From valvai81 at gmail.com Mon Feb 1 08:08:06 2010 From: valvai81 at gmail.com (Valentino Vaia) Date: Mon, 1 Feb 2010 09:08:06 +0100 Subject: [rancid] Re: Rancid & Enterasys B2/B3/N3/N7 switch Message-ID: <10e80e871002010008o59f2e0fdted8fdc614519affb@mail.gmail.com> A possible solution for the timeout with the command "show config" on B2\B3 switches is to set the number of lines in output to 0 to disable 'more' . On switch prompt: set lenght 0 -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20100201/79379855/attachment.html From awilliamson at schwarzpartners.com Mon Feb 1 19:47:32 2010 From: awilliamson at schwarzpartners.com (Aaron Williamson) Date: Mon, 1 Feb 2010 14:47:32 -0500 Subject: [rancid] Rancid & Dell PowerConnect 3348 Switch Message-ID: I'm trying to get my Rancid implementation working with a couple of Dell PowerConnect Switches. I've downloaded and installed the dlogin, drancid, and rancid-fe files from rickyninja.net...but still seem to be having trouble. Any help is greatly appreciated. Here is the output of the rancid logs: opened network stream from switch1.domainname.com if () at /home/rancid/bin/drancid line 272. opened network stream from switch2.domainname.com if () at /home/rancid/bin/drancid line 272. FOUND PROMPT: switch1# FOUND PROMPT: switch2# found_end = 1, clean_run = 0 switch1.domainname.com: End of run not found end opened network stream from switch3.domainname.com if () at /home/rancid/bin/drancid line 272. found_end = 1, clean_run = 0 switch2.domainname.com: End of run not found end opened network stream from switch4.domainname.com if () at /home/rancid/bin/drancid line 272. FOUND PROMPT: switch3# FOUND PROMPT: switch4# found_end = 1, clean_run = 0 switch3.domainname.com: End of run not found end opened network stream from switch5.domainname.com if () at /home/rancid/bin/drancid line 272. found_end = 1, clean_run = 0 switch4.domainname.com: End of run not found end opened network stream from switch6.domainname.com if () at /home/rancid/bin/drancid line 272. FOUND PROMPT: switch5# found_end = 1, clean_run = 0 switch5.domainname.com: End of run not found end found_end = 0, clean_run = 0 switch6.domainname.com dlogin error: Error: Connection closed (telnet): switch6.domainname.com switch6.domainname.com: missed cmd(s): show version,show running-config,show vlan switch6.domainname.com: End of run not found - Confidentiality Notice: This e-mail (including any attachments hereto) is subject to the Company?s confidentiality policy and is for the exclusive and confidential use of the intended recipient. If you are not the intended recipient, please do not read, distribute, or take action in reliance on this message. If you have received this message in error, please notify me immediately by return e-mail and promptly delete this message and its attachments from your computer system. -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20100201/0601305f/attachment.html From blam at rockyou.com Tue Feb 2 10:40:54 2010 From: blam at rockyou.com (Brian Lam) Date: Tue, 2 Feb 2010 02:40:54 -0800 Subject: [rancid] Re: expect script help In-Reply-To: <20100129140044.GB12053@tigger.mamista.net> References: <11abb0e31001281305r52381fe6s874b16f5bbb553fa@mail.gmail.com> <20100129140044.GB12053@tigger.mamista.net> Message-ID: <11abb0e31002020240o411c845flf876458637ddba8@mail.gmail.com> On Fri, Jan 29, 2010 at 6:00 AM, Martin Barry wrote: > $quoted_author = "Brian Lam" ; > > > > The expect / python script /usr/local/rancid/bin/clogin was looping > because > > my router doesn't like 'exit' and prefer 'quit'. > > You can either modify the following to match the 'force10' platform (does > the newer one accept quit?) > > the new f10 version accepts 'quit' > # line 678 > if { [ string compare "extreme" "$platform" ] } { > send -h "exit\r" > } else { > send -h "quit\r" > } > > my version of rancid is 2.3.2 per your recommendation, here's the diff: EQX root at itops1a:/usr/local/rancid/bin# diff clogin clogin.original 662,664c662 < if { [ string compare "force10" "$platform" ] } { < send -h "quit\r" < } elseif { [ string compare "extreme" "$platform" ] } { --- > if { [ string compare "extreme" "$platform" ] } { EQX root at itops1a:/usr/local/rancid/bin# it's a case of fixing one thing and another breaks... it looks like it's not looping anymore but it's not updating any of the f10 switches (the previous working f10 are not updated either). rancid log shows the following for all force10 router: (maybe because the output is different now, rancid end regex doesn't work anymore?) ===================================== Getting missed routers: round 1. r103: End of run not found end r103-2: End of run not found end r205-sw1: End of run not found end ec1: End of run not found end ec2: End of run not found end r304: End of run not found end r304-2: End of run not found end ===================================== > or you could add a stanza in the next section to catch the error thrown > when > sending 'exit' to old force10. > > maybe i will target the stanza instead and have better luck. the loop output is below. the first 'exit' works but the 2nd on throws an error '% Invalid input detected at '^' marker.' could you help point me to the right place where i can write an expect regexp to capture this error and deal with it? many thanks. spend many hr pulling my hair / debugging! :p btw, is their a debug flag that i can set to get more debug outputs? (looping output) interface vlan 1 exit exit end r204-sw1#exit r204-sw1>exit ^ % Invalid input detected at '^' marker. r204-sw1>exit ^ % Invalid input detected at '^' marker. r204-sw1>exit ^ % Invalid input detected at '^' marker. r204-sw1>exit ^ (looping...) > cheers > Marty > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > -- Brian Lam | IT/Operations | Rockyou, Inc. | Phone: 408-425-9801 | AIM: brianclam2 -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20100202/46a79a88/attachment.html From blam at rockyou.com Tue Feb 2 10:55:39 2010 From: blam at rockyou.com (Brian Lam) Date: Tue, 2 Feb 2010 02:55:39 -0800 Subject: [rancid] Re: expect script help In-Reply-To: <11abb0e31002020240o411c845flf876458637ddba8@mail.gmail.com> References: <11abb0e31001281305r52381fe6s874b16f5bbb553fa@mail.gmail.com> <20100129140044.GB12053@tigger.mamista.net> <11abb0e31002020240o411c845flf876458637ddba8@mail.gmail.com> Message-ID: <11abb0e31002020255m28cee3eat27192ee2b0281015@mail.gmail.com> i found the debug flag. here's the output during the loop: (i will try to trace it down in the code and see if i can set a condition for this...) r204-sw1> expect: does " ^\r\n% Invalid input detected at '^' marker.\r\n\r\nr204-sw1>" (spawn_id exp6) match regular expression "^[^\n\r *]*r204-sw1([^#>\r\n]+)?[#>]($[^)\r\n]+$)?"? no "The system has unsaved changes"? no "Would you like to save them now"? no "(Profile|Configuration) changes have occurred.*"? no "Do you wish to save your configuration changes"? no "[\n\r]+"? yes expect: set expect_out(0,string) "\r\n" expect: set expect_out(spawn_id) "exp6" expect: set expect_out(buffer) " ^\r\n" expect: continuing expect expect: does "% Invalid input detected at '^' marker.\r\n\r\nr204-sw1>" (spawn_id exp6) match regular expression "^[^\n\r *]*r204-sw1([^#>\r\n]+)?[#>]($[^)\r\n]+$)?"? no "The system has unsaved changes"? no "Would you like to save them now"? no "(Profile|Configuration) changes have occurred.*"? no "Do you wish to save your configuration changes"? no "[\n\r]+"? yes expect: set expect_out(0,string) "\r\n\r\n" expect: set expect_out(spawn_id) "exp6" expect: set expect_out(buffer) "% Invalid input detected at '^' marker.\r\n\r\n" expect: continuing expect expect: does "r204-sw1>" (spawn_id exp6) match regular expression "^[^\n\r *]*r204-sw1([^#>\r\n]+)?[#>]($[^)\r\n]+$)?"? yes expect: set expect_out(0,string) "r204-sw1>" expect: set expect_out(spawn_id) "exp6" expect: set expect_out(buffer) "r204-sw1>" send: sending "exit\r" to { exp6 human_write: avg_arr=0.400000/0.400000 1/shape=1.428571 min=0.300000 max=5.000000 sighandler: handling signal(2) async event handler: Tcl_Eval(exit 130) write() failed to write anything - will sleep(1) and retry... EQX root at itops1a:/usr/local/rancid/bin# On Tue, Feb 2, 2010 at 2:40 AM, Brian Lam wrote: > > > On Fri, Jan 29, 2010 at 6:00 AM, Martin Barry wrote: > >> $quoted_author = "Brian Lam" ; >> > >> > The expect / python script /usr/local/rancid/bin/clogin was looping >> because >> > my router doesn't like 'exit' and prefer 'quit'. >> >> You can either modify the following to match the 'force10' platform (does >> the newer one accept quit?) >> >> > > the new f10 version accepts 'quit' > > > > >> # line 678 >> if { [ string compare "extreme" "$platform" ] } { >> send -h "exit\r" >> } else { >> send -h "quit\r" >> } >> >> > > > my version of rancid is 2.3.2 > > per your recommendation, here's the diff: > > EQX root at itops1a:/usr/local/rancid/bin# diff clogin clogin.original > 662,664c662 > < if { [ string compare "force10" "$platform" ] } { > < send -h "quit\r" > < } elseif { [ string compare "extreme" "$platform" ] } { > --- > > > if { [ string compare "extreme" "$platform" ] } { > EQX root at itops1a:/usr/local/rancid/bin# > > it's a case of fixing one thing and another breaks... > > it looks like it's not looping anymore but it's not updating any of the f10 > switches (the previous working f10 are not updated either). rancid log shows > the following for all force10 router: > (maybe because the output is different now, rancid end regex doesn't work > anymore?) > > ===================================== > Getting missed routers: round 1. > r103: End of run not found > end > r103-2: End of run not found > end > r205-sw1: End of run not found > end > ec1: End of run not found > end > ec2: End of run not found > end > r304: End of run not found > end > r304-2: End of run not found > end > ===================================== > > > > > >> or you could add a stanza in the next section to catch the error thrown >> when >> sending 'exit' to old force10. >> >> > > > maybe i will target the stanza instead and have better luck. the loop > output is below. the first 'exit' works but the 2nd on throws an error '% > Invalid input detected at '^' marker.' > > could you help point me to the right place where i can write an expect > regexp to capture this error and deal with it? many thanks. spend many hr > pulling my hair / debugging! :p btw, is their a debug flag that i can set > to get more debug outputs? > > > > (looping output) > > interface vlan 1 > exit > > > > exit > end > > r204-sw1#exit > > r204-sw1>exit > ^ > % Invalid input detected at '^' marker. > > r204-sw1>exit > ^ > % Invalid input detected at '^' marker. > > r204-sw1>exit > ^ > % Invalid input detected at '^' marker. > > r204-sw1>exit > ^ > > (looping...) > > > > >> cheers >> Marty >> _______________________________________________ >> Rancid-discuss mailing list >> Rancid-discuss at shrubbery.net >> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss >> > > > > -- > Brian Lam | IT/Operations | Rockyou, Inc. | Phone: 408-425-9801 | AIM: > brianclam2 > -- Brian Lam | IT/Operations | Rockyou, Inc. | Phone: 408-425-9801 | AIM: brianclam2 -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20100202/0516ba97/attachment.html From relychaure at free.fr Tue Feb 2 13:20:37 2010 From: relychaure at free.fr (relychaure at free.fr) Date: Tue, 02 Feb 2010 14:20:37 +0100 Subject: [rancid] Re: Rancid & Enterasys B2/B3/N3/N7 switch In-Reply-To: <10e80e871002010008o59f2e0fdted8fdc614519affb@mail.gmail.com> References: <10e80e871002010008o59f2e0fdted8fdc614519affb@mail.gmail.com> Message-ID: <1265116837.4b6826a5f295c@imp.free.fr> For B2 & B3 switch - use B2rancid and B2login scripts (- I prefer "show config all") - if you need "more" to see all the config, just add a new command "set length 0" on B2rancid (even for a ro login) # Main @commandtable = ( # {'bcc' => 'RunCommand'}, {'set length 0' => 'ShowConfig'}, # {'show config all' => 'ShowConfig'}, {'show config' => 'ShowConfig'}, {'show version' => 'ShowConfig'}, # {'exit' => 'RunCommand'} ); For N3 & N7 switch - copy the B2login & B2rancid scripts to ENTlogin & ENTrancid - don't forget to change rancid-fe and router.db - on ENTrancid, just change ProcessHistory("","","","!RANCID-CONTENT-TYPE: Enterasys N3-N7n!n"); - on ENTlogin, I modify "more offr" with only "r" (I don't know why but "more" was unknown) # Run commands given on the command line. proc run_commands { prompt command } { global in_proc set in_proc 1 # send "more offr" send "r" I also configure /etc/hosts to improve reading. Thanks to you Valvai81 From marty at supine.com Wed Feb 3 16:05:51 2010 From: marty at supine.com (Martin Barry) Date: Thu, 4 Feb 2010 03:05:51 +1100 Subject: [rancid] Re: expect script help In-Reply-To: <11abb0e31002020240o411c845flf876458637ddba8@mail.gmail.com> References: <11abb0e31001281305r52381fe6s874b16f5bbb553fa@mail.gmail.com> <20100129140044.GB12053@tigger.mamista.net> <11abb0e31002020240o411c845flf876458637ddba8@mail.gmail.com> Message-ID: <20100203160551.GA5466@tigger.mamista.net> $quoted_author = "Brian Lam" ; > > it looks like it's not looping anymore but it's not updating any of the f10 > switches (the previous working f10 are not updated either). rancid log shows > the following for all force10 router: I think it might be because it has a two stage "quit" rather than just needing a different command. > maybe i will target the stanza instead and have better luck. the loop > output is below. the first 'exit' works but the 2nd on throws an error '% > Invalid input detected at '^' marker.' Try something like "Invalid input detected at" { # F10 two stage quit send -h "quit\r" exp_continue; } cheers Marty From marcos at miachiro.com Tue Feb 2 19:30:41 2010 From: marcos at miachiro.com (Marcos A. Miachiro) Date: Tue, 2 Feb 2010 17:30:41 -0200 Subject: [rancid] Re: Rancid & Enterasys B2/B3/N3/N7 switch In-Reply-To: <10e80e871002010008o59f2e0fdted8fdc614519affb@mail.gmail.com> References: <10e80e871002010008o59f2e0fdted8fdc614519affb@mail.gmail.com> Message-ID: <2ec55ac61002021130s38a4e027wb24ac778b493e29d@mail.gmail.com> Hi, My rancid get timeout. I found it in my logs..... Getting missed routers: round 4. sw-pmc-2-1 B2login error: Error: TIMEOUT reached sw-pmc-2-1: missed cmd(s): set length 0,show version,show config sw-pmc-2-1: End of run not found ! sw-pmc-1-1 B2login error: Error: TIMEOUT reached sw-pmc-1-1: missed cmd(s): set length 0,show version,show config sw-pmc-1-1: End of run not found ! cvs diff: Diffing . cvs diff: Diffing configs cvs commit: Examining . cvs commit: Examining configs 2010/2/1 Valentino Vaia > A possible solution for the timeout with the command "show config" on B2\B3 > switches is to set the number of lines in output to 0 to disable 'more' . > On switch prompt: > set lenght 0 > > > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20100202/350a2abf/attachment.html From valvai81 at mail.comune.modena.it Wed Feb 3 09:47:47 2010 From: valvai81 at mail.comune.modena.it (Valentino Vaia) Date: Wed, 03 Feb 2010 10:47:47 +0100 Subject: [rancid] Re: Rancid & Enterasys B2/B3/N3/N7 switch In-Reply-To: <2ec55ac61002021130s38a4e027wb24ac778b493e29d@mail.gmail.com> References: <10e80e871002010008o59f2e0fdted8fdc614519affb@mail.gmail.com> <2ec55ac61002021130s38a4e027wb24ac778b493e29d@mail.gmail.com> Message-ID: <201002030947.o139lmMP014374@mail.comune.modena.it> Hi, Can you post for a single switch the file .new ? For example if you try ./B2rancid -d sw-pmc-2-1 you must post the output stored in sw-pmc-2-1.new Marcos A. Miachiro ha scritto: > Hi, > > My rancid get timeout. I found it in my logs..... > > Getting missed routers: round 4. > sw-pmc-2-1 B2login error: Error: TIMEOUT reached > sw-pmc-2-1: missed cmd(s): set length 0,show version,show config > sw-pmc-2-1: End of run not found > ! > sw-pmc-1-1 B2login error: Error: TIMEOUT reached > sw-pmc-1-1: missed cmd(s): set length 0,show version,show config > sw-pmc-1-1: End of run not found > ! > > cvs diff: Diffing . > cvs diff: Diffing configs > cvs commit: Examining . > cvs commit: Examining configs > > > 2010/2/1 Valentino Vaia > > > A possible solution for the timeout with the command "show config" > on B2\B3 switches is to set the number of lines in output to 0 to > disable 'more' . > On switch prompt: > set lenght 0 > > > From stephenkone at gmail.com Wed Feb 3 04:05:47 2010 From: stephenkone at gmail.com (Stephen Kone) Date: Tue, 2 Feb 2010 22:05:47 -0600 Subject: [rancid] Clear Rev History Message-ID: <000601caa486$2ae73990$80b5acb0$@com> I am not familiar with CVS, but would like to clear out all the previous versions of my configs and start from scratch. I could create a new network group, but I would like to use the existing group. I tried removing all my devices from the db and then running rancid again and it appeared to work and moved everything into the attic, but once I added the routers back into the db file it did not reset the rev number. Is there an easy way to start all over in CVS, but keep the same group name? Thanks, Stephen -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20100202/244d4a61/attachment.html From heas at shrubbery.net Wed Feb 3 17:41:55 2010 From: heas at shrubbery.net (john heasley) Date: Wed, 3 Feb 2010 09:41:55 -0800 Subject: [rancid] Re: Clear Rev History In-Reply-To: <000601caa486$2ae73990$80b5acb0$@com> References: <000601caa486$2ae73990$80b5acb0$@com> Message-ID: <20100203174155.GP26078@shrubbery.net> Tue, Feb 02, 2010 at 10:05:47PM -0600, Stephen Kone: > I am not familiar with CVS, but would like to clear out all the previous > versions of my configs and start from scratch. I could create a new network > group, but I would like to use the existing group. I tried removing all my > devices from the db and then running rancid again and it appeared to work > and moved everything into the attic, but once I added the routers back into > the db file it did not reset the rev number. Is there an easy way to start > all over in CVS, but keep the same group name? see cvs admin -o or remove the device from router.db, run rancid, rm /var/rancid/CVS//configs/Attic/,v then put the device back into router.db From blam at rockyou.com Wed Feb 3 22:58:58 2010 From: blam at rockyou.com (Brian Lam) Date: Wed, 3 Feb 2010 14:58:58 -0800 Subject: [rancid] Re: expect script help In-Reply-To: <20100203160551.GA5466@tigger.mamista.net> References: <11abb0e31001281305r52381fe6s874b16f5bbb553fa@mail.gmail.com> <20100129140044.GB12053@tigger.mamista.net> <11abb0e31002020240o411c845flf876458637ddba8@mail.gmail.com> <20100203160551.GA5466@tigger.mamista.net> Message-ID: <11abb0e31002031458l1a4990b6yb72f1d15bafed0fb@mail.gmail.com> On Wed, Feb 3, 2010 at 8:05 AM, Martin Barry wrote: > $quoted_author = "Brian Lam" ; > > > > it looks like it's not looping anymore but it's not updating any of the > f10 > > switches (the previous working f10 are not updated either). rancid log > shows > > the following for all force10 router: > > I think it might be because it has a two stage "quit" rather than just > needing a different command. > > > > maybe i will target the stanza instead and have better luck. the loop > > output is below. the first 'exit' works but the 2nd on throws an error > '% > > Invalid input detected at '^' marker.' > > Try something like > > "Invalid input detected at" { # F10 two stage quit > send -h "quit\r" > exp_continue; > } > > works like a charm. thank you so much. my mistake was the i didn't use 'exp_continue'! :p rookie mistake. it's about time to get pick up a book on Expect. > cheers > Marty > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > -- Brian Lam | IT/Operations | Rockyou, Inc. | Phone: 408-425-9801 | AIM: brianclam2 -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20100203/2c7a8f1f/attachment.html From mathiruban at gmail.com Sun Feb 7 06:32:35 2010 From: mathiruban at gmail.com (Mathiruban Rajagopal) Date: Sun, 7 Feb 2010 12:02:35 +0530 Subject: [rancid] router.db Message-ID: <136e115c1002062232q48b004dfte04f295754066213@mail.gmail.com> Dear all, My rancid is working fine but after deleting one router from router.db I am getting retrieving revision for router.db every one hour from that instance. What is the wrong with my configuration? Pls let me know. Rgds, Mathy -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20100207/f002b173/attachment.html From cderemer at phoebe.org Sun Feb 7 16:04:19 2010 From: cderemer at phoebe.org (Christopher DeRemer) Date: Sun, 7 Feb 2010 11:04:19 -0500 Subject: [rancid] Re: router.db In-Reply-To: <136e115c1002062232q48b004dfte04f295754066213@mail.gmail.com> References: <136e115c1002062232q48b004dfte04f295754066213@mail.gmail.com> Message-ID: <671DC9312DF0CC4D8A7F3ABE978DD5ADD64B8D0E26@MAIL.phoebe.local> Mathy, Most likely you altered the router.db file with an account that has higher privilege than the account that is set to run the rancid-run script. I found this happen when I changed router.db with my root account and then the rancid user that I have wasn't able to read/write to that file. To fix this I just did a chown rancid router.db and chmod 660 router.db on the file which should fix the issues. When you change the file in the future just make sure you change it with the account that runs the rancid-run script. Cheers, Christopher DeRemer, CCENT Network Administrator Phoebe Services 484.619.2168 (Single # Reach) From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Mathiruban Rajagopal Sent: Sunday, February 07, 2010 1:33 AM To: Rancid-discuss at shrubbery.net Subject: [rancid] router.db Dear all, My rancid is working fine but after deleting one router from router.db I am getting retrieving revision for router.db every one hour from that instance. What is the wrong with my configuration? Pls let me know. Rgds, Mathy ________________________________ NOTICE: This confidential message/attachment contains information intended for a specific individual(s). Any inappropriate use, distribution or duplication is strictly prohibited. If received in error, notify the sender and immediately delete this transmission. -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20100207/ffff8acf/attachment.html From Larry.Kemp at usmetrotel.com Tue Feb 9 21:53:46 2010 From: Larry.Kemp at usmetrotel.com (Kemp, Larry) Date: Tue, 9 Feb 2010 16:53:46 -0500 Subject: [rancid] Increasing Timeout For RANCID Message-ID: I have some Cisco 2950's that I need RANCID to reach via SSH. Each time rancid-run executes (either manually by me or via the cron) I see in the log that there is a clogin error for these devices. I am able to manually login by entering: "ssh rancid at 172.20.30.1" as user rancid. I am able to login to these devices and then enter my enable password and run privledged commands, however to reach a password prompt takes a good 7 seconds because of how me have to route to these devices. The devices are also small and contain little memory. I read here: http://www.shrubbery.net/rancid/man/clogin.1.html about the -t option to increase the time that Rancid waits before erroring out waiting for a login prompt. I also looked in the /usr/local/rancid/bin/clogin file to see if there was a place for me to increase this timeout limit. I am not sure if this is where I need to edit. Can anyone that has done this before point me in the right direction to increase the login timeout. [cid:image001.png at 01CAA9A6.52FA96A0] -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20100209/cc081751/attachment.html -------------- next part -------------- A non-text attachment was scrubbed... Name: image001.png Type: image/png Size: 51360 bytes Desc: image001.png Url : http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20100209/cc081751/attachment.png From blam at rockyou.com Wed Feb 10 02:02:40 2010 From: blam at rockyou.com (Brian Lam) Date: Tue, 9 Feb 2010 18:02:40 -0800 Subject: [rancid] Re: Increasing Timeout For RANCID In-Reply-To: References: Message-ID: <11abb0e31002091802p6d8728bbs969388dfafee8412@mail.gmail.com> looks like you should pass it as a parameter instead of modifying clogin... 2010/2/9 Kemp, Larry > I have some Cisco 2950?s that I need RANCID to reach via SSH. Each time > rancid-run executes (either manually by me or via the cron) I see in the log > that there is a clogin error for these devices. I am able to manually login > by entering: ?ssh rancid at 172.20.30.1? as user rancid. I am able to login > to these devices and then enter my enable password and run privledged > commands, however to reach a password prompt takes a good 7 seconds because > of how me have to route to these devices. The devices are also small and > contain little memory. > > > > I read here: http://www.shrubbery.net/rancid/man/clogin.1.html about the > -t option to increase the time that Rancid waits before erroring out > waiting for a login prompt. I also looked in the > /usr/local/rancid/bin/clogin file to see if there was a place for me to > increase this timeout limit. I am not sure if this is where I need to edit. > Can anyone that has done this before point me in the right direction to > increase the login timeout. > > > > > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20100209/72af7857/attachment.html -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: image/png Size: 51360 bytes Desc: not available Url : http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20100209/72af7857/attachment.png From tore at linpro.no Wed Feb 10 07:22:14 2010 From: tore at linpro.no (Tore Anderson) Date: Wed, 10 Feb 2010 08:22:14 +0100 Subject: [rancid] A few small fixes for arancid and f5rancid Message-ID: <4B725EA6.1000703@linpro.no> Hey, the following patches to rancid 2.3.2 addresses these problems with f5rancid on a BIG-IP LTM 8900 running version 1.0.1 build 378: * The attribute Configsync.peerupdatedstatus is periodically changing its value without any user interaction. It appears that this is normal behaviour, so ignore this line to avoid diff-mails. * The reported fan speeds change slightly all the time, which causes unnecessary diff-mails. Strip them out. and one problem with arancid on a HP 1:10Gb Ethernet Blade Switch version 5.0.4-Base: * User passwords are some kind of a secret hash that changes every time the configuration is dumped. Strip it out just like the admin password already is, to avoid diff-mails. Best regards, -- Tore Anderson Redpill Linpro AS - http://www.redpill-linpro.com/ Tel: +47 21 54 41 27 -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: arancid.patch Url: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20100210/f4e4749f/attachment.ksh -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: f5rancid.patch Url: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20100210/f4e4749f/attachment-0001.ksh From Larry.Kemp at usmetrotel.com Wed Feb 10 14:04:13 2010 From: Larry.Kemp at usmetrotel.com (Kemp, Larry) Date: Wed, 10 Feb 2010 09:04:13 -0500 Subject: [rancid] Re: Increasing Timeout For RANCID In-Reply-To: <11abb0e31002091802p6d8728bbs969388dfafee8412@mail.gmail.com> References: <11abb0e31002091802p6d8728bbs969388dfafee8412@mail.gmail.com> Message-ID: I appreciate your help very much. I found something that sounds familiar here in the archives: http://www.shrubbery.net/pipermail/rancid-discuss/2007-October/002540.html I am in a bit over my head if I have to "pass a parameter" as you say, or as this link above discusses "modify clogin". Not sure exactly how I would do either; could you please be more specific in what I need to do. Thanks again. LK From: Brian Lam [mailto:blam at rockyou.com] Sent: Tuesday, February 09, 2010 9:03 PM To: Kemp, Larry Cc: rancid Subject: Re: [rancid] Increasing Timeout For RANCID looks like you should pass it as a parameter instead of modifying clogin... 2010/2/9 Kemp, Larry > I have some Cisco 2950's that I need RANCID to reach via SSH. Each time rancid-run executes (either manually by me or via the cron) I see in the log that there is a clogin error for these devices. I am able to manually login by entering: "ssh rancid at 172.20.30.1" as user rancid. I am able to login to these devices and then enter my enable password and run privledged commands, however to reach a password prompt takes a good 7 seconds because of how me have to route to these devices. The devices are also small and contain little memory. I read here: http://www.shrubbery.net/rancid/man/clogin.1.html about the -t option to increase the time that Rancid waits before erroring out waiting for a login prompt. I also looked in the /usr/local/rancid/bin/clogin file to see if there was a place for me to increase this timeout limit. I am not sure if this is where I need to edit. Can anyone that has done this before point me in the right direction to increase the login timeout. [cid:image001.png at 01CAAA29.2F61F390] _______________________________________________ Rancid-discuss mailing list Rancid-discuss at shrubbery.net http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20100210/3504a1b5/attachment.html -------------- next part -------------- A non-text attachment was scrubbed... Name: image001.png Type: image/png Size: 51360 bytes Desc: image001.png Url : http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20100210/3504a1b5/attachment.png From heas at shrubbery.net Wed Feb 10 17:50:55 2010 From: heas at shrubbery.net (john heasley) Date: Wed, 10 Feb 2010 09:50:55 -0800 Subject: [rancid] Re: A few small fixes for arancid and f5rancid In-Reply-To: <4B725EA6.1000703@linpro.no> References: <4B725EA6.1000703@linpro.no> Message-ID: <20100210175055.GF21464@shrubbery.net> Wed, Feb 10, 2010 at 08:22:14AM +0100, Tore Anderson: > Hey, > > the following patches to rancid 2.3.2 addresses these problems with > f5rancid on a BIG-IP LTM 8900 running version 1.0.1 build 378: > > * The attribute Configsync.peerupdatedstatus is periodically changing > its value without any user interaction. It appears that this is normal > behaviour, so ignore this line to avoid diff-mails. > * The reported fan speeds change slightly all the time, which causes > unnecessary diff-mails. Strip them out. i believe we already have these in the code base. please try the attached version. > and one problem with arancid on a HP 1:10Gb Ethernet Blade Switch > version 5.0.4-Base: > > * User passwords are some kind of a secret hash that changes every time > the configuration is dumped. Strip it out just like the admin password > already is, to avoid diff-mails. why did you change arancid for an hp switch? did you alter something or not define the device as 'hp' in the router.db? thanks > Best regards, > -- > Tore Anderson > Redpill Linpro AS - http://www.redpill-linpro.com/ > Tel: +47 21 54 41 27 > --- arancid.orig 2010-02-10 08:07:58.000000000 +0100 > +++ arancid 2010-02-10 08:10:29.000000000 +0100 > @@ -205,7 +205,7 @@ > if (/(rcomm|wcomm|t1com|t2com)(\s+)(.*)/ && $filter_commstr) { > ProcessHistory("","","","\/\*\t$1$2\"\"\n") && next; > } > - /^(\s+.{2,3}pw )\S+/ && > + /^(\s+(.{2,3}pw|pswd) )\S+/ && > ProcessHistory("","","","\/\*$1\n") && next; > > next if (/^\/\* Configuration dump taken/i); > --- f5rancid.orig 2010-01-26 13:32:47.000000000 +0100 > +++ f5rancid 2010-02-01 14:06:13.000000000 +0100 > @@ -207,6 +207,7 @@ > } > /UCS.LoadTime/ && next; > /Configsync.LocalConfigTime/ && next; > + /Configsync.peerupdatedstatus = (0|1)/ && next; > /LTM.ConfigTime/ && next; > > if (/^(snmp\..*\.community\..* =) (.+)/i) { > @@ -293,6 +294,7 @@ > /fan speed/i && next; > /chassis temperature/i && next; > /degC/ && next; > + s/ - \d+rpm//g; > s/^\|//; > /Type: / && ProcessHistory("COMMENTS","keysort","A0", > "#Chassis type: $'"); > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss -------------- next part -------------- #! @PERLV_PATH@ ## ## $Id: f5rancid.in 2134 2009-12-15 21:23:44Z heas $ ## ## @PACKAGE@ @VERSION@ ## Copyright (c) 1997-2008 by Terrapin Communications, Inc. ## All rights reserved. ## ## This code is derived from software contributed to and maintained by ## Terrapin Communications, Inc. by Henry Kilmer, John Heasley, Andrew Partan, ## Pete Whiting, Austin Schutz, and Andrew Fort. ## ## Redistribution and use in source and binary forms, with or without ## modification, are permitted provided that the following conditions ## are met: ## 1. Redistributions of source code must retain the above copyright ## notice, this list of conditions and the following disclaimer. ## 2. Redistributions in binary form must reproduce the above copyright ## notice, this list of conditions and the following disclaimer in the ## documentation and/or other materials provided with the distribution. ## 3. All advertising materials mentioning features or use of this software ## must display the following acknowledgement: ## This product includes software developed by Terrapin Communications, ## Inc. and its contributors for RANCID. ## 4. Neither the name of Terrapin Communications, Inc. nor the names of its ## contributors may be used to endorse or promote products derived from ## this software without specific prior written permission. ## 5. It is requested that non-binding fixes and modifications be contributed ## back to Terrapin Communications, Inc. ## ## THIS SOFTWARE IS PROVIDED BY Terrapin Communications, INC. AND CONTRIBUTORS ## ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED ## TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR ## PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COMPANY OR CONTRIBUTORS ## BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR ## CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF ## SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS ## INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN ## CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ## ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE ## POSSIBILITY OF SUCH DAMAGE. # # This version of rancid tries to deal with F5 BigIPs. # # RANCID - Really Awesome New Cisco confIg Differ # # usage: rancid [-dV] [-l] [-f filename | hostname] # use Getopt::Std; getopts('dflV'); if ($opt_V) { print "@PACKAGE@ @VERSION@\n"; exit(0); } $log = $opt_l; $debug = $opt_d; $file = $opt_f; $host = $ARGV[0]; $clean_run = 0; $found_end = 0; $timeo = 90; # clogin timeout in seconds # force a terminal type so as not to confuse the POS $ENV{'TERM'} = "vt100"; my(@commandtable, %commands, @commands);# command lists my($aclsort) = ("ipsort"); # ACL sorting mode my($filter_commstr); # SNMP community string filtering my($filter_pwds); # password filtering mode # This routine is used to print out the router configuration sub ProcessHistory { my($new_hist_tag,$new_command,$command_string, at string) = (@_); if ((($new_hist_tag ne $hist_tag) || ($new_command ne $command)) && defined %history) { print eval "$command \%history"; undef %history; } if (($new_hist_tag) && ($new_command) && ($command_string)) { if ($history{$command_string}) { $history{$command_string} = "$history{$command_string}@string"; } else { $history{$command_string} = "@string"; } } elsif (($new_hist_tag) && ($new_command)) { $history{++$#history} = "@string"; } else { print "@string"; } $hist_tag = $new_hist_tag; $command = $new_command; 1; } sub numerically { $a <=> $b; } # This is a sort routine that will sort numerically on the # keys of a hash as if it were a normal array. sub keynsort { local(%lines) = @_; local($i) = 0; local(@sorted_lines); foreach $key (sort numerically keys(%lines)) { $sorted_lines[$i] = $lines{$key}; $i++; } @sorted_lines; } # This is a sort routine that will sort on the # keys of a hash as if it were a normal array. sub keysort { local(%lines) = @_; local($i) = 0; local(@sorted_lines); foreach $key (sort keys(%lines)) { $sorted_lines[$i] = $lines{$key}; $i++; } @sorted_lines; } # This is a sort routine that will sort on the # values of a hash as if it were a normal array. sub valsort{ local(%lines) = @_; local($i) = 0; local(@sorted_lines); foreach $key (sort values %lines) { $sorted_lines[$i] = $key; $i++; } @sorted_lines; } # This is a numerical sort routine (ascending). sub numsort { local(%lines) = @_; local($i) = 0; local(@sorted_lines); foreach $num (sort {$a <=> $b} keys %lines) { $sorted_lines[$i] = $lines{$num}; $i++; } @sorted_lines; } # This is a sort routine that will sort on the # ip address when the ip address is anywhere in # the strings. sub ipsort { local(%lines) = @_; local($i) = 0; local(@sorted_lines); foreach $addr (sort sortbyipaddr keys %lines) { $sorted_lines[$i] = $lines{$addr}; $i++; } @sorted_lines; } # These two routines will sort based upon IP addresses sub ipaddrval { my(@a) = ($_[0] =~ m#^(\d+)\.(\d+)\.(\d+)\.(\d+)$#); $a[3] + 256 * ($a[2] + 256 * ($a[1] +256 * $a[0])); } sub sortbyipaddr { &ipaddrval($a) <=> &ipaddrval($b); } # This routine parses "bigpipe base list" sub ShowBaseRun { my($line) = (0); print STDERR " In ShowBaseRun: $_" if ($debug); while () { tr/\015//d; last if (/^$prompt/); next if (/^(\s*|\s*$cmd\s*)$/); return(1) if /^\s*\^\s*$/; return(1) if /(Invalid input detected|Type help or )/; return(-1) if (/command authorization failed/i); if (!$line++) { ProcessHistory("SHOWBASE","","","#\n#base:\n"); } ProcessHistory("SHOWBASE","","","# $_") && next; } return(0); } # This routine parses "bigpipe db show" sub ShowDb { my($line) = (0); print STDERR " In ShowDb: $_" if ($debug); while () { tr/\015//d; last if (/^$prompt/); next if (/^(\s*|\s*$cmd\s*)$/); return(1) if /^\s*\^\s*$/; return(1) if /(Invalid input detected|Type help or )/; return(-1) if (/command authorization failed/i); if (!$line++) { ProcessHistory("SHOWDB","","","#\n#database:\n"); } /UCS.LoadTime/ && next; /Configsync\..*Time/ && next; /Configsync.peerupdatedstatus/ && next; /LTM.ConfigTime/ && next; if (/^(snmp\..*\.community\..* =) (.+)/i) { if ($filter_commstr) { ProcessHistory("SHOWDB","","","# $1 \n") && next; } else { ProcessHistory("SHOWDB","","","# $1 $2\n") && next; } } ProcessHistory("SHOWDB","","","# $_") && next; } return(0); } # This routine parses "cat /config/bigip.license" sub ShowLicense { my($line) = (0); print STDERR " In ShowLicense: $_" if ($debug); while () { tr/\015//d; # v9 software license does not have CR at EOF s/^#-+($prompt.*)/$1/; last if (/^$prompt/); next if (/^(\s*|\s*$cmd\s*)$/); return(1) if /^\s*\^\s*$/; return(1) if /(Invalid input detected|Type help or )/; return(-1) if (/command authorization failed/i); if (!$line++) { ProcessHistory("LICENSE","","","#\n#/config/bigip.license:\n"); } ProcessHistory("LICENSE","","","# $_") && next; } return(0); } # This routine parses "bigpipe monitor list all" sub ShowMonitor { my($line) = (0); print STDERR " In ShowMonitor: $_" if ($debug); while () { tr/\015//d; last if (/^$prompt/); next if (/^(\s*|\s*$cmd\s*)$/); return(1) if /^\s*\^\s*$/; return(1) if /(Invalid input detected|Type help or )/; return(-1) if (/command authorization failed/i); if (!$line++) { ProcessHistory("MONITOR","","","#\n"); } if (/^(snmp\.[^ ]+\.community) = (.+)/i) { if ($filter_commstr) { ProcessHistory("SHOWDB","","","# $1 \n") && next; } else { ProcessHistory("SHOWDB","","","# $1 $2\n") && next; } } if (/^(\s*)password / && $filter_pwds >= 1) { ProcessHistory("LINE-PASS","","","# $1password \n"); next; } ProcessHistory("MONITOR","","","# $_") && next; } return(0); } # This routine parses "bigpipe platform" sub ShowPlatform { print STDERR " In ShowPlatform: $_" if ($debug); while () { tr/\015//d; last if (/^$prompt/); next if (/^(\s*|\s*$cmd\s*)$/); return(1) if /^\s*\^\s*$/; return(1) if /(Invalid input detected|Type help or )/; return(-1) if (/command authorization failed/i); /fan speed/i && next; /chassis temperature/i && next; /degC/ && next; s/\d+rpm//ig; s/^\|//; /Type: / && ProcessHistory("COMMENTS","keysort","A0", "#Chassis type: $'"); ProcessHistory("COMMENTS","keysort","B1","#$_") && next; } return(0); } # This routine parses "bigpipe profile list" sub ShowProfile { print STDERR " In ShowProfile: $_" if ($debug); while () { tr/\015//d; last if (/^$prompt/); next if (/^(\s*|\s*$cmd\s*)$/); return(1) if /^\s*\^\s*$/; return(1) if /(Invalid input detected|Type help or )/; return(-1) if (/command authorization failed/i); ProcessHistory("PROFILE","",""," $_") && next; } return(0); } # This routine parses "ls --full-time --color=never /config/ssl/ssl.key" sub ShowSslKey { print STDERR " In ShowSslKey: $_" if ($debug); while () { tr/\015//d; # v9 software license does not have CR at EOF s/^#-+($prompt.*)/$1/; last if (/^$prompt/); next if (/^(\s*|\s*$cmd\s*)$/); return(1) if /^\s*\^\s*$/; return(1) if /(Invalid input detected|Type help or )/; return(-1) if (/command authorization failed/i); ProcessHistory("SSLKEY","","","# $_") && next; } return(0); } # This routine parses "ls --full-time --color=never /config/ssl/ssl.crt" sub ShowSslCrt { print STDERR " In ShowSslCrt: $_" if ($debug); while () { tr/\015//d; # v9 software license does not have CR at EOF s/^#-+($prompt.*)/$1/; last if (/^$prompt/); next if (/^(\s*|\s*$cmd\s*)$/); return(1) if /^\s*\^\s*$/; return(1) if /(Invalid input detected|Type help or )/; return(-1) if (/command authorization failed/i); ProcessHistory("SSLCRT","","","# $_") && next; } return(0); } # This routine parses "bigpipe route static show" sub ShowRouteStatic { print STDERR " In ShowRouteStatic: $_" if ($debug); while () { tr/\015//d; last if (/^$prompt/); next if (/^(\s*|\s*$cmd\s*)$/); return(1) if /^\s*\^\s*$/; return(1) if /(Invalid input detected|Type help or )/; return(-1) if (/command authorization failed/i); ProcessHistory("ROUTE","",""," $_") && next; } return(0); } # This routine parses "bigpipe version" sub ShowVersion { print STDERR " In ShowVersion: $_" if ($debug); while () { tr/\015//d; last if (/^$prompt/); next if (/^(\s*|\s*$cmd\s*)$/); return(-1) if (/command authorization failed/i); /^kernel:/i && ($_ = ) && ProcessHistory("COMMENTS","keysort","A3","#Image: Kernel: $_") && next; if (/^package:/i) { my($line); while ($_ = ) { tr/\015//d; last if (/:/); last if (/^$prompt/); chomp; $line .= " $_"; } ProcessHistory("COMMENTS","keysort","A2", "#Image: Package:$line\n"); } if (/:/) { ProcessHistory("COMMENTS","keysort","C1","#$_"); } else { ProcessHistory("COMMENTS","keysort","C1","#\t$_"); } } return(0); } # This routine processes a "bigpipe list" sub WriteTerm { my($lines) = 0; print STDERR " In WriteTerm: $_" if ($debug); while () { tr/\015//d; next if (/^\s*$/); # end of config - hopefully. f5 does not have a reliable end-of-config # tag. if (/^$prompt/) { $found_end++; last; } return(-1) if (/command authorization failed/i); # the pager can not be disabled per-session on the PIX s/^<-+ More -+>\s*//; /Non-Volatile memory is in use/ && return(-1); # NvRAM is locked # filter out any RCS/CVS tags to avoid confusing local CVS storage s/\$(Revision|Id):/ $1:/; $lines++; if (/^(enable )?(password|passwd) / && $filter_pwds >= 1) { ProcessHistory("ENABLE","","","! $1$2 \n"); next; } if (/^(enable secret) / && $filter_pwds >= 2) { ProcessHistory("ENABLE","","","# $1 \n"); next; } if (/^username (\S+)(\s.*)? secret /) { if ($filter_pwds >= 2) { ProcessHistory("USER","keysort","$1","# username $1$2 secret \n"); } else { ProcessHistory("USER","keysort","$1","$_"); } next; } if (/^username (\S+)(\s.*)? password ((\d) \S+|\S+)/) { if ($filter_pwds == 2) { ProcessHistory("USER","keysort","$1","# username $1$2 password \n"); } elsif ($filter_pwds == 1 && $4 ne "5"){ ProcessHistory("USER","keysort","$1","# username $1$2 password \n"); } else { ProcessHistory("USER","keysort","$1","$_"); } next; } if (/^(\s*)password / && $filter_pwds >= 1) { ProcessHistory("LINE-PASS","","","# $1password \n"); next; } if (/^\s*neighbor (\S*) password / && $filter_pwds >= 1) { ProcessHistory("","","","# neighbor $1 password \n"); next; } # order logging statements /^logging (\d+\.\d+\.\d+\.\d+)/ && ProcessHistory("LOGGING","ipsort","$1","$_") && next; # order/prune tacacs/radius server statements if (/^(tacacs-server|radius-server) key / && $filter_pwds >= 1) { ProcessHistory("","","","# $1 key \n"); next; } # order clns host statements /^clns host \S+ (\S+)/ && ProcessHistory("CLNS","keysort","$1","$_") && next; # order alias statements /^alias / && ProcessHistory("ALIAS","keysort","$_","$_") && next; # delete ntp auth password - this md5 is a reversable too if (/^(ntp authentication-key \d+ md5) / && $filter_pwds >= 1) { ProcessHistory("","","","# $1 \n"); next; } # order ntp peers/servers if (/^ntp (server|peer) (\d+)\.(\d+)\.(\d+)\.(\d+)/) { $sortkey = sprintf("$1 %03d%03d%03d%03d",$2,$3,$4,$5); ProcessHistory("NTP","keysort",$sortkey,"$_"); next; } # order ip host line statements /^ip host line(\d+)/ && ProcessHistory("IPHOST","numsort","$1","$_") && next; # order ip nat source static statements /^ip nat (\S+) source static (\S+)/ && ProcessHistory("IP NAT $1","ipsort","$2","$_") && next; # catch anything that wasnt matched above. ProcessHistory("","","","$_"); } if ($lines < 3) { printf(STDERR "ERROR: $host configuration appears truncated.\n"); $found_end = 0; return(-1); } return(0); } # dummy function sub DoNothing {print STDOUT;} # Main @commandtable = ( {'bigpipe version' => 'ShowVersion'}, {'bigpipe platform' => 'ShowPlatform'}, {'cat /config/bigip.license' => 'ShowLicense'}, {'bigpipe monitor list all' => 'ShowMonitor'}, {'bigpipe profile list' => 'ShowProfile'}, {'bigpipe base list' => 'ShowBaseRun'}, {'bigpipe db show' => 'ShowDb'}, {'bigpipe route static show' => 'ShowRouteStatic'}, {'ls --full-time --color=never /config/ssl/ssl.crt' => 'ShowSslCrt'}, {'ls --full-time --color=never /config/ssl/ssl.key' => 'ShowSslKey'}, {'bigpipe list' => 'WriteTerm'} ); # Use an array to preserve the order of the commands and a hash for mapping # commands to the subroutine and track commands that have been completed. @commands = map(keys(%$_), @commandtable); %commands = map(%$_, @commandtable); $cisco_cmds=join(";", at commands); $cmds_regexp = join("|", map quotemeta($_), @commands); if (length($host) == 0) { if ($file) { print(STDERR "Too few arguments: file name required\n"); exit(1); } else { print(STDERR "Too few arguments: host name required\n"); exit(1); } } open(OUTPUT,">$host.new") || die "Can't open $host.new for writing: $!\n"; select(OUTPUT); # make OUTPUT unbuffered if debugging if ($debug) { $| = 1; } if ($file) { print STDERR "opening file $host\n" if ($debug); print STDOUT "opening file $host\n" if ($log); open(INPUT,"<$host") || die "open failed for $host: $!\n"; } else { print STDERR "executing clogin -t $timeo -c\"$cisco_cmds\" $host\n" if ($debug); print STDOUT "executing clogin -t $timeo -c\"$cisco_cmds\" $host\n" if ($log); if (defined($ENV{NOPIPE})) { system "clogin -t $timeo -c \"$cisco_cmds\" $host $host.raw 2>&1" || die "clogin failed for $host: $!\n"; open(INPUT, "< $host.raw") || die "clogin failed for $host: $!\n"; } else { open(INPUT,"clogin -t $timeo -c \"$cisco_cmds\" $host ) { tr/\015//d; if (/^Error:/) { print STDOUT ("$host clogin error: $_"); print STDERR ("$host clogin error: $_") if ($debug); $clean_run=0; last; } while (/#\s*($cmds_regexp)\s*$/) { $cmd = $1; if (!defined($prompt)) { $prompt = ($_ =~ /^([^#]+#)/)[0]; $prompt =~ s/([][}{)(\\])/\\$1/g; print STDERR ("PROMPT MATCH: $prompt\n") if ($debug); } print STDERR ("HIT COMMAND:$_") if ($debug); if (! defined($commands{$cmd})) { print STDERR "$host: found unexpected command - \"$cmd\"\n"; $clean_run = 0; last TOP; } $rval = &{$commands{$cmd}}; delete($commands{$cmd}); if ($rval == -1) { $clean_run = 0; last TOP; } } if (/\#\s?exit$/) { $clean_run=1; last; } } print STDOUT "Done $logincmd: $_\n" if ($log); # Flush History ProcessHistory("","","",""); # Cleanup close(INPUT); close(OUTPUT); if (defined($ENV{NOPIPE})) { unlink("$host.raw") if (! $debug); } # check for completeness if (scalar(%commands) || !$clean_run || !$found_end) { if (scalar(%commands)) { printf(STDOUT "$host: missed cmd(s): %s\n", join(',', keys(%commands))); printf(STDERR "$host: missed cmd(s): %s\n", join(',', keys(%commands))) if ($debug); } if (!$clean_run || !$found_end) { print STDOUT "$host: End of run not found\n"; print STDERR "$host: End of run not found\n" if ($debug); system("/usr/bin/tail -1 $host.new"); } unlink "$host.new" if (! $debug); } From zeusdadog at gmail.com Wed Feb 10 18:49:58 2010 From: zeusdadog at gmail.com (Jay Nakamura) Date: Wed, 10 Feb 2010 13:49:58 -0500 Subject: [rancid] SVN commit failed error Message-ID: <9418aca71002101049l2e893de9u414fcc9c7b75b08b@mail.gmail.com> I am having trouble with SVN working correctly and hoping for some help. Since it was getting confusing, I blasted the entire /var/* directory contents and started over. First run rancid-cvs [rancid at monitor1 ~]$ rancid-cvs Committed revision 1. Checked out revision 1. A configs Adding configs Committed revision 2. A router.db Adding router.db Transmitting file data . Committed revision 3. Committed revision 4. Checked out revision 4. A configs Adding configs Committed revision 5. A router.db Adding router.db Transmitting file data . Committed revision 6. Committed revision 7. Checked out revision 7. A configs Adding configs Committed revision 8. A router.db Adding router.db Transmitting file data . Committed revision 9. Committed revision 10. Checked out revision 10. A configs Adding configs Committed revision 11. A router.db Adding router.db Transmitting file data . Committed revision 12. Committed revision 13. Checked out revision 13. A configs Adding configs Committed revision 14. A router.db Adding router.db Transmitting file data . Committed revision 15. Committed revision 16. Checked out revision 16. A configs Adding configs Committed revision 17. A router.db Adding router.db Transmitting file data . Committed revision 18. ---- So far so good. I copied the router.db file from a backup, and copied it to one of the group folder. I touched the file so mod date was newer than when I ran rancid-cvs Then I ran rancid-run, and here is the log. --- starting: Wed Feb 10 13:43:22 EST 2010 A router1 Adding router1 Transmitting file data . Committed revision 19. Added router1 A router2 Adding router2 Transmitting file data . Committed revision 20. Added router2 A router3 Adding router3 Transmitting file data . Committed revision 21. Added router3 A router4 Adding router4 Transmitting file data . Committed revision 22. Added router4 ---- Trying to get all of the configs. All routers sucessfully completed. Sending . svn: Commit failed (details follow): svn: Out of date: '/cdc-router' in transaction '22-1' ending: Wed Feb 10 13:43:43 EST 2010 --- Why is it complaining about Commit failed? Any thoughts? From zeusdadog at gmail.com Wed Feb 10 19:14:09 2010 From: zeusdadog at gmail.com (Jay Nakamura) Date: Wed, 10 Feb 2010 14:14:09 -0500 Subject: [rancid] Re: SVN commit failed error In-Reply-To: <9418aca71002101049l2e893de9u414fcc9c7b75b08b@mail.gmail.com> References: <9418aca71002101049l2e893de9u414fcc9c7b75b08b@mail.gmail.com> Message-ID: <9418aca71002101114p1092b9f0l2fa88628911a81eb@mail.gmail.com> Never mind. I did "svn update" then "svn commit -m " in each group directory. After that, it started working. On Wed, Feb 10, 2010 at 1:49 PM, Jay Nakamura wrote: > I am having trouble with SVN working correctly and hoping for some help. > > Since it was getting confusing, I blasted the entire base>/var/* directory contents and started over. > > First run rancid-cvs > > [rancid at monitor1 ~]$ rancid-cvs > > Committed revision 1. > Checked out revision 1. > A ? ? ? ? configs > Adding ? ? ? ? configs > > Committed revision 2. > A ? ? ? ? router.db > Adding ? ? ? ? router.db > Transmitting file data . > Committed revision 3. > > Committed revision 4. > Checked out revision 4. > A ? ? ? ? configs > Adding ? ? ? ? configs > > Committed revision 5. > A ? ? ? ? router.db > Adding ? ? ? ? router.db > Transmitting file data . > Committed revision 6. > > Committed revision 7. > Checked out revision 7. > A ? ? ? ? configs > Adding ? ? ? ? configs > > Committed revision 8. > A ? ? ? ? router.db > Adding ? ? ? ? router.db > Transmitting file data . > Committed revision 9. > > Committed revision 10. > Checked out revision 10. > A ? ? ? ? configs > Adding ? ? ? ? configs > > Committed revision 11. > A ? ? ? ? router.db > Adding ? ? ? ? router.db > Transmitting file data . > Committed revision 12. > > Committed revision 13. > Checked out revision 13. > A ? ? ? ? configs > Adding ? ? ? ? configs > > Committed revision 14. > A ? ? ? ? router.db > Adding ? ? ? ? router.db > Transmitting file data . > Committed revision 15. > > Committed revision 16. > Checked out revision 16. > A ? ? ? ? configs > Adding ? ? ? ? configs > > Committed revision 17. > A ? ? ? ? router.db > Adding ? ? ? ? router.db > Transmitting file data . > Committed revision 18. > > ---- > > So far so good. ?I copied the router.db file from a backup, and copied > it to one of the group folder. ?I touched the file so mod date was > newer than when I ran rancid-cvs > > Then I ran rancid-run, and here is the log. > > --- > starting: Wed Feb 10 13:43:22 EST 2010 > > A ? ? ? ? router1 > Adding ? ? ? ? router1 > Transmitting file data . > Committed revision 19. > Added router1 > A ? ? ? ? router2 > Adding ? ? ? ? router2 > Transmitting file data . > Committed revision 20. > Added router2 > A ? ? ? ? router3 > Adding ? ? ? ? router3 > Transmitting file data . > Committed revision 21. > Added router3 > A ? ? ? ? router4 > Adding ? ? ? ? router4 > Transmitting file data . > Committed revision 22. > Added router4 > > ---- > > Trying to get all of the configs. > All routers sucessfully completed. > > Sending ? ? ? ?. > svn: Commit failed (details follow): > svn: Out of date: '/cdc-router' in transaction '22-1' > > ending: Wed Feb 10 13:43:43 EST 2010 > > --- > > Why is it complaining about Commit failed? ?Any thoughts? > From tore at linpro.no Thu Feb 11 07:39:59 2010 From: tore at linpro.no (Tore Anderson) Date: Thu, 11 Feb 2010 08:39:59 +0100 Subject: [rancid] Re: A few small fixes for arancid and f5rancid In-Reply-To: <20100210175055.GF21464@shrubbery.net> References: <4B725EA6.1000703@linpro.no> <20100210175055.GF21464@shrubbery.net> Message-ID: <4B73B44F.4020902@linpro.no> * john heasley > i believe we already have these in the code base. please try the > attached version. Yep, your patch works just as fine. Thanks. > why did you change arancid for an hp switch? did you alter something > or not define the device as 'hp' in the router.db? It's an OEM'ed BNT switch. It runs AOS, so I've defined it as an ?alteon? in router.db. Best regards, -- Tore Anderson Redpill Linpro AS - http://www.redpill-linpro.com/ Tel: +47 21 54 41 27 From Trevor.Coyle at interfusion.ie Thu Feb 11 14:49:10 2010 From: Trevor.Coyle at interfusion.ie (Trevor Coyle) Date: Thu, 11 Feb 2010 14:49:10 -0000 Subject: [rancid] Help with Rancid Netscreen Message-ID: Hi I was wondering if you could help? I'm currently trying to backup the config for a Juniper (Netscreen SSG-550) and the log file is coming out with starting: Thu Feb 11 12:51:48 GMT 2010 /usr/local/rancid/bin/control_rancid: line 234: cvs: command not found /usr/local/rancid/bin/control_rancid: line 235: cvs: command not found Added file_name /usr/local/rancid/bin/control_rancid: line 260: cvs: command not found Trying to get all of the configs. ===================================== Getting missed routers: round 1. ===================================== Getting missed routers: round 2. ===================================== Getting missed routers: round 3. ===================================== Getting missed routers: round 4. /usr/local/rancid/bin/control_rancid: line 372: cvs: command not found /usr/local/rancid/bin/control_rancid: line 384: cvs: command not found ending: Thu Feb 11 12:51:50 GMT 2010 The File output in Configs is blank, the nlogin is able to login to the firewall but the nrancid doesn't seem to be outputting the config Can you please Help Thank You, Trevor Registered in Ireland No. 321280, VAT Reg. No. IE 63412800 Registered Address. 1 Parkway House, Western Parkway Business Park, Ballymount, Dublin 12 Directors - S.MacNicholas, P.Ledwidge, C.OColmain, J.Byrne -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20100211/457e4be5/attachment.html From stewbeme at yahoo.com Thu Feb 11 15:03:17 2010 From: stewbeme at yahoo.com (derek stewart) Date: Thu, 11 Feb 2010 07:03:17 -0800 (PST) Subject: [rancid] Re: Help with Rancid Netscreen In-Reply-To: References: Message-ID: <555000.48333.qm@web50907.mail.re2.yahoo.com> remove me please ________________________________ From: Trevor Coyle To: rancid-discuss at shrubbery.net Sent: Thu, February 11, 2010 8:49:10 AM Subject: [rancid] Help with Rancid Netscreen Hi I was wondering if you could help? I?m currently trying to backup the config for a Juniper (Netscreen SSG-550) and the log file is coming out with starting: Thu Feb 11 12:51:48 GMT 2010 /usr/local/rancid/bin/control_rancid: line 234: cvs: command not found /usr/local/rancid/bin/control_rancid: line 235: cvs: command not found Added file_name /usr/local/rancid/bin/control_rancid: line 260: cvs: command not found Trying to get all of the configs. ===================================== Getting missed routers: round 1. ===================================== Getting missed routers: round 2. ===================================== Getting missed routers: round 3. ===================================== Getting missed routers: round 4. /usr/local/rancid/bin/control_rancid: line 372: cvs: command not found /usr/local/rancid/bin/control_rancid: line 384: cvs: command not found ending: Thu Feb 11 12:51:50 GMT 2010 The File output in Configs is blank, the nlogin is able to login to the firewall but the nrancid doesn?t seem to be outputting the config Can you please Help Thank You, Trevor Registered in Ireland No. 321280, VAT Reg. No. IE 63412800 Registered Address. 1 Parkway House, Western Parkway Business Park, Ballymount, Dublin 12 Directors - S.MacNicholas, P.Ledwidge, C.OColmain, J.Byrne -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20100211/28a62697/attachment.html From Trevor.Coyle at interfusion.ie Thu Feb 11 16:22:03 2010 From: Trevor.Coyle at interfusion.ie (Trevor Coyle) Date: Thu, 11 Feb 2010 16:22:03 -0000 Subject: [rancid] Re: Help with Rancid Netscreen In-Reply-To: <5A8F72DE-D118-48DF-952F-256D92C462C6@fattoc.com> References: <5A8F72DE-D118-48DF-952F-256D92C462C6@fattoc.com> Message-ID: Thank you for the reply, Rancid is working for all Cisco Devices but the Netscreen Firewall is having the problem, I have created a new group for Juniper and it can login into the Firewall OK but doesn't seem to be taking the config down, would you say I need to install CVS in this case? Trevor ________________________________ From: ?rni Birgisson [mailto:abirgisson at fattoc.com] Sent: 11 February 2010 16:17 To: Trevor Coyle Cc: rancid-discuss at shrubbery.net Subject: Re: [rancid] Help with Rancid Netscreen >From these logs it's apparent that you either don't have CVS installed, or the user that is running rancid doesn't have the correct path to the cvs command. You probably need to "apt-get install cvs" (debian/ubuntu) or "yum install cvs" (redhat/fedora). Is your rancid installation working for anything or is this the first device you are using rancid for? -Arni On Feb 11, 2010, at 2:49 PM, Trevor Coyle wrote: Hi I was wondering if you could help? I'm currently trying to backup the config for a Juniper (Netscreen SSG-550) and the log file is coming out with starting: Thu Feb 11 12:51:48 GMT 2010 /usr/local/rancid/bin/control_rancid: line 234: cvs: command not found /usr/local/rancid/bin/control_rancid: line 235: cvs: command not found Added file_name /usr/local/rancid/bin/control_rancid: line 260: cvs: command not found Trying to get all of the configs. ===================================== Getting missed routers: round 1. ===================================== Getting missed routers: round 2. ===================================== Getting missed routers: round 3. ===================================== Getting missed routers: round 4. /usr/local/rancid/bin/control_rancid: line 372: cvs: command not found /usr/local/rancid/bin/control_rancid: line 384: cvs: command not found ending: Thu Feb 11 12:51:50 GMT 2010 The File output in Configs is blank, the nlogin is able to login to the firewall but the nrancid doesn't seem to be outputting the config Can you please Help Thank You, Trevor Registered in Ireland No. 321280, VAT Reg. No. IE 63412800 Registered Address. 1 Parkway House, Western Parkway Business Park, Ballymount, Dublin 12 Directors - S.MacNicholas, P.Ledwidge, C.OColmain, J.Byrne Arni Birgisson Network Engineer FATTOC Iceland Adalstraeti 6 101 Reykjavik Iceland Registered in Ireland No. 321280, VAT Reg. No. IE 63412800 Registered Address. 1 Parkway House, Western Parkway Business Park, Ballymount, Dublin 12 Directors - S.MacNicholas, P.Ledwidge, C.OColmain, J.Byrne -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20100211/ea8e80c8/attachment.html From ABirgisson at fattoc.com Thu Feb 11 16:25:37 2010 From: ABirgisson at fattoc.com (=?windows-1252?Q?=C1rni_Birgisson?=) Date: Thu, 11 Feb 2010 16:25:37 +0000 Subject: [rancid] Re: Help with Rancid Netscreen In-Reply-To: References: <5A8F72DE-D118-48DF-952F-256D92C462C6@fattoc.com> Message-ID: If rancid is working correctly for other devices then your version control system works. Are you running the commands manually to get this error? Is it possible that rancid normally runs as some user (ie. "rancid") but you are running it as a different user (root) ? Is it one instance of rancid doing everything or a seperate instance/config for the firewalls? - Arni On Feb 11, 2010, at 4:22 PM, Trevor Coyle wrote: > Thank you for the reply, > > Rancid is working for all Cisco Devices but the Netscreen Firewall is having the problem, I have created a new group for Juniper and it can login into the Firewall OK but doesn?t seem to be taking the config down, would you say I need to install CVS in this case? > > Trevor > > From: ?rni Birgisson [mailto:abirgisson at fattoc.com] > Sent: 11 February 2010 16:17 > To: Trevor Coyle > Cc: rancid-discuss at shrubbery.net > Subject: Re: [rancid] Help with Rancid Netscreen > > From these logs it's apparent that you either don't have CVS installed, or the user that is running rancid > doesn't have the correct path to the cvs command. > > You probably need to "apt-get install cvs" (debian/ubuntu) or "yum install cvs" (redhat/fedora). > > Is your rancid installation working for anything or is this the first device you are using rancid for? > > -Arni > > > On Feb 11, 2010, at 2:49 PM, Trevor Coyle wrote: > > > Hi I was wondering if you could help? > > I?m currently trying to backup the config for a Juniper (Netscreen SSG-550) and the log file is coming out with > > starting: Thu Feb 11 12:51:48 GMT 2010 > > /usr/local/rancid/bin/control_rancid: line 234: cvs: command not found > /usr/local/rancid/bin/control_rancid: line 235: cvs: command not found > Added file_name > > /usr/local/rancid/bin/control_rancid: line 260: cvs: command not found > > > Trying to get all of the configs. > ===================================== > Getting missed routers: round 1. > ===================================== > Getting missed routers: round 2. > ===================================== > Getting missed routers: round 3. > ===================================== > Getting missed routers: round 4. > > /usr/local/rancid/bin/control_rancid: line 372: cvs: command not found > /usr/local/rancid/bin/control_rancid: line 384: cvs: command not found > > ending: Thu Feb 11 12:51:50 GMT 2010 > > The File output in Configs is blank, the nlogin is able to login to the firewall but the nrancid doesn?t seem to be outputting the config > > > Can you please Help > > Thank You, > Trevor > > Registered in Ireland No. 321280, VAT Reg. No. IE 63412800 > Registered Address. 1 Parkway House, Western Parkway Business Park, Ballymount, Dublin 12 > Directors - S.MacNicholas, P.Ledwidge, C.OColmain, J.Byrne > > > > > Arni Birgisson > Network Engineer > FATTOC Iceland > Adalstraeti 6 > 101 Reykjavik > Iceland > > > Registered in Ireland No. 321280, VAT Reg. No. IE 63412800 > Registered Address. 1 Parkway House, Western Parkway Business Park, Ballymount, Dublin 12 > Directors - S.MacNicholas, P.Ledwidge, C.OColmain, J.Byrne Arni Birgisson Network Engineer FATTOC Iceland Adalstraeti 6 101 Reykjavik Iceland -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20100211/b9b4761e/attachment.html From Trevor.Coyle at interfusion.ie Thu Feb 11 16:31:12 2010 From: Trevor.Coyle at interfusion.ie (Trevor Coyle) Date: Thu, 11 Feb 2010 16:31:12 -0000 Subject: [rancid] Re: Help with Rancid Netscreen In-Reply-To: References: <5A8F72DE-D118-48DF-952F-256D92C462C6@fattoc.com>

Message-ID: Arni, It's a run as atask with crontab Its running as user rancid the same as the cisco devices Its one instance for the routers and firewalls Tks, Trevor ________________________________ From: ?rni Birgisson [mailto:ABirgisson at fattoc.com] Sent: 11 February 2010 16:26 To: Trevor Coyle Cc: rancid-discuss at shrubbery.net Subject: Re: [rancid] Help with Rancid Netscreen If rancid is working correctly for other devices then your version control system works. Are you running the commands manually to get this error? Is it possible that rancid normally runs as some user (ie. "rancid") but you are running it as a different user (root) ? Is it one instance of rancid doing everything or a seperate instance/config for the firewalls? - Arni On Feb 11, 2010, at 4:22 PM, Trevor Coyle wrote: Thank you for the reply, Rancid is working for all Cisco Devices but the Netscreen Firewall is having the problem, I have created a new group for Juniper and it can login into the Firewall OK but doesn't seem to be taking the config down, would you say I need to install CVS in this case? Trevor ________________________________ From: ?rni Birgisson [mailto:abirgisson at fattoc.com] Sent: 11 February 2010 16:17 To: Trevor Coyle Cc: rancid-discuss at shrubbery.net Subject: Re: [rancid] Help with Rancid Netscreen >From these logs it's apparent that you either don't have CVS installed, or the user that is running rancid doesn't have the correct path to the cvs command. You probably need to "apt-get install cvs" (debian/ubuntu) or "yum install cvs" (redhat/fedora). Is your rancid installation working for anything or is this the first device you are using rancid for? -Arni On Feb 11, 2010, at 2:49 PM, Trevor Coyle wrote: Hi I was wondering if you could help? I'm currently trying to backup the config for a Juniper (Netscreen SSG-550) and the log file is coming out with starting: Thu Feb 11 12:51:48 GMT 2010 /usr/local/rancid/bin/control_rancid: line 234: cvs: command not found /usr/local/rancid/bin/control_rancid: line 235: cvs: command not found Added file_name /usr/local/rancid/bin/control_rancid: line 260: cvs: command not found Trying to get all of the configs. ===================================== Getting missed routers: round 1. ===================================== Getting missed routers: round 2. ===================================== Getting missed routers: round 3. ===================================== Getting missed routers: round 4. /usr/local/rancid/bin/control_rancid: line 372: cvs: command not found /usr/local/rancid/bin/control_rancid: line 384: cvs: command not found ending: Thu Feb 11 12:51:50 GMT 2010 The File output in Configs is blank, the nlogin is able to login to the firewall but the nrancid doesn't seem to be outputting the config Can you please Help Thank You, Trevor Registered in Ireland No. 321280, VAT Reg. No. IE 63412800 Registered Address. 1 Parkway House, Western Parkway Business Park, Ballymount, Dublin 12 Directors - S.MacNicholas, P.Ledwidge, C.OColmain, J.Byrne Arni Birgisson Network Engineer FATTOC Iceland Adalstraeti 6 101 Reykjavik Iceland Registered in Ireland No. 321280, VAT Reg. No. IE 63412800 Registered Address. 1 Parkway House, Western Parkway Business Park, Ballymount, Dublin 12 Directors - S.MacNicholas, P.Ledwidge, C.OColmain, J.Byrne Arni Birgisson Network Engineer FATTOC Iceland Adalstraeti 6 101 Reykjavik Iceland Registered in Ireland No. 321280, VAT Reg. No. IE 63412800 Registered Address. 1 Parkway House, Western Parkway Business Park, Ballymount, Dublin 12 Directors - S.MacNicholas, P.Ledwidge, C.OColmain, J.Byrne -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20100211/9c957b99/attachment.html From abirgisson at fattoc.com Thu Feb 11 16:16:37 2010 From: abirgisson at fattoc.com (=?windows-1252?Q?=C1rni_Birgisson?=) Date: Thu, 11 Feb 2010 16:16:37 +0000 Subject: [rancid] Re: Help with Rancid Netscreen In-Reply-To: References: Message-ID: <5A8F72DE-D118-48DF-952F-256D92C462C6@fattoc.com> From these logs it's apparent that you either don't have CVS installed, or the user that is running rancid doesn't have the correct path to the cvs command. You probably need to "apt-get install cvs" (debian/ubuntu) or "yum install cvs" (redhat/fedora). Is your rancid installation working for anything or is this the first device you are using rancid for? -Arni On Feb 11, 2010, at 2:49 PM, Trevor Coyle wrote: > Hi I was wondering if you could help? > > I?m currently trying to backup the config for a Juniper (Netscreen SSG-550) and the log file is coming out with > > starting: Thu Feb 11 12:51:48 GMT 2010 > > /usr/local/rancid/bin/control_rancid: line 234: cvs: command not found > /usr/local/rancid/bin/control_rancid: line 235: cvs: command not found > Added file_name > > /usr/local/rancid/bin/control_rancid: line 260: cvs: command not found > > > Trying to get all of the configs. > ===================================== > Getting missed routers: round 1. > ===================================== > Getting missed routers: round 2. > ===================================== > Getting missed routers: round 3. > ===================================== > Getting missed routers: round 4. > > /usr/local/rancid/bin/control_rancid: line 372: cvs: command not found > /usr/local/rancid/bin/control_rancid: line 384: cvs: command not found > > ending: Thu Feb 11 12:51:50 GMT 2010 > > The File output in Configs is blank, the nlogin is able to login to the firewall but the nrancid doesn?t seem to be outputting the config > > > Can you please Help > > Thank You, > Trevor > > Registered in Ireland No. 321280, VAT Reg. No. IE 63412800 > Registered Address. 1 Parkway House, Western Parkway Business Park, Ballymount, Dublin 12 > Directors - S.MacNicholas, P.Ledwidge, C.OColmain, J.Byrne > Arni Birgisson Network Engineer FATTOC Iceland Adalstraeti 6 101 Reykjavik Iceland -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20100211/d5d04b86/attachment.html From david.mantock at gmx.ch Thu Feb 11 17:12:35 2010 From: david.mantock at gmx.ch (David Mantock) Date: Thu, 11 Feb 2010 18:12:35 +0100 Subject: [rancid] ciscowlc Message-ID: <80141B741E494D36A1F25E464C29D2FE@DavidPC> Hi, I need to back-up a cisco wireless lan controller. The commands I would do manually are these: config paging disable show run-config commands config paging enable logout What do I have to do extend rancid to do this backup? Thank in advance, David -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20100211/3ada92c5/attachment.html From George.Nussbaum at l-3com.com Thu Feb 11 17:15:52 2010 From: George.Nussbaum at l-3com.com (George.Nussbaum at l-3com.com) Date: Thu, 11 Feb 2010 12:15:52 -0500 Subject: [rancid] Re: ciscowlc In-Reply-To: <80141B741E494D36A1F25E464C29D2FE@DavidPC> References: <80141B741E494D36A1F25E464C29D2FE@DavidPC> Message-ID: You can edit the rancid commandtable and add them in. My commandtable is located in my rancid file "/usr/local/rancid/bin/rancid" George Nussbaum Sr. Systems Administrator L-3 Communications, Security & Detection Systems 10E Commerce Way Woburn, MA 01801 (P) 781-939-3866 (M) 781-985-5081 (F) 781-939-3996 George.Nussbaum at l-3com.com From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of David Mantock Sent: Thursday, February 11, 2010 12:13 PM To: Rancid-discuss at shrubbery.net Subject: [rancid] ciscowlc Hi, I need to back-up a cisco wireless lan controller. The commands I would do manually are these: config paging disable show run-config commands config paging enable logout What do I have to do extend rancid to do this backup? Thank in advance, David -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20100211/4ef13e83/attachment.html -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: image/jpeg Size: 1944 bytes Desc: image001.jpg Url : http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20100211/4ef13e83/attachment.jpe From tad1214 at aol.com Thu Feb 11 17:19:18 2010 From: tad1214 at aol.com (Thomas Donnelly) Date: Thu, 11 Feb 2010 11:19:18 -0600 Subject: [rancid] Re: ciscowlc In-Reply-To: <80141B741E494D36A1F25E464C29D2FE@DavidPC> References: <80141B741E494D36A1F25E464C29D2FE@DavidPC> Message-ID: <4B743C16.3050100@aol.com> An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20100211/94a11e82/attachment.html From rwest at zyedge.com Thu Feb 11 17:33:16 2010 From: rwest at zyedge.com (Ryan West) Date: Thu, 11 Feb 2010 17:33:16 +0000 Subject: [rancid] Re: ciscowlc In-Reply-To: <4B743C16.3050100@aol.com> References: <80141B741E494D36A1F25E464C29D2FE@DavidPC> <4B743C16.3050100@aol.com> Message-ID: <5DC4853C6CC3EE4788779E0726E034DD0F91D3@zy-ex1.zyedge.local> These have been posted a few times. Check out the archives on shrubbery, you should be able to find ones that work with WLC4 and WLC5. -ryan From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Thomas Donnelly Sent: Thursday, February 11, 2010 12:19 PM To: Rancid-discuss at shrubbery.net Subject: [rancid] Re: ciscowlc I too would be interested in this. -=Tom On 02/11/10 11:12, David Mantock wrote: Hi, I need to back-up a cisco wireless lan controller. The commands I would do manually are these: config paging disable show run-config commands config paging enable logout What do I have to do extend rancid to do this backup? Thank in advance, David _______________________________________________ Rancid-discuss mailing list Rancid-discuss at shrubbery.net http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20100211/c028ae96/attachment.html From jmadrid2 at gmail.com Thu Feb 11 17:06:05 2010 From: jmadrid2 at gmail.com (Jose Madrid) Date: Thu, 11 Feb 2010 12:06:05 -0500 Subject: [rancid] Re: Increasing Timeout For RANCID In-Reply-To: References: <11abb0e31002091802p6d8728bbs969388dfafee8412@mail.gmail.com> Message-ID: <867d5e9c1002110906r1dbd3b36j9c5ae94578112125@mail.gmail.com> Larry, Take a look at bin/clogin on line 80. Mine sets the timeout to 45 seconds. Maybe you want to extend this?? # Sometimes routers take awhile to answer (the default is 10 sec) set timeout 45 2010/2/10 Kemp, Larry > I appreciate your help very much. I found something that sounds familiar > here in the archives: > http://www.shrubbery.net/pipermail/rancid-discuss/2007-October/002540.html > > I am in a bit over my head if I have to ?pass a parameter? as you say, or > as this link above discusses ?modify clogin?. Not sure exactly how I would > do either; could you please be more specific in what I need to do. Thanks > again. > > LK > > > > *From:* Brian Lam [mailto:blam at rockyou.com] > *Sent:* Tuesday, February 09, 2010 9:03 PM > *To:* Kemp, Larry > *Cc:* rancid > *Subject:* Re: [rancid] Increasing Timeout For RANCID > > > > looks like you should pass it as a parameter instead of modifying clogin... > > 2010/2/9 Kemp, Larry > > I have some Cisco 2950?s that I need RANCID to reach via SSH. Each time > rancid-run executes (either manually by me or via the cron) I see in the log > that there is a clogin error for these devices. I am able to manually login > by entering: ?ssh rancid at 172.20.30.1? as user rancid. I am able to login > to these devices and then enter my enable password and run privledged > commands, however to reach a password prompt takes a good 7 seconds because > of how me have to route to these devices. The devices are also small and > contain little memory. > > > > I read here: http://www.shrubbery.net/rancid/man/clogin.1.html about the > -t option to increase the time that Rancid waits before erroring out > waiting for a login prompt. I also looked in the > /usr/local/rancid/bin/clogin file to see if there was a place for me to > increase this timeout limit. I am not sure if this is where I need to edit. > Can anyone that has done this before point me in the right direction to > increase the login timeout. > > > > > > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > > > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > -- It has to start somewhere, it has to start sometime. What better place than here? What better time than now? -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20100211/63c13b07/attachment.html -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: image/png Size: 51360 bytes Desc: not available Url : http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20100211/63c13b07/attachment.png From Larry.Kemp at usmetrotel.com Thu Feb 11 18:04:19 2010 From: Larry.Kemp at usmetrotel.com (Kemp, Larry) Date: Thu, 11 Feb 2010 13:04:19 -0500 Subject: [rancid] Re: Increasing Timeout For RANCID In-Reply-To: <867d5e9c1002110906r1dbd3b36j9c5ae94578112125@mail.gmail.com> References: <11abb0e31002091802p6d8728bbs969388dfafee8412@mail.gmail.com> <867d5e9c1002110906r1dbd3b36j9c5ae94578112125@mail.gmail.com> Message-ID: Jose - Thanks to you and all. My company took over a smaller company and the admin duties for some smaller older Cisco devices. I increased the timeout from a value of 45 to 100 and it still did not work via ssh. I zeroized my keys and generated new ones on the Cisco gear, I also checked that "transport input ssh" was there in my vty lines; still no dice. Rancid is backing up these devices fine via telnet but errors out when switched to ssh. I think it is most likely a software revision issue on these smaller older Cisco devices. Thanks again! LK From: Jose Madrid [mailto:jmadrid2 at gmail.com] Sent: Thursday, February 11, 2010 12:06 PM To: Kemp, Larry Cc: Brian Lam; rancid Subject: Re: [rancid] Re: Increasing Timeout For RANCID Larry, Take a look at bin/clogin on line 80. Mine sets the timeout to 45 seconds. Maybe you want to extend this?? # Sometimes routers take awhile to answer (the default is 10 sec) set timeout 45 2010/2/10 Kemp, Larry > I appreciate your help very much. I found something that sounds familiar here in the archives: http://www.shrubbery.net/pipermail/rancid-discuss/2007-October/002540.html I am in a bit over my head if I have to "pass a parameter" as you say, or as this link above discusses "modify clogin". Not sure exactly how I would do either; could you please be more specific in what I need to do. Thanks again. LK From: Brian Lam [mailto:blam at rockyou.com] Sent: Tuesday, February 09, 2010 9:03 PM To: Kemp, Larry Cc: rancid Subject: Re: [rancid] Increasing Timeout For RANCID looks like you should pass it as a parameter instead of modifying clogin... 2010/2/9 Kemp, Larry > I have some Cisco 2950's that I need RANCID to reach via SSH. Each time rancid-run executes (either manually by me or via the cron) I see in the log that there is a clogin error for these devices. I am able to manually login by entering: "ssh rancid at 172.20.30.1" as user rancid. I am able to login to these devices and then enter my enable password and run privledged commands, however to reach a password prompt takes a good 7 seconds because of how me have to route to these devices. The devices are also small and contain little memory. I read here: http://www.shrubbery.net/rancid/man/clogin.1.html about the -t option to increase the time that Rancid waits before erroring out waiting for a login prompt. I also looked in the /usr/local/rancid/bin/clogin file to see if there was a place for me to increase this timeout limit. I am not sure if this is where I need to edit. Can anyone that has done this before point me in the right direction to increase the login timeout. [cid:image001.png at 01CAAB18.EED12850] _______________________________________________ Rancid-discuss mailing list Rancid-discuss at shrubbery.net http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss _______________________________________________ Rancid-discuss mailing list Rancid-discuss at shrubbery.net http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss -- It has to start somewhere, it has to start sometime. What better place than here? What better time than now? -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20100211/592c29a3/attachment.html -------------- next part -------------- A non-text attachment was scrubbed... Name: image001.png Type: image/png Size: 51360 bytes Desc: image001.png Url : http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20100211/592c29a3/attachment.png From heas at shrubbery.net Thu Feb 11 18:08:45 2010 From: heas at shrubbery.net (john heasley) Date: Thu, 11 Feb 2010 18:08:45 +0000 Subject: [rancid] Re: A few small fixes for arancid and f5rancid In-Reply-To: <4B73B44F.4020902@linpro.no> References: <4B725EA6.1000703@linpro.no> <20100210175055.GF21464@shrubbery.net> <4B73B44F.4020902@linpro.no> Message-ID: <20100211180845.GM18447@shrubbery.net> Thu, Feb 11, 2010 at 08:39:59AM +0100, Tore Anderson: > * john heasley > > > i believe we already have these in the code base. please try the > > attached version. > > Yep, your patch works just as fine. Thanks. > > > why did you change arancid for an hp switch? did you alter something > > or not define the device as 'hp' in the router.db? > > It's an OEM'ed BNT switch. It runs AOS, so I've defined it as an > ?alteon? in router.db. got it; thanks. From heas at shrubbery.net Thu Feb 11 21:09:56 2010 From: heas at shrubbery.net (john heasley) Date: Thu, 11 Feb 2010 21:09:56 +0000 Subject: [rancid] Re: Help with Rancid Netscreen In-Reply-To: References: <5A8F72DE-D118-48DF-952F-256D92C462C6@fattoc.com>

Message-ID: <20100211210956.GC18447@shrubbery.net> Thu, Feb 11, 2010 at 04:31:12PM -0000, Trevor Coyle: > Arni, > > > > It's a run as atask with crontab > > Its running as user rancid the same as the cisco devices > > Its one instance for the routers and firewalls if its one cron job, its truely bizarre. you must be affecting the path environment variable somehow between running one group and the next. your cronjob should be similar to /bin/rancid-run no more is required. > > > Tks, > > Trevor > > > > ________________________________ > > From: ?rni Birgisson [mailto:ABirgisson at fattoc.com] > Sent: 11 February 2010 16:26 > To: Trevor Coyle > Cc: rancid-discuss at shrubbery.net > Subject: Re: [rancid] Help with Rancid Netscreen > > > > If rancid is working correctly for other devices then your version control system works. > > > > Are you running the commands manually to get this error? > > Is it possible that rancid normally runs as some user (ie. "rancid") but you are running it as a different user (root) ? > > Is it one instance of rancid doing everything or a seperate instance/config for the firewalls? > > > > - Arni > > > > On Feb 11, 2010, at 4:22 PM, Trevor Coyle wrote: > > > > > > Thank you for the reply, > > > > Rancid is working for all Cisco Devices but the Netscreen Firewall is having the problem, I have created a new group for Juniper and it can login into the Firewall OK but doesn't seem to be taking the config down, would you say I need to install CVS in this case? > > > > Trevor > > > > ________________________________ > > From: ?rni Birgisson [mailto:abirgisson at fattoc.com] > Sent: 11 February 2010 16:17 > To: Trevor Coyle > Cc: rancid-discuss at shrubbery.net > Subject: Re: [rancid] Help with Rancid Netscreen > > > > >From these logs it's apparent that you either don't have CVS installed, or the user that is running rancid > > doesn't have the correct path to the cvs command. > > > > You probably need to "apt-get install cvs" (debian/ubuntu) or "yum install cvs" (redhat/fedora). > > > > Is your rancid installation working for anything or is this the first device you are using rancid for? > > > > -Arni > > > > > > On Feb 11, 2010, at 2:49 PM, Trevor Coyle wrote: > > > > > > > Hi I was wondering if you could help? > > > > I'm currently trying to backup the config for a Juniper (Netscreen SSG-550) and the log file is coming out with > > > > starting: Thu Feb 11 12:51:48 GMT 2010 > > > > /usr/local/rancid/bin/control_rancid: line 234: cvs: command not found > > /usr/local/rancid/bin/control_rancid: line 235: cvs: command not found > > Added file_name > > > > /usr/local/rancid/bin/control_rancid: line 260: cvs: command not found > > > > > > Trying to get all of the configs. > > ===================================== > > Getting missed routers: round 1. > > ===================================== > > Getting missed routers: round 2. > > ===================================== > > Getting missed routers: round 3. > > ===================================== > > Getting missed routers: round 4. > > > > /usr/local/rancid/bin/control_rancid: line 372: cvs: command not found > > /usr/local/rancid/bin/control_rancid: line 384: cvs: command not found > > > > ending: Thu Feb 11 12:51:50 GMT 2010 > > > > The File output in Configs is blank, the nlogin is able to login to the firewall but the nrancid doesn't seem to be outputting the config > > > > > > Can you please Help > > > > Thank You, > > Trevor > > > Registered in Ireland No. 321280, VAT Reg. No. IE 63412800 > Registered Address. 1 Parkway House, Western Parkway Business Park, Ballymount, Dublin 12 > Directors - S.MacNicholas, P.Ledwidge, C.OColmain, J.Byrne > > > > > > > Arni Birgisson > Network Engineer > FATTOC Iceland > Adalstraeti 6 > 101 Reykjavik > Iceland > > > > > Registered in Ireland No. 321280, VAT Reg. No. IE 63412800 > Registered Address. 1 Parkway House, Western Parkway Business Park, Ballymount, Dublin 12 > Directors - S.MacNicholas, P.Ledwidge, C.OColmain, J.Byrne > > > > > > Arni Birgisson > Network Engineer > FATTOC Iceland > Adalstraeti 6 > 101 Reykjavik > Iceland > > > > > Registered in Ireland No. 321280, VAT Reg. No. IE 63412800 > Registered Address. 1 Parkway House, Western Parkway Business Park, > Ballymount, Dublin 12 > Directors - S.MacNicholas, P.Ledwidge, C.OColmain, J.Byrne > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss From cderemer at phoebe.org Fri Feb 12 00:52:49 2010 From: cderemer at phoebe.org (Christopher DeRemer) Date: Thu, 11 Feb 2010 19:52:49 -0500 Subject: [rancid] Re: Increasing Timeout For RANCID In-Reply-To: References: <11abb0e31002091802p6d8728bbs969388dfafee8412@mail.gmail.com> <867d5e9c1002110906r1dbd3b36j9c5ae94578112125@mail.gmail.com> Message-ID: <671DC9312DF0CC4D8A7F3ABE978DD5ADD64B8D0E3D@MAIL.phoebe.local> Larry, I'm running Rancid against 2950's with SSH no problem. Can you send over parts of your config for me to cross check. I would paste mine but the switch I'm thinking about is off right now because it's getting installed tomorrow :) Cheers, Christopher DeRemer, CCENT Network Administrator Phoebe Services 484.619.2168 (Single # Reach) From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Kemp, Larry Sent: Thursday, February 11, 2010 1:04 PM To: 'Jose Madrid' Cc: rancid Subject: [rancid] Re: Increasing Timeout For RANCID Jose - Thanks to you and all. My company took over a smaller company and the admin duties for some smaller older Cisco devices. I increased the timeout from a value of 45 to 100 and it still did not work via ssh. I zeroized my keys and generated new ones on the Cisco gear, I also checked that "transport input ssh" was there in my vty lines; still no dice. Rancid is backing up these devices fine via telnet but errors out when switched to ssh. I think it is most likely a software revision issue on these smaller older Cisco devices. Thanks again! LK From: Jose Madrid [mailto:jmadrid2 at gmail.com] Sent: Thursday, February 11, 2010 12:06 PM To: Kemp, Larry Cc: Brian Lam; rancid Subject: Re: [rancid] Re: Increasing Timeout For RANCID Larry, Take a look at bin/clogin on line 80. Mine sets the timeout to 45 seconds. Maybe you want to extend this?? # Sometimes routers take awhile to answer (the default is 10 sec) set timeout 45 2010/2/10 Kemp, Larry > I appreciate your help very much. I found something that sounds familiar here in the archives: http://www.shrubbery.net/pipermail/rancid-discuss/2007-October/002540.html I am in a bit over my head if I have to "pass a parameter" as you say, or as this link above discusses "modify clogin". Not sure exactly how I would do either; could you please be more specific in what I need to do. Thanks again. LK From: Brian Lam [mailto:blam at rockyou.com] Sent: Tuesday, February 09, 2010 9:03 PM To: Kemp, Larry Cc: rancid Subject: Re: [rancid] Increasing Timeout For RANCID looks like you should pass it as a parameter instead of modifying clogin... 2010/2/9 Kemp, Larry > I have some Cisco 2950's that I need RANCID to reach via SSH. Each time rancid-run executes (either manually by me or via the cron) I see in the log that there is a clogin error for these devices. I am able to manually login by entering: "ssh rancid at 172.20.30.1" as user rancid. I am able to login to these devices and then enter my enable password and run privledged commands, however to reach a password prompt takes a good 7 seconds because of how me have to route to these devices. The devices are also small and contain little memory. I read here: http://www.shrubbery.net/rancid/man/clogin.1.html about the -t option to increase the time that Rancid waits before erroring out waiting for a login prompt. I also looked in the /usr/local/rancid/bin/clogin file to see if there was a place for me to increase this timeout limit. I am not sure if this is where I need to edit. Can anyone that has done this before point me in the right direction to increase the login timeout. [cid:image001.png at 01CAAB53.C05399A0] _______________________________________________ Rancid-discuss mailing list Rancid-discuss at shrubbery.net http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss _______________________________________________ Rancid-discuss mailing list Rancid-discuss at shrubbery.net http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss -- It has to start somewhere, it has to start sometime. What better place than here? What better time than now? ________________________________ NOTICE: This confidential message/attachment contains information intended for a specific individual(s). Any inappropriate use, distribution or duplication is strictly prohibited. If received in error, notify the sender and immediately delete this transmission. -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20100211/9d85b7e0/attachment.html -------------- next part -------------- A non-text attachment was scrubbed... Name: image001.png Type: image/png Size: 51360 bytes Desc: image001.png Url : http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20100211/9d85b7e0/attachment.png From ryan at videoegg.com Fri Feb 12 02:09:47 2010 From: ryan at videoegg.com (Ryan Mortensen) Date: Thu, 11 Feb 2010 18:09:47 -0800 Subject: [rancid] Netscaler 9.1 Rancid support Message-ID: <54AAF1F5-90A4-4829-9CCB-39AE99D6E05E@videoegg.com> Has anyone been able to get Rancid working correctly with Netscaler 9.1? Seems like it's an issue with the prompt being ">" but I've been able to hack nslogin so that I can run commands out of it but nsrancid still just times out even after I changed it's prompt. Anyone? From heas at shrubbery.net Fri Feb 12 02:16:11 2010 From: heas at shrubbery.net (john heasley) Date: Thu, 11 Feb 2010 18:16:11 -0800 Subject: [rancid] Re: Netscaler 9.1 Rancid support In-Reply-To: <54AAF1F5-90A4-4829-9CCB-39AE99D6E05E@videoegg.com> References: <54AAF1F5-90A4-4829-9CCB-39AE99D6E05E@videoegg.com> Message-ID: <20100212021611.GS24808@shrubbery.net> Thu, Feb 11, 2010 at 06:09:47PM -0800, Ryan Mortensen: > Has anyone been able to get Rancid working correctly with Netscaler 9.1? Seems like it's an issue with the prompt being ">" but I've been able to hack nslogin so that I can run commands out of it but nsrancid still just times out even after I changed it's prompt. Anyone? > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss nsrancid will also need to know what the prompt looks like. From ryan at videoegg.com Fri Feb 12 02:20:13 2010 From: ryan at videoegg.com (Ryan Mortensen) Date: Thu, 11 Feb 2010 18:20:13 -0800 Subject: [rancid] Re: Netscaler 9.1 Rancid support In-Reply-To: <20100212021611.GS24808@shrubbery.net> References: <54AAF1F5-90A4-4829-9CCB-39AE99D6E05E@videoegg.com> <20100212021611.GS24808@shrubbery.net> Message-ID: <3B4AB279-92A4-44D9-B9C5-DD5BFEA0943A@videoegg.com> Yeah....sry I wasn't clearer. I also hacked nsrancid to detect the prompt but it's still just timing out. On Feb 11, 2010, at 6:16 PM, john heasley wrote: > Thu, Feb 11, 2010 at 06:09:47PM -0800, Ryan Mortensen: >> Has anyone been able to get Rancid working correctly with Netscaler 9.1? Seems like it's an issue with the prompt being ">" but I've been able to hack nslogin so that I can run commands out of it but nsrancid still just times out even after I changed it's prompt. Anyone? >> _______________________________________________ >> Rancid-discuss mailing list >> Rancid-discuss at shrubbery.net >> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > > nsrancid will also need to know what the prompt looks like. From heas at shrubbery.net Fri Feb 12 02:24:32 2010 From: heas at shrubbery.net (john heasley) Date: Thu, 11 Feb 2010 18:24:32 -0800 Subject: [rancid] Re: Netscaler 9.1 Rancid support In-Reply-To: <3B4AB279-92A4-44D9-B9C5-DD5BFEA0943A@videoegg.com> References: <54AAF1F5-90A4-4829-9CCB-39AE99D6E05E@videoegg.com> <20100212021611.GS24808@shrubbery.net> <3B4AB279-92A4-44D9-B9C5-DD5BFEA0943A@videoegg.com> Message-ID: <20100212022432.GT24808@shrubbery.net> Thu, Feb 11, 2010 at 06:20:13PM -0800, Ryan Mortensen: > Yeah....sry I wasn't clearer. I also hacked nsrancid to detect the prompt but it's still just timing out. nsrancid -d -c somecommand devicename should help debug the problem recognizign the prompt. > On Feb 11, 2010, at 6:16 PM, john heasley wrote: > > > Thu, Feb 11, 2010 at 06:09:47PM -0800, Ryan Mortensen: > >> Has anyone been able to get Rancid working correctly with Netscaler 9.1? Seems like it's an issue with the prompt being ">" but I've been able to hack nslogin so that I can run commands out of it but nsrancid still just times out even after I changed it's prompt. Anyone? > >> _______________________________________________ > >> Rancid-discuss mailing list > >> Rancid-discuss at shrubbery.net > >> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > > > > nsrancid will also need to know what the prompt looks like. From heas at shrubbery.net Fri Feb 12 02:50:24 2010 From: heas at shrubbery.net (john heasley) Date: Thu, 11 Feb 2010 18:50:24 -0800 Subject: [rancid] Re: ciscowlc In-Reply-To: <5DC4853C6CC3EE4788779E0726E034DD0F91D3@zy-ex1.zyedge.local> References: <80141B741E494D36A1F25E464C29D2FE@DavidPC> <4B743C16.3050100@aol.com> <5DC4853C6CC3EE4788779E0726E034DD0F91D3@zy-ex1.zyedge.local> Message-ID: <20100212025024.GW24808@shrubbery.net> Thu, Feb 11, 2010 at 05:33:16PM +0000, Ryan West: > These have been posted a few times. Check out the archives on shrubbery, you should be able to find ones that work with WLC4 and WLC5. who is using this successfully? > -ryan > > From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Thomas Donnelly > Sent: Thursday, February 11, 2010 12:19 PM > To: Rancid-discuss at shrubbery.net > Subject: [rancid] Re: ciscowlc > > I too would be interested in this. > > -=Tom > On 02/11/10 11:12, David Mantock wrote: > Hi, > > I need to back-up a cisco wireless lan controller. The commands I would do manually are these: > > config paging disable > show run-config commands > config paging enable > logout > What do I have to do extend rancid to do this backup? > Thank in advance, > David > > > > > > _______________________________________________ > > Rancid-discuss mailing list > > Rancid-discuss at shrubbery.net > > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > > > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss From rwest at zyedge.com Fri Feb 12 02:54:45 2010 From: rwest at zyedge.com (Ryan West) Date: Fri, 12 Feb 2010 02:54:45 +0000 Subject: [rancid] Re: ciscowlc In-Reply-To: <20100212025024.GW24808@shrubbery.net> References: <80141B741E494D36A1F25E464C29D2FE@DavidPC> <4B743C16.3050100@aol.com> <5DC4853C6CC3EE4788779E0726E034DD0F91D3@zy-ex1.zyedge.local> <20100212025024.GW24808@shrubbery.net> Message-ID: <5DC4853C6CC3EE4788779E0726E034DD0FA282@zy-ex1.zyedge.local> John, > -----Original Message----- > From: john heasley [mailto:heas at shrubbery.net] > Sent: Thursday, February 11, 2010 9:50 PM > To: Ryan West > Cc: Thomas Donnelly; Rancid-discuss at shrubbery.net > Subject: Re: [rancid] Re: ciscowlc > > Thu, Feb 11, 2010 at 05:33:16PM +0000, Ryan West: > > These have been posted a few times. Check out the archives on > shrubbery, you should be able to find ones that work with WLC4 and > WLC5. > > who is using this successfully? > I'm using it on 5.2.193 and 4.2.207, primarily on 4402's and a couple of 2100's. I made some minor changes to the original WLC script to support version 5, but I'm sure someone who actually programs could get it into a single script. -ryan From heas at shrubbery.net Fri Feb 12 04:03:03 2010 From: heas at shrubbery.net (john heasley) Date: Thu, 11 Feb 2010 20:03:03 -0800 Subject: [rancid] Re: ciscowlc In-Reply-To: <5DC4853C6CC3EE4788779E0726E034DD0FA282@zy-ex1.zyedge.local> References: <80141B741E494D36A1F25E464C29D2FE@DavidPC> <4B743C16.3050100@aol.com> <5DC4853C6CC3EE4788779E0726E034DD0F91D3@zy-ex1.zyedge.local> <20100212025024.GW24808@shrubbery.net> <5DC4853C6CC3EE4788779E0726E034DD0FA282@zy-ex1.zyedge.local> Message-ID: <20100212040303.GY24808@shrubbery.net> Fri, Feb 12, 2010 at 02:54:45AM +0000, Ryan West: > John, > > > -----Original Message----- > > From: john heasley [mailto:heas at shrubbery.net] > > Sent: Thursday, February 11, 2010 9:50 PM > > To: Ryan West > > Cc: Thomas Donnelly; Rancid-discuss at shrubbery.net > > Subject: Re: [rancid] Re: ciscowlc > > > > Thu, Feb 11, 2010 at 05:33:16PM +0000, Ryan West: > > > These have been posted a few times. Check out the archives on > > shrubbery, you should be able to find ones that work with WLC4 and > > WLC5. > > > > who is using this successfully? > > > > I'm using it on 5.2.193 and 4.2.207, primarily on 4402's and a couple of 2100's. I made some minor changes to the original WLC script to support version 5, but I'm sure someone who actually programs could get it into a single script. > i might be able to merge them, but it'd be easier if someone who actually has the devices did that - and someone else verified that it works. From Trevor.Coyle at interfusion.ie Fri Feb 12 09:07:13 2010 From: Trevor.Coyle at interfusion.ie (Trevor Coyle) Date: Fri, 12 Feb 2010 09:07:13 -0000 Subject: [rancid] Re: Help with Rancid Netscreen In-Reply-To: <20100211210956.GC18447@shrubbery.net> References: <5A8F72DE-D118-48DF-952F-256D92C462C6@fattoc.com>

<20100211210956.GC18447@shrubbery.net> Message-ID: Rancid has been running for the last few years backing up cisco's I edited the GROUPS in the rancid.conf to include the new netscreen group Then I ran rancid-cvs Test the nlogin to see if it could login under the Rancid user which it could get into the firewall I Ran Rancid-run and I get that error my first mail in the logs NOTE: I had to change some things in the bin/nrancid to get it to run, I was getting missing curly bracket errors so I added them in to the correct place and the errors stopped Crontab - # rancid 01 0 * * * rancid /usr/local/rancid/bin/rancid-run Thank You for your help, Trevor -----Original Message----- From: john heasley [mailto:heas at shrubbery.net] Sent: 11 February 2010 21:10 To: Trevor Coyle Cc: ?rni Birgisson; rancid-discuss at shrubbery.net Subject: Re: [rancid] Re: Help with Rancid Netscreen Thu, Feb 11, 2010 at 04:31:12PM -0000, Trevor Coyle: > Arni, > > > > It's a run as atask with crontab > > Its running as user rancid the same as the cisco devices > > Its one instance for the routers and firewalls if its one cron job, its truely bizarre. you must be affecting the path environment variable somehow between running one group and the next. your cronjob should be similar to /bin/rancid-run no more is required. > > > Tks, > > Trevor > > > > ________________________________ > > From: ?rni Birgisson [mailto:ABirgisson at fattoc.com] > Sent: 11 February 2010 16:26 > To: Trevor Coyle > Cc: rancid-discuss at shrubbery.net > Subject: Re: [rancid] Help with Rancid Netscreen > > > > If rancid is working correctly for other devices then your version control system works. > > > > Are you running the commands manually to get this error? > > Is it possible that rancid normally runs as some user (ie. "rancid") but you are running it as a different user (root) ? > > Is it one instance of rancid doing everything or a seperate instance/config for the firewalls? > > > > - Arni > > > > On Feb 11, 2010, at 4:22 PM, Trevor Coyle wrote: > > > > > > Thank you for the reply, > > > > Rancid is working for all Cisco Devices but the Netscreen Firewall is having the problem, I have created a new group for Juniper and it can login into the Firewall OK but doesn't seem to be taking the config down, would you say I need to install CVS in this case? > > > > Trevor > > > > ________________________________ > > From: ?rni Birgisson [mailto:abirgisson at fattoc.com] > Sent: 11 February 2010 16:17 > To: Trevor Coyle > Cc: rancid-discuss at shrubbery.net > Subject: Re: [rancid] Help with Rancid Netscreen > > > > >From these logs it's apparent that you either don't have CVS installed, or the user that is running rancid > > doesn't have the correct path to the cvs command. > > > > You probably need to "apt-get install cvs" (debian/ubuntu) or "yum install cvs" (redhat/fedora). > > > > Is your rancid installation working for anything or is this the first device you are using rancid for? > > > > -Arni > > > > > > On Feb 11, 2010, at 2:49 PM, Trevor Coyle wrote: > > > > > > > Hi I was wondering if you could help? > > > > I'm currently trying to backup the config for a Juniper (Netscreen SSG-550) and the log file is coming out with > > > > starting: Thu Feb 11 12:51:48 GMT 2010 > > > > /usr/local/rancid/bin/control_rancid: line 234: cvs: command not found > > /usr/local/rancid/bin/control_rancid: line 235: cvs: command not found > > Added file_name > > > > /usr/local/rancid/bin/control_rancid: line 260: cvs: command not found > > > > > > Trying to get all of the configs. > > ===================================== > > Getting missed routers: round 1. > > ===================================== > > Getting missed routers: round 2. > > ===================================== > > Getting missed routers: round 3. > > ===================================== > > Getting missed routers: round 4. > > > > /usr/local/rancid/bin/control_rancid: line 372: cvs: command not found > > /usr/local/rancid/bin/control_rancid: line 384: cvs: command not found > > > > ending: Thu Feb 11 12:51:50 GMT 2010 > > > > The File output in Configs is blank, the nlogin is able to login to the firewall but the nrancid doesn't seem to be outputting the config > > > > > > Can you please Help > > > > Thank You, > > Trevor > > > Registered in Ireland No. 321280, VAT Reg. No. IE 63412800 > Registered Address. 1 Parkway House, Western Parkway Business Park, Ballymount, Dublin 12 > Directors - S.MacNicholas, P.Ledwidge, C.OColmain, J.Byrne > > > > > > > Arni Birgisson > Network Engineer > FATTOC Iceland > Adalstraeti 6 > 101 Reykjavik > Iceland > > > > > Registered in Ireland No. 321280, VAT Reg. No. IE 63412800 > Registered Address. 1 Parkway House, Western Parkway Business Park, Ballymount, Dublin 12 > Directors - S.MacNicholas, P.Ledwidge, C.OColmain, J.Byrne > > > > > > Arni Birgisson > Network Engineer > FATTOC Iceland > Adalstraeti 6 > 101 Reykjavik > Iceland > > > > > Registered in Ireland No. 321280, VAT Reg. No. IE 63412800 > Registered Address. 1 Parkway House, Western Parkway Business Park, > Ballymount, Dublin 12 > Directors - S.MacNicholas, P.Ledwidge, C.OColmain, J.Byrne > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss Registered in Ireland No. 321280, VAT Reg. No. IE 63412800 Registered Address. 1 Parkway House, Western Parkway Business Park, Ballymount, Dublin 12 Directors - S.MacNicholas, P.Ledwidge, C.OColmain, J.Byrne From denyipanyany at gmail.com Fri Feb 12 14:19:33 2010 From: denyipanyany at gmail.com (Deny IP Any Any) Date: Fri, 12 Feb 2010 09:19:33 -0500 Subject: [rancid] Re: ciscowlc In-Reply-To: <20100212040303.GY24808@shrubbery.net> References: <80141B741E494D36A1F25E464C29D2FE@DavidPC> <4B743C16.3050100@aol.com> <5DC4853C6CC3EE4788779E0726E034DD0F91D3@zy-ex1.zyedge.local> <20100212025024.GW24808@shrubbery.net> <5DC4853C6CC3EE4788779E0726E034DD0FA282@zy-ex1.zyedge.local> <20100212040303.GY24808@shrubbery.net> Message-ID: On Thu, Feb 11, 2010 at 11:03 PM, john heasley wrote: > Fri, Feb 12, 2010 at 02:54:45AM +0000, Ryan West: >> >> I'm using it on 5.2.193 and 4.2.207, primarily on 4402's and a couple of 2100's. ?I made some minor changes to the original WLC script to support version 5, but I'm sure someone who actually programs could get it into a single script. >> > i might be able to merge them, but it'd be easier if someone who actually > has the devices did that - and someone else verified that it works. I've got a AIR-WLC4402-25-K9 running 4.2.207.0 that I'd be happy to test code against. -- deny ip any any (4393649193 matches) From heas at shrubbery.net Fri Feb 12 17:02:20 2010 From: heas at shrubbery.net (john heasley) Date: Fri, 12 Feb 2010 09:02:20 -0800 Subject: [rancid] Re: Help with Rancid Netscreen In-Reply-To: References: <5A8F72DE-D118-48DF-952F-256D92C462C6@fattoc.com>

<20100211210956.GC18447@shrubbery.net> Message-ID: <20100212170220.GD23165@shrubbery.net> Fri, Feb 12, 2010 at 09:07:13AM -0000, Trevor Coyle: > Rancid has been running for the last few years backing up cisco's > > I edited the GROUPS in the rancid.conf to include the new netscreen > group check the PATH variable in rancid.conf. ensure that the syntax is correct and the location of cvs is included. > Then I ran rancid-cvs > > Test the nlogin to see if it could login under the Rancid user which it > could get into the firewall > > I Ran Rancid-run and I get that error my first mail in the logs > > NOTE: I had to change some things in the bin/nrancid to get it to run, I > was getting missing curly bracket errors so I added them in to the > correct place and the errors stopped that was fixed and is definitely in the current version. > Crontab - > > # rancid > 01 0 * * * rancid /usr/local/rancid/bin/rancid-run > > Thank You for your help, > Trevor > > -----Original Message----- > From: john heasley [mailto:heas at shrubbery.net] > Sent: 11 February 2010 21:10 > To: Trevor Coyle > Cc: ?rni Birgisson; rancid-discuss at shrubbery.net > Subject: Re: [rancid] Re: Help with Rancid Netscreen > > Thu, Feb 11, 2010 at 04:31:12PM -0000, Trevor Coyle: > > Arni, > > > > > > > > It's a run as atask with crontab > > > > Its running as user rancid the same as the cisco devices > > > > Its one instance for the routers and firewalls > > if its one cron job, its truely bizarre. > > you must be affecting the path environment variable somehow between > running > one group and the next. > > your cronjob should be similar to > > /bin/rancid-run > > no more is required. > > > > > > Tks, > > > > Trevor > > > > > > > > ________________________________ > > > > From: ?rni Birgisson [mailto:ABirgisson at fattoc.com] > > Sent: 11 February 2010 16:26 > > To: Trevor Coyle > > Cc: rancid-discuss at shrubbery.net > > Subject: Re: [rancid] Help with Rancid Netscreen > > > > > > > > If rancid is working correctly for other devices then your version > control system works. > > > > > > > > Are you running the commands manually to get this error? > > > > Is it possible that rancid normally runs as some user (ie. "rancid") > but you are running it as a different user (root) ? > > > > Is it one instance of rancid doing everything or a seperate > instance/config for the firewalls? > > > > > > > > - Arni > > > > > > > > On Feb 11, 2010, at 4:22 PM, Trevor Coyle wrote: > > > > > > > > > > > > Thank you for the reply, > > > > > > > > Rancid is working for all Cisco Devices but the Netscreen Firewall is > having the problem, I have created a new group for Juniper and it can > login into the Firewall OK but doesn't seem to be taking the config > down, would you say I need to install CVS in this case? > > > > > > > > Trevor > > > > > > > > ________________________________ > > > > From: ?rni Birgisson [mailto:abirgisson at fattoc.com] > > Sent: 11 February 2010 16:17 > > To: Trevor Coyle > > Cc: rancid-discuss at shrubbery.net > > Subject: Re: [rancid] Help with Rancid Netscreen > > > > > > > > >From these logs it's apparent that you either don't have CVS > installed, or the user that is running rancid > > > > doesn't have the correct path to the cvs command. > > > > > > > > You probably need to "apt-get install cvs" (debian/ubuntu) or "yum > install cvs" (redhat/fedora). > > > > > > > > Is your rancid installation working for anything or is this the first > device you are using rancid for? > > > > > > > > -Arni > > > > > > > > > > > > On Feb 11, 2010, at 2:49 PM, Trevor Coyle wrote: > > > > > > > > > > > > > > Hi I was wondering if you could help? > > > > > > > > I'm currently trying to backup the config for a Juniper (Netscreen > SSG-550) and the log file is coming out with > > > > > > > > starting: Thu Feb 11 12:51:48 GMT 2010 > > > > > > > > /usr/local/rancid/bin/control_rancid: line 234: cvs: command not found > > > > /usr/local/rancid/bin/control_rancid: line 235: cvs: command not found > > > > Added file_name > > > > > > > > /usr/local/rancid/bin/control_rancid: line 260: cvs: command not found > > > > > > > > > > > > Trying to get all of the configs. > > > > ===================================== > > > > Getting missed routers: round 1. > > > > ===================================== > > > > Getting missed routers: round 2. > > > > ===================================== > > > > Getting missed routers: round 3. > > > > ===================================== > > > > Getting missed routers: round 4. > > > > > > > > /usr/local/rancid/bin/control_rancid: line 372: cvs: command not found > > > > /usr/local/rancid/bin/control_rancid: line 384: cvs: command not found > > > > > > > > ending: Thu Feb 11 12:51:50 GMT 2010 > > > > > > > > The File output in Configs is blank, the nlogin is able to login to > the firewall but the nrancid doesn't seem to be outputting the config > > > > > > > > > > > > Can you please Help > > > > > > > > Thank You, > > > > Trevor > > > > > > Registered in Ireland No. 321280, VAT Reg. No. IE 63412800 > > Registered Address. 1 Parkway House, Western Parkway Business Park, > Ballymount, Dublin 12 > > Directors - S.MacNicholas, P.Ledwidge, C.OColmain, J.Byrne > > > > > > > > > > > > > > Arni Birgisson > > Network Engineer > > FATTOC Iceland > > Adalstraeti 6 > > 101 Reykjavik > > Iceland > > > > > > > > > > Registered in Ireland No. 321280, VAT Reg. No. IE 63412800 > > Registered Address. 1 Parkway House, Western Parkway Business Park, > Ballymount, Dublin 12 > > Directors - S.MacNicholas, P.Ledwidge, C.OColmain, J.Byrne > > > > > > > > > > > > Arni Birgisson > > Network Engineer > > FATTOC Iceland > > Adalstraeti 6 > > 101 Reykjavik > > Iceland > > > > > > > > > > Registered in Ireland No. 321280, VAT Reg. No. IE 63412800 > > Registered Address. 1 Parkway House, Western Parkway Business Park, > > Ballymount, Dublin 12 > > Directors - S.MacNicholas, P.Ledwidge, C.OColmain, J.Byrne > > > _______________________________________________ > > Rancid-discuss mailing list > > Rancid-discuss at shrubbery.net > > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > Registered in Ireland No. 321280, VAT Reg. No. IE 63412800 > Registered Address. 1 Parkway House, Western Parkway Business Park, > Ballymount, Dublin 12 > Directors - S.MacNicholas, P.Ledwidge, C.OColmain, J.Byrne From david.mantock at gmx.ch Mon Feb 15 18:49:25 2010 From: david.mantock at gmx.ch (David Mantock) Date: Mon, 15 Feb 2010 19:49:25 +0100 Subject: [rancid] Re: ciscowlc In-Reply-To: <20100212040303.GY24808@shrubbery.net> References: <80141B741E494D36A1F25E464C29D2FE@DavidPC><4B743C16.3050100@aol.com><5DC4853C6CC3EE4788779E0726E034DD0F91D3@zy-ex1.zyedge.local><20100212025024.GW24808@shrubbery.net><5DC4853C6CC3EE4788779E0726E034DD0FA282@zy-ex1.zyedge.local> <20100212040303.GY24808@shrubbery.net> Message-ID: Hi There, I would be happy to do some/testing checking. So whoever has some working code please send it to me and I would happily get testing. Thanks, David -------------------------------------------------- From: "john heasley" Sent: Friday, February 12, 2010 5:03 AM To: "Ryan West" Cc: Subject: [rancid] Re: ciscowlc > Fri, Feb 12, 2010 at 02:54:45AM +0000, Ryan West: >> John, >> >> > -----Original Message----- >> > From: john heasley [mailto:heas at shrubbery.net] >> > Sent: Thursday, February 11, 2010 9:50 PM >> > To: Ryan West >> > Cc: Thomas Donnelly; Rancid-discuss at shrubbery.net >> > Subject: Re: [rancid] Re: ciscowlc >> > >> > Thu, Feb 11, 2010 at 05:33:16PM +0000, Ryan West: >> > > These have been posted a few times. Check out the archives on >> > shrubbery, you should be able to find ones that work with WLC4 and >> > WLC5. >> > >> > who is using this successfully? >> > >> >> I'm using it on 5.2.193 and 4.2.207, primarily on 4402's and a couple of >> 2100's. I made some minor changes to the original WLC script to support >> version 5, but I'm sure someone who actually programs could get it into a >> single script. >> > i might be able to merge them, but it'd be easier if someone who actually > has the devices did that - and someone else verified that it works. > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss From Jeremy_Keys at memorial.org Mon Feb 15 20:27:50 2010 From: Jeremy_Keys at memorial.org (Keys, Jeremy) Date: Mon, 15 Feb 2010 13:27:50 -0700 Subject: [rancid] (no subject) Message-ID: I've been searching the archives for a complete how-to on getting a successful backup on a Cisco WLC (we're using a 5508) using Rancid. Has anyone had any luck? I've found bits and pieces in different emails but nothing complete. Thanks in advance, Jeremy This message and accompanying documents are covered by the Electronic Communications Privacy Act 18 U.S.C. "Sections 2510-2521," and contain information intended for the specified individual(s) only. This information is confidential. If you are not the intended recipient or an agent responsible for delivering it to the intended recipient, you are hereby notified that you have received this document in error and that any review, dissemination, copying, or the taking of any action based on the contents of this information is strictly prohibited. If you have received this communication in error, please notify us immediately by e-mail, and delete the original message. -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20100215/ac02869c/attachment.html From Jeremy_Keys at memorial.org Mon Feb 15 20:28:14 2010 From: Jeremy_Keys at memorial.org (Keys, Jeremy) Date: Mon, 15 Feb 2010 13:28:14 -0700 Subject: [rancid] Cisco WLC Backups Message-ID: I've been searching the archives for a complete how-to on getting a successful backup on a Cisco WLC (we're using a 5508) using Rancid. Has anyone had any luck? I've found bits and pieces in different emails but nothing complete. Thanks in advance, Jeremy This message and accompanying documents are covered by the Electronic Communications Privacy Act 18 U.S.C. "Sections 2510-2521," and contain information intended for the specified individual(s) only. This information is confidential. If you are not the intended recipient or an agent responsible for delivering it to the intended recipient, you are hereby notified that you have received this document in error and that any review, dissemination, copying, or the taking of any action based on the contents of this information is strictly prohibited. If you have received this communication in error, please notify us immediately by e-mail, and delete the original message. -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20100215/ccc77bab/attachment.html From rwest at zyedge.com Tue Feb 16 16:04:17 2010 From: rwest at zyedge.com (Ryan West) Date: Tue, 16 Feb 2010 16:04:17 +0000 Subject: [rancid] Re: Cisco WLC Backups In-Reply-To: References: Message-ID: <5DC4853C6CC3EE4788779E0726E034DD10760E@zy-ex1.zyedge.local> Jeremy, This is what I use with some slight modifications that the original author had in place. I think the command file could be combined into a single file for wlc 4's and 5's, but changing 'show run-config' to 'show run'. Just call from each in rancid-fe. -ryan From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Keys, Jeremy Sent: Monday, February 15, 2010 3:28 PM To: rancid-discuss at shrubbery.net Subject: [rancid] Cisco WLC Backups I've been searching the archives for a complete how-to on getting a successful backup on a Cisco WLC (we're using a 5508) using Rancid. Has anyone had any luck? I've found bits and pieces in different emails but nothing complete. Thanks in advance, Jeremy This message and accompanying documents are covered by the Electronic Communications Privacy Act 18 U.S.C. "Sections 2510-2521," and contain information intended for the specified individual(s) only. This information is confidential. If you are not the intended recipient or an agent responsible for delivering it to the intended recipient, you are hereby notified that you have received this document in error and that any review, dissemination, copying, or the taking of any action based on the contents of this information is strictly prohibited. If you have received this communication in error, please notify us immediately by e-mail, and delete the original message. -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20100216/b7f8eced/attachment.html -------------- next part -------------- A non-text attachment was scrubbed... Name: ciscowlc Type: application/octet-stream Size: 9397 bytes Desc: ciscowlc Url : http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20100216/b7f8eced/attachment.obj -------------- next part -------------- A non-text attachment was scrubbed... Name: ciscowlc5 Type: application/octet-stream Size: 9402 bytes Desc: ciscowlc5 Url : http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20100216/b7f8eced/attachment-0001.obj -------------- next part -------------- A non-text attachment was scrubbed... Name: wlogin Type: application/octet-stream Size: 24354 bytes Desc: wlogin Url : http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20100216/b7f8eced/attachment-0002.obj From jmkeller at houseofzen.org Tue Feb 16 16:05:33 2010 From: jmkeller at houseofzen.org (James M Keller) Date: Tue, 16 Feb 2010 11:05:33 -0500 Subject: [rancid] Cisco WAE (WAAS) units Message-ID: <4B7AC24D.5040305@houseofzen.org> I know there was some discussion in the archives about getting these working (even basic show run, writer term, etc). The problem is in rancid:WriteTerm sub, there is a block to compress '!' lines to a singe line, which ends up dropping the "! End of WAAS configuration" marker line and leaving the singe '!'. At least in the 4.x WAAS code, there are two '!' lines and then the '! End of WAAS configuration" line. The fix is to add an end of config check above this comment line compression function: # Cisco WAAS WAE units prefix End of command line with '!' # Neet to check for end of config here before skipping comments if (/^! End of WAAS configuration/) { $found_end = 1; return(0); } # skip consecutive comment lines to avoid oscillating extra comment # line on some access servers. grrr. if (/^!/) { next if ($comment); ProcessHistory("","","",$_); $comment++; next; } I haven't looked at the current code, this was against Debian lenny's version. -- --- James M Keller -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20100216/e60e402d/attachment.html From jmkeller at houseofzen.org Tue Feb 16 20:50:37 2010 From: jmkeller at houseofzen.org (James M Keller) Date: Tue, 16 Feb 2010 15:50:37 -0500 Subject: [rancid] Re: Cisco WAE (WAAS) units In-Reply-To: <4B7AC24D.5040305@houseofzen.org> References: <4B7AC24D.5040305@houseofzen.org> Message-ID: <4B7B051D.7050801@houseofzen.org> On 2/16/2010 11:05 AM, James M Keller wrote: > I know there was some discussion in the archives about getting these > working (even basic show run, writer term, etc). > > The problem is in rancid:WriteTerm sub, there is a block to compress > '!' lines to a singe line, which ends up dropping the "! End of WAAS > configuration" marker line and leaving the singe '!'. At least in > the 4.x WAAS code, there are two '!' lines and then the '! End of WAAS > configuration" line. > > The fix is to add an end of config check above this comment line > compression function: > > # Cisco WAAS WAE units prefix End of command line with '!' > > # Neet to check for end of config here before skipping comments > > if (/^! End of WAAS configuration/) { > > $found_end = 1; > > return(0); > > } > > # skip consecutive comment lines to avoid oscillating extra > comment > > # line on some access servers. grrr. > > if (/^!/) { > > next if ($comment); > > ProcessHistory("","","",$_); > > $comment++; > > next; > > } > > > I haven't looked at the current code, this was against Debian lenny's > version. > > -- > --- > James M Keller > It looks like lenny is 2.3.2 code (listed as current on shrubbery.net), so I can do diff's when I'm down adding int WAE support to the main rancid script. Central manager configs are retrievable from CLI. At best you could script the command to dump the database to XML on the CM file system and then try more dbfile.xml to terminal. But the admin guide notes it's resource intensive to do the export. At least I'm able to grab the acceleration-engine configs and also grab WAAS specific info as comment entries. I'm likely going to have to tweak some of it to parse out updating data like session counters, so not ready to dump a diff yet. Also added WCCP info as comments for both the WAEs and Cisco IOS, as our shop is using the WCCP rather then in-line for these. If show ip wccp returns not eabled or invalid, etc it skips it like any other invalid command for a platform. -- --- James M Keller -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20100216/5420d3ea/attachment.html From heas at shrubbery.net Wed Feb 17 00:41:25 2010 From: heas at shrubbery.net (john heasley) Date: Tue, 16 Feb 2010 16:41:25 -0800 Subject: [rancid] Re: Cisco WAE (WAAS) units In-Reply-To: <4B7B051D.7050801@houseofzen.org> References: <4B7AC24D.5040305@houseofzen.org> <4B7B051D.7050801@houseofzen.org> Message-ID: <20100217004125.GC21889@shrubbery.net> Tue, Feb 16, 2010 at 03:50:37PM -0500, James M Keller: > On 2/16/2010 11:05 AM, James M Keller wrote: >> I know there was some discussion in the archives about getting these >> working (even basic show run, writer term, etc). >> >> The problem is in rancid:WriteTerm sub, there is a block to compress >> '!' lines to a singe line, which ends up dropping the "! End of WAAS >> configuration" marker line and leaving the singe '!'. At least in >> the 4.x WAAS code, there are two '!' lines and then the '! End of WAAS >> configuration" line. >> >> The fix is to add an end of config check above this comment line >> compression function: >> >> # Cisco WAAS WAE units prefix End of command line with '!' >> >> # Neet to check for end of config here before skipping comments >> >> if (/^! End of WAAS configuration/) { >> >> $found_end = 1; >> >> return(0); >> >> } >> >> # skip consecutive comment lines to avoid oscillating extra >> comment >> >> # line on some access servers. grrr. >> >> if (/^!/) { how about if (/^!\s*$/) { >> >> next if ($comment); >> >> ProcessHistory("","","",$_); >> >> $comment++; >> >> next; >> >> } >> >> >> I haven't looked at the current code, this was against Debian lenny's >> version. >> >> -- >> --- >> James M Keller >> > > It looks like lenny is 2.3.2 code (listed as current on shrubbery.net), > so I can do diff's when I'm down adding int WAE support to the main > rancid script. Central manager configs are retrievable from CLI. At > best you could script the command to dump the database to XML on the CM > file system and then try more dbfile.xml to terminal. But the admin > guide notes it's resource intensive to do the export. At least I'm able > to grab the acceleration-engine configs and also grab WAAS specific info > as comment entries. I'm likely going to have to tweak some of it to > parse out updating data like session counters, so not ready to dump a > diff yet. Also added WCCP info as comments for both the WAEs and Cisco > IOS, as our shop is using the WCCP rather then in-line for these. If > show ip wccp returns not eabled or invalid, etc it skips it like any > other invalid command for a platform. if i understand this; i'd create a separate rancid script for this thing. From dale.shaw+rancid-discuss at gmail.com Wed Feb 17 00:47:56 2010 From: dale.shaw+rancid-discuss at gmail.com (Dale Shaw) Date: Wed, 17 Feb 2010 11:47:56 +1100 Subject: [rancid] Re: Cisco WAE (WAAS) units In-Reply-To: <20100217004125.GC21889@shrubbery.net> References: <4B7AC24D.5040305@houseofzen.org> <4B7B051D.7050801@houseofzen.org> <20100217004125.GC21889@shrubbery.net> Message-ID: <3329cbb41002161647t3b262691sc35f14496f9a86fd@mail.gmail.com> Hi, On Wed, Feb 17, 2010 at 11:41 AM, john heasley wrote: > how about > if (/^!\s*$/) { My regexp-foo is poor but if that translates to 'collapse all lines containing "!" only into a single "!"; leave lines starting with "!" followed by alone", that sounds like the best (most elegant) solution to me. Cheers, Dale From david.mantock at gmx.ch Wed Feb 17 12:48:37 2010 From: david.mantock at gmx.ch (David Mantock) Date: Wed, 17 Feb 2010 13:48:37 +0100 Subject: [rancid] Cisco WLC Message-ID: <20100217124837.307140@gmx.net> Hello All, I have seen on this board scripts to backup cisco WLC devices. What is the suggested procedure to include: wlogin and ciscowlc scripts in standard rancid. Do you have to update the normal rancid script to call these? How do you configure router.db file e.g mydevice:ciscowlc:up Any inputs are much appreciated. As Jeremy suggested it would be nice if there was a little Howto as some people already have this working. Thanks and best regards, David -- Sicherer, schneller und einfacher. Die aktuellen Internet-Browser - jetzt kostenlos herunterladen! http://portal.gmx.net/de/go/atbrowser From Trevor.Coyle at interfusion.ie Wed Feb 17 13:59:01 2010 From: Trevor.Coyle at interfusion.ie (Trevor Coyle) Date: Wed, 17 Feb 2010 13:59:01 -0000 Subject: [rancid] Re: Help with Rancid Netscreen In-Reply-To: <20100212170220.GD23165@shrubbery.net> References: <5A8F72DE-D118-48DF-952F-256D92C462C6@fattoc.com>

<20100211210956.GC18447@shrubbery.net> <20100212170220.GD23165@shrubbery.net> Message-ID: The PATH is PATH=/usr/local/rancid/bin:/usr/bin:/usr/sbin:.:/bin:/usr/kerberos/bin:/ usr/local/bin:/usr/bin; export PATH CVSROOT=$BASEDIR/CVS; export CVSROOT -----Original Message----- From: john heasley [mailto:heas at shrubbery.net] Sent: 12 February 2010 17:02 To: Trevor Coyle Cc: john heasley; ?rni Birgisson; rancid-discuss at shrubbery.net Subject: Re: [rancid] Re: Help with Rancid Netscreen Fri, Feb 12, 2010 at 09:07:13AM -0000, Trevor Coyle: > Rancid has been running for the last few years backing up cisco's > > I edited the GROUPS in the rancid.conf to include the new netscreen > group check the PATH variable in rancid.conf. ensure that the syntax is correct and the location of cvs is included. > Then I ran rancid-cvs > > Test the nlogin to see if it could login under the Rancid user which it > could get into the firewall > > I Ran Rancid-run and I get that error my first mail in the logs > > NOTE: I had to change some things in the bin/nrancid to get it to run, I > was getting missing curly bracket errors so I added them in to the > correct place and the errors stopped that was fixed and is definitely in the current version. > Crontab - > > # rancid > 01 0 * * * rancid /usr/local/rancid/bin/rancid-run > > Thank You for your help, > Trevor > > -----Original Message----- > From: john heasley [mailto:heas at shrubbery.net] > Sent: 11 February 2010 21:10 > To: Trevor Coyle > Cc: ?rni Birgisson; rancid-discuss at shrubbery.net > Subject: Re: [rancid] Re: Help with Rancid Netscreen > > Thu, Feb 11, 2010 at 04:31:12PM -0000, Trevor Coyle: > > Arni, > > > > > > > > It's a run as atask with crontab > > > > Its running as user rancid the same as the cisco devices > > > > Its one instance for the routers and firewalls > > if its one cron job, its truely bizarre. > > you must be affecting the path environment variable somehow between > running > one group and the next. > > your cronjob should be similar to > > /bin/rancid-run > > no more is required. > > > > > > Tks, > > > > Trevor > > > > > > > > ________________________________ > > > > From: ?rni Birgisson [mailto:ABirgisson at fattoc.com] > > Sent: 11 February 2010 16:26 > > To: Trevor Coyle > > Cc: rancid-discuss at shrubbery.net > > Subject: Re: [rancid] Help with Rancid Netscreen > > > > > > > > If rancid is working correctly for other devices then your version > control system works. > > > > > > > > Are you running the commands manually to get this error? > > > > Is it possible that rancid normally runs as some user (ie. "rancid") > but you are running it as a different user (root) ? > > > > Is it one instance of rancid doing everything or a seperate > instance/config for the firewalls? > > > > > > > > - Arni > > > > > > > > On Feb 11, 2010, at 4:22 PM, Trevor Coyle wrote: > > > > > > > > > > > > Thank you for the reply, > > > > > > > > Rancid is working for all Cisco Devices but the Netscreen Firewall is > having the problem, I have created a new group for Juniper and it can > login into the Firewall OK but doesn't seem to be taking the config > down, would you say I need to install CVS in this case? > > > > > > > > Trevor > > > > > > > > ________________________________ > > > > From: ?rni Birgisson [mailto:abirgisson at fattoc.com] > > Sent: 11 February 2010 16:17 > > To: Trevor Coyle > > Cc: rancid-discuss at shrubbery.net > > Subject: Re: [rancid] Help with Rancid Netscreen > > > > > > > > >From these logs it's apparent that you either don't have CVS > installed, or the user that is running rancid > > > > doesn't have the correct path to the cvs command. > > > > > > > > You probably need to "apt-get install cvs" (debian/ubuntu) or "yum > install cvs" (redhat/fedora). > > > > > > > > Is your rancid installation working for anything or is this the first > device you are using rancid for? > > > > > > > > -Arni > > > > > > > > > > > > On Feb 11, 2010, at 2:49 PM, Trevor Coyle wrote: > > > > > > > > > > > > > > Hi I was wondering if you could help? > > > > > > > > I'm currently trying to backup the config for a Juniper (Netscreen > SSG-550) and the log file is coming out with > > > > > > > > starting: Thu Feb 11 12:51:48 GMT 2010 > > > > > > > > /usr/local/rancid/bin/control_rancid: line 234: cvs: command not found > > > > /usr/local/rancid/bin/control_rancid: line 235: cvs: command not found > > > > Added file_name > > > > > > > > /usr/local/rancid/bin/control_rancid: line 260: cvs: command not found > > > > > > > > > > > > Trying to get all of the configs. > > > > ===================================== > > > > Getting missed routers: round 1. > > > > ===================================== > > > > Getting missed routers: round 2. > > > > ===================================== > > > > Getting missed routers: round 3. > > > > ===================================== > > > > Getting missed routers: round 4. > > > > > > > > /usr/local/rancid/bin/control_rancid: line 372: cvs: command not found > > > > /usr/local/rancid/bin/control_rancid: line 384: cvs: command not found > > > > > > > > ending: Thu Feb 11 12:51:50 GMT 2010 > > > > > > > > The File output in Configs is blank, the nlogin is able to login to > the firewall but the nrancid doesn't seem to be outputting the config > > > > > > > > > > > > Can you please Help > > > > > > > > Thank You, > > > > Trevor > > > > > > Registered in Ireland No. 321280, VAT Reg. No. IE 63412800 > > Registered Address. 1 Parkway House, Western Parkway Business Park, > Ballymount, Dublin 12 > > Directors - S.MacNicholas, P.Ledwidge, C.OColmain, J.Byrne > > > > > > > > > > > > > > Arni Birgisson > > Network Engineer > > FATTOC Iceland > > Adalstraeti 6 > > 101 Reykjavik > > Iceland > > > > > > > > > > Registered in Ireland No. 321280, VAT Reg. No. IE 63412800 > > Registered Address. 1 Parkway House, Western Parkway Business Park, > Ballymount, Dublin 12 > > Directors - S.MacNicholas, P.Ledwidge, C.OColmain, J.Byrne > > > > > > > > > > > > Arni Birgisson > > Network Engineer > > FATTOC Iceland > > Adalstraeti 6 > > 101 Reykjavik > > Iceland > > > > > > > > > > Registered in Ireland No. 321280, VAT Reg. No. IE 63412800 > > Registered Address. 1 Parkway House, Western Parkway Business Park, > > Ballymount, Dublin 12 > > Directors - S.MacNicholas, P.Ledwidge, C.OColmain, J.Byrne > > > _______________________________________________ > > Rancid-discuss mailing list > > Rancid-discuss at shrubbery.net > > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > Registered in Ireland No. 321280, VAT Reg. No. IE 63412800 > Registered Address. 1 Parkway House, Western Parkway Business Park, > Ballymount, Dublin 12 > Directors - S.MacNicholas, P.Ledwidge, C.OColmain, J.Byrne Registered in Ireland No. 321280, VAT Reg. No. IE 63412800 Registered Address. 1 Parkway House, Western Parkway Business Park, Ballymount, Dublin 12 Directors - S.MacNicholas, P.Ledwidge, C.OColmain, J.Byrne From david.mantock at gmx.ch Wed Feb 17 14:00:11 2010 From: david.mantock at gmx.ch (David Mantock) Date: Wed, 17 Feb 2010 15:00:11 +0100 Subject: [rancid] Re: Cisco WLC In-Reply-To: <20100217124837.307140@gmx.net> References: <20100217124837.307140@gmx.net> Message-ID: <20100217140011.318840@gmx.net> OK here is the howto: Update rancid-fe: # diff rancid-fe rancid-fe.20100217 61d60 < 'ciscowlc' => 'ciscowlc5', Add the scripts wlogin and ciscowlc5 to the rancid bin directory. Make sure they are executable. Update the router.db file :ciscowlc:up Test ciscowlc5 -d This works for me now. Thanks to Ryan for the scripts. Regards, David -------- Original-Nachricht -------- > Datum: Wed, 17 Feb 2010 13:48:37 +0100 > Von: "David Mantock" > An: Rancid-discuss at shrubbery.net > CC: Jeremy_Keys at memorial.org > Betreff: [rancid] Cisco WLC > Hello All, > > I have seen on this board scripts to backup cisco WLC devices. What is the > suggested procedure to include: > > wlogin and ciscowlc scripts in standard rancid. > > Do you have to update the normal rancid script to call these? > > How do you configure router.db file e.g > > mydevice:ciscowlc:up > > Any inputs are much appreciated. > > As Jeremy suggested it would be nice if there was a little Howto as some > people already have this working. > > Thanks and best regards, > David > > > -- > Sicherer, schneller und einfacher. Die aktuellen Internet-Browser - > jetzt kostenlos herunterladen! http://portal.gmx.net/de/go/atbrowser > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss -- Sicherer, schneller und einfacher. Die aktuellen Internet-Browser - jetzt kostenlos herunterladen! http://portal.gmx.net/de/go/chbrowser From rwest at zyedge.com Wed Feb 17 14:21:39 2010 From: rwest at zyedge.com (Ryan West) Date: Wed, 17 Feb 2010 14:21:39 +0000 Subject: [rancid] Re: Cisco WLC In-Reply-To: <20100217124837.307140@gmx.net> References: <20100217124837.307140@gmx.net> Message-ID: <5DC4853C6CC3EE4788779E0726E034DD10A312@zy-ex1.zyedge.local> David, > -----Original Message----- > From: David Mantock [mailto:david.mantock at gmx.ch] > Sent: Wednesday, February 17, 2010 7:49 AM > Subject: Cisco WLC > > Hello All, > > I have seen on this board scripts to backup cisco WLC devices. What is > the suggested procedure to include: > > wlogin and ciscowlc scripts in standard rancid. > > Do you have to update the normal rancid script to call these? > > How do you configure router.db file e.g > > mydevice:ciscowlc:up Yup, unless it's a version 5, in which case it would be ciscowlc5. The only difference is that 'show running-config' (version 4) has been moved to 'show run-config commands' in version 5. Pretty sure with basic version check, the proper command file could be parsed. > > Any inputs are much appreciated. > > As Jeremy suggested it would be nice if there was a little Howto as > some people already have this working. > Place wlogin, ciscowlc, and ciscowlc5 in your bin directory of the RANCID install. Then add the following two lines to your $PREFIX/bin/rancid-fe file: 'cisco-wlc' => 'ciscowlc', 'cisco-wlc5' => 'ciscowlc5', That should be it. -ryan From smunzani at comcast.net Wed Feb 17 14:38:41 2010 From: smunzani at comcast.net (Sam Munzani) Date: Wed, 17 Feb 2010 08:38:41 -0600 Subject: [rancid] Re: Cisco WLC In-Reply-To: <5DC4853C6CC3EE4788779E0726E034DD10A312@zy-ex1.zyedge.local> References: <20100217124837.307140@gmx.net> <5DC4853C6CC3EE4788779E0726E034DD10A312@zy-ex1.zyedge.local> Message-ID: <4B7BFF71.2030108@comcast.net> Ryan West wrote: > David, > > >> -----Original Message----- >> From: David Mantock [mailto:david.mantock at gmx.ch] >> Sent: Wednesday, February 17, 2010 7:49 AM >> Subject: Cisco WLC >> >> Hello All, >> >> I have seen on this board scripts to backup cisco WLC devices. What is >> the suggested procedure to include: >> >> wlogin and ciscowlc scripts in standard rancid. >> >> Do you have to update the normal rancid script to call these? >> >> How do you configure router.db file e.g >> >> mydevice:ciscowlc:up >> > Yup, unless it's a version 5, in which case it would be ciscowlc5. The only difference is that 'show running-config' (version 4) has been moved to 'show run-config commands' in version 5. Pretty sure with basic version check, the proper command file could be parsed. > Did you check "show run" on both platforms? It should work on both since cisco allows short commands as long as its uniq. Thanks, Sam > >> Any inputs are much appreciated. >> >> As Jeremy suggested it would be nice if there was a little Howto as >> some people already have this working. >> >> > Place wlogin, ciscowlc, and ciscowlc5 in your bin directory of the RANCID install. Then add the following two lines to your $PREFIX/bin/rancid-fe file: > > 'cisco-wlc' => 'ciscowlc', > 'cisco-wlc5' => 'ciscowlc5', > > That should be it. > > -ryan > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > > From jmkeller at houseofzen.org Wed Feb 17 14:49:00 2010 From: jmkeller at houseofzen.org (James M Keller) Date: Wed, 17 Feb 2010 09:49:00 -0500 Subject: [rancid] Re: Cisco WAE (WAAS) units In-Reply-To: <20100217004125.GC21889@shrubbery.net> References: <4B7AC24D.5040305@houseofzen.org> <4B7B051D.7050801@houseofzen.org> <20100217004125.GC21889@shrubbery.net> Message-ID: <4B7C01DC.2020908@houseofzen.org> On 2/16/2010 7:41 PM, john heasley wrote: > Tue, Feb 16, 2010 at 03:50:37PM -0500, James M Keller: > >> On 2/16/2010 11:05 AM, James M Keller wrote: >> >>> I know there was some discussion in the archives about getting these >>> working (even basic show run, writer term, etc). >>> >>> The problem is in rancid:WriteTerm sub, there is a block to compress >>> '!' lines to a singe line, which ends up dropping the "! End of WAAS >>> configuration" marker line and leaving the singe '!'. At least in >>> the 4.x WAAS code, there are two '!' lines and then the '! End of WAAS >>> configuration" line. >>> >>> The fix is to add an end of config check above this comment line >>> compression function: >>> >>> # Cisco WAAS WAE units prefix End of command line with '!' >>> >>> # Neet to check for end of config here before skipping comments >>> >>> if (/^! End of WAAS configuration/) { >>> >>> $found_end = 1; >>> >>> return(0); >>> >>> } >>> >>> # skip consecutive comment lines to avoid oscillating extra >>> comment >>> >>> # line on some access servers. grrr. >>> >>> if (/^!/) { >>> > how about > if (/^!\s*$/) { > > John, probably not a bad idea. I was just leaving what was in the 2.3.2 code as is to get the WAE fetching working. The end of config check could then be put lower down in WriteTerm along with the IOS/PIX check or merged into that check line itself. >>> next if ($comment); >>> >>> ProcessHistory("","","",$_); >>> >>> $comment++; >>> >>> next; >>> >>> } >>> >>> >>> I haven't looked at the current code, this was against Debian lenny's >>> version. >>> >>> -- >>> --- >>> James M Keller >>> >>> >> It looks like lenny is 2.3.2 code (listed as current on shrubbery.net), >> so I can do diff's when I'm down adding int WAE support to the main >> rancid script. Central manager configs are retrievable from CLI. At >> best you could script the command to dump the database to XML on the CM >> file system and then try more dbfile.xml to terminal. But the admin >> guide notes it's resource intensive to do the export. At least I'm able >> to grab the acceleration-engine configs and also grab WAAS specific info >> as comment entries. I'm likely going to have to tweak some of it to >> parse out updating data like session counters, so not ready to dump a >> diff yet. Also added WCCP info as comments for both the WAEs and Cisco >> IOS, as our shop is using the WCCP rather then in-line for these. If >> show ip wccp returns not eabled or invalid, etc it skips it like any >> other invalid command for a platform. >> > if i understand this; i'd create a separate rancid script for this thing. > > At least in the 4.x code branch it is at least as IOS-ish as PIX/ASAs. I added comment captures for show ip wccp / show wccp (ios/waas) and show cms (waas), and it's not a lot of parsing. ShowCMS will return(1) if the type is set to WAAS (which gets set from updated ShowVersion to include WAAS/WAE parsing). The show wccp capture is useful for the IOS systems that have it configured, as systems can negotiate return types other then the preference set in the configuration. So it is handy to be able to track the status as "! WCCP : " entries in the rancid diffs if something changes. I've had to un-scramble a 50 site WAE deployment when someone new changed something incorrectly in the Central Manager and broke WCCP between the IOS and WAAS WAEs due to configured vs negotiated return types. With my local changes this can be tracked as to what the router/switch and WAE where working under at previous polling periods. Some folks may also be using WCCP for web-cache, I don't have any setups that use wccp for that, but the ShowWCCP sub could updated for that and a show ip wccp web-cache command added that uses it (I'm actually grabbing show ip wccp 61 and show ip wccp 62 at the moment) -- --- James M Keller From rwest at zyedge.com Wed Feb 17 14:52:51 2010 From: rwest at zyedge.com (Ryan West) Date: Wed, 17 Feb 2010 14:52:51 +0000 Subject: [rancid] Re: Cisco WLC In-Reply-To: <4B7BFF71.2030108@comcast.net> References: <20100217124837.307140@gmx.net> <5DC4853C6CC3EE4788779E0726E034DD10A312@zy-ex1.zyedge.local> <4B7BFF71.2030108@comcast.net> Message-ID: <5DC4853C6CC3EE4788779E0726E034DD10A6DC@zy-ex1.zyedge.local> Sam, > -----Original Message----- > From: Sam Munzani [mailto:smunzani at comcast.net] > Cc: David Mantock; Rancid-discuss at shrubbery.net; > Jeremy_Keys at memorial.org > Subject: Re: [rancid] Re: Cisco WLC > > > > Did you check "show run" on both platforms? It should work on both > since > cisco allows short commands as long as its uniq. > Here is the issue, version 5: (Cisco Controller) >show run Incorrect usage. Use the '?' or key to list commands. (Cisco Controller) >show run-config Press Enter to continue... System Inventory NAME: "Chassis" , DESCR: "4400 Series WLAN Controller:25 APs" This is not the configuration, but live information, including channel power, clients connected, and internal temperature information which will change often. (Cisco Controller) >show running-config Notice: "show running-config" has been changed to be an alias to "show run-config". Use "show run-config commands" to display the configuration commands. Press Enter to continue or to abort... System Inventory NAME: "Chassis" , DESCR: "4400 Series WLAN Controller:25 APs" On a version 4, wlc: (Cisco Controller) >show run-config commands System Inventory NAME: "Chassis" , DESCR: "4400 Series WLAN Controller:12 APs" (Cisco Controller) >show run-config Press Enter to continue... System Inventory NAME: "Chassis" , DESCR: "4400 Series WLAN Controller:12 APs" And here is the desired command to get the config: (Cisco Controller) >show running-config 802.11a cac voice tspec-inactivity-timeout ignore 802.11a cac voice stream-size 84000 max-streams 2 802.11b cac voice tspec-inactivity-timeout ignore (Cisco Controller) >show run Incorrect usage. Use the '?' or key to list commands. Unfortunately, like a lot of cannibalized Cisco purchases, there is not a unified CLI. -ryan From jmkeller at houseofzen.org Wed Feb 17 15:49:27 2010 From: jmkeller at houseofzen.org (James M Keller) Date: Wed, 17 Feb 2010 10:49:27 -0500 Subject: [rancid] Re: Cisco WAE (WAAS) units In-Reply-To: <4B7C01DC.2020908@houseofzen.org> References: <4B7AC24D.5040305@houseofzen.org> <4B7B051D.7050801@houseofzen.org> <20100217004125.GC21889@shrubbery.net> <4B7C01DC.2020908@houseofzen.org> Message-ID: <4B7C1007.20804@houseofzen.org> On 2/17/2010 9:49 AM, James M Keller wrote: > > At least in the 4.x code branch it is at least as IOS-ish as PIX/ASAs. > I added comment captures for show ip wccp / show wccp (ios/waas) and > show cms (waas), and it's not a lot of parsing. ShowCMS will return(1) > if the type is set to WAAS (which gets set from updated ShowVersion to > include WAAS/WAE parsing). > Slight correction to myself - ShowCMS will return(1) if type != WAAS I'll probably tweak things this week and cut a diff for anyone interested. -- --- James M Keller From heas at shrubbery.net Wed Feb 17 17:32:02 2010 From: heas at shrubbery.net (john heasley) Date: Wed, 17 Feb 2010 09:32:02 -0800 Subject: [rancid] Re: Help with Rancid Netscreen In-Reply-To: References: <5A8F72DE-D118-48DF-952F-256D92C462C6@fattoc.com>

<20100211210956.GC18447@shrubbery.net> <20100212170220.GD23165@shrubbery.net> Message-ID: <20100217173202.GF5137@shrubbery.net> Wed, Feb 17, 2010 at 01:59:01PM -0000, Trevor Coyle: > The PATH is > > PATH=/usr/local/rancid/bin:/usr/bin:/usr/sbin:.:/bin:/usr/kerberos/bin:/ > usr/local/bin:/usr/bin; export PATH is cvs in one of those directories? is that one line, and its just your MUA that wrapped it? sh rancid.conf should produce no errors. > CVSROOT=$BASEDIR/CVS; export CVSROOT > > -----Original Message----- > From: john heasley [mailto:heas at shrubbery.net] > Sent: 12 February 2010 17:02 > To: Trevor Coyle > Cc: john heasley; ?rni Birgisson; rancid-discuss at shrubbery.net > Subject: Re: [rancid] Re: Help with Rancid Netscreen > > Fri, Feb 12, 2010 at 09:07:13AM -0000, Trevor Coyle: > > Rancid has been running for the last few years backing up cisco's > > > > I edited the GROUPS in the rancid.conf to include the new netscreen > > group > > check the PATH variable in rancid.conf. ensure that the syntax is > correct and the location of cvs is included. > > > Then I ran rancid-cvs > > > > Test the nlogin to see if it could login under the Rancid user which > it > > could get into the firewall > > > > I Ran Rancid-run and I get that error my first mail in the logs > > > > NOTE: I had to change some things in the bin/nrancid to get it to run, > I > > was getting missing curly bracket errors so I added them in to the > > correct place and the errors stopped > > that was fixed and is definitely in the current version. > > > Crontab - > > > > # rancid > > 01 0 * * * rancid /usr/local/rancid/bin/rancid-run > > > > Thank You for your help, > > Trevor > > > > -----Original Message----- > > From: john heasley [mailto:heas at shrubbery.net] > > Sent: 11 February 2010 21:10 > > To: Trevor Coyle > > Cc: ?rni Birgisson; rancid-discuss at shrubbery.net > > Subject: Re: [rancid] Re: Help with Rancid Netscreen > > > > Thu, Feb 11, 2010 at 04:31:12PM -0000, Trevor Coyle: > > > Arni, > > > > > > > > > > > > It's a run as atask with crontab > > > > > > Its running as user rancid the same as the cisco devices > > > > > > Its one instance for the routers and firewalls > > > > if its one cron job, its truely bizarre. > > > > you must be affecting the path environment variable somehow between > > running > > one group and the next. > > > > your cronjob should be similar to > > > > /bin/rancid-run > > > > no more is required. > > > > > > > > > Tks, > > > > > > Trevor > > > > > > > > > > > > ________________________________ > > > > > > From: ?rni Birgisson [mailto:ABirgisson at fattoc.com] > > > Sent: 11 February 2010 16:26 > > > To: Trevor Coyle > > > Cc: rancid-discuss at shrubbery.net > > > Subject: Re: [rancid] Help with Rancid Netscreen > > > > > > > > > > > > If rancid is working correctly for other devices then your version > > control system works. > > > > > > > > > > > > Are you running the commands manually to get this error? > > > > > > Is it possible that rancid normally runs as some user (ie. "rancid") > > but you are running it as a different user (root) ? > > > > > > Is it one instance of rancid doing everything or a seperate > > instance/config for the firewalls? > > > > > > > > > > > > - Arni > > > > > > > > > > > > On Feb 11, 2010, at 4:22 PM, Trevor Coyle wrote: > > > > > > > > > > > > > > > > > > Thank you for the reply, > > > > > > > > > > > > Rancid is working for all Cisco Devices but the Netscreen Firewall > is > > having the problem, I have created a new group for Juniper and it can > > login into the Firewall OK but doesn't seem to be taking the config > > down, would you say I need to install CVS in this case? > > > > > > > > > > > > Trevor > > > > > > > > > > > > ________________________________ > > > > > > From: ?rni Birgisson [mailto:abirgisson at fattoc.com] > > > Sent: 11 February 2010 16:17 > > > To: Trevor Coyle > > > Cc: rancid-discuss at shrubbery.net > > > Subject: Re: [rancid] Help with Rancid Netscreen > > > > > > > > > > > > >From these logs it's apparent that you either don't have CVS > > installed, or the user that is running rancid > > > > > > doesn't have the correct path to the cvs command. > > > > > > > > > > > > You probably need to "apt-get install cvs" (debian/ubuntu) or "yum > > install cvs" (redhat/fedora). > > > > > > > > > > > > Is your rancid installation working for anything or is this the > first > > device you are using rancid for? > > > > > > > > > > > > -Arni > > > > > > > > > > > > > > > > > > On Feb 11, 2010, at 2:49 PM, Trevor Coyle wrote: > > > > > > > > > > > > > > > > > > > > > Hi I was wondering if you could help? > > > > > > > > > > > > I'm currently trying to backup the config for a Juniper (Netscreen > > SSG-550) and the log file is coming out with > > > > > > > > > > > > starting: Thu Feb 11 12:51:48 GMT 2010 > > > > > > > > > > > > /usr/local/rancid/bin/control_rancid: line 234: cvs: command not > found > > > > > > /usr/local/rancid/bin/control_rancid: line 235: cvs: command not > found > > > > > > Added file_name > > > > > > > > > > > > /usr/local/rancid/bin/control_rancid: line 260: cvs: command not > found > > > > > > > > > > > > > > > > > > Trying to get all of the configs. > > > > > > ===================================== > > > > > > Getting missed routers: round 1. > > > > > > ===================================== > > > > > > Getting missed routers: round 2. > > > > > > ===================================== > > > > > > Getting missed routers: round 3. > > > > > > ===================================== > > > > > > Getting missed routers: round 4. > > > > > > > > > > > > /usr/local/rancid/bin/control_rancid: line 372: cvs: command not > found > > > > > > /usr/local/rancid/bin/control_rancid: line 384: cvs: command not > found > > > > > > > > > > > > ending: Thu Feb 11 12:51:50 GMT 2010 > > > > > > > > > > > > The File output in Configs is blank, the nlogin is able to login to > > the firewall but the nrancid doesn't seem to be outputting the config > > > > > > > > > > > > > > > > > > Can you please Help > > > > > > > > > > > > Thank You, > > > > > > Trevor > > > > > > > > > Registered in Ireland No. 321280, VAT Reg. No. IE 63412800 > > > Registered Address. 1 Parkway House, Western Parkway Business Park, > > Ballymount, Dublin 12 > > > Directors - S.MacNicholas, P.Ledwidge, C.OColmain, J.Byrne > > > > > > > > > > > > > > > > > > > > > Arni Birgisson > > > Network Engineer > > > FATTOC Iceland > > > Adalstraeti 6 > > > 101 Reykjavik > > > Iceland > > > > > > > > > > > > > > > Registered in Ireland No. 321280, VAT Reg. No. IE 63412800 > > > Registered Address. 1 Parkway House, Western Parkway Business Park, > > Ballymount, Dublin 12 > > > Directors - S.MacNicholas, P.Ledwidge, C.OColmain, J.Byrne > > > > > > > > > > > > > > > > > > Arni Birgisson > > > Network Engineer > > > FATTOC Iceland > > > Adalstraeti 6 > > > 101 Reykjavik > > > Iceland > > > > > > > > > > > > > > > Registered in Ireland No. 321280, VAT Reg. No. IE 63412800 > > > Registered Address. 1 Parkway House, Western Parkway Business Park, > > > Ballymount, Dublin 12 > > > Directors - S.MacNicholas, P.Ledwidge, C.OColmain, J.Byrne > > > > > _______________________________________________ > > > Rancid-discuss mailing list > > > Rancid-discuss at shrubbery.net > > > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > > Registered in Ireland No. 321280, VAT Reg. No. IE 63412800 > > Registered Address. 1 Parkway House, Western Parkway Business Park, > > Ballymount, Dublin 12 > > Directors - S.MacNicholas, P.Ledwidge, C.OColmain, J.Byrne > Registered in Ireland No. 321280, VAT Reg. No. IE 63412800 > Registered Address. 1 Parkway House, Western Parkway Business Park, > Ballymount, Dublin 12 > Directors - S.MacNicholas, P.Ledwidge, C.OColmain, J.Byrne From smunzani at comcast.net Wed Feb 17 18:21:36 2010 From: smunzani at comcast.net (Sam Munzani) Date: Wed, 17 Feb 2010 12:21:36 -0600 Subject: [rancid] Re: Cisco WLC In-Reply-To: <5DC4853C6CC3EE4788779E0726E034DD10A6DC@zy-ex1.zyedge.local> References: <20100217124837.307140@gmx.net> <5DC4853C6CC3EE4788779E0726E034DD10A312@zy-ex1.zyedge.local> <4B7BFF71.2030108@comcast.net> <5DC4853C6CC3EE4788779E0726E034DD10A6DC@zy-ex1.zyedge.local> Message-ID: <4B7C33B0.7090105@comcast.net> One would wish cisco would have some consistency :-(... I guess there is not many options here. Thanks, sam > Sam, > > >> -----Original Message----- >> From: Sam Munzani [mailto:smunzani at comcast.net] >> Cc: David Mantock; Rancid-discuss at shrubbery.net; >> Jeremy_Keys at memorial.org >> Subject: Re: [rancid] Re: Cisco WLC >> >> >>> >> Did you check "show run" on both platforms? It should work on both >> since >> cisco allows short commands as long as its uniq. >> >> > Here is the issue, version 5: > > (Cisco Controller)>show run > > Incorrect usage. Use the '?' or key to list commands. > > (Cisco Controller)>show run-config > > Press Enter to continue... > > System Inventory > NAME: "Chassis" , DESCR: "4400 Series WLAN Controller:25 APs" > > This is not the configuration, but live information, including channel power, clients connected, and internal temperature information which will change often. > > (Cisco Controller)>show running-config > > Notice: "show running-config" has been changed to be an alias to "show run-config". > Use "show run-config commands" to display the configuration commands. > Press Enter to continue or to abort... > > System Inventory > NAME: "Chassis" , DESCR: "4400 Series WLAN Controller:25 APs" > > On a version 4, wlc: > > (Cisco Controller)>show run-config commands > System Inventory > NAME: "Chassis" , DESCR: "4400 Series WLAN Controller:12 APs" > > (Cisco Controller)>show run-config > > Press Enter to continue... > > System Inventory > NAME: "Chassis" , DESCR: "4400 Series WLAN Controller:12 APs" > > And here is the desired command to get the config: > > (Cisco Controller)>show running-config > 802.11a cac voice tspec-inactivity-timeout ignore > > 802.11a cac voice stream-size 84000 max-streams 2 > > 802.11b cac voice tspec-inactivity-timeout ignore > > (Cisco Controller)>show run > > Incorrect usage. Use the '?' or key to list commands. > > Unfortunately, like a lot of cannibalized Cisco purchases, there is not a unified CLI. > > -ryan > > > > From heas at shrubbery.net Wed Feb 17 23:30:16 2010 From: heas at shrubbery.net (john heasley) Date: Wed, 17 Feb 2010 15:30:16 -0800 Subject: [rancid] Re: Cisco WAE (WAAS) units In-Reply-To: <4B7C01DC.2020908@houseofzen.org> References: <4B7AC24D.5040305@houseofzen.org> <4B7B051D.7050801@houseofzen.org> <20100217004125.GC21889@shrubbery.net> <4B7C01DC.2020908@houseofzen.org> Message-ID: <20100217233016.GE19234@shrubbery.net> Wed, Feb 17, 2010 at 09:49:00AM -0500, James M Keller: >>> It looks like lenny is 2.3.2 code (listed as current on shrubbery.net), >>> so I can do diff's when I'm down adding int WAE support to the main >>> rancid script. Central manager configs are retrievable from CLI. At >>> best you could script the command to dump the database to XML on the CM >>> file system and then try more dbfile.xml to terminal. But the admin >>> guide notes it's resource intensive to do the export. At least I'm able >>> to grab the acceleration-engine configs and also grab WAAS specific info >>> as comment entries. I'm likely going to have to tweak some of it to >>> parse out updating data like session counters, so not ready to dump a >>> diff yet. Also added WCCP info as comments for both the WAEs and Cisco >>> IOS, as our shop is using the WCCP rather then in-line for these. If >>> show ip wccp returns not eabled or invalid, etc it skips it like any >>> other invalid command for a platform. >>> >> if i understand this; i'd create a separate rancid script for this thing. >> >> > > At least in the 4.x code branch it is at least as IOS-ish as PIX/ASAs. and, I should have made those a separate script. contain the ugly. > I added comment captures for show ip wccp / show wccp (ios/waas) and > show cms (waas), and it's not a lot of parsing. ShowCMS will return(1) > if the type is set to WAAS (which gets set from updated ShowVersion to > include WAAS/WAE parsing). > > The show wccp capture is useful for the IOS systems that have it > configured, as systems can negotiate return types other then the > preference set in the configuration. So it is handy to be able to > track the status as "! WCCP : " entries in the rancid diffs if > something changes. I've had to un-scramble a 50 site WAE deployment > when someone new changed something incorrectly in the Central Manager > and broke WCCP between the IOS and WAAS WAEs due to configured vs > negotiated return types. With my local changes this can be tracked as > to what the router/switch and WAE where working under at previous > polling periods. so, add the wccp for ios, but it still seems the WAE device should be a separate script. > Some folks may also be using WCCP for web-cache, I don't have any setups > that use wccp for that, but the ShowWCCP sub could updated for that and > a show ip wccp web-cache command added that uses it (I'm actually > grabbing show ip wccp 61 and show ip wccp 62 at the moment) > > -- > > --- > James M Keller From heas at shrubbery.net Thu Feb 18 00:24:11 2010 From: heas at shrubbery.net (john heasley) Date: Wed, 17 Feb 2010 16:24:11 -0800 Subject: [rancid] Re: Cisco WLC In-Reply-To: <5DC4853C6CC3EE4788779E0726E034DD10A312@zy-ex1.zyedge.local> References: <20100217124837.307140@gmx.net> <5DC4853C6CC3EE4788779E0726E034DD10A312@zy-ex1.zyedge.local> Message-ID: <20100218002411.GM19234@shrubbery.net> Wed, Feb 17, 2010 at 02:21:39PM +0000, Ryan West: > David, > > > -----Original Message----- > > From: David Mantock [mailto:david.mantock at gmx.ch] > > Sent: Wednesday, February 17, 2010 7:49 AM > > Subject: Cisco WLC > > > > Hello All, > > > > I have seen on this board scripts to backup cisco WLC devices. What is > > the suggested procedure to include: > > > > wlogin and ciscowlc scripts in standard rancid. > > > > Do you have to update the normal rancid script to call these? > > > > How do you configure router.db file e.g > > > > mydevice:ciscowlc:up > > Yup, unless it's a version 5, in which case it would be ciscowlc5. The only difference is that 'show running-config' (version 4) has been moved to 'show run-config commands' in version 5. Pretty sure with basic version check, the proper command file could be parsed. see the way the rancid/cisco ios script deals with this problem. run both, take which ever one works. > > > > Any inputs are much appreciated. > > > > As Jeremy suggested it would be nice if there was a little Howto as > > some people already have this working. > > > > Place wlogin, ciscowlc, and ciscowlc5 in your bin directory of the RANCID install. Then add the following two lines to your $PREFIX/bin/rancid-fe file: > > 'cisco-wlc' => 'ciscowlc', > 'cisco-wlc5' => 'ciscowlc5', > > That should be it. > > -ryan > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss From jmkeller at houseofzen.org Thu Feb 18 00:46:36 2010 From: jmkeller at houseofzen.org (James M Keller) Date: Wed, 17 Feb 2010 19:46:36 -0500 Subject: [rancid] Re: Cisco WAE (WAAS) units In-Reply-To: <20100217233016.GE19234@shrubbery.net> References: <4B7AC24D.5040305@houseofzen.org> <4B7B051D.7050801@houseofzen.org> <20100217004125.GC21889@shrubbery.net> <4B7C01DC.2020908@houseofzen.org> <20100217233016.GE19234@shrubbery.net> Message-ID: <4B7C8DEC.5040805@houseofzen.org> On 2/17/2010 6:30 PM, john heasley wrote: > Wed, Feb 17, 2010 at 09:49:00AM -0500, James M Keller: > >>>> It looks like lenny is 2.3.2 code (listed as current on shrubbery.net), >>>> so I can do diff's when I'm down adding int WAE support to the main >>>> rancid script. Central manager configs are retrievable from CLI. At >>>> best you could script the command to dump the database to XML on the CM >>>> file system and then try more dbfile.xml to terminal. But the admin >>>> guide notes it's resource intensive to do the export. At least I'm able >>>> to grab the acceleration-engine configs and also grab WAAS specific info >>>> as comment entries. I'm likely going to have to tweak some of it to >>>> parse out updating data like session counters, so not ready to dump a >>>> diff yet. Also added WCCP info as comments for both the WAEs and Cisco >>>> IOS, as our shop is using the WCCP rather then in-line for these. If >>>> show ip wccp returns not eabled or invalid, etc it skips it like any >>>> other invalid command for a platform. >>>> >>>> >>> if i understand this; i'd create a separate rancid script for this thing. >>> >>> >>> >> At least in the 4.x code branch it is at least as IOS-ish as PIX/ASAs. >> > and, I should have made those a separate script. contain the ugly. > I'm not opposed to breaking it out into dedicated scripts for both if that fits the design better. The ASA has a number of things that could be captured as comment blocks that would be useful to track beyond the basic IOS-ish device configs. I'll work on the wae script at least this week if time permits. -- --- James M Keller From heas at shrubbery.net Thu Feb 18 04:38:21 2010 From: heas at shrubbery.net (john heasley) Date: Thu, 18 Feb 2010 04:38:21 +0000 Subject: [rancid] Re: Cisco WAE (WAAS) units In-Reply-To: <4B7C8DEC.5040805@houseofzen.org> References: <4B7AC24D.5040305@houseofzen.org> <4B7B051D.7050801@houseofzen.org> <20100217004125.GC21889@shrubbery.net> <4B7C01DC.2020908@houseofzen.org> <20100217233016.GE19234@shrubbery.net> <4B7C8DEC.5040805@houseofzen.org> Message-ID: <20100218043820.GC27716@shrubbery.net> Wed, Feb 17, 2010 at 07:46:36PM -0500, James M Keller: > On 2/17/2010 6:30 PM, john heasley wrote: >> Wed, Feb 17, 2010 at 09:49:00AM -0500, James M Keller: >> >>>>> It looks like lenny is 2.3.2 code (listed as current on shrubbery.net), >>>>> so I can do diff's when I'm down adding int WAE support to the main >>>>> rancid script. Central manager configs are retrievable from CLI. At >>>>> best you could script the command to dump the database to XML on the CM >>>>> file system and then try more dbfile.xml to terminal. But the admin >>>>> guide notes it's resource intensive to do the export. At least I'm able >>>>> to grab the acceleration-engine configs and also grab WAAS specific info >>>>> as comment entries. I'm likely going to have to tweak some of it to >>>>> parse out updating data like session counters, so not ready to dump a >>>>> diff yet. Also added WCCP info as comments for both the WAEs and Cisco >>>>> IOS, as our shop is using the WCCP rather then in-line for these. If >>>>> show ip wccp returns not eabled or invalid, etc it skips it like any >>>>> other invalid command for a platform. >>>>> >>>>> >>>> if i understand this; i'd create a separate rancid script for this thing. >>>> >>>> >>>> >>> At least in the 4.x code branch it is at least as IOS-ish as PIX/ASAs. >>> >> and, I should have made those a separate script. contain the ugly. >> > > I'm not opposed to breaking it out into dedicated scripts for both if > that fits the design better. The ASA has a number of things that could > be captured as comment blocks that would be useful to track beyond the > basic IOS-ish device configs. my experience with asa/pix is limited. it'd seem those could be one script, its the tie with ios that i wish i'd avoided. > I'll work on the wae script at least this week if time permits. > > -- > > --- > James M Keller From asl at launay.org Thu Feb 18 13:15:13 2010 From: asl at launay.org (Arnaud Launay) Date: Thu, 18 Feb 2010 14:15:13 +0100 Subject: [rancid] TP-Link SG5426 Message-ID: <20100218131513.GB2394@launay.org> Hello, I'm wondering if someone include TP-Link SG5426, or others L2 managed tplink, in rancid... AFAIK, it works more or less like ciscos: rancid at backup ~ $ ssh admin at tplink.domain.tld admin at tplink.domain.tld's password: CLI session with the TL-SG5426 is opened. To end the CLI session, enter [Exit]. Vty-0# in router db: tplink.domain.tld:cisco:up and in .cloginrc: add user tplink-*.domain.tld admin add password tplink-*.domain.tld {admin} {admin} add autoenable tplink-*.domain.tld {1} add method tplink-*.domain.tld {ssh} I see in tcpdump that they are communicating with each other using ssh, so it's probably logged in... Online Users: Line Username Idle time (h:m:s) Remote IP addr. ----------- -------- ----------------- --------------- 1 SSH 0 admin 0:01:02 192.168.1.1 yup :) And it should work cisco-like: Vty-1#show running-config building running-config, please wait... !00 !01_00-12-cf-ab-ab-ab_01 [snip] Only, rancid at backup ~ $ bin/rancid-run -r tplink-g6.nocworld.net Returns after some time, and sends me a mail saying it timeout-ed... Config file on backup is empty. Created, but empty. I don't have a clue how to get more debug infos ? Arnaud. From NMaio at guesswho.com Fri Feb 19 14:22:39 2010 From: NMaio at guesswho.com (NMaio at guesswho.com) Date: Fri, 19 Feb 2010 09:22:39 -0500 Subject: [rancid] Backup Cisco Dynamic Access Policies and Secure Desktop Message-ID: <2AA600764E54964491083B1E0EC81A3043B1A5571C@EXCLUS.nationala-1advertising.com> Does anyone backup the contents of dap.xml and data.xml for DAP and Secure Desktop on the ASA? I was thinking of modifying rancid to more the files and then obviously diff the contents but was just curious if anyone else was doing something similar? Thanks, Nick -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20100219/0dae9333/attachment.html From heas at shrubbery.net Fri Feb 19 17:08:05 2010 From: heas at shrubbery.net (john heasley) Date: Fri, 19 Feb 2010 09:08:05 -0800 Subject: [rancid] Re: TP-Link SG5426 In-Reply-To: <20100218131513.GB2394@launay.org> References: <20100218131513.GB2394@launay.org> Message-ID: <20100219170805.GE29861@shrubbery.net> Thu, Feb 18, 2010 at 02:15:13PM +0100, Arnaud Launay: > Hello, > > I'm wondering if someone include TP-Link SG5426, or others L2 > managed tplink, in rancid... > > AFAIK, it works more or less like ciscos: > > rancid at backup ~ $ ssh admin at tplink.domain.tld > admin at tplink.domain.tld's password: > > CLI session with the TL-SG5426 is opened. > To end the CLI session, enter [Exit]. > > Vty-0# > > > in router db: tplink.domain.tld:cisco:up > > and in .cloginrc: > add user tplink-*.domain.tld admin > add password tplink-*.domain.tld {admin} {admin} > add autoenable tplink-*.domain.tld {1} > add method tplink-*.domain.tld {ssh} > > > I see in tcpdump that they are communicating with each other > using ssh, so it's probably logged in... > > Online Users: > Line Username Idle time (h:m:s) Remote IP addr. > ----------- -------- ----------------- --------------- > 1 SSH 0 admin 0:01:02 192.168.1.1 > > yup :) > > And it should work cisco-like: > Vty-1#show running-config > building running-config, please wait... > !00 > !01_00-12-cf-ab-ab-ab_01 > [snip] > > > Only, > rancid at backup ~ $ bin/rancid-run -r tplink-g6.nocworld.net > > Returns after some time, and sends me a mail saying it timeout-ed... > Config file on backup is empty. Created, but empty. > > I don't have a clue how to get more debug infos ? its likely that rancid didnt find the end of the config, or possible. try clogin (or other login scripts) with -c 'command;other command;...'. use the one that works properly in a new rancid script for this device. From ron.whitney at doitbest.com Sat Feb 20 20:42:32 2010 From: ron.whitney at doitbest.com (Ron Whitney) Date: Sat, 20 Feb 2010 15:42:32 -0500 Subject: [rancid] Re: Cisco WLC Backups In-Reply-To: <5DC4853C6CC3EE4788779E0726E034DD10760E@zy-ex1.zyedge.local> Message-ID: <1FD6BFAE6EA54341821D01FB8E617B6501E4B39F@EXCHANGE1.ntserv.doitbestcorp.com> Hi. I'm have a WLC4402 running 4.0.179.11. I'm having only mild success getting RANCID to work. Ryan's ciscowlc5 script works better as my WLC does not support the 'show running-config' command. In executing 'ciscowlc5 -d ' it appears that the 'show udi' and 'show sysinfo' commands work properly but the 'show run-config commands' command hangs at the 'Press Enter to continue Or to abort' prompt. Any recommendations? Thanks in advance. Ron -----Original Message----- From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Ryan West Sent: Tuesday, February 16, 2010 11:04 To: Keys, Jeremy; rancid-discuss at shrubbery.net Subject: [rancid] Re: Cisco WLC Backups Jeremy, This is what I use with some slight modifications that the original author had in place. I think the command file could be combined into a single file for wlc 4's and 5's, but changing 'show run-config' to 'show run'. Just call from each in rancid-fe. -ryan From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Keys, Jeremy Sent: Monday, February 15, 2010 3:28 PM To: rancid-discuss at shrubbery.net Subject: [rancid] Cisco WLC Backups I've been searching the archives for a complete how-to on getting a successful backup on a Cisco WLC (we're using a 5508) using Rancid. Has anyone had any luck? I've found bits and pieces in different emails but nothing complete. Thanks in advance, Jeremy This message and accompanying documents are covered by the Electronic Communications Privacy Act 18 U.S.C. "Sections 2510-2521," and contain information intended for the specified individual(s) only. This information is confidential. If you are not the intended recipient or an agent responsible for delivering it to the intended recipient, you are hereby notified that you have received this document in error and that any review, dissemination, copying, or the taking of any action based on the contents of this information is strictly prohibited. If you have received this communication in error, please notify us immediately by e-mail, and delete the original message. -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20100220/3d988fae/attachment.html From jmkeller at houseofzen.org Sun Feb 21 01:53:12 2010 From: jmkeller at houseofzen.org (James Michael Keller) Date: Sat, 20 Feb 2010 20:53:12 -0500 Subject: [rancid] Re: Backup Cisco Dynamic Access Policies and Secure Desktop In-Reply-To: <2AA600764E54964491083B1E0EC81A3043B1A5571C@EXCLUS.nationala-1advertising.com> References: <2AA600764E54964491083B1E0EC81A3043B1A5571C@EXCLUS.nationala-1advertising.com> Message-ID: I was looking at doing that as I was offering to split out Asa/pix from the ios router/switch scrip along with the waas wae script I am working on. I'm using csd as well on Asa. That would be simmilar to how I was going to track the waas database on central manager wae units. You can export it to XML, but not to console. So would have to execute the dump and then more the file. At leas with Asa can directly more the files directly to console to parse as comment entries. --- Jame Michael Keller *** Sent from my iPhone *** *** Please excuse typos *** On Feb 19, 2010, at 9:22, wrote: > Does anyone backup the contents of dap.xml and data.xml for DAP and > Secure Desktop on the ASA? I was thinking of modifying rancid to > more the files and then obviously diff the contents but was just > curious if anyone else was doing something similar? > > Thanks, > > Nick > > > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20100220/4fb5cb55/attachment.html From davidoj at siminn.is Wed Feb 24 10:53:42 2010 From: davidoj at siminn.is (=?iso-8859-1?Q?Dav=ED=F0_=D6rn_J=F3hannsson?=) Date: Wed, 24 Feb 2010 10:53:42 +0000 Subject: [rancid] Re: Alcatel Omniswitch and Rancid Message-ID: <2C2EB65E9541674190062A288A739F0001407D180B@DUFA.siminn.is> Hi Alex, Doing some googling gave you away, I saw that you had modified rancid and clogin to being able to support Alcatel routers in Rancid, did you publish your modification anywhere where I could take a look at them? I'm trying to be able to use Rancid for Alcatel SR7750 and any help would be apreciated. Kve?ja, Dav?? ?rn J?hannsson S?rfr??ingur Stj?rnkerfi S?mi +354 897 7463 Fax +354 [cid:image001.jpg at 01CAB53F.5B246780] S?minn - ?rm?li 25 - 108 Reykjav?k - Iceland - siminn.is ?byrg? ??n var?andi t?lvup?st. -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20100224/17e32957/attachment.html -------------- next part -------------- A non-text attachment was scrubbed... Name: image001.jpg Type: image/jpeg Size: 22658 bytes Desc: image001.jpg Url : http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20100224/17e32957/attachment.jpg From ton.voon at opsera.com Fri Feb 26 09:42:30 2010 From: ton.voon at opsera.com (Ton Voon) Date: Fri, 26 Feb 2010 09:42:30 +0000 Subject: [rancid] Fix for alteon and new Ellacoya scripts Message-ID: <78B3ABB6-DCA0-49DD-BA10-51EB3F39F974@opsera.com> Hi! Thanks for RANCID which we use in our monitoring software, Opsview - http://opsview.org . Please find a tarball attached. This contains the following files: * rancid_alteon_esecret_removal.patch - this removes an esecret line from alteon devices which changes every time someone logs in. I have seen an alternative fix on the mailing list, but this one works for us * elrancid.in and ellogin.in - scripts for Ellacoya E30 devices * rancid_ellacoya_makefile.patch - patches to support the make; make install of the Ellacoya scripts * rancid_re_ellacoya.patch - support for ellacoya in rancid_fe Enjoy! Ton -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20100226/d1242151/attachment.html -------------- next part -------------- A non-text attachment was scrubbed... Name: rancid_opsera_patches.tar Type: application/x-tar Size: 51200 bytes Desc: not available Url : http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20100226/d1242151/attachment.tar -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20100226/d1242151/attachment-0001.html From jbaird at follett.com Fri Feb 26 16:28:20 2010 From: jbaird at follett.com (Baird, Josh) Date: Fri, 26 Feb 2010 10:28:20 -0600 Subject: [rancid] f5rancid problems Message-ID: Hi, Running 2.3.2 here and trying to use f5rancid. I am able to successfully login to the device using "clogin " but the commands seem to time out: ===================================== Getting missed routers: round 1. fc-f5-04.blah.com clogin error: Error: TIMEOUT reached fc-f5-04.blah.com: missed cmd(s): ls --full-time --color=never /config/ssl/ssl.crt,bigpipe route static show,bigpipe base list,cat /config/bigip.license,bigpipe platform,bigpipe db show,bigpipe monitor list all,ls --full-time --color=never /config/ssl/ssl.key,bigpipe version,bigpipe profile list,bigpipe list fc-f5-04.blah.com: End of run not found # ===================================== All of the commands that it says it is running are valid. We are running BigIP 10.0.1 on these F5 devices. Any ideas? Thanks, Josh From rancid at gheek.net Fri Feb 26 18:16:42 2010 From: rancid at gheek.net (Lance Vermilion) Date: Fri, 26 Feb 2010 11:16:42 -0700 Subject: [rancid] Modification to clogin to account for Permission denied when login tries to access binaries Message-ID: <8423e7bb1002261016y5ba6c6e0j131423a76c74c487@mail.gmail.com> John, For those of us that might want to write a linuxrancid (to collect linux particulars) it would be helpful if we added the following to the regex in clogin. Change line 898 -re "(denied|Sorry)" { TO -re "(denied|Sorry) && (!Permission denied)" { This will account for security requirements (DISA STIGS, etc) where regular users aren't allowed to have access to mesg. Once you deny a use access to mesg they get a message that will include the words "Permission denied". Here is an example output of the access denied to mesg. This will also account for banners that ha -bash: /usr/bin/mesg: Permission denied Just a thought. I can always modify mine as required. From rancid at gheek.net Fri Feb 26 19:32:58 2010 From: rancid at gheek.net (Lance Vermilion) Date: Fri, 26 Feb 2010 12:32:58 -0700 Subject: [rancid] Dedicated nixrancid using clogin...anyone interested Message-ID: <8423e7bb1002261132ice74b77lb30ed73c076a8f62@mail.gmail.com> All, I have been thinking. I don't want to go and add something like cfengine or anything else to my existing set of tools. I do want to collect some information and save it, namely files that wouldn't be changing frequently and since I use OpenNMS which has RANCID tied to it already this is a valuable add for me. All I need to do is add a new platform nix that points to nixrancid that uses a slightly modified clogin (to skip sending "term length 0") and then I can capture all sorts of important bits of info on *nix machines. Right now I have played with Linux and I am having quite the success. I want to write a small addition to nixrancid that would then look at an additional file called nixcollect.db. This would allow someone to enable collection based on possible collection bits. So if the platform type of nix was in router.db then nixrancid would look in nixcollect.db to figure out what files to screen scrape. Please let me know if anyone else would be interested in the work I will do. Currently I am thinking to capture a few things. #key files in /etc/ /etc/passwd /etc/profile /etc/bashrc /etc/group /etc/sudoers /etc/modprobe /etc/aliases /etc/crontab /etc/grub.conf /etc/shadow /etc/hosts /etc/hosts.allow /etc/hosts.deny /etc/host.conf /etc/multipath.conf /etc/resolv.conf /etc/securetty /etc/services /etc/updatedb.conf /etc/sysctl.conf /etc/inittab /etc/initlog.conf /etc/login.defs /etc/logrotate.conf /etc/logrotate.d/* #syslogd /etc/syslog.conf #syslog-ng /etc/syslog-ng/* #java /etc/java/* #security /etc/security/* #drbd /etc/drbd.conf #snmp /etc/snmp/snmpd.conf /etc/snmp/snmp.local.conf #tomcat /etc/tomcat5/* /etc/sysconfig/tomcat5/ #yum/apt-get/etc /etc/yum.conf /etc/yum.repos.d/*.repo /etc/yum/yum-updatesd.conf #ssh /etc/ssh/* #selinux /etc/selinux/config #filesystem /etc/fstab #INIT scripts /etc/init.d/* #PAM /etc/pan.d/* #databases - mysql/etc /etc/my.cnf #DNS - bind/named /etc/named.conf /etc/named.caching-nameserver.conf /etc/rfc1912.zones /etc/sysconfig/named #iscsi #ntp /etc/ntp.conf /etc/ntp/ntpservers /etc/ntp/keys /etc/sysconfig/ntpd #security files - audit /etc/audit/auditd.conf /etc/audit/audit.rules /etc/sysconfig/auditd #iptables /etc/sysconfig/iptables-config /etc/sysconfig/ip6tables-config #Heartbeat /etc/ha.d/haresources /etc/ha.d/ha.cf /etc/ha.d/authkeys #sysconfig stuff /etc/sysconfig/network /etc/sysconfig/network-scripts/ifcfg-* /etc/sysconfig/authconfig /etc/sysconfig/clock /etc/sysconfig/kernel From thecomputerking at gmail.com Sat Feb 27 00:57:46 2010 From: thecomputerking at gmail.com (Charles Tompkins) Date: Fri, 26 Feb 2010 19:57:46 -0500 Subject: [rancid] Re: Dedicated nixrancid using clogin...anyone interested In-Reply-To: <8423e7bb1002261132ice74b77lb30ed73c076a8f62@mail.gmail.com> References: <8423e7bb1002261132ice74b77lb30ed73c076a8f62@mail.gmail.com> Message-ID: I am interested and condisidering a rancid deployment for change management on server files ATM; I am interested in seeing your work. I can see nixcollect.db using some additional variability or versions to accomodate other system flavors for all the different paths to etc, not to mention multiple paths to applications like src-installed (/usr/ local/etc) vs. maintained packages (/etc) or even /opt. nixcollect_redhat.db nixcollect_debuntu.db nixcollect_solaris.db . . . Maybe set your path to etc/ as a variable for the firsthalf of the object and rely on your object definition to supply the secondhalf to get to the file. Regards, -Charles On Feb 26, 2010, at 2:32 PM, Lance Vermilion wrote: > All, > > I have been thinking. I don't want to go and add something like > cfengine or anything else to my existing set of tools. I do want to > collect some information and save it, namely files that wouldn't be > changing frequently and since I use OpenNMS which has RANCID tied to > it already this is a valuable add for me. All I need to do is add a > new platform nix that points to nixrancid that uses a slightly > modified clogin (to skip sending "term length 0") and then I can > capture all sorts of important bits of info on *nix machines. Right > now I have played with Linux and I am having quite the success. > > I want to write a small addition to nixrancid that would then look at > an additional file called nixcollect.db. This would allow someone to > enable collection based on possible collection bits. So if the > platform type of nix was in router.db then nixrancid would look in > nixcollect.db to figure out what files to screen scrape. > > Please let me know if anyone else would be interested in the work I > will do. > > Currently I am thinking to capture a few things. > > #key files in /etc/ > /etc/passwd > /etc/profile > /etc/bashrc > /etc/group > /etc/sudoers > /etc/modprobe > /etc/aliases > /etc/crontab > /etc/grub.conf > /etc/shadow > /etc/hosts > /etc/hosts.allow > /etc/hosts.deny > /etc/host.conf > /etc/multipath.conf > /etc/resolv.conf > /etc/securetty > /etc/services > /etc/updatedb.conf > /etc/sysctl.conf > /etc/inittab > /etc/initlog.conf > /etc/login.defs > /etc/logrotate.conf > /etc/logrotate.d/* > > #syslogd > /etc/syslog.conf > > #syslog-ng > /etc/syslog-ng/* > > #java > /etc/java/* > > #security > /etc/security/* > > #drbd > /etc/drbd.conf > > #snmp > /etc/snmp/snmpd.conf > /etc/snmp/snmp.local.conf > > #tomcat > /etc/tomcat5/* > /etc/sysconfig/tomcat5/ > > #yum/apt-get/etc > /etc/yum.conf > /etc/yum.repos.d/*.repo > /etc/yum/yum-updatesd.conf > > #ssh > /etc/ssh/* > > #selinux > /etc/selinux/config > > > #filesystem > /etc/fstab > > #INIT scripts > /etc/init.d/* > > #PAM > /etc/pan.d/* > > #databases - mysql/etc > /etc/my.cnf > > #DNS - bind/named > /etc/named.conf > /etc/named.caching-nameserver.conf > /etc/rfc1912.zones > /etc/sysconfig/named > > #iscsi > > > #ntp > /etc/ntp.conf > /etc/ntp/ntpservers > /etc/ntp/keys > /etc/sysconfig/ntpd > > #security files - audit > /etc/audit/auditd.conf > /etc/audit/audit.rules > /etc/sysconfig/auditd > > #iptables > /etc/sysconfig/iptables-config > /etc/sysconfig/ip6tables-config > > #Heartbeat > /etc/ha.d/haresources > /etc/ha.d/ha.cf > /etc/ha.d/authkeys > > #sysconfig stuff > /etc/sysconfig/network > /etc/sysconfig/network-scripts/ifcfg-* > /etc/sysconfig/authconfig > /etc/sysconfig/clock > /etc/sysconfig/kernel > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss