From heas at shrubbery.net Fri Jul 1 04:55:26 2016 From: heas at shrubbery.net (heasley) Date: Fri, 1 Jul 2016 04:55:26 +0000 Subject: [rancid] Nexus 1000v switch-router In-Reply-To: <20160701045354.A51703F4DF@sea.shrubbery.net> Message-ID: <20160701045526.GA35262@shrubbery.net> Thu, Jun 30, 2016 at 10:46:52PM +0000, Charles T. Brooks: > Hmmmm... I'll answer the second question first. No, neither the nexus 5K nor the 1000v has "show vtp status". It's possible that we don't have a feature licensed/loaded that would enable this, I don't really know. The NX-OS version on the 5K I looked at is not the very latest greatest but it's not terribly old, either. > Does this restore the show vlan output? Index: lib/nxos.pm.in =================================================================== --- lib/nxos.pm.in (revision 3417) +++ lib/nxos.pm.in (working copy) @@ -53,7 +53,7 @@ $C0 = 0; # output formatting control $E0 = 0; $H0 = 0; - $DO_SHOW_VLAN = 0; + $DO_SHOW_VLAN = 1; # add content lines and separators ProcessHistory("","","","!RANCID-CONTENT-TYPE: $devtype\n!\n"); @@ -613,8 +613,8 @@ s/^$1\s{$len}//; } - if (/^VTP Operating Mode\s+:\s+(Transparent|Server)/) { - $DO_SHOW_VLAN = 1; + if (!/^VTP Operating Mode\s+:\s+(Transparent|Server)/) { + $DO_SHOW_VLAN = 0; } ProcessHistory("COMMENTS","","","!VTP: $_"); } From ginesgb at gmail.com Fri Jul 1 11:51:36 2016 From: ginesgb at gmail.com (Gines Granados Bayona) Date: Fri, 1 Jul 2016 13:51:36 +0200 Subject: [rancid] Create two groups mailers at different times Message-ID: Hi, I was interested in making a configuration sending email, for two different groups and for two different types of sending email, I'm interested know what do I must change to make? Greetings and thank you -- Este mensaje se dirige exclusivamente a su destinatario. Puede contener informaci?n confidencial sometida a secreto profesional o cuya divulgaci?n este prohibida, en virtud de la legislaci?n vigente. No esta permitida su divulgaci?n, copia o distribuci?n a terceros sin la autorizaci?n previa y por escrito del remitente. Si ha recibido este mensaje por error, le rogamos nos lo comunique inmediatamente por esta misma v?a y proceda a su destrucci?n. This e-mail is intended exclusively for the individual or entity to which it is addressed and may contain confidential or legally privileged information, which may not be disclosed under current legislation. Any form of disclosure, copying or distribution of this e-mail is strictly prohibited, save with written authorisation . If you have received this message in error, please notify the sender immediately by e-mail and delete all copies of the message. -------------- next part -------------- An HTML attachment was scrubbed... URL: From heas at shrubbery.net Fri Jul 1 14:24:17 2016 From: heas at shrubbery.net (heasley) Date: Fri, 1 Jul 2016 14:24:17 +0000 Subject: [rancid] Create two groups mailers at different times In-Reply-To: References: Message-ID: <20160701142417.GA44580@shrubbery.net> Fri, Jul 01, 2016 at 01:51:36PM +0200, Gines Granados Bayona: > Hi, I was interested in making a configuration sending email, for two > different groups and for two different types of sending email, I'm > interested know what do I must change to make? Greetings and thank you I think that you want to send diffs to two different aliases. eg: /etc/aliases: rancid-group: alias1,alias2 alias1: group1 alias2: group2 From Charles.Brooks at hbcs.org Fri Jul 1 21:55:49 2016 From: Charles.Brooks at hbcs.org (Charles T. Brooks) Date: Fri, 1 Jul 2016 21:55:49 +0000 Subject: [rancid] Nexus 1000v switch-router In-Reply-To: <20160701045526.GA35262@shrubbery.net> References: <20160701045354.A51703F4DF@sea.shrubbery.net> , <20160701045526.GA35262@shrubbery.net> Message-ID: OK, I'm not sure what's going on, so bear with me.... I made these changes to rancid 3.4.1 on RHEL 7: [root at git ~]# diff /usr/share/perl5/vendor_perl/rancid/nxos.pm /usr/share/perl5/vendor_perl/rancid/nxos.pm.2016-06-29 103c103 < $DO_SHOW_VLAN = 1; --- > $DO_SHOW_VLAN = 0; 339c339 < return(-1) if (/\% Invalid command at /); # CTB for Heasley --- > return(1) if (/\% Invalid command at /); 663,664c663,664 < if (!/^VTP Operating Mode\s+:\s+(Transparent|Server)/) { < $DO_SHOW_VLAN = 0; --- > if (/^VTP Operating Mode\s+:\s+(Transparent|Server)/) { > $DO_SHOW_VLAN = 1; I then changed the device-type for the Cisco 1000v from "cisco" to "cisco-nx" and let it run the usual hourly scheduled stuff. Rancid correctly reported the change of device type via email, and /var/log/maillog is all copacetic. However, it does not show any changes in the archive other than the line in router.db, nor have I been mailed any diffs. I will let it run over the weekend and report back Tuesday. --Charlie ________________________________________ From: heasley [heas at shrubbery.net] Sent: Friday, July 01, 2016 12:55 AM To: Charles T. Brooks Cc: rancid-discuss at shrubbery.net Subject: Re: [rancid] Nexus 1000v switch-router Thu, Jun 30, 2016 at 10:46:52PM +0000, Charles T. Brooks: > Hmmmm... I'll answer the second question first. No, neither the nexus 5K nor the 1000v has "show vtp status". It's possible that we don't have a feature licensed/loaded that would enable this, I don't really know. The NX-OS version on the 5K I looked at is not the very latest greatest but it's not terribly old, either. > Does this restore the show vlan output? Index: lib/nxos.pm.in =================================================================== --- lib/nxos.pm.in (revision 3417) +++ lib/nxos.pm.in (working copy) @@ -53,7 +53,7 @@ $C0 = 0; # output formatting control $E0 = 0; $H0 = 0; - $DO_SHOW_VLAN = 0; + $DO_SHOW_VLAN = 1; # add content lines and separators ProcessHistory("","","","!RANCID-CONTENT-TYPE: $devtype\n!\n"); @@ -613,8 +613,8 @@ s/^$1\s{$len}//; } - if (/^VTP Operating Mode\s+:\s+(Transparent|Server)/) { - $DO_SHOW_VLAN = 1; + if (!/^VTP Operating Mode\s+:\s+(Transparent|Server)/) { + $DO_SHOW_VLAN = 0; } ProcessHistory("COMMENTS","","","!VTP: $_"); } ------------------ CONFIDENTIALITY NOTICE --------------- This message, including any attachments, is for the sole use of the intended recipient(s) and may contain privileged confidential information protected by law. Any unauthorized review, use, disclosure or distribution of this message is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of this message. ------------------ CONFIDENTIALITY NOTICE --------------- From sharififar at gmail.com Mon Jul 4 02:52:42 2016 From: sharififar at gmail.com (Massoud Sharififar) Date: Sun, 3 Jul 2016 22:52:42 -0400 Subject: [rancid] Deleting command for juniper Message-ID: Dear All, I want to delete show system license command on rancid for my juniper device, My reason is because I'm using rancid for my mx240 which is used for dsl and each hour because of changing number of subscriber , rancid sending me an email. Any help appreciated Massoud -------------- next part -------------- An HTML attachment was scrubbed... URL: From heas at shrubbery.net Mon Jul 4 14:59:31 2016 From: heas at shrubbery.net (Heasley) Date: Mon, 4 Jul 2016 07:59:31 -0700 Subject: [rancid] Deleting command for juniper In-Reply-To: References: Message-ID: <48647366-03FC-442E-9A35-D14F50536ED4@shrubbery.net> Am 03.07.2016 um 19:52 schrieb Massoud Sharififar : > > Dear All, > > I want to delete show system license command on rancid for my juniper device, My reason is because I'm using rancid for my mx240 which is used for dsl and each hour because of changing number of subscriber , rancid sending me an email. I think i fixed this in 3.4.1, else please show the diff to me. And, see rancid.types.conf(5). > > Any help appreciated > > Massoud > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss From Charles.Brooks at hbcs.org Tue Jul 5 16:21:06 2016 From: Charles.Brooks at hbcs.org (Charles T. Brooks) Date: Tue, 5 Jul 2016 16:21:06 +0000 Subject: [rancid] Nexus 1000v switch-router In-Reply-To: <20160701223804.GB51232@shrubbery.net> References: <20160701045354.A51703F4DF@sea.shrubbery.net> <20160701045526.GA35262@shrubbery.net> , <20160701223804.GB51232@shrubbery.net> Message-ID: Inverting the VTP logic and changing the return for "Invalid Command" to -1 resulted in all nexus switch backups failing, but I am very new to rancid so I wasn't sure that was actually happening until after 24 hours, at which point I started getting emails about it. I reverted the change to the VTP logic and kept the other change, and that didn't fix it, so I did the vice-versa, and that restored the original behavior - 5K are backed up, 1Kv are not. One thing I can say regarding the VTP stuff - on a Nexus 5K, there are exactly zero references to VTP in the configuration if you do not have "feature vtp" turned on. So, testing for VTP operating mode should probably be something that only happens *after* testing for feature vtp. The 1000v does not have feature vtp at this time, so it will always fail this test, unless a later release of the software brings the feature in. BTW, the Nexus 5000 has 40 available features. The Nexus 1000V has 16. Of these, only 10 are the same on both devices; attached is a text file containing the list of features for each (linux/unix raw text, newlines only). At this point I figure I'll make a new NX-os device type strictly for virtual devices, that eliminates the hardware probing. I need to make one for the Ironport mail hub anyway, so I already have to learn how ;). Thanks, --Charlie ________________________________________ From: heasley [heas at shrubbery.net] Sent: Friday, July 01, 2016 6:38 PM To: Charles T. Brooks Subject: Re: [rancid] Nexus 1000v switch-router Fri, Jul 01, 2016 at 09:55:49PM +0000, Charles T. Brooks: > OK, I'm not sure what's going on, so bear with me.... I made these changes to rancid 3.4.1 on RHEL 7: > > [root at git ~]# diff /usr/share/perl5/vendor_perl/rancid/nxos.pm /usr/share/perl5/vendor_perl/rancid/nxos.pm.2016-06-29 > > 103c103 > < $DO_SHOW_VLAN = 1; > --- > > $DO_SHOW_VLAN = 0; > 339c339 > < return(-1) if (/\% Invalid command at /); # CTB for Heasley > --- > > return(1) if (/\% Invalid command at /); > 663,664c663,664 > < if (!/^VTP Operating Mode\s+:\s+(Transparent|Server)/) { > < $DO_SHOW_VLAN = 0; > --- > > if (/^VTP Operating Mode\s+:\s+(Transparent|Server)/) { > > $DO_SHOW_VLAN = 1; > > I then changed the device-type for the Cisco 1000v from "cisco" to "cisco-nx" and let it run the usual hourly scheduled stuff. > > Rancid correctly reported the change of device type via email, and /var/log/maillog is all copacetic. However, it does not show any changes in the archive other than the line in router.db, nor have I been mailed any diffs. > > I will let it run over the weekend and report back Tuesday. are there errors in the group log? is the timestamp on the saved file being updated? ------------------ CONFIDENTIALITY NOTICE --------------- This message, including any attachments, is for the sole use of the intended recipient(s) and may contain privileged confidential information protected by law. Any unauthorized review, use, disclosure or distribution of this message is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of this message. ------------------ CONFIDENTIALITY NOTICE --------------- -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: Nexus_features.txt URL: From Charles.Brooks at hbcs.org Tue Jul 5 16:42:17 2016 From: Charles.Brooks at hbcs.org (Charles T. Brooks) Date: Tue, 5 Jul 2016 16:42:17 +0000 Subject: [rancid] Nexus 1000v switch-router In-Reply-To: References: <20160701045354.A51703F4DF@sea.shrubbery.net> <20160701045526.GA35262@shrubbery.net> , <20160701223804.GB51232@shrubbery.net>, Message-ID: Correction to previous email: inverting the VTP logic *does* result in the 5Ks having "show vlan" output in their rancid config files. So, since that's apparently the desired behavior you'll probably want to keep that. I'll probably take the "show vlan" command out of my own config, since I find it generates too much noise in my infrastructure and I've got all the vlan information in "show running-config" anyway. The other change, though, (return -1 on invalid command) broke all Nexus backups. You don't want that one! --Charlie ________________________________________ From: Rancid-discuss [rancid-discuss-bounces at shrubbery.net] on behalf of Charles T. Brooks Sent: Tuesday, July 05, 2016 12:21 PM To: heasley Cc: rancid-discuss at shrubbery.net Subject: Re: [rancid] Nexus 1000v switch-router Inverting the VTP logic and changing the return for "Invalid Command" to -1 resulted in all nexus switch backups failing, but I am very new to rancid so I wasn't sure that was actually happening until after 24 hours, at which point I started getting emails about it. I reverted the change to the VTP logic and kept the other change, and that didn't fix it, so I did the vice-versa, and that restored the original behavior - 5K are backed up, 1Kv are not. One thing I can say regarding the VTP stuff - on a Nexus 5K, there are exactly zero references to VTP in the configuration if you do not have "feature vtp" turned on. So, testing for VTP operating mode should probably be something that only happens *after* testing for feature vtp. The 1000v does not have feature vtp at this time, so it will always fail this test, unless a later release of the software brings the feature in. BTW, the Nexus 5000 has 40 available features. The Nexus 1000V has 16. Of these, only 10 are the same on both devices; attached is a text file containing the list of features for each (linux/unix raw text, newlines only). At this point I figure I'll make a new NX-os device type strictly for virtual devices, that eliminates the hardware probing. I need to make one for the Ironport mail hub anyway, so I already have to learn how ;). Thanks, --Charlie ________________________________________ From: heasley [heas at shrubbery.net] Sent: Friday, July 01, 2016 6:38 PM To: Charles T. Brooks Subject: Re: [rancid] Nexus 1000v switch-router Fri, Jul 01, 2016 at 09:55:49PM +0000, Charles T. Brooks: > OK, I'm not sure what's going on, so bear with me.... I made these changes to rancid 3.4.1 on RHEL 7: > > [root at git ~]# diff /usr/share/perl5/vendor_perl/rancid/nxos.pm /usr/share/perl5/vendor_perl/rancid/nxos.pm.2016-06-29 > > 103c103 > < $DO_SHOW_VLAN = 1; > --- > > $DO_SHOW_VLAN = 0; > 339c339 > < return(-1) if (/\% Invalid command at /); # CTB for Heasley > --- > > return(1) if (/\% Invalid command at /); > 663,664c663,664 > < if (!/^VTP Operating Mode\s+:\s+(Transparent|Server)/) { > < $DO_SHOW_VLAN = 0; > --- > > if (/^VTP Operating Mode\s+:\s+(Transparent|Server)/) { > > $DO_SHOW_VLAN = 1; > > I then changed the device-type for the Cisco 1000v from "cisco" to "cisco-nx" and let it run the usual hourly scheduled stuff. > > Rancid correctly reported the change of device type via email, and /var/log/maillog is all copacetic. However, it does not show any changes in the archive other than the line in router.db, nor have I been mailed any diffs. > > I will let it run over the weekend and report back Tuesday. are there errors in the group log? is the timestamp on the saved file being updated? ------------------ CONFIDENTIALITY NOTICE --------------- This message, including any attachments, is for the sole use of the intended recipient(s) and may contain privileged confidential information protected by law. Any unauthorized review, use, disclosure or distribution of this message is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of this message. ------------------ CONFIDENTIALITY NOTICE --------------- ------------------ CONFIDENTIALITY NOTICE --------------- This message, including any attachments, is for the sole use of the intended recipient(s) and may contain privileged confidential information protected by law. Any unauthorized review, use, disclosure or distribution of this message is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of this message. ------------------ CONFIDENTIALITY NOTICE --------------- From heas at shrubbery.net Wed Jul 6 00:28:23 2016 From: heas at shrubbery.net (heasley) Date: Wed, 6 Jul 2016 00:28:23 +0000 Subject: [rancid] Nexus 1000v switch-router In-Reply-To: References: <20160701045354.A51703F4DF@sea.shrubbery.net> <20160701045526.GA35262@shrubbery.net> <20160701223804.GB51232@shrubbery.net> Message-ID: <20160706002823.GJ55150@shrubbery.net> Tue, Jul 05, 2016 at 04:42:17PM +0000, Charles T. Brooks: > Correction to previous email: inverting the VTP logic *does* result in the 5Ks having "show vlan" output in their rancid config files. So, since that's apparently the desired behavior you'll probably want to keep that. great. > The other change, though, (return -1 on invalid command) broke all Nexus backups. You don't want that one! I think that you misread the diff; i should be to change the -1 to 1. Index: lib/nxos.pm.in =================================================================== --- lib/nxos.pm.in (revision 3413) +++ lib/nxos.pm.in (working copy) @@ -325,7 +325,7 @@ return(1) if /Line has invalid autocommand /; return(1) if /(Invalid input detected|Type help or )/; return(1) if (/No token match at /); # 1000v - return(-1) if (/\% Invalid command at /); + return(1) if (/\% Invalid command at /);# 1000v has no support return(-1) if (/\% Permission denied/); return(-1) if (/command authorization failed/i); From Charles.Brooks at hbcs.org Wed Jul 6 15:11:01 2016 From: Charles.Brooks at hbcs.org (Charles T. Brooks) Date: Wed, 6 Jul 2016 15:11:01 +0000 Subject: [rancid] SOLVED: Nexus 1000v switch-router Message-ID: Oh, OK, problem between keyboard and chair at this end. Here's my diff, which correctly incorporates both your changes: --- /usr/share/perl5/vendor_perl/rancid/nxos.pm 2016-07-06 10:21:50.751459854 -0400 +++ /usr/share/perl5/vendor_perl/rancid/nxos.pm.2016-06-21 2016-07-01 14:35:46.974429589 -0400 @@ -101,5 +101,5 @@ $E0 = 0; $H0 = 0; - $DO_SHOW_VLAN = 1; + $DO_SHOW_VLAN = 0; # add content lines and separators @@ -373,5 +373,5 @@ return(1) if /(Invalid input detected|Type help or )/; return(1) if (/No token match at /); # 1000v - return(1) if (/\% Invalid command at /); ;# 1000v has no support + return(-1) if (/\% Invalid command at /); return(-1) if (/\% Permission denied/); return(-1) if (/command authorization failed/i); @@ -661,6 +661,6 @@ } - if (!/^VTP Operating Mode\s+:\s+(Transparent|Server)/) { - $DO_SHOW_VLAN = 0; + if (/^VTP Operating Mode\s+:\s+(Transparent|Server)/) { + $DO_SHOW_VLAN = 1; } ProcessHistory("COMMENTS","","","!VTP: $_"); I apologize for not figuring this out myself and sending a patch. Thank you for your patience and support! I will rebuild the RHEL7 rpm package I've created to include this patch. If anybody wants the spec file and patch set, let me know at . --Charlie ________________________________________ From: heasley [heas at shrubbery.net] Sent: Tuesday, July 05, 2016 8:28 PM To: Charles T. Brooks Cc: heasley; rancid-discuss at shrubbery.net Subject: Re: [rancid] Nexus 1000v switch-router Tue, Jul 05, 2016 at 04:42:17PM +0000, Charles T. Brooks: > Correction to previous email: inverting the VTP logic *does* result in the 5Ks having "show vlan" output in their rancid config files. So, since that's apparently the desired behavior you'll probably want to keep that. great. > The other change, though, (return -1 on invalid command) broke all Nexus backups. You don't want that one! I think that you misread the diff; i should be to change the -1 to 1. Index: lib/nxos.pm.in =================================================================== --- lib/nxos.pm.in (revision 3413) +++ lib/nxos.pm.in (working copy) @@ -325,7 +325,7 @@ return(1) if /Line has invalid autocommand /; return(1) if /(Invalid input detected|Type help or )/; return(1) if (/No token match at /); # 1000v - return(-1) if (/\% Invalid command at /); + return(1) if (/\% Invalid command at /);# 1000v has no support return(-1) if (/\% Permission denied/); return(-1) if (/command authorization failed/i); ------------------ CONFIDENTIALITY NOTICE --------------- This message, including any attachments, is for the sole use of the intended recipient(s) and may contain privileged confidential information protected by law. Any unauthorized review, use, disclosure or distribution of this message is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of this message. ------------------ CONFIDENTIALITY NOTICE --------------- From erikm at buh.org Mon Jul 11 09:12:54 2016 From: erikm at buh.org (Erik Muller) Date: Mon, 11 Jul 2016 11:12:54 +0200 Subject: [rancid] [patch] unexpected command - "write term" in newer Foundry devices Message-ID: <7fd9ab85-f738-d96d-168c-e4c13eeefc90@buh.org> Since updating from rancid 2.3.x to 3.4.1, I found a few Brocade/Foundry devices that stopped collecting backups properly. It looks like in Ironware 5.5 for MLX family devices, they stopped supporting "write term". This resulted in rancid runs seeing the error message as an unexpected command, since the error string looks a lot like a command prompt. The below patch fixes this for me, and seems to have no negative side effects on other flavors of foundry boxen. -e erikm at Metis:~ [00:19 - 551]$ diff -Naur /opt/local/lib/rancid/foundry.pm.bak /opt/local/lib/rancid/foundry.pm --- /opt/local/lib/rancid/foundry.pm.bak 2016-07-10 22:25:16.000000000 +0200 +++ /opt/local/lib/rancid/foundry.pm 2016-07-11 00:19:23.000000000 +0200 @@ -100,6 +100,12 @@ } while (/[>#]\s*($cmds_regexp)\s*$/) { $cmd = $1; + # Some devices can give an error that looks a lot like a prompt + # for deprecated commands like "write term". Ignore that. + if (/^Invalid input -> /) { + print STDERR ("Ignoring invalid command: $cmd\n") if ($debug); + last; + } if (!defined($prompt)) { $prompt = ($_ =~ /^([^#]+#)/)[0]; $prompt =~ s/([][}{)(\\])/\\$1/g; Example output from a failing device: erikm at Metis:/opt/local/var/rancid/logs [20:27 - 522]$ flogin -t 90 -c"show version;write term" cer.r8.atl spawn ssh -c 3des -x -l xxxx cer.r8.atl Password: SSH at er1-pp.c8.56M>enable User Name:xxxxx Password: SSH at er1-pp.c8.56M# SSH at er1-pp.c8.56M#skip-page-display Invalid input -> skip-page-display Type ? for a list SSH at er1-pp.c8.56M#terminal length 0 SSH at er1-pp.c8.56M#show version System: NetIron CER (Serial #: xxxxx, Part #: 40-1000859-12) ... IronWare : Version 5.5.0cT183 Copyright (c) 1996-2013 Brocade Communications Systems, Inc. Compiled on Jul 8 2013 at 14:53:26 labeled as ce05500c ... SSH at er1-pp.c8.56M#write term Invalid input -> write term Type ? for a list SSH at er1-pp.c8.56M#exit SSH at er1-pp.c8.56M>exitConnection to 10.10.50.243 closed. From heas at shrubbery.net Mon Jul 11 21:46:33 2016 From: heas at shrubbery.net (heasley) Date: Mon, 11 Jul 2016 21:46:33 +0000 Subject: [rancid] [patch] unexpected command - "write term" in newer Foundry devices In-Reply-To: <7fd9ab85-f738-d96d-168c-e4c13eeefc90@buh.org> References: <7fd9ab85-f738-d96d-168c-e4c13eeefc90@buh.org> Message-ID: <20160711214633.GD31913@shrubbery.net> Mon, Jul 11, 2016 at 11:12:54AM +0200, Erik Muller: > Since updating from rancid 2.3.x to 3.4.1, I found a few Brocade/Foundry devices that stopped collecting backups properly. It looks like in Ironware 5.5 for MLX family devices, they stopped supporting "write term". This resulted in rancid runs seeing the error message as an unexpected command, since the error string looks a lot like a command prompt. The below patch fixes this for me, and seems to have no negative side effects on other flavors of foundry boxen. > -e > > > erikm at Metis:~ [00:19 - 551]$ diff -Naur /opt/local/lib/rancid/foundry.pm.bak /opt/local/lib/rancid/foundry.pm > --- /opt/local/lib/rancid/foundry.pm.bak 2016-07-10 22:25:16.000000000 +0200 > +++ /opt/local/lib/rancid/foundry.pm 2016-07-11 00:19:23.000000000 +0200 > @@ -100,6 +100,12 @@ > } > while (/[>#]\s*($cmds_regexp)\s*$/) { > $cmd = $1; > + # Some devices can give an error that looks a lot like a prompt > + # for deprecated commands like "write term". Ignore that. > + if (/^Invalid input -> /) { > + print STDERR ("Ignoring invalid command: $cmd\n") if ($debug); > + last; > + } This should be handled by the existing code. There must be another root cause. Perhaps you would send the output of the following command to me? eval `rancid -t foundry -C cer.r8.atl` > output 2>&1 > if (!defined($prompt)) { > $prompt = ($_ =~ /^([^#]+#)/)[0]; > $prompt =~ s/([][}{)(\\])/\\$1/g; > > > > Example output from a failing device: > > erikm at Metis:/opt/local/var/rancid/logs [20:27 - 522]$ flogin -t 90 -c"show version;write term" cer.r8.atl > spawn ssh -c 3des -x -l xxxx cer.r8.atl > Password: > SSH at er1-pp.c8.56M>enable > User Name:xxxxx > Password: > SSH at er1-pp.c8.56M# > SSH at er1-pp.c8.56M#skip-page-display > Invalid input -> skip-page-display > Type ? for a list > SSH at er1-pp.c8.56M#terminal length 0 > SSH at er1-pp.c8.56M#show version > System: NetIron CER (Serial #: xxxxx, Part #: 40-1000859-12) > ... > IronWare : Version 5.5.0cT183 Copyright (c) 1996-2013 Brocade Communications Systems, Inc. > Compiled on Jul 8 2013 at 14:53:26 labeled as ce05500c > ... > SSH at er1-pp.c8.56M#write term > Invalid input -> write term > Type ? for a list > SSH at er1-pp.c8.56M#exit > SSH at er1-pp.c8.56M>exitConnection to 10.10.50.243 closed. > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss From erikm at buh.org Tue Jul 12 09:57:34 2016 From: erikm at buh.org (Erik Muller) Date: Tue, 12 Jul 2016 11:57:34 +0200 Subject: [rancid] [patch] unexpected command - "write term" in newer Foundry devices In-Reply-To: <20160711214633.GD31913@shrubbery.net> References: <7fd9ab85-f738-d96d-168c-e4c13eeefc90@buh.org> <20160711214633.GD31913@shrubbery.net> Message-ID: On 7/11/16 23:46 , heasley wrote: > This should be handled by the existing code. There must be another root > cause. Perhaps you would send the output of the following command to me? > > eval `rancid -t foundry -C cer.r8.atl` > output 2>&1 Sure thing, attached. I do see a bit in WriteTerm that looks like it should be handling that, though it seems to kick it back to the inner loop of inloop with the "Invalid" line still as the current line of $INPUT. I guess either inloop would need to know from the return code that it needed to break out of the current command loop for that to do the trick. Also this may be useful: $ rancid -d -t foundry cer.r8.atl loadtype: device type foundry loadtype: found device type foundry in /opt/local/etc/rancid/rancid.types.base executing flogin -t 90 -c"show version;show chassis;show module;show flash;write term;show running-config" cer.r8.atl PROMPT MATCH: SSH at er1-pp.c8.56M# HIT COMMAND:SSH at er1-pp.c8.56M#show version In ShowVersion: SSH at er1-pp.c8.56M#show version HIT COMMAND:SSH at er1-pp.c8.56M#show chassis In ShowChassis: SSH at er1-pp.c8.56M#show chassis HIT COMMAND:SSH at er1-pp.c8.56M#show module In ShowModule: SSH at er1-pp.c8.56M#show module HIT COMMAND:SSH at er1-pp.c8.56M#show flash In ShowFlash: SSH at er1-pp.c8.56M#show flash HIT COMMAND:SSH at er1-pp.c8.56M#write term In WriteTerm: SSH at er1-pp.c8.56M#write term HIT COMMAND:Invalid input -> write term cer.r8.atl: found unexpected command - "write term" cer.r8.atl: missed cmd(s): show running-config cer.r8.atl: missed cmd(s): show running-config cer.r8.atl: End of run not found cer.r8.atl: End of run not found (and, for completeness, all this is being tested on 3.4.1 on OSX 10.10.5, using the macports build, which is pretty much stock source except a couple of changes to the installation paths) -------------- next part -------------- cer.r8.atl spawn ssh -c 3des -x -l ranciduser cer.r8.atl Password: SSH at er1-pp.c8.56M>enable User Name:ranciduser Password: SSH at er1-pp.c8.56M# SSH at er1-pp.c8.56M#skip-page-display Invalid input -> skip-page-display Type ? for a list SSH at er1-pp.c8.56M#terminal length 0 SSH at er1-pp.c8.56M#show version System: NetIron CER (Serial #: XXXXXXXXXXX, Part #: 40-1000859-12) License: RT_SCALE (LID: xxxxxxxxxxx) Boot : Version 5.5.0T185 Copyright (c) 1996-2013 Brocade Communications Systems, Inc. Compiled on Sep 19 2012 at 10:34:20 labeled as ceb05500 (456313 bytes) from boot flash Monitor : Version 5.5.0T185 Copyright (c) 1996-2013 Brocade Communications Systems, Inc. Compiled on Sep 19 2012 at 10:34:20 labeled as ceb05500 (456313 bytes) from code flash IronWare : Version 5.5.0cT183 Copyright (c) 1996-2013 Brocade Communications Systems, Inc. Compiled on Jul 8 2013 at 14:53:26 labeled as ce05500c (16507070 bytes) from Primary CPLD Version: 0x00000001 Micro-Controller Version: 0x0000000d Extended route scalability PBIF Version: 0x015d 800 MHz Power PC processor 8544 (version 8021/0023) 400 MHz bus 512 KB Boot Flash (MX29LV040C), 64 MB Code Flash (MT28F256J3) 2048 MB DRAM System uptime is 209 days 17 hours 1 minutes 6 seconds SSH at er1-pp.c8.56M#show chassis *** NetIron CER 2024F-4X *** ---POWERS --- Power 1 ( 3I50 - AC 504W): Installed (OK) Power 2 ( 3I50 - AC 504W): Installed (OK) Total power budget for system = 1008 W --- FANS --- Metro fan tray (fan 1): Status = OK, Speed = MED (75%) Metro fan tray (fan 2): Status = OK, Speed = MED (75%) Metro fan tray (fan 3): Status = OK, Speed = MED (75%) Metro fan tray (fan 4): Status = OK, Speed = MED (75%) Metro fan tray (fan 5): Status = OK, Speed = MED (75%) Metro fan tray (fan 6): Status = OK, Speed = MED (75%) --- TEMPERATURE READINGS --- CPU: Board 50.0C Chip 52.43C 24X1G PPCR: Board 48.50C Chip 51.56C 24X1G TCAM: Board 42.0C Chip 40.75C 4X10G PPCR1: Board 43.0C Chip 48.6C 4X10G TCAM1: Board 41.0C Chip 39.56C 4X10G PPCR2: Board 44.50C Chip 49.0C 4X10G TCAM2: Board 40.50C Chip 40.6C Fans are in auto mode (current speed is MED (75%)). Temperature monitoring poll period is 60 seconds. Base MAC Address = 748e.abcd.1234 SSH at er1-pp.c8.56M#show module *** NetIron CER 2024F-4X *** Module Status Ports Starting MAC S1: 24x1G Fiber Ports Virtual Module CARD_STATE_UP 24 748e.abcd.1234 S2: 4x10G Ports Virtual Module CARD_STATE_UP 4 748e.abcd.4321 SSH at er1-pp.c8.56M#show flash ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Code Flash - Type MT28F256J3, Size 64 MB o IronWare Image (Primary) Version 5.5.0cT183, Size 16507070 bytes, Check Sum 05e4 Compiled on Jul 8 2013 at 14:53:26 labeled as ce05500c o Monitor Image Version 5.5.0T185, Size 456313 bytes, Check Sum 546d Compiled on Sep 19 2012 at 10:34:20 labeled as ceb05500 o Startup Configuration Size 99219 bytes, Check Sum 630a Modified on 12:09:35 GMT+00 Thu Jul 07 2016 Boot Flash - Type MX29LV040C, Size 512 KB o Boot Image Version 5.5.0T185, Size 456313 bytes, Check Sum 546d Compiled on Sep 19 2012 at 10:34:20 labeled as ceb05500 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ SSH at er1-pp.c8.56M#write term Invalid input -> write term Type ? for a list SSH at er1-pp.c8.56M#show running-config Current configuration: ! ver V5.5.0cT183 ! ! ! lag "vdx-fabric" dynamic id 64 ports ethernet 2/3 to 2/4 primary-port 2/3 deploy port-name "vdx-fabric-trunk" ethernet 2/3 port-name "vdx-fabric-trunk-r9" ethernet 2/4 ! ! ! no spanning-tree ! ! vlan 1 name DEFAULT-VLAN no untagged ethe 1/1 to 1/2 ! vlan 50 tagged ethe 1/1 to 1/2 ethe 2/3 to 2/4 router-interface ve 50 ! ! system-max ip-cache 1048576 system-max ip-route 1048576 system-max virtual-interface 4095 ! ! aaa authentication enable default local tacacs+ aaa authentication login default local tacacs+ tacacs-server host 10.10.10.1 tacacs-server key 2 $xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx ! ! ! ! ntp server 10.10.10.1 ! ! enable super-user-password ..... logging host 10.10.10.1 logging host 10.10.10.3 username xxxxxxxx password ..... username xxxxxxxx history ..... username xxxxxxxx privilege 5 password ..... username xxxxxxxx password ..... username xxxxxxxx password ..... ! ip route 0.0.0.0/0 11.22.333.44 ! ! ! ! ! snmp-client 10.10.10.1 snmp-server snmp-server community ..... ro snmp-server community ..... rw snmp-server host 10.10.10.1 version v2c ..... hostname er1-pp.c8.56M ! ! router vrrp-extended ! ! ! ! ! ! ! interface management 1 ip address 10.10.10.43/24 enable ! interface ethernet 1/1 enable ! interface ethernet 1/3 enable ! ![interfaces, bgp policy omitted for brevity] ! ! lldp run ! ! ! ! end SSH at er1-pp.c8.56M#exit SSH at er1-pp.c8.56M>exitConnection to 10.10.50.243 closed. Killed by signal 1. From heas at shrubbery.net Tue Jul 12 14:40:11 2016 From: heas at shrubbery.net (heasley) Date: Tue, 12 Jul 2016 14:40:11 +0000 Subject: [rancid] [patch] unexpected command - "write term" in newer Foundry devices In-Reply-To: References: <7fd9ab85-f738-d96d-168c-e4c13eeefc90@buh.org> <20160711214633.GD31913@shrubbery.net> Message-ID: <20160712144011.GB58428@shrubbery.net> Tue, Jul 12, 2016 at 11:57:34AM +0200, Erik Muller: > On 7/11/16 23:46 , heasley wrote: > > This should be handled by the existing code. There must be another root > > cause. Perhaps you would send the output of the following command to me? > > > > eval `rancid -t foundry -C cer.r8.atl` > output 2>&1 > > Sure thing, attached. > > I do see a bit in WriteTerm that looks like it should be handling that, though it seems to kick it back to the inner loop of inloop with the "Invalid" line still as the current line of $INPUT. I guess either inloop would need to know from the return code that it needed to break out of the current command loop for that to do the trick. > > Also this may be useful: > $ rancid -d -t foundry cer.r8.atl > loadtype: device type foundry > loadtype: found device type foundry in /opt/local/etc/rancid/rancid.types.base > executing flogin -t 90 -c"show version;show chassis;show module;show flash;write term;show running-config" cer.r8.atl > PROMPT MATCH: SSH at er1-pp.c8.56M# > HIT COMMAND:SSH at er1-pp.c8.56M#show version > In ShowVersion: SSH at er1-pp.c8.56M#show version > HIT COMMAND:SSH at er1-pp.c8.56M#show chassis > In ShowChassis: SSH at er1-pp.c8.56M#show chassis > HIT COMMAND:SSH at er1-pp.c8.56M#show module > In ShowModule: SSH at er1-pp.c8.56M#show module > HIT COMMAND:SSH at er1-pp.c8.56M#show flash > In ShowFlash: SSH at er1-pp.c8.56M#show flash > HIT COMMAND:SSH at er1-pp.c8.56M#write term > In WriteTerm: SSH at er1-pp.c8.56M#write term > HIT COMMAND:Invalid input -> write term > cer.r8.atl: found unexpected command - "write term" ah, this is what I did not "see"; I just had the process in mind. You are correct. Thanks for the patch! From vaclav.ovsik at i.cz Mon Jul 11 12:29:06 2016 From: vaclav.ovsik at i.cz (=?iso-8859-1?Q?V=E1clav_Ovs=EDk?=) Date: Mon, 11 Jul 2016 14:29:06 +0200 Subject: [rancid] filtering of show license Message-ID: <20160711122906.GB31435@bobek.localdomain> Hi, with Rancid 3.4.1 a new information is digged from IOS using show license but it contains relative (changing) time :-/ e.g.: Index 3 Feature: securityk9 Period left: 5 days 7 hours Period Used: 7 weeks 5 days have anybody already solved this? (change to end-of-license time or so) Thanks -- Zito From vaclav.ovsik at i.cz Mon Jul 11 14:01:56 2016 From: vaclav.ovsik at i.cz (=?iso-8859-1?Q?V=E1clav_Ovs=EDk?=) Date: Mon, 11 Jul 2016 16:01:56 +0200 Subject: [rancid] filtering of show license In-Reply-To: <20160711122906.GB31435@bobek.localdomain> References: <20160711122906.GB31435@bobek.localdomain> Message-ID: <20160711140156.GA12316@bobek.localdomain> On Mon, Jul 11, 2016 at 02:29:06PM +0200, V?clav Ovs?k wrote: > Hi, > with Rancid 3.4.1 a new information is digged from IOS using > show license > but it contains relative (changing) time :-/ e.g.: > > Index 3 Feature: securityk9 > Period left: 5 days 7 hours > Period Used: 7 weeks 5 days > > have anybody already solved this? (change to end-of-license time or so) for this time I added only removing: @@ -587,6 +587,7 @@ return(0) if (/% license not supported on this device/i);# show lic on old box return(1) if (/Line has invalid autocommand /); return(1) if (/(invalid (input|command) detected|type help or )/i); + s/^(\s*Period (?:left|used)):(?:\s*\d+\s*(?:weeks|days|hours))+/$1: /i; ProcessHistory("COMMENTS","keysort","LICENSE","! $_"); } -- Zito From vaclav.ovsik at i.cz Mon Jul 11 12:20:26 2016 From: vaclav.ovsik at i.cz (=?iso-8859-1?Q?V=E1clav_Ovs=EDk?=) Date: Mon, 11 Jul 2016 14:20:26 +0200 Subject: [rancid] clutter with DHCP Snooping or VMPS Message-ID: <20160711122026.GA31435@bobek.localdomain> Hi, I have a small mod for Rancid 3.4.1 for * DHCP snooping - everchanging file in NVRAM * VMPS active - everchanging VLAN port assignment --- ios.pm.orig 2016-05-18 08:09:10.000000000 +0200 +++ ios.pm 2016-06-15 13:24:26.268000000 +0200 @@ -976,7 +976,7 @@ # to: # vlan.dat # vlan.dat - if (/(dhcp_[^. ]*\.txt|vlan\.dat|sflog|syslog)\s*$/) { + if (/(dhcp_[^. ]*\.txt|vlan\.dat|sflog|snooping|syslog)\s*$/) { if (/(\s*\d+)(\s+[-rwx]+\s+)(\d+)(\s+)(\w+ \d+\s+\d+ \d+:\d+:\d+ .\d+:\d+)/) { my($fn, $a, $sz, $c, $dt, $rem) = ($1, $2, $3, $4, $5, $'); my($fnl, $szl, $dtl) = (length($fn), length($sz), length($dt)); @@ -1950,6 +1950,8 @@ ($_ = <$INPUT>, return(1)) if ($DO_SHOW_VLAN); + my $ports_column = undef; + while (<$INPUT>) { tr/\015//d; last if (/^$prompt/); @@ -1980,6 +1982,17 @@ next if (/total.*packets.*(input|output)/i); + if ( m/^VLAN\s+Name\s+Status\s+Ports$/ ) { + $ports_column = index($_, 'Ports'); + } elsif ( m/^[^-0-9 ]/ ) { + undef $ports_column; + } + if ( defined $ports_column ) { + $_ = substr($_, 0, $ports_column); + next if m/^\s*$/; + $_ .= "\n"; + } + ProcessHistory("COMMENTS","keysort","IO","!VLAN: $_"); } OUT:ProcessHistory("COMMENTS","keysort","IO","!\n"); Maybe usable for someone. -- Zito From vaclav.ovsik at i.cz Tue Jul 12 07:42:40 2016 From: vaclav.ovsik at i.cz (=?iso-8859-1?Q?V=E1clav_Ovs=EDk?=) Date: Tue, 12 Jul 2016 09:42:40 +0200 Subject: [rancid] filtering of show license In-Reply-To: <20160711140156.GA12316@bobek.localdomain> References: <20160711122906.GB31435@bobek.localdomain> <20160711140156.GA12316@bobek.localdomain> Message-ID: <20160712074240.GA17447@bobek.localdomain> On Mon, Jul 11, 2016 at 04:01:56PM +0200, V?clav Ovs?k wrote: > > Hi, > > with Rancid 3.4.1 a new information is digged from IOS using > > show license > > but it contains relative (changing) time :-/ e.g.: > > > > Index 3 Feature: securityk9 > > Period left: 5 days 7 hours > > Period Used: 7 weeks 5 days > > > > have anybody already solved this? (change to end-of-license time or so) > > for this time I added only removing: > > @@ -587,6 +587,7 @@ > return(0) if (/% license not supported on this device/i);# show lic on old box > return(1) if (/Line has invalid autocommand /); > return(1) if (/(invalid (input|command) detected|type help or )/i); > + s/^(\s*Period (?:left|used)):(?:\s*\d+\s*(?:weeks|days|hours))+/$1: /i; > > ProcessHistory("COMMENTS","keysort","LICENSE","! $_"); > } singular too :-/ --- ios.pm.orig 2016-05-18 08:09:10.000000000 +0200 +++ ios.pm 2016-07-12 09:35:02.552000000 +0200 @@ -587,6 +587,7 @@ return(0) if (/% license not supported on this device/i);# show lic on old box return(1) if (/Line has invalid autocommand /); return(1) if (/(invalid (input|command) detected|type help or )/i); + s/^(\s*Period (?:left|used)):(?:\s*\d+\s*(?:weeks?|days?|hours?))+/$1: /i; ProcessHistory("COMMENTS","keysort","LICENSE","! $_"); } -- Zito From heas at shrubbery.net Thu Jul 14 09:46:47 2016 From: heas at shrubbery.net (heasley) Date: Thu, 14 Jul 2016 09:46:47 +0000 Subject: [rancid] filtering of show license In-Reply-To: <20160712074240.GA17447@bobek.localdomain> References: <20160711122906.GB31435@bobek.localdomain> <20160711140156.GA12316@bobek.localdomain> <20160712074240.GA17447@bobek.localdomain> Message-ID: <20160714094647.GI6759@shrubbery.net> Tue, Jul 12, 2016 at 09:42:40AM +0200, V?clav Ovs?k: > On Mon, Jul 11, 2016 at 04:01:56PM +0200, V?clav Ovs?k wrote: > > > Hi, > > > with Rancid 3.4.1 a new information is digged from IOS using > > > show license > > > but it contains relative (changing) time :-/ e.g.: > > > > > > Index 3 Feature: securityk9 > > > Period left: 5 days 7 hours > > > Period Used: 7 weeks 5 days > > > > > > have anybody already solved this? (change to end-of-license time or so) > > > > for this time I added only removing: > > > > @@ -587,6 +587,7 @@ > > return(0) if (/% license not supported on this device/i);# show lic on old box > > return(1) if (/Line has invalid autocommand /); > > return(1) if (/(invalid (input|command) detected|type help or )/i); > > + s/^(\s*Period (?:left|used)):(?:\s*\d+\s*(?:weeks|days|hours))+/$1: /i; > > > > ProcessHistory("COMMENTS","keysort","LICENSE","! $_"); > > } > > singular too :-/ > > --- ios.pm.orig 2016-05-18 08:09:10.000000000 +0200 > +++ ios.pm 2016-07-12 09:35:02.552000000 +0200 > @@ -587,6 +587,7 @@ > return(0) if (/% license not supported on this device/i);# show lic on old box > return(1) if (/Line has invalid autocommand /); > return(1) if (/(invalid (input|command) detected|type help or )/i); > + s/^(\s*Period (?:left|used)):(?:\s*\d+\s*(?:weeks?|days?|hours?))+/$1: /i; > > ProcessHistory("COMMENTS","keysort","LICENSE","! $_"); > } Does this also solve the problem for you: Index: lib/ios.pm.in =================================================================== --- lib/ios.pm.in (revision 3291) +++ lib/ios.pm.in (revision 3300) @@ -458,6 +458,7 @@ while (<$INPUT>) { tr/\015//d; goto OUT if (/^$prompt/); # should not occur + s/\s*$//; # trim trailing WS # the pager can not be disabled per-session on the PIX if (/^(<-+ More -+>)/) { my($len) = length($1); @@ -540,9 +541,16 @@ next if (/^\s+\^$/); return(0) if (/% no licensable udi in the system/i); # show udi on old box return(0) if (/% license not supported on this device/i);# show lic on old box + return(0) if (/% incomplete command/i); # show lic on old XE box return(1) if (/Line has invalid autocommand /); return(1) if (/(invalid (input|command) detected|type help or )/i); + next if (/period used:/i); + if (/(^\s*period left:\s*)\d+/i) { + ProcessHistory("COMMENTS","keysort","LICENSE","! $1\n"); + next; + } + ProcessHistory("COMMENTS","keysort","LICENSE","! $_"); } ProcessHistory("COMMENTS","keysort","LICENSE","!\n"); From voltai_a at etna-alternance.net Fri Jul 15 15:15:03 2016 From: voltai_a at etna-alternance.net (Joseph-Emmanuel VOLTAIRE) Date: Fri, 15 Jul 2016 17:15:03 +0200 Subject: [rancid] Number of users and/or companies running rancid in the world Message-ID: Hello, We actually know that great companies out here are using rancid but... Does someone know how many people or companies using rancid around the world ? even approximatively ? -- Cordialement, J-E.V -------------- next part -------------- An HTML attachment was scrubbed... URL: From heas at shrubbery.net Thu Jul 21 11:17:26 2016 From: heas at shrubbery.net (heasley) Date: Thu, 21 Jul 2016 11:17:26 +0000 Subject: [rancid] fnlogin pager Message-ID: <20160721111726.GB10742@shrubbery.net> A user recommended the following change for Fortigate (fnlogin). Does anyone know if the following works in 4.x to disable the pager and return to the command prompt? config global config system console set output standard end Or, if it is no necessary to continue supporting 4.x? > The fnlogin script tries to disable the paging fortigate paging mode. > With multiple vdom you have to patch the following line in bin/fnlogin > > proc run_commands { prompt command } { > global in_proc > set in_proc 1 > > # Disable output paging. > - send -- "config system console\r" > - expect -re $prompt; send -- "set output standard\r" > + send -- "config global\r" > + expect -re $prompt; send -- "config system console\r" > expect -re $prompt; send -- "set output standard\r" > expect -re $prompt; send -- "end\r" > expect -re $prompt do you know if this works on older versions of the fortigate o/s? I know that it works on firmware 5.x and I also know that firmware 4.x is end of support :-) From mnewton at pofp.com Thu Jul 21 16:57:17 2016 From: mnewton at pofp.com (Michael Newton) Date: Thu, 21 Jul 2016 16:57:17 +0000 Subject: [rancid] fnlogin pager In-Reply-To: <20160721111726.GB10742@shrubbery.net> References: <20160721111726.GB10742@shrubbery.net> Message-ID: I get an error, but it can safely be ignored: HHS_DHCP_FG100A # config global command parse error before 'global' Command fail. Return code 1 HHS_DHCP_FG100A # config system console HHS_DHCP_FG100A (console) # set output standard HHS_DHCP_FG100A (console) # end HHS_DHCP_FG100A # This is a Fortigate FG100A running 4.0 MR3 software. -- Michael Newton Director, Product Development Point of Presence Technologies You manage your business. We?ll manage your network. 206-1110 Government Street, Victoria BC V8W 1Y2 T: 250-412-6688 x 7040 | F: 484-731-9837 mnewton at pofp.com | www.pofp.com From: Rancid-discuss on behalf of heasley Date: Thursday, July 21, 2016 at 4:17 AM To: "rancid-discuss at shrubbery.net" Subject: [rancid] fnlogin pager A user recommended the following change for Fortigate (fnlogin). Does anyone know if the following works in 4.x to disable the pager and return to the command prompt? config global config system console set output standard end Or, if it is no necessary to continue supporting 4.x? The fnlogin script tries to disable the paging fortigate paging mode. With multiple vdom you have to patch the following line in bin/fnlogin proc run_commands { prompt command } { global in_proc set in_proc 1 # Disable output paging. - send -- "config system console\r" - expect -re $prompt; send -- "set output standard\r" + send -- "config global\r" + expect -re $prompt; send -- "config system console\r" expect -re $prompt; send -- "set output standard\r" expect -re $prompt; send -- "end\r" expect -re $prompt do you know if this works on older versions of the fortigate o/s? I know that it works on firmware 5.x and I also know that firmware 4.x is end of support :-) _______________________________________________ Rancid-discuss mailing list Rancid-discuss at shrubbery.net http://www.shrubbery.net/mailman/listinfo/rancid-discuss -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 4271 bytes Desc: not available URL: