[rancid] Newbie question - ACL changes causing too many diffs
Herlitz, Johannes
Johannes.Herlitz at EnProIndustries.com
Mon Jun 14 11:47:00 UTC 2021
You could have RANCID ignore all ACL lines in a config.
Modify the source code: edit lib/rancid/ios.pm and search for "sub WriteTerm". RANCID ignores a few config lines already by default, e.g. the "Last configuration" line at the beginning of a "sh run". You should see it in the sub WriteTerm.
Inside the WriteTerm sub, add your own regex pattern && next command to ignore lines containing patterns you don’t want backed up by RANCID, e.g.:
/^ (permit|deny) / && next;
Should ignore all ACL entries.
From: Rancid-discuss <rancid-discuss-bounces at www.shrubbery.net> On Behalf Of Hank Nussbacher
Sent: Monday, June 14, 2021 12:35 PM
To: rancid-discuss at www.shrubbery.net
Subject: [rancid] Newbie question - ACL changes causing too many diffs
CAUTION: This message originated from outside of the organization. Be cautious opening any links or attachments.
Using rancid to monitor router diffs, we see that numerous routers generate diffs every 5 minutes because they have automated processes to auto-update their ACLs against attacks. How can one config rancid to ignore ACL changes?
Thanks,
Hank
----------Legal Disclaimer----------
The information contained in this message may be privileged and confidential, and is intended solely for the use of the named addressee. No other person is authorized to access, copy or re-use this message (or any information contained herein). If you are not the intended recipient, please notify us immediately by replying to this message and delete it from your computer.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20210614/4596cbf1/attachment.htm>
More information about the Rancid-discuss
mailing list