From ab at lists.gxis.de Wed Jun 4 08:44:03 2014 From: ab at lists.gxis.de (Alexander Bochmann) Date: Wed, 4 Jun 2014 10:44:03 +0200 Subject: [rancid] Cisco SG-500 configs? Message-ID: <20140604084403.GA15836@gxis.de> Hi, does anyone have rancid 2.3.x patches for Cisco SG-500 switches with current software? I've found several pieces of code that claim to support the SG series, but none of them acutally work. The new SG switches are quite IOS-like, but not enough to work with the normal clogin... Alex. From rancid at ale.cx Thu Jun 5 12:58:18 2014 From: rancid at ale.cx (Alex DEKKER) Date: Thu, 05 Jun 2014 13:58:18 +0100 Subject: [rancid] Cisco SG-500 configs? In-Reply-To: <20140604084403.GA15836@gxis.de> References: <20140604084403.GA15836@gxis.de> Message-ID: <5390696A.9030606@ale.cx> On 04/06/14 09:44, Alexander Bochmann wrote: > does anyone have rancid 2.3.x patches for Cisco SG-500 switches with current > software? I've found several pieces of code that claim to support the SG series, > but none of them acutally work. The new SG switches are quite IOS-like, but not > enough to work with the normal clogin... Have you tried this?: https://github.com/chrpinedo/rancid-cisco-sb I have deployed it on multiple Ubuntu 12.04 servers [RANCID 2.3.6] and have just done a 14.04 server today [2.3.8] and it seems to be OK. Also works with older SFE2k switches. Ahhh hang on, when you say current software, are you talking about newer switch firmwares? alexd From ab at lists.gxis.de Thu Jun 5 14:27:48 2014 From: ab at lists.gxis.de (Alexander Bochmann) Date: Thu, 5 Jun 2014 16:27:48 +0200 Subject: [rancid] Cisco SG-500 configs? In-Reply-To: <5390696A.9030606@ale.cx> References: <20140604084403.GA15836@gxis.de> <5390696A.9030606@ale.cx> Message-ID: <20140605142748.GA11298@gxis.de> Hi, ...on Thu, Jun 05, 2014 at 01:58:18PM +0100, Alex DEKKER wrote: > >does anyone have rancid 2.3.x patches for Cisco SG-500 switches with current > >software? I've found several pieces of code that claim to support the SG series, > Have you tried this?: > https://github.com/chrpinedo/rancid-cisco-sb Yes, and several variants of that one. > Ahhh hang on, when you say current software, are you talking about > newer switch firmwares? Exactly. For example, csbrancid wants to use an "lcli" command upon logging in that the current SG switches don't know about anymore - they expect an "enable"... > sg5>enable > Password:************ > sg5#sh ver > > Unit SW version Boot version HW version > ------------------- ------------------- ------------------- ------------------- > 1 1.3.7.18 1.3.7.01 V02 > > sg5#sh system > > Unit Type > ---- ---------------------- > 1 SG500-28 >[..] Alex. From rancid at ale.cx Thu Jun 5 15:07:18 2014 From: rancid at ale.cx (Alex DEKKER) Date: Thu, 05 Jun 2014 16:07:18 +0100 Subject: [rancid] Cisco SG-500 configs? In-Reply-To: <20140605142748.GA11298@gxis.de> References: <20140604084403.GA15836@gxis.de> <5390696A.9030606@ale.cx> <20140605142748.GA11298@gxis.de> Message-ID: <539087A6.5070502@ale.cx> On 05/06/14 15:27, Alexander Bochmann wrote: > ...on Thu, Jun 05, 2014 at 01:58:18PM +0100, Alex DEKKER wrote: > > > >does anyone have rancid 2.3.x patches for Cisco SG-500 switches with current > > >software? I've found several pieces of code that claim to support the SG series, > > Have you tried this?: > > https://github.com/chrpinedo/rancid-cisco-sb > > Yes, and several variants of that one. > > > Ahhh hang on, when you say current software, are you talking about > > newer switch firmwares? > > Exactly. For example, csbrancid wants to use an "lcli" command upon logging > in that the current SG switches don't know about anymore - they expect an > "enable"... Interesting. I have one install of RANCID with the rancid-cisco-sb patches as above that is polling an SGE, and SFE and SG500X all with the same device type. I was pleasantly surprised that it just seemed to know what to do all by itself... alexd From me at ale.cx Thu Jun 5 16:06:26 2014 From: me at ale.cx (Alex DEKKER) Date: Thu, 05 Jun 2014 17:06:26 +0100 Subject: [rancid] Cisco SG-500 configs? In-Reply-To: <539087A6.5070502@ale.cx> References: <20140604084403.GA15836@gxis.de> <5390696A.9030606@ale.cx> <20140605142748.GA11298@gxis.de> <539087A6.5070502@ale.cx> Message-ID: <53909582.7000204@ale.cx> > On 05/06/14 15:27, Alexander Bochmann wrote: >> >> Exactly. For example, csbrancid wants to use an "lcli" command upon >> logging >> in that the current SG switches don't know about anymore - they >> expect an >> "enable"... > I'm not an expect expert, but on line 361 of https://github.com/chrpinedo/rancid-cisco-sb/blob/master/src/csblogin I guess this is the start of a conditional, and it tries each possibility in that code block against what it sees. So if there is no menu bit, it never has to send the ^z and just goes straight for the credentials. alexd From rancid at ale.cx Thu Jun 5 16:07:14 2014 From: rancid at ale.cx (Alex DEKKER) Date: Thu, 05 Jun 2014 17:07:14 +0100 Subject: [rancid] Cisco SG-500 configs? In-Reply-To: <539087A6.5070502@ale.cx> References: <20140604084403.GA15836@gxis.de> <5390696A.9030606@ale.cx> <20140605142748.GA11298@gxis.de> <539087A6.5070502@ale.cx> Message-ID: <539095B2.2050501@ale.cx> > On 05/06/14 15:27, Alexander Bochmann wrote: >> >> Exactly. For example, csbrancid wants to use an "lcli" command upon >> logging >> in that the current SG switches don't know about anymore - they >> expect an >> "enable"... > I'm not an expect expert, but on line 361 of https://github.com/chrpinedo/rancid-cisco-sb/blob/master/src/csblogin I guess this is the start of a conditional, and it tries each possibility in that code block against what it sees. So if there is no menu bit, it never has to send the ^z then lcli and just goes straight for the credentials. alexd From lind108 at hotmail.com Thu Jun 5 18:24:41 2014 From: lind108 at hotmail.com (Kenneth Lind) Date: Thu, 5 Jun 2014 14:24:41 -0400 Subject: [rancid] Cisco 10k sflog Timestamp Cycling In-Reply-To: <20131107195600.GA45829@shrubbery.net> References: <5266DDB3.2010605@gmail.com> <20131030224147.GJ23534@shrubbery.net> <20131107194433.GA45338@shrubbery.net> <20131107195600.GA45829@shrubbery.net> Message-ID: This is a fairly old issue so I'm including the previous threads for what it's worth. We upgraded to Rancid v3.0 and then today to v3.1 without issue. The upgrade to 3.0a did hush the actual sflog diffs, however, we are still receiving noisy diffs related to the sflog/IPDR data and the fact that n bytes are stored in flash before being sent to the collector. What would be the best method to hush these diffs? Example of diffs: !Flash: sflog - !Flash: 821772288 bytes available (202817536 bytes used) + !Flash: 821805056 bytes available (202784768 bytes used) ! > -----Original Message----- > From: 'heasley' [mailto:heas at shrubbery.net] > Sent: Thursday, November 07, 2013 2:56 PM > To: Kenneth Lind > Subject: Re: [rancid] Cisco 10k sflog Timestamp Cycling > > Thu, Nov 07, 2013 at 07:44:33PM +0000, 'heasley': > > Thu, Oct 31, 2013 at 11:34:51AM -0400, Kenneth Lind: > > > > -----Original Message----- > > > > From: heasley [mailto:heas at shrubbery.net] > > > > Sent: Wednesday, October 30, 2013 6:42 PM > > > > To: Kenneth Lind > > > > Subject: Re: [rancid] Cisco 10k sflog Timestamp Cycling > > > > > > > > Tue, Oct 29, 2013 at 04:26:18PM -0400, Kenneth Lind: > > > > > > -----Original Message----- > > > > > > From: rancid-discuss-bounces at shrubbery.net > > > > > > [mailto:rancid-discuss- bounces at shrubbery.net] On Behalf Of > > > > > > Alan McKinnon > > > > > > Sent: Tuesday, October 22, 2013 4:19 PM > > > > > > To: rancid-discuss at shrubbery.net > > > > > > Subject: Re: [rancid] Cisco 10k sflog Timestamp Cycling > > > > > > > > > > > > On 22/10/2013 17:27, Kenneth Lind wrote: > > > > > > > We recently implemented IPDR on our Cisco 10K uBRs and are > > > > > > > now receiving diffs for every rancid run about the > timestamp > > > > > > > for the > > > > > > sflog: > > > > > > > > > > > > > > - !Flash: 6 0 Oct 22 2013 08:46:10 -04:00 sflog > > > > > > > + !Flash: 6 0 Oct 22 2013 09:37:28 -04:00 sflog > > > > > > > > > > > > > > We are running Rancid v2.3.6 which according to the change > > > > > > > log included the fix for this issue (though in our instance > > > > > > > it does not appear to be filtered, unless there is an > option > > > > > > > somewhere that we've missed to enable the filtering): > > > > > > > > > > > > > > rancid: filter sflog from DirSlotN() for IOS on cisco 10k > > > > > > > > > > > > > > I've been able to find mentions of the issue in the discuss > > > > > > > archives, but none have included a solution. Has anyone > been > > > > > > > able to hush the diffs for the sflog outside of creating a > > > > > > > new rancid type and > > > > > > altering > > > > > > > the command table to exclude the DirSlotN run? > > > > > > > > > > > > I'm not familiar with the 10k but Google indicates they will > > > > > > run regular IOS. Is that correct? > > > > > > > > > > 10k does run IOS. There are some specialized-for-the-purpose > > > > > commands/configuration, but it is still standard IOS > (12.2(33)). > > > > > > > > > > > > > > > > > The code in 2.3.6 does support what the Changelog says: > > > > > > > > > > > > sub DirSlotN { > > > > > > .... > > > > > > if ($ios eq "IOS" && > /^((\s+)?\d+\s+\S+)\s+\d+.*(sflog$)/) { > > > > > > $_ = "$1" . sprintf("%43s", "") . "$3\n"; > > > > > > } > > > > > > .... > > > > > > } > > > > > > > > > > > > but that regex does not match the output you quoted. maybe > > > > > > that was written for > > > > > > > > > > > > Personally, I would simply discard the entire line (you don't > > > > > > want to keep the timestamp and that is the very thing that is > > > > > > changing) so modify DirSlotN thusly (add it just before the > code above): > > > > > > > > > > > > next if ($ios eq "IOS" && /^Flash:.*? sflog$); > > > > > > > > > > > > that regex is quite simplistic, you might want to tweak it to > > > > > > be more specific. > > > > > > > > > > > > > > > > Heasley replied directly to me with the following diff from > > > > > Rancid > > > > v3.0a: > > > > > Index: lib/ios.pm.in > > > > > > =================================================================== > > > > > --- lib/ios.pm.in (revision 2731) > > > > > +++ lib/ios.pm.in (working copy) > > > > > @@ -884,7 +884,7 @@ > > > > > # to: > > > > > # -rw- vlan.dat > > > > > # -rw- > vlan.dat > > > > > - if (/(dhcp_[^. ]*\.txt|vlan\.dat)\s*$/) { > > > > > + if (/(dhcp_[^. ]*\.txt|vlan\.dat|sflog)\s*$/) { > > > > > if (/(\s*\d+)(\s+\S+\s+)(\d+)(\s+)(\w+ \d+\s+\d+ > > > > > \d+:\d+:\d+ > > > > > .\d+:\d+)/) { > > > > > my($fn, $a, $sz, $c, $dt, $rem) = ($1, $2, $3, $4, > $5, $'); > > > > > my($fnl, $szl, $dtl) = (length($fn), length($sz), > > > > length($dt)); @@ > > > > > -921,9 +921,6 @@ > > > > > if ($ios eq "XE" && > /^((\s+)?\d+\s+\S+)\s+\d+.*(tracelogs$)/) { > > > > > $_ = "$1" . sprintf("%43s", "") . "$3\n"; > > > > > } > > > > > - if ($ios eq "IOS" && /^((\s+)?\d+\s+\S+)\s+\d+.*(sflog$)/) > { > > > > > - $_ = "$1" . sprintf("%43s", "") . "$3\n"; > > > > > - } > > > > > # the pager can not be disabled per-session on the PIX > > > > > if (/^(<-+ More -+>)/) { > > > > > my($len) = length($1); > > > > > > > > > > > > > > > However, our stock Rancid v2.3.6 looks considerably different > > > > > and I wasn't able to find the correct location(s) to make the > changes. > > > > > > > > > > I created a proposed diff with changes matching our stock > Rancid > > > > > as follows and I wonder if anyone has any input (notice the > line > > > > > numbers are considerably different as well as the 'next if' > statement): > > > > > > > > and i replied about your diff below. did you try it? you can > try > > > > it without changing your installed based. ./rancid hostname; > diff > > > > ~rancid/group/ configs/hostname hostname.new > > > > > > > > > Applying the below proposed changes caused the following errors in > the log: > > > > > > Execution of /usr/local/rancid/bin/rancid aborted due to > compilation errors. > > > syntax error at /usr/local/rancid/bin/rancid line 759, near ") {" > > > Can't use global $1 in "my" at /usr/local/rancid/bin/rancid line > > > 761, near "($1" > > > Missing right curly or square bracket at > > > /usr/local/rancid/bin/rancid line 2085, at end of line > > > > the patch wasnt applied properly. > > > > > > > > > > > > > > Index: bin/rancid > > > > > > ================================================================ > > > > > === > > > > > @@ -757,9 +757,9 @@ > > > > > if ($dev =~ /bootflash/) { > > > > > next if (/temp_cont\s*$/); > > > > > next if (/uptime_cont\s*$/); > > > > > } > > > > > # Filter dhcp database > > > > > - next if (/dhcp_[^. ]*\.txt/); > > > > > + next if (/(dhcp_[^. ]*\.txt|vlan\.dat|sflog)\s*$/) { > > > > eg: next is not valid there. you could just move to rancid 3.0aN, > > else you will have to correct the application of the patch. > > btw, you need ftp://ftp.shrubbery.net/pub/rancid/alpha/rancid- > 3.0a3.tar.gz > then apply the patch i'd sent to you. > > > > > > + if (/(\s*\d+)(\s+\S+\s+)(\d+)(\s+)(\w+ \d+\s+\d+ > > > > > + \d+:\d+:\d+ > > > > > .\d+:\d+)/) { > > > > > + my($fn, $a, $sz, $c, $dt, $rem) = ($1, $2, $3, $4, > $5, $'); > > > > > + my($fnl, $szl, $dtl) = (length($fn), length($sz), > > > > > length($dt)); > > > > > > > > > > if ($ios eq "XE" && /.*\((\d+) bytes free\)/) { > > > > > my($tmp) = $1; > > > > > if ($tmp >= (1024 * 1024 * 1024)) { > > > > > $tmp = int($tmp / (1024 * 1024 * 1024)); > > > > > s/$1 bytes free/$tmp GB free/; > > > > > } else { > > > > > $tmp = int($tmp / (1024 * 1024)); > > > > > s/$1 bytes free/$tmp MB free/; > > > > > } > > > > > } > > > > > if ($ios eq "XE" && > > > > > /^((\s+)?\d+\s+\S+)\s+\d+.*(tracelogs$)/) > > > > { > > > > > $_ = "$1" . sprintf("%43s", "") . "$3\n"; > > > > > } > > > > > > > > > > @@ -772,9 +772,9 @@ > > > > > } > > > > > } > > > > > if ($ios eq "XE" && > > > > > /^((\s+)?\d+\s+\S+)\s+\d+.*(tracelogs$)/) > > > > { > > > > > $_ = "$1" . sprintf("%43s", "") . "$3\n"; > > > > > } > > > > > - if ($ios eq "IOS" && > /^((\s+)?\d+\s+\S+)\s+\d+.*(sflog$)/) { > > > > > - $_ = "$1" . sprintf("%43s", "") . "$3\n"; > > > > > - } > > > > > # the pager can not be disabled per-session on the PIX > > > > > if (/^(<-+ More -+>)/) { > > > > > my($len) = length($1); > > > > > s/^$1\s{$len}//; > > > > > > > > > > > Don't stress about maintaining your own patches to make the > > > > > > rancid scripts do what you intent - every installation I know > > > > > > of accumulating a rather large number of them :-) It seems > to > > > > > > be inevitable considering the problem we are all using rancid > > > > > > to > > > > solve. > > > > > > > > > > > > > > > > > > -- > > > > > > Alan McKinnon > > > > > > alan.mckinnon at gmail.com > > > > > > > > > > > > _______________________________________________ > > > > > > Rancid-discuss mailing list > > > > > > Rancid-discuss at shrubbery.net > > > > > > http://www.shrubbery.net/mailman/listinfo/rancid-discuss > > > > > > > > > > _______________________________________________ > > > > > Rancid-discuss mailing list > > > > > Rancid-discuss at shrubbery.net > > > > > http://www.shrubbery.net/mailman/listinfo/rancid-discuss From alan.mckinnon at gmail.com Thu Jun 5 21:10:02 2014 From: alan.mckinnon at gmail.com (Alan McKinnon) Date: Thu, 05 Jun 2014 23:10:02 +0200 Subject: [rancid] Cisco 10k sflog Timestamp Cycling In-Reply-To: References: <5266DDB3.2010605@gmail.com> <20131030224147.GJ23534@shrubbery.net> <20131107194433.GA45338@shrubbery.net> <20131107195600.GA45829@shrubbery.net> Message-ID: <5390DCAA.7030609@gmail.com> I've implemented a general-case solution for this problem and plan to publish the patch here in a few days. Stay tuned. My patch is based off 2.3.8 so you may need to update your 3.1 code by hand. Shouldn't be too hard, the code itself is obvious. On 05/06/2014 20:24, Kenneth Lind wrote: > This is a fairly old issue so I'm including the previous threads for what > it's worth. We upgraded to Rancid v3.0 and then today to v3.1 without issue. > The upgrade to 3.0a did hush the actual sflog diffs, however, we are still > receiving noisy diffs related to the sflog/IPDR data and the fact that n > bytes are stored in flash before being sent to the collector. > > What would be the best method to hush these diffs? > > Example of diffs: > !Flash: sflog > - !Flash: 821772288 bytes available (202817536 bytes used) > + !Flash: 821805056 bytes available (202784768 bytes used) > ! > > >> -----Original Message----- >> From: 'heasley' [mailto:heas at shrubbery.net] >> Sent: Thursday, November 07, 2013 2:56 PM >> To: Kenneth Lind >> Subject: Re: [rancid] Cisco 10k sflog Timestamp Cycling >> >> Thu, Nov 07, 2013 at 07:44:33PM +0000, 'heasley': >>> Thu, Oct 31, 2013 at 11:34:51AM -0400, Kenneth Lind: >>>>> -----Original Message----- >>>>> From: heasley [mailto:heas at shrubbery.net] >>>>> Sent: Wednesday, October 30, 2013 6:42 PM >>>>> To: Kenneth Lind >>>>> Subject: Re: [rancid] Cisco 10k sflog Timestamp Cycling >>>>> >>>>> Tue, Oct 29, 2013 at 04:26:18PM -0400, Kenneth Lind: >>>>>>> -----Original Message----- >>>>>>> From: rancid-discuss-bounces at shrubbery.net >>>>>>> [mailto:rancid-discuss- bounces at shrubbery.net] On Behalf Of >>>>>>> Alan McKinnon >>>>>>> Sent: Tuesday, October 22, 2013 4:19 PM >>>>>>> To: rancid-discuss at shrubbery.net >>>>>>> Subject: Re: [rancid] Cisco 10k sflog Timestamp Cycling >>>>>>> >>>>>>> On 22/10/2013 17:27, Kenneth Lind wrote: >>>>>>>> We recently implemented IPDR on our Cisco 10K uBRs and are >>>>>>>> now receiving diffs for every rancid run about the >> timestamp >>>>>>>> for the >>>>>>> sflog: >>>>>>>> >>>>>>>> - !Flash: 6 0 Oct 22 2013 08:46:10 -04:00 sflog >>>>>>>> + !Flash: 6 0 Oct 22 2013 09:37:28 -04:00 sflog >>>>>>>> >>>>>>>> We are running Rancid v2.3.6 which according to the change >>>>>>>> log included the fix for this issue (though in our instance >>>>>>>> it does not appear to be filtered, unless there is an >> option >>>>>>>> somewhere that we've missed to enable the filtering): >>>>>>>> >>>>>>>> rancid: filter sflog from DirSlotN() for IOS on cisco 10k >>>>>>>> >>>>>>>> I've been able to find mentions of the issue in the discuss >>>>>>>> archives, but none have included a solution. Has anyone >> been >>>>>>>> able to hush the diffs for the sflog outside of creating a >>>>>>>> new rancid type and >>>>>>> altering >>>>>>>> the command table to exclude the DirSlotN run? >>>>>>> >>>>>>> I'm not familiar with the 10k but Google indicates they will >>>>>>> run regular IOS. Is that correct? >>>>>> >>>>>> 10k does run IOS. There are some specialized-for-the-purpose >>>>>> commands/configuration, but it is still standard IOS >> (12.2(33)). >>>>>> >>>>>>> >>>>>>> The code in 2.3.6 does support what the Changelog says: >>>>>>> >>>>>>> sub DirSlotN { >>>>>>> .... >>>>>>> if ($ios eq "IOS" && >> /^((\s+)?\d+\s+\S+)\s+\d+.*(sflog$)/) { >>>>>>> $_ = "$1" . sprintf("%43s", "") . "$3\n"; >>>>>>> } >>>>>>> .... >>>>>>> } >>>>>>> >>>>>>> but that regex does not match the output you quoted. maybe >>>>>>> that was written for >>>>>>> >>>>>>> Personally, I would simply discard the entire line (you don't >>>>>>> want to keep the timestamp and that is the very thing that is >>>>>>> changing) so modify DirSlotN thusly (add it just before the >> code above): >>>>>>> >>>>>>> next if ($ios eq "IOS" && /^Flash:.*? sflog$); >>>>>>> >>>>>>> that regex is quite simplistic, you might want to tweak it to >>>>>>> be more specific. >>>>>>> >>>>>> >>>>>> Heasley replied directly to me with the following diff from >>>>>> Rancid >>>>> v3.0a: >>>>>> Index: lib/ios.pm.in >>>>>> >> =================================================================== >>>>>> --- lib/ios.pm.in (revision 2731) >>>>>> +++ lib/ios.pm.in (working copy) >>>>>> @@ -884,7 +884,7 @@ >>>>>> # to: >>>>>> # -rw- vlan.dat >>>>>> # -rw- >> vlan.dat >>>>>> - if (/(dhcp_[^. ]*\.txt|vlan\.dat)\s*$/) { >>>>>> + if (/(dhcp_[^. ]*\.txt|vlan\.dat|sflog)\s*$/) { >>>>>> if (/(\s*\d+)(\s+\S+\s+)(\d+)(\s+)(\w+ \d+\s+\d+ >>>>>> \d+:\d+:\d+ >>>>>> .\d+:\d+)/) { >>>>>> my($fn, $a, $sz, $c, $dt, $rem) = ($1, $2, $3, $4, >> $5, $'); >>>>>> my($fnl, $szl, $dtl) = (length($fn), length($sz), >>>>> length($dt)); @@ >>>>>> -921,9 +921,6 @@ >>>>>> if ($ios eq "XE" && >> /^((\s+)?\d+\s+\S+)\s+\d+.*(tracelogs$)/) { >>>>>> $_ = "$1" . sprintf("%43s", "") . "$3\n"; >>>>>> } >>>>>> - if ($ios eq "IOS" && /^((\s+)?\d+\s+\S+)\s+\d+.*(sflog$)/) >> { >>>>>> - $_ = "$1" . sprintf("%43s", "") . "$3\n"; >>>>>> - } >>>>>> # the pager can not be disabled per-session on the PIX >>>>>> if (/^(<-+ More -+>)/) { >>>>>> my($len) = length($1); >>>>>> >>>>>> >>>>>> However, our stock Rancid v2.3.6 looks considerably different >>>>>> and I wasn't able to find the correct location(s) to make the >> changes. >>>>>> >>>>>> I created a proposed diff with changes matching our stock >> Rancid >>>>>> as follows and I wonder if anyone has any input (notice the >> line >>>>>> numbers are considerably different as well as the 'next if' >> statement): >>>>> >>>>> and i replied about your diff below. did you try it? you can >> try >>>>> it without changing your installed based. ./rancid hostname; >> diff >>>>> ~rancid/group/ configs/hostname hostname.new >>>> >>>> >>>> Applying the below proposed changes caused the following errors in >> the log: >>>> >>>> Execution of /usr/local/rancid/bin/rancid aborted due to >> compilation errors. >>>> syntax error at /usr/local/rancid/bin/rancid line 759, near ") {" >>>> Can't use global $1 in "my" at /usr/local/rancid/bin/rancid line >>>> 761, near "($1" >>>> Missing right curly or square bracket at >>>> /usr/local/rancid/bin/rancid line 2085, at end of line >>> >>> the patch wasnt applied properly. >>> >>>> >>>>> >>>>>> Index: bin/rancid >>>>>> >> ================================================================ >>>>>> === >>>>>> @@ -757,9 +757,9 @@ >>>>>> if ($dev =~ /bootflash/) { >>>>>> next if (/temp_cont\s*$/); >>>>>> next if (/uptime_cont\s*$/); >>>>>> } >>>>>> # Filter dhcp database >>>>>> - next if (/dhcp_[^. ]*\.txt/); >>>>>> + next if (/(dhcp_[^. ]*\.txt|vlan\.dat|sflog)\s*$/) { >>> >>> eg: next is not valid there. you could just move to rancid 3.0aN, >>> else you will have to correct the application of the patch. >> >> btw, you need ftp://ftp.shrubbery.net/pub/rancid/alpha/rancid- >> 3.0a3.tar.gz >> then apply the patch i'd sent to you. >> >>>>>> + if (/(\s*\d+)(\s+\S+\s+)(\d+)(\s+)(\w+ \d+\s+\d+ >>>>>> + \d+:\d+:\d+ >>>>>> .\d+:\d+)/) { >>>>>> + my($fn, $a, $sz, $c, $dt, $rem) = ($1, $2, $3, $4, >> $5, $'); >>>>>> + my($fnl, $szl, $dtl) = (length($fn), length($sz), >>>>>> length($dt)); >>>>>> >>>>>> if ($ios eq "XE" && /.*\((\d+) bytes free\)/) { >>>>>> my($tmp) = $1; >>>>>> if ($tmp >= (1024 * 1024 * 1024)) { >>>>>> $tmp = int($tmp / (1024 * 1024 * 1024)); >>>>>> s/$1 bytes free/$tmp GB free/; >>>>>> } else { >>>>>> $tmp = int($tmp / (1024 * 1024)); >>>>>> s/$1 bytes free/$tmp MB free/; >>>>>> } >>>>>> } >>>>>> if ($ios eq "XE" && >>>>>> /^((\s+)?\d+\s+\S+)\s+\d+.*(tracelogs$)/) >>>>> { >>>>>> $_ = "$1" . sprintf("%43s", "") . "$3\n"; >>>>>> } >>>>>> >>>>>> @@ -772,9 +772,9 @@ >>>>>> } >>>>>> } >>>>>> if ($ios eq "XE" && >>>>>> /^((\s+)?\d+\s+\S+)\s+\d+.*(tracelogs$)/) >>>>> { >>>>>> $_ = "$1" . sprintf("%43s", "") . "$3\n"; >>>>>> } >>>>>> - if ($ios eq "IOS" && >> /^((\s+)?\d+\s+\S+)\s+\d+.*(sflog$)/) { >>>>>> - $_ = "$1" . sprintf("%43s", "") . "$3\n"; >>>>>> - } >>>>>> # the pager can not be disabled per-session on the PIX >>>>>> if (/^(<-+ More -+>)/) { >>>>>> my($len) = length($1); >>>>>> s/^$1\s{$len}//; >>>>>> >>>>>>> Don't stress about maintaining your own patches to make the >>>>>>> rancid scripts do what you intent - every installation I know >>>>>>> of accumulating a rather large number of them :-) It seems >> to >>>>>>> be inevitable considering the problem we are all using rancid >>>>>>> to >>>>> solve. >>>>>>> >>>>>>> >>>>>>> -- >>>>>>> Alan McKinnon >>>>>>> alan.mckinnon at gmail.com >>>>>>> >>>>>>> _______________________________________________ >>>>>>> Rancid-discuss mailing list >>>>>>> Rancid-discuss at shrubbery.net >>>>>>> http://www.shrubbery.net/mailman/listinfo/rancid-discuss >>>>>> >>>>>> _______________________________________________ >>>>>> Rancid-discuss mailing list >>>>>> Rancid-discuss at shrubbery.net >>>>>> http://www.shrubbery.net/mailman/listinfo/rancid-discuss > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss > -- Alan McKinnon alan.mckinnon at gmail.com From heas at shrubbery.net Thu Jun 5 21:26:36 2014 From: heas at shrubbery.net (heasley) Date: Thu, 5 Jun 2014 21:26:36 +0000 Subject: [rancid] Cisco 10k sflog Timestamp Cycling In-Reply-To: References: <5266DDB3.2010605@gmail.com> <20131030224147.GJ23534@shrubbery.net> <20131107194433.GA45338@shrubbery.net> <20131107195600.GA45829@shrubbery.net> Message-ID: <20140605212636.GA67080@shrubbery.net> Thu, Jun 05, 2014 at 02:24:41PM -0400, Kenneth Lind: > This is a fairly old issue so I'm including the previous threads for what > it's worth. We upgraded to Rancid v3.0 and then today to v3.1 without issue. > The upgrade to 3.0a did hush the actual sflog diffs, however, we are still > receiving noisy diffs related to the sflog/IPDR data and the fact that n > bytes are stored in flash before being sent to the collector. > > What would be the best method to hush these diffs? > > Example of diffs: > !Flash: sflog > - !Flash: 821772288 bytes available (202817536 bytes used) > + !Flash: 821805056 bytes available (202784768 bytes used) would you show me the output of the command 'dir' or 'show flash' for whatever device this is? it should be replacing that line with a sumarry line that ought to be less annoying. > > > > -----Original Message----- > > From: 'heasley' [mailto:heas at shrubbery.net] > > Sent: Thursday, November 07, 2013 2:56 PM > > To: Kenneth Lind > > Subject: Re: [rancid] Cisco 10k sflog Timestamp Cycling > > > > Thu, Nov 07, 2013 at 07:44:33PM +0000, 'heasley': > > > Thu, Oct 31, 2013 at 11:34:51AM -0400, Kenneth Lind: > > > > > -----Original Message----- > > > > > From: heasley [mailto:heas at shrubbery.net] > > > > > Sent: Wednesday, October 30, 2013 6:42 PM > > > > > To: Kenneth Lind > > > > > Subject: Re: [rancid] Cisco 10k sflog Timestamp Cycling > > > > > > > > > > Tue, Oct 29, 2013 at 04:26:18PM -0400, Kenneth Lind: > > > > > > > -----Original Message----- > > > > > > > From: rancid-discuss-bounces at shrubbery.net > > > > > > > [mailto:rancid-discuss- bounces at shrubbery.net] On Behalf Of > > > > > > > Alan McKinnon > > > > > > > Sent: Tuesday, October 22, 2013 4:19 PM > > > > > > > To: rancid-discuss at shrubbery.net > > > > > > > Subject: Re: [rancid] Cisco 10k sflog Timestamp Cycling > > > > > > > > > > > > > > On 22/10/2013 17:27, Kenneth Lind wrote: > > > > > > > > We recently implemented IPDR on our Cisco 10K uBRs and are > > > > > > > > now receiving diffs for every rancid run about the > > timestamp > > > > > > > > for the > > > > > > > sflog: > > > > > > > > > > > > > > > > - !Flash: 6 0 Oct 22 2013 08:46:10 -04:00 sflog > > > > > > > > + !Flash: 6 0 Oct 22 2013 09:37:28 -04:00 sflog > > > > > > > > > > > > > > > > We are running Rancid v2.3.6 which according to the change > > > > > > > > log included the fix for this issue (though in our instance > > > > > > > > it does not appear to be filtered, unless there is an > > option > > > > > > > > somewhere that we've missed to enable the filtering): > > > > > > > > > > > > > > > > rancid: filter sflog from DirSlotN() for IOS on cisco 10k > > > > > > > > > > > > > > > > I've been able to find mentions of the issue in the discuss > > > > > > > > archives, but none have included a solution. Has anyone > > been > > > > > > > > able to hush the diffs for the sflog outside of creating a > > > > > > > > new rancid type and > > > > > > > altering > > > > > > > > the command table to exclude the DirSlotN run? > > > > > > > > > > > > > > I'm not familiar with the 10k but Google indicates they will > > > > > > > run regular IOS. Is that correct? > > > > > > > > > > > > 10k does run IOS. There are some specialized-for-the-purpose > > > > > > commands/configuration, but it is still standard IOS > > (12.2(33)). > > > > > > > > > > > > > > > > > > > > The code in 2.3.6 does support what the Changelog says: > > > > > > > > > > > > > > sub DirSlotN { > > > > > > > .... > > > > > > > if ($ios eq "IOS" && > > /^((\s+)?\d+\s+\S+)\s+\d+.*(sflog$)/) { > > > > > > > $_ = "$1" . sprintf("%43s", "") . "$3\n"; > > > > > > > } > > > > > > > .... > > > > > > > } > > > > > > > > > > > > > > but that regex does not match the output you quoted. maybe > > > > > > > that was written for > > > > > > > > > > > > > > Personally, I would simply discard the entire line (you don't > > > > > > > want to keep the timestamp and that is the very thing that is > > > > > > > changing) so modify DirSlotN thusly (add it just before the > > code above): > > > > > > > > > > > > > > next if ($ios eq "IOS" && /^Flash:.*? sflog$); > > > > > > > > > > > > > > that regex is quite simplistic, you might want to tweak it to > > > > > > > be more specific. > > > > > > > > > > > > > > > > > > > Heasley replied directly to me with the following diff from > > > > > > Rancid > > > > > v3.0a: > > > > > > Index: lib/ios.pm.in > > > > > > > > =================================================================== > > > > > > --- lib/ios.pm.in (revision 2731) > > > > > > +++ lib/ios.pm.in (working copy) > > > > > > @@ -884,7 +884,7 @@ > > > > > > # to: > > > > > > # -rw- vlan.dat > > > > > > # -rw- > > vlan.dat > > > > > > - if (/(dhcp_[^. ]*\.txt|vlan\.dat)\s*$/) { > > > > > > + if (/(dhcp_[^. ]*\.txt|vlan\.dat|sflog)\s*$/) { > > > > > > if (/(\s*\d+)(\s+\S+\s+)(\d+)(\s+)(\w+ \d+\s+\d+ > > > > > > \d+:\d+:\d+ > > > > > > .\d+:\d+)/) { > > > > > > my($fn, $a, $sz, $c, $dt, $rem) = ($1, $2, $3, $4, > > $5, $'); > > > > > > my($fnl, $szl, $dtl) = (length($fn), length($sz), > > > > > length($dt)); @@ > > > > > > -921,9 +921,6 @@ > > > > > > if ($ios eq "XE" && > > /^((\s+)?\d+\s+\S+)\s+\d+.*(tracelogs$)/) { > > > > > > $_ = "$1" . sprintf("%43s", "") . "$3\n"; > > > > > > } > > > > > > - if ($ios eq "IOS" && /^((\s+)?\d+\s+\S+)\s+\d+.*(sflog$)/) > > { > > > > > > - $_ = "$1" . sprintf("%43s", "") . "$3\n"; > > > > > > - } > > > > > > # the pager can not be disabled per-session on the PIX > > > > > > if (/^(<-+ More -+>)/) { > > > > > > my($len) = length($1); > > > > > > > > > > > > > > > > > > However, our stock Rancid v2.3.6 looks considerably different > > > > > > and I wasn't able to find the correct location(s) to make the > > changes. > > > > > > > > > > > > I created a proposed diff with changes matching our stock > > Rancid > > > > > > as follows and I wonder if anyone has any input (notice the > > line > > > > > > numbers are considerably different as well as the 'next if' > > statement): > > > > > > > > > > and i replied about your diff below. did you try it? you can > > try > > > > > it without changing your installed based. ./rancid hostname; > > diff > > > > > ~rancid/group/ configs/hostname hostname.new > > > > > > > > > > > > Applying the below proposed changes caused the following errors in > > the log: > > > > > > > > Execution of /usr/local/rancid/bin/rancid aborted due to > > compilation errors. > > > > syntax error at /usr/local/rancid/bin/rancid line 759, near ") {" > > > > Can't use global $1 in "my" at /usr/local/rancid/bin/rancid line > > > > 761, near "($1" > > > > Missing right curly or square bracket at > > > > /usr/local/rancid/bin/rancid line 2085, at end of line > > > > > > the patch wasnt applied properly. > > > > > > > > > > > > > > > > > > Index: bin/rancid > > > > > > > > ================================================================ > > > > > > === > > > > > > @@ -757,9 +757,9 @@ > > > > > > if ($dev =~ /bootflash/) { > > > > > > next if (/temp_cont\s*$/); > > > > > > next if (/uptime_cont\s*$/); > > > > > > } > > > > > > # Filter dhcp database > > > > > > - next if (/dhcp_[^. ]*\.txt/); > > > > > > + next if (/(dhcp_[^. ]*\.txt|vlan\.dat|sflog)\s*$/) { > > > > > > eg: next is not valid there. you could just move to rancid 3.0aN, > > > else you will have to correct the application of the patch. > > > > btw, you need ftp://ftp.shrubbery.net/pub/rancid/alpha/rancid- > > 3.0a3.tar.gz > > then apply the patch i'd sent to you. > > > > > > > > + if (/(\s*\d+)(\s+\S+\s+)(\d+)(\s+)(\w+ \d+\s+\d+ > > > > > > + \d+:\d+:\d+ > > > > > > .\d+:\d+)/) { > > > > > > + my($fn, $a, $sz, $c, $dt, $rem) = ($1, $2, $3, $4, > > $5, $'); > > > > > > + my($fnl, $szl, $dtl) = (length($fn), length($sz), > > > > > > length($dt)); > > > > > > > > > > > > if ($ios eq "XE" && /.*\((\d+) bytes free\)/) { > > > > > > my($tmp) = $1; > > > > > > if ($tmp >= (1024 * 1024 * 1024)) { > > > > > > $tmp = int($tmp / (1024 * 1024 * 1024)); > > > > > > s/$1 bytes free/$tmp GB free/; > > > > > > } else { > > > > > > $tmp = int($tmp / (1024 * 1024)); > > > > > > s/$1 bytes free/$tmp MB free/; > > > > > > } > > > > > > } > > > > > > if ($ios eq "XE" && > > > > > > /^((\s+)?\d+\s+\S+)\s+\d+.*(tracelogs$)/) > > > > > { > > > > > > $_ = "$1" . sprintf("%43s", "") . "$3\n"; > > > > > > } > > > > > > > > > > > > @@ -772,9 +772,9 @@ > > > > > > } > > > > > > } > > > > > > if ($ios eq "XE" && > > > > > > /^((\s+)?\d+\s+\S+)\s+\d+.*(tracelogs$)/) > > > > > { > > > > > > $_ = "$1" . sprintf("%43s", "") . "$3\n"; > > > > > > } > > > > > > - if ($ios eq "IOS" && > > /^((\s+)?\d+\s+\S+)\s+\d+.*(sflog$)/) { > > > > > > - $_ = "$1" . sprintf("%43s", "") . "$3\n"; > > > > > > - } > > > > > > # the pager can not be disabled per-session on the PIX > > > > > > if (/^(<-+ More -+>)/) { > > > > > > my($len) = length($1); > > > > > > s/^$1\s{$len}//; > > > > > > > > > > > > > Don't stress about maintaining your own patches to make the > > > > > > > rancid scripts do what you intent - every installation I know > > > > > > > of accumulating a rather large number of them :-) It seems > > to > > > > > > > be inevitable considering the problem we are all using rancid > > > > > > > to > > > > > solve. > > > > > > > > > > > > > > > > > > > > > -- > > > > > > > Alan McKinnon > > > > > > > alan.mckinnon at gmail.com > > > > > > > > > > > > > > _______________________________________________ > > > > > > > Rancid-discuss mailing list > > > > > > > Rancid-discuss at shrubbery.net > > > > > > > http://www.shrubbery.net/mailman/listinfo/rancid-discuss > > > > > > > > > > > > _______________________________________________ > > > > > > Rancid-discuss mailing list > > > > > > Rancid-discuss at shrubbery.net > > > > > > http://www.shrubbery.net/mailman/listinfo/rancid-discuss > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss From cayliffe at gmail.com Fri Jun 6 00:52:45 2014 From: cayliffe at gmail.com (Craig Ayliffe) Date: Fri, 6 Jun 2014 10:52:45 +1000 Subject: [rancid] Help for nlogin and Netscreen In-Reply-To: <20140605175320.GI67080@shrubbery.net> References: <20140605175320.GI67080@shrubbery.net> Message-ID: Hi, Apologies the link that failed was meant to be: http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss It is found on this page: http://www.shrubbery.net/rancid/#help Yes agreed it is a broken implementation of the CLI. I will take a look at the -s option. Thanks, Craig On 6 June 2014 03:53, wrote: > Thu, Jun 05, 2014 at 03:15:41PM +1000, Craig Ayliffe: > > Hi, > > > > Firstly I tried to subscribe to the mailing list at > > http://www.shrubbery.net/pipermail/rancid-discuss/ - but get a 404 error > > going to that page. > > that url looks fine to me. in the logs, i see some failures with bad urls, > which might have been you. if you can verify what url doesnt work and > where > you found the url or the referring page, i'll look. > > > Anyway my problem today is trying to run the command: > > nlogin -t 90 -f vfw.cloginrc -c "exec nsrp sync global-config > check-sum" > > hostname > > > > It runs the command successfully but then hangs waiting to finish. > > The output of the command (configuration in sync) is printed out after > the > > prompt is displayed which seems to get nlogin out of sync - still looking > > for the prompt which it doesn't see again. > > > > Attached is the debug of the commands being run. > > > > Below is it running without debug. > > ============================================== > > craiga at syd-monitor-01:~/juniper$ /tmp/nlogin.3.1 -t 90 -f vfw.cloginrc > -c > > "exec nsrp sync global-config check-sum" bne-vfw-1b > > bne-vfw-1b > > spawn ssh -c 3des -x -l craiga bne-vfw-1b > > craiga at bne-vfw-1b's password: > > Remote Management Console > > BNE-VFW-1b(B)-> > > BNE-VFW-1b(B)-> set console page 0 > > BNE-VFW-1b(B)-> exec nsrp sync global-config check-sum > > *BNE-VFW-1b(B)-> configuration in sync* > > > > > > ^Ccraiga at syd-monitor-01:~/juniper$ > > ============================================== > > > > As far as I can see this is due to Netscreen running this command in the > > background and it returns the display later on after the new prompt is > > already there. > > This doesn't happen when I run the 'get' commands in Netscreen. > > > > Any ideas on how to fix this would be awesome thanks > > eh, you could do that with a script via nlogin -s. but, once it receives a > new prompt, the login scripts assume the command is done. to that do a cmd > in the background is a completely broken cli way to do it, imo, and i'd > complain to the vendor. > > see the share dir of the dist for -s examples. > > > -- Craig Ayliffe -------------- next part -------------- An HTML attachment was scrubbed... URL: From manfred.mayer.it at rapunzel.de Fri Jun 6 13:40:53 2014 From: manfred.mayer.it at rapunzel.de (Manfred Mayer IT) Date: Fri, 6 Jun 2014 15:40:53 +0200 Subject: [rancid] clogin: not found Message-ID: <7675BFF474F5084E93D4D51003DAFBB351AFB5FDBC@SRLSRV17.int.rapunzel.de> Hi all, I try to migrate my existing rancid-2.3.8 installation to a new host with Ubuntu 12.04. I downloaded ftp://ftp.shrubbery.net/pub/rancid/rancid-2.3.8.tar.gz and installed it to /usr/local/rancid. I copied the .cloginrc and rancid.conf to the new host and wanted to test with a new router.db first, containing only 6 HP Procurve switches (switchname:hp:up). I can login successfully to each switch with "bin/clogin switchname" and I also tried "bin/hlogin -f .cloginrc -c "show version" switchname" which gives me a "no page" output first, but then the version and a completed logout. But executing "bin/rancid switchname" results in the following: sh: 1: clogin: not found switchname: missed cmd(s): dir /all slavedisk2:,show rsp chassis-info,show capture,dir /all sec-slot2:,show diag,dir: switchname: End of run not found ! I found this existing thread http://www.shrubbery.net/pipermail/rancid-discuss/2008-November/003404.html but however I don't know what to do exactly to solve the problem. Any suggestions would be appreciated Regards Mana Rapunzel Naturkost GmbH, Rapunzelstra?e 1, D-87764 Legau Registergericht Memmingen HRB 14736 | Sitz der Gesellschaft: Legau Ust Id Nr. DE 129088402 Gesch?ftsf?hrer: Joseph Wilhelm | Margit Epple | Andreas Wenning Telefon: +49 (0)8330 / 529 - 0 From alan.mckinnon at gmail.com Fri Jun 6 23:09:23 2014 From: alan.mckinnon at gmail.com (Alan McKinnon) Date: Sat, 07 Jun 2014 01:09:23 +0200 Subject: [rancid] [PATCH] Reduce chatter about file sizes in nvram. Message-ID: <53924A23.2090105@gmail.com> Hi, I got tired of endless noise mails with diffs like this: - !Flash: nvram: 1692 -rw- 356089 startup-config + !Flash: nvram: 1692 -rw- 356257 startup-config - !Flash: nvram: 2093048 bytes total (1636661 bytes free) + !Flash: nvram: 2093048 bytes total (1636493 bytes free) So I wrote the below to deal with it. Rationale: I don't care to know that the file increased by 168 bytes, all I want to know is if the file was created or deleted and it's approximate size. I'd also like to know if the size changed dramatically eg 100K to 10M. The patch transforms the size to the nearest SI unit and truncates it to an integer, like so: !Flash: nvram: 1691 -rw- 347KB startup-config !Flash: disk0: 1MB bytes total ( 1MB bytes free) The diff is against 2.3.8 and I have similar ones for nxrancid and xrrancid. Also gsrrancid but that's my own creation for GSRs and not in the source tarballs. --- rancid.old 2014-05-16 01:07:20.000000000 +0200 +++ rancid 2014-06-04 01:47:20.000000000 +0200 @@ -95,6 +95,24 @@ 1; } +# Transform filesizes into integral SI units (eg 123456 => 120KB) +sub numtosi { + my $num = $_[0]; + my $len = length($_[0]); + if ($num >= (1024 * 1024 * 1024)) { + $num = int($num / (1024 * 1024 * 1024)); + return sprintf("%$len"."s", "$num"."GB"); + } elsif ($num >= (1024 * 1024 )) { + $num = int($num / (1024 * 1024)); + return sprintf("%$len"."s", "$num"."MB"); + } elsif ($num >= (1024 )) { + $num = int($num / (1024)); + return sprintf("%$len"."s", "$num"."KB"); + } else { + return $num; + } +} + sub numerically { $a <=> $b; } # This is a sort routine that will sort numerically on the @@ -717,6 +736,14 @@ # Filter dhcp database next if (/dhcp_[^. ]*\.txt/); + # Transform file sizes in file listing to SI units + if (/^(\s*?\d+\s+[rwx-]{4}\s+)(\d+)(.*)/) { + $_ = "$1" . numtosi($2) . "$3\n"; + } + if (/^(\s*?)(\d+) bytes total \((\d+) bytes free\)$/) { + $_ = $1 . numtosi($2) . " bytes total (" . numtosi($3) . " bytes free)\n"; + } + /\s+(multiple-fs|nv_hdr|vlan\.dat)$/ && next; ProcessHistory("FLASH","","","!Flash: $_"); } @@ -762,22 +789,19 @@ # Filter dhcp database next if (/dhcp_[^. ]*\.txt/); - if ($ios eq "XE" && /.*\((\d+) bytes free\)/) { - my($tmp) = $1; - if ($tmp >= (1024 * 1024 * 1024)) { - $tmp = int($tmp / (1024 * 1024 * 1024)); - s/$1 bytes free/$tmp GB free/; - } else { - $tmp = int($tmp / (1024 * 1024)); - s/$1 bytes free/$tmp MB free/; - } - } if ($ios eq "XE" && /^((\s+)?\d+\s+\S+)\s+\d+.*(tracelogs$)/) { $_ = "$1" . sprintf("%43s", "") . "$3\n"; } if ($ios eq "IOS" && /^((\s+)?\d+\s+\S+)\s+\d+.*(sflog$)/) { $_ = "$1" . sprintf("%43s", "") . "$3\n"; } + # Transform file sizes in file listing to SI units + if (/^(\s*?\d+\s+[rwx-]{4}\s+)(\d+)(.*)/) { + $_ = "$1" . numtosi($2) . "$3\n"; + } + if (/^(\s*?)(\d+) bytes total \((\d+) bytes free\)$/) { + $_ = $1 . numtosi($2) . " bytes total (" . numtosi($3) . " bytes free)\n"; + } # the pager can not be disabled per-session on the PIX if (/^(<-+ More -+>)/) { my($len) = length($1); -- Alan McKinnon alan.mckinnon at gmail.com From alan.mckinnon at gmail.com Fri Jun 6 23:30:37 2014 From: alan.mckinnon at gmail.com (Alan McKinnon) Date: Sat, 07 Jun 2014 01:30:37 +0200 Subject: [rancid] [PATCH] Message-ID: <53924F1D.1050308@gmail.com> I may have posted this one already. If so, apologies for the dupe. ACL sorting fails for ipv6 addresses as ipaddrval() always returns false for these so sorting never happens. Rancid output is then always whatever order the router presented leading to chatter and noisy diffs. The simplest solution is to sort ipv6 addresses ASCIIbetically so they always sort predictably. The only oddity is :: comes after digits 0-9 and before A-F. Aside from that, the order is as expected by hex numbers. This is much easier than writing an ipv6 sort routine from scratch as rancid uses no perl user modules. --- rancid.old 2014-05-16 01:07:20.000000000 +0200 +++ rancid 2014-06-04 01:47:20.000000000 +0200 @@ -168,7 +186,8 @@ $a[3] + 256 * ($a[2] + 256 * ($a[1] +256 * $a[0])); } sub sortbyipaddr { - &ipaddrval($a) <=> &ipaddrval($b); + &ipaddrval($a) <=> &ipaddrval($b) || + $a cmp $b; } # This routine parses "show version" @@ -1874,7 +1898,7 @@ # order arp lists /^arp\s+(\d+\.\d+\.\d+\.\d+)\s+/ && ProcessHistory("ARP","$aclsort","$1","$_") && next; - /^ip(v6)? prefix-list\s+(\S+)\s+seq\s+(\d+)\s+(permit|deny)\s+(\S+)(\/.*)$/ + /^ip(v4|v6)? prefix-list\s+(\S+)\s+seq\s+(\d+)\s+(permit|deny)\s+(\S+)(\/.*)$/ && ProcessHistory("PACL $2 $4","$aclsort","$5", "ip$1 prefix-list $2 $4 $5$6\n") && next; -- Alan McKinnon alan.mckinnon at gmail.com From alan.mckinnon at gmail.com Fri Jun 6 23:49:35 2014 From: alan.mckinnon at gmail.com (Alan McKinnon) Date: Sat, 07 Jun 2014 01:49:35 +0200 Subject: [rancid] clogin: not found In-Reply-To: <7675BFF474F5084E93D4D51003DAFBB351AFB5FDBC@SRLSRV17.int.rapunzel.de> References: <7675BFF474F5084E93D4D51003DAFBB351AFB5FDBC@SRLSRV17.int.rapunzel.de> Message-ID: <5392538F.4000206@gmail.com> On 06/06/2014 15:40, Manfred Mayer IT wrote: > Hi all, > > I try to migrate my existing rancid-2.3.8 installation to a new host with Ubuntu 12.04. I downloaded ftp://ftp.shrubbery.net/pub/rancid/rancid-2.3.8.tar.gz and installed it to /usr/local/rancid. I copied the .cloginrc and rancid.conf to the new host and wanted to test with a new router.db first, containing only 6 HP Procurve switches (switchname:hp:up). I can login successfully to each switch with "bin/clogin switchname" and I also tried "bin/hlogin -f .cloginrc -c "show version" switchname" which gives me a "no page" output first, but then the version and a completed logout. > > But executing "bin/rancid switchname" results in the following: > sh: 1: clogin: not found > switchname: missed cmd(s): dir /all slavedisk2:,show rsp chassis-info,show capture,dir /all sec-slot2:,show diag,dir: > switchname: End of run not found > ! > > I found this existing thread http://www.shrubbery.net/pipermail/rancid-discuss/2008-November/003404.html but however I don't know what to do exactly to solve the problem. > > Any suggestions would be appreciated You probably do not have /usr/local/bin in your PATH when that command is run. The rancid devs (in common with the majority of software out there) assume that since PATH is completely user-selectable, that you know how to set and use it, so doesn't bother much with documenting it. Please log in as the rancid user and post theoutput of: which clogin echo $PATH -- Alan McKinnon alan.mckinnon at gmail.com From nicolas-ml at deffayet.com Sat Jun 7 11:17:57 2014 From: nicolas-ml at deffayet.com (Nicolas DEFFAYET) Date: Sat, 07 Jun 2014 13:17:57 +0200 Subject: [rancid] Cisco SG-300 patchs Message-ID: <1402139877.14424.9.camel@fr-wks3.corp.novso.com> Hello, Please find the complete files attached that I use successfully with Rancid 2.3.8 to get config from Cisco SG-300. I have done a big rewrite for have clean stuff and I use a csblogin instead of original clogin. # vi /var/lib/rancid/bin/rancid-fe --- 'cisco' => 'rancid', + 'cisco-sb' => 'csbrancid', 'cisco-nx' => 'nxrancid', --- Put csblogin csbrancid # chown root:root csblogin csbrancid # chmod 755 csblogin csbrancid # mv csblogin csbrancid /usr/lib/rancid/bin/ In router.db file --- test.example.com:cisco-sb:up --- In .cloginrc --- add autoenable test.example.com {1} add method test.example.com {ssh} add password test.example.com {password} add user test.example.com {user} add userprompt test.example.com {"User Name:"} --- It's a fork of (thanks to Christian for its works !): http://chrpinedo.blogspot.fr/2012/03/cisco-small-business-sg300-backup-with.html -- Nicolas DEFFAYET -------------- next part -------------- #! /usr/bin/expect -- ## ## $Id: csblogin.in 1 2012-06-01 17:05:00Z n $ ## ## rancid 2.3.8 ## Copyright (c) 1997-2011 by Terrapin Communications, Inc. ## All rights reserved. ## ## This code is derived from software contributed to and maintained by ## Terrapin Communications, Inc. by Henry Kilmer, John Heasley, Andrew Partan, ## Pete Whiting, Austin Schutz, and Andrew Fort. ## ## Redistribution and use in source and binary forms, with or without ## modification, are permitted provided that the following conditions ## are met: ## 1. Redistributions of source code must retain the above copyright ## notice, this list of conditions and the following disclaimer. ## 2. Redistributions in binary form must reproduce the above copyright ## notice, this list of conditions and the following disclaimer in the ## documentation and/or other materials provided with the distribution. ## 3. All advertising materials mentioning features or use of this software ## must display the following acknowledgement: ## This product includes software developed by Terrapin Communications, ## Inc. and its contributors for RANCID. ## 4. Neither the name of Terrapin Communications, Inc. nor the names of its ## contributors may be used to endorse or promote products derived from ## this software without specific prior written permission. ## 5. It is requested that non-binding fixes and modifications be contributed ## back to Terrapin Communications, Inc. ## ## THIS SOFTWARE IS PROVIDED BY Terrapin Communications, INC. AND CONTRIBUTORS ## ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED ## TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR ## PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COMPANY OR CONTRIBUTORS ## BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR ## CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF ## SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS ## INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN ## CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ## ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE ## POSSIBILITY OF SUCH DAMAGE. # # The expect login scripts were based on Erik Sherk's gwtn, by permission. # # csblogin - Cisco Small Business switch login # # Most options are intuitive for logging into a Cisco Small Business switch. # The default username password is the same as the vty password. # # Usage line set usage "Usage: $argv0 \[-dV\] \[-c command\] \[-Evar=x\] \ \[-f cloginrc-file\] \[-p user-password\] \[-r passphrase\] \[-s script-file\] \ \[-u username\] \[-t timeout\] \[-x command-file\] \[-y ssh_cypher_type\] \ router \[router...\]\n" # env(CLOGIN) may contain: # x == do not set xterm banner or name # Password file set password_file $env(HOME)/.cloginrc # Default is to login to the router set do_command 0 set do_script 0 # The default is to look in the password file to find the passwords. This # tracks if we receive them on the command line. set do_passwd 1 # Sometimes routers take awhile to answer (the default is 10 sec) set timeoutdflt 120 # # new option to provide "login" command capabilities set loginonly 0 # Find the user in the ENV, or use the unix userid. if {[info exists env(CISCO_USER)]} { set default_user $env(CISCO_USER) } elseif {[info exists env(USER)]} { set default_user $env(USER) } elseif {[info exists env(LOGNAME)]} { set default_user $env(LOGNAME) } else { # This uses "id" which I think is portable. At least it has existed # (without options) on all machines/OSes I've been on recently - # unlike whoami or id -nu. if [catch {exec id} reason] { send_error "\nError: could not exec id: $reason\n" exit 1 } regexp {\(([^)]*)} "$reason" junk default_user } if {[info exists env(CLOGINRC)]} { set password_file $env(CLOGINRC) } # Process the command line for {set i 0} {$i < $argc} {incr i} { set arg [lindex $argv $i] switch -glob -- $arg { # Command to run. -c* - -C* { if {! [regexp .\[cC\](.+) $arg ignore command]} { incr i set command [lindex $argv $i] } set do_command 1 # Expect debug mode } -d* { exp_internal 1 # Environment variable to pass to -s scripts } -E* { if {[regexp .\[E\](.+)=(.+) $arg ignore varname varvalue]} { set E$varname $varvalue } else { send_user "\nError: invalid format for -E in $arg\n" exit 1 } # alternate cloginrc file } -f* - -F* { if {! [regexp .\[fF\](.+) $arg ignore password_file]} { incr i set password_file [lindex $argv $i] } # user Password } -p* { if {! [regexp .\[pP\](.+) $arg ignore userpasswd]} { incr i set userpasswd [lindex $argv $i] } set do_passwd 0 # ssh passphrase } -r* { if {! [regexp .\[rR\](.+) $arg ignore passphrase]} { incr i set vapassphrase [lindex $argv $i] } # Version string } -V* { send_user "rancid 2.3.8\n" exit 0 # Passphrase } -r* - -R* { if {! [regexp .\[rR\](.+) $arg ignore passphrase]} { incr i set avpassphrase [lindex $argv $i] } # Expect script to run. } -s* { if {! [regexp .\[sS\](.+) $arg ignore sfile]} { incr i set sfile [lindex $argv $i] } if { ! [file readable $sfile] } { send_user "\nError: Can't read $sfile\n" exit 1 } set do_script 1 # Timeout } -t* { if {! [regexp .\[tT\](.+) $arg ignore timeout]} { incr i set timeoutdflt [lindex $argv $i] } # Username } -u* - -U* { if {! [regexp .\[uU\](.+) $arg ignore user]} { incr i set username [lindex $argv $i] } # Command file } -x* { if {! [regexp .\[xX\](.+) $arg ignore cmd_file]} { incr i set cmd_file [lindex $argv $i] } if [ catch {set cmd_fd [open $cmd_file r]} reason ] { send_user "\nError: $reason\n" exit 1 } set cmd_text [read $cmd_fd] close $cmd_fd set command [join [split $cmd_text \n] \;] set do_command 1 # 'ssh -c' cypher type } -y* - -Y* { if {! [regexp .\[yY\](.+) $arg ignore cypher]} { incr i set cypher [lindex $argv $i] } } -* { send_user "\nError: Unknown argument! $arg\n" send_user $usage exit 1 } default { break } } } # Process routers...no routers listed is an error. if { $i == $argc } { send_user "\nError: $usage" } # Only be quiet if we are running a script (it can log its output # on its own) if { $do_script } { log_user 0 } else { log_user 1 } # # Done configuration/variable setting. Now run with it... # # Sets Xterm title if interactive...if its an xterm and the user cares proc label { host } { global env # if CLOGIN has an 'x' in it, don't set the xterm name/banner if [info exists env(CLOGIN)] { if {[string first "x" $env(CLOGIN)] != -1} { return } } # take host from ENV(TERM) if [info exists env(TERM)] { if [regexp \^(xterm|vs) $env(TERM) ignore] { send_user "\033]1;[lindex [split $host "."] 0]\a" send_user "\033]2;$host\a" } } } # This is a helper function to make the password file easier to # maintain. Using this the password file has the form: # add password sl* pete cow # add password at* steve # add password * hanky-pie proc add {var args} { global int_$var ; lappend int_$var $args} proc include {args} { global env regsub -all "(^{|}$)" $args {} args if { [regexp "^/" $args ignore ] == 0 } { set args $env(HOME)/$args } source_password_file $args } proc find {var router} { upvar int_$var list if { [info exists list] } { foreach line $list { if { [string match [lindex $line 0] $router] } { return [lrange $line 1 end] } } } return {} } # Loads the password file. Note that as this file is tcl, and that # it is sourced, the user better know what to put in there, as it # could install more than just password info... I will assume however, # that a "bad guy" could just as easy put such code in the clogin # script, so I will leave .cloginrc as just an extention of that script proc source_password_file { password_file } { global env if { ! [file exists $password_file] } { send_user "\nError: password file ($password_file) does not exist\n" exit 1 } file stat $password_file fileinfo if { [expr ($fileinfo(mode) & 007)] != 0000 } { send_user "\nError: $password_file must not be world readable/writable\n" exit 1 } if [catch {source $password_file} reason ] { send_user "\nError: $reason\n" exit 1 } } # Log into the router. # returns: 0 on success, 1 on failure, -1 if rsh was used successfully proc login { router user passwd cmethod cyphertype identfile } { global spawn_id in_proc do_command do_script passphrase global prompt sshcmd set in_proc 1 # try each of the connection methods in $cmethod until one is successful set progs [llength $cmethod] foreach prog [lrange $cmethod 0 end] { incr progs -1 if [string match "telnet*" $prog] { regexp {telnet(:([^[:space:]]+))*} $prog command suffix port if {"$port" == ""} { set retval [catch {spawn telnet $router} reason] } else { set retval [catch {spawn telnet $router $port} reason] } if { $retval } { send_user "\nError: telnet failed: $reason\n" return 1 } } elseif ![string compare $prog "ssh"] { # ssh to the router & try to login with or without an identfile. # We use two calls to spawn since spawn does not seem to parse # spaces correctly. if {$identfile != ""} { if [catch {spawn $sshcmd -c $cyphertype -x -l $user -i $identfile $router} reason] { send_user "\nError: failed to $sshcmd: $reason\n" return 1 } } else { if [catch {spawn $sshcmd -c $cyphertype -x -l $user $router} reason] { send_user "\nError: failed to $sshcmd: $reason\n" return 1 } } } elseif ![string compare $prog "rsh"] { send_error "\nError: unsupported method: rsh\n" if { $progs == 0 } { return 1 } continue } else { send_user "\nError: unknown connection method: $prog\n" return 1 } sleep 0.3 # This helps cleanup each expect clause. expect_after { timeout { send_user "\nError: TIMEOUT reached\n" catch {close}; catch {wait}; if { $in_proc} { return 1 } else { continue } } eof { send_user "\nError: EOF received\n" catch {close}; catch {wait}; if { $in_proc} { return 1 } else { continue } } } # Here we get a little tricky. There are several possibilities: # the router can ask for a username and passwd and then # talk to the TACACS server to authenticate you, or if the # TACACS server is not working, then it will use the enable # passwd. Or, the router might not have TACACS turned on, # then it will just send the passwd. # if telnet fails with connection refused, try ssh expect { -re "(Connection refused|Secure connection \[^\n\r]+ refused)" { catch {close}; catch {wait}; if !$progs { send_user "\nError: Connection Refused ($prog): $router\n" return 1 } } -re "(Connection closed by|Connection to \[^\n\r]+ closed)" { catch {close}; catch {wait}; if !$progs { send_user "\nError: Connection closed ($prog): $router\n" return 1 } } eof { send_user "\nError: Couldn't login: $router\n"; wait; return 1 } -nocase "unknown host\r" { send_user "\nError: Unknown host $router\n"; catch {close}; catch {wait}; return 1 } "Host is unreachable" { send_user "\nError: Host Unreachable: $router\n"; catch {close}; catch {wait}; return 1 } "No address associated with name" { send_user "\nError: Unknown host $router\n"; catch {close}; catch {wait}; return 1 } -re "(Host key not found |The authenticity of host .* be established).* \\(yes/no\\)\\?" { send "yes\r" send_user "\nHost $router added to the list of known hosts.\n" exp_continue } -re "HOST IDENTIFICATION HAS CHANGED.* \\(yes/no\\)\\?" { send "no\r" send_user "\nError: The host key for $router has changed. Update the SSH known_hosts file accordingly.\n" catch {close}; catch {wait}; return 1 } -re "HOST IDENTIFICATION HAS CHANGED\[^\n\r]+" { send_user "\nError: The host key for $router has changed. Update the SSH known_hosts file accordingly.\n" return 1 } -re "Offending key for .* \\(yes/no\\)\\?" { send "no\r" send_user "\nError: host key mismatch for $router. Update the SSH known_hosts file accordingly.\n" catch {close}; catch {wait}; return 1 } "Login Screen" { send "$user\t$passwd\r" exp_continue } "Switch Main Menu" { # send Ctrl+Z sleep 1; send "send \032" exp_continue } ">" { send "lcli\r" exp_continue } -re "User Name:$" { send "$user\r" exp_continue } -re "Password:$" { send "$passwd\r" exp_continue } -re "$prompt" { break; } denied { send_user "\nError: Check your passwd for $router\n" catch {close}; catch {wait}; return 1 } } } set in_proc 0 return 0 } # Run commands given on the command line. proc run_commands { prompt command } { global in_proc set in_proc 1 send "terminal datadump\r" expect -re $prompt {} set commands [split $command \;] set num_commands [llength $commands] for {set i 0} {$i < $num_commands} { incr i} { send -- "[lindex $commands $i]\r" expect { -re "^\[^\n\r *]*$prompt *$" {} -re "^\[^\n\r]*$prompt." { exp_continue } -re "(\r\n|\n)" { exp_continue } } } send "exit\r\n" expect { "\n" { exp_continue } timeout { catch {close}; catch {wait}; return 0 } eof { return 0 } } set in_proc 0 } # # For each router... (this is main loop) # source_password_file $password_file set in_proc 0 set exitval 0 foreach router [lrange $argv $i end] { set router [string tolower $router] send_user "$router\n" # device timeout set timeout [find timeout $router] if { [llength $timeout] == 0 } { set timeout $timeoutdflt } # Default prompt. set prompt "#" # Figure out username if {[info exists username]} { # command line username set loginname $username } else { set loginname [join [find user $router] ""] if { "$loginname" == "" } { set loginname $default_user } } # Figure out loginname's password (if different from the vty password) if {[info exists userpasswd]} { # command line passwd set passwd $userpasswd } else { set passwd [join [lindex [find userpassword $router] 0] ""] if { "$passwd" == "" } { set passwd [join [lindex [find password $router] 0] ""] if { "$passwd" == "" } { send_user "\nError: no password for $router in $password_file.\n" continue } } } # Figure out identity file to use set identfile [join [lindex [find identity $router] 0] ""] # Figure out passphrase to use if {[info exists avpassphrase]} { set passphrase $avpassphrase } else { set passphrase [join [lindex [find passphrase $router] 0] ""] } if { ! [string length "$passphrase"]} { set passphrase $passwd } # Figure out cypher type if {[info exists cypher]} { # command line cypher type set cyphertype $cypher } else { set cyphertype [find cyphertype $router] if { "$cyphertype" == "" } { set cyphertype "3des" } } # Figure out connection method set cmethod [find method $router] if { "$cmethod" == "" } { set cmethod {{telnet} {ssh}} } # Figure out the SSH executable name set sshcmd [join [lindex [find sshcmd $router] 0] ""] if { "$sshcmd" == "" } { set sshcmd {ssh} } # Login to the router if {[login $router $loginname $passwd $cmethod $cyphertype $identfile]} { incr exitval continue } if { $do_command } { if {[run_commands $prompt $command]} { incr exitval continue } } elseif { $do_script } { send "terminal datadump\r" expect -re $prompt {} source $sfile catch {close}; } else { label $router log_user 1 interact } # End of for each router catch {wait}; sleep 0.3 } exit $exitval -------------- next part -------------- A non-text attachment was scrubbed... Name: csbrancid Type: application/x-perl Size: 12617 bytes Desc: not available URL: From nicolas-ml at deffayet.com Sat Jun 7 12:47:41 2014 From: nicolas-ml at deffayet.com (Nicolas DEFFAYET) Date: Sat, 07 Jun 2014 14:47:41 +0200 Subject: [rancid] Quagga vtysh patchs Message-ID: <1402145261.14424.14.camel@fr-wks3.corp.novso.com> Hello, Please find the complete files attached that I use successfully with Rancid 2.3.8 to get config from Quagga vtysh. I have done a big rewrite for have clean stuff and I use a new qlogin instead of original clogin because the original clogin don't work correctly since Rancid 2.3.5 due to various change. # vi /usr/lib/rancid/bin/rancid-fe --- - 'zebra' => 'zrancid' + 'zebra' => 'zrancid', + 'quagga' => 'qrancid' --- Put qlogin qrancid # chown root:root qlogin qrancid # chmod 755 qlogin qrancid # mv qlogin qrancid /usr/lib/rancid/bin/ In router.db file --- test.example.com:quagga:up --- -- Nicolas DEFFAYET -------------- next part -------------- #! /usr/bin/expect -- ## ## $Id: qlogin.in 1 2012-06-01 17:05:00Z n $ ## ## rancid 2.3.8 ## Copyright (c) 1997-2011 by Terrapin Communications, Inc. ## All rights reserved. ## ## This code is derived from software contributed to and maintained by ## Terrapin Communications, Inc. by Henry Kilmer, John Heasley, Andrew Partan, ## Pete Whiting, Austin Schutz, and Andrew Fort. ## ## Redistribution and use in source and binary forms, with or without ## modification, are permitted provided that the following conditions ## are met: ## 1. Redistributions of source code must retain the above copyright ## notice, this list of conditions and the following disclaimer. ## 2. Redistributions in binary form must reproduce the above copyright ## notice, this list of conditions and the following disclaimer in the ## documentation and/or other materials provided with the distribution. ## 3. All advertising materials mentioning features or use of this software ## must display the following acknowledgement: ## This product includes software developed by Terrapin Communications, ## Inc. and its contributors for RANCID. ## 4. Neither the name of Terrapin Communications, Inc. nor the names of its ## contributors may be used to endorse or promote products derived from ## this software without specific prior written permission. ## 5. It is requested that non-binding fixes and modifications be contributed ## back to Terrapin Communications, Inc. ## ## THIS SOFTWARE IS PROVIDED BY Terrapin Communications, INC. AND CONTRIBUTORS ## ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED ## TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR ## PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COMPANY OR CONTRIBUTORS ## BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR ## CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF ## SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS ## INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN ## CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ## ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE ## POSSIBILITY OF SUCH DAMAGE. # # The expect login scripts were based on Erik Sherk's gwtn, by permission. # # qlogin - quagga s/w login # Based on csblogin # # The default username password is the same as the vty password. # # Usage line set usage "Usage: $argv0 \[-dV\] \[-c command\] \[-Evar=x\] \ \[-f cloginrc-file\] \[-p user-password\] \[-r passphrase\] \[-s script-file\] \ \[-u username\] \[-t timeout\] \[-x command-file\] \[-y ssh_cypher_type\] \ router \[router...\]\n" # env(CLOGIN) may contain: # x == do not set xterm banner or name # Password file set password_file $env(HOME)/.cloginrc # Default is to login to the router set do_command 0 set do_script 0 # The default is to look in the password file to find the passwords. This # tracks if we receive them on the command line. set do_passwd 1 # Sometimes routers take awhile to answer (the default is 10 sec) set timeoutdflt 120 # # new option to provide "login" command capabilities set loginonly 0 # Find the user in the ENV, or use the unix userid. if {[info exists env(CISCO_USER)]} { set default_user $env(CISCO_USER) } elseif {[info exists env(USER)]} { set default_user $env(USER) } elseif {[info exists env(LOGNAME)]} { set default_user $env(LOGNAME) } else { # This uses "id" which I think is portable. At least it has existed # (without options) on all machines/OSes I've been on recently - # unlike whoami or id -nu. if [catch {exec id} reason] { send_error "\nError: could not exec id: $reason\n" exit 1 } regexp {\(([^)]*)} "$reason" junk default_user } if {[info exists env(CLOGINRC)]} { set password_file $env(CLOGINRC) } # Process the command line for {set i 0} {$i < $argc} {incr i} { set arg [lindex $argv $i] switch -glob -- $arg { # Command to run. -c* - -C* { if {! [regexp .\[cC\](.+) $arg ignore command]} { incr i set command [lindex $argv $i] } set do_command 1 # Expect debug mode } -d* { exp_internal 1 # Environment variable to pass to -s scripts } -E* { if {[regexp .\[E\](.+)=(.+) $arg ignore varname varvalue]} { set E$varname $varvalue } else { send_user "\nError: invalid format for -E in $arg\n" exit 1 } # alternate cloginrc file } -f* - -F* { if {! [regexp .\[fF\](.+) $arg ignore password_file]} { incr i set password_file [lindex $argv $i] } # user Password } -p* { if {! [regexp .\[pP\](.+) $arg ignore userpasswd]} { incr i set userpasswd [lindex $argv $i] } set do_passwd 0 # ssh passphrase } -r* { if {! [regexp .\[rR\](.+) $arg ignore passphrase]} { incr i set vapassphrase [lindex $argv $i] } # Version string } -V* { send_user "rancid 2.3.8\n" exit 0 # Passphrase } -r* - -R* { if {! [regexp .\[rR\](.+) $arg ignore passphrase]} { incr i set avpassphrase [lindex $argv $i] } # Expect script to run. } -s* { if {! [regexp .\[sS\](.+) $arg ignore sfile]} { incr i set sfile [lindex $argv $i] } if { ! [file readable $sfile] } { send_user "\nError: Can't read $sfile\n" exit 1 } set do_script 1 # Timeout } -t* { if {! [regexp .\[tT\](.+) $arg ignore timeout]} { incr i set timeoutdflt [lindex $argv $i] } # Username } -u* - -U* { if {! [regexp .\[uU\](.+) $arg ignore user]} { incr i set username [lindex $argv $i] } # Command file } -x* { if {! [regexp .\[xX\](.+) $arg ignore cmd_file]} { incr i set cmd_file [lindex $argv $i] } if [ catch {set cmd_fd [open $cmd_file r]} reason ] { send_user "\nError: $reason\n" exit 1 } set cmd_text [read $cmd_fd] close $cmd_fd set command [join [split $cmd_text \n] \;] set do_command 1 # 'ssh -c' cypher type } -y* - -Y* { if {! [regexp .\[yY\](.+) $arg ignore cypher]} { incr i set cypher [lindex $argv $i] } } -* { send_user "\nError: Unknown argument! $arg\n" send_user $usage exit 1 } default { break } } } # Process routers...no routers listed is an error. if { $i == $argc } { send_user "\nError: $usage" } # Only be quiet if we are running a script (it can log its output # on its own) if { $do_script } { log_user 0 } else { log_user 1 } # # Done configuration/variable setting. Now run with it... # # Sets Xterm title if interactive...if its an xterm and the user cares proc label { host } { global env # if CLOGIN has an 'x' in it, don't set the xterm name/banner if [info exists env(CLOGIN)] { if {[string first "x" $env(CLOGIN)] != -1} { return } } # take host from ENV(TERM) if [info exists env(TERM)] { if [regexp \^(xterm|vs) $env(TERM) ignore] { send_user "\033]1;[lindex [split $host "."] 0]\a" send_user "\033]2;$host\a" } } } # This is a helper function to make the password file easier to # maintain. Using this the password file has the form: # add password sl* pete cow # add password at* steve # add password * hanky-pie proc add {var args} { global int_$var ; lappend int_$var $args} proc include {args} { global env regsub -all "(^{|}$)" $args {} args if { [regexp "^/" $args ignore ] == 0 } { set args $env(HOME)/$args } source_password_file $args } proc find {var router} { upvar int_$var list if { [info exists list] } { foreach line $list { if { [string match [lindex $line 0] $router] } { return [lrange $line 1 end] } } } return {} } # Loads the password file. Note that as this file is tcl, and that # it is sourced, the user better know what to put in there, as it # could install more than just password info... I will assume however, # that a "bad guy" could just as easy put such code in the clogin # script, so I will leave .cloginrc as just an extention of that script proc source_password_file { password_file } { global env if { ! [file exists $password_file] } { send_user "\nError: password file ($password_file) does not exist\n" exit 1 } file stat $password_file fileinfo if { [expr ($fileinfo(mode) & 007)] != 0000 } { send_user "\nError: $password_file must not be world readable/writable\n" exit 1 } if [catch {source $password_file} reason ] { send_user "\nError: $reason\n" exit 1 } } # Log into the router. # returns: 0 on success, 1 on failure, -1 if rsh was used successfully proc login { router user passwd cmethod cyphertype identfile } { global spawn_id in_proc do_command do_script passphrase global prompt sshcmd set in_proc 1 # try each of the connection methods in $cmethod until one is successful set progs [llength $cmethod] foreach prog [lrange $cmethod 0 end] { incr progs -1 if [string match "telnet*" $prog] { regexp {telnet(:([^[:space:]]+))*} $prog command suffix port if {"$port" == ""} { set retval [catch {spawn telnet $router} reason] } else { set retval [catch {spawn telnet $router $port} reason] } if { $retval } { send_user "\nError: telnet failed: $reason\n" return 1 } } elseif ![string compare $prog "ssh"] { # ssh to the router & try to login with or without an identfile. # We use two calls to spawn since spawn does not seem to parse # spaces correctly. if {$identfile != ""} { if [catch {spawn $sshcmd -c $cyphertype -x -l $user -i $identfile $router} reason] { send_user "\nError: failed to $sshcmd: $reason\n" return 1 } } else { if [catch {spawn $sshcmd -c $cyphertype -x -l $user $router} reason] { send_user "\nError: failed to $sshcmd: $reason\n" return 1 } } } elseif ![string compare $prog "rsh"] { send_error "\nError: unsupported method: rsh\n" if { $progs == 0 } { return 1 } continue } else { send_user "\nError: unknown connection method: $prog\n" return 1 } sleep 0.3 # This helps cleanup each expect clause. expect_after { timeout { send_user "\nError: TIMEOUT reached\n" catch {close}; catch {wait}; if { $in_proc} { return 1 } else { continue } } eof { send_user "\nError: EOF received\n" catch {close}; catch {wait}; if { $in_proc} { return 1 } else { continue } } } # Here we get a little tricky. There are several possibilities: # the router can ask for a username and passwd and then # talk to the TACACS server to authenticate you, or if the # TACACS server is not working, then it will use the enable # passwd. Or, the router might not have TACACS turned on, # then it will just send the passwd. # if telnet fails with connection refused, try ssh expect { -re "(Connection refused|Secure connection \[^\n\r]+ refused)" { catch {close}; catch {wait}; if !$progs { send_user "\nError: Connection Refused ($prog): $router\n" return 1 } } -re "(Connection closed by|Connection to \[^\n\r]+ closed)" { catch {close}; catch {wait}; if !$progs { send_user "\nError: Connection closed ($prog): $router\n" return 1 } } eof { send_user "\nError: Couldn't login: $router\n"; wait; return 1 } -nocase "unknown host\r" { send_user "\nError: Unknown host $router\n"; catch {close}; catch {wait}; return 1 } "Host is unreachable" { send_user "\nError: Host Unreachable: $router\n"; catch {close}; catch {wait}; return 1 } "No address associated with name" { send_user "\nError: Unknown host $router\n"; catch {close}; catch {wait}; return 1 } -re "(Host key not found |The authenticity of host .* be established).* \\(yes/no\\)\\?" { send "yes\r" send_user "\nHost $router added to the list of known hosts.\n" exp_continue } -re "HOST IDENTIFICATION HAS CHANGED.* \\(yes/no\\)\\?" { send "no\r" send_user "\nError: The host key for $router has changed. Update the SSH known_hosts file accordingly.\n" catch {close}; catch {wait}; return 1 } -re "HOST IDENTIFICATION HAS CHANGED\[^\n\r]+" { send_user "\nError: The host key for $router has changed. Update the SSH known_hosts file accordingly.\n" return 1 } -re "Offending key for .* \\(yes/no\\)\\?" { send "no\r" send_user "\nError: host key mismatch for $router. Update the SSH known_hosts file accordingly.\n" catch {close}; catch {wait}; return 1 } -re "(denied|Sorry)" { send_user "\nError: Check your passwd for $router\n" catch {close}; catch {wait}; return 1 } -re "(Password|Password for .+):" { # ssh pwd prompt sleep 1 send -- "$passwd\r" exp_continue } -re "Enter passphrase.*: " { # sleep briefly to allow time for stty -echo sleep .3 send -- "$passphrase\r" exp_continue } -re "$prompt" { set prompt_match $expect_out(0,string); break; } } } set in_proc 0 return 0 } # Run commands given on the command line. proc run_commands { prompt command } { global in_proc set in_proc 1 set reprompt $prompt set commands [split $command \;] set num_commands [llength $commands] # the pager can not be turned off on the PIX, so we have to look # for the "More" prompt. the extreme is equally obnoxious in pre-12.3 XOS, # with a global switch in the config. for {set i 0} {$i < $num_commands} { incr i} { send -- "[subst -nocommands [lindex $commands $i]]\r" expect { -re "^\[^\n\r *]*$prompt *$" {} -re "^\[^\n\r]*$prompt." { exp_continue } -re "(\r\n|\n)" { exp_continue } } } send "exit\r" expect { -re "\[\n\r]+" { exp_continue } timeout { catch {close}; catch {wait}; return 0 } eof { return 0 } } set in_proc 0 } # # For each router... (this is main loop) # source_password_file $password_file set in_proc 0 set exitval 0 foreach router [lrange $argv $i end] { set router [string tolower $router] send_user "$router\n" # device timeout set timeout [find timeout $router] if { [llength $timeout] == 0 } { set timeout $timeoutdflt } # Default prompt. set prompt "#" # Figure out username if {[info exists username]} { # command line username set loginname $username } else { set loginname [join [find user $router] ""] if { "$loginname" == "" } { set loginname $default_user } } # Figure out loginname's password (if different from the vty password) if {[info exists userpasswd]} { # command line passwd set passwd $userpasswd } else { set passwd [join [lindex [find userpassword $router] 0] ""] if { "$passwd" == "" } { set passwd [join [lindex [find password $router] 0] ""] if { "$passwd" == "" } { send_user "\nError: no password for $router in $password_file.\n" continue } } } # Figure out identity file to use set identfile [join [lindex [find identity $router] 0] ""] # Figure out passphrase to use if {[info exists avpassphrase]} { set passphrase $avpassphrase } else { set passphrase [join [lindex [find passphrase $router] 0] ""] } if { ! [string length "$passphrase"]} { set passphrase $passwd } # Figure out cypher type if {[info exists cypher]} { # command line cypher type set cyphertype $cypher } else { set cyphertype [find cyphertype $router] if { "$cyphertype" == "" } { set cyphertype "3des" } } # Figure out connection method set cmethod [find method $router] if { "$cmethod" == "" } { set cmethod {{telnet} {ssh}} } # Figure out the SSH executable name set sshcmd [join [lindex [find sshcmd $router] 0] ""] if { "$sshcmd" == "" } { set sshcmd {ssh} } # Login to the router if {[login $router $loginname $passwd $cmethod $cyphertype $identfile]} { incr exitval continue } if { $do_command || $do_script } { send "terminal length 0\r" expect -re $prompt {} } if { $do_command } { if {[run_commands $prompt $command]} { incr exitval continue } } elseif { $do_script } { source $sfile catch {close}; } else { label $router log_user 1 interact } # End of for each router catch {wait}; sleep 0.3 } exit $exitval -------------- next part -------------- A non-text attachment was scrubbed... Name: qrancid Type: application/x-perl Size: 13903 bytes Desc: not available URL: From rancid at ale.cx Sat Jun 7 13:36:54 2014 From: rancid at ale.cx (Alex DEKKER) Date: Sat, 07 Jun 2014 14:36:54 +0100 Subject: [rancid] Cisco SG-300 patchs In-Reply-To: <1402139877.14424.9.camel@fr-wks3.corp.novso.com> References: <1402139877.14424.9.camel@fr-wks3.corp.novso.com> Message-ID: <53931576.6020409@ale.cx> On 07/06/14 12:17, Nicolas DEFFAYET wrote: > Hello, > > Please find the complete files attached that I use successfully with > Rancid 2.3.8 to get config from Cisco SG-300. I have done a big rewrite > for have clean stuff and I use a csblogin instead of original clogin. > Nicolas, I am using chrpinedo's scripts successfully. Can you explain what yours does differently/better? Also, have you considered hosting them somewhere? alexd From lind108 at hotmail.com Mon Jun 9 14:18:21 2014 From: lind108 at hotmail.com (Kenneth Lind) Date: Mon, 9 Jun 2014 10:18:21 -0400 Subject: [rancid] Cisco 10k sflog Timestamp Cycling In-Reply-To: <20140605212636.GA67080@shrubbery.net> References: <5266DDB3.2010605@gmail.com> <20131030224147.GJ23534@shrubbery.net> <20131107194433.GA45338@shrubbery.net> <20131107195600.GA45829@shrubbery.net> <20140605212636.GA67080@shrubbery.net> Message-ID: > -----Original Message----- > From: heasley [mailto:heas at shrubbery.net] > Sent: Thursday, June 05, 2014 5:27 PM > To: Kenneth Lind > Cc: rancid-discuss at shrubbery.net > Subject: Re: [rancid] Cisco 10k sflog Timestamp Cycling > > Thu, Jun 05, 2014 at 02:24:41PM -0400, Kenneth Lind: > > This is a fairly old issue so I'm including the previous threads for > > what it's worth. We upgraded to Rancid v3.0 and then today to v3.1 > without issue. > > The upgrade to 3.0a did hush the actual sflog diffs, however, we are > > still receiving noisy diffs related to the sflog/IPDR data and the > > fact that n bytes are stored in flash before being sent to the > collector. > > > > What would be the best method to hush these diffs? > > > > Example of diffs: > > !Flash: sflog > > - !Flash: 821772288 bytes available (202817536 bytes used) > > + !Flash: 821805056 bytes available (202784768 bytes used) > > would you show me the output of the command 'dir' or 'show flash' for > whatever device this is? it should be replacing that line with a > sumarry line that ought to be less annoying. "Dir" and "show flash" look a little different, so I'll include both. First "dir" Directory of disk0:/ 1 -rw- 68483912 Dec 14 2010 10:46:02 -05:00 .bin 2 -rw- 68495176 Jan 25 2011 01:27:54 -05:00 .bin 3 -rw- 54584320 Jan 25 2011 01:30:40 -05:00 .pkg 4 -rw- 11060935 Jul 31 2012 10:09:38 -04:00 .img 5 -rw- 115639 Mar 28 2013 10:24:54 -04:00 ftp 6 -rw- 0 Jun 9 2014 10:01:30 -04:00 sflog "show flash" -#- --length-- -----date/time------ path 1 68483912 Dec 14 2010 10:46:02 -05:00 .bin 2 68495176 Jan 25 2011 01:27:54 -05:00 .bin 3 54584320 Jan 25 2011 01:30:40 -05:00 .pkg 4 11060935 Jul 31 2012 10:09:38 -04:00 .img 5 115639 Mar 28 2013 10:24:54 -04:00 ftp 6 0 Jun 9 2014 10:01:30 -04:00 sflog > > > > > > > > -----Original Message----- > > > From: 'heasley' [mailto:heas at shrubbery.net] > > > Sent: Thursday, November 07, 2013 2:56 PM > > > To: Kenneth Lind > > > Subject: Re: [rancid] Cisco 10k sflog Timestamp Cycling > > > > > > Thu, Nov 07, 2013 at 07:44:33PM +0000, 'heasley': > > > > Thu, Oct 31, 2013 at 11:34:51AM -0400, Kenneth Lind: > > > > > > -----Original Message----- > > > > > > From: heasley [mailto:heas at shrubbery.net] > > > > > > Sent: Wednesday, October 30, 2013 6:42 PM > > > > > > To: Kenneth Lind > > > > > > Subject: Re: [rancid] Cisco 10k sflog Timestamp Cycling > > > > > > > > > > > > Tue, Oct 29, 2013 at 04:26:18PM -0400, Kenneth Lind: > > > > > > > > -----Original Message----- > > > > > > > > From: rancid-discuss-bounces at shrubbery.net > > > > > > > > [mailto:rancid-discuss- bounces at shrubbery.net] On Behalf > > > > > > > > Of Alan McKinnon > > > > > > > > Sent: Tuesday, October 22, 2013 4:19 PM > > > > > > > > To: rancid-discuss at shrubbery.net > > > > > > > > Subject: Re: [rancid] Cisco 10k sflog Timestamp Cycling > > > > > > > > > > > > > > > > On 22/10/2013 17:27, Kenneth Lind wrote: > > > > > > > > > We recently implemented IPDR on our Cisco 10K uBRs and > > > > > > > > > are now receiving diffs for every rancid run about the > > > timestamp > > > > > > > > > for the > > > > > > > > sflog: > > > > > > > > > > > > > > > > > > - !Flash: 6 0 Oct 22 2013 08:46:10 -04:00 > sflog > > > > > > > > > + !Flash: 6 0 Oct 22 2013 09:37:28 -04:00 > sflog > > > > > > > > > > > > > > > > > > We are running Rancid v2.3.6 which according to the > > > > > > > > > change log included the fix for this issue (though in > > > > > > > > > our instance it does not appear to be filtered, unless > > > > > > > > > there is an > > > option > > > > > > > > > somewhere that we've missed to enable the filtering): > > > > > > > > > > > > > > > > > > rancid: filter sflog from DirSlotN() for IOS on cisco > > > > > > > > > 10k > > > > > > > > > > > > > > > > > > I've been able to find mentions of the issue in the > > > > > > > > > discuss archives, but none have included a solution. > Has > > > > > > > > > anyone > > > been > > > > > > > > > able to hush the diffs for the sflog outside of > creating > > > > > > > > > a new rancid type and > > > > > > > > altering > > > > > > > > > the command table to exclude the DirSlotN run? > > > > > > > > > > > > > > > > I'm not familiar with the 10k but Google indicates they > > > > > > > > will run regular IOS. Is that correct? > > > > > > > > > > > > > > 10k does run IOS. There are some specialized-for-the- > purpose > > > > > > > commands/configuration, but it is still standard IOS > > > (12.2(33)). > > > > > > > > > > > > > > > > > > > > > > > The code in 2.3.6 does support what the Changelog says: > > > > > > > > > > > > > > > > sub DirSlotN { > > > > > > > > .... > > > > > > > > if ($ios eq "IOS" && > > > /^((\s+)?\d+\s+\S+)\s+\d+.*(sflog$)/) { > > > > > > > > $_ = "$1" . sprintf("%43s", "") . "$3\n"; > > > > > > > > } > > > > > > > > .... > > > > > > > > } > > > > > > > > > > > > > > > > but that regex does not match the output you quoted. > maybe > > > > > > > > that was written for > > > > > > > > > > > > > > > > Personally, I would simply discard the entire line (you > > > > > > > > don't want to keep the timestamp and that is the very > > > > > > > > thing that is > > > > > > > > changing) so modify DirSlotN thusly (add it just before > > > > > > > > the > > > code above): > > > > > > > > > > > > > > > > next if ($ios eq "IOS" && /^Flash:.*? sflog$); > > > > > > > > > > > > > > > > that regex is quite simplistic, you might want to tweak > it > > > > > > > > to be more specific. > > > > > > > > > > > > > > > > > > > > > > Heasley replied directly to me with the following diff from > > > > > > > Rancid > > > > > > v3.0a: > > > > > > > Index: lib/ios.pm.in > > > > > > > > > > =================================================================== > > > > > > > --- lib/ios.pm.in (revision 2731) > > > > > > > +++ lib/ios.pm.in (working copy) > > > > > > > @@ -884,7 +884,7 @@ > > > > > > > # to: > > > > > > > # -rw- > vlan.dat > > > > > > > # -rw- > > > vlan.dat > > > > > > > - if (/(dhcp_[^. ]*\.txt|vlan\.dat)\s*$/) { > > > > > > > + if (/(dhcp_[^. ]*\.txt|vlan\.dat|sflog)\s*$/) { > > > > > > > if (/(\s*\d+)(\s+\S+\s+)(\d+)(\s+)(\w+ \d+\s+\d+ > > > > > > > \d+:\d+:\d+ > > > > > > > .\d+:\d+)/) { > > > > > > > my($fn, $a, $sz, $c, $dt, $rem) = ($1, $2, $3, > $4, > > > $5, $'); > > > > > > > my($fnl, $szl, $dtl) = (length($fn), > length($sz), > > > > > > length($dt)); @@ > > > > > > > -921,9 +921,6 @@ > > > > > > > if ($ios eq "XE" && > > > /^((\s+)?\d+\s+\S+)\s+\d+.*(tracelogs$)/) { > > > > > > > $_ = "$1" . sprintf("%43s", "") . "$3\n"; > > > > > > > } > > > > > > > - if ($ios eq "IOS" && > /^((\s+)?\d+\s+\S+)\s+\d+.*(sflog$)/) > > > { > > > > > > > - $_ = "$1" . sprintf("%43s", "") . "$3\n"; > > > > > > > - } > > > > > > > # the pager can not be disabled per-session on the > PIX > > > > > > > if (/^(<-+ More -+>)/) { > > > > > > > my($len) = length($1); > > > > > > > > > > > > > > > > > > > > > However, our stock Rancid v2.3.6 looks considerably > > > > > > > different and I wasn't able to find the correct location(s) > > > > > > > to make the > > > changes. > > > > > > > > > > > > > > I created a proposed diff with changes matching our stock > > > Rancid > > > > > > > as follows and I wonder if anyone has any input (notice the > > > line > > > > > > > numbers are considerably different as well as the 'next if' > > > statement): > > > > > > > > > > > > and i replied about your diff below. did you try it? you > can > > > try > > > > > > it without changing your installed based. ./rancid hostname; > > > diff > > > > > > ~rancid/group/ configs/hostname hostname.new > > > > > > > > > > > > > > > Applying the below proposed changes caused the following errors > > > > > in > > > the log: > > > > > > > > > > Execution of /usr/local/rancid/bin/rancid aborted due to > > > compilation errors. > > > > > syntax error at /usr/local/rancid/bin/rancid line 759, near ") > {" > > > > > Can't use global $1 in "my" at /usr/local/rancid/bin/rancid > line > > > > > 761, near "($1" > > > > > Missing right curly or square bracket at > > > > > /usr/local/rancid/bin/rancid line 2085, at end of line > > > > > > > > the patch wasnt applied properly. > > > > > > > > > > > > > > > > > > > > > > Index: bin/rancid > > > > > > > > > > ================================================================ > > > > > > > === > > > > > > > @@ -757,9 +757,9 @@ > > > > > > > if ($dev =~ /bootflash/) { > > > > > > > next if (/temp_cont\s*$/); > > > > > > > next if (/uptime_cont\s*$/); > > > > > > > } > > > > > > > # Filter dhcp database > > > > > > > - next if (/dhcp_[^. ]*\.txt/); > > > > > > > + next if (/(dhcp_[^. ]*\.txt|vlan\.dat|sflog)\s*$/) > { > > > > > > > > eg: next is not valid there. you could just move to rancid > 3.0aN, > > > > else you will have to correct the application of the patch. > > > > > > btw, you need ftp://ftp.shrubbery.net/pub/rancid/alpha/rancid- > > > 3.0a3.tar.gz > > > then apply the patch i'd sent to you. > > > > > > > > > > + if (/(\s*\d+)(\s+\S+\s+)(\d+)(\s+)(\w+ \d+\s+\d+ > > > > > > > + \d+:\d+:\d+ > > > > > > > .\d+:\d+)/) { > > > > > > > + my($fn, $a, $sz, $c, $dt, $rem) = ($1, $2, $3, > $4, > > > $5, $'); > > > > > > > + my($fnl, $szl, $dtl) = (length($fn), > length($sz), > > > > > > > length($dt)); > > > > > > > > > > > > > > if ($ios eq "XE" && /.*\((\d+) bytes free\)/) { > > > > > > > my($tmp) = $1; > > > > > > > if ($tmp >= (1024 * 1024 * 1024)) { > > > > > > > $tmp = int($tmp / (1024 * 1024 * 1024)); > > > > > > > s/$1 bytes free/$tmp GB free/; > > > > > > > } else { > > > > > > > $tmp = int($tmp / (1024 * 1024)); > > > > > > > s/$1 bytes free/$tmp MB free/; > > > > > > > } > > > > > > > } > > > > > > > if ($ios eq "XE" && > > > > > > > /^((\s+)?\d+\s+\S+)\s+\d+.*(tracelogs$)/) > > > > > > { > > > > > > > $_ = "$1" . sprintf("%43s", "") . "$3\n"; > > > > > > > } > > > > > > > > > > > > > > @@ -772,9 +772,9 @@ > > > > > > > } > > > > > > > } > > > > > > > if ($ios eq "XE" && > > > > > > > /^((\s+)?\d+\s+\S+)\s+\d+.*(tracelogs$)/) > > > > > > { > > > > > > > $_ = "$1" . sprintf("%43s", "") . "$3\n"; > > > > > > > } > > > > > > > - if ($ios eq "IOS" && > > > /^((\s+)?\d+\s+\S+)\s+\d+.*(sflog$)/) { > > > > > > > - $_ = "$1" . sprintf("%43s", "") . "$3\n"; > > > > > > > - } > > > > > > > # the pager can not be disabled per-session on the > PIX > > > > > > > if (/^(<-+ More -+>)/) { > > > > > > > my($len) = length($1); > > > > > > > s/^$1\s{$len}//; > > > > > > > > > > > > > > > Don't stress about maintaining your own patches to make > > > > > > > > the rancid scripts do what you intent - every > installation > > > > > > > > I know of accumulating a rather large number of them :-) > > > > > > > > It seems > > > to > > > > > > > > be inevitable considering the problem we are all using > > > > > > > > rancid to > > > > > > solve. > > > > > > > > > > > > > > > > > > > > > > > > -- > > > > > > > > Alan McKinnon > > > > > > > > alan.mckinnon at gmail.com > > > > > > > > > > > > > > > > _______________________________________________ > > > > > > > > Rancid-discuss mailing list Rancid-discuss at shrubbery.net > > > > > > > > http://www.shrubbery.net/mailman/listinfo/rancid-discuss > > > > > > > > > > > > > > _______________________________________________ > > > > > > > Rancid-discuss mailing list > > > > > > > Rancid-discuss at shrubbery.net > > > > > > > http://www.shrubbery.net/mailman/listinfo/rancid-discuss > > > > _______________________________________________ > > Rancid-discuss mailing list > > Rancid-discuss at shrubbery.net > > http://www.shrubbery.net/mailman/listinfo/rancid-discuss From manfred.mayer.it at rapunzel.de Tue Jun 10 09:49:47 2014 From: manfred.mayer.it at rapunzel.de (Manfred Mayer IT) Date: Tue, 10 Jun 2014 11:49:47 +0200 Subject: [rancid] clogin: not found In-Reply-To: References: <7675BFF474F5084E93D4D51003DAFBB351AFB5FDBC@SRLSRV17.int.rapunzel.de> Message-ID: <7675BFF474F5084E93D4D51003DAFBB351AFB5FDC0@SRLSRV17.int.rapunzel.de> Hello John, thanks for your help. After adding /usr/local/rancid/bin to the PATH, that error is gone and I went on to executing bin/rancid-run. Now I see these errors in the rancid-run logfile: Trying to get all of the configs. swledv05: missed cmd(s): write term swledv05: End of run not found ; swledv02: missed cmd(s): show tech transceivers swledv04: missed cmd(s): show tech transceivers,show module,show config status,show system-information,show systems swledv11: missed cmd(s): show config files couldn't compile regular expression pattern: parentheses () not balanced while executing "expect { -re $reprompt {} -re "\[\n\r]+" { exp_continue } }" (procedure "run_commands" line 9) invoked from within "run_commands $prompt $command" ("foreach" body line 161) invoked from within "foreach router [lrange $argv $i end] { set router [string tolower $router] send_user "$router\n" # device timeout set timeout [find t..." (file "/usr/local/rancid/bin/hlogin" line 615) I use the same entries in my router.db as on my old machine, but on the old system I don't get any errors in my logfile. For the "parentheses" error I found this thread (http://www.shrubbery.net/pipermail/rancid-discuss/2010-June/004987.html), but my hlogin already contains the mentioned line. Regards Mana -----Urspr?ngliche Nachricht----- Von: John Heasley [mailto:heas at shrubbery.net] Gesendet: Freitag, 6. Juni 2014 16:26 An: Manfred Mayer IT Betreff: Re: [rancid] clogin: not found > Am Jun 6, 2014 um 6:40 AM schrieb Manfred Mayer IT : > > Hi all, > > I try to migrate my existing rancid-2.3.8 installation to a new host with Ubuntu 12.04. I downloaded ftp://ftp.shrubbery.net/pub/rancid/rancid-2.3.8.tar.gz and installed it to /usr/local/rancid. I copied the .cloginrc and rancid.conf to the new host and wanted to test with a new router.db first, containing only 6 HP Procurve switches (switchname:hp:up). I can login successfully to each switch with "bin/clogin switchname" and I also tried "bin/hlogin -f .cloginrc -c "show version" switchname" which gives me a "no page" output first, but then the version and a completed logout. > > But executing "bin/rancid switchname" results in the following: > sh: 1: clogin: not found > switchname: missed cmd(s): dir /all slavedisk2:,show rsp chassis-info,show capture,dir /all sec-slot2:,show diag,dir: > switchname: End of run not found > ! The rancid bin dir is not hardcoded in *login, it uses and inherits your PATH, or rancid.conf's in the case of rancid-run. > > I found this existing thread http://www.shrubbery.net/pipermail/rancid-discuss/2008-November/003404.html but however I don't know what to do exactly to solve the problem. > > Any suggestions would be appreciated > > Regards > Mana > > Rapunzel Naturkost GmbH, Rapunzelstra?e 1, D-87764 Legau > Registergericht Memmingen HRB 14736 | Sitz der Gesellschaft: Legau > Ust Id Nr. DE 129088402 > Gesch?ftsf?hrer: Joseph Wilhelm | Margit Epple | Andreas Wenning > Telefon: +49 (0)8330 / 529 - 0 > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss Email secured by [Rapunzel IT] Rapunzel Naturkost GmbH, Rapunzelstra?e 1, D-87764 Legau Registergericht Memmingen HRB 14736 | Sitz der Gesellschaft: Legau Ust Id Nr. DE 129088402 Gesch?ftsf?hrer: Joseph Wilhelm | Margit Epple | Andreas Wenning Telefon: +49 (0)8330 / 529 - 0 From heas at shrubbery.net Wed Jun 11 00:29:28 2014 From: heas at shrubbery.net (heasley) Date: Wed, 11 Jun 2014 00:29:28 +0000 Subject: [rancid] clogin: not found In-Reply-To: <7675BFF474F5084E93D4D51003DAFBB351AFB5FDC0@SRLSRV17.int.rapunzel.de> References: <7675BFF474F5084E93D4D51003DAFBB351AFB5FDBC@SRLSRV17.int.rapunzel.de> <7675BFF474F5084E93D4D51003DAFBB351AFB5FDC0@SRLSRV17.int.rapunzel.de> Message-ID: <20140611002928.GG53104@shrubbery.net> Tue, Jun 10, 2014 at 11:49:47AM +0200, Manfred Mayer IT: > Hello John, > > thanks for your help. After adding /usr/local/rancid/bin to the PATH, that error is gone and I went on to executing bin/rancid-run. Now I see these errors in the rancid-run logfile: > > Trying to get all of the configs. > swledv05: missed cmd(s): write term > swledv05: End of run not found > ; > swledv02: missed cmd(s): show tech transceivers > swledv04: missed cmd(s): show tech transceivers,show module,show config status,show system-information,show systems > swledv11: missed cmd(s): show config files > couldn't compile regular expression pattern: parentheses () not balanced > while executing > "expect { > -re $reprompt {} > -re "\[\n\r]+" { exp_continue } > }" > (procedure "run_commands" line 9) > invoked from within > "run_commands $prompt $command" > ("foreach" body line 161) > invoked from within > "foreach router [lrange $argv $i end] { > set router [string tolower $router] > send_user "$router\n" > > # device timeout > set timeout [find t..." > (file "/usr/local/rancid/bin/hlogin" line 615) > > > I use the same entries in my router.db as on my old machine, but on the old system I don't get any errors in my logfile. For the "parentheses" error I found this thread (http://www.shrubbery.net/pipermail/rancid-discuss/2010-June/004987.html), but my hlogin already contains the mentioned line. Would you tell me the version of expect that you have? what the device's prompt is? and does clogin work with your cisco/etc devices? The regex is the same in clogin. it reduces the prompt match so that -x and -c can deal with prompts that change, like they do between cli & config modes on cisco. I think it could be reduced to: regsub -all {^(.{1,11}).*([#>])$} $reprompt {\1([^#>\r\n]+)?[#>]} reprompt eliminating the stuff for the (enable)-junk in Catalyst-like prompts: foo#(enable) but hlogin is also used for AGM modules and SMC/Dell. I no longer have AGMs, but do not recall them having this type prompt. Going by stuff others have posted about SMC/Dell, I don't think it would affect those either. That said, I do not know why it would fail for you, but work for my ciscos and HPs. > Regards > Mana > > > -----Urspr?ngliche Nachricht----- > Von: John Heasley [mailto:heas at shrubbery.net] > Gesendet: Freitag, 6. Juni 2014 16:26 > An: Manfred Mayer IT > Betreff: Re: [rancid] clogin: not found > > > > > Am Jun 6, 2014 um 6:40 AM schrieb Manfred Mayer IT : > > > > Hi all, > > > > I try to migrate my existing rancid-2.3.8 installation to a new host with Ubuntu 12.04. I downloaded ftp://ftp.shrubbery.net/pub/rancid/rancid-2.3.8.tar.gz and installed it to /usr/local/rancid. I copied the .cloginrc and rancid.conf to the new host and wanted to test with a new router.db first, containing only 6 HP Procurve switches (switchname:hp:up). I can login successfully to each switch with "bin/clogin switchname" and I also tried "bin/hlogin -f .cloginrc -c "show version" switchname" which gives me a "no page" output first, but then the version and a completed logout. > > > > But executing "bin/rancid switchname" results in the following: > > sh: 1: clogin: not found > > switchname: missed cmd(s): dir /all slavedisk2:,show rsp chassis-info,show capture,dir /all sec-slot2:,show diag,dir: > > switchname: End of run not found > > ! > > The rancid bin dir is not hardcoded in *login, it uses and inherits your PATH, or rancid.conf's in the case of rancid-run. > > > > I found this existing thread http://www.shrubbery.net/pipermail/rancid-discuss/2008-November/003404.html but however I don't know what to do exactly to solve the problem. > > > > Any suggestions would be appreciated > > > > Regards > > Mana > > > > Rapunzel Naturkost GmbH, Rapunzelstra?e 1, D-87764 Legau > > Registergericht Memmingen HRB 14736 | Sitz der Gesellschaft: Legau > > Ust Id Nr. DE 129088402 > > Gesch?ftsf?hrer: Joseph Wilhelm | Margit Epple | Andreas Wenning > > Telefon: +49 (0)8330 / 529 - 0 > > _______________________________________________ > > Rancid-discuss mailing list > > Rancid-discuss at shrubbery.net > > http://www.shrubbery.net/mailman/listinfo/rancid-discuss > > Email secured by [Rapunzel IT] > > Rapunzel Naturkost GmbH, Rapunzelstra?e 1, D-87764 Legau > Registergericht Memmingen HRB 14736 | Sitz der Gesellschaft: Legau > Ust Id Nr. DE 129088402 > Gesch?ftsf?hrer: Joseph Wilhelm | Margit Epple | Andreas Wenning > Telefon: +49 (0)8330 / 529 - 0 > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss From manfred.mayer.it at rapunzel.de Wed Jun 11 08:41:31 2014 From: manfred.mayer.it at rapunzel.de (Manfred Mayer IT) Date: Wed, 11 Jun 2014 10:41:31 +0200 Subject: [rancid] clogin: not found In-Reply-To: <20140611002928.GG53104@shrubbery.net> References: <7675BFF474F5084E93D4D51003DAFBB351AFB5FDBC@SRLSRV17.int.rapunzel.de> <7675BFF474F5084E93D4D51003DAFBB351AFB5FDC0@SRLSRV17.int.rapunzel.de> <20140611002928.GG53104@shrubbery.net> Message-ID: <7675BFF474F5084E93D4D51003DAFBB351AFB5FDC7@SRLSRV17.int.rapunzel.de> Hello John, I have expect 5.45. In my .cloginrc these switches are configured for autoenable, manually connecting with bin/clogin or bin/hlogin sets me to Enable-Prompt (hostname#). I don't have too many Cisco devices, some only support telnet, these work perfectly. With those that support ssh I have a different problem, as I am unable to login whatsoever by "ssh admin at hostname". I suppose there's an openssh issue as the debug information says: debug1: Local version string SSH-2.0-OpenSSH_5.9p1 Debian-5ubuntu1.4 debug2: fd 3 setting O_NONBLOCK debug3: load_hostkeys: loading entries for host "hostname" from file "/usr/local/rancid/.ssh/known_hosts" debug3: load_hostkeys: loaded 0 keys debug1: SSH2_MSG_KEXINIT sent Read from socket failed: Connection reset by peer Regards Mana -----Urspr?ngliche Nachricht----- Von: heasley [mailto:heas at shrubbery.net] Gesendet: Mittwoch, 11. Juni 2014 02:29 An: Manfred Mayer IT Cc: 'rancid-discuss at shrubbery.net' Betreff: Re: [rancid] clogin: not found Tue, Jun 10, 2014 at 11:49:47AM +0200, Manfred Mayer IT: > Hello John, > > thanks for your help. After adding /usr/local/rancid/bin to the PATH, that error is gone and I went on to executing bin/rancid-run. Now I see these errors in the rancid-run logfile: > > Trying to get all of the configs. > swledv05: missed cmd(s): write term > swledv05: End of run not found > ; > swledv02: missed cmd(s): show tech transceivers > swledv04: missed cmd(s): show tech transceivers,show module,show > config status,show system-information,show systems > swledv11: missed cmd(s): show config files couldn't compile regular > expression pattern: parentheses () not balanced > while executing > "expect { > -re $reprompt {} > -re "\[\n\r]+" { exp_continue } > }" > (procedure "run_commands" line 9) > invoked from within > "run_commands $prompt $command" > ("foreach" body line 161) > invoked from within > "foreach router [lrange $argv $i end] { > set router [string tolower $router] > send_user "$router\n" > > # device timeout > set timeout [find t..." > (file "/usr/local/rancid/bin/hlogin" line 615) > > > I use the same entries in my router.db as on my old machine, but on the old system I don't get any errors in my logfile. For the "parentheses" error I found this thread (http://www.shrubbery.net/pipermail/rancid-discuss/2010-June/004987.html), but my hlogin already contains the mentioned line. Would you tell me the version of expect that you have? what the device's prompt is? and does clogin work with your cisco/etc devices? The regex is the same in clogin. it reduces the prompt match so that -x and -c can deal with prompts that change, like they do between cli & config modes on cisco. I think it could be reduced to: regsub -all {^(.{1,11}).*([#>])$} $reprompt {\1([^#>\r\n]+)?[#>]} reprompt eliminating the stuff for the (enable)-junk in Catalyst-like prompts: foo#(enable) but hlogin is also used for AGM modules and SMC/Dell. I no longer have AGMs, but do not recall them having this type prompt. Going by stuff others have posted about SMC/Dell, I don't think it would affect those either. That said, I do not know why it would fail for you, but work for my ciscos and HPs. > Regards > Mana > > > -----Urspr?ngliche Nachricht----- > Von: John Heasley [mailto:heas at shrubbery.net] > Gesendet: Freitag, 6. Juni 2014 16:26 > An: Manfred Mayer IT > Betreff: Re: [rancid] clogin: not found > > > > > Am Jun 6, 2014 um 6:40 AM schrieb Manfred Mayer IT : > > > > Hi all, > > > > I try to migrate my existing rancid-2.3.8 installation to a new host with Ubuntu 12.04. I downloaded ftp://ftp.shrubbery.net/pub/rancid/rancid-2.3.8.tar.gz and installed it to /usr/local/rancid. I copied the .cloginrc and rancid.conf to the new host and wanted to test with a new router.db first, containing only 6 HP Procurve switches (switchname:hp:up). I can login successfully to each switch with "bin/clogin switchname" and I also tried "bin/hlogin -f .cloginrc -c "show version" switchname" which gives me a "no page" output first, but then the version and a completed logout. > > > > But executing "bin/rancid switchname" results in the following: > > sh: 1: clogin: not found > > switchname: missed cmd(s): dir /all slavedisk2:,show rsp chassis-info,show capture,dir /all sec-slot2:,show diag,dir: > > switchname: End of run not found > > ! > > The rancid bin dir is not hardcoded in *login, it uses and inherits your PATH, or rancid.conf's in the case of rancid-run. > > > > I found this existing thread http://www.shrubbery.net/pipermail/rancid-discuss/2008-November/003404.html but however I don't know what to do exactly to solve the problem. > > > > Any suggestions would be appreciated > > > > Regards > > Mana > > > > Rapunzel Naturkost GmbH, Rapunzelstra?e 1, D-87764 Legau > > Registergericht Memmingen HRB 14736 | Sitz der Gesellschaft: Legau > > Ust Id Nr. DE 129088402 > > Gesch?ftsf?hrer: Joseph Wilhelm | Margit Epple | Andreas Wenning > > Telefon: +49 (0)8330 / 529 - 0 > > _______________________________________________ > > Rancid-discuss mailing list > > Rancid-discuss at shrubbery.net > > http://www.shrubbery.net/mailman/listinfo/rancid-discuss > > Email secured by [Rapunzel IT] > > Rapunzel Naturkost GmbH, Rapunzelstra?e 1, D-87764 Legau > Registergericht Memmingen HRB 14736 | Sitz der Gesellschaft: Legau > Ust Id Nr. DE 129088402 > Gesch?ftsf?hrer: Joseph Wilhelm | Margit Epple | Andreas Wenning > Telefon: +49 (0)8330 / 529 - 0 > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss Email secured by [Rapunzel IT] Rapunzel Naturkost GmbH, Rapunzelstra?e 1, D-87764 Legau Registergericht Memmingen HRB 14736 | Sitz der Gesellschaft: Legau Ust Id Nr. DE 129088402 Gesch?ftsf?hrer: Joseph Wilhelm | Margit Epple | Andreas Wenning Telefon: +49 (0)8330 / 529 - 0 From heas at shrubbery.net Wed Jun 11 20:39:43 2014 From: heas at shrubbery.net ('heasley') Date: Wed, 11 Jun 2014 20:39:43 +0000 Subject: [rancid] clogin: not found In-Reply-To: <7675BFF474F5084E93D4D51003DAFBB351AFB5FDC7@SRLSRV17.int.rapunzel.de> References: <7675BFF474F5084E93D4D51003DAFBB351AFB5FDBC@SRLSRV17.int.rapunzel.de> <7675BFF474F5084E93D4D51003DAFBB351AFB5FDC0@SRLSRV17.int.rapunzel.de> <20140611002928.GG53104@shrubbery.net> <7675BFF474F5084E93D4D51003DAFBB351AFB5FDC7@SRLSRV17.int.rapunzel.de> Message-ID: <20140611203943.GJ84118@shrubbery.net> Wed, Jun 11, 2014 at 10:41:31AM +0200, Manfred Mayer IT: > Hello John, > > I have expect 5.45. In my .cloginrc these switches are configured for autoenable, manually connecting with bin/clogin or bin/hlogin sets me to Enable-Prompt (hostname#). I only have an 2524 and debian with expect 5.45. I can not reproduce the traceback. if it fails when you run the commands manually, I might be able to find the problem if you send (to me, not the list, please) the output of running it with expect debuggin. z.b.: hlogin -d -t 90 -c'show version;show flash;show system-information;show system information;show module;show stack;show tech transceivers;show config files;show config status;write term' hostname 2>& debugoutput > I don't have too many Cisco devices, some only support telnet, these work perfectly. With those that support ssh I have a different problem, as I am unable to login whatsoever by "ssh admin at hostname". I suppose there's an openssh issue as the debug information says: > > debug1: Local version string SSH-2.0-OpenSSH_5.9p1 Debian-5ubuntu1.4 > debug2: fd 3 setting O_NONBLOCK > debug3: load_hostkeys: loading entries for host "hostname" from file "/usr/local/rancid/.ssh/known_hosts" > debug3: load_hostkeys: loaded 0 keys > debug1: SSH2_MSG_KEXINIT sent > Read from socket failed: Connection reset by peer Yes, probably a problem with the server. try -l. > Regards > Mana > > -----Urspr?ngliche Nachricht----- > Von: heasley [mailto:heas at shrubbery.net] > Gesendet: Mittwoch, 11. Juni 2014 02:29 > An: Manfred Mayer IT > Cc: 'rancid-discuss at shrubbery.net' > Betreff: Re: [rancid] clogin: not found > > Tue, Jun 10, 2014 at 11:49:47AM +0200, Manfred Mayer IT: > > Hello John, > > > > thanks for your help. After adding /usr/local/rancid/bin to the PATH, that error is gone and I went on to executing bin/rancid-run. Now I see these errors in the rancid-run logfile: > > > > Trying to get all of the configs. > > swledv05: missed cmd(s): write term > > swledv05: End of run not found > > ; > > swledv02: missed cmd(s): show tech transceivers > > swledv04: missed cmd(s): show tech transceivers,show module,show > > config status,show system-information,show systems > > swledv11: missed cmd(s): show config files couldn't compile regular > > expression pattern: parentheses () not balanced > > while executing > > "expect { > > -re $reprompt {} > > -re "\[\n\r]+" { exp_continue } > > }" > > (procedure "run_commands" line 9) > > invoked from within > > "run_commands $prompt $command" > > ("foreach" body line 161) > > invoked from within > > "foreach router [lrange $argv $i end] { > > set router [string tolower $router] > > send_user "$router\n" > > > > # device timeout > > set timeout [find t..." > > (file "/usr/local/rancid/bin/hlogin" line 615) > > > > > > I use the same entries in my router.db as on my old machine, but on the old system I don't get any errors in my logfile. For the "parentheses" error I found this thread (http://www.shrubbery.net/pipermail/rancid-discuss/2010-June/004987.html), but my hlogin already contains the mentioned line. > > Would you tell me the version of expect that you have? what the device's prompt is? and does clogin work with your cisco/etc devices? > > The regex is the same in clogin. it reduces the prompt match so that -x and -c can deal with prompts that change, like they do between cli & config modes on cisco. > > I think it could be reduced to: > > regsub -all {^(.{1,11}).*([#>])$} $reprompt {\1([^#>\r\n]+)?[#>]} reprompt > > eliminating the stuff for the (enable)-junk in Catalyst-like prompts: > foo#(enable) > but hlogin is also used for AGM modules and SMC/Dell. I no longer have AGMs, but do not recall them having this type prompt. Going by stuff others have posted about SMC/Dell, I don't think it would affect those either. > > That said, I do not know why it would fail for you, but work for my ciscos and HPs. > > > Regards > > Mana > > > > > > -----Urspr?ngliche Nachricht----- > > Von: John Heasley [mailto:heas at shrubbery.net] > > Gesendet: Freitag, 6. Juni 2014 16:26 > > An: Manfred Mayer IT > > Betreff: Re: [rancid] clogin: not found > > > > > > > > > Am Jun 6, 2014 um 6:40 AM schrieb Manfred Mayer IT : > > > > > > Hi all, > > > > > > I try to migrate my existing rancid-2.3.8 installation to a new host with Ubuntu 12.04. I downloaded ftp://ftp.shrubbery.net/pub/rancid/rancid-2.3.8.tar.gz and installed it to /usr/local/rancid. I copied the .cloginrc and rancid.conf to the new host and wanted to test with a new router.db first, containing only 6 HP Procurve switches (switchname:hp:up). I can login successfully to each switch with "bin/clogin switchname" and I also tried "bin/hlogin -f .cloginrc -c "show version" switchname" which gives me a "no page" output first, but then the version and a completed logout. > > > > > > But executing "bin/rancid switchname" results in the following: > > > sh: 1: clogin: not found > > > switchname: missed cmd(s): dir /all slavedisk2:,show rsp chassis-info,show capture,dir /all sec-slot2:,show diag,dir: > > > switchname: End of run not found > > > ! > > > > The rancid bin dir is not hardcoded in *login, it uses and inherits your PATH, or rancid.conf's in the case of rancid-run. > > > > > > I found this existing thread http://www.shrubbery.net/pipermail/rancid-discuss/2008-November/003404.html but however I don't know what to do exactly to solve the problem. > > > > > > Any suggestions would be appreciated > > > > > > Regards > > > Mana > > > > > > Rapunzel Naturkost GmbH, Rapunzelstra?e 1, D-87764 Legau > > > Registergericht Memmingen HRB 14736 | Sitz der Gesellschaft: Legau > > > Ust Id Nr. DE 129088402 > > > Gesch?ftsf?hrer: Joseph Wilhelm | Margit Epple | Andreas Wenning > > > Telefon: +49 (0)8330 / 529 - 0 > > > _______________________________________________ > > > Rancid-discuss mailing list > > > Rancid-discuss at shrubbery.net > > > http://www.shrubbery.net/mailman/listinfo/rancid-discuss > > > > Email secured by [Rapunzel IT] > > > > Rapunzel Naturkost GmbH, Rapunzelstra?e 1, D-87764 Legau > > Registergericht Memmingen HRB 14736 | Sitz der Gesellschaft: Legau > > Ust Id Nr. DE 129088402 > > Gesch?ftsf?hrer: Joseph Wilhelm | Margit Epple | Andreas Wenning > > Telefon: +49 (0)8330 / 529 - 0 > > _______________________________________________ > > Rancid-discuss mailing list > > Rancid-discuss at shrubbery.net > > http://www.shrubbery.net/mailman/listinfo/rancid-discuss > > Email secured by [Rapunzel IT] > > Rapunzel Naturkost GmbH, Rapunzelstra?e 1, D-87764 Legau > Registergericht Memmingen HRB 14736 | Sitz der Gesellschaft: Legau > Ust Id Nr. DE 129088402 > Gesch?ftsf?hrer: Joseph Wilhelm | Margit Epple | Andreas Wenning > Telefon: +49 (0)8330 / 529 - 0 From fanachos at gmail.com Thu Jun 12 14:08:45 2014 From: fanachos at gmail.com (Andrei Sabau) Date: Thu, 12 Jun 2014 17:08:45 +0300 Subject: [rancid] Using Ravin's patch to jump through a gateway device to probe device not working in 3.1? Message-ID: Hello. I've installed Rancid 3.1, added Ed Ravin's modification to clogin but apparently it does not work. The error shows something like this: 1. Trying to get all of the configs. 2. send: spawn id exp4 not open 3. while executing 4. "send "\r"" 5. ("foreach" body line 162) 6. invoked from within 7. "foreach router [lrange $argv $i end] { 8. set router [string tolower $router] 9. # attempt at platform switching. 10. set platform "" 11. send_user ..." 12. (file "/home/rancid/bin/clogin" line 773) I have used the correct syntax in cloginrc. Any ideas? Is there another way to achieve the method? -------------- next part -------------- An HTML attachment was scrubbed... URL: From heas at shrubbery.net Fri Jun 13 06:04:38 2014 From: heas at shrubbery.net (heasley) Date: Fri, 13 Jun 2014 06:04:38 +0000 Subject: [rancid] Cisco 10k sflog Timestamp Cycling In-Reply-To: <20140613060324.CECB94640892@ni.shrubbery.net> Message-ID: <20140613060438.GF48070@shrubbery.net> Mon, Jun 09, 2014 at 10:18:21AM -0400, Kenneth Lind: > > -----Original Message----- > > From: heasley [mailto:heas at shrubbery.net] > > Sent: Thursday, June 05, 2014 5:27 PM > > To: Kenneth Lind > > Cc: rancid-discuss at shrubbery.net > > Subject: Re: [rancid] Cisco 10k sflog Timestamp Cycling > > > > Thu, Jun 05, 2014 at 02:24:41PM -0400, Kenneth Lind: > > > This is a fairly old issue so I'm including the previous threads for > > > what it's worth. We upgraded to Rancid v3.0 and then today to v3.1 > > without issue. > > > The upgrade to 3.0a did hush the actual sflog diffs, however, we are > > > still receiving noisy diffs related to the sflog/IPDR data and the > > > fact that n bytes are stored in flash before being sent to the > > collector. > > > > > > What would be the best method to hush these diffs? > > > > > > Example of diffs: > > > !Flash: sflog > > > - !Flash: 821772288 bytes available (202817536 bytes used) > > > + !Flash: 821805056 bytes available (202784768 bytes used) > > > > would you show me the output of the command 'dir' or 'show flash' for > > whatever device this is? it should be replacing that line with a > > sumarry line that ought to be less annoying. > > "Dir" and "show flash" look a little different, so I'll include both. > > First "dir" > Directory of disk0:/ > > 1 -rw- 68483912 Dec 14 2010 10:46:02 -05:00 .bin > 2 -rw- 68495176 Jan 25 2011 01:27:54 -05:00 .bin > 3 -rw- 54584320 Jan 25 2011 01:30:40 -05:00 .pkg > 4 -rw- 11060935 Jul 31 2012 10:09:38 -04:00 .img > 5 -rw- 115639 Mar 28 2013 10:24:54 -04:00 ftp > 6 -rw- 0 Jun 9 2014 10:01:30 -04:00 sflog > > > "show flash" > -#- --length-- -----date/time------ path > 1 68483912 Dec 14 2010 10:46:02 -05:00 .bin > 2 68495176 Jan 25 2011 01:27:54 -05:00 .bin > 3 54584320 Jan 25 2011 01:30:40 -05:00 .pkg > 4 11060935 Jul 31 2012 10:09:38 -04:00 .img > 5 115639 Mar 28 2013 10:24:54 -04:00 ftp > 6 0 Jun 9 2014 10:01:30 -04:00 sflog > Does this patch fix the space available line (summarize it)? Index: lib/ios.pm.in =================================================================== --- lib/ios.pm.in (revision 2847) +++ lib/ios.pm.in (working copy) @@ -848,6 +848,20 @@ # Drop these files entirely. /\s+(private-multiple-fs|multiple-fs|LISP-MapCache-IPv\S+|nv_hdr)$/ && next; + + if ($ios eq "XE" && /(\d+) bytes available \(\d+ bytes used\)/) { + my($tmp) = $1; + if ($tmp >= (1024 * 1024 * 1024)) { + $tmp = int($tmp / (1024 * 1024 * 1024)); + $_ = "$tmp GB free"; + } elsif ($tmp >= (1024 * 1024)) { + $tmp = int($tmp / (1024 * 1024)); + $_ = "$tmp MB free"; + } else { + $tmp = int($tmp / 1024); + $_ = "$tmp KB free"; + } + } ProcessHistory("FLASH","","","!Flash: $_"); } ProcessHistory("","","","!\n"); From lind108 at hotmail.com Fri Jun 13 16:26:19 2014 From: lind108 at hotmail.com (Kenneth Lind) Date: Fri, 13 Jun 2014 12:26:19 -0400 Subject: [rancid] Cisco 10k sflog Timestamp Cycling In-Reply-To: <20140613060438.GF48070@shrubbery.net> References: <20140613060324.CECB94640892@ni.shrubbery.net> <20140613060438.GF48070@shrubbery.net> Message-ID: > -----Original Message----- > From: heasley [mailto:heas at shrubbery.net] > Sent: Friday, June 13, 2014 2:05 AM > To: Kenneth Lind > Cc: 'heasley'; rancid-discuss at shrubbery.net > Subject: Re: [rancid] Cisco 10k sflog Timestamp Cycling > > Mon, Jun 09, 2014 at 10:18:21AM -0400, Kenneth Lind: > > > -----Original Message----- > > > From: heasley [mailto:heas at shrubbery.net] > > > Sent: Thursday, June 05, 2014 5:27 PM > > > To: Kenneth Lind > > > Cc: rancid-discuss at shrubbery.net > > > Subject: Re: [rancid] Cisco 10k sflog Timestamp Cycling > > > > > > Thu, Jun 05, 2014 at 02:24:41PM -0400, Kenneth Lind: > > > > This is a fairly old issue so I'm including the previous threads > > > > for what it's worth. We upgraded to Rancid v3.0 and then today to > > > > v3.1 > > > without issue. > > > > The upgrade to 3.0a did hush the actual sflog diffs, however, we > > > > are still receiving noisy diffs related to the sflog/IPDR data > and > > > > the fact that n bytes are stored in flash before being sent to > the > > > collector. > > > > > > > > What would be the best method to hush these diffs? > > > > > > > > Example of diffs: > > > > !Flash: sflog > > > > - !Flash: 821772288 bytes available (202817536 bytes used) > > > > + !Flash: 821805056 bytes available (202784768 bytes used) > > > > > > would you show me the output of the command 'dir' or 'show flash' > > > for whatever device this is? it should be replacing that line with > > > a sumarry line that ought to be less annoying. > > > > "Dir" and "show flash" look a little different, so I'll include both. > > > > First "dir" > > Directory of disk0:/ > > > > 1 -rw- 68483912 Dec 14 2010 10:46:02 -05:00 .bin > > 2 -rw- 68495176 Jan 25 2011 01:27:54 -05:00 .bin > > 3 -rw- 54584320 Jan 25 2011 01:30:40 -05:00 .pkg > > 4 -rw- 11060935 Jul 31 2012 10:09:38 -04:00 .img > > 5 -rw- 115639 Mar 28 2013 10:24:54 -04:00 ftp > > 6 -rw- 0 Jun 9 2014 10:01:30 -04:00 sflog > > > > > > "show flash" > > -#- --length-- -----date/time------ path > > 1 68483912 Dec 14 2010 10:46:02 -05:00 .bin > > 2 68495176 Jan 25 2011 01:27:54 -05:00 .bin > > 3 54584320 Jan 25 2011 01:30:40 -05:00 .pkg > > 4 11060935 Jul 31 2012 10:09:38 -04:00 .img > > 5 115639 Mar 28 2013 10:24:54 -04:00 ftp > > 6 0 Jun 9 2014 10:01:30 -04:00 sflog > > > > Does this patch fix the space available line (summarize it)? > > Index: lib/ios.pm.in > =================================================================== > --- lib/ios.pm.in (revision 2847) > +++ lib/ios.pm.in (working copy) > @@ -848,6 +848,20 @@ > # Drop these files entirely. > /\s+(private-multiple-fs|multiple-fs|LISP-MapCache- > IPv\S+|nv_hdr)$/ && > next; > + > + if ($ios eq "XE" && /(\d+) bytes available \(\d+ bytes used\)/) { > + my($tmp) = $1; > + if ($tmp >= (1024 * 1024 * 1024)) { > + $tmp = int($tmp / (1024 * 1024 * 1024)); > + $_ = "$tmp GB free"; > + } elsif ($tmp >= (1024 * 1024)) { > + $tmp = int($tmp / (1024 * 1024)); > + $_ = "$tmp MB free"; > + } else { > + $tmp = int($tmp / 1024); > + $_ = "$tmp KB free"; > + } > + } > ProcessHistory("FLASH","","","!Flash: $_"); > } > ProcessHistory("","","","!\n"); Am I doing that wrong if I put that in ios.pm? Doing so caused quite a few errors in the logs. From lind108 at hotmail.com Fri Jun 13 20:12:32 2014 From: lind108 at hotmail.com (Kenneth Lind) Date: Fri, 13 Jun 2014 16:12:32 -0400 Subject: [rancid] Cisco 10k sflog Timestamp Cycling In-Reply-To: References: <20140613060324.CECB94640892@ni.shrubbery.net> <20140613060438.GF48070@shrubbery.net> Message-ID: > -----Original Message----- > From: Rancid-discuss [mailto:rancid-discuss-bounces at shrubbery.net] On > Behalf Of Kenneth Lind > Sent: Friday, June 13, 2014 12:26 PM > To: 'heasley' > Cc: rancid-discuss at shrubbery.net > Subject: Re: [rancid] Cisco 10k sflog Timestamp Cycling > > > -----Original Message----- > > From: heasley [mailto:heas at shrubbery.net] > > Sent: Friday, June 13, 2014 2:05 AM > > To: Kenneth Lind > > Cc: 'heasley'; rancid-discuss at shrubbery.net > > Subject: Re: [rancid] Cisco 10k sflog Timestamp Cycling > > > > Mon, Jun 09, 2014 at 10:18:21AM -0400, Kenneth Lind: > > > > -----Original Message----- > > > > From: heasley [mailto:heas at shrubbery.net] > > > > Sent: Thursday, June 05, 2014 5:27 PM > > > > To: Kenneth Lind > > > > Cc: rancid-discuss at shrubbery.net > > > > Subject: Re: [rancid] Cisco 10k sflog Timestamp Cycling > > > > > > > > Thu, Jun 05, 2014 at 02:24:41PM -0400, Kenneth Lind: > > > > > This is a fairly old issue so I'm including the previous > threads > > > > > for what it's worth. We upgraded to Rancid v3.0 and then today > > > > > to > > > > > v3.1 > > > > without issue. > > > > > The upgrade to 3.0a did hush the actual sflog diffs, however, > we > > > > > are still receiving noisy diffs related to the sflog/IPDR data > > and > > > > > the fact that n bytes are stored in flash before being sent to > > the > > > > collector. > > > > > > > > > > What would be the best method to hush these diffs? > > > > > > > > > > Example of diffs: > > > > > !Flash: sflog > > > > > - !Flash: 821772288 bytes available (202817536 bytes used) > > > > > + !Flash: 821805056 bytes available (202784768 bytes used) > > > > > > > > would you show me the output of the command 'dir' or 'show flash' > > > > for whatever device this is? it should be replacing that line > > > > with a sumarry line that ought to be less annoying. > > > > > > "Dir" and "show flash" look a little different, so I'll include > both. > > > > > > First "dir" > > > Directory of disk0:/ > > > > > > 1 -rw- 68483912 Dec 14 2010 10:46:02 -05:00 .bin > > > 2 -rw- 68495176 Jan 25 2011 01:27:54 -05:00 .bin > > > 3 -rw- 54584320 Jan 25 2011 01:30:40 -05:00 .pkg > > > 4 -rw- 11060935 Jul 31 2012 10:09:38 -04:00 .img > > > 5 -rw- 115639 Mar 28 2013 10:24:54 -04:00 ftp > > > 6 -rw- 0 Jun 9 2014 10:01:30 -04:00 sflog > > > > > > > > > "show flash" > > > -#- --length-- -----date/time------ path > > > 1 68483912 Dec 14 2010 10:46:02 -05:00 .bin > > > 2 68495176 Jan 25 2011 01:27:54 -05:00 .bin > > > 3 54584320 Jan 25 2011 01:30:40 -05:00 .pkg > > > 4 11060935 Jul 31 2012 10:09:38 -04:00 .img > > > 5 115639 Mar 28 2013 10:24:54 -04:00 ftp > > > 6 0 Jun 9 2014 10:01:30 -04:00 sflog > > > > > > > Does this patch fix the space available line (summarize it)? > > > > Index: lib/ios.pm.in > > =================================================================== > > --- lib/ios.pm.in (revision 2847) > > +++ lib/ios.pm.in (working copy) > > @@ -848,6 +848,20 @@ > > # Drop these files entirely. > > /\s+(private-multiple-fs|multiple-fs|LISP-MapCache- > > IPv\S+|nv_hdr)$/ && > > next; > > + > > + if ($ios eq "XE" && /(\d+) bytes available \(\d+ bytes used\)/) { > > + my($tmp) = $1; > > + if ($tmp >= (1024 * 1024 * 1024)) { > > + $tmp = int($tmp / (1024 * 1024 * 1024)); > > + $_ = "$tmp GB free"; > > + } elsif ($tmp >= (1024 * 1024)) { > > + $tmp = int($tmp / (1024 * 1024)); > > + $_ = "$tmp MB free"; > > + } else { > > + $tmp = int($tmp / 1024); > > + $_ = "$tmp KB free"; > > + } > > + } > > ProcessHistory("FLASH","","","!Flash: $_"); > > } > > ProcessHistory("","","","!\n"); > > Am I doing that wrong if I put that in ios.pm? Doing so caused quite a > few errors in the logs. Disregard this last question. I stumbled upon another fault with the server unrelated to this that appeared about the same time I implemented these changes to lib/ios.pm. I've re-implemented and successfully ran error free now. I am unsure if I have a way to test this issue other than waiting for peak usage time to spike the IPDR data to the max. I'll update in a few days after monitoring unless there's some other method that someone would like to suggest. > > > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss From wpleasants at gmail.com Mon Jun 16 18:01:09 2014 From: wpleasants at gmail.com (Chip Pleasants) Date: Mon, 16 Jun 2014 14:01:09 -0400 Subject: [rancid] Panrancid with PAN 6.0 Message-ID: Does anyone have Panrancid working with PAN version 6.0.2? I have four sets running PAN version 5.0.11 without an issues. Once I upgraded one set the script times out. Below is a debug. Let me know if you have any questions. Cheers, Chip [rancid at cmh1vlobs01 rancid]$ /usr/libexec/rancid/panrancid -d cmh1-z4-f01.domain.com executing panlogin -t 90 -c"set cli scripting-mode on;set cli pager off;show system info;show config running" cmh1-z4-f01.domain.com line: cmh1-z4-f01.domain.com line: spawn ssh -c 3des -x -l rancid cmh1-z4-f01.domain.com line: NOTICE TO USERS line: This is an official computer system and is the property of POOP Incorporated. line: It is for authorized users only. Unauthorized users are prohibited. line: Users (authorized or unauthorized) have no explicit or implicit expectation of line: privacy. Any or all uses of this system may be subject to one or more of the line: following actions: interception, monitoring, recording, auditing, inspection and line: disclosing to security personnel and law enforcement personnel, as well as line: authorized officials of other agencies, both domestic and foreign. By using this line: system, the user consents to these actions. Unauthorized or improper use of line: this system may result in administrative disciplinary action and civil and criminal line: penalties. By accessing this system you indicate your awareness of and line: consent to these terms and conditions of use. Discontinue access immediately line: if you do not agree to the conditions stated in this notice. line: line: Password: line: Last login: Mon Jun 16 08:00:00 2014 from cmh1vlobs01.domain.com line: Welcome rancid. line: line: rancid at CMH1-Z4-F01(active)> line: rancid at CMH1-Z4-F01(active)> line: rancid at CMH1-Z4-F01(active)> set rancid at CMH1-Z4-F01(active)> set cli rancid at CMH1-Z4-F01(active)> set cli scripting-mode rancid at CMH1-Z4-F01(active)> set cli scripting-mode on PROMPT MATCH: rancid at CMH1-Z4-F01\(active\)[#>] HIT COMMAND:rancid at CMH1-Z4-F01(active)> set rancid at CMH1-Z4-F01(active)> set cli rancid at CMH1-Z4-F01(active)> set cli scripting-mode rancid at CMH1-Z4-F01(active)> set cli scripting-mode on COMMAND is: set cli scripting-mode on|EatCommand HIT COMMAND:rancid at CMH1-Z4-F01(active)> set rancid at CMH1-Z4-F01(active)> set cli rancid at CMH1-Z4-F01(active)> set cli pager rancid at CMH1-Z4-F01(active)> set cli pager off COMMAND is: set cli pager off|EatCommand HIT COMMAND:rancid at CMH1-Z4-F01(active)> show rancid at CMH1-Z4-F01(active)> show system rancid at CMH1-Z4-F01(active)> show system info COMMAND is: show system info|ShowInfo In ShowInfo:: rancid at CMH1-Z4-F01(active)> show rancid at CMH1-Z4-F01(active)> show system rancid at CMH1-Z4-F01(active)> show system info cmh1-z4-f01. domain.com : missed cmd(s): show config running cmh1-z4-f01. domain.com : missed cmd(s): show config running cmh1-z4-f01. domain.com : End of run not found cmh1-z4-f01. domain.com : End of run not found -------------- next part -------------- An HTML attachment was scrubbed... URL: From Douglas.Hughes at DEShawResearch.com Mon Jun 16 20:37:16 2014 From: Douglas.Hughes at DEShawResearch.com (Hughes, Doug) Date: Mon, 16 Jun 2014 20:37:16 +0000 Subject: [rancid] Panrancid with PAN 6.0 In-Reply-To: References: Message-ID: Yes, it?s working for me. Are you using the latest? (attached) From: Rancid-discuss [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Chip Pleasants Sent: Monday, June 16, 2014 2:01 PM To: rancid-discuss at shrubbery.net Subject: [rancid] Panrancid with PAN 6.0 Does anyone have Panrancid working with PAN version 6.0.2? I have four sets running PAN version 5.0.11 without an issues. Once I upgraded one set the script times out. Below is a debug. Let me know if you have any questions. Cheers, Chip [rancid at cmh1vlobs01 rancid]$ /usr/libexec/rancid/panrancid -d cmh1-z4-f01.domain.com executing panlogin -t 90 -c"set cli scripting-mode on;set cli pager off;show system info;show config running" cmh1-z4-f01.domain.com line: cmh1-z4-f01.domain.com line: spawn ssh -c 3des -x -l rancid cmh1-z4-f01.domain.com line: NOTICE TO USERS line: This is an official computer system and is the property of POOP Incorporated. line: It is for authorized users only. Unauthorized users are prohibited. line: Users (authorized or unauthorized) have no explicit or implicit expectation of line: privacy. Any or all uses of this system may be subject to one or more of the line: following actions: interception, monitoring, recording, auditing, inspection and line: disclosing to security personnel and law enforcement personnel, as well as line: authorized officials of other agencies, both domestic and foreign. By using this line: system, the user consents to these actions. Unauthorized or improper use of line: this system may result in administrative disciplinary action and civil and criminal line: penalties. By accessing this system you indicate your awareness of and line: consent to these terms and conditions of use. Discontinue access immediately line: if you do not agree to the conditions stated in this notice. line: line: Password: line: Last login: Mon Jun 16 08:00:00 2014 from cmh1vlobs01.domain.com line: Welcome rancid. line: line: rancid at CMH1-Z4-F01(active)> line: rancid at CMH1-Z4-F01(active)> line: rancid at CMH1-Z4-F01(active)> set rancid at CMH1-Z4-F01(active)> set cli rancid at CMH1-Z4-F01(active)> set cli scripting-mode rancid at CMH1-Z4-F01(active)> set cli scripting-mode on PROMPT MATCH: rancid at CMH1-Z4-F01\(active\)[#>] HIT COMMAND:rancid at CMH1-Z4-F01(active)> set rancid at CMH1-Z4-F01(active)> set cli rancid at CMH1-Z4-F01(active)> set cli scripting-mode rancid at CMH1-Z4-F01(active)> set cli scripting-mode on COMMAND is: set cli scripting-mode on|EatCommand HIT COMMAND:rancid at CMH1-Z4-F01(active)> set rancid at CMH1-Z4-F01(active)> set cli rancid at CMH1-Z4-F01(active)> set cli pager rancid at CMH1-Z4-F01(active)> set cli pager off COMMAND is: set cli pager off|EatCommand HIT COMMAND:rancid at CMH1-Z4-F01(active)> show rancid at CMH1-Z4-F01(active)> show system rancid at CMH1-Z4-F01(active)> show system info COMMAND is: show system info|ShowInfo In ShowInfo:: rancid at CMH1-Z4-F01(active)> show rancid at CMH1-Z4-F01(active)> show system rancid at CMH1-Z4-F01(active)> show system info cmh1-z4-f01.domain.com : missed cmd(s): show config running cmh1-z4-f01.domain.com : missed cmd(s): show config running cmh1-z4-f01.domain.com : End of run not found cmh1-z4-f01.domain.com : End of run not found -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: panlogin Type: application/octet-stream Size: 17825 bytes Desc: panlogin URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: panrancid Type: application/octet-stream Size: 8508 bytes Desc: panrancid URL: From howie at thingy.com Tue Jun 17 14:25:51 2014 From: howie at thingy.com (Howard Jones) Date: Tue, 17 Jun 2014 15:25:51 +0100 Subject: [rancid] Cisco APs and RANCID 3.1 => traffic counters in output Message-ID: <53A04FEF.3020703@thingy.com> I've just upgraded from 2.8.x to 3.1, and it's nice that I don't get hourly updates on files on our ASRs anymore. However, what I get now instead is byte counters per-VLAN from our Cisco WAPs :-) - !VLAN:21689 packets, 8176753 bytes output - !VLAN:Other0173501 - !VLAN:25937 packets, 10671062 bytes input - !VLAN:151812 packets, 11928977 bytes output + !VLAN:22023 packets, 8302671 bytes output + !VLAN:Other 0176177 + !VLAN:26337 packets, 10835508 bytes input + !VLAN:154154 packets, 12113161 bytes output Before I dig in to fix it, has anyone already done that? Cheers, Howie From Douglas.Hughes at DEShawResearch.com Tue Jun 17 18:28:51 2014 From: Douglas.Hughes at DEShawResearch.com (Hughes, Doug) Date: Tue, 17 Jun 2014 18:28:51 +0000 Subject: [rancid] Panrancid with PAN 6.0 In-Reply-To: References: Message-ID: Ah, you are running in HA mode I see. That could be throwing things off, but I think I fixed that in 2013 sometime. (I don?t run any in HA) It looks to me like ?set cli scripting-mode on? is failing To confirm this, login to the PA at command line, then type set cli scripting-mode on Now type ?set cli scripting-mode ?? If you get any sort of command completion, the cli scripting mode setting is not working and needs to be turned into a PA bug report. That is what it looks like it is happening by looking at the command staggering for subsequent lines. From: Chip Pleasants [mailto:wpleasants at gmail.com] Sent: Tuesday, June 17, 2014 1:39 PM To: Hughes, Doug Cc: rancid-discuss at shrubbery.net Subject: Re: [rancid] Panrancid with PAN 6.0 Thanks Doug. I am running the most recent version, but for grins I replaced them anyway. Still seeing the issue on two sets. The others seem to work fine. Anything I provide that help find the trouble? -Chip On Mon, Jun 16, 2014 at 4:37 PM, Hughes, Doug > wrote: Yes, it?s working for me. Are you using the latest? (attached) From: Rancid-discuss [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Chip Pleasants Sent: Monday, June 16, 2014 2:01 PM To: rancid-discuss at shrubbery.net Subject: [rancid] Panrancid with PAN 6.0 Does anyone have Panrancid working with PAN version 6.0.2? I have four sets running PAN version 5.0.11 without an issues. Once I upgraded one set the script times out. Below is a debug. Let me know if you have any questions. Cheers, Chip [rancid at cmh1vlobs01 rancid]$ /usr/libexec/rancid/panrancid -d cmh1-z4-f01.domain.com executing panlogin -t 90 -c"set cli scripting-mode on;set cli pager off;show system info;show config running" cmh1-z4-f01.domain.com line: cmh1-z4-f01.domain.com line: spawn ssh -c 3des -x -l rancid cmh1-z4-f01.domain.com line: NOTICE TO USERS line: This is an official computer system and is the property of POOP Incorporated. line: It is for authorized users only. Unauthorized users are prohibited. line: Users (authorized or unauthorized) have no explicit or implicit expectation of line: privacy. Any or all uses of this system may be subject to one or more of the line: following actions: interception, monitoring, recording, auditing, inspection and line: disclosing to security personnel and law enforcement personnel, as well as line: authorized officials of other agencies, both domestic and foreign. By using this line: system, the user consents to these actions. Unauthorized or improper use of line: this system may result in administrative disciplinary action and civil and criminal line: penalties. By accessing this system you indicate your awareness of and line: consent to these terms and conditions of use. Discontinue access immediately line: if you do not agree to the conditions stated in this notice. line: line: Password: line: Last login: Mon Jun 16 08:00:00 2014 from cmh1vlobs01.domain.com line: Welcome rancid. line: line: rancid at CMH1-Z4-F01(active)> line: rancid at CMH1-Z4-F01(active)> line: rancid at CMH1-Z4-F01(active)> set rancid at CMH1-Z4-F01(active)> set cli rancid at CMH1-Z4-F01(active)> set cli scripting-mode rancid at CMH1-Z4-F01(active)> set cli scripting-mode on PROMPT MATCH: rancid at CMH1-Z4-F01\(active\)[#>] HIT COMMAND:rancid at CMH1-Z4-F01(active)> set rancid at CMH1-Z4-F01(active)> set cli rancid at CMH1-Z4-F01(active)> set cli scripting-mode rancid at CMH1-Z4-F01(active)> set cli scripting-mode on COMMAND is: set cli scripting-mode on|EatCommand HIT COMMAND:rancid at CMH1-Z4-F01(active)> set rancid at CMH1-Z4-F01(active)> set cli rancid at CMH1-Z4-F01(active)> set cli pager rancid at CMH1-Z4-F01(active)> set cli pager off COMMAND is: set cli pager off|EatCommand HIT COMMAND:rancid at CMH1-Z4-F01(active)> show rancid at CMH1-Z4-F01(active)> show system rancid at CMH1-Z4-F01(active)> show system info COMMAND is: show system info|ShowInfo In ShowInfo:: rancid at CMH1-Z4-F01(active)> show rancid at CMH1-Z4-F01(active)> show system rancid at CMH1-Z4-F01(active)> show system info cmh1-z4-f01.domain.com : missed cmd(s): show config running cmh1-z4-f01.domain.com : missed cmd(s): show config running cmh1-z4-f01.domain.com : End of run not found cmh1-z4-f01.domain.com : End of run not found -------------- next part -------------- An HTML attachment was scrubbed... URL: From daniel.schmidt at wyo.gov Tue Jun 17 18:32:41 2014 From: daniel.schmidt at wyo.gov (Daniel Schmidt) Date: Tue, 17 Jun 2014 12:32:41 -0600 Subject: [rancid] tacacs.org down Message-ID: database error? E-Mail to and from me, in connection with the transaction of public business, is subject to the Wyoming Public Records Act and may be disclosed to third parties. -------------- next part -------------- An HTML attachment was scrubbed... URL: From wpleasants at gmail.com Tue Jun 17 18:48:12 2014 From: wpleasants at gmail.com (Chip Pleasants) Date: Tue, 17 Jun 2014 14:48:12 -0400 Subject: [rancid] Panrancid with PAN 6.0 In-Reply-To: References: Message-ID: Here's what I get. I get the same result from a version 5.x PA. I removed the "set cli scripting-mode on" from the script to test. Version 5.x PA works and version 6.x PA end up with the same result. user at FIREWALL(active)> set cli scripting-mode on user at FIREWALL(active)> set cli scripting-mode ? ? is not one of Invalid syntax. user at FIREWALL(active)> line: rancid at FIREWALL(active)> set rancid at FIREWALL(active)> set cli rancid at FIREWALL(active)> set cli pager rancid at FIREWALL(active)> set cli pager off PROMPT MATCH: rancid at FIREWALL\(active\)[#>] HIT COMMAND:rancid at FIREWALL(active)> set rancid at FIREWALL(active)> set cli rancid at FIREWALL(active)> set cli pager rancid at FIREWALL(active)> set cli pager off COMMAND is: set cli pager off|EatCommand HIT COMMAND:rancid at FIREWALL(active)> show rancid at FIREWALL(active)> show system rancid at FIREWALL(active)> show system info COMMAND is: show system info|ShowInfo In ShowInfo:: rancid at FIREWALL(active)> show rancid at FIREWALL(active)> show system rancid at FIREWALL(active)> show system info FIREWALL.dswinc.net: missed cmd(s): show config running FIREWALL.dswinc.net: missed cmd(s): show config running FIREWALL.dswinc.net: End of run not found FIREWALL.dswinc.net: End of run not found # [rancid at server rancid]$ On Tue, Jun 17, 2014 at 2:28 PM, Hughes, Doug < Douglas.Hughes at deshawresearch.com> wrote: > Ah, you are running in HA mode I see. That could be throwing things off, > but I think I fixed that in 2013 sometime. > > (I don?t run any in HA) > > > > It looks to me like ?set cli scripting-mode on? is failing > > > > To confirm this, login to the PA at command line, then type set cli > scripting-mode on > > > > Now type ?set cli scripting-mode ?? > > > > If you get any sort of command completion, the cli scripting mode setting > is not working and needs to be turned into a PA bug report. That is what it > looks like it is happening by looking at the command staggering for > subsequent lines. > > > > *From:* Chip Pleasants [mailto:wpleasants at gmail.com] > *Sent:* Tuesday, June 17, 2014 1:39 PM > *To:* Hughes, Doug > *Cc:* rancid-discuss at shrubbery.net > *Subject:* Re: [rancid] Panrancid with PAN 6.0 > > > > Thanks Doug. I am running the most recent version, but for grins I > replaced them anyway. Still seeing the issue on two sets. The others seem > to work fine. Anything I provide that help find the trouble? > > > > -Chip > > > > > > On Mon, Jun 16, 2014 at 4:37 PM, Hughes, Doug < > Douglas.Hughes at deshawresearch.com> wrote: > > Yes, it?s working for me. Are you using the latest? (attached) > > > > > > *From:* Rancid-discuss [mailto:rancid-discuss-bounces at shrubbery.net] *On > Behalf Of *Chip Pleasants > *Sent:* Monday, June 16, 2014 2:01 PM > *To:* rancid-discuss at shrubbery.net > *Subject:* [rancid] Panrancid with PAN 6.0 > > > > Does anyone have Panrancid working with PAN version 6.0.2? I have four > sets running PAN version 5.0.11 without an issues. Once I upgraded one set > the script times out. Below is a debug. Let me know if you have any > questions. > > > > Cheers, > > > > Chip > > > > > > [rancid at cmh1vlobs01 rancid]$ /usr/libexec/rancid/panrancid -d > cmh1-z4-f01.domain.com > > executing panlogin -t 90 -c"set cli scripting-mode on;set cli pager > off;show system info;show config running" cmh1-z4-f01.domain.com > > line: cmh1-z4-f01.domain.com > > line: spawn ssh -c 3des -x -l rancid cmh1-z4-f01.domain.com > > line: NOTICE TO USERS > > line: This is an official computer system and is the property of POOP > Incorporated. > > line: It is for authorized users only. Unauthorized users are > prohibited. > > line: Users (authorized or unauthorized) have no explicit or implicit > expectation of > > line: privacy. Any or all uses of this system may be subject to one or > more of the > > line: following actions: interception, monitoring, recording, auditing, > inspection and > > line: disclosing to security personnel and law enforcement personnel, as > well as > > line: authorized officials of other agencies, both domestic and foreign. > By using this > > line: system, the user consents to these actions. Unauthorized or > improper use of > > line: this system may result in administrative disciplinary action and > civil and criminal > > line: penalties. By accessing this system you indicate your awareness > of and > > line: consent to these terms and conditions of use. Discontinue access > immediately > > line: if you do not agree to the conditions stated in this notice. > > line: > > line: Password: > > line: Last login: Mon Jun 16 08:00:00 2014 from cmh1vlobs01.domain.com > > line: Welcome rancid. > > line: > > line: rancid at CMH1-Z4-F01(active)> > > line: rancid at CMH1-Z4-F01(active)> > > line: rancid at CMH1-Z4-F01(active)> set rancid at CMH1-Z4-F01(active)> set cli > rancid at CMH1-Z4-F01(active)> set cli scripting-mode rancid at CMH1-Z4-F01(active)> > set cli scripting-mode on > > PROMPT MATCH: rancid at CMH1-Z4-F01\(active\)[#>] > > HIT COMMAND:rancid at CMH1-Z4-F01(active)> set rancid at CMH1-Z4-F01(active)> > set cli rancid at CMH1-Z4-F01(active)> set cli scripting-mode > rancid at CMH1-Z4-F01(active)> set cli scripting-mode on > > > > COMMAND is: set cli scripting-mode on|EatCommand > > HIT COMMAND:rancid at CMH1-Z4-F01(active)> set rancid at CMH1-Z4-F01(active)> > set cli rancid at CMH1-Z4-F01(active)> set cli pager rancid at CMH1-Z4-F01(active)> > set cli pager off > > > > COMMAND is: set cli pager off|EatCommand > > HIT COMMAND:rancid at CMH1-Z4-F01(active)> show rancid at CMH1-Z4-F01(active)> > show system rancid at CMH1-Z4-F01(active)> show system info > > > > COMMAND is: show system info|ShowInfo > > In ShowInfo:: rancid at CMH1-Z4-F01(active)> show rancid at CMH1-Z4-F01(active)> > show system rancid at CMH1-Z4-F01(active)> show system info > > cmh1-z4-f01. domain.com > : missed cmd(s): show config running > > cmh1-z4-f01. domain.com > : missed cmd(s): show config running > > cmh1-z4-f01. domain.com > : End of run not found > > cmh1-z4-f01. domain.com > : End of run not found > > > > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From Douglas.Hughes at DEShawResearch.com Tue Jun 17 19:10:30 2014 From: Douglas.Hughes at DEShawResearch.com (Hughes, Doug) Date: Tue, 17 Jun 2014 19:10:30 +0000 Subject: [rancid] Panrancid with PAN 6.0 In-Reply-To: References: Message-ID: Sorry, I meant ?off?, you need to set it to off and then try the ? test. From: Chip Pleasants [mailto:wpleasants at gmail.com] Sent: Tuesday, June 17, 2014 2:48 PM To: Hughes, Doug Cc: rancid-discuss at shrubbery.net Subject: Re: [rancid] Panrancid with PAN 6.0 Here's what I get. I get the same result from a version 5.x PA. I removed the "set cli scripting-mode on" from the script to test. Version 5.x PA works and version 6.x PA end up with the same result. user at FIREWALL(active)> set cli scripting-mode on user at FIREWALL(active)> set cli scripting-mode ? ? is not one of Invalid syntax. user at FIREWALL(active)> line: rancid at FIREWALL(active)> set rancid at FIREWALL(active)> set cli rancid at FIREWALL(active)> set cli pager rancid at FIREWALL(active)> set cli pager off PROMPT MATCH: rancid at FIREWALL\(active\)[#>] HIT COMMAND:rancid at FIREWALL(active)> set rancid at FIREWALL(active)> set cli rancid at FIREWALL(active)> set cli pager rancid at FIREWALL(active)> set cli pager off COMMAND is: set cli pager off|EatCommand HIT COMMAND:rancid at FIREWALL(active)> show rancid at FIREWALL(active)> show system rancid at FIREWALL(active)> show system info COMMAND is: show system info|ShowInfo In ShowInfo:: rancid at FIREWALL(active)> show rancid at FIREWALL(active)> show system rancid at FIREWALL(active)> show system info FIREWALL.dswinc.net: missed cmd(s): show config running FIREWALL.dswinc.net: missed cmd(s): show config running FIREWALL.dswinc.net: End of run not found FIREWALL.dswinc.net: End of run not found # [rancid at server rancid]$ On Tue, Jun 17, 2014 at 2:28 PM, Hughes, Doug > wrote: Ah, you are running in HA mode I see. That could be throwing things off, but I think I fixed that in 2013 sometime. (I don?t run any in HA) It looks to me like ?set cli scripting-mode on? is failing To confirm this, login to the PA at command line, then type set cli scripting-mode on Now type ?set cli scripting-mode ?? If you get any sort of command completion, the cli scripting mode setting is not working and needs to be turned into a PA bug report. That is what it looks like it is happening by looking at the command staggering for subsequent lines. From: Chip Pleasants [mailto:wpleasants at gmail.com] Sent: Tuesday, June 17, 2014 1:39 PM To: Hughes, Doug Cc: rancid-discuss at shrubbery.net Subject: Re: [rancid] Panrancid with PAN 6.0 Thanks Doug. I am running the most recent version, but for grins I replaced them anyway. Still seeing the issue on two sets. The others seem to work fine. Anything I provide that help find the trouble? -Chip On Mon, Jun 16, 2014 at 4:37 PM, Hughes, Doug > wrote: Yes, it?s working for me. Are you using the latest? (attached) From: Rancid-discuss [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Chip Pleasants Sent: Monday, June 16, 2014 2:01 PM To: rancid-discuss at shrubbery.net Subject: [rancid] Panrancid with PAN 6.0 Does anyone have Panrancid working with PAN version 6.0.2? I have four sets running PAN version 5.0.11 without an issues. Once I upgraded one set the script times out. Below is a debug. Let me know if you have any questions. Cheers, Chip [rancid at cmh1vlobs01 rancid]$ /usr/libexec/rancid/panrancid -d cmh1-z4-f01.domain.com executing panlogin -t 90 -c"set cli scripting-mode on;set cli pager off;show system info;show config running" cmh1-z4-f01.domain.com line: cmh1-z4-f01.domain.com line: spawn ssh -c 3des -x -l rancid cmh1-z4-f01.domain.com line: NOTICE TO USERS line: This is an official computer system and is the property of POOP Incorporated. line: It is for authorized users only. Unauthorized users are prohibited. line: Users (authorized or unauthorized) have no explicit or implicit expectation of line: privacy. Any or all uses of this system may be subject to one or more of the line: following actions: interception, monitoring, recording, auditing, inspection and line: disclosing to security personnel and law enforcement personnel, as well as line: authorized officials of other agencies, both domestic and foreign. By using this line: system, the user consents to these actions. Unauthorized or improper use of line: this system may result in administrative disciplinary action and civil and criminal line: penalties. By accessing this system you indicate your awareness of and line: consent to these terms and conditions of use. Discontinue access immediately line: if you do not agree to the conditions stated in this notice. line: line: Password: line: Last login: Mon Jun 16 08:00:00 2014 from cmh1vlobs01.domain.com line: Welcome rancid. line: line: rancid at CMH1-Z4-F01(active)> line: rancid at CMH1-Z4-F01(active)> line: rancid at CMH1-Z4-F01(active)> set rancid at CMH1-Z4-F01(active)> set cli rancid at CMH1-Z4-F01(active)> set cli scripting-mode rancid at CMH1-Z4-F01(active)> set cli scripting-mode on PROMPT MATCH: rancid at CMH1-Z4-F01\(active\)[#>] HIT COMMAND:rancid at CMH1-Z4-F01(active)> set rancid at CMH1-Z4-F01(active)> set cli rancid at CMH1-Z4-F01(active)> set cli scripting-mode rancid at CMH1-Z4-F01(active)> set cli scripting-mode on COMMAND is: set cli scripting-mode on|EatCommand HIT COMMAND:rancid at CMH1-Z4-F01(active)> set rancid at CMH1-Z4-F01(active)> set cli rancid at CMH1-Z4-F01(active)> set cli pager rancid at CMH1-Z4-F01(active)> set cli pager off COMMAND is: set cli pager off|EatCommand HIT COMMAND:rancid at CMH1-Z4-F01(active)> show rancid at CMH1-Z4-F01(active)> show system rancid at CMH1-Z4-F01(active)> show system info COMMAND is: show system info|ShowInfo In ShowInfo:: rancid at CMH1-Z4-F01(active)> show rancid at CMH1-Z4-F01(active)> show system rancid at CMH1-Z4-F01(active)> show system info cmh1-z4-f01.domain.com : missed cmd(s): show config running cmh1-z4-f01.domain.com : missed cmd(s): show config running cmh1-z4-f01.domain.com : End of run not found cmh1-z4-f01.domain.com : End of run not found -------------- next part -------------- An HTML attachment was scrubbed... URL: From Douglas.Hughes at DEShawResearch.com Tue Jun 17 19:34:09 2014 From: Douglas.Hughes at DEShawResearch.com (Hughes, Doug) Date: Tue, 17 Jun 2014 19:34:09 +0000 Subject: [rancid] Panrancid with PAN 6.0 In-Reply-To: References: Message-ID: Hrm. Yes, I had it correct the first time. (oof, busy day) ?on? is needed to prevent this ?feature?: line: rancid at FIREWALL(active)> set rancid at FIREWALL(active)> set cli rancid at FIREWALL(active)> set cli pager rancid at FIREWALL(active)> set cli pager off After each space, it does essentially a rewrite of the line as it tried to ?auto-correct? you from typing the wrong thing. This gets in the way of parsing with expect quite heavily, so I attempt to disable it as soon as possible. If set cli scripting-mode on does not cause this to stop (and it looks like it doesn?t), then that appears to be a bug. You can also see this by using type script: Here?s how it looks at the command line: Drdgpfs0002:/tmp$ script drdgpfs0002:/tmp$ ssh -l admin paloalto.en admin at paloalto.en's password: Last login: Tue Jun 17 15:05:06 2014 from drdbcntl.en.desres.deshaw.com Welcome admin. admin at paloalto.en> set cli scripting-mode on admin at paloalto.en> set cli ? Invalid syntax. admin at paloalto.en> exit Here's how it looks in the corresponding typescript file: i Script started on Tue 17 Jun 2014 03:25:13 PM EDT drdgpfs0002:/tmp$ ssh -l admin paloalto admin at paloalto.en's password: ^M Last login: Tue Jun 17 15:05:06 2014 from drdbcntl.en.desres.deshaw.com^M^M Welcome admin.^M admin at paloalto.en> set ^M^[[Kadmin at paloalto.en> set cli ^M^[[Kadmin at paloalto.en> set cli scripting-mode ^M^[[Kadmin at paloalto.en> set cli scripting-mode on^M admin at paloalto.en> set cli ?^M ^M Invalid syntax.^M admin at paloalto.en> exit^M Connection to paloalto.en closed.^M^M drdgpfs0002:/tmp$ exit^M^M exit^M Script done on Tue 17 Jun 2014 03:25:34 PM EDT If 'set cli scripting-mode on' doesn't disable the 'space' feature, then the rest of the expect is very iffy at best and difficult to manage Here's another way to confirm the behavior Type config If it autocompletes to 'configure', then cli scripting-mode is not on and results *will* vary. Disabling the pager is also important since it disables the --more-- when show config is running. I am running 6.0.2 but no HA on PA-3020 and PA-2050 From: Chip Pleasants [mailto:wpleasants at gmail.com] Sent: Tuesday, June 17, 2014 3:21 PM To: Hughes, Doug Cc: rancid-discuss at shrubbery.net Subject: Re: [rancid] Panrancid with PAN 6.0 Tried it on both versions. ?Seems like they both yield the same result. ?Doesn't the script turn cli scripting-mode on? Or do we don't really care that's its on or off? user at FIREWALLV6(active)> set cli scripting-mode off user at FIREWALLV6(active)> set cli scripting-mode? ? off ? off? ? on ? ?on? user at FIREWALLV6(active)> set cli scripting-mode? user at FIREWALLV5(active)> set cli scripting-mode off user at FIREWALLV5(active)> set cli scripting-mode? ? off ? off? ? on ? ?on? user at FIREWALLV5(active)> set cli scripting-mode? -Chip On Tue, Jun 17, 2014 at 3:10 PM, Hughes, Doug wrote: Sorry, I meant ?off?, you need to set it to off and then try the ? test. ? From: Chip Pleasants [mailto:wpleasants at gmail.com] Sent: Tuesday, June 17, 2014 2:48 PM To: Hughes, Doug Cc: rancid-discuss at shrubbery.net Subject: Re: [rancid] Panrancid with PAN 6.0 ? Here's what I get. I get the same result from a version 5.x PA. I removed the "set cli scripting-mode on" from the script to test. Version 5.x PA works and version 6.x PA end up with the same result.? ? ? user at FIREWALL(active)> set cli scripting-mode on user at FIREWALL(active)> set cli scripting-mode ? ? is not one of ? Invalid syntax. user at FIREWALL(active)>? ? ? ? line: rancid at FIREWALL(active)> set rancid at FIREWALL(active)> set cli rancid at FIREWALL(active)> set cli pager rancid at FIREWALL(active)> set cli pager off PROMPT MATCH: rancid at FIREWALL\(active\)[#>] HIT COMMAND:rancid at FIREWALL(active)> set rancid at FIREWALL(active)> set cli rancid at FIREWALL(active)> set cli pager rancid at FIREWALL(active)> set cli pager off ? COMMAND is: set cli pager off|EatCommand HIT COMMAND:rancid at FIREWALL(active)> show rancid at FIREWALL(active)> show system rancid at FIREWALL(active)> show system info ? COMMAND is: show system info|ShowInfo ? ? In ShowInfo:: rancid at FIREWALL(active)> show rancid at FIREWALL(active)> show system rancid at FIREWALL(active)> show system info FIREWALL.dswinc.net: missed cmd(s): show config running FIREWALL.dswinc.net: missed cmd(s): show config running FIREWALL.dswinc.net: End of run not found FIREWALL.dswinc.net: End of run not found # [rancid at server rancid]$ ? ? ? ? On Tue, Jun 17, 2014 at 2:28 PM, Hughes, Doug wrote: Ah, you are running in HA mode I see. That could be throwing things off, but I think I fixed that in 2013 sometime. (I don?t run any in HA) ? It looks to me like ?set cli scripting-mode on? is failing ? To confirm this, login to the PA at command line, then type set cli scripting-mode on ? Now type ?set cli scripting-mode ?? ? If you get any sort of command completion, the cli scripting mode setting is not working and needs to be turned into a PA bug report. That is what it looks like it is happening by looking at the command staggering for subsequent lines. ? From: Chip Pleasants [mailto:wpleasants at gmail.com] Sent: Tuesday, June 17, 2014 1:39 PM To: Hughes, Doug Cc: rancid-discuss at shrubbery.net Subject: Re: [rancid] Panrancid with PAN 6.0 ? Thanks Doug. I am running the most recent version, but for grins I replaced them anyway. ?Still seeing the issue on two sets. The others seem to work fine. Anything I provide that help find the trouble? ? -Chip ? ? On Mon, Jun 16, 2014 at 4:37 PM, Hughes, Doug wrote: Yes, it?s working for me. Are you using the latest? (attached) ? ? From: Rancid-discuss [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Chip Pleasants Sent: Monday, June 16, 2014 2:01 PM To: rancid-discuss at shrubbery.net Subject: [rancid] Panrancid with PAN 6.0 ? Does anyone have Panrancid working with PAN version 6.0.2? ?I have four sets running PAN version 5.0.11 without an issues. ?Once I upgraded one set the script times out. Below is a debug. Let me know if you have any questions.? ? Cheers, ? Chip ? ? [rancid at cmh1vlobs01 rancid]$ /usr/libexec/rancid/panrancid -d?cmh1-z4-f01.domain.com? executing panlogin -t 90 -c"set cli scripting-mode on;set cli pager off;show system info;show config running"?cmh1-z4-f01.domain.com line:?cmh1-z4-f01.domain.com line: spawn ssh -c 3des -x -l rancid?cmh1-z4-f01.domain.com line: ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? NOTICE TO USERS ? ? ? ? ? ? ? line: ? This is an official computer system and is the property of POOP Incorporated.? line: ? It is for authorized users only. ?Unauthorized ?users are prohibited.? line: ? Users (authorized or unauthorized) have no ?explicit or implicit expectation of? line: ? privacy. ?Any or all uses of this system may be subject to one or more of the? line: ? following actions: ?interception, monitoring, recording, auditing, inspection and line: ? disclosing to security personnel and law enforcement personnel, as well as? line: ? authorized officials of other agencies, both domestic and foreign. By using this? line: ? system, the user consents to these actions. ?Unauthorized or improper use of? line: ? this system may result in administrative disciplinary action and civil and criminal? line: ? penalties. ?By accessing this system you indicate your awareness of and line: ? consent to these terms and conditions of use. Discontinue access immediately? line: ? if you do not agree to the conditions stated in this notice. line:? line: Password:? line: Last login: Mon Jun 16 08:00:00 2014 from?cmh1vlobs01.domain.com line: Welcome rancid. line:? line: rancid at CMH1-Z4-F01(active)>? line: rancid at CMH1-Z4-F01(active)>? line: rancid at CMH1-Z4-F01(active)> set rancid at CMH1-Z4-F01(active)> set cli rancid at CMH1-Z4-F01(active)> set cli scripting-mode rancid at CMH1-Z4-F01(active)> set cli scripting-mode on PROMPT MATCH: rancid at CMH1-Z4-F01\(active\)[#>] HIT COMMAND:rancid at CMH1-Z4-F01(active)> set rancid at CMH1-Z4-F01(active)> set cli rancid at CMH1-Z4-F01(active)> set cli scripting-mode rancid at CMH1-Z4-F01(active)> set cli scripting-mode on ? COMMAND is: set cli scripting-mode on|EatCommand HIT COMMAND:rancid at CMH1-Z4-F01(active)> set rancid at CMH1-Z4-F01(active)> set cli rancid at CMH1-Z4-F01(active)> set cli pager rancid at CMH1-Z4-F01(active)> set cli pager off ? COMMAND is: set cli pager off|EatCommand HIT COMMAND:rancid at CMH1-Z4-F01(active)> show rancid at CMH1-Z4-F01(active)> show system rancid at CMH1-Z4-F01(active)> show system info ? COMMAND is: show system info|ShowInfo ? ? In ShowInfo:: rancid at CMH1-Z4-F01(active)> show rancid at CMH1-Z4-F01(active)> show system rancid at CMH1-Z4-F01(active)> show system info cmh1-z4-f01.domain.com?: missed cmd(s): show config running cmh1-z4-f01.domain.com?: missed cmd(s): show config running cmh1-z4-f01.domain.com?: End of run not found cmh1-z4-f01.domain.com?: End of run not found ? ? ? From wpleasants at gmail.com Tue Jun 17 17:39:21 2014 From: wpleasants at gmail.com (Chip Pleasants) Date: Tue, 17 Jun 2014 13:39:21 -0400 Subject: [rancid] Panrancid with PAN 6.0 In-Reply-To: References: Message-ID: Thanks Doug. I am running the most recent version, but for grins I replaced them anyway. Still seeing the issue on two sets. The others seem to work fine. Anything I provide that help find the trouble? -Chip On Mon, Jun 16, 2014 at 4:37 PM, Hughes, Doug < Douglas.Hughes at deshawresearch.com> wrote: > Yes, it?s working for me. Are you using the latest? (attached) > > > > > > *From:* Rancid-discuss [mailto:rancid-discuss-bounces at shrubbery.net] *On > Behalf Of *Chip Pleasants > *Sent:* Monday, June 16, 2014 2:01 PM > *To:* rancid-discuss at shrubbery.net > *Subject:* [rancid] Panrancid with PAN 6.0 > > > > Does anyone have Panrancid working with PAN version 6.0.2? I have four > sets running PAN version 5.0.11 without an issues. Once I upgraded one set > the script times out. Below is a debug. Let me know if you have any > questions. > > > > Cheers, > > > > Chip > > > > > > [rancid at cmh1vlobs01 rancid]$ /usr/libexec/rancid/panrancid -d > cmh1-z4-f01.domain.com > > executing panlogin -t 90 -c"set cli scripting-mode on;set cli pager > off;show system info;show config running" cmh1-z4-f01.domain.com > > line: cmh1-z4-f01.domain.com > > line: spawn ssh -c 3des -x -l rancid cmh1-z4-f01.domain.com > > line: NOTICE TO USERS > > line: This is an official computer system and is the property of POOP > Incorporated. > > line: It is for authorized users only. Unauthorized users are > prohibited. > > line: Users (authorized or unauthorized) have no explicit or implicit > expectation of > > line: privacy. Any or all uses of this system may be subject to one or > more of the > > line: following actions: interception, monitoring, recording, auditing, > inspection and > > line: disclosing to security personnel and law enforcement personnel, as > well as > > line: authorized officials of other agencies, both domestic and foreign. > By using this > > line: system, the user consents to these actions. Unauthorized or > improper use of > > line: this system may result in administrative disciplinary action and > civil and criminal > > line: penalties. By accessing this system you indicate your awareness > of and > > line: consent to these terms and conditions of use. Discontinue access > immediately > > line: if you do not agree to the conditions stated in this notice. > > line: > > line: Password: > > line: Last login: Mon Jun 16 08:00:00 2014 from cmh1vlobs01.domain.com > > line: Welcome rancid. > > line: > > line: rancid at CMH1-Z4-F01(active)> > > line: rancid at CMH1-Z4-F01(active)> > > line: rancid at CMH1-Z4-F01(active)> set rancid at CMH1-Z4-F01(active)> set cli > rancid at CMH1-Z4-F01(active)> set cli scripting-mode rancid at CMH1-Z4-F01(active)> > set cli scripting-mode on > > PROMPT MATCH: rancid at CMH1-Z4-F01\(active\)[#>] > > HIT COMMAND:rancid at CMH1-Z4-F01(active)> set rancid at CMH1-Z4-F01(active)> > set cli rancid at CMH1-Z4-F01(active)> set cli scripting-mode > rancid at CMH1-Z4-F01(active)> set cli scripting-mode on > > > > COMMAND is: set cli scripting-mode on|EatCommand > > HIT COMMAND:rancid at CMH1-Z4-F01(active)> set rancid at CMH1-Z4-F01(active)> > set cli rancid at CMH1-Z4-F01(active)> set cli pager rancid at CMH1-Z4-F01(active)> > set cli pager off > > > > COMMAND is: set cli pager off|EatCommand > > HIT COMMAND:rancid at CMH1-Z4-F01(active)> show rancid at CMH1-Z4-F01(active)> > show system rancid at CMH1-Z4-F01(active)> show system info > > > > COMMAND is: show system info|ShowInfo > > In ShowInfo:: rancid at CMH1-Z4-F01(active)> show rancid at CMH1-Z4-F01(active)> > show system rancid at CMH1-Z4-F01(active)> show system info > > cmh1-z4-f01. domain.com > : missed cmd(s): show config running > > cmh1-z4-f01. domain.com > : missed cmd(s): show config running > > cmh1-z4-f01. domain.com > : End of run not found > > cmh1-z4-f01. domain.com > : End of run not found > > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From wpleasants at gmail.com Tue Jun 17 19:20:46 2014 From: wpleasants at gmail.com (Chip Pleasants) Date: Tue, 17 Jun 2014 15:20:46 -0400 Subject: [rancid] Panrancid with PAN 6.0 In-Reply-To: References: Message-ID: Tried it on both versions. Seems like they both yield the same result. Doesn't the script turn cli scripting-mode on? Or do we don't really care that's its on or off? user at FIREWALLV6(active)> set cli scripting-mode off user at FIREWALLV6(active)> set cli scripting-mode off off on on user at FIREWALLV6(active)> set cli scripting-mode user at FIREWALLV5(active)> set cli scripting-mode off user at FIREWALLV5(active)> set cli scripting-mode off off on on user at FIREWALLV5(active)> set cli scripting-mode -Chip On Tue, Jun 17, 2014 at 3:10 PM, Hughes, Doug < Douglas.Hughes at deshawresearch.com> wrote: > Sorry, I meant ?off?, you need to set it to off and then try the ? test. > > > > *From:* Chip Pleasants [mailto:wpleasants at gmail.com] > *Sent:* Tuesday, June 17, 2014 2:48 PM > > *To:* Hughes, Doug > *Cc:* rancid-discuss at shrubbery.net > *Subject:* Re: [rancid] Panrancid with PAN 6.0 > > > > Here's what I get. I get the same result from a version 5.x PA. I removed > the "set cli scripting-mode on" from the script to test. Version 5.x PA > works and version 6.x PA end up with the same result. > > > > > > user at FIREWALL(active)> set cli scripting-mode on > > user at FIREWALL(active)> set cli scripting-mode ? > > ? is not one of > > > > Invalid syntax. > > user at FIREWALL(active)> > > > > > > > > line: rancid at FIREWALL(active)> set rancid at FIREWALL(active)> set cli > rancid at FIREWALL(active)> set cli pager rancid at FIREWALL(active)> set cli > pager off > > PROMPT MATCH: rancid at FIREWALL\(active\)[#>] > > HIT COMMAND:rancid at FIREWALL(active)> set rancid at FIREWALL(active)> set cli > rancid at FIREWALL(active)> set cli pager rancid at FIREWALL(active)> set cli > pager off > > > > COMMAND is: set cli pager off|EatCommand > > HIT COMMAND:rancid at FIREWALL(active)> show rancid at FIREWALL(active)> show > system rancid at FIREWALL(active)> show system info > > > > COMMAND is: show system info|ShowInfo > > In ShowInfo:: rancid at FIREWALL(active)> show rancid at FIREWALL(active)> > show system rancid at FIREWALL(active)> show system info > > FIREWALL.dswinc.net: missed cmd(s): show config running > > FIREWALL.dswinc.net: missed cmd(s): show config running > > FIREWALL.dswinc.net: End of run not found > > FIREWALL.dswinc.net: End of run not found > > # > > [rancid at server rancid]$ > > > > > > > > > > On Tue, Jun 17, 2014 at 2:28 PM, Hughes, Doug < > Douglas.Hughes at deshawresearch.com> wrote: > > Ah, you are running in HA mode I see. That could be throwing things off, > but I think I fixed that in 2013 sometime. > > (I don?t run any in HA) > > > > It looks to me like ?set cli scripting-mode on? is failing > > > > To confirm this, login to the PA at command line, then type set cli > scripting-mode on > > > > Now type ?set cli scripting-mode ?? > > > > If you get any sort of command completion, the cli scripting mode setting > is not working and needs to be turned into a PA bug report. That is what it > looks like it is happening by looking at the command staggering for > subsequent lines. > > > > *From:* Chip Pleasants [mailto:wpleasants at gmail.com] > *Sent:* Tuesday, June 17, 2014 1:39 PM > *To:* Hughes, Doug > *Cc:* rancid-discuss at shrubbery.net > *Subject:* Re: [rancid] Panrancid with PAN 6.0 > > > > Thanks Doug. I am running the most recent version, but for grins I > replaced them anyway. Still seeing the issue on two sets. The others seem > to work fine. Anything I provide that help find the trouble? > > > > -Chip > > > > > > On Mon, Jun 16, 2014 at 4:37 PM, Hughes, Doug < > Douglas.Hughes at deshawresearch.com> wrote: > > Yes, it?s working for me. Are you using the latest? (attached) > > > > > > *From:* Rancid-discuss [mailto:rancid-discuss-bounces at shrubbery.net] *On > Behalf Of *Chip Pleasants > *Sent:* Monday, June 16, 2014 2:01 PM > *To:* rancid-discuss at shrubbery.net > *Subject:* [rancid] Panrancid with PAN 6.0 > > > > Does anyone have Panrancid working with PAN version 6.0.2? I have four > sets running PAN version 5.0.11 without an issues. Once I upgraded one set > the script times out. Below is a debug. Let me know if you have any > questions. > > > > Cheers, > > > > Chip > > > > > > [rancid at cmh1vlobs01 rancid]$ /usr/libexec/rancid/panrancid -d > cmh1-z4-f01.domain.com > > executing panlogin -t 90 -c"set cli scripting-mode on;set cli pager > off;show system info;show config running" cmh1-z4-f01.domain.com > > line: cmh1-z4-f01.domain.com > > line: spawn ssh -c 3des -x -l rancid cmh1-z4-f01.domain.com > > line: NOTICE TO USERS > > line: This is an official computer system and is the property of POOP > Incorporated. > > line: It is for authorized users only. Unauthorized users are > prohibited. > > line: Users (authorized or unauthorized) have no explicit or implicit > expectation of > > line: privacy. Any or all uses of this system may be subject to one or > more of the > > line: following actions: interception, monitoring, recording, auditing, > inspection and > > line: disclosing to security personnel and law enforcement personnel, as > well as > > line: authorized officials of other agencies, both domestic and foreign. > By using this > > line: system, the user consents to these actions. Unauthorized or > improper use of > > line: this system may result in administrative disciplinary action and > civil and criminal > > line: penalties. By accessing this system you indicate your awareness > of and > > line: consent to these terms and conditions of use. Discontinue access > immediately > > line: if you do not agree to the conditions stated in this notice. > > line: > > line: Password: > > line: Last login: Mon Jun 16 08:00:00 2014 from cmh1vlobs01.domain.com > > line: Welcome rancid. > > line: > > line: rancid at CMH1-Z4-F01(active)> > > line: rancid at CMH1-Z4-F01(active)> > > line: rancid at CMH1-Z4-F01(active)> set rancid at CMH1-Z4-F01(active)> set cli > rancid at CMH1-Z4-F01(active)> set cli scripting-mode rancid at CMH1-Z4-F01(active)> > set cli scripting-mode on > > PROMPT MATCH: rancid at CMH1-Z4-F01\(active\)[#>] > > HIT COMMAND:rancid at CMH1-Z4-F01(active)> set rancid at CMH1-Z4-F01(active)> > set cli rancid at CMH1-Z4-F01(active)> set cli scripting-mode > rancid at CMH1-Z4-F01(active)> set cli scripting-mode on > > > > COMMAND is: set cli scripting-mode on|EatCommand > > HIT COMMAND:rancid at CMH1-Z4-F01(active)> set rancid at CMH1-Z4-F01(active)> > set cli rancid at CMH1-Z4-F01(active)> set cli pager rancid at CMH1-Z4-F01(active)> > set cli pager off > > > > COMMAND is: set cli pager off|EatCommand > > HIT COMMAND:rancid at CMH1-Z4-F01(active)> show rancid at CMH1-Z4-F01(active)> > show system rancid at CMH1-Z4-F01(active)> show system info > > > > COMMAND is: show system info|ShowInfo > > In ShowInfo:: rancid at CMH1-Z4-F01(active)> show rancid at CMH1-Z4-F01(active)> > show system rancid at CMH1-Z4-F01(active)> show system info > > cmh1-z4-f01. domain.com > : missed cmd(s): show config running > > cmh1-z4-f01. domain.com > : missed cmd(s): show config running > > cmh1-z4-f01. domain.com > : End of run not found > > cmh1-z4-f01. domain.com > : End of run not found > > > > > > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From wpleasants at gmail.com Wed Jun 18 12:51:37 2014 From: wpleasants at gmail.com (Chip Pleasants) Date: Wed, 18 Jun 2014 08:51:37 -0400 Subject: [rancid] Panrancid with PAN 6.0 In-Reply-To: References: Message-ID: It doesn't appear to be a bug, because I think its operating as you describe. When I turn on 'set cli scripting-mode on' it doesn't autocomplete on versions 6.0.2 or 5.0.11. Any other thoughts what could be going on? Thanks, Chip On Tue, Jun 17, 2014 at 3:34 PM, Hughes, Doug < Douglas.Hughes at deshawresearch.com> wrote: > Hrm. Yes, I had it correct the first time. (oof, busy day) > > ?on? is needed to prevent this ?feature?: > line: rancid at FIREWALL(active)> set rancid at FIREWALL(active)> set cli > rancid at FIREWALL(active)> set cli pager rancid at FIREWALL(active)> set cli > pager off > > After each space, it does essentially a rewrite of the line as it tried to > ?auto-correct? you from typing the wrong thing. This gets in the way of > parsing with expect quite heavily, so I attempt to disable it as soon as > possible. If set cli scripting-mode on does not cause this to stop (and it > looks like it doesn?t), then that appears to be a bug. You can also see > this by using type script: > > Here?s how it looks at the command line: > Drdgpfs0002:/tmp$ script > drdgpfs0002:/tmp$ ssh -l admin paloalto.en > admin at paloalto.en's password: > Last login: Tue Jun 17 15:05:06 2014 from drdbcntl.en.desres.deshaw.com > Welcome admin. > admin at paloalto.en> set cli scripting-mode on > admin at paloalto.en> set cli ? > > Invalid syntax. > admin at paloalto.en> exit > > > Here's how it looks in the corresponding typescript file: > i Script started on Tue 17 Jun 2014 03:25:13 PM EDT > drdgpfs0002:/tmp$ ssh -l admin paloalto > admin at paloalto.en's password: ^M > Last login: Tue Jun 17 15:05:06 2014 from drdbcntl.en.desres.deshaw.com > ^M^M > Welcome admin.^M > admin at paloalto.en> set ^M^[[Kadmin at paloalto.en> set cli > ^M^[[Kadmin at paloalto.en> > set cli scripting-mode ^M^[[Kadmin at paloalto.en> set cli scripting-mode > on^M > admin at paloalto.en> set cli ?^M > ^M > Invalid syntax.^M > admin at paloalto.en> exit^M > Connection to paloalto.en closed.^M^M > drdgpfs0002:/tmp$ exit^M^M > exit^M > > Script done on Tue 17 Jun 2014 03:25:34 PM EDT > > If 'set cli scripting-mode on' doesn't disable the 'space' feature, then > the rest of the expect is very iffy at best and difficult to manage > > Here's another way to confirm the behavior > > Type config > > If it autocompletes to 'configure', then cli scripting-mode is not on and > results *will* vary. > Disabling the pager is also important since it disables the --more-- when > show config is running. > > I am running 6.0.2 but no HA on PA-3020 and PA-2050 > > > > From: Chip Pleasants [mailto:wpleasants at gmail.com] > Sent: Tuesday, June 17, 2014 3:21 PM > To: Hughes, Doug > Cc: rancid-discuss at shrubbery.net > Subject: Re: [rancid] Panrancid with PAN 6.0 > > Tried it on both versions. Seems like they both yield the same result. > Doesn't the script turn cli scripting-mode on? Or do we don't really care > that's its on or off? > > > > > user at FIREWALLV6(active)> set cli scripting-mode off > user at FIREWALLV6(active)> set cli scripting-mode > off off > on on > > user at FIREWALLV6(active)> set cli scripting-mode > > > > > > > user at FIREWALLV5(active)> set cli scripting-mode off > user at FIREWALLV5(active)> set cli scripting-mode > off off > on on > > user at FIREWALLV5(active)> set cli scripting-mode > > > > -Chip > > > On Tue, Jun 17, 2014 at 3:10 PM, Hughes, Doug < > Douglas.Hughes at deshawresearch.com> wrote: > Sorry, I meant ?off?, you need to set it to off and then try the ? test. > > From: Chip Pleasants [mailto:wpleasants at gmail.com] > Sent: Tuesday, June 17, 2014 2:48 PM > > To: Hughes, Doug > Cc: rancid-discuss at shrubbery.net > Subject: Re: [rancid] Panrancid with PAN 6.0 > > Here's what I get. I get the same result from a version 5.x PA. I removed > the "set cli scripting-mode on" from the script to test. Version 5.x PA > works and version 6.x PA end up with the same result. > > > user at FIREWALL(active)> set cli scripting-mode on > user at FIREWALL(active)> set cli scripting-mode ? > ? is not one of > > Invalid syntax. > user at FIREWALL(active)> > > > > line: rancid at FIREWALL(active)> set rancid at FIREWALL(active)> set cli > rancid at FIREWALL(active)> set cli pager rancid at FIREWALL(active)> set cli > pager off > PROMPT MATCH: rancid at FIREWALL\(active\)[#>] > HIT COMMAND:rancid at FIREWALL(active)> set rancid at FIREWALL(active)> set cli > rancid at FIREWALL(active)> set cli pager rancid at FIREWALL(active)> set cli > pager off > > COMMAND is: set cli pager off|EatCommand > HIT COMMAND:rancid at FIREWALL(active)> show rancid at FIREWALL(active)> show > system rancid at FIREWALL(active)> show system info > > COMMAND is: show system info|ShowInfo > In ShowInfo:: rancid at FIREWALL(active)> show rancid at FIREWALL(active)> > show system rancid at FIREWALL(active)> show system info > FIREWALL.dswinc.net: missed cmd(s): show config running > FIREWALL.dswinc.net: missed cmd(s): show config running > FIREWALL.dswinc.net: End of run not found > FIREWALL.dswinc.net: End of run not found > # > [rancid at server rancid]$ > > > > > On Tue, Jun 17, 2014 at 2:28 PM, Hughes, Doug < > Douglas.Hughes at deshawresearch.com> wrote: > Ah, you are running in HA mode I see. That could be throwing things off, > but I think I fixed that in 2013 sometime. > (I don?t run any in HA) > > It looks to me like ?set cli scripting-mode on? is failing > > To confirm this, login to the PA at command line, then type set cli > scripting-mode on > > Now type ?set cli scripting-mode ?? > > If you get any sort of command completion, the cli scripting mode setting > is not working and needs to be turned into a PA bug report. That is what it > looks like it is happening by looking at the command staggering for > subsequent lines. > > From: Chip Pleasants [mailto:wpleasants at gmail.com] > Sent: Tuesday, June 17, 2014 1:39 PM > To: Hughes, Doug > Cc: rancid-discuss at shrubbery.net > Subject: Re: [rancid] Panrancid with PAN 6.0 > > Thanks Doug. I am running the most recent version, but for grins I > replaced them anyway. Still seeing the issue on two sets. The others seem > to work fine. Anything I provide that help find the trouble? > > -Chip > > > On Mon, Jun 16, 2014 at 4:37 PM, Hughes, Doug < > Douglas.Hughes at deshawresearch.com> wrote: > Yes, it?s working for me. Are you using the latest? (attached) > > > From: Rancid-discuss [mailto:rancid-discuss-bounces at shrubbery.net] On > Behalf Of Chip Pleasants > Sent: Monday, June 16, 2014 2:01 PM > To: rancid-discuss at shrubbery.net > Subject: [rancid] Panrancid with PAN 6.0 > > Does anyone have Panrancid working with PAN version 6.0.2? I have four > sets running PAN version 5.0.11 without an issues. Once I upgraded one set > the script times out. Below is a debug. Let me know if you have any > questions. > > Cheers, > > Chip > > > [rancid at cmh1vlobs01 rancid]$ /usr/libexec/rancid/panrancid -d > cmh1-z4-f01.domain.com > executing panlogin -t 90 -c"set cli scripting-mode on;set cli pager > off;show system info;show config running" cmh1-z4-f01.domain.com > line: cmh1-z4-f01.domain.com > line: spawn ssh -c 3des -x -l rancid cmh1-z4-f01.domain.com > line: NOTICE TO USERS > line: This is an official computer system and is the property of POOP > Incorporated. > line: It is for authorized users only. Unauthorized users are > prohibited. > line: Users (authorized or unauthorized) have no explicit or implicit > expectation of > line: privacy. Any or all uses of this system may be subject to one or > more of the > line: following actions: interception, monitoring, recording, auditing, > inspection and > line: disclosing to security personnel and law enforcement personnel, as > well as > line: authorized officials of other agencies, both domestic and foreign. > By using this > line: system, the user consents to these actions. Unauthorized or > improper use of > line: this system may result in administrative disciplinary action and > civil and criminal > line: penalties. By accessing this system you indicate your awareness > of and > line: consent to these terms and conditions of use. Discontinue access > immediately > line: if you do not agree to the conditions stated in this notice. > line: > line: Password: > line: Last login: Mon Jun 16 08:00:00 2014 from cmh1vlobs01.domain.com > line: Welcome rancid. > line: > line: rancid at CMH1-Z4-F01(active)> > line: rancid at CMH1-Z4-F01(active)> > line: rancid at CMH1-Z4-F01(active)> set rancid at CMH1-Z4-F01(active)> set cli > rancid at CMH1-Z4-F01(active)> set cli scripting-mode rancid at CMH1-Z4-F01(active)> > set cli scripting-mode on > PROMPT MATCH: rancid at CMH1-Z4-F01\(active\)[#>] > HIT COMMAND:rancid at CMH1-Z4-F01(active)> set rancid at CMH1-Z4-F01(active)> > set cli rancid at CMH1-Z4-F01(active)> set cli scripting-mode > rancid at CMH1-Z4-F01(active)> set cli scripting-mode on > > COMMAND is: set cli scripting-mode on|EatCommand > HIT COMMAND:rancid at CMH1-Z4-F01(active)> set rancid at CMH1-Z4-F01(active)> > set cli rancid at CMH1-Z4-F01(active)> set cli pager rancid at CMH1-Z4-F01(active)> > set cli pager off > > COMMAND is: set cli pager off|EatCommand > HIT COMMAND:rancid at CMH1-Z4-F01(active)> show rancid at CMH1-Z4-F01(active)> > show system rancid at CMH1-Z4-F01(active)> show system info > > COMMAND is: show system info|ShowInfo > In ShowInfo:: rancid at CMH1-Z4-F01(active)> show rancid at CMH1-Z4-F01(active)> > show system rancid at CMH1-Z4-F01(active)> show system info > cmh1-z4-f01.domain.com : missed cmd(s): show config running > cmh1-z4-f01.domain.com : missed cmd(s): show config running > cmh1-z4-f01.domain.com : End of run not found > cmh1-z4-f01.domain.com : End of run not found > > > > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From howie at thingy.com Wed Jun 18 12:56:29 2014 From: howie at thingy.com (Howard Jones) Date: Wed, 18 Jun 2014 13:56:29 +0100 Subject: [rancid] Cisco APs and RANCID 3.1 => traffic counters in output In-Reply-To: <53A04FEF.3020703@thingy.com> References: <53A04FEF.3020703@thingy.com> Message-ID: <53A18C7D.8000403@thingy.com> Answering my own question, here's a small patch to remove the counter data from 'show vlan' for a Cisco Aironet WAP. --- rancid-3.1/lib/ios.pm 2014-05-28 10:39:39.000000000 +0100 +++ lib/rancid/ios.pm 2014-06-17 19:37:17.000000000 +0100 @@ -393,7 +393,10 @@ $type = "12000"; } elsif ($proc =~ /1240[48]\/(GRP|PRP)/ || $proc =~ /1241[06]\/(GRP|PRP)/) { $type = "12400"; - } else { + } elsif ($proc =~ /AIR-L?AP1[12][1234][[1234]/ ) { + $type="Aironet"; + $device="wireless access point"; + } else { $type = $proc; } @@ -1786,6 +1789,10 @@ } next if (/total.*packets.*(input|output)/i); + # Aironet AP's traffic counters + next if (/\d+\s+bytes.*(input|output)/i); + next if (/^\s*Other\s+\d+\s+\d+\s*$/i); + next if (/^\s*Bridging\s+Bridge.Group.\d+\s+\d+\s+\d+\s*$/i); ProcessHistory("COMMENTS","keysort","IO","!VLAN: $_"); } From Douglas.Hughes at DEShawResearch.com Wed Jun 18 15:35:40 2014 From: Douglas.Hughes at DEShawResearch.com (Hughes, Doug) Date: Wed, 18 Jun 2014 15:35:40 +0000 Subject: [rancid] Panrancid with PAN 6.0 In-Reply-To: References: Message-ID: It doesn?t look like it is from your very first debugging output: COMMAND is: show system info|ShowInfo In ShowInfo:: rancid at FIREWALL(active)> show rancid at FIREWALL(active)> show system rancid at FIREWALL(active)> show system info if scripting-mode was on, we wouldn?t see the stuff in red. (html mode on to read). The fact that the extra prompts show up indicates that it is intercepting the spaces and attempting to do ?helpful command completion?. From: Chip Pleasants [mailto:wpleasants at gmail.com] Sent: Wednesday, June 18, 2014 8:52 AM To: Hughes, Doug Cc: rancid-discuss at shrubbery.net Subject: Re: [rancid] Panrancid with PAN 6.0 It doesn't appear to be a bug, because I think its operating as you describe. When I turn on 'set cli scripting-mode on' it doesn't autocomplete on versions 6.0.2 or 5.0.11. Any other thoughts what could be going on? Thanks, Chip On Tue, Jun 17, 2014 at 3:34 PM, Hughes, Doug > wrote: Hrm. Yes, I had it correct the first time. (oof, busy day) ?on? is needed to prevent this ?feature?: line: rancid at FIREWALL(active)> set rancid at FIREWALL(active)> set cli rancid at FIREWALL(active)> set cli pager rancid at FIREWALL(active)> set cli pager off After each space, it does essentially a rewrite of the line as it tried to ?auto-correct? you from typing the wrong thing. This gets in the way of parsing with expect quite heavily, so I attempt to disable it as soon as possible. If set cli scripting-mode on does not cause this to stop (and it looks like it doesn?t), then that appears to be a bug. You can also see this by using type script: Here?s how it looks at the command line: Drdgpfs0002:/tmp$ script drdgpfs0002:/tmp$ ssh -l admin paloalto.en admin at paloalto.en's password: Last login: Tue Jun 17 15:05:06 2014 from drdbcntl.en.desres.deshaw.com Welcome admin. admin at paloalto.en> set cli scripting-mode on admin at paloalto.en> set cli ? Invalid syntax. admin at paloalto.en> exit Here's how it looks in the corresponding typescript file: i Script started on Tue 17 Jun 2014 03:25:13 PM EDT drdgpfs0002:/tmp$ ssh -l admin paloalto admin at paloalto.en's password: ^M Last login: Tue Jun 17 15:05:06 2014 from drdbcntl.en.desres.deshaw.com^M^M Welcome admin.^M admin at paloalto.en> set ^M^[[Kadmin at paloalto.en> set cli ^M^[[Kadmin at paloalto.en> set cli scripting-mode ^M^[[Kadmin at paloalto.en> set cli scripting-mode on^M admin at paloalto.en> set cli ?^M ^M Invalid syntax.^M admin at paloalto.en> exit^M Connection to paloalto.en closed.^M^M drdgpfs0002:/tmp$ exit^M^M exit^M Script done on Tue 17 Jun 2014 03:25:34 PM EDT If 'set cli scripting-mode on' doesn't disable the 'space' feature, then the rest of the expect is very iffy at best and difficult to manage Here's another way to confirm the behavior Type config If it autocompletes to 'configure', then cli scripting-mode is not on and results *will* vary. Disabling the pager is also important since it disables the --more-- when show config is running. I am running 6.0.2 but no HA on PA-3020 and PA-2050 From: Chip Pleasants [mailto:wpleasants at gmail.com] Sent: Tuesday, June 17, 2014 3:21 PM To: Hughes, Doug Cc: rancid-discuss at shrubbery.net Subject: Re: [rancid] Panrancid with PAN 6.0 Tried it on both versions. Seems like they both yield the same result. Doesn't the script turn cli scripting-mode on? Or do we don't really care that's its on or off? user at FIREWALLV6(active)> set cli scripting-mode off user at FIREWALLV6(active)> set cli scripting-mode off off on on user at FIREWALLV6(active)> set cli scripting-mode user at FIREWALLV5(active)> set cli scripting-mode off user at FIREWALLV5(active)> set cli scripting-mode off off on on user at FIREWALLV5(active)> set cli scripting-mode -Chip On Tue, Jun 17, 2014 at 3:10 PM, Hughes, Doug > wrote: Sorry, I meant ?off?, you need to set it to off and then try the ? test. From: Chip Pleasants [mailto:wpleasants at gmail.com] Sent: Tuesday, June 17, 2014 2:48 PM To: Hughes, Doug Cc: rancid-discuss at shrubbery.net Subject: Re: [rancid] Panrancid with PAN 6.0 Here's what I get. I get the same result from a version 5.x PA. I removed the "set cli scripting-mode on" from the script to test. Version 5.x PA works and version 6.x PA end up with the same result. user at FIREWALL(active)> set cli scripting-mode on user at FIREWALL(active)> set cli scripting-mode ? ? is not one of Invalid syntax. user at FIREWALL(active)> line: rancid at FIREWALL(active)> set rancid at FIREWALL(active)> set cli rancid at FIREWALL(active)> set cli pager rancid at FIREWALL(active)> set cli pager off PROMPT MATCH: rancid at FIREWALL\(active\)[#>] HIT COMMAND:rancid at FIREWALL(active)> set rancid at FIREWALL(active)> set cli rancid at FIREWALL(active)> set cli pager rancid at FIREWALL(active)> set cli pager off COMMAND is: set cli pager off|EatCommand HIT COMMAND:rancid at FIREWALL(active)> show rancid at FIREWALL(active)> show system rancid at FIREWALL(active)> show system info COMMAND is: show system info|ShowInfo In ShowInfo:: rancid at FIREWALL(active)> show rancid at FIREWALL(active)> show system rancid at FIREWALL(active)> show system info FIREWALL.dswinc.net: missed cmd(s): show config running FIREWALL.dswinc.net: missed cmd(s): show config running FIREWALL.dswinc.net: End of run not found FIREWALL.dswinc.net: End of run not found # [rancid at server rancid]$ On Tue, Jun 17, 2014 at 2:28 PM, Hughes, Doug > wrote: Ah, you are running in HA mode I see. That could be throwing things off, but I think I fixed that in 2013 sometime. (I don?t run any in HA) It looks to me like ?set cli scripting-mode on? is failing To confirm this, login to the PA at command line, then type set cli scripting-mode on Now type ?set cli scripting-mode ?? If you get any sort of command completion, the cli scripting mode setting is not working and needs to be turned into a PA bug report. That is what it looks like it is happening by looking at the command staggering for subsequent lines. From: Chip Pleasants [mailto:wpleasants at gmail.com] Sent: Tuesday, June 17, 2014 1:39 PM To: Hughes, Doug Cc: rancid-discuss at shrubbery.net Subject: Re: [rancid] Panrancid with PAN 6.0 Thanks Doug. I am running the most recent version, but for grins I replaced them anyway. Still seeing the issue on two sets. The others seem to work fine. Anything I provide that help find the trouble? -Chip On Mon, Jun 16, 2014 at 4:37 PM, Hughes, Doug > wrote: Yes, it?s working for me. Are you using the latest? (attached) From: Rancid-discuss [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Chip Pleasants Sent: Monday, June 16, 2014 2:01 PM To: rancid-discuss at shrubbery.net Subject: [rancid] Panrancid with PAN 6.0 Does anyone have Panrancid working with PAN version 6.0.2? I have four sets running PAN version 5.0.11 without an issues. Once I upgraded one set the script times out. Below is a debug. Let me know if you have any questions. Cheers, Chip [rancid at cmh1vlobs01 rancid]$ /usr/libexec/rancid/panrancid -d cmh1-z4-f01.domain.com executing panlogin -t 90 -c"set cli scripting-mode on;set cli pager off;show system info;show config running" cmh1-z4-f01.domain.com line: cmh1-z4-f01.domain.com line: spawn ssh -c 3des -x -l rancid cmh1-z4-f01.domain.com line: NOTICE TO USERS line: This is an official computer system and is the property of POOP Incorporated. line: It is for authorized users only. Unauthorized users are prohibited. line: Users (authorized or unauthorized) have no explicit or implicit expectation of line: privacy. Any or all uses of this system may be subject to one or more of the line: following actions: interception, monitoring, recording, auditing, inspection and line: disclosing to security personnel and law enforcement personnel, as well as line: authorized officials of other agencies, both domestic and foreign. By using this line: system, the user consents to these actions. Unauthorized or improper use of line: this system may result in administrative disciplinary action and civil and criminal line: penalties. By accessing this system you indicate your awareness of and line: consent to these terms and conditions of use. Discontinue access immediately line: if you do not agree to the conditions stated in this notice. line: line: Password: line: Last login: Mon Jun 16 08:00:00 2014 from cmh1vlobs01.domain.com line: Welcome rancid. line: line: rancid at CMH1-Z4-F01(active)> line: rancid at CMH1-Z4-F01(active)> line: rancid at CMH1-Z4-F01(active)> set rancid at CMH1-Z4-F01(active)> set cli rancid at CMH1-Z4-F01(active)> set cli scripting-mode rancid at CMH1-Z4-F01(active)> set cli scripting-mode on PROMPT MATCH: rancid at CMH1-Z4-F01\(active\)[#>] HIT COMMAND:rancid at CMH1-Z4-F01(active)> set rancid at CMH1-Z4-F01(active)> set cli rancid at CMH1-Z4-F01(active)> set cli scripting-mode rancid at CMH1-Z4-F01(active)> set cli scripting-mode on COMMAND is: set cli scripting-mode on|EatCommand HIT COMMAND:rancid at CMH1-Z4-F01(active)> set rancid at CMH1-Z4-F01(active)> set cli rancid at CMH1-Z4-F01(active)> set cli pager rancid at CMH1-Z4-F01(active)> set cli pager off COMMAND is: set cli pager off|EatCommand HIT COMMAND:rancid at CMH1-Z4-F01(active)> show rancid at CMH1-Z4-F01(active)> show system rancid at CMH1-Z4-F01(active)> show system info COMMAND is: show system info|ShowInfo In ShowInfo:: rancid at CMH1-Z4-F01(active)> show rancid at CMH1-Z4-F01(active)> show system rancid at CMH1-Z4-F01(active)> show system info cmh1-z4-f01.domain.com : missed cmd(s): show config running cmh1-z4-f01.domain.com : missed cmd(s): show config running cmh1-z4-f01.domain.com : End of run not found cmh1-z4-f01.domain.com : End of run not found -------------- next part -------------- An HTML attachment was scrubbed... URL: From wpleasants at gmail.com Wed Jun 18 16:11:48 2014 From: wpleasants at gmail.com (Chip Pleasants) Date: Wed, 18 Jun 2014 12:11:48 -0400 Subject: [rancid] Panrancid with PAN 6.0 In-Reply-To: References: Message-ID: I think I see what you are talking about now. Here are the two examples. One from a version 6 and one from a version 5. Now the odd part is when I perform this test manually turning on 'set cli scripting-mode on' it doesn't auto-complete on versions 6.0.2 or 5.0.11. Would there be a difference with the EatCommand portion of the script? Thanks for taking the time to work with me Doug. [rancid at cmh1vlobs01 rancid]$ /usr/libexec/rancid/panrancid -d FIREWALLV5.domain.com executing panlogin -t 90 -c"set cli scripting-mode on;set cli pager off;show system info;show config running" FIREWALLV5.domain.com line: FIREWALLV5.domain.com line: rancid at FIREWALLV5(active)> line: rancid at FIREWALLV5(active)> set rancid at FIREWALLV5(active)> set cli rancid at FIREWALLV5(active)> set cli scripting-mode rancid at FIREWALLV5(active)> set cli scripting-mode on PROMPT MATCH: rancid at FIREWALLV5\(active\)[#>] HIT COMMAND:rancid at FIREWALLV5(active)> set rancid at FIREWALLV5(active)> set cli rancid at FIREWALLV5(active)> set cli scripting-mode rancid at FIREWALLV5(active)> set cli scripting-mode on COMMAND is: set cli scripting-mode on|EatCommand HIT COMMAND:rancid at FIREWALLV5(active)> set cli pager off COMMAND is: set cli pager off|EatCommand HIT COMMAND:rancid at FIREWALLV5(active)> show system info COMMAND is: show system info|ShowInfo In ShowInfo:: rancid at FIREWALLV5(active)> show system info HIT COMMAND:rancid at FIREWALLV5(active)> show config running COMMAND is: show config running|ShowConfig In ShowConfig: rancid at FIREWALLV5(active)> show config running line: exiting [rancid at cmh1vlobs01 rancid]$ [rancid at cmh1vlobs01 rancid]$ /usr/libexec/rancid/panrancid -d FIREWALLV6.domain.com executing panlogin -t 90 -c"set cli scripting-mode on;set cli pager off;show system info;show config running" FIREWALLV6.domain.com line: FIREWALLV6.domain.com line: rancid at FIREWALLV6(active)> line: rancid at FIREWALLV6(active)> set rancid at FIREWALLV6(active)> set cli rancid at FIREWALLV6(active)> set cli scripting-mode rancid at FIREWALLV6(active)> set cli scripting-mode on PROMPT MATCH: rancid at FIREWALLV6\(active\)[#>] HIT COMMAND:rancid at FIREWALLV6(active)> set rancid at FIREWALLV6(active)> set cli rancid at FIREWALLV6(active)> set cli scripting-mode rancid at FIREWALLV6(active)> set cli scripting-mode on COMMAND is: set cli scripting-mode on|EatCommand HIT COMMAND:rancid at FIREWALLV6(active)> set rancid at FIREWALLV6(active)> set cli rancid at FIREWALLV6(active)> set cli pager rancid at FIREWALLV6(active)> set cli pager off COMMAND is: set cli pager off|EatCommand HIT COMMAND:rancid at FIREWALLV6(active)> show rancid at FIREWALLV6(active)> show system rancid at FIREWALLV6(active)> show system info COMMAND is: show system info|ShowInfo In ShowInfo:: rancid at FIREWALLV6(active)> show rancid at FIREWALLV6(active)> show system rancid at FIREWALLV6(active)> show system info FIREWALLV6.domain.com: missed cmd(s): show config running FIREWALLV6.domain.com: missed cmd(s): show config running FIREWALLV6.domain.com: End of run not found FIREWALLV6.domain.com: End of run not found # [rancid at cmh1vlobs01 rancid]$ ! -Chip On Wed, Jun 18, 2014 at 11:35 AM, Hughes, Doug < Douglas.Hughes at deshawresearch.com> wrote: > It doesn?t look like it is from your very first debugging output: > > COMMAND is: show system info|ShowInfo > In ShowInfo:: rancid at FIREWALL(active)> show rancid at FIREWALL(active)> > show system rancid at FIREWALL(active)> show system info > > > if scripting-mode was on, we wouldn?t see the stuff in red. (html mode on > to read). The fact that the extra prompts show up indicates that it is > intercepting the spaces and attempting to do ?helpful command completion?. > > > > > > > > *From:* Chip Pleasants [mailto:wpleasants at gmail.com] > *Sent:* Wednesday, June 18, 2014 8:52 AM > > *To:* Hughes, Doug > *Cc:* rancid-discuss at shrubbery.net > *Subject:* Re: [rancid] Panrancid with PAN 6.0 > > > > It doesn't appear to be a bug, because I think its operating as you > describe. When I turn on 'set cli scripting-mode on' it doesn't > autocomplete on versions 6.0.2 or 5.0.11. Any other thoughts what could be > going on? > > > > Thanks, > > Chip > > > > > > > > > > On Tue, Jun 17, 2014 at 3:34 PM, Hughes, Doug < > Douglas.Hughes at deshawresearch.com> wrote: > > Hrm. Yes, I had it correct the first time. (oof, busy day) > > ?on? is needed to prevent this ?feature?: > > line: rancid at FIREWALL(active)> set rancid at FIREWALL(active)> set cli > rancid at FIREWALL(active)> set cli pager rancid at FIREWALL(active)> set cli > pager off > > After each space, it does essentially a rewrite of the line as it tried to > ?auto-correct? you from typing the wrong thing. This gets in the way of > parsing with expect quite heavily, so I attempt to disable it as soon as > possible. If set cli scripting-mode on does not cause this to stop (and it > looks like it doesn?t), then that appears to be a bug. You can also see > this by using type script: > > Here?s how it looks at the command line: > Drdgpfs0002:/tmp$ script > drdgpfs0002:/tmp$ ssh -l admin paloalto.en > admin at paloalto.en's password: > Last login: Tue Jun 17 15:05:06 2014 from drdbcntl.en.desres.deshaw.com > Welcome admin. > admin at paloalto.en> set cli scripting-mode on > admin at paloalto.en> set cli ? > > Invalid syntax. > admin at paloalto.en> exit > > > Here's how it looks in the corresponding typescript file: > i Script started on Tue 17 Jun 2014 03:25:13 PM EDT > drdgpfs0002:/tmp$ ssh -l admin paloalto > admin at paloalto.en's password: ^M > Last login: Tue Jun 17 15:05:06 2014 from drdbcntl.en.desres.deshaw.com > ^M^M > Welcome admin.^M > admin at paloalto.en> set ^M^[[Kadmin at paloalto.en> set cli > ^M^[[Kadmin at paloalto.en> > set cli scripting-mode ^M^[[Kadmin at paloalto.en> set cli scripting-mode > on^M > admin at paloalto.en> set cli ?^M > ^M > Invalid syntax.^M > admin at paloalto.en> exit^M > Connection to paloalto.en closed.^M^M > drdgpfs0002:/tmp$ exit^M^M > exit^M > > Script done on Tue 17 Jun 2014 03:25:34 PM EDT > > If 'set cli scripting-mode on' doesn't disable the 'space' feature, then > the rest of the expect is very iffy at best and difficult to manage > > Here's another way to confirm the behavior > > Type config > > If it autocompletes to 'configure', then cli scripting-mode is not on and > results *will* vary. > Disabling the pager is also important since it disables the --more-- when > show config is running. > > I am running 6.0.2 but no HA on PA-3020 and PA-2050 > > > > > From: Chip Pleasants [mailto:wpleasants at gmail.com] > > Sent: Tuesday, June 17, 2014 3:21 PM > > To: Hughes, Doug > Cc: rancid-discuss at shrubbery.net > Subject: Re: [rancid] Panrancid with PAN 6.0 > > Tried it on both versions. Seems like they both yield the same result. > Doesn't the script turn cli scripting-mode on? Or do we don't really care > that's its on or off? > > > > > user at FIREWALLV6(active)> set cli scripting-mode off > user at FIREWALLV6(active)> set cli scripting-mode > off off > on on > > user at FIREWALLV6(active)> set cli scripting-mode > > > > > > > user at FIREWALLV5(active)> set cli scripting-mode off > user at FIREWALLV5(active)> set cli scripting-mode > off off > on on > > user at FIREWALLV5(active)> set cli scripting-mode > > > > -Chip > > > On Tue, Jun 17, 2014 at 3:10 PM, Hughes, Doug < > Douglas.Hughes at deshawresearch.com> wrote: > Sorry, I meant ?off?, you need to set it to off and then try the ? test. > > From: Chip Pleasants [mailto:wpleasants at gmail.com] > Sent: Tuesday, June 17, 2014 2:48 PM > > To: Hughes, Doug > Cc: rancid-discuss at shrubbery.net > Subject: Re: [rancid] Panrancid with PAN 6.0 > > Here's what I get. I get the same result from a version 5.x PA. I removed > the "set cli scripting-mode on" from the script to test. Version 5.x PA > works and version 6.x PA end up with the same result. > > > user at FIREWALL(active)> set cli scripting-mode on > user at FIREWALL(active)> set cli scripting-mode ? > ? is not one of > > Invalid syntax. > user at FIREWALL(active)> > > > > line: rancid at FIREWALL(active)> set rancid at FIREWALL(active)> set cli > rancid at FIREWALL(active)> set cli pager rancid at FIREWALL(active)> set cli > pager off > PROMPT MATCH: rancid at FIREWALL\(active\)[#>] > HIT COMMAND:rancid at FIREWALL(active)> set rancid at FIREWALL(active)> set cli > rancid at FIREWALL(active)> set cli pager rancid at FIREWALL(active)> set cli > pager off > > COMMAND is: set cli pager off|EatCommand > HIT COMMAND:rancid at FIREWALL(active)> show rancid at FIREWALL(active)> show > system rancid at FIREWALL(active)> show system info > > COMMAND is: show system info|ShowInfo > In ShowInfo:: rancid at FIREWALL(active)> show rancid at FIREWALL(active)> > show system rancid at FIREWALL(active)> show system info > FIREWALL.dswinc.net: missed cmd(s): show config running > FIREWALL.dswinc.net: missed cmd(s): show config running > FIREWALL.dswinc.net: End of run not found > FIREWALL.dswinc.net: End of run not found > # > [rancid at server rancid]$ > > > > > On Tue, Jun 17, 2014 at 2:28 PM, Hughes, Doug < > Douglas.Hughes at deshawresearch.com> wrote: > Ah, you are running in HA mode I see. That could be throwing things off, > but I think I fixed that in 2013 sometime. > (I don?t run any in HA) > > It looks to me like ?set cli scripting-mode on? is failing > > To confirm this, login to the PA at command line, then type set cli > scripting-mode on > > Now type ?set cli scripting-mode ?? > > If you get any sort of command completion, the cli scripting mode setting > is not working and needs to be turned into a PA bug report. That is what it > looks like it is happening by looking at the command staggering for > subsequent lines. > > From: Chip Pleasants [mailto:wpleasants at gmail.com] > Sent: Tuesday, June 17, 2014 1:39 PM > To: Hughes, Doug > Cc: rancid-discuss at shrubbery.net > Subject: Re: [rancid] Panrancid with PAN 6.0 > > Thanks Doug. I am running the most recent version, but for grins I > replaced them anyway. Still seeing the issue on two sets. The others seem > to work fine. Anything I provide that help find the trouble? > > -Chip > > > On Mon, Jun 16, 2014 at 4:37 PM, Hughes, Doug < > Douglas.Hughes at deshawresearch.com> wrote: > Yes, it?s working for me. Are you using the latest? (attached) > > > From: Rancid-discuss [mailto:rancid-discuss-bounces at shrubbery.net] On > Behalf Of Chip Pleasants > Sent: Monday, June 16, 2014 2:01 PM > To: rancid-discuss at shrubbery.net > Subject: [rancid] Panrancid with PAN 6.0 > > Does anyone have Panrancid working with PAN version 6.0.2? I have four > sets running PAN version 5.0.11 without an issues. Once I upgraded one set > the script times out. Below is a debug. Let me know if you have any > questions. > > Cheers, > > Chip > > > [rancid at cmh1vlobs01 rancid]$ /usr/libexec/rancid/panrancid -d > cmh1-z4-f01.domain.com > executing panlogin -t 90 -c"set cli scripting-mode on;set cli pager > off;show system info;show config running" cmh1-z4-f01.domain.com > line: cmh1-z4-f01.domain.com > line: spawn ssh -c 3des -x -l rancid cmh1-z4-f01.domain.com > line: NOTICE TO USERS > line: This is an official computer system and is the property of POOP > Incorporated. > line: It is for authorized users only. Unauthorized users are > prohibited. > line: Users (authorized or unauthorized) have no explicit or implicit > expectation of > line: privacy. Any or all uses of this system may be subject to one or > more of the > line: following actions: interception, monitoring, recording, auditing, > inspection and > line: disclosing to security personnel and law enforcement personnel, as > well as > line: authorized officials of other agencies, both domestic and foreign. > By using this > line: system, the user consents to these actions. Unauthorized or > improper use of > line: this system may result in administrative disciplinary action and > civil and criminal > line: penalties. By accessing this system you indicate your awareness > of and > line: consent to these terms and conditions of use. Discontinue access > immediately > line: if you do not agree to the conditions stated in this notice. > line: > line: Password: > line: Last login: Mon Jun 16 08:00:00 2014 from cmh1vlobs01.domain.com > line: Welcome rancid. > line: > line: rancid at CMH1-Z4-F01(active)> > line: rancid at CMH1-Z4-F01(active)> > line: rancid at CMH1-Z4-F01(active)> set rancid at CMH1-Z4-F01(active)> set cli > rancid at CMH1-Z4-F01(active)> set cli scripting-mode rancid at CMH1-Z4-F01(active)> > set cli scripting-mode on > PROMPT MATCH: rancid at CMH1-Z4-F01\(active\)[#>] > HIT COMMAND:rancid at CMH1-Z4-F01(active)> set rancid at CMH1-Z4-F01(active)> > set cli rancid at CMH1-Z4-F01(active)> set cli scripting-mode > rancid at CMH1-Z4-F01(active)> set cli scripting-mode on > > COMMAND is: set cli scripting-mode on|EatCommand > HIT COMMAND:rancid at CMH1-Z4-F01(active)> set rancid at CMH1-Z4-F01(active)> > set cli rancid at CMH1-Z4-F01(active)> set cli pager rancid at CMH1-Z4-F01(active)> > set cli pager off > > COMMAND is: set cli pager off|EatCommand > HIT COMMAND:rancid at CMH1-Z4-F01(active)> show rancid at CMH1-Z4-F01(active)> > show system rancid at CMH1-Z4-F01(active)> show system info > > COMMAND is: show system info|ShowInfo > In ShowInfo:: rancid at CMH1-Z4-F01(active)> show rancid at CMH1-Z4-F01(active)> > show system rancid at CMH1-Z4-F01(active)> show system info > cmh1-z4-f01.domain.com : missed cmd(s): show config running > cmh1-z4-f01.domain.com : missed cmd(s): show config running > cmh1-z4-f01.domain.com : End of run not found > cmh1-z4-f01.domain.com : End of run not found > > > > > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From Douglas.Hughes at DEShawResearch.com Wed Jun 18 17:14:38 2014 From: Douglas.Hughes at DEShawResearch.com (Hughes, Doug) Date: Wed, 18 Jun 2014 17:14:38 +0000 Subject: [rancid] Panrancid with PAN 6.0 In-Reply-To: References: Message-ID: EatCommand just takes care of registering and aligning for the next command since that command doesn?t produce any ouput, but you still need to do something with what echoes back to expect. Your below panlogin to firewallv5 worked perfectly. You can see it repeating each word and building until cli scripting-mode is on, and then everything after that works ok. Yet it didn?t work for firewallv6. This seems like a bug. I?d open a case with support.paloaltonetworks.com to see what?s going on. Something weird is causing the cli scripting-mode on to fail. From: Chip Pleasants [mailto:wpleasants at gmail.com] Sent: Wednesday, June 18, 2014 12:12 PM To: Hughes, Doug Cc: rancid-discuss at shrubbery.net Subject: Re: [rancid] Panrancid with PAN 6.0 I think I see what you are talking about now. Here are the two examples. One from a version 6 and one from a version 5. Now the odd part is when I perform this test manually turning on 'set cli scripting-mode on' it doesn't auto-complete on versions 6.0.2 or 5.0.11. Would there be a difference with the EatCommand portion of the script? Thanks for taking the time to work with me Doug. [rancid at cmh1vlobs01 rancid]$ /usr/libexec/rancid/panrancid -d FIREWALLV5.domain.com executing panlogin -t 90 -c"set cli scripting-mode on;set cli pager off;show system info;show config running" FIREWALLV5.domain.com line: FIREWALLV5.domain.com line: rancid at FIREWALLV5(active)> line: rancid at FIREWALLV5(active)> set rancid at FIREWALLV5(active)> set cli rancid at FIREWALLV5(active)> set cli scripting-mode rancid at FIREWALLV5(active)> set cli scripting-mode on PROMPT MATCH: rancid at FIREWALLV5\(active\)[#>] HIT COMMAND:rancid at FIREWALLV5(active)> set rancid at FIREWALLV5(active)> set cli rancid at FIREWALLV5(active)> set cli scripting-mode rancid at FIREWALLV5(active)> set cli scripting-mode on COMMAND is: set cli scripting-mode on|EatCommand HIT COMMAND:rancid at FIREWALLV5(active)> set cli pager off COMMAND is: set cli pager off|EatCommand HIT COMMAND:rancid at FIREWALLV5(active)> show system info COMMAND is: show system info|ShowInfo In ShowInfo:: rancid at FIREWALLV5(active)> show system info HIT COMMAND:rancid at FIREWALLV5(active)> show config running COMMAND is: show config running|ShowConfig In ShowConfig: rancid at FIREWALLV5(active)> show config running line: exiting [rancid at cmh1vlobs01 rancid]$ [rancid at cmh1vlobs01 rancid]$ /usr/libexec/rancid/panrancid -d FIREWALLV6.domain.com executing panlogin -t 90 -c"set cli scripting-mode on;set cli pager off;show system info;show config running" FIREWALLV6.domain.com line: FIREWALLV6.domain.com line: rancid at FIREWALLV6(active)> line: rancid at FIREWALLV6(active)> set rancid at FIREWALLV6(active)> set cli rancid at FIREWALLV6(active)> set cli scripting-mode rancid at FIREWALLV6(active)> set cli scripting-mode on PROMPT MATCH: rancid at FIREWALLV6\(active\)[#>] HIT COMMAND:rancid at FIREWALLV6(active)> set rancid at FIREWALLV6(active)> set cli rancid at FIREWALLV6(active)> set cli scripting-mode rancid at FIREWALLV6(active)> set cli scripting-mode on COMMAND is: set cli scripting-mode on|EatCommand HIT COMMAND:rancid at FIREWALLV6(active)> set rancid at FIREWALLV6(active)> set cli rancid at FIREWALLV6(active)> set cli pager rancid at FIREWALLV6(active)> set cli pager off COMMAND is: set cli pager off|EatCommand HIT COMMAND:rancid at FIREWALLV6(active)> show rancid at FIREWALLV6(active)> show system rancid at FIREWALLV6(active)> show system info COMMAND is: show system info|ShowInfo In ShowInfo:: rancid at FIREWALLV6(active)> show rancid at FIREWALLV6(active)> show system rancid at FIREWALLV6(active)> show system info FIREWALLV6.domain.com: missed cmd(s): show config running FIREWALLV6.domain.com: missed cmd(s): show config running FIREWALLV6.domain.com: End of run not found FIREWALLV6.domain.com: End of run not found # [rancid at cmh1vlobs01 rancid]$ ! -Chip On Wed, Jun 18, 2014 at 11:35 AM, Hughes, Doug > wrote: It doesn?t look like it is from your very first debugging output: COMMAND is: show system info|ShowInfo In ShowInfo:: rancid at FIREWALL(active)> show rancid at FIREWALL(active)> show system rancid at FIREWALL(active)> show system info if scripting-mode was on, we wouldn?t see the stuff in red. (html mode on to read). The fact that the extra prompts show up indicates that it is intercepting the spaces and attempting to do ?helpful command completion?. From: Chip Pleasants [mailto:wpleasants at gmail.com] Sent: Wednesday, June 18, 2014 8:52 AM To: Hughes, Doug Cc: rancid-discuss at shrubbery.net Subject: Re: [rancid] Panrancid with PAN 6.0 It doesn't appear to be a bug, because I think its operating as you describe. When I turn on 'set cli scripting-mode on' it doesn't autocomplete on versions 6.0.2 or 5.0.11. Any other thoughts what could be going on? Thanks, Chip On Tue, Jun 17, 2014 at 3:34 PM, Hughes, Doug > wrote: Hrm. Yes, I had it correct the first time. (oof, busy day) ?on? is needed to prevent this ?feature?: line: rancid at FIREWALL(active)> set rancid at FIREWALL(active)> set cli rancid at FIREWALL(active)> set cli pager rancid at FIREWALL(active)> set cli pager off After each space, it does essentially a rewrite of the line as it tried to ?auto-correct? you from typing the wrong thing. This gets in the way of parsing with expect quite heavily, so I attempt to disable it as soon as possible. If set cli scripting-mode on does not cause this to stop (and it looks like it doesn?t), then that appears to be a bug. You can also see this by using type script: Here?s how it looks at the command line: Drdgpfs0002:/tmp$ script drdgpfs0002:/tmp$ ssh -l admin paloalto.en admin at paloalto.en's password: Last login: Tue Jun 17 15:05:06 2014 from drdbcntl.en.desres.deshaw.com Welcome admin. admin at paloalto.en> set cli scripting-mode on admin at paloalto.en> set cli ? Invalid syntax. admin at paloalto.en> exit Here's how it looks in the corresponding typescript file: i Script started on Tue 17 Jun 2014 03:25:13 PM EDT drdgpfs0002:/tmp$ ssh -l admin paloalto admin at paloalto.en's password: ^M Last login: Tue Jun 17 15:05:06 2014 from drdbcntl.en.desres.deshaw.com^M^M Welcome admin.^M admin at paloalto.en> set ^M^[[Kadmin at paloalto.en> set cli ^M^[[Kadmin at paloalto.en> set cli scripting-mode ^M^[[Kadmin at paloalto.en> set cli scripting-mode on^M admin at paloalto.en> set cli ?^M ^M Invalid syntax.^M admin at paloalto.en> exit^M Connection to paloalto.en closed.^M^M drdgpfs0002:/tmp$ exit^M^M exit^M Script done on Tue 17 Jun 2014 03:25:34 PM EDT If 'set cli scripting-mode on' doesn't disable the 'space' feature, then the rest of the expect is very iffy at best and difficult to manage Here's another way to confirm the behavior Type config If it autocompletes to 'configure', then cli scripting-mode is not on and results *will* vary. Disabling the pager is also important since it disables the --more-- when show config is running. I am running 6.0.2 but no HA on PA-3020 and PA-2050 From: Chip Pleasants [mailto:wpleasants at gmail.com] Sent: Tuesday, June 17, 2014 3:21 PM To: Hughes, Doug Cc: rancid-discuss at shrubbery.net Subject: Re: [rancid] Panrancid with PAN 6.0 Tried it on both versions. Seems like they both yield the same result. Doesn't the script turn cli scripting-mode on? Or do we don't really care that's its on or off? user at FIREWALLV6(active)> set cli scripting-mode off user at FIREWALLV6(active)> set cli scripting-mode off off on on user at FIREWALLV6(active)> set cli scripting-mode user at FIREWALLV5(active)> set cli scripting-mode off user at FIREWALLV5(active)> set cli scripting-mode off off on on user at FIREWALLV5(active)> set cli scripting-mode -Chip On Tue, Jun 17, 2014 at 3:10 PM, Hughes, Doug > wrote: Sorry, I meant ?off?, you need to set it to off and then try the ? test. From: Chip Pleasants [mailto:wpleasants at gmail.com] Sent: Tuesday, June 17, 2014 2:48 PM To: Hughes, Doug Cc: rancid-discuss at shrubbery.net Subject: Re: [rancid] Panrancid with PAN 6.0 Here's what I get. I get the same result from a version 5.x PA. I removed the "set cli scripting-mode on" from the script to test. Version 5.x PA works and version 6.x PA end up with the same result. user at FIREWALL(active)> set cli scripting-mode on user at FIREWALL(active)> set cli scripting-mode ? ? is not one of Invalid syntax. user at FIREWALL(active)> line: rancid at FIREWALL(active)> set rancid at FIREWALL(active)> set cli rancid at FIREWALL(active)> set cli pager rancid at FIREWALL(active)> set cli pager off PROMPT MATCH: rancid at FIREWALL\(active\)[#>] HIT COMMAND:rancid at FIREWALL(active)> set rancid at FIREWALL(active)> set cli rancid at FIREWALL(active)> set cli pager rancid at FIREWALL(active)> set cli pager off COMMAND is: set cli pager off|EatCommand HIT COMMAND:rancid at FIREWALL(active)> show rancid at FIREWALL(active)> show system rancid at FIREWALL(active)> show system info COMMAND is: show system info|ShowInfo In ShowInfo:: rancid at FIREWALL(active)> show rancid at FIREWALL(active)> show system rancid at FIREWALL(active)> show system info FIREWALL.dswinc.net: missed cmd(s): show config running FIREWALL.dswinc.net: missed cmd(s): show config running FIREWALL.dswinc.net: End of run not found FIREWALL.dswinc.net: End of run not found # [rancid at server rancid]$ On Tue, Jun 17, 2014 at 2:28 PM, Hughes, Doug > wrote: Ah, you are running in HA mode I see. That could be throwing things off, but I think I fixed that in 2013 sometime. (I don?t run any in HA) It looks to me like ?set cli scripting-mode on? is failing To confirm this, login to the PA at command line, then type set cli scripting-mode on Now type ?set cli scripting-mode ?? If you get any sort of command completion, the cli scripting mode setting is not working and needs to be turned into a PA bug report. That is what it looks like it is happening by looking at the command staggering for subsequent lines. From: Chip Pleasants [mailto:wpleasants at gmail.com] Sent: Tuesday, June 17, 2014 1:39 PM To: Hughes, Doug Cc: rancid-discuss at shrubbery.net Subject: Re: [rancid] Panrancid with PAN 6.0 Thanks Doug. I am running the most recent version, but for grins I replaced them anyway. Still seeing the issue on two sets. The others seem to work fine. Anything I provide that help find the trouble? -Chip On Mon, Jun 16, 2014 at 4:37 PM, Hughes, Doug > wrote: Yes, it?s working for me. Are you using the latest? (attached) From: Rancid-discuss [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Chip Pleasants Sent: Monday, June 16, 2014 2:01 PM To: rancid-discuss at shrubbery.net Subject: [rancid] Panrancid with PAN 6.0 Does anyone have Panrancid working with PAN version 6.0.2? I have four sets running PAN version 5.0.11 without an issues. Once I upgraded one set the script times out. Below is a debug. Let me know if you have any questions. Cheers, Chip [rancid at cmh1vlobs01 rancid]$ /usr/libexec/rancid/panrancid -d cmh1-z4-f01.domain.com executing panlogin -t 90 -c"set cli scripting-mode on;set cli pager off;show system info;show config running" cmh1-z4-f01.domain.com line: cmh1-z4-f01.domain.com line: spawn ssh -c 3des -x -l rancid cmh1-z4-f01.domain.com line: NOTICE TO USERS line: This is an official computer system and is the property of POOP Incorporated. line: It is for authorized users only. Unauthorized users are prohibited. line: Users (authorized or unauthorized) have no explicit or implicit expectation of line: privacy. Any or all uses of this system may be subject to one or more of the line: following actions: interception, monitoring, recording, auditing, inspection and line: disclosing to security personnel and law enforcement personnel, as well as line: authorized officials of other agencies, both domestic and foreign. By using this line: system, the user consents to these actions. Unauthorized or improper use of line: this system may result in administrative disciplinary action and civil and criminal line: penalties. By accessing this system you indicate your awareness of and line: consent to these terms and conditions of use. Discontinue access immediately line: if you do not agree to the conditions stated in this notice. line: line: Password: line: Last login: Mon Jun 16 08:00:00 2014 from cmh1vlobs01.domain.com line: Welcome rancid. line: line: rancid at CMH1-Z4-F01(active)> line: rancid at CMH1-Z4-F01(active)> line: rancid at CMH1-Z4-F01(active)> set rancid at CMH1-Z4-F01(active)> set cli rancid at CMH1-Z4-F01(active)> set cli scripting-mode rancid at CMH1-Z4-F01(active)> set cli scripting-mode on PROMPT MATCH: rancid at CMH1-Z4-F01\(active\)[#>] HIT COMMAND:rancid at CMH1-Z4-F01(active)> set rancid at CMH1-Z4-F01(active)> set cli rancid at CMH1-Z4-F01(active)> set cli scripting-mode rancid at CMH1-Z4-F01(active)> set cli scripting-mode on COMMAND is: set cli scripting-mode on|EatCommand HIT COMMAND:rancid at CMH1-Z4-F01(active)> set rancid at CMH1-Z4-F01(active)> set cli rancid at CMH1-Z4-F01(active)> set cli pager rancid at CMH1-Z4-F01(active)> set cli pager off COMMAND is: set cli pager off|EatCommand HIT COMMAND:rancid at CMH1-Z4-F01(active)> show rancid at CMH1-Z4-F01(active)> show system rancid at CMH1-Z4-F01(active)> show system info COMMAND is: show system info|ShowInfo In ShowInfo:: rancid at CMH1-Z4-F01(active)> show rancid at CMH1-Z4-F01(active)> show system rancid at CMH1-Z4-F01(active)> show system info cmh1-z4-f01.domain.com : missed cmd(s): show config running cmh1-z4-f01.domain.com : missed cmd(s): show config running cmh1-z4-f01.domain.com : End of run not found cmh1-z4-f01.domain.com : End of run not found -------------- next part -------------- An HTML attachment was scrubbed... URL: From wpleasants at gmail.com Wed Jun 18 17:27:22 2014 From: wpleasants at gmail.com (Chip Pleasants) Date: Wed, 18 Jun 2014 13:27:22 -0400 Subject: [rancid] Panrancid with PAN 6.0 In-Reply-To: References: Message-ID: I can open a ticket, but I'm concerned that I can not show them an example of it broke besides the script. They may work with me if can't show its broke manually. Thanks again Doug for assistance. -Chip On Jun 18, 2014 1:14 PM, "Hughes, Doug" wrote: > EatCommand just takes care of registering and aligning for the next > command since that command doesn?t produce any ouput, but you still need to > do something with what echoes back to expect. > > > > Your below panlogin to firewallv5 worked perfectly. > > You can see it repeating each word and building until cli scripting-mode > is on, and then everything after that works ok. > > > > Yet it didn?t work for firewallv6. This seems like a bug. I?d open a case > with support.paloaltonetworks.com to see what?s going on. Something weird > is causing the cli scripting-mode on to fail. > > > > > > *From:* Chip Pleasants [mailto:wpleasants at gmail.com] > *Sent:* Wednesday, June 18, 2014 12:12 PM > *To:* Hughes, Doug > *Cc:* rancid-discuss at shrubbery.net > *Subject:* Re: [rancid] Panrancid with PAN 6.0 > > > > I think I see what you are talking about now. Here are the two examples. > One from a version 6 and one from a version 5. Now the odd part is when > I perform this test manually turning on 'set cli scripting-mode on' it > doesn't auto-complete on versions 6.0.2 or 5.0.11. Would there be > a difference with the EatCommand portion of the script? Thanks for taking > the time to work with me Doug. > > > > > > [rancid at cmh1vlobs01 rancid]$ /usr/libexec/rancid/panrancid -d > FIREWALLV5.domain.com > > executing panlogin -t 90 -c"set cli scripting-mode on;set cli pager > off;show system info;show config running" FIREWALLV5.domain.com > > line: FIREWALLV5.domain.com > > line: rancid at FIREWALLV5(active)> > > line: rancid at FIREWALLV5(active)> set rancid at FIREWALLV5(active)> set cli > rancid at FIREWALLV5(active)> set cli scripting-mode rancid at FIREWALLV5(active)> > set cli scripting-mode on > > PROMPT MATCH: rancid at FIREWALLV5\(active\)[#>] > > HIT COMMAND:rancid at FIREWALLV5(active)> set rancid at FIREWALLV5(active)> set > cli rancid at FIREWALLV5(active)> set cli scripting-mode rancid at FIREWALLV5(active)> > set cli scripting-mode on > > > > COMMAND is: set cli scripting-mode on|EatCommand > > HIT COMMAND:rancid at FIREWALLV5(active)> set cli pager off > > > > COMMAND is: set cli pager off|EatCommand > > HIT COMMAND:rancid at FIREWALLV5(active)> show system info > > > > COMMAND is: show system info|ShowInfo > > In ShowInfo:: rancid at FIREWALLV5(active)> show system info > > HIT COMMAND:rancid at FIREWALLV5(active)> show config running > > > > COMMAND is: show config running|ShowConfig > > In ShowConfig: rancid at FIREWALLV5(active)> show config running > > line: > > exiting > > [rancid at cmh1vlobs01 rancid]$ > > > > > > > > [rancid at cmh1vlobs01 rancid]$ /usr/libexec/rancid/panrancid -d > FIREWALLV6.domain.com > > executing panlogin -t 90 -c"set cli scripting-mode on;set cli pager > off;show system info;show config running" FIREWALLV6.domain.com > > line: FIREWALLV6.domain.com > > line: rancid at FIREWALLV6(active)> > > line: rancid at FIREWALLV6(active)> set rancid at FIREWALLV6(active)> set cli > rancid at FIREWALLV6(active)> set cli scripting-mode rancid at FIREWALLV6(active)> > set cli scripting-mode on > > PROMPT MATCH: rancid at FIREWALLV6\(active\)[#>] > > HIT COMMAND:rancid at FIREWALLV6(active)> set rancid at FIREWALLV6(active)> set > cli rancid at FIREWALLV6(active)> set cli scripting-mode rancid at FIREWALLV6(active)> > set cli scripting-mode on > > > > COMMAND is: set cli scripting-mode on|EatCommand > > HIT COMMAND:rancid at FIREWALLV6(active)> set rancid at FIREWALLV6(active)> set > cli rancid at FIREWALLV6(active)> set cli pager rancid at FIREWALLV6(active)> > set cli pager off > > > > COMMAND is: set cli pager off|EatCommand > > HIT COMMAND:rancid at FIREWALLV6(active)> show rancid at FIREWALLV6(active)> > show system rancid at FIREWALLV6(active)> show system info > > > > COMMAND is: show system info|ShowInfo > > In ShowInfo:: rancid at FIREWALLV6(active)> show rancid at FIREWALLV6(active)> > show system rancid at FIREWALLV6(active)> show system info > > FIREWALLV6.domain.com: missed cmd(s): show config running > > FIREWALLV6.domain.com: missed cmd(s): show config running > > FIREWALLV6.domain.com: End of run not found > > FIREWALLV6.domain.com: End of run not found > > # > > [rancid at cmh1vlobs01 rancid]$ ! > > > > > > > > -Chip > > > > > > On Wed, Jun 18, 2014 at 11:35 AM, Hughes, Doug < > Douglas.Hughes at deshawresearch.com> wrote: > > It doesn?t look like it is from your very first debugging output: > > COMMAND is: show system info|ShowInfo > In ShowInfo:: rancid at FIREWALL(active)> show rancid at FIREWALL(active)> > show system rancid at FIREWALL(active)> show system info > > > if scripting-mode was on, we wouldn?t see the stuff in red. (html mode on > to read). The fact that the extra prompts show up indicates that it is > intercepting the spaces and attempting to do ?helpful command completion?. > > > > > > > > *From:* Chip Pleasants [mailto:wpleasants at gmail.com] > *Sent:* Wednesday, June 18, 2014 8:52 AM > > > *To:* Hughes, Doug > *Cc:* rancid-discuss at shrubbery.net > *Subject:* Re: [rancid] Panrancid with PAN 6.0 > > > > It doesn't appear to be a bug, because I think its operating as you > describe. When I turn on 'set cli scripting-mode on' it doesn't > autocomplete on versions 6.0.2 or 5.0.11. Any other thoughts what could be > going on? > > > > Thanks, > > Chip > > > > > > > > > > On Tue, Jun 17, 2014 at 3:34 PM, Hughes, Doug < > Douglas.Hughes at deshawresearch.com> wrote: > > Hrm. Yes, I had it correct the first time. (oof, busy day) > > ?on? is needed to prevent this ?feature?: > > line: rancid at FIREWALL(active)> set rancid at FIREWALL(active)> set cli > rancid at FIREWALL(active)> set cli pager rancid at FIREWALL(active)> set cli > pager off > > After each space, it does essentially a rewrite of the line as it tried to > ?auto-correct? you from typing the wrong thing. This gets in the way of > parsing with expect quite heavily, so I attempt to disable it as soon as > possible. If set cli scripting-mode on does not cause this to stop (and it > looks like it doesn?t), then that appears to be a bug. You can also see > this by using type script: > > Here?s how it looks at the command line: > Drdgpfs0002:/tmp$ script > drdgpfs0002:/tmp$ ssh -l admin paloalto.en > admin at paloalto.en's password: > Last login: Tue Jun 17 15:05:06 2014 from drdbcntl.en.desres.deshaw.com > Welcome admin. > admin at paloalto.en> set cli scripting-mode on > admin at paloalto.en> set cli ? > > Invalid syntax. > admin at paloalto.en> exit > > > Here's how it looks in the corresponding typescript file: > i Script started on Tue 17 Jun 2014 03:25:13 PM EDT > drdgpfs0002:/tmp$ ssh -l admin paloalto > admin at paloalto.en's password: ^M > Last login: Tue Jun 17 15:05:06 2014 from drdbcntl.en.desres.deshaw.com > ^M^M > Welcome admin.^M > admin at paloalto.en> set ^M^[[Kadmin at paloalto.en> set cli > ^M^[[Kadmin at paloalto.en> > set cli scripting-mode ^M^[[Kadmin at paloalto.en> set cli scripting-mode > on^M > admin at paloalto.en> set cli ?^M > ^M > Invalid syntax.^M > admin at paloalto.en> exit^M > Connection to paloalto.en closed.^M^M > drdgpfs0002:/tmp$ exit^M^M > exit^M > > Script done on Tue 17 Jun 2014 03:25:34 PM EDT > > If 'set cli scripting-mode on' doesn't disable the 'space' feature, then > the rest of the expect is very iffy at best and difficult to manage > > Here's another way to confirm the behavior > > Type config > > If it autocompletes to 'configure', then cli scripting-mode is not on and > results *will* vary. > Disabling the pager is also important since it disables the --more-- when > show config is running. > > I am running 6.0.2 but no HA on PA-3020 and PA-2050 > > > > > From: Chip Pleasants [mailto:wpleasants at gmail.com] > > Sent: Tuesday, June 17, 2014 3:21 PM > > To: Hughes, Doug > Cc: rancid-discuss at shrubbery.net > Subject: Re: [rancid] Panrancid with PAN 6.0 > > Tried it on both versions. Seems like they both yield the same result. > Doesn't the script turn cli scripting-mode on? Or do we don't really care > that's its on or off? > > > > > user at FIREWALLV6(active)> set cli scripting-mode off > user at FIREWALLV6(active)> set cli scripting-mode > off off > on on > > user at FIREWALLV6(active)> set cli scripting-mode > > > > > > > user at FIREWALLV5(active)> set cli scripting-mode off > user at FIREWALLV5(active)> set cli scripting-mode > off off > on on > > user at FIREWALLV5(active)> set cli scripting-mode > > > > -Chip > > > On Tue, Jun 17, 2014 at 3:10 PM, Hughes, Doug < > Douglas.Hughes at deshawresearch.com> wrote: > Sorry, I meant ?off?, you need to set it to off and then try the ? test. > > From: Chip Pleasants [mailto:wpleasants at gmail.com] > Sent: Tuesday, June 17, 2014 2:48 PM > > To: Hughes, Doug > Cc: rancid-discuss at shrubbery.net > Subject: Re: [rancid] Panrancid with PAN 6.0 > > Here's what I get. I get the same result from a version 5.x PA. I removed > the "set cli scripting-mode on" from the script to test. Version 5.x PA > works and version 6.x PA end up with the same result. > > > user at FIREWALL(active)> set cli scripting-mode on > user at FIREWALL(active)> set cli scripting-mode ? > ? is not one of > > Invalid syntax. > user at FIREWALL(active)> > > > > line: rancid at FIREWALL(active)> set rancid at FIREWALL(active)> set cli > rancid at FIREWALL(active)> set cli pager rancid at FIREWALL(active)> set cli > pager off > PROMPT MATCH: rancid at FIREWALL\(active\)[#>] > HIT COMMAND:rancid at FIREWALL(active)> set rancid at FIREWALL(active)> set cli > rancid at FIREWALL(active)> set cli pager rancid at FIREWALL(active)> set cli > pager off > > COMMAND is: set cli pager off|EatCommand > HIT COMMAND:rancid at FIREWALL(active)> show rancid at FIREWALL(active)> show > system rancid at FIREWALL(active)> show system info > > COMMAND is: show system info|ShowInfo > In ShowInfo:: rancid at FIREWALL(active)> show rancid at FIREWALL(active)> > show system rancid at FIREWALL(active)> show system info > FIREWALL.dswinc.net: missed cmd(s): show config running > FIREWALL.dswinc.net: missed cmd(s): show config running > FIREWALL.dswinc.net: End of run not found > FIREWALL.dswinc.net: End of run not found > # > [rancid at server rancid]$ > > > > > On Tue, Jun 17, 2014 at 2:28 PM, Hughes, Doug < > Douglas.Hughes at deshawresearch.com> wrote: > Ah, you are running in HA mode I see. That could be throwing things off, > but I think I fixed that in 2013 sometime. > (I don?t run any in HA) > > It looks to me like ?set cli scripting-mode on? is failing > > To confirm this, login to the PA at command line, then type set cli > scripting-mode on > > Now type ?set cli scripting-mode ?? > > If you get any sort of command completion, the cli scripting mode setting > is not working and needs to be turned into a PA bug report. That is what it > looks like it is happening by looking at the command staggering for > subsequent lines. > > From: Chip Pleasants [mailto:wpleasants at gmail.com] > Sent: Tuesday, June 17, 2014 1:39 PM > To: Hughes, Doug > Cc: rancid-discuss at shrubbery.net > Subject: Re: [rancid] Panrancid with PAN 6.0 > > Thanks Doug. I am running the most recent version, but for grins I > replaced them anyway. Still seeing the issue on two sets. The others seem > to work fine. Anything I provide that help find the trouble? > > -Chip > > > On Mon, Jun 16, 2014 at 4:37 PM, Hughes, Doug < > Douglas.Hughes at deshawresearch.com> wrote: > Yes, it?s working for me. Are you using the latest? (attached) > > > From: Rancid-discuss [mailto:rancid-discuss-bounces at shrubbery.net] On > Behalf Of Chip Pleasants > Sent: Monday, June 16, 2014 2:01 PM > To: rancid-discuss at shrubbery.net > Subject: [rancid] Panrancid with PAN 6.0 > > Does anyone have Panrancid working with PAN version 6.0.2? I have four > sets running PAN version 5.0.11 without an issues. Once I upgraded one set > the script times out. Below is a debug. Let me know if you have any > questions. > > Cheers, > > Chip > > > [rancid at cmh1vlobs01 rancid]$ /usr/libexec/rancid/panrancid -d > cmh1-z4-f01.domain.com > executing panlogin -t 90 -c"set cli scripting-mode on;set cli pager > off;show system info;show config running" cmh1-z4-f01.domain.com > line: cmh1-z4-f01.domain.com > line: spawn ssh -c 3des -x -l rancid cmh1-z4-f01.domain.com > line: NOTICE TO USERS > line: This is an official computer system and is the property of POOP > Incorporated. > line: It is for authorized users only. Unauthorized users are > prohibited. > line: Users (authorized or unauthorized) have no explicit or implicit > expectation of > line: privacy. Any or all uses of this system may be subject to one or > more of the > line: following actions: interception, monitoring, recording, auditing, > inspection and > line: disclosing to security personnel and law enforcement personnel, as > well as > line: authorized officials of other agencies, both domestic and foreign. > By using this > line: system, the user consents to these actions. Unauthorized or > improper use of > line: this system may result in administrative disciplinary action and > civil and criminal > line: penalties. By accessing this system you indicate your awareness > of and > line: consent to these terms and conditions of use. Discontinue access > immediately > line: if you do not agree to the conditions stated in this notice. > line: > line: Password: > line: Last login: Mon Jun 16 08:00:00 2014 from cmh1vlobs01.domain.com > line: Welcome rancid. > line: > line: rancid at CMH1-Z4-F01(active)> > line: rancid at CMH1-Z4-F01(active)> > line: rancid at CMH1-Z4-F01(active)> set rancid at CMH1-Z4-F01(active)> set cli > rancid at CMH1-Z4-F01(active)> set cli scripting-mode rancid at CMH1-Z4-F01(active)> > set cli scripting-mode on > PROMPT MATCH: rancid at CMH1-Z4-F01\(active\)[#>] > HIT COMMAND:rancid at CMH1-Z4-F01(active)> set rancid at CMH1-Z4-F01(active)> > set cli rancid at CMH1-Z4-F01(active)> set cli scripting-mode > rancid at CMH1-Z4-F01(active)> set cli scripting-mode on > > COMMAND is: set cli scripting-mode on|EatCommand > HIT COMMAND:rancid at CMH1-Z4-F01(active)> set rancid at CMH1-Z4-F01(active)> > set cli rancid at CMH1-Z4-F01(active)> set cli pager rancid at CMH1-Z4-F01(active)> > set cli pager off > > COMMAND is: set cli pager off|EatCommand > HIT COMMAND:rancid at CMH1-Z4-F01(active)> show rancid at CMH1-Z4-F01(active)> > show system rancid at CMH1-Z4-F01(active)> show system info > > COMMAND is: show system info|ShowInfo > In ShowInfo:: rancid at CMH1-Z4-F01(active)> show rancid at CMH1-Z4-F01(active)> > show system rancid at CMH1-Z4-F01(active)> show system info > cmh1-z4-f01.domain.com : missed cmd(s): show config running > cmh1-z4-f01.domain.com : missed cmd(s): show config running > cmh1-z4-f01.domain.com : End of run not found > cmh1-z4-f01.domain.com : End of run not found > > > > > > > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From mfw113 at psu.edu Thu Jun 19 12:53:13 2014 From: mfw113 at psu.edu (Mike Waite) Date: Thu, 19 Jun 2014 08:53:13 -0400 Subject: [rancid] Gigamon scripts... In-Reply-To: <1390956946.74987.YahooMailNeo@web141003.mail.bf1.yahoo.com> References: <1390956946.74987.YahooMailNeo@web141003.mail.bf1.yahoo.com> Message-ID: <53A2DD39.3050701@psu.edu> Scott, Did you ever get any scripts for the Gigamon appliances? -Mike On 01/28/2014 07:55 PM, Scott Foster wrote: > Greetings! > > Has anyone created a script for any of the Gigamon appliances? I'm most interested in a script for the Gigamon 2404 appliance, but scripts for the HBx lines would be welcome as well. > > Thanks, > > Scott > > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss > -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 555 bytes Desc: OpenPGP digital signature URL: From lexore at gmail.com Wed Jun 18 11:34:32 2014 From: lexore at gmail.com (lexore) Date: Wed, 18 Jun 2014 15:34:32 +0400 Subject: [rancid] show policy detail on extreme switches In-Reply-To: <537D294F.4090505@gmail.com> References: <537D294F.4090505@gmail.com> Message-ID: Thanks, it works! -- lexore at gmail.com 2014-05-22 2:31 GMT+04:00 Alan McKinnon : > On 21/05/2014 13:18, lexore wrote: >> Hello. >> >> We use rancid to backup configs of Extreme switches. >> I noticed, that rancid don't save output of "show policy detail". >> We need to backup this too. >> I tried to add support of this command to xrancid. >> I wrote subroutine (copy of WriteTerm), added string to @commandtable, >> but without success. >> Syntax of output "show policy detail" significant differ from usual >> cisco-style configs. >> Is anyone solved this for it's own needs? >> Or maybe you could suggest, how i can add support of this command in xrancid? >> >> I attached example of ouput "show policy detail" to message. >> Copy here: http://pastebin.com/p6h4bgsE >> We use Extreme Summit X670V >> ExtremeXOS version 15.3.1.4 v1531b4-patch1-29 > > > > Indeed, that output looks nothing like anything from a Cisco :-) > > When I look over the output your supplied, nothing in there looks like > it might cycle or need to be removed. So that makes life much easier - > all you need is a sub that accepts everything and throws nothing away. > Like this: > > > 1. add to end of @commandtable near line 420: > > {'show policy detail' => 'ShowPolicy'}, > > > 2. A new sub: > > # This routine parses "show policy detail" > > sub ShowPolicy { > print STDERR " In ShowMemory: $_" if ($debug); > > while () { > tr/\015//d; > last if(/^$prompt/); > next if(/^(\s*|\s*$cmd\s*)$/); > > # Any tweaks to individual lines get done here > > # catch anything that wasnt match above. > ProcessHistory("COMMENTS","keysort","H0","$_"); > > } > return(0); > } > > > That's about it. Completely untested so YMMV but the basics are there. > If you do need to tweak individual lines, the existing code is full of > examples. You just need some fegex-fu and it's quite obvious > > - > > -- > Alan McKinnon > alan.mckinnon at gmail.com > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss From alan.mckinnon at gmail.com Thu Jun 19 14:23:23 2014 From: alan.mckinnon at gmail.com (Alan McKinnon) Date: Thu, 19 Jun 2014 16:23:23 +0200 Subject: [rancid] show policy detail on extreme switches In-Reply-To: References: <537D294F.4090505@gmail.com> Message-ID: <53A2F25B.2060405@gmail.com> On 18/06/2014 13:34, lexore wrote: > Thanks, it works! That's good news :-) [I've had a fortnight from hell, good news is much appreciated!] > > -- > lexore at gmail.com > > > 2014-05-22 2:31 GMT+04:00 Alan McKinnon : >> On 21/05/2014 13:18, lexore wrote: >>> Hello. >>> >>> We use rancid to backup configs of Extreme switches. >>> I noticed, that rancid don't save output of "show policy detail". >>> We need to backup this too. >>> I tried to add support of this command to xrancid. >>> I wrote subroutine (copy of WriteTerm), added string to @commandtable, >>> but without success. >>> Syntax of output "show policy detail" significant differ from usual >>> cisco-style configs. >>> Is anyone solved this for it's own needs? >>> Or maybe you could suggest, how i can add support of this command in xrancid? >>> >>> I attached example of ouput "show policy detail" to message. >>> Copy here: http://pastebin.com/p6h4bgsE >>> We use Extreme Summit X670V >>> ExtremeXOS version 15.3.1.4 v1531b4-patch1-29 >> >> >> >> Indeed, that output looks nothing like anything from a Cisco :-) >> >> When I look over the output your supplied, nothing in there looks like >> it might cycle or need to be removed. So that makes life much easier - >> all you need is a sub that accepts everything and throws nothing away. >> Like this: >> >> >> 1. add to end of @commandtable near line 420: >> >> {'show policy detail' => 'ShowPolicy'}, >> >> >> 2. A new sub: >> >> # This routine parses "show policy detail" >> >> sub ShowPolicy { >> print STDERR " In ShowMemory: $_" if ($debug); >> >> while () { >> tr/\015//d; >> last if(/^$prompt/); >> next if(/^(\s*|\s*$cmd\s*)$/); >> >> # Any tweaks to individual lines get done here >> >> # catch anything that wasnt match above. >> ProcessHistory("COMMENTS","keysort","H0","$_"); >> >> } >> return(0); >> } >> >> >> That's about it. Completely untested so YMMV but the basics are there. >> If you do need to tweak individual lines, the existing code is full of >> examples. You just need some fegex-fu and it's quite obvious >> >> - >> >> -- >> Alan McKinnon >> alan.mckinnon at gmail.com >> >> _______________________________________________ >> Rancid-discuss mailing list >> Rancid-discuss at shrubbery.net >> http://www.shrubbery.net/mailman/listinfo/rancid-discuss > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss > > -- Alan McKinnon alan.mckinnon at gmail.com From rwest at zyedge.com Tue Jun 24 14:28:05 2014 From: rwest at zyedge.com (Ryan West) Date: Tue, 24 Jun 2014 14:28:05 +0000 Subject: [rancid] Rancid 3.1 and WAAS devices Message-ID: <8903D0A8F70EA74FBE57CA9B846B42C00142C7FD31@ZY-MBX2.zyedge.local> Before upgrading from 2.3.6 to 3.1, I was able to back up WAAS devices. Now it's throwing the following error - device-wave: End of run not found ! End of WAAS configuration The line after this has the typical prompt# I added a paging exception for End of WAAS, but it still fails with End of run not found. clogin -t 90 -c "show run" seems to work fine as well. Rancid -d functionality seems to have changed as well. rancid -d device-wave -t cisco. loadtype(): device_type is empty Couldn't load device type spec for Thanks, -ryan -------------- next part -------------- An HTML attachment was scrubbed... URL: From alan.mckinnon at gmail.com Tue Jun 24 16:57:06 2014 From: alan.mckinnon at gmail.com (Alan McKinnon) Date: Tue, 24 Jun 2014 18:57:06 +0200 Subject: [rancid] Rancid 3.1 and WAAS devices In-Reply-To: <8903D0A8F70EA74FBE57CA9B846B42C00142C7FD31@ZY-MBX2.zyedge.local> References: <8903D0A8F70EA74FBE57CA9B846B42C00142C7FD31@ZY-MBX2.zyedge.local> Message-ID: <53A9ADE2.2070005@gmail.com> On 24/06/2014 16:28, Ryan West wrote: > Before upgrading from 2.3.6 to 3.1, I was able to back up WAAS devices. > Now it?s throwing the following error ? > > > > device-wave: End of run not found > > ! End of WAAS configuration > > > > The line after this has the typical prompt# > > > > I added a paging exception for End of WAAS, but it still fails with End > of run not found. > > > > clogin -t 90 -c "show run" seems to work fine as well. > > > > Rancid ?d functionality seems to have changed as well. rancid -d > device-wave -t cisco. > > > > loadtype(): device_type is empty > > Couldn't load device type spec for The field separator in router.db has changed from ":" colon to ";" semicolon (to account for IPv6 addresses as the device name) Did you modify your router.db to account for this? -- Alan McKinnon alan.mckinnon at gmail.com From daniel.schmidt at wyo.gov Wed Jun 25 19:39:14 2014 From: daniel.schmidt at wyo.gov (Daniel Schmidt) Date: Wed, 25 Jun 2014 13:39:14 -0600 Subject: [rancid] AFL patch update? Message-ID: Anybody interested in working on an update ellzey's AFL patch? https://github.com/ellzey/tac_plus_AFL/blob/master/tacacs%2B-F4.0.4.19.patch E-Mail to and from me, in connection with the transaction of public business, is subject to the Wyoming Public Records Act and may be disclosed to third parties. -------------- next part -------------- An HTML attachment was scrubbed... URL: From max.clark at gmail.com Wed Jun 25 16:16:37 2014 From: max.clark at gmail.com (Max Clark) Date: Wed, 25 Jun 2014 09:16:37 -0700 Subject: [rancid] Rancid and Git In-Reply-To: References: <20140429143929.GE19840@shrubbery.net> <20140517013752.GA83679@shrubbery.net> <20140521185544.GG76997@shrubbery.net> Message-ID: Is there movement on an official RANCID release with GIT support? On Wed, May 21, 2014 at 12:58 PM, Jeffrey Ollie wrote: > On Wed, May 21, 2014 at 1:55 PM, heasley wrote: > > Mon, May 19, 2014 at 11:16:37AM -0700, james machado: > >> there was a message about git and locks back in 2007 > >> > http://www.shrubbery.net/pipermail/rancid-discuss/2007-March/002154.html > >> that talked about this or something related to this. > >> > >> best i can remember from past research on using git and rancid. > > > > Thanks for that. > > > > ---- > >> $BASEDIR is the dir into which all groups go. If you put a generic > >> lockfile here you will make it so multiple groups can't be polled at one > >> time. Typically a temp dir is used where the file includes the group > name > >> so there is no stepping on of toes, and stale lockfiles aren't left in > >> unexpected places. > > > > The locks shouldn't slow down polling, the lock is only held when making > > commits to the Git repository which shouldn't happen during polling > > (unless I'm misunderstanding something about the code). I needed the > > locks because I need to run a series of git commands atomically or > > changes from other groups might become part of the wrong commit. > > ---- > > > > That seems out of scope to me. Perhaps i do not yet understand the > process > > in git. how would the commits in one group become part of another > group's > > commit? the commit occurs in the group's directory. > > Git is different from CVS or SVN. In CVS and SVN directories are > significant in that they are essentially separate repositories. In > Git there is only one repository and a "git add" done in one directory > will be included in a "git commit" done in a different directory. > > -- > Jeff Ollie > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss > -------------- next part -------------- An HTML attachment was scrubbed... URL: From manfred.mayer.it at rapunzel.de Thu Jun 26 07:27:56 2014 From: manfred.mayer.it at rapunzel.de (Manfred Mayer IT) Date: Thu, 26 Jun 2014 09:27:56 +0200 Subject: [rancid] rancid-3.1 ignore nvram Message-ID: <7675BFF474F5084E93D4D51003DAFBB351AFB5FE00@SRLSRV17.int.rapunzel.de> Hi there, I installed rancid 3.1 and got it running so far. I just have some devices, that get a new revision with every run because of the nvram. I found this thread http://www.shrubbery.net/pipermail/rancid-discuss/2009-November/004346.html, but this seems to be for rancid 2.x. Has someone done that for 3.1 and can tell me, where I could comment that out? Regards Mana ________________________________ Rapunzel Naturkost GmbH, Rapunzelstra?e 1, D-87764 Legau Registergericht Memmingen HRB 14736 | Sitz der Gesellschaft: Legau Ust Id Nr. DE 129088402 Gesch?ftsf?hrer: Joseph Wilhelm | Margit Epple | Andreas Wenning Telefon: +49 (0)8330 / 529 - 0 -------------- next part -------------- An HTML attachment was scrubbed... URL: From heas at shrubbery.net Thu Jun 26 07:49:31 2014 From: heas at shrubbery.net (Heasley) Date: Thu, 26 Jun 2014 08:49:31 +0100 Subject: [rancid] Rancid and Git In-Reply-To: References: <20140429143929.GE19840@shrubbery.net> <20140517013752.GA83679@shrubbery.net> <20140521185544.GG76997@shrubbery.net> Message-ID: Am Jun 25, 2014 um 17:16 schrieb Max Clark : > > Is there movement on an official RANCID release with GIT support? > I've started testing the provided patch and felt it needs a bit of work, but i've been OOT, back tm. >> On Wed, May 21, 2014 at 12:58 PM, Jeffrey Ollie wrote: >> On Wed, May 21, 2014 at 1:55 PM, heasley wrote: >> > Mon, May 19, 2014 at 11:16:37AM -0700, james machado: >> >> there was a message about git and locks back in 2007 >> >> http://www.shrubbery.net/pipermail/rancid-discuss/2007-March/002154.html >> >> that talked about this or something related to this. >> >> >> >> best i can remember from past research on using git and rancid. >> > >> > Thanks for that. >> > >> > ---- >> >> $BASEDIR is the dir into which all groups go. If you put a generic >> >> lockfile here you will make it so multiple groups can't be polled at one >> >> time. Typically a temp dir is used where the file includes the group name >> >> so there is no stepping on of toes, and stale lockfiles aren't left in >> >> unexpected places. >> > >> > The locks shouldn't slow down polling, the lock is only held when making >> > commits to the Git repository which shouldn't happen during polling >> > (unless I'm misunderstanding something about the code). I needed the >> > locks because I need to run a series of git commands atomically or >> > changes from other groups might become part of the wrong commit. >> > ---- >> > >> > That seems out of scope to me. Perhaps i do not yet understand the process >> > in git. how would the commits in one group become part of another group's >> > commit? the commit occurs in the group's directory. >> >> Git is different from CVS or SVN. In CVS and SVN directories are >> significant in that they are essentially separate repositories. In >> Git there is only one repository and a "git add" done in one directory >> will be included in a "git commit" done in a different directory. >> >> -- >> Jeff Ollie >> _______________________________________________ >> Rancid-discuss mailing list >> Rancid-discuss at shrubbery.net >> http://www.shrubbery.net/mailman/listinfo/rancid-discuss > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss -------------- next part -------------- An HTML attachment was scrubbed... URL: From heas at shrubbery.net Thu Jun 26 07:57:49 2014 From: heas at shrubbery.net (Heasley) Date: Thu, 26 Jun 2014 08:57:49 +0100 Subject: [rancid] rancid-3.1 ignore nvram In-Reply-To: <7675BFF474F5084E93D4D51003DAFBB351AFB5FE00@SRLSRV17.int.rapunzel.de> References: <7675BFF474F5084E93D4D51003DAFBB351AFB5FE00@SRLSRV17.int.rapunzel.de> Message-ID: Am Jun 26, 2014 um 8:27 schrieb Manfred Mayer IT : > > Hi there, > I installed rancid 3.1 and got it running so far. I just have some devices, that get a new revision with every run because of the nvram. I found this thread http://www.shrubbery.net/pipermail/rancid-discuss/2009-November/004346.html, but this seems to be for rancid 2.x. Has someone done that for 3.1 and can tell me, where I could comment that out? > In 3.1, see rancid.types.conf(5). Copy the cisco definition to a new name in rancid.types.conf and ommit the nvram command. > Regards > Mana > > > Rapunzel Naturkost GmbH, Rapunzelstra?e 1, D-87764 Legau > Registergericht Memmingen HRB 14736 | Sitz der Gesellschaft: Legau > Ust Id Nr. DE 129088402 > Gesch?ftsf?hrer: Joseph Wilhelm | Margit Epple | Andreas Wenning > Telefon: +49 (0)8330 / 529 - 0 > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss -------------- next part -------------- An HTML attachment was scrubbed... URL: From max.clark at gmail.com Fri Jun 27 19:24:04 2014 From: max.clark at gmail.com (Max Clark) Date: Fri, 27 Jun 2014 12:24:04 -0700 Subject: [rancid] Rancid and Git In-Reply-To: References: <20140429143929.GE19840@shrubbery.net> <20140517013752.GA83679@shrubbery.net> <20140521185544.GG76997@shrubbery.net> Message-ID: Thanks! On Thu, Jun 26, 2014 at 12:49 AM, Heasley wrote: > Am Jun 25, 2014 um 17:16 schrieb Max Clark : > > Is there movement on an official RANCID release with GIT support? > > I've started testing the provided patch and felt it needs a bit of work, > but i've been OOT, back tm. > > On Wed, May 21, 2014 at 12:58 PM, Jeffrey Ollie wrote: > >> On Wed, May 21, 2014 at 1:55 PM, heasley wrote: >> > Mon, May 19, 2014 at 11:16:37AM -0700, james machado: >> >> there was a message about git and locks back in 2007 >> >> >> http://www.shrubbery.net/pipermail/rancid-discuss/2007-March/002154.html >> >> that talked about this or something related to this. >> >> >> >> best i can remember from past research on using git and rancid. >> > >> > Thanks for that. >> > >> > ---- >> >> $BASEDIR is the dir into which all groups go. If you put a >> generic >> >> lockfile here you will make it so multiple groups can't be polled at >> one >> >> time. Typically a temp dir is used where the file includes the group >> name >> >> so there is no stepping on of toes, and stale lockfiles aren't left in >> >> unexpected places. >> > >> > The locks shouldn't slow down polling, the lock is only held when making >> > commits to the Git repository which shouldn't happen during polling >> > (unless I'm misunderstanding something about the code). I needed the >> > locks because I need to run a series of git commands atomically or >> > changes from other groups might become part of the wrong commit. >> > ---- >> > >> > That seems out of scope to me. Perhaps i do not yet understand the >> process >> > in git. how would the commits in one group become part of another >> group's >> > commit? the commit occurs in the group's directory. >> >> Git is different from CVS or SVN. In CVS and SVN directories are >> significant in that they are essentially separate repositories. In >> Git there is only one repository and a "git add" done in one directory >> will be included in a "git commit" done in a different directory. >> >> -- >> Jeff Ollie >> _______________________________________________ >> Rancid-discuss mailing list >> Rancid-discuss at shrubbery.net >> http://www.shrubbery.net/mailman/listinfo/rancid-discuss >> > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss > > -------------- next part -------------- An HTML attachment was scrubbed... URL: