From cra at fea.st Sun Feb 2 20:25:36 2025 From: cra at fea.st (Chuck Anderson) Date: Sun, 2 Feb 2025 15:25:36 -0500 Subject: [rancid] grep fixes Message-ID: Here is a patch to eliminate these warnings that are output on newer versions of "grep": egrep: warning: egrep is obsolescent; using grep -E grep: warning: stray \ before / -------------- next part -------------- diff -up rancid-3.13/bin/control_rancid.in.grep rancid-3.13/bin/control_rancid.in --- rancid-3.13/bin/control_rancid.in.grep 2020-08-06 15:05:38.000000000 -0400 +++ rancid-3.13/bin/control_rancid.in 2025-02-02 15:22:57.361469459 -0500 @@ -615,7 +615,7 @@ do if [ ! -s $router.new ] ; then rm -f $router.new else - notcomment=`egrep -v "^[-*\!\;#]|\/\*" $router.new | wc -l` + notcomment=`grep -E -v "^[-*\!\;#]|/\*" $router.new | wc -l` if [ $notcomment -gt 10 ]; then lines=1; else diff -up rancid-3.13/etc/rancid.conf.sample.in.grep rancid-3.13/etc/rancid.conf.sample.in --- rancid-3.13/etc/rancid.conf.sample.in.grep 2020-05-13 19:42:39.000000000 -0400 +++ rancid-3.13/etc/rancid.conf.sample.in 2025-02-02 15:22:56.569460771 -0500 @@ -33,7 +33,7 @@ PATH=@bindir@:@ENV_PATH@; export PATH # you are doing, disable this check by commenting these lines. uid=`perl -e 'print "$>"'` if [ -e /proc/1/cgroup ] ; then - DOCKER=`cat /proc/1/cgroup | grep "cpu.*\/docker"` + DOCKER=`cat /proc/1/cgroup | grep "cpu.*/docker"` fi test "x$DOCKER" = "x" && test "$uid" -eq 0 && echo "Do not run $0 as root!" && exit 1 # From peo at chalmers.se Wed Feb 5 06:36:17 2025 From: peo at chalmers.se (Per-Olof Olsson) Date: Wed, 5 Feb 2025 07:36:17 +0100 Subject: [rancid] Aruba CX switches added more status. Message-ID: Hello Like to ha have control over saved config like old HP's and if all units are up to date with updates (bios/boot_image and other programmables) Added this as separated subroutines to not interfere with old parts. arubaoscx;command;arubaoscx::ShowNeededUpdate;show needed-update next-boot arubaoscx;command;arubaoscx::CheckpointOutout;checkpoint diff startup-config running-config Just have 6200 device to test on but seems to work. /Peo ---------------------------------------------------------- Per-Olof Olsson Email: peo at chalmers.se Chalmers tekniska h?gskola IT-avdelningen Sven Hultins gata 9C 412 96 G?teborg Tel: 031/772 6738 Mob: 0707 88 3708 ---------------------------------------------------------- -------------- next part -------------- A non-text attachment was scrubbed... Name: arubaoscx.diff Type: text/x-patch Size: 2727 bytes Desc: not available URL: From ggiesen at giesen.me Thu Feb 27 17:02:26 2025 From: ggiesen at giesen.me (Gary T. Giesen) Date: Thu, 27 Feb 2025 12:02:26 -0500 (EST) Subject: [rancid] RANCiD with Fortinet FortiGate firewalls and cfg-save revert Message-ID: <732315247.965235.1740675746671@office.mailbox.org> We were recently troubleshooting an issue with our deployed Fortinet Fortigate firewalls and noticed that they're rebooting every night. The reboot was quick enough that it wasn't being picked up by our monitoring system (which polls every 5 minutes), and tracked down the issue to RANCiD. We set up remote syslogging and were able to glean this from the logs: Feb 27 03:14:47 fortigate date=2025-02-26 time=22:02:51 devname="fortigate" devid="FG40FITK00000001" eventtime=1740625371766672700 tz="-0500" logid="0100032002" type="event" subtype="system" level="alert" vd="root" logdesc="Admin login failed" sn="0" user="rancid" ui="ssh(192.0.2.10)" method="ssh" srcip=192.0.2.10 dstip=198.51.100.10 action="login" status="failed" reason="ssh_key_invalid" msg="Administrator rancid login failed from ssh(192.0.2.10) because of invalid ssh key" Feb 27 03:14:49 fortigate date=2025-02-26 time=22:02:53 devname="fortigate" devid="FG40FITK00000001" eventtime=1740625372916992740 tz="-0500" logid="0100032001" type="event" subtype="system" level="information" vd="root" logdesc="Admin login successful" sn="1740625372" user="rancid" ui="ssh(192.0.2.10)" method="ssh" srcip=192.0.2.10 dstip=198.51.100.10 action="login" status="success" reason="none" profile="super_admin" msg="Administrator rancid logged in successfully from ssh(192.0.2.10)" Feb 27 03:14:49 fortigate date=2025-02-26 time=22:02:53 devname="fortigate" devid="FG40FITK00000001" eventtime=1740625373254849640 tz="-0500" logid="0100044546" type="event" subtype="system" level="information" vd="root" logdesc="Attribute configured" user="rancid" ui="ssh(192.0.2.10)" action="Edit" cfgtid=1982529536 cfgpath="system.console" cfgattr="output[more->standard]" msg="Edit system.console " Feb 27 03:14:56 fortigate date=2025-02-26 time=22:03:00 devname="fortigate" devid="FG40FITK00000001" eventtime=1740625380414160400 tz="-0500" logid="0100032003" type="event" subtype="system" level="information" vd="root" logdesc="Admin logout successful" sn="1740625372" user="rancid" ui="ssh(192.0.2.10)" method="ssh" srcip=192.0.2.10 dstip=198.51.100.10 action="logout" status="success" duration=8 state="Config-Changed" reason="exit" msg="Administrator rancid logged out from ssh(192.0.2.10)" Feb 27 03:14:56 fortigate date=2025-02-26 time=22:03:00 devname="fortigate" devid="FG40FITK00000001" eventtime=1740625380414186840 tz="-0500" logid="0100032102" type="event" subtype="system" level="alert" vd="root" logdesc="Configuration changed" user="rancid" ui="ssh(192.0.2.10)" msg="Configuration is changed in the admin session" ... Feb 27 03:44:52 fortigate date=2025-02-26 time=22:32:56 devname="fortigate" devid="FG40FITK00000001" eventtime=1740627176128914740 tz="-0500" logid="0100036881" type="event" subtype="system" level="notice" vd="root" logdesc="Configuration reverted due to timeout" msg="Configuration reverted due to cfg-revert-timeout reached" If the fortigate script is anything like the cisco ones, I assume rancid is sending some commands to disable paging, the fortigate detects this as a config change. Our Fortigates have cfg-save revert set, which auto-reverts the config because it's not being saved (which involves rebooting the device). Has anyone dealt with this issue with RANCiD and cfg-save revert on Fortinet FortiGate firewalls? Is there any solution other than to just disable cfg-save revert (by setting it to automatic or manual). Cheers, Gary T. Giesen -------------- next part -------------- An HTML attachment was scrubbed... URL: