/24/2020 config-version 2.1 ! but nobody has change anything in the device thanks -- *Kevin Morales* -------------- next part -------------- An HTML attachment was scrubbed... URL: From cra at wpi.edu Wed Jun 24 23:10:35 2020 From: cra at wpi.edu (Chuck Anderson) Date: Wed, 24 Jun 2020 19:10:35 -0400 Subject: [rancid] [EXT] How to avoid Notifications Rancid Mail In-Reply-To: References: Message-ID: <20200624231035.3ksddsa5lbhvl52s@gauge> Set FILTER_OSC to YES in rancid.conf: # FILTER_OSC determines if oscillating data such as keys, passwords, etc are # filtered from configs by the value set (NO | YES | ALL). FILTER_PWDS may # override this. see rancid.conf(5). FILTER_OSC=YES; export FILTER_OSC On Wed, Jun 24, 2020 at 04:18:56PM -0600, Kevin Morales wrote: > Hi, How can I do to avoid Rancid notifications about change in the > configurations when it doesn't happened?. > > the mail Rancid Send about the change is: > > - timestamp_write: 01:24:05 06/23/2020 > > + timestamp_write: 01:24:04 06/24/2020 > > config-version 2.1 > > ! > > but nobody has change anything in the device From rancid at gheek.net Wed Jun 24 23:55:11 2020 From: rancid at gheek.net (Lance Vermilion) Date: Wed, 24 Jun 2020 16:55:11 -0700 Subject: [rancid] proxy-login rancid collection In-Reply-To: <20200513192150.GJ66669@shrubbery.net> References: <20150325161446.GF45425@shrubbery.net> <6b2d-5eb9aa00-3-7202978@143392629> <20200513192150.GJ66669@shrubbery.net> Message-ID: Another use case is when trying to get a text based backup on newer devices managed by the FMC. You ssh to the FireOS Linux portion and then go into a support she'll to get access to the ASA CLI where you can get access to the config. This config provides a quick small file so you can do searches in configs. There are also cases in certain environments where a customer might only allow you direct access to certain devices and then expects you to jump through to other devices. On Wed, May 13, 2020, 12:21 PM heasley wrote: > Mon, May 11, 2020 at 03:39:19PM -0400, Gary T. Giesen: > > > > Did this ever get implemented? I have looked through a bunch of release > notes and mail list archives but I could not find any further mention of it. > > I have nothing usable yet. I will work on that next. There are two hack > that were contributed on the ML that might suit you for the immediate. > > > Thanks, > > > > GTG > > > > On Wednesday, March 25, 2015 12:14 EDT, heasley > wrote: > > Many have asked for this and it will probably be the primary addition to > > rancid 3.3, but I do not have a use for it, so although I've digested > most > > of the maillist discussion on the topic ('out of band access script > change', > > 'download configs from on router through another', etc), I'm not sure > that > > I'd include all the relevant features, therefore i want to solicit input. > > > > I am tempted to limit the utility to executing other login scripts, ie: > > the assumption that it through a device supported by one of rancid's > login > > scripts, rather than an arbitrary unix command. > > > > Please feel free to reply to me directly or to the list. > > _______________________________________________ > > Rancid-discuss mailing list > > Rancid-discuss at shrubbery.net > > http://www.shrubbery.net/mailman/listinfo/rancid-discuss > > > > > > > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at www.shrubbery.net > https://www.shrubbery.net/mailman/listinfo/rancid-discuss > -------------- next part -------------- An HTML attachment was scrubbed... URL: