From hfranco at drjays.com Mon Oct 1 22:37:47 2012 From: hfranco at drjays.com (Henry Franco) Date: Mon, 1 Oct 2012 15:37:47 -0700 (PDT) Subject: [rancid] Rancid running every hour In-Reply-To: <1431544155.10858891.1349130799776.JavaMail.root@san-mail01.int.drjays.com> Message-ID: <460550464.10859089.1349131067208.JavaMail.root@san-mail01.int.drjays.com> I would like to change the interval that rancid runs. As per the logs it's running every hour. I've looked in the configs and crontab for root and rancid and there's nothing there that is setup to run every hour. As a matter of fact I don't even have rancid-run running at all from crontab. Any idea how I would be able to modify the interval it runs on? -Henry -------------- next part -------------- An HTML attachment was scrubbed... URL: From dmarkd at gmail.com Mon Oct 1 22:41:43 2012 From: dmarkd at gmail.com (Mark Douglas) Date: Mon, 1 Oct 2012 16:41:43 -0600 Subject: [rancid] Rancid running every hour In-Reply-To: <460550464.10859089.1349131067208.JavaMail.root@san-mail01.int.drjays.com> References: <1431544155.10858891.1349130799776.JavaMail.root@san-mail01.int.drjays.com> <460550464.10859089.1349131067208.JavaMail.root@san-mail01.int.drjays.com> Message-ID: What platform are you running rancid on? I know that my EPEL installed RPM on RHEL, the cron entry ends up in /etc/cron.d/rancid, and not in the user's crontab. On Mon, Oct 1, 2012 at 4:37 PM, Henry Franco wrote: > I would like to change the interval that rancid runs. As per the logs > it's running every hour. > > I've looked in the configs and crontab for root and rancid and there's > nothing there that is setup to run every hour. As a matter of fact I don't > even have rancid-run running at all from crontab. > > Any idea how I would be able to modify the interval it runs on? > > -Henry > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > -------------- next part -------------- An HTML attachment was scrubbed... URL: From hfranco at drjays.com Mon Oct 1 22:45:46 2012 From: hfranco at drjays.com (Henry Franco) Date: Mon, 1 Oct 2012 15:45:46 -0700 (PDT) Subject: [rancid] Rancid running every hour In-Reply-To: Message-ID: <569486559.10859555.1349131546182.JavaMail.root@san-mail01.int.drjays.com> CentOS. And it's there as you stated. Thanks Mark. -Henry ----- Original Message ----- | From: "Mark Douglas" | To: "Henry Franco" | Cc: rancid-discuss at shrubbery.net | Sent: Monday, October 1, 2012 3:41:43 PM | Subject: Re: [rancid] Rancid running every hour | What platform are you running rancid on? I know that my EPEL | installed RPM on RHEL, the cron entry ends up in /etc/cron.d/rancid, | and not in the user's crontab. | On Mon, Oct 1, 2012 at 4:37 PM, Henry Franco < hfranco at drjays.com > | wrote: | | I would like to change the interval that rancid runs. As per the | | logs | | it's running every hour. | | | I've looked in the configs and crontab for root and rancid and | | there's nothing there that is setup to run every hour. As a matter | | of fact I don't even have rancid-run running at all from crontab. | | | Any idea how I would be able to modify the interval it runs on? | | | -Henry | | | _______________________________________________ | | | Rancid-discuss mailing list | | | Rancid-discuss at shrubbery.net | | | http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss | -------------- next part -------------- An HTML attachment was scrubbed... URL: From bwindle at lentechinc.com Tue Oct 2 14:59:28 2012 From: bwindle at lentechinc.com (Brian Windle) Date: Tue, 2 Oct 2012 09:59:28 -0500 Subject: [rancid] rancid to run command then display in viewvc Message-ID: <273DC75625F66C4D9A7E783317C41C88058D10193F@MBX24.exg5.exghost.com> Has anyone used Rancid to check into equipment and run a command i.e. sho interfaces trunk, then have that display in viewvc? -------------- next part -------------- An HTML attachment was scrubbed... URL: From Nicolai.Langfeldt at broadnet.no Tue Oct 2 17:09:38 2012 From: Nicolai.Langfeldt at broadnet.no (Nicolai Langfeldt) Date: Tue, 2 Oct 2012 17:09:38 +0000 Subject: [rancid] rancid to run command then display in viewvc In-Reply-To: <273DC75625F66C4D9A7E783317C41C88058D10193F@MBX24.exg5.exghost.com> References: <273DC75625F66C4D9A7E783317C41C88058D10193F@MBX24.exg5.exghost.com> Message-ID: <76559C2CEC19234C83D86F21E613AC5D010D9483@p1exmbx01.corp.local> Hi, yes, you just point viewvc to the rancid run repo and there you are. Nicolai -- Nicolai Langfeldt, OSS Arkitekt Broad|Net - Fiber - the business revolution ________________________________ Fra: rancid-discuss-bounces at shrubbery.net [rancid-discuss-bounces at shrubbery.net] p? vegne av Brian Windle [bwindle at lentechinc.com] Sendt: 2. oktober 2012 16:59 To: 'rancid-discuss at shrubbery.net' Emne: [rancid] rancid to run command then display in viewvc Has anyone used Rancid to check into equipment and run a command i.e. sho interfaces trunk, then have that display in viewvc? -------------- next part -------------- An HTML attachment was scrubbed... URL: From achiarello at brynmawr.edu Thu Oct 4 14:55:45 2012 From: achiarello at brynmawr.edu (Andrew Chiarello) Date: Thu, 4 Oct 2012 10:55:45 -0400 (EDT) Subject: [rancid] Problem installing on Ubuntu Server 12.04 In-Reply-To: <289980353.188451.1349361905294.JavaMail.root@ganesh.brynmawr.edu> Message-ID: <79019644.207068.1349362545871.JavaMail.root@ganesh.brynmawr.edu> Hi, When compiling rancid 2.3.8 on Ubuntu Server 12.04, I'm getting the following error: gcc -g -O0 -o hpuifilter hpuifilter.o -lutil hpuifilter.o: In function `filter': /home/achiarello/rancid-2.3.8/bin/hpuifilter.c:577: undefined reference to `TclReError' /home/achiarello/rancid-2.3.8/bin/hpuifilter.c:588: undefined reference to `TclReError' /home/achiarello/rancid-2.3.8/bin/hpuifilter.c:609: undefined reference to `TclReError' collect2: ld returned 1 exit status make[1]: *** [hpuifilter] Error 1 I'm pretty new to this, and google searches haven't led me to a solution; can anyone point me in the right direction? Andrew J. Chiarello Network Engineer Bryn Mawr College 610-526-7966 achiarello at brynmawr.edu -------------- next part -------------- An HTML attachment was scrubbed... URL: From tyler at tolaris.com Thu Oct 4 15:09:19 2012 From: tyler at tolaris.com (Tyler J. Wagner) Date: Thu, 04 Oct 2012 16:09:19 +0100 Subject: [rancid] Problem installing on Ubuntu Server 12.04 In-Reply-To: <79019644.207068.1349362545871.JavaMail.root@ganesh.brynmawr.edu> References: <79019644.207068.1349362545871.JavaMail.root@ganesh.brynmawr.edu> Message-ID: <506DA69F.7020701@tolaris.com> Not to dissuade you from doing it the hard way, but you might find it easier to install from APT. 12.04 (precise) has rancid 2.3.6, which I'm happy with. If you want 2.3.8, you can probably install the package from quantal directly. http://packages.ubuntu.com/search?suite=default§ion=all&arch=any&searchon=names&keywords=rancid Regards, Tyler On 2012-10-04 15:55, Andrew Chiarello wrote: > Hi, > > When compiling rancid 2.3.8 on Ubuntu Server 12.04, I'm getting the > following error: > > gcc -g -O0 -o hpuifilter hpuifilter.o -lutil > hpuifilter.o: In function `filter': > /home/achiarello/rancid-2.3.8/bin/hpuifilter.c:577: undefined reference to > `TclReError' > /home/achiarello/rancid-2.3.8/bin/hpuifilter.c:588: undefined reference to > `TclReError' > /home/achiarello/rancid-2.3.8/bin/hpuifilter.c:609: undefined reference to > `TclReError' > collect2: ld returned 1 exit status > make[1]: *** [hpuifilter] Error 1 > > I'm pretty new to this, and google searches haven't led me to a solution; > can anyone point me in the right direction? > > > Andrew J. Chiarello > Network Engineer > Bryn Mawr College > 610-526-7966 > achiarello at brynmawr.edu > > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > -- "[...] freedom is kind of a hobby with me, and I have disposable income that I'll spend to find out how to get people more of it." -- Penn Jillette From achiarello at brynmawr.edu Thu Oct 4 17:20:52 2012 From: achiarello at brynmawr.edu (Andrew Chiarello) Date: Thu, 4 Oct 2012 13:20:52 -0400 (EDT) Subject: [rancid] Problem installing on Ubuntu Server 12.04 In-Reply-To: <506DA69F.7020701@tolaris.com> Message-ID: <1804593846.305136.1349371252666.JavaMail.root@ganesh.brynmawr.edu> I actually tried the precise package first, but it had some significant timeout issues for me. I'll try the quantal package. ----- Original Message ----- From: "Tyler J. Wagner" To: "Andrew Chiarello" Cc: rancid-discuss at shrubbery.net Sent: Thursday, October 4, 2012 11:09:19 AM Subject: Re: [rancid] Problem installing on Ubuntu Server 12.04 Not to dissuade you from doing it the hard way, but you might find it easier to install from APT. 12.04 (precise) has rancid 2.3.6, which I'm happy with. If you want 2.3.8, you can probably install the package from quantal directly. http://packages.ubuntu.com/search?suite=default§ion=all&arch=any&searchon=names&keywords=rancid Regards, Tyler On 2012-10-04 15:55, Andrew Chiarello wrote: > Hi, > > When compiling rancid 2.3.8 on Ubuntu Server 12.04, I'm getting the > following error: > > gcc -g -O0 -o hpuifilter hpuifilter.o -lutil > hpuifilter.o: In function `filter': > /home/achiarello/rancid-2.3.8/bin/hpuifilter.c:577: undefined reference to > `TclReError' > /home/achiarello/rancid-2.3.8/bin/hpuifilter.c:588: undefined reference to > `TclReError' > /home/achiarello/rancid-2.3.8/bin/hpuifilter.c:609: undefined reference to > `TclReError' > collect2: ld returned 1 exit status > make[1]: *** [hpuifilter] Error 1 > > I'm pretty new to this, and google searches haven't led me to a solution; > can anyone point me in the right direction? > > > Andrew J. Chiarello > Network Engineer > Bryn Mawr College > 610-526-7966 > achiarello at brynmawr.edu > > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > -- "[...] freedom is kind of a hobby with me, and I have disposable income that I'll spend to find out how to get people more of it." -- Penn Jillette -------------- next part -------------- An HTML attachment was scrubbed... URL: From nic-o17 at wanadoo.fr Fri Oct 5 09:22:38 2012 From: nic-o17 at wanadoo.fr (nic-o) Date: Fri, 5 Oct 2012 11:22:38 +0200 (CEST) Subject: [rancid] Ironport anti-spam appliance support Message-ID: <432713015.9381.1349428958300.JavaMail.www@wwinf1j37> Thanks a lot for that! ? Actually I have a problem thought. ? iprancid and iplogin works great when I run it manually. Even when I run "rancid-run" manually. All the ironport conf is backed-up. ? But, when the cron system runs it, the ironport conf if incomplete and everytime at the same moment. Here is the last lines I have: allowall And this is what I should get: ? ? x-forwarded-for ? ?? ? ? ?? ? ? ?? Any Ideas? -------------- next part -------------- An HTML attachment was scrubbed... URL: From saa1873 at gmail.com Wed Oct 10 11:19:40 2012 From: saa1873 at gmail.com (saa 1873) Date: Wed, 10 Oct 2012 14:19:40 +0300 Subject: [rancid] Rancid, Nortel Bay2550 and CTRL+Y in login Message-ID: Has anyone done a script that allows received Rancid backup Bay2550 Nortel Switch? blogin does not work. The problem is Logon CTRL + Y Nortel's request . Regards, Usko Kyykka -------------- next part -------------- An HTML attachment was scrubbed... URL: From killswordfish at gmail.com Wed Oct 10 20:25:38 2012 From: killswordfish at gmail.com (Keng Soon Goh) Date: Wed, 10 Oct 2012 13:25:38 -0700 (PDT) Subject: [rancid] Rancid SAN Switch (Brocade) Script In-Reply-To: References: <1ACBC8405CD6E64792FC497D33313B010C58926F@mse10be2.mse10.exchange.ms> Message-ID: <16574730-4948-4e3a-8403-a3319aac677a@googlegroups.com> What do you use for router.db :brocade:up ?? Thanks. Keng On Thursday, January 13, 2011 3:34:52 AM UTC-5, Rhys Evans wrote: > > Hi > > The attached works for me, not the full config but enough for us to > recover if required. > > We are running FOS v6.2.2c > > Usual disclaimer applies, use at your own risk etc etc etc > > Hope it helps > > Thanks > > Rhys Evans > Technical Consultant > > | Redblade Ltd | Tel: +44 (0)845 094 2389 | Fax: +44 (0)20 7735 1555 | > Southbank House, Vauxhall | www.redblade.co.uk | > > > -----Original Message----- > From: rancid-disc... at shrubbery.net [mailto: > rancid-discuss-bounces at shrubbery.net ] On Behalf Of Chris > Gauthier > Sent: 12 January 2011 23:58 > To: rancid-... at shrubbery.net > Subject: Re: [rancid] Rancid SAN Switch (Brocade) Script > > >From: rancid-disc... at shrubbery.net [mailto: > rancid-discuss-bounces at shrubbery.net ] On Behalf Of Jake > Robinson > >Sent: Wednesday, January 12, 2011 7:50 AM > >To: rancid-... at shrubbery.net > >Subject: [rancid] Rancid SAN Switch (Brocade) Script > > > >I'd be interested in the brocade script. > > > > A lot of Brocade used to be Froundry. I would suggest trying francid on > them. > > --Chris > > > ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ > CONFIDENTIALITY NOTICE > Attention: The information contained in this email and/or attachments is > intended only for the person or entity to which it is addressed and may > contain confidential and/or privileged material. Any review, > retransmission, dissemination or other use of, or taking of any action in > reliance upon, this information by persons or entities other than the > intended recipient is prohibited. If you received this in error, please > contact the sender and delete the material from any system and destroy any > copies. > _______________________________________________ > Rancid-discuss mailing list > Rancid-... at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > > Redblade Ltd is a Company Limited by Guarantee, registered in England, no: > 5821834 > Registered Office: Southbank House, Black Prince Road, Vauxhall, London, > SE1 7SJ > > This email and its content are subject to the disclaimer as displayed at > the following link http://www.redblade.co.uk/disclaimer.htm > > > _______________________________________________ > Rancid-discuss mailing list > Rancid-... at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From boynton.pete at gmail.com Wed Oct 17 13:49:42 2012 From: boynton.pete at gmail.com (Pete Boynton) Date: Wed, 17 Oct 2012 09:49:42 -0400 Subject: [rancid] RANCID pulls hourly diff off NEXUS 5500 despite no changes Message-ID: Hello, We are running version of 2.3.8 of RANCID. The problem we are having is that every hour RANCID detects a change in the config and so it posts a new page even though no chance has occurred. It detects the line: !Time: Wed Oct 17 06:00:06 2012 has changed from the hour before, so I guess technically a change has occurred and RANCID is doing what it was designed to do. However we are getting spammed with versions that really don't tell us when an important change has been made. This is only a problem on the NEXUS switches. Everything else works fine. Question: 1. Is there a way to tell RANCID to ignore the line that begins with !Time? Thanks for any help you can give Pedro -------------- next part -------------- An HTML attachment was scrubbed... URL: From Douglas.Hughes at DEShawResearch.com Wed Oct 17 14:08:58 2012 From: Douglas.Hughes at DEShawResearch.com (Hughes, Doug) Date: Wed, 17 Oct 2012 14:08:58 +0000 Subject: [rancid] RANCID pulls hourly diff off NEXUS 5500 despite no changes In-Reply-To: References: Message-ID: Which section does it occur in? Is it part of Show Ver or other? If you go into that section in the rancid file you can add a regex match to discard Time: For instance, go to sub ShowVersion Scroll down and you'll see a ton of regular expressions. Add a new one like this: # ignore time changes to avoid hourly spam /^Time: / && next; Put that line in whatever section is generating the annoying timestamp. From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Pete Boynton Sent: Wednesday, October 17, 2012 9:50 AM To: rancid-discuss at shrubbery.net Subject: [rancid] RANCID pulls hourly diff off NEXUS 5500 despite no changes Hello, We are running version of 2.3.8 of RANCID. The problem we are having is that every hour RANCID detects a change in the config and so it posts a new page even though no chance has occurred. It detects the line: !Time: Wed Oct 17 06:00:06 2012 has changed from the hour before, so I guess technically a change has occurred and RANCID is doing what it was designed to do. However we are getting spammed with versions that really don't tell us when an important change has been made. This is only a problem on the NEXUS switches. Everything else works fine. Question: 1. Is there a way to tell RANCID to ignore the line that begins with !Time? Thanks for any help you can give Pedro -------------- next part -------------- An HTML attachment was scrubbed... URL: From boynton.pete at gmail.com Wed Oct 17 15:07:37 2012 From: boynton.pete at gmail.com (Pete Boynton) Date: Wed, 17 Oct 2012 11:07:37 -0400 Subject: [rancid] RANCID pulls hourly diff off NEXUS 5500 despite no changes In-Reply-To: References: Message-ID: Doug, Thanks for the quick reply. I am pretty much a RANCID newbie but I want to answer your question: Which section does it occur in? How could I find out what section this is happening. Thanks On Wed, Oct 17, 2012 at 10:08 AM, Hughes, Doug < Douglas.Hughes at deshawresearch.com> wrote: > Is it part of Show Ver or other? If you go into that section in the > rancid file you can add a regex match to discard Time: > > ** ** > > For instance, go to sub ShowVersion**** > > Scroll down and you?ll see a ton of regular expressions.**** > > Add a new one like this:**** > > # ignore time changes to avoid hourly spam**** > > /^Time: / && next;**** > > ** ** > > Put that line in whatever section is generating the annoying timestamp.*** > * > > ** ** > > ** ** > > *From:* rancid-discuss-bounces at shrubbery.net [mailto: > rancid-discuss-bounces at shrubbery.net] *On Behalf Of *Pete Boynton > *Sent:* Wednesday, October 17, 2012 9:50 AM > *To:* rancid-discuss at shrubbery.net > *Subject:* [rancid] RANCID pulls hourly diff off NEXUS 5500 despite no > changes**** > > ** ** > > Hello, > > We are running version of 2.3.8 of RANCID. The problem we are having is > that every hour RANCID detects a change in the config and so it posts a new > page even though no chance has occurred. It detects the line: > > !Time: Wed Oct 17 06:00:06 2012 > > > has changed from the hour before, so I guess technically a change has > occurred and RANCID is doing what it was designed to do. However we are > getting spammed with versions that really don't tell us when an important > change has been made. This is only a problem on the NEXUS switches. > Everything else works fine. > > Question: > > 1. Is there a way to tell RANCID to ignore the line that begins with !Time? > > Thanks for any help you can give > > Pedro **** > -------------- next part -------------- An HTML attachment was scrubbed... URL: From Douglas.Hughes at DEShawResearch.com Wed Oct 17 15:10:50 2012 From: Douglas.Hughes at DEShawResearch.com (Hughes, Doug) Date: Wed, 17 Oct 2012 15:10:50 +0000 Subject: [rancid] RANCID pulls hourly diff off NEXUS 5500 despite no changes In-Reply-To: References: Message-ID: You should have lines beginning with a prefix around it.. Like !Flash: or !BootFlash: or !Image: or something like that... From: Pete Boynton [mailto:boynton.pete at gmail.com] Sent: Wednesday, October 17, 2012 11:08 AM To: Hughes, Doug Cc: rancid-discuss at shrubbery.net Subject: Re: [rancid] RANCID pulls hourly diff off NEXUS 5500 despite no changes Doug, Thanks for the quick reply. I am pretty much a RANCID newbie but I want to answer your question: Which section does it occur in? How could I find out what section this is happening. Thanks On Wed, Oct 17, 2012 at 10:08 AM, Hughes, Doug > wrote: Is it part of Show Ver or other? If you go into that section in the rancid file you can add a regex match to discard Time: For instance, go to sub ShowVersion Scroll down and you'll see a ton of regular expressions. Add a new one like this: # ignore time changes to avoid hourly spam /^Time: / && next; Put that line in whatever section is generating the annoying timestamp. From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Pete Boynton Sent: Wednesday, October 17, 2012 9:50 AM To: rancid-discuss at shrubbery.net Subject: [rancid] RANCID pulls hourly diff off NEXUS 5500 despite no changes Hello, We are running version of 2.3.8 of RANCID. The problem we are having is that every hour RANCID detects a change in the config and so it posts a new page even though no chance has occurred. It detects the line: !Time: Wed Oct 17 06:00:06 2012 has changed from the hour before, so I guess technically a change has occurred and RANCID is doing what it was designed to do. However we are getting spammed with versions that really don't tell us when an important change has been made. This is only a problem on the NEXUS switches. Everything else works fine. Question: 1. Is there a way to tell RANCID to ignore the line that begins with !Time? Thanks for any help you can give Pedro -------------- next part -------------- An HTML attachment was scrubbed... URL: From Douglas.Hughes at DEShawResearch.com Wed Oct 17 15:56:09 2012 From: Douglas.Hughes at DEShawResearch.com (Hughes, Doug) Date: Wed, 17 Oct 2012 15:56:09 +0000 Subject: [rancid] RANCID pulls hourly diff off NEXUS 5500 despite no changes In-Reply-To: References: Message-ID: My rancid hasn't been updated in a while, but it should be mostly similar, still There's a WriteTerm subroutine that is responsible for processing the show running-config execution. Looks under there for something like: # some versions have other crap mixed in with the bits in the # block above /^! (Last configuration|NVRAM config last)/ && next; You could just modify that line and add between the t of last and the closing ')', "|^Time: ") (without the quotes) Or add another line under: # Dog gone Cool matches to process the rest of the config /^Time: / && next; You may have to adjust for spaces or indentation in the output. From: Pete Boynton [mailto:boynton.pete at gmail.com] Sent: Wednesday, October 17, 2012 11:51 AM To: Hughes, Doug Cc: rancid-discuss at shrubbery.net Subject: Re: [rancid] RANCID pulls hourly diff off NEXUS 5500 despite no changes OK then this happens during the show running config section On Wed, Oct 17, 2012 at 11:10 AM, Hughes, Doug > wrote: You should have lines beginning with a prefix around it.. Like !Flash: or !BootFlash: or !Image: or something like that... From: Pete Boynton [mailto:boynton.pete at gmail.com] Sent: Wednesday, October 17, 2012 11:08 AM To: Hughes, Doug Cc: rancid-discuss at shrubbery.net Subject: Re: [rancid] RANCID pulls hourly diff off NEXUS 5500 despite no changes Doug, Thanks for the quick reply. I am pretty much a RANCID newbie but I want to answer your question: Which section does it occur in? How could I find out what section this is happening. Thanks On Wed, Oct 17, 2012 at 10:08 AM, Hughes, Doug > wrote: Is it part of Show Ver or other? If you go into that section in the rancid file you can add a regex match to discard Time: For instance, go to sub ShowVersion Scroll down and you'll see a ton of regular expressions. Add a new one like this: # ignore time changes to avoid hourly spam /^Time: / && next; Put that line in whatever section is generating the annoying timestamp. From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Pete Boynton Sent: Wednesday, October 17, 2012 9:50 AM To: rancid-discuss at shrubbery.net Subject: [rancid] RANCID pulls hourly diff off NEXUS 5500 despite no changes Hello, We are running version of 2.3.8 of RANCID. The problem we are having is that every hour RANCID detects a change in the config and so it posts a new page even though no chance has occurred. It detects the line: !Time: Wed Oct 17 06:00:06 2012 has changed from the hour before, so I guess technically a change has occurred and RANCID is doing what it was designed to do. However we are getting spammed with versions that really don't tell us when an important change has been made. This is only a problem on the NEXUS switches. Everything else works fine. Question: 1. Is there a way to tell RANCID to ignore the line that begins with !Time? Thanks for any help you can give Pedro -------------- next part -------------- An HTML attachment was scrubbed... URL: From boynton.pete at gmail.com Wed Oct 17 15:50:54 2012 From: boynton.pete at gmail.com (Pete Boynton) Date: Wed, 17 Oct 2012 11:50:54 -0400 Subject: [rancid] RANCID pulls hourly diff off NEXUS 5500 despite no changes In-Reply-To: References: Message-ID: OK then this happens during the show running config section On Wed, Oct 17, 2012 at 11:10 AM, Hughes, Doug < Douglas.Hughes at deshawresearch.com> wrote: > You should have lines beginning with a prefix around it..**** > > ** ** > > Like !Flash: or !BootFlash: or !Image: or something like that?**** > > ** ** > > ** ** > > ** ** > > *From:* Pete Boynton [mailto:boynton.pete at gmail.com] > *Sent:* Wednesday, October 17, 2012 11:08 AM > *To:* Hughes, Doug > *Cc:* rancid-discuss at shrubbery.net > *Subject:* Re: [rancid] RANCID pulls hourly diff off NEXUS 5500 despite > no changes**** > > ** ** > > Doug, > > Thanks for the quick reply. I am pretty much a RANCID newbie but I want to > answer your question: > > Which section does it occur in? > > How could I find out what section this is happening. > > Thanks > > > **** > > On Wed, Oct 17, 2012 at 10:08 AM, Hughes, Doug < > Douglas.Hughes at deshawresearch.com> wrote:**** > > Is it part of Show Ver or other? If you go into that section in the > rancid file you can add a regex match to discard Time:**** > > **** > > For instance, go to sub ShowVersion**** > > Scroll down and you?ll see a ton of regular expressions.**** > > Add a new one like this:**** > > # ignore time changes to avoid hourly spam**** > > /^Time: / && next;**** > > **** > > Put that line in whatever section is generating the annoying timestamp.*** > * > > **** > > **** > > *From:* rancid-discuss-bounces at shrubbery.net [mailto: > rancid-discuss-bounces at shrubbery.net] *On Behalf Of *Pete Boynton > *Sent:* Wednesday, October 17, 2012 9:50 AM > *To:* rancid-discuss at shrubbery.net > *Subject:* [rancid] RANCID pulls hourly diff off NEXUS 5500 despite no > changes**** > > **** > > Hello, > > We are running version of 2.3.8 of RANCID. The problem we are having is > that every hour RANCID detects a change in the config and so it posts a new > page even though no chance has occurred. It detects the line: > > !Time: Wed Oct 17 06:00:06 2012 > > > has changed from the hour before, so I guess technically a change has > occurred and RANCID is doing what it was designed to do. However we are > getting spammed with versions that really don't tell us when an important > change has been made. This is only a problem on the NEXUS switches. > Everything else works fine. > > Question: > > 1. Is there a way to tell RANCID to ignore the line that begins with !Time? > > Thanks for any help you can give > > Pedro **** > > ** ** > -------------- next part -------------- An HTML attachment was scrubbed... URL: From istong at costar.com Thu Oct 18 10:25:56 2012 From: istong at costar.com (Ian Stong) Date: Thu, 18 Oct 2012 10:25:56 +0000 Subject: [rancid] F5 version 9.x with rancid Message-ID: <6ED7B4C44A4C234FA7427C0BFDF35A322B9D43E7@DCMBXPRD100.us.costar.local> Can someone post a copy of an f5rancid or other script that will work with rancid and F5's running version 9.x code. I found one using google but the line feeds were off and it won't run properly. Thanks in advance, Ian Stong -------------- next part -------------- An HTML attachment was scrubbed... URL: From morbiddk at gmail.com Thu Oct 18 19:24:37 2012 From: morbiddk at gmail.com (David Earp) Date: Thu, 18 Oct 2012 15:24:37 -0400 Subject: [rancid] FortiGate & VDOMs Message-ID: Hello all, hoping to get some assistance on pulling a 100% complete backup from a FortiGate device that utilizes VDOMs. It appears the default fnrancid and fnlogin makes the assumption that the device does not contain VDOMs and as such only backs up the initial logged in VDOM due to how VDOMs are handled within the FortiOS. It appears they are treating each VDOM as a completely separate virtual router and as such, pulling a backup for one section of the device, only pulls the configuration for that section. For example, a basic FG with a single vdom called root, will also contain a section called Global. If I backup the portion as I log directly in with, in this case , it will only contain configuration information for 'root' and will not contain anything from Global. On the reverse, if I log into Global and pull a config, same thing, only the configuration for the Global portion and nothing from VDOM root. Can anyone assist me in updating the fnrancid script to allow the script to move from Global into the root vdom? From Global, the following commands would need to be run to complete this: end config vdom edit root Thanks. -------------- next part -------------- An HTML attachment was scrubbed... URL: From ler762 at gmail.com Fri Oct 19 02:51:52 2012 From: ler762 at gmail.com (Lee) Date: Thu, 18 Oct 2012 22:51:52 -0400 Subject: [rancid] RANCID pulls hourly diff off NEXUS 5500 despite no changes In-Reply-To: References: Message-ID: Make sure the device type in router.db is cisco-nx ( ie: deviceName:cisco-nx:up ) nxrancid has a line (well... the 2.3.6 version has a line, I haven't upgraded yet) /^!Time: / && next; # kill this junk in sub WriteTerm to ignore lines that start with "!Time: " Regards, Lee On 10/17/12, Pete Boynton wrote: > Hello, > > We are running version of 2.3.8 of RANCID. The problem we are having is > that every hour RANCID detects a change in the config and so it posts a new > page even though no chance has occurred. It detects the line: > > !Time: Wed Oct 17 06:00:06 2012 > > > has changed from the hour before, so I guess technically a change has > occurred and RANCID is doing what it was designed to do. However we are > getting spammed with versions that really don't tell us when an important > change has been made. This is only a problem on the NEXUS switches. > Everything else works fine. > > Question: > > 1. Is there a way to tell RANCID to ignore the line that begins with !Time? > > Thanks for any help you can give > > Pedro > From istong at costar.com Fri Oct 19 11:42:56 2012 From: istong at costar.com (Ian Stong) Date: Fri, 19 Oct 2012 11:42:56 +0000 Subject: [rancid] F5 GTM specific commands Message-ID: <6ED7B4C44A4C234FA7427C0BFDF35A322B9D874A@DCMBXPRD100.us.costar.local> Hi, I have the basic f5rancid working against an F5 GTM. Does anyone have a customized version or a sample of what they are using specific to the f5 GTM? Thanks, Ian Stong From istong at costar.com Fri Oct 19 13:06:45 2012 From: istong at costar.com (Ian Stong) Date: Fri, 19 Oct 2012 13:06:45 +0000 Subject: [rancid] F5 GTM specific commands In-Reply-To: <6ED7B4C44A4C234FA7427C0BFDF35A322B9D874A@DCMBXPRD100.us.costar.local> References: <6ED7B4C44A4C234FA7427C0BFDF35A322B9D874A@DCMBXPRD100.us.costar.local> Message-ID: <6ED7B4C44A4C234FA7427C0BFDF35A322B9D89BD@DCMBXPRD100.us.costar.local> I figured out how to do some of the GTM specific commands and added them to the f5rancid script. The additions below capture the contents of the wideip.conf file and the named.conf file which are GTM specific (versus LTM). If you know of other content that would be valuable to capture from the GTM please let me know. # This routine parses "cat /config/gtm/wideip.conf" sub ShowWideip { my($line) = (0); print STDERR " In ShowWideip: $_" if ($debug); while () { tr/\015//d; # v9 software license does not have CR at EOF s/^#-+($prompt.*)/$1/; last if (/^$prompt/); next if (/^(\s*|\s*$cmd\s*)$/); return(1) if /^\s*\^\s*$/; return(1) if /(Invalid input detected|Type help or )/; return(-1) if (/command authorization failed/i); if (!$line++) { ProcessHistory("LICENSE","","","#\n#/config/gtm/wideip.conf:\n"); } ProcessHistory("LICENSE","","","# $_") && next; } return(0); } # This routine parses "cat /var/named/config/named.conf" sub ShowNamed { my($line) = (0); print STDERR " In ShowNamed: $_" if ($debug); while () { tr/\015//d; # v9 software license does not have CR at EOF s/^#-+($prompt.*)/$1/; last if (/^$prompt/); next if (/^(\s*|\s*$cmd\s*)$/); return(1) if /^\s*\^\s*$/; return(1) if /(Invalid input detected|Type help or )/; return(-1) if (/command authorization failed/i); if (!$line++) { ProcessHistory("LICENSE","","","#\n#/var/named/config/named.conf:\n"); } ProcessHistory("LICENSE","","","# $_") && next; } return(0); } # added the following two lines to the command history section {'cat /config/gtm/wideip.conf' => 'ShowWideip'}, {'cat /var/named/config/named.conf' => 'ShowNamed'}, Thanks, Ian -----Original Message----- From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Ian Stong Sent: Friday, October 19, 2012 7:43 AM To: rancid-discuss at shrubbery.net Subject: [rancid] F5 GTM specific commands Hi, I have the basic f5rancid working against an F5 GTM. Does anyone have a customized version or a sample of what they are using specific to the f5 GTM? Thanks, Ian Stong _______________________________________________ Rancid-discuss mailing list Rancid-discuss at shrubbery.net http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss From shouldbeq931 at gmail.com Sat Oct 20 13:59:54 2012 From: shouldbeq931 at gmail.com (shouldbe q931) Date: Sat, 20 Oct 2012 14:59:54 +0100 Subject: [rancid] Ambiguous command wiith Cisco 87x series routers Message-ID: Hi All, rancid version 2.3.8 running on Ubuntu 10.0.4 I've added a Cisco 877 router to rancid and noticed "!Flash: % Ambiguous command: "show flash"" as per the below ------------------------------------------------------------------------------- !RANCID-CONTENT-TYPE: cisco ! !Chassis type: 877 - a 877 router !CPU: MPC8272 ! !Memory: main 236544K/25600K !Memory: nvram 128K !Memory: flash 28672K ! !Processor ID: FCZ100721A3 ! ! !Image: Software: C870-ADVIPSERVICESK9-M, 15.1(4)M4, RELEASE SOFTWARE (fc1) !Image: Compiled: Wed 21-Mar-12 00:53 by prod_rel_team !Image: flash:c870-advipservicesk9-mz.151-4.M4.bin ! !ROM Bootstrap: Version 12.3(8r)YI6, RELEASE SOFTWARE !Flash: % Ambiguous command: "show flash" ! !Flash: nvram: Directory of nvram:/ !Flash: nvram: 114 -rw- 9427 startup-config !Flash: nvram: 115 ---- 3557 private-config !Flash: nvram: 116 -rw- 9427 underlying-config !Flash: nvram: 1 ---- 94 persistent-data !Flash: nvram: 2 -rw- 2945 cwmp_inventory !Flash: nvram: 5 -rw- 521 ifIndex-table !Flash: nvram: 131072 bytes total (112916 bytes free) ! ------------------------------------------------------------------------------- The cause would appear to be as per the below. ------------------------------------------------------------------------------- show flash? flash-strata info flash: ------------------------------------------------------------------------------- The device is configured in router.db as f.q.d.n:cisco:up Would anyone recommend a different module or patch for these routers? Cheers From scott.brynen at visioncritical.com Mon Oct 22 21:11:45 2012 From: scott.brynen at visioncritical.com (Scott Brynen) Date: Mon, 22 Oct 2012 21:11:45 +0000 Subject: [rancid] IRONPORT Support Message-ID: <48187E5711D3204C991CB60EC396B7546152856A@VCVANMAILMB1.vci.local> I've uploaded some updated scripts for the Ironport scripts I put out last month. Hopefully this will solve some of the little issues a couple of people reported to me http://www.snafu.ca/ironport.tgz -------------- next part -------------- An HTML attachment was scrubbed... URL: From mkorourke at gmail.com Tue Oct 23 09:56:41 2012 From: mkorourke at gmail.com (Mick O'Rourke) Date: Tue, 23 Oct 2012 20:56:41 +1100 Subject: [rancid] F5 BIG-IP devices - any tricks? In-Reply-To: <5DC4853C6CC3EE4788779E0726E034DD013C4727@zy-ex1.zyedge.local> References: <20120428072205.GA24822@shrubbery.net> <5DC4853C6CC3EE4788779E0726E034DD011A1D19@zy-ex1.zyedge.local> <5DC4853C6CC3EE4788779E0726E034DD011AAD54@zy-ex1.zyedge.local> <5DC4853C6CC3EE4788779E0726E034DD011D3210@zy-ex1.zyedge.local> <5DC4853C6CC3EE4788779E0726E034DD013C4727@zy-ex1.zyedge.local> Message-ID: Has anyone already done any work on the f5rancid script to work with F5 11.x configuration partitions? ie. read out /config/partition/partition_xyz/bigip.conf etc etc Looking at current master f5rancid from https://github.com/dotwaffle/rancid-git/tree/master/bin it doesn't appear to be present. Mick -------------- next part -------------- An HTML attachment was scrubbed... URL: From heas at shrubbery.net Wed Oct 24 17:56:03 2012 From: heas at shrubbery.net (heasley) Date: Wed, 24 Oct 2012 17:56:03 +0000 Subject: [rancid] *alpha* version of rancid 3.0 Message-ID: <20121024175603.GS79235@shrubbery.net> if you are not familiar with unix and perl, do not try this alpha version. i will not tutor users. that said, an alpha version of rancid 3.0 is available here: ftp://ftp.shrubbery.net/pub/rancid/alpha/rancid-3.0a.tar.gz it includes the typical updates + xirrus support. but, the bigger bit is the ability to more easily add device types (as referenced by router.db) and configure the commands collected for a given device type. it is a WiP, but its time for feedback. From ingard at jotta.no Thu Oct 25 08:25:54 2012 From: ingard at jotta.no (=?ISO-8859-1?Q?Ingard_Mev=E5g?=) Date: Thu, 25 Oct 2012 10:25:54 +0200 Subject: [rancid] supermicro switch Message-ID: Hi I'm just wondering if anyone is using rancid with SuperMicro switches? Regards Ingard From heas at shrubbery.net Thu Oct 25 12:15:32 2012 From: heas at shrubbery.net (Heasley) Date: Thu, 25 Oct 2012 07:15:32 -0500 Subject: [rancid] supermicro switch In-Reply-To: References: Message-ID: Am Oct 25, 2012 um 3:25 schrieb Ingard Mev?g : > Hi > > I'm just wondering if anyone is using rancid with SuperMicro switches? > They are most likely OEMs. Figure out whose, there may already be a module. > Regards > Ingard > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss From ler762 at gmail.com Sat Oct 27 00:37:53 2012 From: ler762 at gmail.com (Lee) Date: Fri, 26 Oct 2012 20:37:53 -0400 Subject: [rancid] *alpha* version of rancid 3.0 In-Reply-To: <20121024175603.GS79235@shrubbery.net> References: <20121024175603.GS79235@shrubbery.net> Message-ID: Do you have a change log? http://www.shrubbery.net/rancid/CHANGES only goes up to 2.3.8 Thanks, Lee On 10/24/12, heasley wrote: > if you are not familiar with unix and perl, do not try this alpha version. > i will not tutor users. that said, > > an alpha version of rancid 3.0 is available here: > ftp://ftp.shrubbery.net/pub/rancid/alpha/rancid-3.0a.tar.gz > > it includes the typical updates + xirrus support. but, the bigger bit is > the ability to more easily add device types (as referenced by router.db) > and configure the commands collected for a given device type. > > it is a WiP, but its time for feedback. > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > From heas at shrubbery.net Sat Oct 27 05:43:59 2012 From: heas at shrubbery.net (heasley) Date: Sat, 27 Oct 2012 05:43:59 +0000 Subject: [rancid] *alpha* version of rancid 3.0 In-Reply-To: References: <20121024175603.GS79235@shrubbery.net> Message-ID: <20121027054359.GC85152@shrubbery.net> Fri, Oct 26, 2012 at 08:37:53PM -0400, Lee: > Do you have a change log? > http://www.shrubbery.net/rancid/CHANGES only goes up to 2.3.8 the one in the tarball is complete. 3.0a implement grancid and rancid.types.{conf,base} collection configuration stuff. rancid, ios.pm: kill rx/txspeed on cellular modem cards cloginrc: add enablecmd directive, for clogin - Jason Greenberg lg.cgi: add cisco ios xr specific commands francid: filter new uptime on netiron switch fabrics - Roman Hochuli hlogin: add Login (capital L) as default login prompt - Johan Ryberg rancid,ios.pm: update ASA/PIX pre-shared-key format - Michael Hertrick *rancid: pass (INPUT,OUTPUT,$cmd) to filter functions rancid::base renamed rancid Add lib/ and bin/grancid to the build process *rancid: add -t option for rancid-fe to pass the device type from router.db. Mainly for grancid, but pass it to all scripts. router.db,rancid.types.*: change field separator to ';' (semi-colon) to allow for IPv6 addresses in router.db and avoid conflict with :s in device commands and perl module names *rancid: few variable name changes to match rancid::base arrancid: summarize flash remaining space jrancid: show version can terminate abnormally when unable to communicate with a daemon nxrancid: improve power supply wattage filtering further nxrancid: improve power supply wattage filtering - Zenon Mousmoulas jlogin: set cli screen-width to prevent cli from mucking with the command line in irritating ways - Jay Borkenhagen xrrancid: adjust for ARS9k RSP440 show version format anrancid: add arbor networks module *rancid: add the -C option rivlogin,jlogin,fnlogin: command-line option clean-up mtlogin: fix cloginrc timeout handling & clean-up command-line options xrancid: capture more info from show switch. xrrancid: filter changing files (*_cont) from nvram:. rancid: ignore "Load for five secs:" and "Time source is NTP" lines. rancid: remove LISP-MapCache files; fix date removal for dhcp & vlan.dat files in flash. nxrancid: delete the line with the "^" from the "Invalid command at" errors. hlogin: add "username" to prompt match for Cisco ACS 5.3 - Skye Hagen rancid: Filter issu_loc_lock and volt_cont files nxrancid: try to get show env power output to line up better. hrancid: ignore unrecognized command for "show system( |-)information" xirancid: xirrus support - Aaron Smith jrancid: filter $9$ at the FILTER_PWDS=YES level rancid: include fans in ShowEnv - Affa Pan fnlogin: correct check for ssh port setting - Robert Blayzor rancid: adjust snmp community filter for ASA version >=8.x - Skye Hagen Add MAILOPTS variable to rancid.conf - Matej Vela share/Makefile: missing MAIL* variables in sed script - Aaron Smith jrancid: distill used subscriber licenses to a percentage, else its forever changing. nxrancid: nx5000 generates spurious 'Permission denied' error for 'show debug' if command authorization is used - Per-Olof Olsson nxrancid: remove cisco ios residuals - Per-Olof Olsson hlogin: add "--" in comment to prevent older expect/tcl from interpretting "-," as an option. !@#&!#$ rancid, xrrancid: add KB to disk/flash bytes free filtering xrrancd: also filter temp_static_data rancid: filter LISP cache file number, size and date on IOS-XE LISP EFT and filter dhcp db and vlan.dat in the same manner, instead of removing clogin.1: note not using [#>] in prompts xrrancid: additional file filters for 4.2 hpuifilter: dont use memcpy for overlapping regions - David Byers From ler762 at gmail.com Sat Oct 27 14:06:52 2012 From: ler762 at gmail.com (Lee) Date: Sat, 27 Oct 2012 10:06:52 -0400 Subject: [rancid] *alpha* version of rancid 3.0 In-Reply-To: <20121027054359.GC85152@shrubbery.net> References: <20121024175603.GS79235@shrubbery.net> <20121027054359.GC85152@shrubbery.net> Message-ID: On 10/27/12, heasley wrote: > Fri, Oct 26, 2012 at 08:37:53PM -0400, Lee: >> Do you have a change log? >> http://www.shrubbery.net/rancid/CHANGES only goes up to 2.3.8 > > the one in the tarball is complete. It didn't even occur to me to look there. Oh well, I'll know better next time :) > 3.0a [.. snip long list ..] oh my, you've been busy! I'll give it a shot :) Thanks for the great work; I love rancid. Lee From heas at shrubbery.net Mon Oct 29 21:06:38 2012 From: heas at shrubbery.net (heasley) Date: Mon, 29 Oct 2012 21:06:38 +0000 Subject: [rancid] *alpha* version of rancid 3.0 In-Reply-To: References: <20121024175603.GS79235@shrubbery.net> <20121027054359.GC85152@shrubbery.net> Message-ID: <20121029210638.GW61164@shrubbery.net> few minor fixes added here: ftp://ftp.shrubbery.net/pub/rancid/alpha/rancid-3.0a1.tar.gz per-your other e-mail, note that : field separators in router.db have been changed to ;'s to allow for ipv6 addresses in the router.db file. also see supplied manpages for grancid and rancid.types.conf From peterjackson1610 at gmail.com Tue Oct 30 01:42:34 2012 From: peterjackson1610 at gmail.com (Peter Jackson) Date: Mon, 29 Oct 2012 21:42:34 -0400 Subject: [rancid] rancid login etc. for palo alto and silver peak In-Reply-To: References: Message-ID: Doug, I have setup your panrancid and panlogin and they are working fine. However, I just found that you can show the PA config in 'set' format (set cli config-output-format set) and I like that better than the defaul xml format. I would like to back up the configs this way but you have to go into configure mode in order to show the config in set format. I have tried to modify panlogin but I don't know expect well enough. I was actually trying to borrow the enable section from clogin because panlogin doesn't have a provision for enable mode and while it's not really enable mode that we're getting into, the prompts are the same, > and #. Any ideas? On Wed, Sep 12, 2012 at 11:53 AM, Hughes, Doug < Douglas.Hughes at deshawresearch.com> wrote: > Yes, it?s for the anti-virus and botnet stuff. If you don?t want those > diffs, you can comment that part out in the palorancid file.**** > > ** ** > > I thought it might be useful. I might disable it myself.**** > > ** ** > > *From:* Peter Jackson [mailto:peterjackson1610 at gmail.com] > *Sent:* Wednesday, September 12, 2012 6:02 AM > *To:* Hughes, Doug > *Cc:* rancid-discuss at shrubbery.net > *Subject:* Re: [rancid] rancid login etc. for palo alto and silver peak*** > * > > ** ** > > Doug, thanks for posting this. I have set this up for one of our PAs but > we get the following diffs every so often - not every other RANCID run, but > at least a few times a week. > > Have you seen anything like this? > > #RANCID-CONTENT-TYPE: paloalto > # > + exit > + admin at pa101> show > + admin at pa101> show config > + admin at pa101> show config running > > config { > shared { > ssl-decrypt { > > > #RANCID-CONTENT-TYPE: paloalto > # > - exit > - admin at pa101> show > - admin at pa101> show config > - admin at pa101> show config running > > config { > shared { > ssl-decrypt { > > **** > > On Tue, Aug 14, 2012 at 10:23 AM, Hughes, Doug < > Douglas.Hughes at deshawresearch.com> wrote:**** > > A few people have requested this, so I?m attaching the few hours of work I > put into making the rancid login/auth/archive for SilverPeak and for > PaloAlto devices. Both of these use ssh for authentication, but I didn?t > setup or test RSA key auth in either case. The SilverPeak has been tested > with ?enable? mode. By default they ship with no enable password. > (Apologies for the Windows style attachments.) Both have been copied from > another script and modified, so there?s probably quite a bit of cruft in > there that doesn?t need to be, but I cleaned up the worst of it. I?m sure > there are a lot of gratuitous regular expressions that could still be > eliminated.**** > > **** > > **** > > Here?s what you need in rancid-fe:**** > > **** > > %vendortable = (**** > > ?**** > > 'silverpeak' => 'silverrancid',**** > > 'paloalto' => 'panrancid',**** > > ?**** > > **** > > You can figure our .cloginrc yourself, just don?t forget the enable > password for the silverpeak, if you have any. ;)**** > > **** > > **** > > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss**** > > ** ** > -------------- next part -------------- An HTML attachment was scrubbed... URL: From heas at shrubbery.net Tue Oct 30 05:07:19 2012 From: heas at shrubbery.net (heasley) Date: Tue, 30 Oct 2012 05:07:19 +0000 Subject: [rancid] tntrancid & prancid Message-ID: <20121030050719.GX76526@shrubbery.net> Does anyone actually still have a TNT that is powered? How about Procket? if no one speaks up, I'll be removing them from the dist. thanks From ler762 at gmail.com Tue Oct 30 13:44:05 2012 From: ler762 at gmail.com (Lee) Date: Tue, 30 Oct 2012 09:44:05 -0400 Subject: [rancid] *alpha* version of rancid 3.0 In-Reply-To: <20121029210638.GW61164@shrubbery.net> References: <20121024175603.GS79235@shrubbery.net> <20121027054359.GC85152@shrubbery.net> <20121029210638.GW61164@shrubbery.net> Message-ID: On 10/29/12, heasley wrote: > > few minor fixes added here: > ftp://ftp.shrubbery.net/pub/rancid/alpha/rancid-3.0a1.tar.gz OK, I'll use that > per-your other e-mail, note that : field separators in router.db have > been changed to ;'s to allow for ipv6 addresses in the router.db file. Thank you! Made that change and it works for me now :) Lee From Douglas.Hughes at DEShawResearch.com Tue Oct 30 14:52:28 2012 From: Douglas.Hughes at DEShawResearch.com (Hughes, Doug) Date: Tue, 30 Oct 2012 14:52:28 +0000 Subject: [rancid] rancid login etc. for palo alto and silver peak In-Reply-To: References: Message-ID: The problem is that paloalto buffers all the commands and displays them twice, once while buffering them (as you type them rapidly to the prompt, as panlogin does), and a second time while executing them in series. This throws poor panrancid for a loop. In theory this is as easy as changing the command table, but in practice it means I likely have to modify both panlogin and panrancid to account for the double commands, otherwise the loop deletes after the first sight of a command, which has no output! Ick. From: Peter Jackson [mailto:peterjackson1610 at gmail.com] Sent: Monday, October 29, 2012 9:43 PM To: Hughes, Doug Cc: rancid-discuss at shrubbery.net Subject: Re: [rancid] rancid login etc. for palo alto and silver peak Doug, I have setup your panrancid and panlogin and they are working fine. However, I just found that you can show the PA config in 'set' format (set cli config-output-format set) and I like that better than the defaul xml format. I would like to back up the configs this way but you have to go into configure mode in order to show the config in set format. I have tried to modify panlogin but I don't know expect well enough. I was actually trying to borrow the enable section from clogin because panlogin doesn't have a provision for enable mode and while it's not really enable mode that we're getting into, the prompts are the same, > and #. Any ideas? On Wed, Sep 12, 2012 at 11:53 AM, Hughes, Doug > wrote: Yes, it's for the anti-virus and botnet stuff. If you don't want those diffs, you can comment that part out in the palorancid file. I thought it might be useful. I might disable it myself. From: Peter Jackson [mailto:peterjackson1610 at gmail.com] Sent: Wednesday, September 12, 2012 6:02 AM To: Hughes, Doug Cc: rancid-discuss at shrubbery.net Subject: Re: [rancid] rancid login etc. for palo alto and silver peak Doug, thanks for posting this. I have set this up for one of our PAs but we get the following diffs every so often - not every other RANCID run, but at least a few times a week. Have you seen anything like this? #RANCID-CONTENT-TYPE: paloalto # + exit + admin at pa101> show + admin at pa101> show config + admin at pa101> show config running config { shared { ssl-decrypt { #RANCID-CONTENT-TYPE: paloalto # - exit - admin at pa101> show - admin at pa101> show config - admin at pa101> show config running config { shared { ssl-decrypt { On Tue, Aug 14, 2012 at 10:23 AM, Hughes, Doug > wrote: A few people have requested this, so I'm attaching the few hours of work I put into making the rancid login/auth/archive for SilverPeak and for PaloAlto devices. Both of these use ssh for authentication, but I didn't setup or test RSA key auth in either case. The SilverPeak has been tested with 'enable' mode. By default they ship with no enable password. (Apologies for the Windows style attachments.) Both have been copied from another script and modified, so there's probably quite a bit of cruft in there that doesn't need to be, but I cleaned up the worst of it. I'm sure there are a lot of gratuitous regular expressions that could still be eliminated. Here's what you need in rancid-fe: %vendortable = ( ... 'silverpeak' => 'silverrancid', 'paloalto' => 'panrancid', ... You can figure our .cloginrc yourself, just don't forget the enable password for the silverpeak, if you have any. ;) _______________________________________________ Rancid-discuss mailing list Rancid-discuss at shrubbery.net http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss -------------- next part -------------- An HTML attachment was scrubbed... URL: From cgauthier at mapscu.com Tue Oct 30 18:04:25 2012 From: cgauthier at mapscu.com (Chris Gauthier) Date: Tue, 30 Oct 2012 11:04:25 -0700 Subject: [rancid] tntrancid & prancid In-Reply-To: <20121030050719.GX76526@shrubbery.net> References: <20121030050719.GX76526@shrubbery.net> Message-ID: -----Original Message----- From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of heasley Sent: Monday, October 29, 2012 10:07 PM To: rancid-discuss at shrubbery.net Subject: [rancid] tntrancid & prancid Does anyone actually still have a TNT that is powered? How about Procket? if no one speaks up, I'll be removing them from the dist. thanks _______________________________________________ -=-=-=-=-=-=-=-=- I've never heard of either platform, but I'm not an "old-timer" in the networking field either. (old >= 15 years in the field) LOL Chris ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ CONFIDENTIALITY NOTICE Attention: The information contained in this email and/or attachments is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and delete the material from any system and destroy any copies. From matthew at walster.org Wed Oct 31 12:13:57 2012 From: matthew at walster.org (Matthew Walster) Date: Wed, 31 Oct 2012 12:13:57 +0000 Subject: [rancid] F5 BIG-IP devices - any tricks? In-Reply-To: References: <20120428072205.GA24822@shrubbery.net> <5DC4853C6CC3EE4788779E0726E034DD011A1D19@zy-ex1.zyedge.local> <5DC4853C6CC3EE4788779E0726E034DD011AAD54@zy-ex1.zyedge.local> <5DC4853C6CC3EE4788779E0726E034DD011D3210@zy-ex1.zyedge.local> <5DC4853C6CC3EE4788779E0726E034DD013C4727@zy-ex1.zyedge.local> Message-ID: Mick, On 23 October 2012 10:56, Mick O'Rourke wrote: > Has anyone already done any work on the f5rancid script to work with F5 > 11.x configuration partitions? ie. read out > /config/partition/partition_xyz/bigip.conf etc etc > > Looking at current master f5rancid from > https://github.com/dotwaffle/rancid-git/tree/master/bin it doesn't appear > to be present. > I don't have an F5 running 11.x at the moment, but if you could supply an idea of the mapping, I'd be very interested. For instance, is it just a case of adding a glob such as "/config/partition/partition_*/bigip.conf" or is there something "new" that's going to make me sigh horrible? ;) M -------------- next part -------------- An HTML attachment was scrubbed... URL: From cstubbs at gmail.com Wed Oct 31 12:46:25 2012 From: cstubbs at gmail.com (Colin Stubbs) Date: Wed, 31 Oct 2012 12:46:25 +0000 Subject: [rancid] F5 BIG-IP devices - any tricks? In-Reply-To: References: <20120428072205.GA24822@shrubbery.net> <5DC4853C6CC3EE4788779E0726E034DD011A1D19@zy-ex1.zyedge.local> <5DC4853C6CC3EE4788779E0726E034DD011AAD54@zy-ex1.zyedge.local> <5DC4853C6CC3EE4788779E0726E034DD011D3210@zy-ex1.zyedge.local> <5DC4853C6CC3EE4788779E0726E034DD013C4727@zy-ex1.zyedge.local> Message-ID: Hey Matt I havn't done any more work on this recently. But my opinion is you will want to be using tmsh commands to get the partition configuration and not trying to dump files directly. You just won't get everything otherwise. http://blog.routedlogic.net/2011/12/08/rancid-monitoring-of-f5s-with-bigip-v11-x/ https://devcentral.f5.com/Community/GroupDetails/tabid/1082223/aft/2158962/asg/44/Default.aspx -Colin cstubbs @ gmail . com [smtp, g+, fb, msn] Phone: +61 488 000 977 Skype: c.stubbs Pub Key ID: 0xC857AC24 On 31 October 2012 12:13, Matthew Walster wrote: > Mick, > > On 23 October 2012 10:56, Mick O'Rourke wrote: > >> Has anyone already done any work on the f5rancid script to work with F5 >> 11.x configuration partitions? ie. read out >> /config/partition/partition_xyz/bigip.conf etc etc >> >> Looking at current master f5rancid from >> https://github.com/dotwaffle/rancid-git/tree/master/bin it doesn't >> appear to be present. >> > > I don't have an F5 running 11.x at the moment, but if you could supply an > idea of the mapping, I'd be very interested. For instance, is it just a > case of adding a glob such as "/config/partition/partition_*/bigip.conf" or > is there something "new" that's going to make me sigh horrible? ;) > > M > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > -------------- next part -------------- An HTML attachment was scrubbed... URL: From alligator94 at laposte.net Wed Oct 31 15:20:57 2012 From: alligator94 at laposte.net (alligator94) Date: Wed, 31 Oct 2012 16:20:57 +0100 Subject: [rancid] clogin with command file - special signs Message-ID: <20121031152107.3FF0A700005E@msfrf2504.sfr.fr> Dear all, I would like to use the command "clogin -x file.txt device-name" to add a snmp configuration in a lot of cisco devices. The community string includes the characters !@$ and the clogin command is rejected. I also have tried to use the -c option and to quote the commands, but I get the same error message ex : clogin -x "conf t ; snmp-server community rrr!@$ooo RW my_acl; end; wr; q" device_name I get the message : -su !@$ooo event not found Is there a workaround ? Thanks Gilles -------------- next part -------------- An HTML attachment was scrubbed... URL: From cgauthier at mapscu.com Wed Oct 31 15:36:33 2012 From: cgauthier at mapscu.com (Chris Gauthier) Date: Wed, 31 Oct 2012 08:36:33 -0700 Subject: [rancid] clogin with command file - special signs In-Reply-To: <20121031152107.3FF0A700005E@msfrf2504.sfr.fr> References: <20121031152107.3FF0A700005E@msfrf2504.sfr.fr> Message-ID: >From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of alligator94 >Sent: Wednesday, October 31, 2012 8:21 AM >To: rancid-discuss at shrubbery.net >Subject: [rancid] clogin with command file - special signs > >Dear all, > >I would like to use the command "clogin -x file.txt device-name" to add a snmp configuration in a lot of cisco devices. The community string includes the characters !@$ and the clogin command is rejected. >I also have tried to use the -c option and to quote the commands, but I get the same error message > >ex : >clogin -x "conf t ; snmp-server community rrr!@$ooo RW my_acl; end; wr; q" device_name > >I get the message : > >-su !@$ooo event not found > > >Is there a workaround ? > >Thanks >Gilles > I believe you can escape those characters or put them inside a single-quote to make it a more literal translation. I have given examples of both below. I think that option 1 will probably work better, but don't hold me to that. 1) clogin -x "conf t ; snmp-server community rrr\!\@\$ooo RW my_acl; end; wr; q" device_name 2) clogin -x 'conf t ; snmp-server community rrr!@$ooo RW my_acl; end; wr; q' device_name Chris ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ CONFIDENTIALITY NOTICE Attention: The information contained in this email and/or attachments is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and delete the material from any system and destroy any copies. From cgauthier at mapscu.com Wed Oct 31 15:51:29 2012 From: cgauthier at mapscu.com (Chris Gauthier) Date: Wed, 31 Oct 2012 08:51:29 -0700 Subject: [rancid] clogin with command file - special signs In-Reply-To: <20121031154754.GI9099@basement.net> References: <20121031152107.3FF0A700005E@msfrf2504.sfr.fr> <20121031154754.GI9099@basement.net> Message-ID: >-----Original Message----- >From: Trix Farrar [mailto:trix at basement.net] >Sent: Wednesday, October 31, 2012 8:48 AM >To: Chris Gauthier >Subject: Re: [rancid] clogin with command file - special signs > >On Wed, Oct 31, 2012 at 08:36:33AM -0700, Chris Gauthier wrote: >> 1) clogin -x "conf t ; snmp-server community rrr\!\@\$ooo RW my_acl; >> end; wr; q" device_name >> 2) clogin -x 'conf t ; snmp-server community rrr!@$ooo RW my_acl; end; >> wr; q' device_name > >I haven't tested either, but I don't think either of your examples will work. As I sent to OP, there are two levels of escaping that need to be done. I belive the correct approach will be to combine both of your examples by using single quotes on the command line -- to keep the shell from catching the '@' and '$' (and backslashes) -- and backslash escaping the special characters to keep the Tcl interprater from seeing them before they can be passed to the device. This >yields: > >3) clogin -x 'conf t ; snmp-server community rrr\!\@\$ooo RW my_acl; end; wr; q' device_name > > I did not even consider that the first time. Escaping special characters is not one of my strong points in the shell. I'm constantly having to tweak my grep strings for that very reason. Also, please post to the list next time so everyone can benefit from the knowledge. I know when you hit "Reply" that is not the default behavior, but the knowledge transfer is very useful. Chris ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ CONFIDENTIALITY NOTICE Attention: The information contained in this email and/or attachments is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and delete the material from any system and destroy any copies. From trix at basement.net Wed Oct 31 15:56:28 2012 From: trix at basement.net (Trix Farrar) Date: Wed, 31 Oct 2012 10:56:28 -0500 Subject: [rancid] clogin with command file - special signs In-Reply-To: References: <20121031152107.3FF0A700005E@msfrf2504.sfr.fr> Message-ID: <20121031155628.GJ9099@basement.net> On Wed, Oct 31, 2012 at 08:36:33AM -0700, Chris Gauthier wrote: > I believe you can escape those characters or put them inside a > single-quote to make it a more literal translation. I have given > examples of both below. I think that option 1 will probably work > better, but don't hold me to that. > > 1) clogin -x "conf t ; snmp-server community rrr\!\@\$ooo RW my_acl; end; wr; q" device_name > 2) clogin -x 'conf t ; snmp-server community rrr!@$ooo RW my_acl; end; wr; q' device_name > I haven't tested either, but I don't think either of your examples will work. As I sent to OP, there are two levels of escaping that need to be done. I belive the correct approach will be to combine both of your examples by using single quotes on the command line -- to keep the shell from catching the '@' and '$' (and backslashes) -- and backslash escaping the special characters to keep the Tcl interprater from seeing them before they can be passed to the device. This yields: 3) clogin -x 'conf t ; snmp-server community rrr\!\@\$ooo RW my_acl; end; wr; q' device_name (reposted to the list, by request) -- John D. "Trix" Farrar __\\|//__ Basement.NET trix at basement.net (` o-o ') http://www.basement.net/ --------------------------------ooO-(_)-Ooo-------------------------- GPG Key Fprint: 525F DBA7 1A62 E4C4 E642 DF95 384B B851 3CEF C10A -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 196 bytes Desc: not available URL: From alligator94 at laposte.net Wed Oct 31 17:15:01 2012 From: alligator94 at laposte.net (alligator94) Date: Wed, 31 Oct 2012 18:15:01 +0100 Subject: [rancid] clogin with command file - special signs (solved) In-Reply-To: Message-ID: <20121031171511.34EC4700075E@msfrf2508.sfr.fr> thanks all for your help. I have added the backslashes(even before "ooo") and it works fine now : rrr\!\@\$\ooo Regards, Gilles -----Message d'origine----- De?: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] De la part de Chris Gauthier Envoy??: mercredi 31 octobre 2012 16:37 ??: rancid-discuss at shrubbery.net Objet?: Re: [rancid] clogin with command file - special signs >From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of alligator94 >Sent: Wednesday, October 31, 2012 8:21 AM >To: rancid-discuss at shrubbery.net >Subject: [rancid] clogin with command file - special signs > >Dear all, > >I would like to use the command "clogin -x file.txt device-name" to add a snmp configuration in a lot of cisco devices. The community string includes the characters !@$ and the clogin command is rejected. >I also have tried to use the -c option and to quote the commands, but I get the same error message > >ex : >clogin -x "conf t ; snmp-server community rrr!@$ooo RW my_acl; end; wr; q" device_name > >I get the message : > >-su !@$ooo event not found > > >Is there a workaround ? > >Thanks >Gilles > I believe you can escape those characters or put them inside a single-quote to make it a more literal translation. I have given examples of both below. I think that option 1 will probably work better, but don't hold me to that. 1) clogin -x "conf t ; snmp-server community rrr\!\@\$ooo RW my_acl; end; wr; q" device_name 2) clogin -x 'conf t ; snmp-server community rrr!@$ooo RW my_acl; end; wr; q' device_name Chris ---------------------------------------------------------------------------- ---------------------------------------------------------------------------- ---------------------------------------------------------- CONFIDENTIALITY NOTICE Attention: The information contained in this email and/or attachments is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and delete the material from any system and destroy any copies. _______________________________________________ Rancid-discuss mailing list Rancid-discuss at shrubbery.net http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss From Douglas.Hughes at DEShawResearch.com Wed Oct 31 18:35:20 2012 From: Douglas.Hughes at DEShawResearch.com (Hughes, Doug) Date: Wed, 31 Oct 2012 18:35:20 +0000 Subject: [rancid] rancid login etc. for palo alto and silver peak In-Reply-To: References: Message-ID: I've unified this with the main so that the only real difference is in the commandtable to easily switch back and forth. It meant having to change the prompt regex to include # in configure mode, and some structural changes to panlogin and panrancid that should fix another person who had a problem recently. By default PaloAlto will do special word-based command interpretation, which means that the panlogin output, by default, looks like something strange for this command: "set cli pager off" $prompt> set^M$prompt> set cli^M$prompt> set cli pager^M$prompt> set cli pager off^M So, I needed to add in the command "set cli scripting-mode on" very early. Also for the configure mode transition, I had to modify prompt after collecting from both panlogin and panrancid. The > became [>#]. Also, it meant I had to modify ShowConfig to recognize the 2 very different syntaxes. Panrancid.set is the 'set' format variation. Panrancid is the xml format one. The only difference is in the command table, but you do need the new panlogin to be able to handle the command stepping, and the new panrancid to recognize the prompt correctly. From: Peter Jackson [mailto:peterjackson1610 at gmail.com] Sent: Monday, October 29, 2012 9:43 PM To: Hughes, Doug Cc: rancid-discuss at shrubbery.net Subject: Re: [rancid] rancid login etc. for palo alto and silver peak Doug, I have setup your panrancid and panlogin and they are working fine. However, I just found that you can show the PA config in 'set' format (set cli config-output-format set) and I like that better than the defaul xml format. I would like to back up the configs this way but you have to go into configure mode in order to show the config in set format. I have tried to modify panlogin but I don't know expect well enough. I was actually trying to borrow the enable section from clogin because panlogin doesn't have a provision for enable mode and while it's not really enable mode that we're getting into, the prompts are the same, > and #. Any ideas? On Wed, Sep 12, 2012 at 11:53 AM, Hughes, Doug > wrote: Yes, it's for the anti-virus and botnet stuff. If you don't want those diffs, you can comment that part out in the palorancid file. I thought it might be useful. I might disable it myself. From: Peter Jackson [mailto:peterjackson1610 at gmail.com] Sent: Wednesday, September 12, 2012 6:02 AM To: Hughes, Doug Cc: rancid-discuss at shrubbery.net Subject: Re: [rancid] rancid login etc. for palo alto and silver peak Doug, thanks for posting this. I have set this up for one of our PAs but we get the following diffs every so often - not every other RANCID run, but at least a few times a week. Have you seen anything like this? #RANCID-CONTENT-TYPE: paloalto # + exit + admin at pa101> show + admin at pa101> show config + admin at pa101> show config running config { shared { ssl-decrypt { #RANCID-CONTENT-TYPE: paloalto # - exit - admin at pa101> show - admin at pa101> show config - admin at pa101> show config running config { shared { ssl-decrypt { On Tue, Aug 14, 2012 at 10:23 AM, Hughes, Doug > wrote: A few people have requested this, so I'm attaching the few hours of work I put into making the rancid login/auth/archive for SilverPeak and for PaloAlto devices. Both of these use ssh for authentication, but I didn't setup or test RSA key auth in either case. The SilverPeak has been tested with 'enable' mode. By default they ship with no enable password. (Apologies for the Windows style attachments.) Both have been copied from another script and modified, so there's probably quite a bit of cruft in there that doesn't need to be, but I cleaned up the worst of it. I'm sure there are a lot of gratuitous regular expressions that could still be eliminated. Here's what you need in rancid-fe: %vendortable = ( ... 'silverpeak' => 'silverrancid', 'paloalto' => 'panrancid', ... You can figure our .cloginrc yourself, just don't forget the enable password for the silverpeak, if you have any. ;) _______________________________________________ Rancid-discuss mailing list Rancid-discuss at shrubbery.net http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: panlogin Type: application/octet-stream Size: 18111 bytes Desc: panlogin URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: panrancid Type: application/octet-stream Size: 8271 bytes Desc: panrancid URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: panrancid.set Type: application/octet-stream Size: 8404 bytes Desc: panrancid.set URL: