From sobrien at nso.edu Tue Apr 4 17:16:28 2023 From: sobrien at nso.edu (Steve O'Brien) Date: Tue, 4 Apr 2023 07:16:28 -1000 Subject: [rancid] Arista Spurious Diffs EOS 4.29.2 Message-ID: Installed new Arista EOS version and seeing these every run: - ! Image: Uptime: 4 days, 18 hours and 50 minutes + ! Image: Uptime: 4 days, 19 hours and 50 minutes ! Image: Total memory: 3982764 kB - ! Image: Free memory: 2574220 kB + ! Image: Free memory: 2573896 kB Any help would be appreciated! Steve -------------- next part -------------- An HTML attachment was scrubbed... URL: From frnkblk at iname.com Tue Apr 4 17:22:46 2023 From: frnkblk at iname.com (Frank Bulk) Date: Tue, 4 Apr 2023 12:22:46 -0500 Subject: [rancid] Arista Spurious Diffs EOS 4.29.2 In-Reply-To: References: Message-ID: <000501d9671a$12abcd40$380367c0$@iname.com> I?m using the arrancid plugin and these two lines take care of that: if ( $key ne 'Uptime' and $key ne 'Free memory' ) { ProcessHistory("COMMENTS", "", "", "!$key: $val" ); } Frank From: Rancid-discuss On Behalf Of Steve O'Brien Sent: Tuesday, April 4, 2023 12:16 PM To: rancid-discuss at www.shrubbery.net Subject: [rancid] Arista Spurious Diffs EOS 4.29.2 Installed new Arista EOS version and seeing these every run: - ! Image: Uptime: 4 days, 18 hours and 50 minutes + ! Image: Uptime: 4 days, 19 hours and 50 minutes ! Image: Total memory: 3982764 kB - ! Image: Free memory: 2574220 kB + ! Image: Free memory: 2573896 kB Any help would be appreciated! Steve Links contained in this email have been replaced. If you click on a link in the email above, the link will be analyzed for known threats. If a known threat is found, you will not be able to proceed to the destination. If suspicious content is detected, you will see a warning. -------------- next part -------------- An HTML attachment was scrubbed... URL: From heas at shrubbery.net Tue Apr 4 17:35:37 2023 From: heas at shrubbery.net (heasley) Date: Tue, 4 Apr 2023 17:35:37 +0000 Subject: [rancid] Arista Spurious Diffs EOS 4.29.2 In-Reply-To: References: Message-ID: Tue, Apr 04, 2023 at 07:16:28AM -1000, Steve O'Brien: > Installed new Arista EOS version and seeing these every run: > > > - ! Image: Uptime: 4 days, 18 hours and 50 minutes > + ! Image: Uptime: 4 days, 19 hours and 50 minutes > ! Image: Total memory: 3982764 kB > - ! Image: Free memory: 2574220 kB > + ! Image: Free memory: 2573896 kB Are these coming from show version? These should already be ignored, but the "Image: " text is unexpected. What version of rancid are you running? From sobrien at nso.edu Tue Apr 4 17:51:41 2023 From: sobrien at nso.edu (Steve O'Brien) Date: Tue, 4 Apr 2023 07:51:41 -1000 Subject: [rancid] Arista Spurious Diffs EOS 4.29.2 In-Reply-To: References: Message-ID: rancid 3.13 *Steve O'Brien* | Senior Network Administrator National Solar Observatory Daniel K. Inouye Solar Telescope Project 22 Ohi?a Ku Street, Pukalani, HI 96768 On Tue, Apr 4, 2023 at 7:35?AM heasley wrote: > Tue, Apr 04, 2023 at 07:16:28AM -1000, Steve O'Brien: > > Installed new Arista EOS version and seeing these every run: > > > > > > - ! Image: Uptime: 4 days, 18 hours and 50 minutes > > + ! Image: Uptime: 4 days, 19 hours and 50 minutes > > ! Image: Total memory: 3982764 kB > > - ! Image: Free memory: 2574220 kB > > + ! Image: Free memory: 2573896 kB > > Are these coming from show version? These should already be ignored, but > the "Image: " text is unexpected. What version of rancid are you running? > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From durrani.anwar at gmail.com Wed Apr 5 05:15:58 2023 From: durrani.anwar at gmail.com (Anwar Durrani) Date: Wed, 5 Apr 2023 10:45:58 +0530 Subject: [rancid] login script for PaloAlto PA850 Message-ID: Hi Team, For the past week, I am trying to configure PA-850 firewalls in rancid, since I am new to rancid, I was not the aware complete and right procedure for how to do it, and later I came across several articles on the internet. Now, I found a very old panrancid script which ends up with the error as below I am running PAN-OS Version 10.1.7 Can't use 'defined(%hash)' (Maybe you should just omit the defined()?) at /usr/lib/rancid/bin/panrancid line 53. My Configuration files look like as below cat /var/lib/rancid/firewalls/router.db firewall1..com.com;paloalto;up; cat /etc/rancid/rancid.types.conf paloalto;script;panrancid Where i have panrancid file under /var/lib/rancid/bin directory (I am running ubuntu 22.02) cat /var/lib/rancid/firewalls/routers.up firewall1;paloalto Where i am wrong? -- Thanks & regards, Anwar M. Durrani +91-9923205011 -------------- next part -------------- An HTML attachment was scrubbed... URL: From chris.weakland at gmail.com Wed Apr 5 11:21:17 2023 From: chris.weakland at gmail.com (Chris Weakland) Date: Wed, 5 Apr 2023 07:21:17 -0400 Subject: [rancid] login script for PaloAlto PA850 In-Reply-To: References: Message-ID: An HTML attachment was scrubbed... URL: From heas at shrubbery.net Wed Apr 5 20:03:05 2023 From: heas at shrubbery.net (heasley) Date: Wed, 5 Apr 2023 20:03:05 +0000 Subject: [rancid] login script for PaloAlto PA850 In-Reply-To: References:

Message-ID: Wed, Apr 05, 2023 at 07:21:17AM -0400, Chris Weakland: > Palo Alto support has bee. built into Rancid for some time, no need for any additional scripts. The device type is: paloalto indeed; there is also device type paloaltoxml for the xml config. > Your router.db looks incorrect, it should be: > > Firewall1.yourdomain.com;paloalto;up to be pedantic, additional fields are simply ignored. From chris.weakland at gmail.com Wed Apr 5 22:19:43 2023 From: chris.weakland at gmail.com (Chris) Date: Wed, 5 Apr 2023 18:19:43 -0400 Subject: [rancid] login script for PaloAlto PA850 In-Reply-To: References:

, Message-ID: <5C914300-CA4E-4901-8196-A499E132855E@hxcore.ol> An HTML attachment was scrubbed... URL: From durrani.anwar at gmail.com Thu Apr 6 09:06:35 2023 From: durrani.anwar at gmail.com (Anwar Durrani) Date: Thu, 6 Apr 2023 14:36:35 +0530 Subject: [rancid] login script for PaloAlto PA850 In-Reply-To: References:

Message-ID: Thanks heasley for reaching out, yes i have intentionally took off domain part for security reasons On Thu, 6 Apr 2023 at 01:33, heasley wrote: > Wed, Apr 05, 2023 at 07:21:17AM -0400, Chris Weakland: > > Palo Alto support has bee. built into Rancid for some time, no need for > any > additional scripts. The device type is: paloalto > > indeed; there is also device type paloaltoxml for the xml config. > > > Your router.db looks incorrect, it should be: > > > > Firewall1.yourdomain.com;paloalto;up > > to be pedantic, additional fields are simply ignored. > -- Thanks & regards, Anwar M. Durrani +91-9923205011 -------------- next part -------------- An HTML attachment was scrubbed... URL: From durrani.anwar at gmail.com Thu Apr 6 09:08:27 2023 From: durrani.anwar at gmail.com (Anwar Durrani) Date: Thu, 6 Apr 2023 14:38:27 +0530 Subject: [rancid] login script for PaloAlto PA850 In-Reply-To: <5C914300-CA4E-4901-8196-A499E132855E@hxcore.ol> References:

<5C914300-CA4E-4901-8196-A499E132855E@hxcore.ol> Message-ID: Thanks, Chris for your prompt response. I am putting complete procedure step by step so that every one can easily understand #Configure PaloAlto Firewall on rancid server Rancid Version : 3.13-1 [apt -list | grep rancid] OS Version : Ubuntu 22.04.2 LTS [lsb_release -a] 1. Make changes in rancid main configuration /etc/rancid/rancid.conf add firewalls(whatever name you would like to keep) LIST_OF_GROUPS="routers switches waps firewalls"; export LIST_OF_GROUPS 2. To take effets the changes in configuration run below command but you have to be rancid user first su - rancid /usr/lib/rancid/bin/rancid-run 3. Make change in configuration file and add device vim /var/lib/rancid/firewalls/router.db add following line firewall1.your-domain.com;paloalto;up; 4. Make changes in vim /var/lib/rancid/firewalls/routers.up add below line firewall1.your-domain.com;paloalto 5. Make changes in vim /etc/rancid/rancid.types.base add lines below paloalto;login;plogin paloalto;module;panos paloalto;inloop;panos::inloop paloalto;command;panos::ShowInfo;show system info paloalto;command;panos::ShowInventory;show chassis inventory paloalto;command;panos::ShowConfig;show config merged 6. Make changes in vim /etc/rancid/rancid.types.conf # This is for PaloAlto Firewall paloalto;script;panrancid 7. Make changes in vim /etc/rancid/rancid.types.conf add lines as below # This is for PaloAlto Firewall paloalto;script;panrancid 8. Enable email configuration vim /etc/aliases add lines below rancid-firewalls: infra-alerts at your-domain.com rancid-firewalls-admin: infra-alerts at your-domain.com # Run below command to take into effect newaliases # You Must have panos, panrancid & plogin files present under /var/lib/rancid/bin On Thu, 6 Apr 2023 at 03:49, Chris wrote: > Just wanted to add for the benefit of all, I like to edit my > etc/rancid.types.conf and add a new ?type?. Here is what the additional > lines look like: > > > > paloaltofw;script;rancid -t paloaltofw > > paloaltofw;login;panlogin > > paloaltofw;module;panos > > paloaltofw;inloop;panos::inloop > > paloaltofw;command;panos::ShowInfo;show system info > > paloaltofw;command;panos::ShowInventory;show chassis inventory > > paloaltofw;command;rancid::RunCommand;set cli config-output-format set > > paloaltofw;command;rancid::RunCommand;configure > > paloaltofw;command;panos::ShowConfig;show > > > > This gives you a more human readable configuration. > > > > In your router.db you would need to add: > > > > Firewall1.yourdomain.com;paloaltofw;up > > > > Chris > > > > *From: *heasley > *Sent: *Wednesday, April 5, 2023 4:03 PM > *To: *Chris Weakland > *Cc: *Anwar Durrani ; > rancid-discuss at www.shrubbery.net > *Subject: *Re: [rancid] login script for PaloAlto PA850 > > > > Wed, Apr 05, 2023 at 07:21:17AM -0400, Chris Weakland: > > > Palo Alto support has bee. built into Rancid for some time, no need for > any > > additional scripts. The device type is: paloalto > > > > indeed; there is also device type paloaltoxml for the xml config. > > > > > Your router.db looks incorrect, it should be: > > > > > > Firewall1.yourdomain.com;paloalto;up > > > > to be pedantic, additional fields are simply ignored. > > > -- Thanks & regards, Anwar M. Durrani +91-9923205011 -------------- next part -------------- An HTML attachment was scrubbed... URL: From athompson at merlin.mb.ca Thu Apr 6 12:11:26 2023 From: athompson at merlin.mb.ca (Adam Thompson) Date: Thu, 6 Apr 2023 12:11:26 +0000 Subject: [rancid] login script for PaloAlto PA850 In-Reply-To: <5C914300-CA4E-4901-8196-A499E132855E@hxcore.ol> References:

, <5C914300-CA4E-4901-8196-A499E132855E@hxcore.ol> Message-ID: Just a reminder that the "set" output cannot always be uploaded directly to a PA in a disaster scenario, only the XML can be used for that. You can try to paste in the "set" output through either the serial port or an SSH session once you have a network, but that is known to not always work 100% on all versions of PAN-OS. (The commands are not always generated in the correct order, and outright circular dependencies often exist.) OTOH, good luck having a human read and understand XML or JSON diffs, so you're kind of stuck between a rock and a hard place... We used to solve this by backing up the same config twice, once in each format. PITA but it worked. If you also have and use Palo Alto's Panorama product to manage your firewalls, you may as well disregard everything I've just said, it changes the rules of the game completely anyway. Its config can be captured via SSH in "set" format like a firewall, which is still useful for human analysis. (Make sure your timeouts are high, though - my Panorama instance takes about 20min to dump ~0.7M lines in "set" format!) Source: currently in year 4 of a love-hate, no wait, more like a need-hate, relationship with Panorama. -Adam Get Outlook for Android ________________________________ From: Rancid-discuss on behalf of Chris Sent: Wednesday, April 5, 2023 5:19:43 PM To: heasley Cc: rancid-discuss at www.shrubbery.net Subject: Re: [rancid] login script for PaloAlto PA850 Just wanted to add for the benefit of all, I like to edit my etc/rancid.types.conf and add a new ?type?. Here is what the additional lines look like: paloaltofw;script;rancid -t paloaltofw paloaltofw;login;panlogin paloaltofw;module;panos paloaltofw;inloop;panos::inloop paloaltofw;command;panos::ShowInfo;show system info paloaltofw;command;panos::ShowInventory;show chassis inventory paloaltofw;command;rancid::RunCommand;set cli config-output-format set paloaltofw;command;rancid::RunCommand;configure paloaltofw;command;panos::ShowConfig;show This gives you a more human readable configuration. In your router.db you would need to add: Firewall1.yourdomain.com;paloaltofw;up Chris From: heasley Sent: Wednesday, April 5, 2023 4:03 PM To: Chris Weakland Cc: Anwar Durrani; rancid-discuss at www.shrubbery.net Subject: Re: [rancid] login script for PaloAlto PA850 Wed, Apr 05, 2023 at 07:21:17AM -0400, Chris Weakland: > Palo Alto support has bee. built into Rancid for some time, no need for any additional scripts. The device type is: paloalto indeed; there is also device type paloaltoxml for the xml config. > Your router.db looks incorrect, it should be: > > Firewall1.yourdomain.com;paloalto;up to be pedantic, additional fields are simply ignored. -------------- next part -------------- An HTML attachment was scrubbed... URL: From chris.weakland at gmail.com Thu Apr 6 12:47:35 2023 From: chris.weakland at gmail.com (Chris) Date: Thu, 6 Apr 2023 08:47:35 -0400 Subject: [rancid] login script for PaloAlto PA850 In-Reply-To: References:

<5C914300-CA4E-4901-8196-A499E132855E@hxcore.ol>, Message-ID: <81F53443-3C5D-4735-A622-45358124E813@hxcore.ol> An HTML attachment was scrubbed... URL: From durrani.anwar at gmail.com Thu Apr 6 15:30:16 2023 From: durrani.anwar at gmail.com (Anwar Durrani) Date: Thu, 6 Apr 2023 21:00:16 +0530 Subject: [rancid] login script for PaloAlto PA850 In-Reply-To: <81F53443-3C5D-4735-A622-45358124E813@hxcore.ol> References:

<5C914300-CA4E-4901-8196-A499E132855E@hxcore.ol> <81F53443-3C5D-4735-A622-45358124E813@hxcore.ol> Message-ID: Ok Thanks, Chris, I will make a note. One more thing, whenever I am pushing changes to Firewalls i am not getting notified through email about changes made but in the case of Cisco, I receive whatever changes are made through email. While in the Firewall I am getting notifications as below every 30 mins. #wf-private-version: 0 #wf-private-release-date: unknown #url-db: paloaltonetworks - #wildfire-version: 757373-760822 - #wildfire-release-date: 2023/04/06 19:57:32 IST + #wildfire-version: 757379-760828 + #wildfire-release-date: 2023/04/06 20:27:32 IST #wildfire-rt: Disabled - #url-filtering-version: 20230406.20218 + #url-filtering-version: 20230406.20226 On Thu, 6 Apr 2023 at 18:17, Chris wrote: > I think you can remove step 4, in my experience it should not be needed > > > > Chris > > > > *From: *Anwar Durrani > *Sent: *Thursday, April 6, 2023 5:08 AM > *To: *Chris > *Cc: *heasley ; rancid-discuss at www.shrubbery.net > *Subject: *Re: [rancid] login script for PaloAlto PA850 > > > > Thanks, Chris for your prompt response. > > > > I am putting complete procedure step by step so that every one can easily > understand > > > > #Configure PaloAlto Firewall on rancid server > > Rancid Version : 3.13-1 [apt -list | grep rancid] > > OS Version : Ubuntu 22.04.2 LTS [lsb_release -a] > > > > 1. Make changes in rancid main configuration /etc/rancid/rancid.conf > > add firewalls(whatever name you would like to keep) > LIST_OF_GROUPS="routers switches waps firewalls"; export LIST_OF_GROUPS > > > > 2. To take effets the changes in configuration run below command but you > have to be rancid user first > > su - rancid > > /usr/lib/rancid/bin/rancid-run > > > > 3. Make change in configuration file and add device > > vim /var/lib/rancid/firewalls/router.db > > > > add following line > > > > firewall1.your-domain.com;paloalto;up; > > > > 4. Make changes in > > vim /var/lib/rancid/firewalls/routers.up > > > > add below line > > > > firewall1.your-domain.com;paloalto > > > > 5. Make changes in vim /etc/rancid/rancid.types.base > > > > add lines below > > > > paloalto;login;plogin > > paloalto;module;panos > > paloalto;inloop;panos::inloop > > paloalto;command;panos::ShowInfo;show system info > > paloalto;command;panos::ShowInventory;show chassis inventory > > paloalto;command;panos::ShowConfig;show config merged > > > > 6. Make changes in vim /etc/rancid/rancid.types.conf > > > > *# This is for PaloAlto Firewall* > > paloalto;script;panrancid > > > > 7. Make changes in vim /etc/rancid/rancid.types.conf > > > > add lines as below > > > > *# This is for PaloAlto Firewall* > > paloalto;script;panrancid > > > > 8. Enable email configuration > > > > vim /etc/aliases > > > > add lines below > > > > rancid-firewalls: infra-alerts at your-domain.com > > rancid-firewalls-admin: infra-alerts at your-domain.com > > > > *# Run below command to take into effect* > > newaliases > > > > *# You Must have panos, panrancid & plogin files present under > /var/lib/rancid/bin* > > > > On Thu, 6 Apr 2023 at 03:49, Chris wrote: > > Just wanted to add for the benefit of all, I like to edit my > etc/rancid.types.conf and add a new ?type?. Here is what the additional > lines look like: > > > > paloaltofw;script;rancid -t paloaltofw > > paloaltofw;login;panlogin > > paloaltofw;module;panos > > paloaltofw;inloop;panos::inloop > > paloaltofw;command;panos::ShowInfo;show system info > > paloaltofw;command;panos::ShowInventory;show chassis inventory > > paloaltofw;command;rancid::RunCommand;set cli config-output-format set > > paloaltofw;command;rancid::RunCommand;configure > > paloaltofw;command;panos::ShowConfig;show > > > > This gives you a more human readable configuration. > > > > In your router.db you would need to add: > > > > Firewall1.yourdomain.com;paloaltofw;up > > > > Chris > > > > *From: *heasley > *Sent: *Wednesday, April 5, 2023 4:03 PM > *To: *Chris Weakland > *Cc: *Anwar Durrani ; > rancid-discuss at www.shrubbery.net > *Subject: *Re: [rancid] login script for PaloAlto PA850 > > > > Wed, Apr 05, 2023 at 07:21:17AM -0400, Chris Weakland: > > > Palo Alto support has bee. built into Rancid for some time, no need for > any > > additional scripts. The device type is: paloalto > > > > indeed; there is also device type paloaltoxml for the xml config. > > > > > Your router.db looks incorrect, it should be: > > > > > > Firewall1.yourdomain.com;paloalto;up > > > > to be pedantic, additional fields are simply ignored. > > > > > > > -- > > Thanks & regards, > Anwar M. Durrani > > +91-9923205011 > > > > > -- Thanks & regards, Anwar M. Durrani +91-9923205011 -------------- next part -------------- An HTML attachment was scrubbed... URL: From heas at shrubbery.net Thu Apr 6 16:22:00 2023 From: heas at shrubbery.net (heasley) Date: Thu, 6 Apr 2023 16:22:00 +0000 Subject: [rancid] login script for PaloAlto PA850 In-Reply-To: References:

Message-ID: Thu, Apr 06, 2023 at 02:36:35PM +0530, Anwar Durrani: > Thanks heasley for reaching out, yes i have intentionally took off domain > part for security reasons You might have misunderstood. > > > Firewall1.yourdomain.com;paloalto;up > > > > to be pedantic, additional fields are simply ignored. Firewall1.yourdomain.com;paloalto;up;this is ignored;so is this;and that From durrani.anwar at gmail.com Thu Apr 6 17:06:16 2023 From: durrani.anwar at gmail.com (Anwar Durrani) Date: Thu, 6 Apr 2023 22:36:16 +0530 Subject: [rancid] login script for PaloAlto PA850 In-Reply-To: References:

Message-ID: My apologies, thanks for correction. On Thu, 6 Apr, 2023, 9:52 pm heasley, wrote: > Thu, Apr 06, 2023 at 02:36:35PM +0530, Anwar Durrani: > > Thanks heasley for reaching out, yes i have intentionally took off domain > > part for security reasons > > You might have misunderstood. > > > > > Firewall1.yourdomain.com;paloalto;up > > > > > > to be pedantic, additional fields are simply ignored. > > > Firewall1.yourdomain.com;paloalto;up;this is ignored;so is this;and that > -------------- next part -------------- An HTML attachment was scrubbed... URL: From heas at shrubbery.net Fri Apr 7 20:00:29 2023 From: heas at shrubbery.net (heasley) Date: Fri, 7 Apr 2023 20:00:29 +0000 Subject: [rancid] login script for PaloAlto PA850 In-Reply-To: References:

<5C914300-CA4E-4901-8196-A499E132855E@hxcore.ol> Message-ID: Thu, Apr 06, 2023 at 12:11:26PM +0000, Adam Thompson: > Just a reminder that the "set" output cannot always be uploaded directly to a PA in a disaster scenario, only the XML can be used for that. You can try to paste in the "set" output through either the serial port or an SSH session once you have a network, but that is known to not always work 100% on all versions of PAN-OS. (The commands are not always generated in the correct order, and outright circular dependencies often exist.) > > OTOH, good luck having a human read and understand XML or JSON diffs, so you're kind of stuck between a rock and a hard place... > > We used to solve this by backing up the same config twice, once in each format. PITA but it worked. There is probably a hack that can be used to collect both. the easiest way would be a 'show config running' command that is slightly different in its text, such as an additional argument. "show config running | no-more". Is there such a thing? Anything else will require changes to how rancid manages the command list, so that it doesnt drop the duplicate. From athompson at merlin.mb.ca Mon Apr 17 18:24:07 2023 From: athompson at merlin.mb.ca (Adam Thompson) Date: Mon, 17 Apr 2023 18:24:07 +0000 Subject: [rancid] login script for PaloAlto PA850 In-Reply-To: References:

<5C914300-CA4E-4901-8196-A499E132855E@hxcore.ol> Message-ID: No, sadly you have to send a separate command to change formats: set cli config-output-format configure show exit set cli config-output-format configure show exit Adam Thompson Consultant, Infrastructure Services? MERLIN 100 - 135 Innovation Drive? Winnipeg, MB R3T 6A8? (204) 977-6824 or 1-800-430-6404 (MB only)? https://www.merlin.mb.ca? Chat with me on Teams? ? > -----Original Message----- > From: heasley > Sent: Friday, April 7, 2023 3:00 PM > To: Adam Thompson > Cc: Chris ; heasley ; > rancid-discuss at www.shrubbery.net > Subject: Re: [rancid] login script for PaloAlto PA850 > > Thu, Apr 06, 2023 at 12:11:26PM +0000, Adam Thompson: > > Just a reminder that the "set" output cannot always be uploaded > directly to a PA in a disaster scenario, only the XML can be used for > that. You can try to paste in the "set" output through either the > serial port or an SSH session once you have a network, but that is > known to not always work 100% on all versions of PAN-OS. (The > commands are not always generated in the correct order, and outright > circular dependencies often exist.) > > > > OTOH, good luck having a human read and understand XML or JSON > diffs, so you're kind of stuck between a rock and a hard place... > > > > We used to solve this by backing up the same config twice, once in > each format. PITA but it worked. > > There is probably a hack that can be used to collect both. the > easiest > way would be a 'show config running' command that is slightly > different > in its text, such as an additional argument. "show config running | > no-more". > > Is there such a thing? > > Anything else will require changes to how rancid manages the command > list, > so that it doesnt drop the duplicate. From sobrien at nso.edu Tue Apr 18 01:31:31 2023 From: sobrien at nso.edu (Steve O'Brien) Date: Mon, 17 Apr 2023 15:31:31 -1000 Subject: [rancid] Cisco Spurious Diffs Message-ID: Just updated to rancid 3.13 and now I am seeing some time diffs on the ssd file on the bootflash: diff -u -4 -r1.258 Cisco-9500 @@ -118,9 +118,9 @@ !Flash: bootflash: -rw- 242 Mar 18 2022 12:51:08 -10:00 preboothelper.log !Flash: bootflash: -rw- 89 Feb 21 2023 14:21:11 -10:00 rdope.log !Flash: bootflash: -rw- 16984 Feb 21 2023 14:21:12 -10:00 rdope_out.txt !Flash: bootflash: drwx 4096 Mar 18 2022 12:54:36 -10:00 ss_disc - !Flash: bootflash: -rw- 5242880 Apr 15 2023 14:44:47 -10:00 ssd + !Flash: bootflash: -rw- 5242880 Apr 16 2023 14:45:15 -10:00 ssd !Flash: bootflash: -rwx 2049 Feb 21 2023 14:20:03 -10:00 svl_ipc.tcl !Flash: bootflash: drwx 4096 Mar 18 2022 12:54:39 -10:00 sys_report !Flash: bootflash: drwx 4096 Mar 18 2022 12:54:38 -10:00 tech_support !Flash: bootflash: -rw- vlan.dat Any suggestions? Thanks! -------------- next part -------------- An HTML attachment was scrubbed... URL: From rjlwatt at gmail.com Wed Apr 19 14:14:32 2023 From: rjlwatt at gmail.com (RJ Watt) Date: Wed, 19 Apr 2023 10:14:32 -0400 Subject: [rancid] Has anyone worked on adding Transition Networks switches? Message-ID: Hello kind and helpful subscribers The model we have is "Transition Networks SM24DPB Managed" and we haven't been able to find any rancid related posts online or in this mailing list. -------------- next part -------------- An HTML attachment was scrubbed... URL: From djones at ena.com Sun Apr 23 21:09:25 2023 From: djones at ena.com (David Jones) Date: Sun, 23 Apr 2023 21:09:25 +0000 Subject: [rancid] Extreme VSP (Avaya) and ERS (Bay Networks) Message-ID: <06255081-B1E5-4F23-BCC7-9B4CC5150C43@ena.com> Setting up a new instance of RANCiD for an Extreme environment of Avaya VSP4Ks and BayStack ERS (Edge Routing Switch) 49xx. The "extreme" xlogin.appears to be targeted for EXOS devices so it doesn't behave any differently than clogin. Starting with the VSP, I can get this command to work -- dumps the full config without paging: /usr/local/rancid/bin/clogin -u rancid -p ******** -c "enable; terminal more disable; show run" [ip address] But when I just do "show run" I get this: [ip address] spawn ssh -x -l rancid [ip address] Using security software from Mocana Corporation. Please visit https://www.mocana.com/ for more information Copyright(c) 2010-2022 Extreme Networks. All Rights Reserved. Virtual Services Platform 7200 VSP Operating System Software Build 8.8.1.0 General Availability Released Software, Fully supported This product is protected by one or more US patents listed at http://www.extremenetworks.com/patents along with their foreign counterparts. EXTREME NETWORKS VOSS COMMAND LINE INTERFACE rancid@[ip address]'s password: VSP7254:1> VSP7254:1>terminal length 0 ^ % Invalid input detected at '^' marker. VSP7254:1>terminal width 132 ^ % Invalid input detected at '^' marker. VSP7254:1>terminal more disable VSP7254:1> show run ^ % Invalid input detected at '^' marker. VSP7254:1>exit I know I need to "enable" but the autoenable flag is not working. I think I need to setup a new type in rancid.types.conf and override some default commands like "terminal length 0" but I can't figure out how. Is there documentation that explains how to change/override commands for different devices? Thank you. From sobrien at nso.edu Mon Apr 24 20:31:20 2023 From: sobrien at nso.edu (Steve O'Brien) Date: Mon, 24 Apr 2023 10:31:20 -1000 Subject: [rancid] How to skip inline power change Message-ID: I use an ansible script to turn off PoE on our WAP's Cisco switchports, I would like to ignore changes to the inline power on the interfaces. Is there a relatively easy way to have rancid skip that command for diffs? interface GigabitEthernet1/0/27 description ***WIFI*** switchport mode trunk + power inline never Thanks! Steve -------------- next part -------------- An HTML attachment was scrubbed... URL: