From owner-rancid-discuss-outgoing@shrubbery.net Mon Aug 16 09:15:10 2004 Return-Path: X-Original-To: rancid-discuss-archive@ni.shrubbery.net Delivered-To: rancid-discuss-archive@ni.shrubbery.net Received: from guelah.shrubbery.net (guelah.shrubbery.net [198.58.5.1]) by ni.shrubbery.net (Postfix) with ESMTP id 3EEB111CE2D for ; Mon, 16 Aug 2004 09:15:10 +0000 (GMT) Received: by guelah.shrubbery.net (Postfix) id C873011139; Mon, 16 Aug 2004 09:15:09 +0000 (UTC) Delivered-To: rancid-discuss-outgoing@shrubbery.net Received: by guelah.shrubbery.net (Postfix, from userid 10007) id BB2ED11142; Mon, 16 Aug 2004 09:15:09 +0000 (UTC) X-Original-To: rancid-discuss@shrubbery.net Delivered-To: rancid-discuss@shrubbery.net Received: from byron.heanet.ie (byron.heanet.ie [193.1.219.90]) by guelah.shrubbery.net (Postfix) with ESMTP id 1C28911139 for ; Mon, 16 Aug 2004 09:15:06 +0000 (UTC) Received: from grainne.heanet.ie ([2001:770:18:1:206:5bff:fe36:8c05] ident=Debian-exim) by byron.heanet.ie with esmtp (TLSv1:RC4-SHA:128) (Exim 4.34) id 1Bwda2-0007le-QG for rancid-discuss@shrubbery.net; Mon, 16 Aug 2004 10:15:02 +0100 Received: from colin by grainne.heanet.ie with local (Exim 4.34) id 1Bwda1-0005ou-Jk for rancid-discuss@shrubbery.net; Mon, 16 Aug 2004 10:15:01 +0100 Date: Mon, 16 Aug 2004 10:15:01 +0100 From: Colin Whittaker To: rancid-discuss@shrubbery.net Subject: Router vs TFTP configs Message-ID: <20040816091501.GD22111@grainne.heanet.ie> Reply-To: Colin Whittaker Mail-Followup-To: Colin Whittaker , rancid-discuss@shrubbery.net Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.5.6+20040523i Sender: owner-rancid-discuss@shrubbery.net Precedence: bulk Hi all, I am currently looking for a way to check that our tftp configs which we use for configuring our routers against what is actually on the routers. I figured someone must have come up with a way to deal with the idiosyncrasies of the show run output of various ciscos. Colin -- Colin Whittaker colin.whittaker@heanet.ie Tel: +353 1 6609040 HEAnet NOC noc@heanet.ie iNOC-DBA: 1213*752 From owner-rancid-discuss-outgoing@shrubbery.net Mon Aug 16 15:53:22 2004 Return-Path: X-Original-To: rancid-discuss-archive@ni.shrubbery.net Delivered-To: rancid-discuss-archive@ni.shrubbery.net Received: from guelah.shrubbery.net (guelah.shrubbery.net [198.58.5.1]) by ni.shrubbery.net (Postfix) with ESMTP id 5073911CE2D for ; Mon, 16 Aug 2004 15:53:22 +0000 (GMT) Received: by guelah.shrubbery.net (Postfix) id 3FBDF1113C; Mon, 16 Aug 2004 15:53:03 +0000 (UTC) Delivered-To: rancid-discuss-outgoing@shrubbery.net Received: by guelah.shrubbery.net (Postfix, from userid 10007) id 37B1011146; Mon, 16 Aug 2004 15:53:03 +0000 (UTC) X-Original-To: rancid-discuss@shrubbery.net Delivered-To: rancid-discuss@shrubbery.net Received: by guelah.shrubbery.net (Postfix, from userid 7053) id 5FEF911142; Mon, 16 Aug 2004 15:53:02 +0000 (UTC) Date: Mon, 16 Aug 2004 15:53:02 +0000 From: john heasley To: Colin Whittaker , rancid-discuss@shrubbery.net Subject: Re: Router vs TFTP configs Message-ID: <20040816155302.GC1263@shrubbery.net> References: <20040816091501.GD22111@grainne.heanet.ie> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20040816091501.GD22111@grainne.heanet.ie> User-Agent: Mutt/1.4.2.1i X-PGPkey: http://www.shrubbery.net/~heas/public-key.asc X-note: live free, or die! X-homer: i just want to have a beer while i am caring. Sender: owner-rancid-discuss@shrubbery.net Precedence: bulk Mon, Aug 16, 2004 at 10:15:01AM +0100, Colin Whittaker: > > Hi all, > > I am currently looking for a way to check that our tftp configs which we > use for configuring our routers against what is actually on the routers. > > I figured someone must have come up with a way to deal with the > idiosyncrasies of the show run output of various ciscos. ISC folks have some consistency checking scripts. not this precisely, but might give you some ideas. see last entry of the FAQ. From owner-rancid-discuss-outgoing@shrubbery.net Thu Aug 19 17:59:41 2004 Return-Path: X-Original-To: rancid-discuss-archive@ni.shrubbery.net Delivered-To: rancid-discuss-archive@ni.shrubbery.net Received: from guelah.shrubbery.net (guelah.shrubbery.net [198.58.5.1]) by ni.shrubbery.net (Postfix) with ESMTP id 4EDA211CE2D for ; Thu, 19 Aug 2004 17:59:41 +0000 (GMT) Received: by guelah.shrubbery.net (Postfix) id 2A19A11139; Thu, 19 Aug 2004 17:59:22 +0000 (UTC) Delivered-To: rancid-discuss-outgoing@shrubbery.net Received: by guelah.shrubbery.net (Postfix, from userid 10007) id 2149111142; Thu, 19 Aug 2004 17:59:22 +0000 (UTC) X-Original-To: rancid-discuss@shrubbery.net Delivered-To: rancid-discuss@shrubbery.net Received: from merc94.na.sas.com (merc94.na.sas.com [149.173.6.17]) by guelah.shrubbery.net (Postfix) with ESMTP id 5B34E11139 for ; Thu, 19 Aug 2004 17:59:21 +0000 (UTC) Received: from MERC21.na.sas.com ([10.19.9.171]) by merc94.na.sas.com with InterScan Messaging Security Suite; Thu, 19 Aug 2004 13:59:39 -0400 X-MimeOLE: Produced By Microsoft Exchange V6.5.7226.0 Content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Subject: A few questions with 2.3.1 Date: Thu, 19 Aug 2004 13:59:38 -0400 Message-ID: X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: A few questions with 2.3.1 thread-index: AcSGFktQ0S3eQ/mWQJyD7qhRiZfIZw== From: "Brian Wilson" To: Sender: owner-rancid-discuss@shrubbery.net Precedence: bulk =20 First off, coming from someone who has written their own config = downloader/revision control program, rancid is very straight forward and = easy to get going. I thank the author for all the time he has put into = to make it a valuable network tool. I've gotten things setup fairly well for our environment less a few = issues: First, many of our devices resolve in DNS to multiple IP addresses = (internal & external firewall addresses), thus, this tends to cause = problems with rancid and ssh. For instance: $ ssh -1 firewall -x -l user -c des ssh: connect to address 192.x.x.x port 22: Connection refused Warning: use of DES is strongly discouraged due to cryptographic = weaknesses user@firewall's password: =20 The regex in clogin is actually catching the first "Connection refused", = thus stops processing the device and never gets to the password prompt. = The device is failing with this error "clogin error: Error: Connection = Refused (ssh)" as expected. This can be worked around by commenting out = the section below in clogin, but I was wondering if there was another = way (besides putting all the correct addresses in /etc/hosts) to = accomplish this. What I have done in the past (with the current scripts = that download all the configurations) is to wait for the password prompt = for ssh connections, if passwd is never found then expect will = eventually timeout on the device. I'm assuming by commenting this = section out in clogin will accomplish the same thing: #-re "(Connection refused|Secure connection \[^\n\r]+ refused)" = { # catch {close}; wait # if !$progs { # send_user "\nError: Connection Refused ($prog): = $router\n" # return 1 # } #} Anyone else have any suggestions? The second issue I ran across is that passwords containing either "{" or = "}" need to be escaped (since they are, dividers for passwords). I = worked around this by modifying my code that generates my .cloginrc and = regex'ing all passwords =20 ($pw =3D~ s/([{}])/\\$1/g;). =20 The last question is has anyone developed a method for encrypting = .cloginrc?=20 Thanks in advance, Brian -- Brian Wilson Network Engineer Systems and Information Security, ISD W: 919.531.0575 SAS Institute, Inc. http://www.sas.com From owner-rancid-discuss-outgoing@shrubbery.net Thu Aug 19 19:53:04 2004 Return-Path: X-Original-To: rancid-discuss-archive@ni.shrubbery.net Delivered-To: rancid-discuss-archive@ni.shrubbery.net Received: from guelah.shrubbery.net (guelah.shrubbery.net [198.58.5.1]) by ni.shrubbery.net (Postfix) with ESMTP id 500E111CE2D for ; Thu, 19 Aug 2004 19:53:04 +0000 (GMT) Received: by guelah.shrubbery.net (Postfix) id 463591113C; Thu, 19 Aug 2004 19:52:45 +0000 (UTC) Delivered-To: rancid-discuss-outgoing@shrubbery.net Received: by guelah.shrubbery.net (Postfix, from userid 10007) id 3AF6111146; Thu, 19 Aug 2004 19:52:45 +0000 (UTC) X-Original-To: rancid-discuss@shrubbery.net Delivered-To: rancid-discuss@shrubbery.net Received: by guelah.shrubbery.net (Postfix, from userid 7053) id AF6A211142; Thu, 19 Aug 2004 19:52:44 +0000 (UTC) Date: Thu, 19 Aug 2004 12:52:44 -0700 From: john heasley To: Brian Wilson Cc: rancid-discuss@shrubbery.net Subject: Re: A few questions with 2.3.1 Message-ID: <20040819195244.GC7191@shrubbery.net> References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.4.2.1i X-PGPkey: http://www.shrubbery.net/~heas/public-key.asc X-note: live free, or die! X-homer: i just want to have a beer while i am caring. Sender: owner-rancid-discuss@shrubbery.net Precedence: bulk Thu, Aug 19, 2004 at 01:59:38PM -0400, Brian Wilson: > > First off, coming from someone who has written their own config downloader/revision control program, rancid is very straight forward and easy to get going. I thank the author for all the time he has put into to make it a valuable network tool. > > I've gotten things setup fairly well for our environment less a few issues: > > First, many of our devices resolve in DNS to multiple IP addresses (internal & external firewall addresses), thus, this tends to cause problems with rancid and ssh. For instance: > > $ ssh -1 firewall -x -l user -c des > ssh: connect to address 192.x.x.x port 22: Connection refused > Warning: use of DES is strongly discouraged due to cryptographic weaknesses > user@firewall's password: > > The regex in clogin is actually catching the first "Connection refused", thus stops processing the device and never gets to the password prompt. The device is failing with this error "clogin error: Error: Connection Refused (ssh)" as expected. This can be worked around by commenting out the section below in clogin, but I was wondering if there was another way (besides putting all the correct addresses in /etc/hosts) to accomplish this. What I have done in the past (with the current scripts that download all the configurations) is to wait for the password prompt for ssh connections, if passwd is never found then expect will eventually timeout on the device. I'm assuming by commenting this section out in clogin will accomplish the same thing: > > #-re "(Connection refused|Secure connection \[^\n\r]+ refused)" { > # catch {close}; wait > # if !$progs { > # send_user "\nError: Connection Refused ($prog): $router\n" > # return 1 > # } > #} > > Anyone else have any suggestions? one solution would be to check if the pipe is still open for reading (or writing). if so, the child process has not exited and is presumably trying more addresses so it should exp_continue. maybe something like catch { send null }? > The second issue I ran across is that passwords containing either "{" or "}" need to be escaped (since they are, dividers for passwords). I worked around this by modifying my code that generates my .cloginrc and regex'ing all passwords > ($pw =~ s/([{}])/\\$1/g;). > > The last question is has anyone developed a method for encrypting .cloginrc? > > Thanks in advance, > Brian > > -- > Brian Wilson Network Engineer > Systems and Information Security, ISD W: 919.531.0575 > SAS Institute, Inc. http://www.sas.com From owner-rancid-discuss-outgoing@shrubbery.net Thu Aug 19 19:55:54 2004 Return-Path: X-Original-To: rancid-discuss-archive@ni.shrubbery.net Delivered-To: rancid-discuss-archive@ni.shrubbery.net Received: from guelah.shrubbery.net (guelah.shrubbery.net [198.58.5.1]) by ni.shrubbery.net (Postfix) with ESMTP id 1405811CE2D for ; Thu, 19 Aug 2004 19:55:54 +0000 (GMT) Received: by guelah.shrubbery.net (Postfix) id 0F94011142; Thu, 19 Aug 2004 19:55:35 +0000 (UTC) Delivered-To: rancid-discuss-outgoing@shrubbery.net Received: by guelah.shrubbery.net (Postfix, from userid 10007) id 01E9F11149; Thu, 19 Aug 2004 19:55:35 +0000 (UTC) X-Original-To: rancid-discuss@shrubbery.net Delivered-To: rancid-discuss@shrubbery.net Received: from aurvandil.sahala.org (aurvandil.sahala.org [208.35.16.52]) by guelah.shrubbery.net (Postfix) with ESMTP id 3B4CB11142 for ; Thu, 19 Aug 2004 19:55:34 +0000 (UTC) Received: by aurvandil.sahala.org (Postfix, from userid 1000) id EC7481F31A; Thu, 19 Aug 2004 15:55:33 -0400 (EDT) Date: Thu, 19 Aug 2004 15:55:33 -0400 From: joshua sahala To: Brian Wilson Cc: rancid-discuss@shrubbery.net Subject: Re: A few questions with 2.3.1 Message-ID: <20040819195533.GA16698@aurvandil.sahala.org> References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.6+20040803i Sender: owner-rancid-discuss@shrubbery.net Precedence: bulk On (19/08/04 13:59), Brian Wilson wrote: [cut] > > First, many of our devices resolve in DNS to multiple IP addresses > (internal & external firewall addresses), thus, this tends to cause > problems with rancid and ssh. For instance: > [cut] > > Anyone else have any suggestions? > i personally would have a management name in dns (or /etc/hosts) for each device, then you would only have one address to resolve ex: mgmt-myrouter.mydomain or create a subdomain for you management addresses ex: myrouter.mgmt.mydomain as to your other questions, i haven't encountered a need to do either. my passwords are complex and ugly, but stay with a few 'standard' special characters. the only user(s) that have access to the rancid account/directories are the admins who have enable rights, and the rancid host is secured and monitored (like the rest of the servers) /joshua -- A common mistake that people make when trying to design something completely foolproof is to underestimate the ingenuity of complete fools. - Douglas Adams - From owner-rancid-discuss-outgoing@shrubbery.net Mon Aug 23 16:58:55 2004 Return-Path: X-Original-To: rancid-discuss-archive@ni.shrubbery.net Delivered-To: rancid-discuss-archive@ni.shrubbery.net Received: from guelah.shrubbery.net (guelah.shrubbery.net [198.58.5.1]) by ni.shrubbery.net (Postfix) with ESMTP id 55E3111CE2D for ; Mon, 23 Aug 2004 16:58:55 +0000 (GMT) Received: by guelah.shrubbery.net (Postfix) id 9CB8D11146; Mon, 23 Aug 2004 16:58:54 +0000 (UTC) Delivered-To: rancid-discuss-outgoing@shrubbery.net Received: by guelah.shrubbery.net (Postfix, from userid 10007) id 942E41114D; Mon, 23 Aug 2004 16:58:54 +0000 (UTC) X-Original-To: rancid-discuss@shrubbery.net Delivered-To: rancid-discuss@shrubbery.net Received: from mx1.drtel.com (mx1.drtel.com [64.68.165.210]) by guelah.shrubbery.net (Postfix) with ESMTP id BDB7211146 for ; Mon, 23 Aug 2004 16:58:53 +0000 (UTC) To: rancid-discuss@shrubbery.net Subject: Cisco switch config issues MIME-Version: 1.0 X-Mailer: Lotus Notes Release 6.5.2 June 01, 2004 Message-ID: From: bjohnson@drtel.com Date: Mon, 23 Aug 2004 11:58:48 -0500 X-MIMETrack: Serialize by Router on MAIL/DRTEL(Release 6.5.2|June 01, 2004) at 08/23/2004 11:58:53 AM, Serialize complete at 08/23/2004 11:58:53 AM Content-Type: text/plain; charset="US-ASCII" Sender: owner-rancid-discuss@shrubbery.net Precedence: bulk I have been running rancid for a little more than a year now and have been enduring the one little nagging problem I have... until today. :) I have a cisco 3750 switch with vlans configured on it that keeps sending me diffs for a non-change event. Here it is: Index: configs/ =================================================================== retrieving revision 1.17 diff -U4 -r1.17 @@ -59,19 +59,11 @@ !VTP: Local updater ID is on interface Vl2 (lowest numbered VLAN interface found) ! !VLAN: VLAN Name Status Ports !VLAN: ---- -------------------------------- --------- ------------------------------- - !VLAN: 1 default active Gi1/0/9, Gi1/0/10, Gi1/0/11 - !VLAN: Gi1/0/12, Gi1/0/13, Gi1/0/14 - !VLAN: Gi1/0/15, Gi1/0/16, Gi1/0/17 - !VLAN: Gi1/0/18, Gi1/0/19, Gi1/0/20 - !VLAN: Gi1/0/21, Gi1/0/22, Gi1/0/23 - !VLAN: Gi1/0/26 - !VLAN: 2 VLAN0002 active Gi1/0/1, Gi1/0/2, Gi1/0/3 - !VLAN: Gi1/0/4, Gi1/0/5, Gi1/0/6 - !VLAN: Gi1/0/7, Gi1/0/8 - !VLAN: 10 VLAN0010 active Gi1/0/24, Gi1/0/25, Gi1/0/27 - !VLAN: Gi1/0/28 + !VLAN: 1 default active Gi1/0/9, Gi1/0/10, Gi1/0/11, Gi1/0/12, Gi1/0/13, Gi1/0/14, Gi1/0/15, Gi1/0/16, Gi1/0/17, Gi1/0/18, Gi1/0/19, Gi1/0/20, Gi1/0/21, Gi1/0/22, Gi1/0/23, Gi1/0/26 + !VLAN: 2 VLAN0002 active Gi1/0/1, Gi1/0/2, Gi1/0/3, Gi1/0/4, Gi1/0/5, Gi1/0/6, Gi1/0/7, Gi1/0/8 + !VLAN: 10 VLAN0010 active Gi1/0/24, Gi1/0/25, Gi1/0/27, Gi1/0/28 !VLAN: 1002 fddi-default act/unsup !VLAN: 1003 token-ring-default act/unsup !VLAN: 1004 fddinet-default act/unsup !VLAN: 1005 trnet-default act/unsup The information is just a slightly different format of the version from before. Is there an easy way to "fix" this? - Brian J. From owner-rancid-discuss-outgoing@shrubbery.net Mon Aug 23 17:04:01 2004 Return-Path: X-Original-To: rancid-discuss-archive@ni.shrubbery.net Delivered-To: rancid-discuss-archive@ni.shrubbery.net Received: from guelah.shrubbery.net (guelah.shrubbery.net [198.58.5.1]) by ni.shrubbery.net (Postfix) with ESMTP id 6D8CE11CE2D for ; Mon, 23 Aug 2004 17:04:01 +0000 (GMT) Received: by guelah.shrubbery.net (Postfix) id BB61111149; Mon, 23 Aug 2004 17:04:00 +0000 (UTC) Delivered-To: rancid-discuss-outgoing@shrubbery.net Received: by guelah.shrubbery.net (Postfix, from userid 10007) id B175E11154; Mon, 23 Aug 2004 17:04:00 +0000 (UTC) X-Original-To: rancid-discuss@shrubbery.net Delivered-To: rancid-discuss@shrubbery.net Received: from server.tmk.com (server.tmk.com [204.141.35.63]) by guelah.shrubbery.net (Postfix) with ESMTP id 21C8111149 for ; Mon, 23 Aug 2004 17:03:59 +0000 (UTC) Received: from tmk.com by tmk.com (PMDF V6.2-X27 #37010) id <01LE06DATU4W002M8X@tmk.com> for rancid-discuss@shrubbery.net; Mon, 23 Aug 2004 13:03:50 -0400 (EDT) Date: Mon, 23 Aug 2004 12:59:51 -0400 (EDT) From: Terry Kennedy Subject: Re: Cisco switch config issues In-reply-to: "Your message dated Mon, 23 Aug 2004 11:58:48 -0500" To: bjohnson@drtel.com Cc: rancid-discuss@shrubbery.net Message-id: <01LE06IMFW22002M8X@tmk.com> MIME-version: 1.0 Content-type: TEXT/PLAIN; CHARSET=us-ascii Sender: owner-rancid-discuss@shrubbery.net Precedence: bulk > I have been running rancid for a little more than a year now and have been > enduring the one little nagging problem I have... until today. :) > > I have a cisco 3750 switch with vlans configured on it that keeps sending > me diffs for a non-change event. Here it is: [snip] > The information is just a slightly different format of the version from > before. Is there an easy way to "fix" this? This comes up a bit. Here's what I posted the last time: -------- From: IN%"terry@tmk.com" 6-APR-2004 10:18:34.47 To: IN%"dcorbe@resultstel.com" CC: IN%"rancid-discuss@shrubbery.net" Subj: Re: [Fwd: [netops] switches router config diffs] > I'm getting a lot of these on my Cisco Catalyst 2950 during every single > rancid-run update. These are worthless diffs as there aren't any > changes in configuration but changes in port status. I know this one 8-) I bet you have people accessing the switches with different terminal width settings in their terminal programs. The VTY picks this up as part of telnet option negotiations. Since RANCID is a non-interactive session to the switch, it doesn't negotiate width. Try this patch for clogin (you'll probably need to apply it manually): *** clogin_orig Fri Aug 9 16:54:10 2002 --- clogin Sun Apr 6 19:20:42 2003 *************** *** 455,460 **** --- 455,462 ---- send "set length 0\r" } else { send "term length 0\r" + expect -re $prompt {} + send "term width 80\r" } regsub -all "\[)(]" $prompt {\\&} reprompt # match cisco config mode prompts too, but not for catalyst ie: (enable) *************** *** 699,704 **** --- 701,708 ---- send "set logging session disable\r" } else { send "term length 0\r" + expect -re $prompt {} + send "term width 80\r" } expect -re $prompt {} source $sfile Terry Kennedy http://www.tmk.com terry@tmk.com New York, NY USA -------- From owner-rancid-discuss-outgoing@shrubbery.net Mon Aug 23 22:55:50 2004 Return-Path: X-Original-To: rancid-discuss-archive@ni.shrubbery.net Delivered-To: rancid-discuss-archive@ni.shrubbery.net Received: from guelah.shrubbery.net (guelah.shrubbery.net [198.58.5.1]) by ni.shrubbery.net (Postfix) with ESMTP id E049511CE2E for ; Mon, 23 Aug 2004 22:55:49 +0000 (GMT) Received: by guelah.shrubbery.net (Postfix) id 549301114D; Mon, 23 Aug 2004 22:55:49 +0000 (UTC) Delivered-To: rancid-discuss-outgoing@shrubbery.net Received: by guelah.shrubbery.net (Postfix, from userid 10007) id 4A06C11155; Mon, 23 Aug 2004 22:55:49 +0000 (UTC) X-Original-To: rancid-discuss@shrubbery.net Delivered-To: rancid-discuss@shrubbery.net Received: from mel1.unite.net.au (mel1.uecomm.net.au [203.94.129.130]) by guelah.shrubbery.net (Postfix) with ESMTP id 295261114D for ; Mon, 23 Aug 2004 22:55:45 +0000 (UTC) Received: from [10.190.3.21] ([203.94.135.59]) by mel1.unite.net.au (8.12.10/8.12.10) with ESMTP id i7NMtaQ9018694; Tue, 24 Aug 2004 08:55:37 +1000 (EST) Message-ID: <412A75F2.1040706@choqolat.org> Date: Tue, 24 Aug 2004 08:55:46 +1000 From: Andrew Fort User-Agent: Mozilla Thunderbird 0.7.2 (Windows/20040707) X-Accept-Language: en-us, en MIME-Version: 1.0 To: Terry Kennedy Cc: rancid-discuss@shrubbery.net Subject: Do you need 'sh vlan' output on your switch? References: <01LE06IMFW22002M8X@tmk.com> In-Reply-To: <01LE06IMFW22002M8X@tmk.com> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-rancid-discuss@shrubbery.net Precedence: bulk Terry Kennedy provided a patch for issues from rancid's choice of 'terminal'... >>I have been running rancid for a little more than a year now and have been >>enduring the one little nagging problem I have... until today. :) >> >>I have a cisco 3750 switch with vlans configured on it that keeps sending >>me diffs for a non-change event. Here it is: > > [snip] > >>The information is just a slightly different format of the version from >>before. Is there an easy way to "fix" this? In addition to the patch Terry suggested, it'd be interesting to know if people need the "show vlan" output from their switches anymore? Do the non-malibu switches (i.e., does the 2950) store its VLAN table in the main configuration, or only in vlan.dat? If the former, well, we can tell rancid not to include the "show vlan" output for that model of switch (however, both modes are available, so a default option means some people won't get their VLAN table stored). As you may be aware, "show vlan" parsing to RANCID was added for the 2924/3500 series (malibu) switch because cisco (due to possible autonymous updates from VTP) put the VLAN config in a seperate mode ("vlan database"). Parsing "show vlan" was a bit of a hack to get around not seperately backing up the vlan.dat file from the switch. Newer boxes when running extended VLAN IDs (required for Multi-instance STP config, for example) force the switch into VTP transparent mode, and then VLANs are configured inside the main config (phew!). Looking for the command and then optionally running 'sh vlan' parser requires some big changes to the code... -andrew From owner-rancid-discuss-outgoing@shrubbery.net Tue Aug 24 04:18:19 2004 Return-Path: X-Original-To: rancid-discuss-archive@ni.shrubbery.net Delivered-To: rancid-discuss-archive@ni.shrubbery.net Received: from guelah.shrubbery.net (guelah.shrubbery.net [198.58.5.1]) by ni.shrubbery.net (Postfix) with ESMTP id 9A66A11CE2E for ; Tue, 24 Aug 2004 04:18:19 +0000 (GMT) Received: by guelah.shrubbery.net (Postfix) id 031B511154; Tue, 24 Aug 2004 04:18:19 +0000 (UTC) Delivered-To: rancid-discuss-outgoing@shrubbery.net Received: by guelah.shrubbery.net (Postfix, from userid 10007) id EE01C11158; Tue, 24 Aug 2004 04:18:18 +0000 (UTC) X-Original-To: rancid-discuss@shrubbery.net Delivered-To: rancid-discuss@shrubbery.net Received: from server.tmk.com (server.tmk.com [204.141.35.63]) by guelah.shrubbery.net (Postfix) with ESMTP id 5A97911154 for ; Tue, 24 Aug 2004 04:18:18 +0000 (UTC) Received: from tmk.com by tmk.com (PMDF V6.2-X27 #37010) id <01LE0TSFNXLC001YLT@tmk.com> for rancid-discuss@shrubbery.net; Tue, 24 Aug 2004 00:18:14 -0400 (EDT) Date: Tue, 24 Aug 2004 00:11:35 -0400 (EDT) From: Terry Kennedy Subject: Re: Do you need 'sh vlan' output on your switch? In-reply-to: "Your message dated Tue, 24 Aug 2004 08:55:46 +1000" <412A75F2.1040706@choqolat.org> To: Andrew Fort Cc: Terry Kennedy , rancid-discuss@shrubbery.net Message-id: <01LE0U2QYG8A001YLT@tmk.com> MIME-version: 1.0 Content-type: TEXT/PLAIN; CHARSET=us-ascii; format=flowed References: <01LE06IMFW22002M8X@tmk.com> Sender: owner-rancid-discuss@shrubbery.net Precedence: bulk > In addition to the patch Terry suggested, it'd be interesting to know if > people need the "show vlan" output from their switches anymore? Yup 8-) > As you may be aware, "show vlan" parsing to RANCID was added for the > 2924/3500 series (malibu) switch because cisco (due to possible > autonymous updates from VTP) put the VLAN config in a seperate mode > ("vlan database"). Parsing "show vlan" was a bit of a hack to get > around not seperately backing up the vlan.dat file from the switch. I added "show vlan" to RANCID. I'm not sure if the current implementation is from me, or if it was done by somebody else (I added a lot of stuff in the 1.5/1.6 timeframe). At the time, I only had C55xx's and C2900XL's to work with. Since then, I have added 650x's and various C2550 / C3500XL / C3550 boxes. My techs find the "show vlan" output useful as it is saved by RANCID on all platforms in a consistent manner. It also means that changes that ripple through the net- work (for example, a learned VLAN via an update from another switch) show up. I don't think that happens when parsing "show run", though I could be mistaken. Terry Kennedy http://www.tmk.com terry@tmk.com New York, NY USA From owner-rancid-discuss-outgoing@shrubbery.net Tue Aug 24 04:25:20 2004 Return-Path: X-Original-To: rancid-discuss-archive@ni.shrubbery.net Delivered-To: rancid-discuss-archive@ni.shrubbery.net Received: from guelah.shrubbery.net (guelah.shrubbery.net [198.58.5.1]) by ni.shrubbery.net (Postfix) with ESMTP id AEB1011CE2D for ; Tue, 24 Aug 2004 04:25:19 +0000 (GMT) Received: by guelah.shrubbery.net (Postfix) id 1D53D11155; Tue, 24 Aug 2004 04:25:19 +0000 (UTC) Delivered-To: rancid-discuss-outgoing@shrubbery.net Received: by guelah.shrubbery.net (Postfix, from userid 10007) id 158FC11159; Tue, 24 Aug 2004 04:25:19 +0000 (UTC) X-Original-To: rancid-discuss@shrubbery.net Delivered-To: rancid-discuss@shrubbery.net Received: from mel1.unite.net.au (mel1.uecomm.net.au [203.94.129.130]) by guelah.shrubbery.net (Postfix) with ESMTP id E719411155 for ; Tue, 24 Aug 2004 04:25:16 +0000 (UTC) Received: from [10.190.3.21] ([203.94.135.59]) by mel1.unite.net.au (8.12.10/8.12.10) with ESMTP id i7O4P8Q9024779; Tue, 24 Aug 2004 14:25:08 +1000 (EST) Message-ID: <412AC32F.2060902@choqolat.org> Date: Tue, 24 Aug 2004 14:25:19 +1000 From: Andrew Fort User-Agent: Mozilla Thunderbird 0.7.2 (Windows/20040707) X-Accept-Language: en-us, en MIME-Version: 1.0 To: Terry Kennedy Cc: rancid-discuss@shrubbery.net Subject: Re: Do you need 'sh vlan' output on your switch? References: <01LE06IMFW22002M8X@tmk.com> <01LE0U2QYG8A001YLT@tmk.com> In-Reply-To: <01LE0U2QYG8A001YLT@tmk.com> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-rancid-discuss@shrubbery.net Precedence: bulk Terry Kennedy wrote: > At the time, I only had C55xx's and C2900XL's to work with. Since then, I > have added 650x's and various C2550 / C3500XL / C3550 boxes. My techs find > the "show vlan" output useful as it is saved by RANCID on all platforms in > a consistent manner. It also means that changes that ripple through the > net- > work (for example, a learned VLAN via an update from another switch) show > up. I don't think that happens when parsing "show run", though I could be > mistaken. Right; this is the 'problem'. VTP managed switches require this command's output, non-VTP managed switches, well, don't (perhaps). (And if you want to use VLAN IDs >1005 you'll setting vtp mode transparent). Commands in write term/show run output are purely static definitions (since that only happens when vtp is set transparent and 'extended' (full) VLAN range is confiured) (at least on IOS switches). Cheers, Andrew From owner-rancid-discuss-outgoing@shrubbery.net Tue Aug 24 06:59:59 2004 Return-Path: X-Original-To: rancid-discuss-archive@ni.shrubbery.net Delivered-To: rancid-discuss-archive@ni.shrubbery.net Received: from guelah.shrubbery.net (guelah.shrubbery.net [198.58.5.1]) by ni.shrubbery.net (Postfix) with ESMTP id 5536311CE2D for ; Tue, 24 Aug 2004 06:59:59 +0000 (GMT) Received: by guelah.shrubbery.net (Postfix) id DCB5711158; Tue, 24 Aug 2004 06:59:58 +0000 (UTC) Delivered-To: rancid-discuss-outgoing@shrubbery.net Received: by guelah.shrubbery.net (Postfix, from userid 10007) id D0D691115C; Tue, 24 Aug 2004 06:59:58 +0000 (UTC) X-Original-To: rancid-discuss@shrubbery.net Delivered-To: rancid-discuss@shrubbery.net Received: from makalu.mos.com.np (makalu.mos.com.np [202.52.255.1]) by guelah.shrubbery.net (Postfix) with ESMTP id 2131F11158 for ; Tue, 24 Aug 2004 06:59:48 +0000 (UTC) Received: from nuptse. (nuptse.mos.com.np [202.52.255.8]) by makalu.mos.com.np (8.12.8/8.12.8) with SMTP id i7O712aE032207 for ; Tue, 24 Aug 2004 12:46:07 +0545 Received: from langtang.mos.com.np ([202.52.255.9]) by nuptse. (NAVGW 2.5.1.12) with SMTP id M2004082412412416343 for ; Tue, 24 Aug 2004 12:41:24 +0545 Received: from chulu.mos.com.np (mc-gw.mos.com.np [202.52.255.100]) by langtang.mos.com.np (8.12.10/8.12.10) with ESMTP id i7O6xYe7023148 for ; Tue, 24 Aug 2004 12:44:34 +0545 Received: from chulu.mos.com.np (chulu.mos.com.np [127.0.0.1]) by chulu.mos.com.np (8.12.10/8.12.10) with ESMTP id i7O6xTpj003390 for ; Tue, 24 Aug 2004 12:44:29 +0545 Date: Tue, 24 Aug 2004 12:44:29 +0545 (NPT) From: Shekhar Basnet To: rancid-discuss@shrubbery.net Subject: keep on receiving routers down messages Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Sender: owner-rancid-discuss@shrubbery.net Precedence: bulk I have just installed rancid version 2.3. Everything seems to work fine. But I keep on receiving messages informing about routers changes in the group every hour that rancid-run is run. My inbox is overwhelmed with these messages. I have included the message below for reference. I was previously running rancid 2.2.2 smoothly without any problems. Cvs status shows up-to-date. Has anyone else encountered this kind of prob? I am running rancid 2.3 under Fedora Core release 1. tia shekhar. ---------- Forwarded message ---------- Date: Tue, 24 Aug 2004 06:01:27 +0545 To: rancid-durbarmarg@chulu.mos.com.np Subject: changes in durbarmarg routers Routers changed to down: From owner-rancid-discuss-outgoing@shrubbery.net Tue Aug 24 16:42:08 2004 Return-Path: X-Original-To: rancid-discuss-archive@ni.shrubbery.net Delivered-To: rancid-discuss-archive@ni.shrubbery.net Received: from guelah.shrubbery.net (guelah.shrubbery.net [198.58.5.1]) by ni.shrubbery.net (Postfix) with ESMTP id B528411CE2D for ; Tue, 24 Aug 2004 16:42:07 +0000 (GMT) Received: by guelah.shrubbery.net (Postfix) id 6988B11139; Tue, 24 Aug 2004 16:42:07 +0000 (UTC) Delivered-To: rancid-discuss-outgoing@shrubbery.net Received: by guelah.shrubbery.net (Postfix, from userid 10007) id 5E2F711142; Tue, 24 Aug 2004 16:42:07 +0000 (UTC) X-Original-To: rancid-discuss@shrubbery.net Delivered-To: rancid-discuss@shrubbery.net Received: by guelah.shrubbery.net (Postfix, from userid 7053) id C41FB1113C; Tue, 24 Aug 2004 16:42:06 +0000 (UTC) Date: Tue, 24 Aug 2004 09:42:06 -0700 From: john heasley To: Shekhar Basnet Cc: rancid-discuss@shrubbery.net Subject: Re: keep on receiving routers down messages Message-ID: <20040824164206.GF28021@shrubbery.net> References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.4.2.1i X-PGPkey: http://www.shrubbery.net/~heas/public-key.asc X-note: live free, or die! X-homer: i just want to have a beer while i am caring. Sender: owner-rancid-discuss@shrubbery.net Precedence: bulk Tue, Aug 24, 2004 at 12:44:29PM +0545, Shekhar Basnet: > I have just installed rancid version 2.3. Everything seems to work fine. > But I keep on receiving messages informing about routers changes in the > group every hour that rancid-run is run. My inbox is overwhelmed with > these messages. I have included the message below for reference. I was > previously running rancid 2.2.2 smoothly without any problems. Cvs status > shows > up-to-date. Has anyone else encountered this kind of prob? I am running > rancid > 2.3 under Fedora Core release 1. its due to the diff(1) that is being picked-up via the PATH in rancid.conf or the options that are being passed to it, both chosen by the configure script. most likely it is that gnu diff started refusing the -4 (number of context lines) option at some point. see the diff commands in control_rancid and try them, eg diff -u -4 /dev/null /dev/null should produce the exit code 0. if you use 2.3.1, this should be dealt with acceptably for linux, but still doesnt work quite right for solaris. and, we're trying to come up with a better configure test for diff. > tia > shekhar. > > > ---------- Forwarded message ---------- > Date: Tue, 24 Aug 2004 06:01:27 +0545 > To: rancid-durbarmarg@chulu.mos.com.np > Subject: changes in durbarmarg routers > > Routers changed to down: From owner-rancid-discuss-outgoing@shrubbery.net Thu Aug 26 14:58:15 2004 Return-Path: X-Original-To: rancid-discuss-archive@ni.shrubbery.net Delivered-To: rancid-discuss-archive@ni.shrubbery.net Received: from guelah.shrubbery.net (guelah.shrubbery.net [198.58.5.1]) by ni.shrubbery.net (Postfix) with ESMTP id 50D4111CE2D for ; Thu, 26 Aug 2004 14:58:15 +0000 (GMT) Received: by guelah.shrubbery.net (Postfix) id 879C01113C; Thu, 26 Aug 2004 14:58:14 +0000 (UTC) Delivered-To: rancid-discuss-outgoing@shrubbery.net Received: by guelah.shrubbery.net (Postfix, from userid 10007) id 7AF3D1114D; Thu, 26 Aug 2004 14:58:14 +0000 (UTC) X-Original-To: rancid-discuss@shrubbery.net Delivered-To: rancid-discuss@shrubbery.net Received: by guelah.shrubbery.net (Postfix, from userid 7053) id 9877C11142; Thu, 26 Aug 2004 14:58:13 +0000 (UTC) Date: Thu, 26 Aug 2004 07:58:13 -0700 From: john heasley To: Chris Garcia Cc: rancid@shrubbery.net, rancid-discuss@shrubbery.net Subject: Re: Problem with rancid & rsh Message-ID: <20040826145813.GD20681@shrubbery.net> References: <20040825171840.36207.qmail@web51404.mail.yahoo.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20040825171840.36207.qmail@web51404.mail.yahoo.com> User-Agent: Mutt/1.4.2.1i X-PGPkey: http://www.shrubbery.net/~heas/public-key.asc X-note: live free, or die! X-homer: i just want to have a beer while i am caring. Sender: owner-rancid-discuss@shrubbery.net Precedence: bulk sorry, rsh does not work well at the moment. clogin (et al) need some rework to handle rsh properly. Wed, Aug 25, 2004 at 10:18:40AM -0700, Chris Garcia: > Hi, > I'm trying to use rancid, with rsh. My .cloginrc > contains the following: > > add method * {rsh} > add user * privuser > add password * test test > add autoenable * 1 > > When trying to do a clogin, I get > $ ./clogin 172.15.254.31 > 172.15.254.31 > spawn /usr/bin/rsh -l privuser 172.15.254.31 > ::ffff:172.15.254.31: Connection refused > > Error: Connection Refused (rsh) > > But, when just running > $/usr/bin/rsh -l privuser 172.15.254.31 sh ver > I do get back what I should... > > Cisco Internetwork Operating System Software > IOS (tm) C3750 Software (C3750-I5-M), ... > > If I run $/usr/bin/rsh -l lprivuser 172.15.254.31, > without the sh ver, I get reproduce the Connection > Refused message. > > I get the similar behavior when running do-diffs. > > $ more pod-c.20040825.114819 > starting: Wed Aug 25 11:48:19 CDT 2004 > > cvs status: failed to create lock directory for > `/opt/rancid/CVS/pod-c/configs' > (/opt/rancid/CVS/pod-c/ > configs/#cvs.lock): Permission denied > cvs status: failed to obtain dir lock in repository > `/opt/rancid/CVS/pod-c/configs' > cvs [status aborted]: read lock failed - giving up > > Trying to get all of the configs. > 172.15.254.31 clogin error: Error: Connection Refused > (rsh) > 172.15.254.31: missed cmd(s): show env all,show > module,show controllers,show diagbus,show diag,dir > /all disk1 > :,show gsr chassis,dir /all bootflash:,write term,dir > /all disk2:,show vtp status,dir /all > sup-bootflash:,dir > /all slot2:,dir /all slot0:,dir /all > sup-microcode:,dir /all disk0:,show install > active,show bootvar,show vl > an,show controllers cbus,dir /all nvram:,show > flash,show version,show variables boot,show c7200,show > boot,dir > /all slot1: > 172.15.254.31: End of run not found > ! > ===================================== > It's like the commands are never sent to the device. > I think rsh is being handled the same as telnet/ssh, > where expect is expecting something back, but it isn't > getting anything, so it never sends commands to the > router, and just times out the rsh connection. > Or am I doing something wrong? > Any help you can provide would be appreciated. > Thanks, > Chris Garcia > > > > __________________________________ > Do you Yahoo!? > Yahoo! Mail - 50x more storage than other providers! > http://promotions.yahoo.com/new_mail From owner-rancid-discuss-outgoing@shrubbery.net Fri Aug 27 03:46:55 2004 Return-Path: X-Original-To: rancid-discuss-archive@ni.shrubbery.net Delivered-To: rancid-discuss-archive@ni.shrubbery.net Received: from guelah.shrubbery.net (guelah.shrubbery.net [198.58.5.1]) by ni.shrubbery.net (Postfix) with ESMTP id 3AD9811CE2D for ; Fri, 27 Aug 2004 03:46:55 +0000 (GMT) Received: by guelah.shrubbery.net (Postfix) id 8B4FF11142; Fri, 27 Aug 2004 03:46:54 +0000 (UTC) Delivered-To: rancid-discuss-outgoing@shrubbery.net Received: by guelah.shrubbery.net (Postfix, from userid 10007) id 8443911149; Fri, 27 Aug 2004 03:46:54 +0000 (UTC) X-Original-To: rancid-discuss@shrubbery.net Delivered-To: rancid-discuss@shrubbery.net Received: from saturn.mojosd.com (iits0186.inlink.com [209.135.140.86]) by guelah.shrubbery.net (Postfix) with ESMTP id B2C6C11142 for ; Fri, 27 Aug 2004 03:46:53 +0000 (UTC) Received: from [127.0.0.1] (saturn.mojosd.com [209.135.140.86]) by saturn.mojosd.com (8.11.6/8.11.6) with ESMTP id i7R3ks817400 for ; Thu, 26 Aug 2004 20:46:54 -0700 Message-ID: <412EAEAA.9030609@lowside.org> Date: Thu, 26 Aug 2004 20:46:50 -0700 From: Len Reply-To: lists@lowside.org User-Agent: Mozilla Thunderbird 0.7.3 (Windows/20040803) X-Accept-Language: en-us, en MIME-Version: 1.0 To: rancid-discuss@shrubbery.net Subject: rancid 2.2.2 Problem Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-rancid-discuss@shrubbery.net Precedence: bulk Howdy all, new to the list but I"m wondering if you guys can help me out. I'm using clogin to log into a a group of cisco access points to enable mac authentication on a given ssid on the dot11radio0 interface. Like I said I"m using 2.2.2 on FreeBSD 4.10-Release. I'm using a command file, of which I can literally copy and paste when logging into the router manually, but when I try to process the command file it doesn't hangs when adding the following command - aaa group server radius rad_mac . When running the command through truss to watch the system calls I see a signal 28 which is new screen, obviously can't be right. My hypothesis looking through the clogin.in is that there isn't a proper regular expression for the prompt which you're presented after entering that command (it drops to a sub menu ala sub interface). That prompt looks like this WM036-1230-(config-sg-radius)# ... I would think it'd be okay since it should probably just match text before a # (showing enabled) but what the hell do I know. Any help afforded by you guys would be great TIA Len From owner-rancid-discuss-outgoing@shrubbery.net Fri Aug 27 04:49:58 2004 Return-Path: X-Original-To: rancid-discuss-archive@ni.shrubbery.net Delivered-To: rancid-discuss-archive@ni.shrubbery.net Received: from guelah.shrubbery.net (guelah.shrubbery.net [198.58.5.1]) by ni.shrubbery.net (Postfix) with ESMTP id 26D1F11CE2D for ; Fri, 27 Aug 2004 04:49:58 +0000 (GMT) Received: by guelah.shrubbery.net (Postfix) id A5ED111146; Fri, 27 Aug 2004 04:49:57 +0000 (UTC) Delivered-To: rancid-discuss-outgoing@shrubbery.net Received: by guelah.shrubbery.net (Postfix, from userid 10007) id 9F7E91114D; Fri, 27 Aug 2004 04:49:57 +0000 (UTC) X-Original-To: rancid-discuss@shrubbery.net Delivered-To: rancid-discuss@shrubbery.net Received: by guelah.shrubbery.net (Postfix, from userid 7053) id 0DAB211149; Fri, 27 Aug 2004 04:49:57 +0000 (UTC) Date: Fri, 27 Aug 2004 04:49:56 +0000 From: john heasley To: Len Cc: rancid-discuss@shrubbery.net Subject: Re: rancid 2.2.2 Problem Message-ID: <20040827044956.GA4502@shrubbery.net> References: <412EAEAA.9030609@lowside.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <412EAEAA.9030609@lowside.org> User-Agent: Mutt/1.4.2.1i X-PGPkey: http://www.shrubbery.net/~heas/public-key.asc X-note: live free, or die! X-homer: i just want to have a beer while i am caring. Sender: owner-rancid-discuss@shrubbery.net Precedence: bulk Thu, Aug 26, 2004 at 08:46:50PM -0700, Len: > Howdy all, new to the list but I"m wondering if you guys can help me > out. I'm using clogin to log into a a group of cisco access points to > enable mac authentication on a given ssid on the dot11radio0 interface. > > Like I said I"m using 2.2.2 on FreeBSD 4.10-Release. > > I'm using a command file, of which I can literally copy and paste when > logging into the router manually, but when I try to process the command > file it doesn't hangs when adding the following command - > aaa group server radius rad_mac . When running the command through truss > to watch the system calls I see a signal 28 which is new screen, > obviously can't be right. My hypothesis looking through the clogin.in > is that there isn't a proper regular expression for the prompt which > you're presented after entering that command (it drops to a sub menu ala > sub interface). That prompt looks like this > WM036-1230-(config-sg-radius)# ... I would think it'd be okay since it that looks like your prompt got truncated. that was fixed in 2.3, please try 2.3.1 with expect 5.40 or greater. i believe that'l do it for you; iirc, it truncates the prompt to no more that 14 chars, but what you have above is only 11. 508 # match cisco config mode prompts too, such as router(config-if)#, 509 # but catalyst does not change in this fashion. 510 regsub -all {^(.{1,14}).*([#>])$} $reprompt {\1([^#>\r\n]+)?[#>](\\([^)\\r\\n]+\\))?} reprompt 511 expect { i guess that'l have to be reduced to 10 or so. please try that out and let me know. again, note the expect version, prior version bugger the regex. > should probably just match text before a # (showing enabled) but what > the hell do I know. Any help afforded by you guys would be great > > > TIA > > > Len From owner-rancid-discuss-outgoing@shrubbery.net Fri Aug 27 05:18:49 2004 Return-Path: X-Original-To: rancid-discuss-archive@ni.shrubbery.net Delivered-To: rancid-discuss-archive@ni.shrubbery.net Received: from guelah.shrubbery.net (guelah.shrubbery.net [198.58.5.1]) by ni.shrubbery.net (Postfix) with ESMTP id ED67B11CE2D for ; Fri, 27 Aug 2004 05:18:48 +0000 (GMT) Received: by guelah.shrubbery.net (Postfix) id 7A39F11149; Fri, 27 Aug 2004 05:18:48 +0000 (UTC) Delivered-To: rancid-discuss-outgoing@shrubbery.net Received: by guelah.shrubbery.net (Postfix, from userid 10007) id 65CAA11154; Fri, 27 Aug 2004 05:18:48 +0000 (UTC) X-Original-To: rancid-discuss@shrubbery.net Delivered-To: rancid-discuss@shrubbery.net Received: from saturn.mojosd.com (iits0186.inlink.com [209.135.140.86]) by guelah.shrubbery.net (Postfix) with ESMTP id 784AF11149; Fri, 27 Aug 2004 05:18:47 +0000 (UTC) Received: from [127.0.0.1] (saturn.mojosd.com [209.135.140.86]) by saturn.mojosd.com (8.11.6/8.11.6) with ESMTP id i7R5Im828546; Thu, 26 Aug 2004 22:18:48 -0700 Message-ID: <412EC432.70701@lowside.org> Date: Thu, 26 Aug 2004 22:18:42 -0700 From: Len Reply-To: lists@lowside.org User-Agent: Mozilla Thunderbird 0.7.3 (Windows/20040803) X-Accept-Language: en-us, en MIME-Version: 1.0 To: john heasley Cc: Len , rancid-discuss@shrubbery.net Subject: Re: rancid 2.2.2 Problem References: <412EAEAA.9030609@lowside.org> <20040827044956.GA4502@shrubbery.net> In-Reply-To: <20040827044956.GA4502@shrubbery.net> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-rancid-discuss@shrubbery.net Precedence: bulk No go.. I've upgraded to rancid 2.3.1 (Tcl 8.4.7 + expect 5.4.2) and it now seems like my prompt is not cut off, but the hang still occurs. Is there a max number of characters behind the # or some combo of that and the quantity between the ( )s ? -lenny john heasley wrote: > Thu, Aug 26, 2004 at 08:46:50PM -0700, Len: > >>Howdy all, new to the list but I"m wondering if you guys can help me >>out. I'm using clogin to log into a a group of cisco access points to >>enable mac authentication on a given ssid on the dot11radio0 interface. >> >> Like I said I"m using 2.2.2 on FreeBSD 4.10-Release. >> >>I'm using a command file, of which I can literally copy and paste when >>logging into the router manually, but when I try to process the command >>file it doesn't hangs when adding the following command - >>aaa group server radius rad_mac . When running the command through truss >>to watch the system calls I see a signal 28 which is new screen, >>obviously can't be right. My hypothesis looking through the clogin.in >>is that there isn't a proper regular expression for the prompt which >>you're presented after entering that command (it drops to a sub menu ala >>sub interface). That prompt looks like this >>WM036-1230-(config-sg-radius)# ... I would think it'd be okay since it > > > that looks like your prompt got truncated. that was fixed in 2.3, please > try 2.3.1 with expect 5.40 or greater. i believe that'l do it for you; > iirc, it truncates the prompt to no more that 14 chars, but what you have > above is only 11. > > 508 # match cisco config mode prompts too, such as router(config-if)#, > 509 # but catalyst does not change in this fashion. > 510 regsub -all {^(.{1,14}).*([#>])$} $reprompt {\1([^#>\r\n]+)?[#>](\\([^)\\r\\n]+\\))?} reprompt > 511 expect { > > i guess that'l have to be reduced to 10 or so. please try that out and > let me know. > > again, note the expect version, prior version bugger the regex. > > >>should probably just match text before a # (showing enabled) but what >>the hell do I know. Any help afforded by you guys would be great >> >> >>TIA >> >> >>Len > > From owner-rancid-discuss-outgoing@shrubbery.net Fri Aug 27 15:15:26 2004 Return-Path: X-Original-To: rancid-discuss-archive@ni.shrubbery.net Delivered-To: rancid-discuss-archive@ni.shrubbery.net Received: from guelah.shrubbery.net (guelah.shrubbery.net [198.58.5.1]) by ni.shrubbery.net (Postfix) with ESMTP id B636511CE2D for ; Fri, 27 Aug 2004 15:15:25 +0000 (GMT) Received: by guelah.shrubbery.net (Postfix) id 19BA11114D; Fri, 27 Aug 2004 15:15:25 +0000 (UTC) Delivered-To: rancid-discuss-outgoing@shrubbery.net Received: by guelah.shrubbery.net (Postfix, from userid 10007) id 0E71111155; Fri, 27 Aug 2004 15:15:25 +0000 (UTC) X-Original-To: rancid-discuss@shrubbery.net Delivered-To: rancid-discuss@shrubbery.net Received: from tower.partan.com (tower.partan.com [198.6.255.248]) by guelah.shrubbery.net (Postfix) with ESMTP id 398C11114D for ; Fri, 27 Aug 2004 15:15:24 +0000 (UTC) Received: from tower.partan.com (localhost.partan.com [127.0.0.1]) by tower.partan.com (8.12.9p2/8.12.9) with ESMTP id i7RFFAwu004722; Fri, 27 Aug 2004 11:15:10 -0400 (EDT) (envelope-from asp@tower.partan.com) Received: (from asp@localhost) by tower.partan.com (8.12.9p2/8.12.9/Submit) id i7RFF92e004719; Fri, 27 Aug 2004 11:15:09 -0400 (EDT) (envelope-from asp) Date: Fri, 27 Aug 2004 11:15:09 -0400 From: Andrew Partan To: Len Cc: rancid-discuss@shrubbery.net Subject: Re: rancid 2.2.2 Problem Message-ID: <20040827151509.GA4570@partan.com> References: <412EAEAA.9030609@lowside.org> <20040827044956.GA4502@shrubbery.net> <412EC432.70701@lowside.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <412EC432.70701@lowside.org> User-Agent: Mutt/1.4.2.1i Sender: owner-rancid-discuss@shrubbery.net Precedence: bulk On Thu, Aug 26, 2004 at 10:18:42PM -0700, Len wrote: > >>I'm using a command file, of which I can literally copy and paste when > >>logging into the router manually, but when I try to process the command > >>file it doesn't hangs when adding the following command - You seem to be running into problems with the prompt changing (enable prompt, config prompt, config submode prompt, ...). rancid doesn't handle this very well. Have you looked at the example expect script cisco-load.exp? Doing something like that where you are matching your own prompts might be the way to go. Or try something like: clogin -c 'conf t\rint lo0\rip addr 10.0.0.0/32\rend;cop run star' - i.e.: embed the newlines in the 'command' & rancid will send the entire multiline command at once & only wait for the enable prompt at the end. --asp From owner-rancid-discuss-outgoing@shrubbery.net Fri Aug 27 15:16:52 2004 Return-Path: X-Original-To: rancid-discuss-archive@ni.shrubbery.net Delivered-To: rancid-discuss-archive@ni.shrubbery.net Received: from guelah.shrubbery.net (guelah.shrubbery.net [198.58.5.1]) by ni.shrubbery.net (Postfix) with ESMTP id 7EC1211CE2D for ; Fri, 27 Aug 2004 15:16:52 +0000 (GMT) Received: by guelah.shrubbery.net (Postfix) id CBBFA11154; Fri, 27 Aug 2004 15:16:51 +0000 (UTC) Delivered-To: rancid-discuss-outgoing@shrubbery.net Received: by guelah.shrubbery.net (Postfix, from userid 10007) id C013611158; Fri, 27 Aug 2004 15:16:51 +0000 (UTC) X-Original-To: rancid-discuss@shrubbery.net Delivered-To: rancid-discuss@shrubbery.net Received: by guelah.shrubbery.net (Postfix, from userid 7053) id 010D711155; Fri, 27 Aug 2004 15:16:50 +0000 (UTC) Date: Fri, 27 Aug 2004 08:16:50 -0700 From: john heasley To: Len Cc: john heasley , rancid-discuss@shrubbery.net Subject: Re: rancid 2.2.2 Problem Message-ID: <20040827151650.GA16606@shrubbery.net> References: <412EAEAA.9030609@lowside.org> <20040827044956.GA4502@shrubbery.net> <412EC432.70701@lowside.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <412EC432.70701@lowside.org> User-Agent: Mutt/1.4.2.1i X-PGPkey: http://www.shrubbery.net/~heas/public-key.asc X-note: live free, or die! X-homer: i just want to have a beer while i am caring. Sender: owner-rancid-discuss@shrubbery.net Precedence: bulk Thu, Aug 26, 2004 at 10:18:42PM -0700, Len: > No go.. I've upgraded to rancid 2.3.1 (Tcl 8.4.7 + expect 5.4.2) and it > now seems like my prompt is not cut off, but the hang still occurs. Is > there a max number of characters behind the # or some combo of that and > the quantity between the ( )s ? what value did you use for the bound that I mentioned? > >iirc, it truncates the prompt to no more that 14 chars, but what you have > >above is only 11. > > > > 508 # match cisco config mode prompts too, such as > > router(config-if)#, 509 # but catalyst does not change in > > this fashion. > > 510 regsub -all {^(.{1,14}).*([#>])$} $reprompt > > {\1([^#>\r\n]+)?[#>](\\([^)\\r\\n]+\\))?} reprompt > > 511 expect { > > > >i guess that'l have to be reduced to 10 or so. please try that out and > >let me know. From owner-rancid-discuss-outgoing@shrubbery.net Mon Aug 30 16:36:48 2004 Return-Path: X-Original-To: rancid-discuss-archive@ni.shrubbery.net Delivered-To: rancid-discuss-archive@ni.shrubbery.net Received: from guelah.shrubbery.net (guelah.shrubbery.net [198.58.5.1]) by ni.shrubbery.net (Postfix) with ESMTP id 59AD911CE32 for ; Mon, 30 Aug 2004 16:36:48 +0000 (GMT) Received: by guelah.shrubbery.net (Postfix) id AB2F11113C; Mon, 30 Aug 2004 16:36:47 +0000 (UTC) Delivered-To: rancid-discuss-outgoing@shrubbery.net Received: by guelah.shrubbery.net (Postfix, from userid 10007) id A104C11146; Mon, 30 Aug 2004 16:36:47 +0000 (UTC) X-Original-To: rancid-discuss@shrubbery.net Delivered-To: rancid-discuss@shrubbery.net Received: from aurvandil.sahala.org (aurvandil.sahala.org [208.35.16.52]) by guelah.shrubbery.net (Postfix) with ESMTP id 0984B1113C for ; Mon, 30 Aug 2004 16:36:46 +0000 (UTC) Received: by aurvandil.sahala.org (Postfix, from userid 1000) id 5FDAC1F2BC; Mon, 30 Aug 2004 12:36:34 -0400 (EDT) Date: Mon, 30 Aug 2004 12:36:34 -0400 From: joshua sahala To: rancid-discuss@shrubbery.net Subject: Fwd: rancid.diff Message-ID: <20040830163634.GA12043@aurvandil.sahala.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.5.6+20040818i Sender: owner-rancid-discuss@shrubbery.net Precedence: bulk i upgraded to 2.3.1 the other day and started getting warnings that rancid could not contact my netscreens...looking at the previous nlogin versus the newer nlogin, i saw that the enable variable had been changed to avenable, but that it hadn't been changed in the enable loop --- nlogin-2.3.1.bak 2004-08-30 12:23:48.000000000 -0400 +++ /usr/local/rancid/bin/nlogin 2004-08-30 12:24:31.000000000 -0400 @@ -485,7 +485,7 @@ if {[login $firewall $ruser $userpswd $passwd $enapasswd $prompt $cmethod $cyphertype]} { continue } - if { $enable } { + if { $avenable } { if {[do_enable $enauser $enapasswd]} { if { $do_command || $do_script } { close; wait cheers /joshua -- A common mistake that people make when trying to design something completely foolproof is to underestimate the ingenuity of complete fools. - Douglas Adams -