From me at falz.net  Tue Jul 30 18:45:32 2024
From: me at falz.net (Chris Wopat)
Date: Tue, 30 Jul 2024 13:45:32 -0500
Subject: [rancid] Fortigate.pm $FILTER_OSC additions for FortiOS 7.4.x
Message-ID: <CALsLHcgoXVgkEnO=D5_=hQsbAtW6Amf0B6zdSu+G7x=sWcw_Vw@mail.gmail.com>

A few additional `next if` are requested to add to fortigate.pm for
FortiOS 7.4.x devices.

Example diff:

- #Proxy-IPS-ETDB: 28.00834(2024-07-26 23:40)
- #Proxy-APP-DB: 28.00833(2024-07-25 00:23)
+ #Proxy-IPS-ETDB: 28.00835(2024-07-30 00:23)
+ #Proxy-APP-DB: 28.00835(2024-07-30 00:23)


We added these to sub GetSystem {} next to similar lines to clear it up.

            next if (/^\s*Proxy-APP-DB: .*/);
            next if (/^\s*Proxy-IPS-ETDB: .*/);


There's some very similar regexp there that could also be adjusted to
do the same thing, heasley's choice:

            next if (/^\s*APP-DB: .*/);
            next if (/^\s*IPS-ETDB: .*/);


Here's a full output of `get system status` with all values unfiltered.

 # get system status
Version: FortiGate-500E v7.4.4,build2662,240514 (GA.F)
First GA patch build date: 230509
Security Level: 2
Firmware Signature: certified
Virus-DB: 92.06203(2024-07-30 09:26)
Extended DB: 92.06203(2024-07-30 09:25)
Extreme DB: 1.00000(2018-04-09 18:07)
AV AI/ML Model: 2.17372(2024-07-30 09:45)
IPS-DB: 6.00741(2015-12-01 02:30)
IPS-ETDB: 28.00835(2024-07-30 00:23)
APP-DB: 28.00835(2024-07-30 00:23)
Proxy-IPS-DB: 6.00741(2015-12-01 02:30)
Proxy-IPS-ETDB: 28.00835(2024-07-30 00:23)
Proxy-APP-DB: 28.00835(2024-07-30 00:23)
FMWP-DB: 24.00070(2024-07-05 17:45)
IPS Malicious URL Database: 5.00127(2024-07-30 07:05)
IoT-Detect: 0.00000(2022-08-17 17:31)
OT-Detect-DB: 0.00000(2001-01-01 00:00)
OT-Patch-DB: 0.00000(2001-01-01 00:00)
OT-Threat-DB: 6.00741(2015-12-01 02:30)
IPS-Engine: 7.00539(2024-05-09 00:34)
Serial-Number: <REDACTED>
BIOS version: 05000005
System Part-Number: P21591-04
Log hard disk: Not available
Hostname: fw-elkmoundsd
Private Encryption: Disable
Operation Mode: NAT
Current virtual domain: root
Max number of virtual domains: 10
Virtual domains status: 1 in NAT mode, 0 in TP mode
Virtual domain configuration: disable
FIPS-CC mode: disable
Current HA mode: standalone
Branch point: 2662
Release Version Information: GA
FortiOS x86-64: Yes
System time: Tue Jul 30 13:38:35 2024
Last reboot reason: warm reboot


.. and here's what that looks like in RANCID pre-patch. There's a few
other candidates to be filtered, but based on the dates they don't
seem to change much (IoT-Detect is 2022, etc)

#Version: FortiGate-500E v7.4.4,build2662,240514 (GA.F)
#First GA patch build date: 230509
#Security Level: 2
#Firmware Signature: certified
#Extreme DB: 1.00000(2018-04-09 18:07)
#Proxy-IPS-DB: 6.00741(2015-12-01 02:30)
#Proxy-IPS-ETDB: 28.00835(2024-07-30 00:23)
#Proxy-APP-DB: 28.00835(2024-07-30 00:23)
#FMWP-DB: 24.00070(2024-07-05 17:45)
#IoT-Detect: 0.00000(2022-08-17 17:31)
#OT-Detect-DB: 0.00000(2001-01-01 00:00)
#OT-Patch-DB: 0.00000(2001-01-01 00:00)
#OT-Threat-DB: 6.00741(2015-12-01 02:30)
#IPS-Engine: 7.00539(2024-05-09 00:34)
#Serial-Number: <REDACTED>
#BIOS version: 05000005
#System Part-Number: P21591-04
#Log hard disk: Not available
#Hostname: fw-elkmoundsd
#Private Encryption: Disable
#Operation Mode: NAT
#Current virtual domain: root
#Max number of virtual domains: 10
#Virtual domains status: 1 in NAT mode, 0 in TP mode
#Virtual domain configuration: disable
#FIPS-CC mode: disable
#Current HA mode: standalone
#Branch point: 2662
#Release Version Information: GA
#FortiOS x86-64: Yes
#Last reboot reason: warm reboot