From maamoo at gmail.com Thu Aug 3 16:06:53 2006 From: maamoo at gmail.com (S H A N) Date: Fri, 4 Aug 2006 00:06:53 +0800 Subject: [rancid] Re: inventory mgmt script from rancid output In-Reply-To: <20060723180346.GC459@shrubbery.net> References: <58D14E53A4F69C4EAF4D29171C447CC491FA45@NTX-CL.forest.netvision.net.il> <20060723180346.GC459@shrubbery.net> Message-ID: hi list, in the interest of the subject i have just done a script... nothing elegant at all but sure does save my time... (as i have 70+ 7507 boxes) its accuracy is only confirmed in my setup thus u'r mileage may vary... improvements/comments are certainly most welcome :) usage is simple... just run it against a cisco 7507 rancid file... best rgds. On 7/24/06, john heasley wrote: > > AFAIK it is. join their mail list, tool-makers or something like that. > > Sun, Jul 23, 2006 at 12:10:15PM +0200, Yuval Ben-Ari: > > I like the filter_audit tool > > any idea if it is still being maintained ? > > can anyone provide the author contact ? > > > > 10x > > > > > -----Original Message----- > > > From: rancid-discuss-bounces at shrubbery.net > > > [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of > > > john heasley > > > Sent: Thursday, July 20, 2006 5:41 PM > > > To: Mohacsi Janos > > > Cc: Rancid-discuss at shrubbery.net > > > Subject: [rancid] Re: inventory mgmt script from rancid output > > > > > > > > > ISTR that Joe Abley did as part of the tools he spoke about at nanog. > > > http://www.nanog.org/mtg-0210/abley.html > > > > > > Thu, Jul 20, 2006 at 09:57:18AM +0200, Mohacsi Janos: > > > > Dear All, > > > > Did anybody already write a post-processing script to extract > > > > inventory only (CPU, memory, interfaces wit their serials) > > > from rancid > > > > output files and presents in a more easy to view format? Thanks. > > > > Regards, > > > > > > > > Janos Mohacsi > > > > Network Engineer, Research Associate, Head of Network Planning > > > > NIIF/HUNGARNET, HUNGARY > > > > Key 00F9AF98: 8645 1312 D249 471B DBAE 21A2 9F52 0D1F 00F9 AF98 > > > > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > -- Best Regards. -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20060804/4e258a74/attachment.html -------------- next part -------------- A non-text attachment was scrubbed... Name: inventory.pl Type: application/x-perl Size: 4423 bytes Desc: not available Url : http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20060804/4e258a74/attachment.bin From rancid at layer7.com.au Fri Aug 4 03:05:46 2006 From: rancid at layer7.com.au (rancid at layer7.com.au) Date: Thu, 3 Aug 2006 24:05:46 -0300 Subject: [rancid] Obtain the career you have always wanted with the University Degree you deserve. Message-ID: KT1ufd5SeoeWc.yXJcpuW52n80F@layer7.com.au An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20060804/b187b3e4/attachment.html From wcgallar at iupui.edu Fri Aug 4 15:24:11 2006 From: wcgallar at iupui.edu (Chris Gallardo) Date: Fri, 4 Aug 2006 11:24:11 -0400 (EDT) Subject: [rancid] using rancid with netscreen firewalls Message-ID: I have a netscreen firewall that is already in enable mode when you login. However the prompt does not contain '#' sowhen I try nlogin it returns this error iub-machine-room:bfw1(M)-> can't read "enable": no such variable while executing "if { $enable } { if {[do_enable $enauser $enapasswd]} { if { $do_command || $do_script } { close; wait continue } } }" ("foreach" body line 66) invoked from within "foreach firewall [lrange $argv $i end] { set firewall [string tolower $firewall] send_user "$firewall\n" set prompt ">" # Figure out..." (file "/usr/bin/nlogin" line 423) i tried setting autoenable to 1 in .cloginrc but did nothing to solve the error above. I believe the script still checks the command prompt for the '#' even if autoenable is turned on. any suggestions would be greatly appreciated. -- -- Chris Gallardo Network Services 278-9067 From cstave at gmail.com Fri Aug 4 17:47:33 2006 From: cstave at gmail.com (Chris Stave) Date: Fri, 4 Aug 2006 13:47:33 -0400 Subject: [rancid] Re: using rancid with netscreen firewalls In-Reply-To: References: Message-ID: <5471c93d0608041047w24037e7bp9616f01a199e1111@mail.gmail.com> The easiest way to deal with this would probably be to change the name of the firewall to include a #, which might work. I'm not sure if it will let you, but its worth trying. You could make it iub-machine-room#1 or something. Not the most elegant way to deal with it, but it might work. Chris Stave CNS, Drew University On 8/4/06, Chris Gallardo wrote: > > I have a netscreen firewall that is already in enable mode when you > login. However the prompt does not contain '#' sowhen I try nlogin it > returns this error > > > iub-machine-room:bfw1(M)-> can't read "enable": no such variable > while executing > "if { $enable } { > if {[do_enable $enauser $enapasswd]} { > if { $do_command || $do_script } { > close; wait > continue > } > } > }" > ("foreach" body line 66) > invoked from within > "foreach firewall [lrange $argv $i end] { > set firewall [string tolower $firewall] > send_user "$firewall\n" > > set prompt ">" > > # Figure out..." > (file "/usr/bin/nlogin" line 423) > > > i tried setting autoenable to 1 in .cloginrc but did nothing to solve the > error above. I believe the script still checks the command prompt for the > '#' even if autoenable is turned on. > > any suggestions would be greatly appreciated. > > > > > -- > -- > > Chris Gallardo > Network Services > 278-9067 > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20060804/6b501a8f/attachment.html From tex at off.org Fri Aug 4 17:53:10 2006 From: tex at off.org (Austin Schutz) Date: Fri, 4 Aug 2006 10:53:10 -0700 Subject: [rancid] Re: using rancid with netscreen firewalls In-Reply-To: References: Message-ID: <20060804175310.GJ28934@gblx.net> On Fri, Aug 04, 2006 at 11:24:11AM -0400, Chris Gallardo wrote: > I have a netscreen firewall that is already in enable mode when you login. However the prompt does not contain '#' sowhen I try nlogin it returns this error > > Have you tried: add noenable Austin From bmassel at descartes.com Fri Aug 4 18:23:39 2006 From: bmassel at descartes.com (Brock Massel) Date: Fri, 4 Aug 2006 14:23:39 -0400 Subject: [rancid] Re: using rancid with netscreen firewalls Message-ID: <78CC970856BCB3468058B65560DA97D0F50F6F@XPOCSCA.corp.descartes.com> ? I think that nothing special is required. Use nlogin and nrancid. Of course the rancid run "does the right thing" to call these from cron because you used the device type "netscreen" in router.db. See the transcript of a session below... note my prompt has no magic. nlogin actually looks for a ">". And reading the nlogin source, it ignores all the enable stuff any way (since the netscreen has no such concept). rancid at YYYYY.ZZZ.XXXX.com[768]$ nlogin 10.9.32.34 10.9.32.34 spawn ssh -c 3des -x -l rancid 10.9.32.34 rancid at 10.9.32.34's password: Remote Management Console SSGFW1(M)-> SSGFW1(M)-> exitConnection to 10.9.32.34 closed. rancid at YYYYY.ZZZ.XXXX.com[769]$ nrancid for me also. No changes should be required. I run from downloaded tarballs. rancid at YYYYY.ZZZ.XXXX.com[785]$ grep 32.34 router.db 10.9.32.34:netscreen:up rancid at YYYYY.ZZZ.XXXX.com[787]$ grep 32.34 .cloginrc add method 10.9.32.34 ssh add cyphertype 10.9.32.34 {3des} add user 10.9.32.34 rancid add password 10.9.32.34 WASAPASS WASAPASS ________________________________ From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Chris Stave Sent: Friday, August 04, 2006 1:48 PM To: Chris Gallardo Cc: rancid-discuss at shrubbery.net Subject: [rancid] Re: using rancid with netscreen firewalls The easiest way to deal with this would probably be to change the name of the firewall to include a #, which might work. I'm not sure if it will let you, but its worth trying. You could make it iub-machine-room#1 or something. Not the most elegant way to deal with it, but it might work. Chris Stave CNS, Drew University On 8/4/06, Chris Gallardo wrote: I have a netscreen firewall that is already in enable mode when you login. However the prompt does not contain '#' sowhen I try nlogin it returns this error iub-machine-room:bfw1(M)-> can't read "enable": no such variable while executing "if { $enable } { if {[do_enable $enauser $enapasswd]} { if { $do_command || $do_script } { close; wait continue } } }" ("foreach" body line 66) invoked from within "foreach firewall [lrange $argv $i end] { set firewall [string tolower $firewall] send_user "$firewall\n" set prompt ">" # Figure out..." (file "/usr/bin/nlogin" line 423) i tried setting autoenable to 1 in .cloginrc but did nothing to solve the error above. I believe the script still checks the command prompt for the '#' even if autoenable is turned on. any suggestions would be greatly appreciated. -- -- Chris Gallardo Network Services 278-9067 _______________________________________________ Rancid-discuss mailing list Rancid-discuss at shrubbery.net http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20060804/771465fe/attachment.html From llc at dansketelecom.com Sun Aug 6 08:40:56 2006 From: llc at dansketelecom.com (Lars Lystrup Christensen) Date: Sun, 6 Aug 2006 10:40:56 +0200 Subject: [rancid] Setup for HP2626 Message-ID: <5DCC4AA34F470741B0CAE586CC8C8BB3CDA582@exchange.office.dansketelecom.com> Hi there Anyone got the correct settings for HP2626 switches? I'm not quite sure whether it should be hp or foundry and what the .cloginrc settings should be. ______________________________________ Med venlig hilsen / Kind regards Lars Lystrup Christensen Network Engineer Danske Telecom A/S - Clearwire Denmark Sundkrogsgade 13, 4 2100 K?benhavn ? llc at dansketelecom.com +45 35 27 50 00 (Office) +45 35 27 50 50 (Fax) +45 35 27 50 23 (Direct) +45 40 60 55 23 (Mobile) www.dansketelecom.com www.clearwire.dk -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20060806/57c73037/attachment.html From llc at dansketelecom.com Sun Aug 6 10:46:08 2006 From: llc at dansketelecom.com (Lars Lystrup Christensen) Date: Sun, 6 Aug 2006 12:46:08 +0200 Subject: [rancid] How to backup files on linux? Message-ID: <5DCC4AA34F470741B0CAE586CC8C8BB3CDA583@exchange.office.dansketelecom.com> Hi there Anyone got scripts for importing files on linux boxes into rancid for backup in CVS? I've got some equipment which runs a redhat linux. All I need is to backup a specific directory and its subdirectories. Login is done by SSH. Of course this could also be used for backing up things such as BIND zone files etc. ______________________________________ Med venlig hilsen / Kind regards Lars Lystrup Christensen Network Engineer Danske Telecom A/S - Clearwire Denmark Sundkrogsgade 13, 4 2100 K?benhavn ? llc at dansketelecom.com +45 35 27 50 00 (Office) +45 35 27 50 50 (Fax) +45 35 27 50 23 (Direct) +45 40 60 55 23 (Mobile) www.dansketelecom.com www.clearwire.dk -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20060806/6310d6c4/attachment.html From eravin at panix.com Sun Aug 6 13:23:25 2006 From: eravin at panix.com (Ed Ravin) Date: Sun, 6 Aug 2006 09:23:25 -0400 Subject: [rancid] Re: How to backup files on linux? In-Reply-To: <5DCC4AA34F470741B0CAE586CC8C8BB3CDA583@exchange.office.dansketelecom.com> References: <5DCC4AA34F470741B0CAE586CC8C8BB3CDA583@exchange.office.dansketelecom.com> Message-ID: <20060806132325.GA19648@panix.com> On Sun, Aug 06, 2006 at 12:46:08PM +0200, Lars Lystrup Christensen wrote: > Anyone got scripts for importing files on linux boxes into rancid for > backup in CVS? The "wrapper rancid" patch might do what you want: http://www.shrubbery.net/pipermail/rancid-discuss/2005-November/001276.html From wcgallar at iupui.edu Mon Aug 7 15:33:59 2006 From: wcgallar at iupui.edu (Chris Gallardo) Date: Mon, 7 Aug 2006 11:33:59 -0400 (EDT) Subject: [rancid] Re: Setup for HP2626 In-Reply-To: <5DCC4AA34F470741B0CAE586CC8C8BB3CDA582@exchange.office.dansketelecom.com> References: <5DCC4AA34F470741B0CAE586CC8C8BB3CDA582@exchange.office.dansketelecom.com> Message-ID: I believe it should be hp. try hlogin -c 'show config' switch_ip_address you will need to define method, user, and password. i don't know if you are using tacacs or radius to authenticate to switches. If using tacacs you might have to configure autoenable also if the 2626 in question has been configured for logging specific users in enable mode. Chris On Sun, 6 Aug 2006, Lars Lystrup Christensen wrote: > Hi there > > > > Anyone got the correct settings for HP2626 switches? I'm not quite sure whether it should be hp or foundry and what the .cloginrc settings should be. > > > > ______________________________________ > > Med venlig hilsen / Kind regards > > Lars Lystrup Christensen > Network Engineer > > Danske Telecom A/S - Clearwire Denmark > Sundkrogsgade 13, 4 > 2100 K?benhavn ? > > llc at dansketelecom.com > +45 35 27 50 00 (Office) > +45 35 27 50 50 (Fax) > +45 35 27 50 23 (Direct) > +45 40 60 55 23 (Mobile) > > www.dansketelecom.com > > www.clearwire.dk > > > > > > From mark_scheuber at yahoo.com Tue Aug 8 15:20:23 2006 From: mark_scheuber at yahoo.com (mark_scheuber at yahoo.com) Date: Tue, 8 Aug 2006 08:20:23 -0700 (PDT) Subject: [rancid] Re: How to backup files on linux? - VMWare? In-Reply-To: <20060806132325.GA19648@panix.com> Message-ID: <20060808152023.34321.qmail@web52804.mail.yahoo.com> Hi, I just wanted to touch base and see if anyone had written a script for VMWare ESX servers? The wrapper would probably work, but ideally you'd have a config for each ESX server and then a directory full of the VM Hosts which can be migrated from server to server. Then there's the virtual switches, SAN setup, etc that's all server specific but needs to be uniform accross the ESX farm. The configs are all in text based conf files that you could scp to the Rancid box and then check in. It's on my list of things to do and I was hoping not to reinvent the wheel. If noone's done it I'll post it when I get around to it. Thanks, - Mark Ed Ravin wrote: On Sun, Aug 06, 2006 at 12:46:08PM +0200, Lars Lystrup Christensen wrote: > Anyone got scripts for importing files on linux boxes into rancid for > backup in CVS? The "wrapper rancid" patch might do what you want: http://www.shrubbery.net/pipermail/rancid-discuss/2005-November/001276.html _______________________________________________ Rancid-discuss mailing list Rancid-discuss at shrubbery.net http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss --------------------------------- Do you Yahoo!? Everyone is raving about the all-new Yahoo! Mail Beta. -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20060808/679d4a32/attachment.html From lllorente at amadeus.com Tue Aug 8 15:36:41 2006 From: lllorente at amadeus.com (Lourdes Llorente) Date: Tue, 8 Aug 2006 17:36:41 +0200 Subject: [rancid] Fw: Does rancid support cisco msfcs ? Message-ID: Hello, Rancid hangs and downloads just the half of the configuration of a cisco msfc . Has anyone experienced something similar ? Thanks -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20060808/f5be28dc/attachment.html From steve at smiller.org Tue Aug 8 19:06:43 2006 From: steve at smiller.org (Steve Miller) Date: Tue, 8 Aug 2006 13:06:43 -0600 Subject: [rancid] Re: Fw: Does rancid support cisco msfcs ? In-Reply-To: References: Message-ID: <20060808190350.M89539@smiller.org> How are you accessing the MSFC? via telnet directly or from the switch side. On Tue, 8 Aug 2006 17:36:41 +0200, Lourdes Llorente wrote > Hello, > > Rancid hangs and downloads just thehalf of the configuration of a cisco msfc . > Has anyone experienced something similar? > > Thanks -- Steve -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20060808/d92e3689/attachment.html From lllorente at amadeus.com Tue Aug 8 14:06:05 2006 From: lllorente at amadeus.com (Lourdes Llorente) Date: Tue, 8 Aug 2006 16:06:05 +0200 Subject: [rancid] Does rancid support cisco msfcs ? Message-ID: Rancid hangs and downloads just the half of the configuration of a cisco msfc . Has anyone experienced something similar ? Thanks -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20060808/6c7300ce/attachment.html From Todd at equivoice.com Wed Aug 9 18:45:28 2006 From: Todd at equivoice.com (Todd Heide) Date: Wed, 9 Aug 2006 13:45:28 -0500 Subject: [rancid] Got Rancid working, now what? Message-ID: <082FEA82DC985B4F8A6B412D5AC4E22031BB63@exchange.Equivoice.local> OK, I was able to do a test on a few devices successfully, but had to disable the sendmail lines in the config. The basic config that comes with the install of Rancid, does it have default settings on how long between polls, how many diffs to save, etc? Is there a better example for Cisco only that I can study? I had tested diff by changing a line on one router, and saw that it had picked up on it, but I did not see two copies in CVS, did I do something wrong, or am I looking in the wrong place? From JJackson at aninetworks.com Wed Aug 9 18:53:17 2006 From: JJackson at aninetworks.com (Joseph Jackson) Date: Wed, 9 Aug 2006 11:53:17 -0700 Subject: [rancid] Re: Got Rancid working, now what? Message-ID: You set the time to poll based on a cron job. Once RANCID see's a change it applies it to CVS and overwrights the old config. I don't know where to change that but it does store the complete configs in "/usr/local/rancid/var/routers/configs/" So you could always have something copy them out to another location after the RANCID run happens. Joseph > -----Original Message----- > From: rancid-discuss-bounces at shrubbery.net > [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Todd Heide > Sent: Wednesday, August 09, 2006 11:45 AM > To: rancid-discuss at shrubbery.net > Subject: [rancid] Got Rancid working, now what? > > OK, I was able to do a test on a few devices successfully, > but had to disable the sendmail lines in the config. The > basic config that comes with the install of Rancid, does it > have default settings on how long between polls, how many > diffs to save, etc? Is there a better example for Cisco only > that I can study? I had tested diff by changing a line on one > router, and saw that it had picked up on it, but I did not > see two copies in CVS, did I do something wrong, or am I > looking in the wrong place? > > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > From Todd at equivoice.com Wed Aug 9 19:06:10 2006 From: Todd at equivoice.com (Todd Heide) Date: Wed, 9 Aug 2006 14:06:10 -0500 Subject: [rancid] Re: Got Rancid working, now what? Message-ID: <082FEA82DC985B4F8A6B412D5AC4E22031BB6A@exchange.Equivoice.local> OH, so that is why I only saw one. Hmm, that kinda defeats the purpose for me. Place I worked for before used a similar system that made versions of the configurations in case someone fat fingered something, we could rollback, I was looking to do that with Rancid. Thanks Todd Heide Equivoice LLC 847-235-3308 -----Original Message----- From: Joseph Jackson [mailto:JJackson at aninetworks.com] Sent: Wednesday, August 09, 2006 1:53 PM To: Todd Heide; rancid-discuss at shrubbery.net Subject: RE: [rancid] Got Rancid working, now what? You set the time to poll based on a cron job. Once RANCID see's a change it applies it to CVS and overwrights the old config. I don't know where to change that but it does store the complete configs in "/usr/local/rancid/var/routers/configs/" So you could always have something copy them out to another location after the RANCID run happens. Joseph > -----Original Message----- > From: rancid-discuss-bounces at shrubbery.net > [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Todd Heide > Sent: Wednesday, August 09, 2006 11:45 AM > To: rancid-discuss at shrubbery.net > Subject: [rancid] Got Rancid working, now what? > > OK, I was able to do a test on a few devices successfully, > but had to disable the sendmail lines in the config. The > basic config that comes with the install of Rancid, does it > have default settings on how long between polls, how many > diffs to save, etc? Is there a better example for Cisco only > that I can study? I had tested diff by changing a line on one > router, and saw that it had picked up on it, but I did not > see two copies in CVS, did I do something wrong, or am I > looking in the wrong place? > > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > From heas at shrubbery.net Wed Aug 9 19:14:30 2006 From: heas at shrubbery.net (john heasley) Date: Wed, 9 Aug 2006 12:14:30 -0700 Subject: [rancid] Re: Got Rancid working, now what? In-Reply-To: <082FEA82DC985B4F8A6B412D5AC4E22031BB6A@exchange.Equivoice.local> References: <082FEA82DC985B4F8A6B412D5AC4E22031BB6A@exchange.Equivoice.local> Message-ID: <20060809191430.GJ15684@shrubbery.net> Wed, Aug 09, 2006 at 02:06:10PM -0500, Todd Heide: > OH, so that is why I only saw one. Hmm, that kinda defeats the purpose > for me. Place I worked for before used a similar system that made > versions of the configurations in case someone fat fingered something, > we could rollback, I was looking to do that with Rancid. you can do that. every config collected is saved in CVS. you can ANY one of them back with cvs. roughly: cvs -d ~rancid/CVS co -r1.1 -p group/configs/hostname > hostname.rev1.1 also go find cvsweb and install it. > Thanks > > Todd Heide > > Equivoice LLC > > > > 847-235-3308 > > -----Original Message----- > From: Joseph Jackson [mailto:JJackson at aninetworks.com] > Sent: Wednesday, August 09, 2006 1:53 PM > To: Todd Heide; rancid-discuss at shrubbery.net > Subject: RE: [rancid] Got Rancid working, now what? > > You set the time to poll based on a cron job. Once RANCID see's a > change it applies it to CVS and overwrights the old config. I don't > know where to change that but it does store the complete configs in > "/usr/local/rancid/var/routers/configs/" So you could always have > something copy them out to another location after the RANCID run > happens. > > > Joseph > > > > -----Original Message----- > > From: rancid-discuss-bounces at shrubbery.net > > [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Todd Heide > > Sent: Wednesday, August 09, 2006 11:45 AM > > To: rancid-discuss at shrubbery.net > > Subject: [rancid] Got Rancid working, now what? > > > > OK, I was able to do a test on a few devices successfully, > > but had to disable the sendmail lines in the config. The > > basic config that comes with the install of Rancid, does it > > have default settings on how long between polls, how many > > diffs to save, etc? Is there a better example for Cisco only > > that I can study? I had tested diff by changing a line on one > > router, and saw that it had picked up on it, but I did not > > see two copies in CVS, did I do something wrong, or am I > > looking in the wrong place? > > > > > > _______________________________________________ > > Rancid-discuss mailing list > > Rancid-discuss at shrubbery.net > > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss From JJackson at aninetworks.com Wed Aug 9 19:18:14 2006 From: JJackson at aninetworks.com (Joseph Jackson) Date: Wed, 9 Aug 2006 12:18:14 -0700 Subject: [rancid] Re: Got Rancid working, now what? Message-ID: Cool I didn't know that. I'm not really all that great on CVS stuff. > -----Original Message----- > From: rancid-discuss-bounces at shrubbery.net > [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of > john heasley > Sent: Wednesday, August 09, 2006 12:15 PM > To: Todd Heide > Cc: rancid-discuss at shrubbery.net > Subject: [rancid] Re: Got Rancid working, now what? > > Wed, Aug 09, 2006 at 02:06:10PM -0500, Todd Heide: > > OH, so that is why I only saw one. Hmm, that kinda defeats > the purpose > > for me. Place I worked for before used a similar system that made > > versions of the configurations in case someone fat fingered > something, > > we could rollback, I was looking to do that with Rancid. > > you can do that. every config collected is saved in CVS. > you can ANY one of them back with cvs. roughly: > cvs -d ~rancid/CVS co -r1.1 -p group/configs/hostname > > hostname.rev1.1 > > also go find cvsweb and install it. > > > Thanks > > > > Todd Heide > > > > Equivoice LLC > > > > > > > > 847-235-3308 > > > > -----Original Message----- > > From: Joseph Jackson [mailto:JJackson at aninetworks.com] > > Sent: Wednesday, August 09, 2006 1:53 PM > > To: Todd Heide; rancid-discuss at shrubbery.net > > Subject: RE: [rancid] Got Rancid working, now what? > > > > You set the time to poll based on a cron job. Once RANCID see's a > > change it applies it to CVS and overwrights the old config. > I don't > > know where to change that but it does store the complete configs in > > "/usr/local/rancid/var/routers/configs/" So you could always have > > something copy them out to another location after the RANCID run > > happens. > > > > > > Joseph > > > > > > > -----Original Message----- > > > From: rancid-discuss-bounces at shrubbery.net > > > [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Todd > > > Heide > > > Sent: Wednesday, August 09, 2006 11:45 AM > > > To: rancid-discuss at shrubbery.net > > > Subject: [rancid] Got Rancid working, now what? > > > > > > OK, I was able to do a test on a few devices > successfully, but had > > > to disable the sendmail lines in the config. The basic > config that > > > comes with the install of Rancid, does it have default > settings on > > > how long between polls, how many diffs to save, etc? Is there a > > > better example for Cisco only that I can study? I had > tested diff by > > > changing a line on one router, and saw that it had picked > up on it, > > > but I did not see two copies in CVS, did I do something > wrong, or am > > > I looking in the wrong place? > > > > > > > > > _______________________________________________ > > > Rancid-discuss mailing list > > > Rancid-discuss at shrubbery.net > > > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > > > > > _______________________________________________ > > Rancid-discuss mailing list > > Rancid-discuss at shrubbery.net > > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > From heas at shrubbery.net Thu Aug 10 07:29:36 2006 From: heas at shrubbery.net (john heasley) Date: Thu, 10 Aug 2006 00:29:36 -0700 Subject: [rancid] Force10 S-50 Message-ID: <20060810072936.GS9716@shrubbery.net> I worked with a user some time ago to try to fix collection problems with their Force10 S-50. Apparently there was a change to the UI from earlier s/w releases. Anyway, I do not have a Force10 and that user never replied to tell me whether this fixed the problem for them. I'd appreciate if someone could test this change with an S series, whether or not its collection currently fails. tia. Index: bin/f10rancid.in =================================================================== RCS file: /home/rancid/.CVS/rancid/bin/f10rancid.in,v retrieving revision 1.20 diff -d -u -r1.20 f10rancid.in --- bin/f10rancid.in 28 May 2006 22:28:05 -0000 1.20 +++ bin/f10rancid.in 28 May 2006 22:28:25 -0000 @@ -810,6 +810,7 @@ # This routine processes a "write term" sub WriteTerm { print STDERR " In WriteTerm: $_" if ($debug); + my($linecnt) = 0; while () { tr/\015//d; @@ -832,6 +833,7 @@ } tr/\015//d; } + $linecnt++; # some versions have other crap mixed in with the bits in the # block above /^! (Last configuration|NVRAM config last)/ && next; @@ -1033,6 +1035,14 @@ return(1); } } + + # The Force10 S-50 lacks a definitive "end of config" marker. If we have + # seen at least 5 lines of write term o/p, we can be reasonably sure that + # we got the config. + if ($linecnt > 5) { + $found_end = 1; + return(1); + } return(0); } From heas at shrubbery.net Thu Aug 10 07:35:24 2006 From: heas at shrubbery.net (john heasley) Date: Thu, 10 Aug 2006 00:35:24 -0700 Subject: [rancid] Motorola BSR 64000 support Message-ID: <20060810073524.GT9716@shrubbery.net> Again, I worked with a user to add support for the Motorola BSR 64000, but never heard back about its successor failure. If there's anyone out there who has one and can give it a spin, it's included in: ftp://ftp.shrubbery.net/pub/rancid/rancid-fbulk.tar.gz Use device type "motorola" and please let me know how it goes. Cheers. From heas at shrubbery.net Sat Aug 12 03:04:28 2006 From: heas at shrubbery.net (john heasley) Date: Fri, 11 Aug 2006 20:04:28 -0700 Subject: [rancid] Re: Rancid and APC devices In-Reply-To: References: Message-ID: <20060812030428.GV21875@shrubbery.net> Mon, Jul 24, 2006 at 12:19:38PM +0100, Mark Loveley: > Original email is here:- > http://www.shrubbery.net/pipermail/rancid-discuss/2005-October/ > 001235.html > > Just for confirmation, I've just added the APC module our 2.3.1 > rancid install > and have no problems pulling the config from a AP7951 model APC > device on a debian (sarge) linux box. > No changes to the code were needed. > > Only point of note is that clogin errors as it does not recognize the > ftp method. > I'd say get this added as a permanent rancid module :) The only APC PCU that I have which supports ftp does not make it's config available via ftp. But, more to the point, it does not support passive ftp. Does the AP7951 support passive? or will autoconf goo be necessary to find the ftp option to disable passive. From mjones at mnsi.net Mon Aug 14 18:56:48 2006 From: mjones at mnsi.net (Mark Jones) Date: Mon, 14 Aug 2006 14:56:48 -0400 Subject: [rancid] wrapper rancid Message-ID: <00a201c6bfd3$656dd7e0$4304a8c0@LONDONLAPTOP> Has anyone taken this proof of concept script from last fall and run with it in a working environment? Mark Jones London Operations Managed Network Systems 171 Queens Ave Suite 515 London Ontario N6A 5J7 519-679-5207 -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20060814/2281f26f/attachment.html From chen_daniel at emc.com Mon Aug 14 20:58:31 2006 From: chen_daniel at emc.com (chen_daniel at emc.com) Date: Mon, 14 Aug 2006 16:58:31 -0400 Subject: [rancid] inconsistent login with Extreme XOS 11.3.4.5 on BD8810 Message-ID: Rancid 2.3.1 and 2.3.2a5 configured to use extreme. ## $Id: xrancid.in,v 1.40 2006/05/28 16:38:53 heas Exp $ ## $Id: clogin.in,v 1.99 2006/08/10 07:00:30 heas Exp $ It works against the Summit 400-48i and Black Diamond 6808 both ExtremeWare, but I am having trouble with my one XOS Black Diamond 8806. It feels like timing issues. I will see if I can dig up another XOS platform such as a Summit 450-24i or Black Diamond 10808. [rancid at dvt145172 bin]$ clogin -t 90 -c "show ver" 172.24.184.157 172.24.184.157 spawn telnet 172.24.184.157 Trying 172.24.184.157... Connected to 172.24.184.157 (172.24.184.157). Escape character is '^]'. telnet session telnet1 on /dev/ptyb1 login: admin password: Login incorrect { at this point clogin transmits the password. Repeating the exact same test gives different results. [rancid at dvt145172 bin]$ clogin -t 90 -c "show ver" 172.24.184.157 172.24.184.157 spawn telnet 172.24.184.157 Trying 172.24.184.157... Connected to 172.24.184.157 (172.24.184.157). Escape character is '^]'. telnet session telnet1 on /dev/ptyb1 login: admin password: Login incorrect login: admin password: ExtremeWare XOS Copyright (C) 2000-2005 Extreme Networks. All rights reserved. Protected by US Patent Nos: 6,678,248; 6,104,700; 6,766,482; 6,618,388; 6,034,957; 6,859,438. ======================================================================== ====== Press the or '?' key at any time for completions. Remember to save your configuration changes. * switch_57.1 # * switch_57.1 # show ver Chassis : 800129-00-05 04505-02346 Rev 5.0 Slot-1 : 800113-00-11 05245-00372 Rev 11.0 BootROM: 1.0.1.2 IMG: 11.3.4.5 Slot-2 : 800113-00-06 04455-00510 Rev 6.0 BootROM: 1.0.1.0 IMG: 11.3.4.5 Slot-3 : 800113-00-06 04485-00988 Rev 6.0 BootROM: 1.0.1.0 IMG: 11.3.4.5 Slot-4 : 800113-00-06 04455-00640 Rev 6.0 BootROM: 1.0.1.0 IMG: 11.3.4.5 Slot-5 : 800112-00-08 05065-00485 Rev 8.0 BootROM: 1.0.1.0 IMG: 11.3.4.5 Slot-6 : 800112-00-08 04525-01646 Rev 8.0 BootROM: 1.0.1.0 IMG: 11.3.4.5 Slot-7 : 800113-00-10 05155-02515 Rev 10.0 BootROM: 1.0.1.2 IMG: 11.3.4.5 Slot-8 : 800113-00-06 04455-00635 Rev 6.0 BootROM: 1.0.1.0 IMG: 11.3.4.5 Slot-9 : 800113-00-06 04455-00607 Rev 6.0 BootROM: 1.0.1.0 IMG: 11.3.4.5 Slot-10 : 800113-00-06 04485-00997 Rev 6.0 BootROM: 1.0.1.0 IMG: 11.3.4.5 MSM-A : 800112-00-08 05065-00485 Rev 8.0 BootROM: 1.0.1.1 IMG: 11.3.4.5 MSM-B : 800112-00-08 04525-01646 Rev 8.0 BootROM: 1.0.1.1 IMG: 11.3.4.5 PSUCTRL-1 : 450117-00-03 04445-01585 Rev 3.0 BootROM: 2.8 IMG: PSUCTRL-2 : 450117-00-03 04445-01473 Rev 3.0 BootROM: 2.8 IMG: Image : ExtremeWare XOS version 11.3.4.5 v1134b5 by release-manager on Thu Jun 8 15:29:16 PDT 2006 BootROM : 1.0.1.1 * switch_57.2 #quit Do you wish to save your configuration changes to primary.cfg? (y/n) No Connection closed by foreign host. -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20060814/10b890bd/attachment.html From heas at shrubbery.net Mon Aug 14 21:30:01 2006 From: heas at shrubbery.net (john heasley) Date: Mon, 14 Aug 2006 14:30:01 -0700 Subject: [rancid] Re: inconsistent login with Extreme XOS 11.3.4.5 on BD8810 In-Reply-To: References: Message-ID: <20060814213001.GW1974@shrubbery.net> Mon, Aug 14, 2006 at 04:58:31PM -0400, chen_daniel at emc.com: > > > Rancid 2.3.1 and 2.3.2a5 configured to use extreme. > > ## $Id: xrancid.in,v 1.40 2006/05/28 16:38:53 heas Exp $ > > ## $Id: clogin.in,v 1.99 2006/08/10 07:00:30 heas Exp $ > > It works against the Summit 400-48i and Black Diamond 6808 both > ExtremeWare, but I am having trouble with my one XOS Black Diamond 8806. > It feels like timing issues. I will see if I can dig up another XOS > platform such as a Summit 450-24i or Black Diamond 10808. Dollars to donuts, this is your extreme being completely stoopid. which is expected. Have you tried ssh instead of telnet? not that I expect that to be any better. Start hassling extreme support or return the POS and get a better switch. > > > > > > > [rancid at dvt145172 bin]$ clogin -t 90 -c "show ver" 172.24.184.157 > > 172.24.184.157 > > spawn telnet 172.24.184.157 > > Trying 172.24.184.157... > > Connected to 172.24.184.157 (172.24.184.157). > > Escape character is '^]'. > > > > telnet session telnet1 on /dev/ptyb1 > > > > login: admin > > password: > > > > Login incorrect > > { at this point clogin transmits the password. > > > > Repeating the exact same test gives different results. > > [rancid at dvt145172 bin]$ clogin -t 90 -c "show ver" 172.24.184.157 > > 172.24.184.157 > > spawn telnet 172.24.184.157 > > Trying 172.24.184.157... > > Connected to 172.24.184.157 (172.24.184.157). > > Escape character is '^]'. > > > > telnet session telnet1 on /dev/ptyb1 > > > > login: admin > > password: > > > > Login incorrect > > login: admin > > password: > > > > ExtremeWare XOS > > Copyright (C) 2000-2005 Extreme Networks. All rights reserved. > > Protected by US Patent Nos: 6,678,248; 6,104,700; 6,766,482; 6,618,388; > 6,034,957; 6,859,438. > > ======================================================================== > ====== > > > > Press the or '?' key at any time for completions. > > Remember to save your configuration changes. > > > > * switch_57.1 # > > * switch_57.1 # show ver > > > > Chassis : 800129-00-05 04505-02346 Rev 5.0 > > Slot-1 : 800113-00-11 05245-00372 Rev 11.0 BootROM: 1.0.1.2 IMG: > 11.3.4.5 > > Slot-2 : 800113-00-06 04455-00510 Rev 6.0 BootROM: 1.0.1.0 IMG: > 11.3.4.5 > > Slot-3 : 800113-00-06 04485-00988 Rev 6.0 BootROM: 1.0.1.0 IMG: > 11.3.4.5 > > Slot-4 : 800113-00-06 04455-00640 Rev 6.0 BootROM: 1.0.1.0 IMG: > 11.3.4.5 > > Slot-5 : 800112-00-08 05065-00485 Rev 8.0 BootROM: 1.0.1.0 IMG: > 11.3.4.5 > > Slot-6 : 800112-00-08 04525-01646 Rev 8.0 BootROM: 1.0.1.0 IMG: > 11.3.4.5 > > Slot-7 : 800113-00-10 05155-02515 Rev 10.0 BootROM: 1.0.1.2 IMG: > 11.3.4.5 > > Slot-8 : 800113-00-06 04455-00635 Rev 6.0 BootROM: 1.0.1.0 IMG: > 11.3.4.5 > > Slot-9 : 800113-00-06 04455-00607 Rev 6.0 BootROM: 1.0.1.0 IMG: > 11.3.4.5 > > Slot-10 : 800113-00-06 04485-00997 Rev 6.0 BootROM: 1.0.1.0 IMG: > 11.3.4.5 > > MSM-A : 800112-00-08 05065-00485 Rev 8.0 BootROM: 1.0.1.1 IMG: > 11.3.4.5 > > MSM-B : 800112-00-08 04525-01646 Rev 8.0 BootROM: 1.0.1.1 IMG: > 11.3.4.5 > > PSUCTRL-1 : 450117-00-03 04445-01585 Rev 3.0 BootROM: 2.8 IMG: > > PSUCTRL-2 : 450117-00-03 04445-01473 Rev 3.0 BootROM: 2.8 IMG: > > > > Image : ExtremeWare XOS version 11.3.4.5 v1134b5 by release-manager > > on Thu Jun 8 15:29:16 PDT 2006 > > BootROM : 1.0.1.1 > > * switch_57.2 #quit > > Do you wish to save your configuration changes to primary.cfg? (y/n) No > > Connection closed by foreign host. > > > > > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss From ted at impulse.net Mon Aug 14 20:49:26 2006 From: ted at impulse.net (Ted Cabeen) Date: Mon, 14 Aug 2006 13:49:26 -0700 Subject: [rancid] rancid script for adtran 900 series routers Message-ID: <87ac673uw9.fsf@gray.impulse.net> Enclosed is a script to allow adtran 900 series routers to be used with rancid. Adtran 900s are very cisco-like, so this is mainly a heavily redacted version of the main cisco rancid script, with the show version section changed to support the adtran results. Would it be possible to get this added to the distribution? ---Begin adrancid--- #! /usr/bin/perl5 ## ## $Id: adrancid.in,v 1.172 2004/03/14 16:57:05 heas Exp $ ## ## Copyright (C) 1997-2004 by Terrapin Communications, Inc. ## All rights reserved. ## ## This software may be freely copied, modified and redistributed ## without fee for non-commerical purposes provided that this license ## remains intact and unmodified with any RANCID distribution. ## ## There is no warranty or other guarantee of fitness of this software. ## It is provided solely "as is". The author(s) disclaim(s) all ## responsibility and liability with respect to this software's usage ## or its effect upon hardware, computer systems, other software, or ## anything else. ## ## Except where noted otherwise, rancid was written by and is maintained by ## Henry Kilmer, John Heasley, Andrew Partan, Pete Whiting, and Austin Schutz. ## ## Adtran changes written by Ted Cabeen. # # RANCID - Really Awesome New Cisco confIg Differ # # usage: rancid [-d] [-l] [-f filename | $host] # use Getopt::Std; getopts('dfl'); $log = $opt_l; $debug = $opt_d; $file = $opt_f; $host = $ARGV[0]; $clean_run = 0; $found_end = 0; $timeo = 90; # clogin timeout in seconds my(%filter_pwds); # password filtering mode # This routine is used to print out the router configuration sub ProcessHistory { my($new_hist_tag,$new_command,$command_string, at string)=(@_); if((($new_hist_tag ne $hist_tag) || ($new_command ne $command)) && defined %history) { print eval "$command \%history"; undef %history; } if (($new_hist_tag) && ($new_command) && ($command_string)) { if ($history{$command_string}) { $history{$command_string} = "$history{$command_string}@string"; } else { $history{$command_string} = "@string"; } } elsif (($new_hist_tag) && ($new_command)) { $history{++$#history} = "@string"; } else { print "@string"; } $hist_tag = $new_hist_tag; $command = $new_command; 1; } sub numerically { $a <=> $b; } # This is a sort routing that will sort numerically on the # keys of a hash as if it were a normal array. sub keynsort { local(%lines)=@_; local($i) = 0; local(@sorted_lines); foreach $key (sort numerically keys(%lines)) { $sorted_lines[$i] = $lines{$key}; $i++; } @sorted_lines; } # This is a sort routing that will sort on the # keys of a hash as if it were a normal array. sub keysort { local(%lines)=@_; local($i) = 0; local(@sorted_lines); foreach $key (sort keys(%lines)) { $sorted_lines[$i] = $lines{$key}; $i++; } @sorted_lines; } # This is a sort routing that will sort on the # values of a hash as if it were a normal array. sub valsort{ local(%lines)=@_; local($i) = 0; local(@sorted_lines); foreach $key (sort values %lines) { $sorted_lines[$i] = $key; $i++; } @sorted_lines; } # This is a numerical sort routing (ascending). sub numsort { local(%lines)=@_; local($i) = 0; local(@sorted_lines); foreach $num (sort {$a <=> $b} keys %lines) { $sorted_lines[$i] = $lines{$num}; $i++; } @sorted_lines; } # This is a sort routine that will sort on the # ip address when the ip address is anywhere in # the strings. sub ipsort { local(%lines)=@_; local($i) = 0; local(@sorted_lines); foreach $addr (sort sortbyipaddr keys %lines) { $sorted_lines[$i] = $lines{$addr}; $i++; } @sorted_lines; } # These two routines will sort based upon IP addresses sub ipaddrval { my(@a) = ($_[0] =~ m#^(\d+)\.(\d+)\.(\d+)\.(\d+)$#); $a[3]+256*($a[2]+256*($a[1]+256*$a[0])); } sub sortbyipaddr { &ipaddrval($a) <=> &ipaddrval($b); } # This routine parses "show version" sub ShowVersion { print STDERR " In ShowVersion: $_" if ($debug); my($slaveslot); while () { tr/\015//d; last if(/^$prompt/); next if(/^(\s*|\s*$cmd\s*)$/); return(-1) if (/command authorization failed/i); # the pager can not be disabled per-session on the PIX s/^<-+ More -+>\s*//; if (/^Slave in slot (\d+) is running/) { $slave = " Slave:"; $slaveslot = ", slot $1"; next; } /^ADTRAN,.* version\s+(.*)$/ && ProcessHistory("COMMENTS","keysort","F1", "!Image: Software: $1\n") && next; /^Checksum: (.{8}), built on: (.*)$/ && ProcessHistory("COMMENTS","keysort","F2", "!Image: Checksum $1, Compiled: $2\n") && next; /^Boot ROM version (.*)$/ && ProcessHistory("COMMENTS","keysort","G1", "!ROM version: $1\n") && next; /^Checksum: (\d{4}), built on: (.*)$/ && ProcessHistory("COMMENTS","keysort","G2", "!ROM: Checksum $1, Compiled: $2\n") && next; if (/^Platform:\s+(.*), part number (.*), CLEI code is (.*)$/) { ProcessHistory("COMMENTS","keysort","A1", "!Platform: $1\n"); ProcessHistory("COMMENTS","keysort","A2", "!Part Number: $2, CLEI $3\n") && next; } /^Serial number\s+(.*)$/ && ProcessHistory("COMMENTS","keysort","C1", "!Serial Number: $1\n") && next; /^ DSP version: (.*)$/ && ProcessHistory("COMMENTS","keysort","C2", "!DSP: version $1\n") && next; /^Flash: (\d+) bytes\s+DRAM: (\d+) bytes$/ && ProcessHistory("COMMENTS","keysort","B1", "!Memory: bootflash $1, RAM $2\n") && next; /^Current system image file is "(.*)"$/ && ProcessHistory("COMMENTS","keysort","F3", "!Image: $1\n") && next; /^Primary boot system image file is "(.*)"$/ && ProcessHistory("COMMENTS","keysort","F4", "!Image: Primary Boot: $1\n") && next; /^Backup boot system image file is "(.*)"$/ && ProcessHistory("COMMENTS","keysort","F5", "!Image: Secondary Boot: $1\n") && next; /^Primary system configuration file is "(.*)"$/ && ProcessHistory("COMMENTS","keysort","E1", "!Configuration: $1\n") && next; } return(0); } # This routine parses "show flash" sub ShowFlash { # skip if this is 7000, 7200, 7500, or 12000; else we end up with # redundant data from dir /all slot0: print STDERR " In ShowFlash: $_" if ($debug); while () { tr/\015//d; last if (/^$prompt/); next if (/^(\s*|\s*$cmd\s*)$/); return(1) if ($type =~ /^(12[40]|7)/); return(1) if /^\s*\^\s*$/; ProcessHistory("FLASH","","","!Flash: $_"); } ProcessHistory("","","","!\n"); return; } # This routine processes a "write term" sub WriteTerm { print STDERR " In WriteTerm: $_" if ($debug); my($lineauto,$comment,$linecnt) = (0,0,0); while () { tr/\015//d; last if(/^$prompt/); return(0) if ($found_end); # Only do this routine once $linecnt++; $lineauto = 0 if (/^[^ ]/); # skip the crap if (/^(##+$|(Building|Current) configuration)/i) { while () { next if (/^Current configuration\s*:/i); next if (/^:/); next if (/^([%!].*|\s*)$/); last; } tr/\015//d; } # skip consecutive comment lines to avoid oscillating extra comment # line on some access servers. grrr. if (/^!/) { next if ($comment); ProcessHistory("","","",$_); $comment++; next; } $comment = 0; # Dog gone Cool matches to process the rest of the config /^ntp clock-period / && next; # kill ntp clock-period /^ length / && next; # kill length on serial lines /^ width / && next; # kill width on serial lines $lineauto = 1 if /^ modem auto/; /^ speed / && $lineauto && next; # kill speed on serial lines /^ clockrate / && next; # kill clockrate on serial interfaces if (/^(enable )?(password|passwd) / && $filter_pwds >= 1) { ProcessHistory("ENABLE","","","!$1$2 \n"); next; } # filter out any RCS/CVS tags to avoid confusing local CVS storage s/\$(Revision|Id):/ $1:/; # order access-lists /^ip access-list\s+(\d\d?)\s+(\S+)\s+(\S+)/ && ProcessHistory("ACL $1 $2","ipsort","$3","$_") && next; # order extended access-lists /^ip access-list\s+(\d\d\d)\s+(\S+)\s+ip\s+host\s+(\S+)/ && ProcessHistory("EACL $1 $2","ipsort","$3","$_") && next; /^ip access-list\s+(\d\d\d)\s+(\S+)\s+ip\s+(\d\S+)/ && ProcessHistory("EACL $1 $2","ipsort","$3","$_") && next; /^ip access-list\s+(\d\d\d)\s+(\S+)\s+ip\s+any/ && ProcessHistory("EACL $1 $2","ipsort","0.0.0.0","$_") && next; /^ip prefix-list\s+(\S+)\s+seq\s+(\d+)\s+(permit|deny)\s+(\d\S+)(\/.*)$/ && ProcessHistory("PACL $1 $3","ipsort","$4","ip prefix-list $1 $3 $4$5\n") && next; # order logging statements /^logging (\d+\.\d+\.\d+\.\d+)/ && ProcessHistory("LOGGING","ipsort","$1","$_") && next; # order/prune snmp-server host statements # we only prune lines of the form # snmp-server host a.b.c.d if (/^snmp-server host (\d+\.\d+\.\d+\.\d+) /) { if (defined($ENV{'NOCOMMSTR'})) { my($ip) = $1; my($line) = "snmp-server host $ip"; my(@tokens) = split(' ', $'); my($token); while ($token = shift(@tokens)) { if ($token eq 'version') { $line .= " " . join(' ', ($token, shift(@tokens))); } elsif ($token =~ /^(informs?|traps?|(no)?auth)$/) { $line .= " " . $token; } else { $line = "!$line " . join(' ', ("", join(' ', at tokens))); last; } } ProcessHistory("SNMPSERVERHOST","ipsort","$ip","$line\n"); } else { ProcessHistory("SNMPSERVERHOST","ipsort","$1","$_"); } next; } if (/^(snmp-server community) (\S+)/) { if (defined($ENV{'NOCOMMSTR'})) { ProcessHistory("SNMPSERVERCOMM","keysort","$_","!$1 $'") && next; } else { ProcessHistory("SNMPSERVERCOMM","keysort","$_","$_") && next; } } # order alias statements /^alias / && ProcessHistory("ALIAS","keysort","$_","$_") && next; # order ntp peers/servers if (/^ntp (server|peer) (\d+)\.(\d+)\.(\d+)\.(\d+)/) { $sortkey = sprintf("$1 %03d%03d%03d%03d",$2,$3,$4,$5); ProcessHistory("NTP","keysort",$sortkey,"$_"); next; } # order ip host statements /^ip host (\S+) / && ProcessHistory("IPHOST","keysort","$1","$_") && next; # order ip nat source static statements /^ip nat (\S+) source static (\S+)/ && ProcessHistory("IP NAT $1","ipsort","$2","$_") && next; # order atm map-list statements /^\s+ip\s+(\d+\.\d+\.\d+\.\d+)\s+atm-vc/ && ProcessHistory("ATM map-list","ipsort","$1","$_") && next; # order ip rcmd lines /^ip rcmd/ && ProcessHistory("RCMD","keysort","$_","$_") && next; # catch anything that wasnt matched above. ProcessHistory("","","","$_"); # end of config. the ": " game is for the PIX if (/^end$/) { $found_end = 1; return(1); } } return(0); } # dummy function sub DoNothing {print STDOUT;} # Main %commands=( 'show version' => "ShowVersion", 'show flash' => "ShowFlash", 'show running-config' => "WriteTerm", 'write term' => "WriteTerm" ); # keys() doesnt return things in the order entered and the order of the # cmds is important (show version first and write term last). pita @commands=( "show version", "show flash", "show running-config", "write term" ); $cisco_cmds=join(";", at commands); $cmds_regexp=join("|", at commands); open(OUTPUT,">$host.new") || die "Can't open $host.new for writing: $!\n"; select(OUTPUT); # make OUTPUT unbuffered if debugging if ($debug) { $| = 1; } if ($file) { print STDERR "opening file $host\n" if ($debug); print STDOUT "opening file $host\n" if ($log); open(INPUT,"<$host") || die "open failed for $host: $!\n"; } else { print STDERR "executing clogin -t $timeo -c\"$cisco_cmds\" $host\n" if ($debug); print STDOUT "executing clogin -t $timeo -c\"$cisco_cmds\" $host\n" if ($log); if (defined($ENV{NOPIPE})) { system "clogin -t $timeo -c \"$cisco_cmds\" $host $host.raw 2>&1" || die "clogin failed for $host: $!\n"; open(INPUT, "< $host.raw") || die "clogin failed for $host: $!\n"; } else { open(INPUT,"clogin -t $timeo -c \"$cisco_cmds\" $host ) { tr/\015//d; if (/[>#]\s?exit$/) { $clean_run=1; last; } if (/^Error:/) { print STDOUT ("$host clogin error: $_"); print STDERR ("$host clogin error: $_") if ($debug); $clean_run=0; last; } while (/#\s*($cmds_regexp)\s*$/) { $cmd = $1; if (!defined($prompt)) { $prompt = ($_ =~ /^([^#]+#)/)[0]; $prompt =~ s/([][}{)(\\])/\\$1/g; print STDERR ("PROMPT MATCH: $prompt\n") if ($debug); } print STDERR ("HIT COMMAND:$_") if ($debug); if (! defined($commands{$cmd})) { print STDERR "$host: found unexpected command - \"$cmd\"\n"; $clean_run = 0; last TOP; } $rval = &{$commands{$cmd}}; delete($commands{$cmd}); if ($rval == -1) { $clean_run = 0; last TOP; } } } print STDOUT "Done $logincmd: $_\n" if ($log); # Flush History ProcessHistory("","","",""); # Cleanup close(INPUT); close(OUTPUT); if (defined($ENV{NOPIPE})) { unlink("$host.raw") if (! $debug); } # check for completeness if (scalar(%commands) || !$clean_run || !$found_end) { if (scalar(%commands)) { printf(STDOUT "$host: missed cmd(s): %s\n", join(',', keys(%commands))); printf(STDERR "$host: missed cmd(s): %s\n", join(',', keys(%commands))) if ($debug); } if (!$clean_run || !$found_end) { print STDOUT "$host: End of run not found\n"; print STDERR "$host: End of run not found\n" if ($debug); system("/usr/bin/tail -1 $host.new"); } unlink "$host.new" if (! $debug); } ---end adrancid--- -- Ted Cabeen http://www.cabeen.org ted at cabeen.org Check Website or Keyserver for PGP/GPG Key 0xBA0349D2 ted at impulse.net "I have taken all knowledge to be my province." -F. Bacon secabeen at cabeen.org "Human kind cannot bear very much reality." -T.S.Eliot secabeen at gmail.com From chen_daniel at emc.com Mon Aug 14 21:45:47 2006 From: chen_daniel at emc.com (chen_daniel at emc.com) Date: Mon, 14 Aug 2006 17:45:47 -0400 Subject: [rancid] Re: inconsistent login with Extreme XOS 11.3.4.5 on BD8810 In-Reply-To: <20060814213001.GW1974@shrubbery.net> Message-ID: John, Probably true about Extreme XOS being very sensitive to buffers inputs. Currently I don't have the ssh versions of the Extreme code online. Rancid appears to work with local 'admin' account for BD6808 and Summit 400-48i all over Telnet. BD6808: 7.3.2.3 and 7.5.2.6 Summit 400-48: 7.2e.1 My Extreme gear code appears to be out-of-date. I will need to schedule some code upgrades soon. Previous to Rancid, I had a series of scripts that reported the versions of code for my Cisco Catalyst switches, I just didn't have the priority to translate it for Extreme switches. 172.24.184.109:#Image: Extremeware Version 7.3.2.3 [non-ssh] [wlan] 172.24.184.115:#Image: Extremeware Version 7.2e.1 (Build 11) branch.SR2-r2 [ssh] 172.24.184.119:#Image: Extremeware Version 7.5.2.6 [ssh] [wlan] 172.24.184.120:#Image: Extremeware Version 7.3.2.3 [non-ssh] [wlan] 172.24.184.140:#Image: Extremeware Version 7.3.2.3 [non-ssh] [wlan] 172.24.184.141:#Image: Extremeware Version 7.2e.1 (Build 11) branch.SR2-r2 [ssh] 172.24.184.142:#Image: Extremeware Version 7.2e.1 (Build 11) branch.SR2-r2 [ssh] 172.24.184.145:#Image: Extremeware Version 7.3.2.3 [non-ssh] [wlan] 172.24.184.154:#Image: Extremeware Version 7.2e.1 (Build 11) branch.SR2-r2 [ssh] > -----Original Message----- > From: john heasley [mailto:heas at shrubbery.net] > Sent: Monday, August 14, 2006 5:30 PM > To: chen, daniel > Cc: rancid-discuss at shrubbery.net > Subject: Re: [rancid] inconsistent login with Extreme XOS 11.3.4.5 on > BD8810 > > Mon, Aug 14, 2006 at 04:58:31PM -0400, chen_daniel at emc.com: > > > > > > Rancid 2.3.1 and 2.3.2a5 configured to use extreme. > > > > ## $Id: xrancid.in,v 1.40 2006/05/28 16:38:53 heas Exp $ > > > > ## $Id: clogin.in,v 1.99 2006/08/10 07:00:30 heas Exp $ > > > > It works against the Summit 400-48i and Black Diamond 6808 both > > ExtremeWare, but I am having trouble with my one XOS Black Diamond 8806. > > It feels like timing issues. I will see if I can dig up another XOS > > platform such as a Summit 450-24i or Black Diamond 10808. > > Dollars to donuts, this is your extreme being completely stoopid. which > is > expected. Have you tried ssh instead of telnet? not that I expect that > to > be any better. Start hassling extreme support or return the POS and get a > better switch. > From mstefani at redhat.com Tue Aug 15 08:50:35 2006 From: mstefani at redhat.com (Michael Stefaniuc) Date: Tue, 15 Aug 2006 10:50:35 +0200 Subject: [rancid] Re: wrapper rancid In-Reply-To: <00a201c6bfd3$656dd7e0$4304a8c0@LONDONLAPTOP> References: <00a201c6bfd3$656dd7e0$4304a8c0@LONDONLAPTOP> Message-ID: <44E18ADB.9090607@redhat.com> Mark Jones wrote: > Has anyone taken this proof of concept script from last fall and run with it in a working environment? Yes, i've run it for a while. Not at the moment though as i moved the service to a new proper installed box and didn't had the time yet to make the vpn3k script to get the passwords out of the .cloginrc file instead of having them directly hard coded in. bye michael -- Michael Stefaniuc Tel.: +49-711-96437-199 Sr. Network Engineer Fax.: +49-711-96437-111 Red Hat GmbH Email: mstefani at redhat.com Hauptstaetterstr. 58 http://www.redhat.de/ D-70178 Stuttgart From mstefani at redhat.com Wed Aug 16 09:58:49 2006 From: mstefani at redhat.com (Michael Stefaniuc) Date: Wed, 16 Aug 2006 11:58:49 +0200 Subject: [rancid] 2.3.2a5: CatOS ssh race Message-ID: <44E2EC59.1000003@redhat.com> Hello, i'm testing now 2.3.2a5 and the CatOS ssh race workaround is still needed. Though the 'send -h "exit"' made the patch an one liner. bye michael -- Michael Stefaniuc Tel.: +49-711-96437-199 Sr. Network Engineer Fax.: +49-711-96437-111 Red Hat GmbH Email: mstefani at redhat.com Hauptstaetterstr. 58 http://www.redhat.de/ D-70178 Stuttgart -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: rancid-CatOS-ssh-race.patch Url: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20060816/c2308f91/attachment.ksh From mstefani at redhat.com Thu Aug 17 11:23:23 2006 From: mstefani at redhat.com (Michael Stefaniuc) Date: Thu, 17 Aug 2006 13:23:23 +0200 Subject: [rancid] 2.3.2.a5: Cat2948s do not have "show inventory" Message-ID: <44E451AB.9050309@redhat.com> The Cisco Catalyst 2948 switches (WS-C2948G and WS-C2948G-GE-TX) do not have the "show inventory" command. The attached patch prevents the line Unknown command "show inventory". Use 'show help' for more info. to be added to the saved config file of those devices. bye michael -- Michael Stefaniuc Tel.: +49-711-96437-199 Sr. Network Engineer Fax.: +49-711-96437-111 Red Hat GmbH Email: mstefani at redhat.com Hauptstaetterstr. 58 http://www.redhat.de/ D-70178 Stuttgart -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: rancid-2.3.2a5-Cat2948-sh-inv.diff Url: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20060817/88594dfd/attachment.ksh From llc at dansketelecom.com Thu Aug 17 20:02:13 2006 From: llc at dansketelecom.com (Lars Lystrup Christensen) Date: Thu, 17 Aug 2006 22:02:13 +0200 Subject: [rancid] dealing with pager Message-ID: <5DCC4AA34F470741B0CAE586CC8C8BB3CDAE75@exchange.office.dansketelecom.com> Hi there I'm trying to create my own login-file for rancid. So far I've managed to create the login so it logs in to my equipment and I'm able to pass a command to the equipment using the "-x" option. One of the commands for the equipment is displaying the complete config, but it usually only displays one page at a time, then displaying a "hit any key to continue". ----- output sample ------------------------------- local sla => 100-100 local vlan => 1 local voip address => 0.0.0.0 local voip state => enabled ---- Hit any key to continue ---- ----- output sample ------------------------------- I'm wondering how to "hit any key" and what to put into my login file. Hope somebody can help me... ______________________________________ Med venlig hilsen / Kind regards Lars Lystrup Christensen Network Engineer Danske Telecom A/S - Clearwire Denmark Sundkrogsgade 13, 4 2100 K?benhavn ? llc at dansketelecom.com +45 35 27 50 00 (Office) +45 35 27 50 50 (Fax) +45 35 27 50 23 (Direct) +45 40 60 55 23 (Mobile) www.dansketelecom.com www.clearwire.dk -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20060817/c4962ed0/attachment.html From bmurphy at lucent.com Thu Aug 17 23:43:49 2006 From: bmurphy at lucent.com (Murphy, Barry (Barry)) Date: Fri, 18 Aug 2006 09:43:49 +1000 Subject: [rancid] comments on a per version basis Message-ID: <3561A7F511A9D41195D900508BAE616802A51AB1@nz2001exch001u.anz.lucent.com> Hey guys, Just wondering if there is a possibility of adding comments to version changes, I'm thinking this is probably a cvsweb question and not rancid related, so please rather email me off list if you've done this. Thanks Barry Murphy Network Support Engineer Lucent Technologies * Bell Labs Innovations Level 13, 67 Symonds Street, Auckland. NEW ZEALAND Phone: +64 9 337 5533 Mobile: +64 27 4909-712 Fax: +64 9 337 5027 From mstefani at redhat.com Fri Aug 18 13:16:26 2006 From: mstefani at redhat.com (Michael Stefaniuc) Date: Fri, 18 Aug 2006 15:16:26 +0200 Subject: [rancid] 2.3.2a5: Do not print empty PID/VID/SN Message-ID: <44E5BDAA.1050607@redhat.com> Hello, the attached patch tries to deal with the saved config file bloat introduced by "show inventory raw" by not printing empty PID/VID/SN lines. The bloat is a problem on big modular switches with a couple of line cards in. bye michael -- Michael Stefaniuc Tel.: +49-711-96437-199 Sr. Network Engineer Fax.: +49-711-96437-111 Red Hat GmbH Email: mstefani at redhat.com Hauptstaetterstr. 58 http://www.redhat.de/ D-70178 Stuttgart -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: rancid-2.3.2a5-empty-pidvidsn.diff Url: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20060818/aac0b3d9/attachment.ksh From simon at limmat.switch.ch Fri Aug 18 15:03:51 2006 From: simon at limmat.switch.ch (Simon Leinen) Date: Fri, 18 Aug 2006 17:03:51 +0200 Subject: [rancid] Re: 2.3.2a5: Do not print empty PID/VID/SN In-Reply-To: <44E5BDAA.1050607@redhat.com> (Michael Stefaniuc's message of "Fri, 18 Aug 2006 15:16:26 +0200") References: <44E5BDAA.1050607@redhat.com> Message-ID: Michael Stefaniuc writes: > the attached patch tries to deal with the saved config file bloat > introduced by "show inventory raw" by not printing empty PID/VID/SN > lines. The bloat is a problem on big modular switches with a couple > of line cards in. We have many Catalyst 6500/7600 OSRs, and your patch really makes the RANCID-generated configuration files look *much* better. Thanks a lot! It would be great if this could be integrated into the RANCID mainline. -- Simon. From chen_daniel at emc.com Fri Aug 18 18:48:36 2006 From: chen_daniel at emc.com (chen_daniel at emc.com) Date: Fri, 18 Aug 2006 14:48:36 -0400 Subject: [rancid] Re: Success Monitoring with Extreme XOS 11.3.4.5 on BD8810 In-Reply-To: Message-ID: John, Good and Bad news. XOS SSH access is fine and very stable compared with telnet. I made some modifications to allow Rancid to monitor Extreme XOS 11.3.4.5 on BD8810. 1) Prompt recognition; Since XOS changed the prompt's look from : to .; xrancid didn't recognize when each command finished $prompt =~ s/[:.](\d+ ?)#/.\\d+ ?#/; 2) Since there is no tag line like "End of Configuration" in XOS as there was in ExtremeWare; my change unfortunately eliminates the detection of VRRP differences as this is the last section of the configuration file. As a customer of Extreme, I have asked the Systems Engineer to make the change in the way 'show config' ends the display of the configuration. if (/^# Module vrrp configuration./i) { Alternatively, the end of configuration detection for Extreme XOS rancid could be disabled temporarily until Extreme changes their 'show config' lack of "end of configuration" statement. 3) So for now, I also modified rancid-fe for a new type of router, XOS calling a modified version of xrancid as x2rancid. As xrancid should be used for the ExtremeWare. From gouldwp at auburn.edu Fri Aug 18 22:16:40 2006 From: gouldwp at auburn.edu (Walter Gould) Date: Fri, 18 Aug 2006 17:16:40 -0500 Subject: [rancid] Cisco 3750's Message-ID: <44E5F5F5.267C.00C8.0@auburn.edu> Anyone know why rancid might be hanging grabbing config's from Cisco 3750 switches? I keep seeing hung rancid processes and all of the switches are 3750's. I run clogin and the script logins to them fine. This is what I see when I show the processes: rancid 32398 1 0 12:42 ? 00:00:00 sh -c clogin -t 90 -c "show version;show redundancy secondary;show idprom backplane;show install active;show env all;show rsp chassis-info;show gsr chassis;show boot;show bootvar;show variables boot;show flash;dir /all nvram:;dir /all bootflash:;dir /all slot0:;dir /all disk0:;dir /all slot1:;dir /all disk1:;dir /all slot2:;dir /all disk2:;dir /all harddisk:;dir /all harddiska:;dir /all harddiskb:;dir /all sup-bootflash:;dir /all sup-microcode:;dir /all slavenvram:;dir /all slavebootflash:;dir /all slaveslot0:;dir /all slavedisk0:;dir /all slaveslot1:;dir /all slavedisk1:;dir /all slaveslot2:;dir /all slavedisk2:;dir /all slavesup-bootflash:;dir /all sec-nvram:;dir /all sec-bootflash:;dir /all sec-slot0:;dir /all sec-disk0:;dir /all sec-slot1:;dir /all sec-disk1:;dir /all sec-slot2:;dir /all sec-disk2:;show controllers;show controllers cbus;show diagbus;show diag;show module;show spe version;show c7200;show vtp status;show vlan;show running-config;write term" 10.4.152.70 References: <20060818231406.8752E11CE33@ni.shrubbery.net> Message-ID: <20060818233047.GR1808@shrubbery.net> Fri, Aug 18, 2006 at 02:48:36PM -0400, chen_daniel at emc.com: > John, > > Good and Bad news. > > XOS SSH access is fine and very stable compared with telnet. > > I made some modifications to allow Rancid to monitor Extreme XOS > 11.3.4.5 on BD8810. > 1) Prompt recognition; Since XOS changed the prompt's look from > : to .; xrancid didn't recognize > when each command finished > > $prompt =~ s/[:.](\d+ ?)#/.\\d+ ?#/; I believe this was fixed already. please try 2.3.2a5. > 2) Since there is no tag line like "End of Configuration" in XOS as > there was in ExtremeWare; my change unfortunately eliminates the > detection of VRRP differences as this is the last section of the > configuration file. As a customer of Extreme, I have asked the Systems > Engineer to make the change in the way 'show config' ends the display of > the configuration. > > if (/^# Module vrrp configuration./i) { > > Alternatively, the end of configuration detection for Extreme XOS rancid > could be disabled temporarily until Extreme changes their 'show config' > lack of "end of configuration" statement. Juniper, unfortunately, does not have a definitive end of configuration tag either. Cribbing from jrancid, does this patch work for XOS (the name I find comical, "[e]X-O/S") and Extreme OS? Index: xrancid.in =================================================================== RCS file: /home/rancid/.CVS/rancid/bin/xrancid.in,v retrieving revision 1.40 diff -d -u -r1.40 xrancid.in --- xrancid.in 28 May 2006 16:38:53 -0000 1.40 +++ xrancid.in 18 Aug 2006 21:58:01 -0000 @@ -269,6 +269,7 @@ # This routine processes a "write term" sub WriteTerm { + my($lines) = 0; print STDERR " In WriteTerm: $_" if ($debug); my($comment) = 1; # strip extra comments, esp to preserve chassis type @@ -296,6 +297,7 @@ } else { $comment = 0; } + $lines++; # Dog gone Cool matches to process the rest of the config # some chassis report their chassis type in show diag...oh, but @@ -367,6 +369,13 @@ return(0); } } + + if ($lines < 3) { + printf(STDERR "ERROR: $host configuration appears to be truncated.\n"); + $found_end = 0; + return(-1); + } + return(0); } From vince at litrium.com Sun Aug 20 06:19:57 2006 From: vince at litrium.com (Vince Hoang) Date: Sat, 19 Aug 2006 20:19:57 -1000 Subject: [rancid] [PATCH] subversion with rancid 2.3.2a5 Message-ID: <20060820061957.GC6201@litrium.com> Here is a small patch against rancid 2.3.2a5 for subversion related support to fix two problems when creating the initial repository and importing new groups. 1) When checking out a repository, you have to specify a hostname in the form of file://hostname/path. The patch basically assumes a private svn repository on the local filesystem. In the long run, it would better to have CVSROOT support URIs, but the directory checks against CVSROOT would need to be removed or worked around. The original error before the patch was: svn: Unable to open an ra_local session to URL svn: Local URL 'file://home/rancid/var/svn' contains unsupported hostname 2) When importing a new group, the directory is out of sync after the initial checkout. From the command-line, running `svn status` will still report uncommitted changes and `svn commit` will report the 'Out of date' error that you see in the logs. The original error before the patch was: svn: Commit failed (details follow): svn: Out of date: '/routers' in transaction 'x' -Vince diff -ur rancid-2.3.2a5/bin/control_rancid.in rancid-2.3.2a5-patched/bin/control_rancid.in --- rancid-2.3.2a5/bin/control_rancid.in 2006-05-28 06:38:50.000000000 -1000 +++ rancid-2.3.2a5-patched/bin/control_rancid.in 2006-08-19 19:39:49.000000000 -1000 @@ -139,6 +139,12 @@ fi fi +# svn update to avoid 'Out of date' error +if [ $RCSSYS = svn ] +then + svn update +fi + # do cvs update of router.db in case anyone has fiddled. $RCSSYS update router.db > $TMP 2>&1 grep "^C" $TMP > /dev/null diff -ur rancid-2.3.2a5/bin/rancid-cvs.in rancid-2.3.2a5-patched/bin/rancid-cvs.in --- rancid-2.3.2a5/bin/rancid-cvs.in 2006-05-28 06:38:52.000000000 -1000 +++ rancid-2.3.2a5-patched/bin/rancid-cvs.in 2006-08-19 19:37:06.000000000 -1000 @@ -81,9 +81,11 @@ cd $BASEDIR cvs checkout $GROUP else - svn import -m "$GROUP" . file://$CVSROOT/$GROUP + svn import -m "$GROUP" . file://localhost/$CVSROOT/$GROUP cd $BASEDIR - svn checkout file://$CVSROOT/$GROUP $GROUP + svn checkout file://localhost/$CVSROOT/$GROUP $GROUP + cd $DIR + svn update fi fi cd $DIR From saku+rancid at ytti.fi Sun Aug 20 07:24:34 2006 From: saku+rancid at ytti.fi (Saku Ytti) Date: Sun, 20 Aug 2006 10:24:34 +0300 Subject: [rancid] Re: Cisco 3750's In-Reply-To: <44E5F5F5.267C.00C8.0@auburn.edu> References: <44E5F5F5.267C.00C8.0@auburn.edu> Message-ID: <20060820072434.GA16586@mx.ytti.net> On (2006-08-18 17:16 -0500), Walter Gould wrote: > Anyone know why rancid might be hanging grabbing config's from Cisco > 3750 switches? I keep seeing hung rancid processes and all of the > switches are 3750's. I run clogin and the script logins to them fine. I have well over 100 3750's, no such issues. > Any thoughts or suggestions would be appreciated. Run the commands one at a time. -- ++ytti From mstefani at redhat.com Mon Aug 21 08:56:31 2006 From: mstefani at redhat.com (Michael Stefaniuc) Date: Mon, 21 Aug 2006 10:56:31 +0200 Subject: [rancid] Re: 2.3.2a5: Do not print empty PID/VID/SN In-Reply-To: <20060818223759.GK1808@shrubbery.net> References: <44E5BDAA.1050607@redhat.com> <20060818223759.GK1808@shrubbery.net> Message-ID: <44E9753F.4070602@redhat.com> john heasley wrote: > Fri, Aug 18, 2006 at 03:16:26PM +0200, Michael Stefaniuc: >>the attached patch tries to deal with the saved config file bloat >>introduced by "show inventory raw" by not printing empty PID/VID/SN >>lines. The bloat is a problem on big modular switches with a couple of >>line cards in. >> > > This looks fine to me, but we can not accept copyrighted patches or modules > unless you're transfering rights to us or remove the copyright. IANAL but is this a copyright or license problem? I've sent all the "2.3.2a5" marked patches to be included into the official rancid distribution. If all it takes to achieve this is to renounce on my copyright so be it. I do not mind as the patches are small and the amount of "innovation" those patches implement is infinitesimal. The copyright was more to give credit than anything else. bye michael >>Copyright Michael Stefaniuc for Red Hat >> >>Do not print empty PID:, VID: and SN: lines. Most entries from >>"show inventory raw" have those empty bloating up the saved config. >> >>--- ./bin/rancid.in.empty 2006-08-18 11:55:24.000000000 +0200 >>+++ ./bin/rancid.in 2006-08-18 12:03:56.000000000 +0200 >>@@ -1196,9 +1196,13 @@ >> ProcessHistory("INVENTORY","","", sprintf("!%-30s %s\n", $1, $2)); >> next; >> } >>- # split PID/VID line >>- if (/^(PID: \S*)\s*, (VID: \S*)\s*, (SN: \S*)\s*$/) { >>- ProcessHistory("INVENTORY","","", "!$1\n!$2\n!$3\n"); >>+ # split PID/VID/SN line >>+ if (/^PID: (\S*)\s*, VID: (\S*)\s*, SN: (\S*)\s*$/) { >>+ my $entries = ""; >>+ $entries .= "!PID: $1\n" if ($1); >>+ $entries .= "!VID: $2\n" if ($2); >>+ $entries .= "!SN: $3\n" if ($3); >>+ ProcessHistory("INVENTORY","","", "$entries"); >> next; >> } >> ProcessHistory("INVENTORY","","","!$_"); > > >>_______________________________________________ >>Rancid-discuss mailing list >>Rancid-discuss at shrubbery.net >>http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss -- Michael Stefaniuc Tel.: +49-711-96437-199 Sr. Network Engineer Fax.: +49-711-96437-111 Red Hat GmbH Email: mstefani at redhat.com Hauptstaetterstr. 58 http://www.redhat.de/ D-70178 Stuttgart From jsherrill at currentcomm.net Tue Aug 22 14:51:27 2006 From: jsherrill at currentcomm.net (Justin Sherrill) Date: Tue, 22 Aug 2006 10:51:27 -0400 Subject: [rancid] clogin timing out after login Message-ID: <7D3405B5488C0648B39948C26AE91A9B028AC955@rocexch01.currentcomm.com> I've got rancid set up on two different machines - One is RedHat Enterprise Linux 4, and the other is DragonFlyBSD 1.4. These are new installs. Both exhibit the same behavior. Using clogin to connect to a Cisco 7206 gets to a user prompt and then times out. # ./bin/clogin -c 'sh vers' ar01 User Access Verification Username: myusername Password: ar01.lab01# Error: TIMEOUT reached Trying the same thing on a PIX 515 will time out as soon as it hits the <--- More ---> prompt. I've tried with the same result on multiple 7206/515 devices. I can log in by hand normally. I thought this was the linux/expect blocking problem, but patching for it hasn't fixed the issue. Plus, it shouldn't be an issue on the BSD system. I'm getting a switch set up on the local network to make sure it isn't something strange between me and the test systems causing the problem. In the meantime, has anyone seen this and knows the (network-based?) issue that causes it? ----------------------------------------- Justin C. Sherrill - CURRENT Communications 100 Town Centre Drive, Suite G Rochester, New York 14623 P: 585.486.0549 F: 585.486.0030 ***CONFIDENTIALITY NOTICE*** The information in this email may be confidential and/or privileged. This email is intended to be reviewed by only the individual or organization named above. If you are not the intended recipient or an authorized representative of the intended recipient, you are hereby notified that any review, dissemination or copying of this email and its attachments, if any, or the information contained herein is prohibited. If you have received this email in error, please immediately notify the sender by return email and delete this message from your system. From mstefani at redhat.com Tue Aug 22 16:06:01 2006 From: mstefani at redhat.com (Michael Stefaniuc) Date: Tue, 22 Aug 2006 18:06:01 +0200 Subject: [rancid] Re: clogin timing out after login In-Reply-To: <7D3405B5488C0648B39948C26AE91A9B028AC955@rocexch01.currentcomm.com> References: <7D3405B5488C0648B39948C26AE91A9B028AC955@rocexch01.currentcomm.com> Message-ID: <44EB2B69.4050502@redhat.com> Justin Sherrill wrote: > I've got rancid set up on two different machines - One is RedHat > Enterprise Linux 4, and the other is DragonFlyBSD 1.4. These are new > installs. Both exhibit the same behavior. > > Using clogin to connect to a Cisco 7206 gets to a user prompt and then > times out. > > # ./bin/clogin -c 'sh vers' ar01 > User Access Verification > > Username: myusername > Password: > > ar01.lab01# > > Error: TIMEOUT reached Looks like you go directly into enable mode without having to type in enable and the enable password. If you want to keep that on the device then you need to set in .cloginrc add autoenable ar01 1 bye michael > > Trying the same thing on a PIX 515 will time out as soon as it hits the > <--- More ---> prompt. > > I've tried with the same result on multiple 7206/515 devices. I can log > in by hand normally. I thought this was the linux/expect blocking > problem, but patching for it hasn't fixed the issue. Plus, it shouldn't > be an issue on the BSD system. > > I'm getting a switch set up on the local network to make sure it isn't > something strange between me and the test systems causing the problem. > In the meantime, has anyone seen this and knows the (network-based?) > issue that causes it? -- Michael Stefaniuc Tel.: +49-711-96437-199 Sr. Network Engineer Fax.: +49-711-96437-111 Red Hat GmbH Email: mstefani at redhat.com Hauptstaetterstr. 58 http://www.redhat.de/ D-70178 Stuttgart From gouldwp at auburn.edu Tue Aug 22 18:27:47 2006 From: gouldwp at auburn.edu (Walter Gould) Date: Tue, 22 Aug 2006 13:27:47 -0500 Subject: [rancid] Re: Cisco 3750's In-Reply-To: <20060818224016.GL1808@shrubbery.net> References: <44E5F5F5.267C.00C8.0@auburn.edu> <20060818224016.GL1808@shrubbery.net> Message-ID: <44EB0650.267C.00C8.0@auburn.edu> >>> On Fri, Aug 18, 2006 at 5:40 PM, in message <20060818224016.GL1808 at shrubbery.net>, john heasley wrote: > this wouldnt be another Linux/Solaris w/o the expect patch, would it? > After upgrading expect to the patched version that is on the shrubbery.net ftp site, rancid is no longer hanging on the Cisco 3750 switches. Thanks for the input. Walter Gould Auburn University From jsherrill at currentcomm.net Tue Aug 22 21:01:37 2006 From: jsherrill at currentcomm.net (Justin Sherrill) Date: Tue, 22 Aug 2006 17:01:37 -0400 Subject: [rancid] Re: clogin timing out after login Message-ID: <7D3405B5488C0648B39948C26AE91A9B028AC95B@rocexch01.currentcomm.com> > Looks like you go directly into enable mode without having to type in > enable and the enable password. If you want to keep that on the device > then you need to set in .cloginrc > add autoenable ar01 1 (for future edification) This got me closer. The other part of the issue is that the banner message on a number of our switches contains # characters, so clogin would see those characters, assume it had reached the enabled state and start firing commands before the device was ready to accept them. Something else I found in this process: version 6.3(4)120 of the PIX code has a bug where the enable password can only be blank. This also causes a problem. ***CONFIDENTIALITY NOTICE*** The information in this email may be confidential and/or privileged. This email is intended to be reviewed by only the individual or organization named above. If you are not the intended recipient or an authorized representative of the intended recipient, you are hereby notified that any review, dissemination or copying of this email and its attachments, if any, or the information contained herein is prohibited. If you have received this email in error, please immediately notify the sender by return email and delete this message from your system. From heas at shrubbery.net Wed Aug 23 00:58:08 2006 From: heas at shrubbery.net (john heasley) Date: Tue, 22 Aug 2006 17:58:08 -0700 Subject: [rancid] Re: clogin timing out after login In-Reply-To: <7D3405B5488C0648B39948C26AE91A9B028AC95B@rocexch01.currentcomm.com> References: <7D3405B5488C0648B39948C26AE91A9B028AC95B@rocexch01.currentcomm.com> Message-ID: <20060823005808.GB24232@shrubbery.net> Tue, Aug 22, 2006 at 05:01:37PM -0400, Justin Sherrill: > Something else I found in this process: version 6.3(4)120 of the PIX > code has a bug where the enable password can only be blank. This also > causes a problem. {} represents an empty value. From jsherrill at currentcomm.net Wed Aug 23 12:34:35 2006 From: jsherrill at currentcomm.net (Justin Sherrill) Date: Wed, 23 Aug 2006 08:34:35 -0400 Subject: [rancid] Re: clogin timing out after login Message-ID: <7D3405B5488C0648B39948C26AE91A9B028AC95E@rocexch01.currentcomm.com> >> Something else I found in this process: version 6.3(4)120 of the PIX >> code has a bug where the enable password can only be blank. This also >> causes a problem. > >{} represents an empty value. Testing this as an enable password seems to give the same behavior as no enable password entry in .cloginrc - it tried the user password instead. At this point, the software release with this empty password bug won't be going out in the field, so it's not a problem. Thanks for the help! ***CONFIDENTIALITY NOTICE*** The information in this email may be confidential and/or privileged. This email is intended to be reviewed by only the individual or organization named above. If you are not the intended recipient or an authorized representative of the intended recipient, you are hereby notified that any review, dissemination or copying of this email and its attachments, if any, or the information contained herein is prohibited. If you have received this email in error, please immediately notify the sender by return email and delete this message from your system. From groberts at hcis.net Mon Aug 28 13:46:21 2006 From: groberts at hcis.net (Gary Roberts) Date: Mon, 28 Aug 2006 08:46:21 -0500 Subject: [rancid] Unknowns Message-ID: <5dec61703dd5c146652df956c557ae82@hcis.net> Just curious,, when i get my diffs, i see a set of numbers a few lines above, example: @@ -1325,9 +1325,8 @@ Just what exactly is that telling me? ive tried to decipher some meaning,, ie line , row, . .,etc, but it escapes me. Thanks -- --- Gary From rmordasiewicz at samuelmanutech.com Mon Aug 28 13:47:05 2006 From: rmordasiewicz at samuelmanutech.com (Robin Mordasiewicz) Date: Mon, 28 Aug 2006 09:47:05 -0400 (EDT) Subject: [rancid] cisco 7960 phones Message-ID: Is it possible to use rancid with cisco 7960 phones running the sip protocol ? -- From mstefani at redhat.com Mon Aug 28 14:03:41 2006 From: mstefani at redhat.com (Michael Stefaniuc) Date: Mon, 28 Aug 2006 16:03:41 +0200 Subject: [rancid] Re: Unknowns In-Reply-To: <5dec61703dd5c146652df956c557ae82@hcis.net> References: <5dec61703dd5c146652df956c557ae82@hcis.net> Message-ID: <44F2F7BD.5000508@redhat.com> Gary Roberts wrote: > Just curious,, when i get my diffs, i see a set of numbers a few lines above, > > example: @@ -1325,9 +1325,8 @@ > > Just what exactly is that telling me? ive tried to decipher some meaning,, ie line , row, . .,etc, > but it escapes me. It's generated by diff. It describes the chunk with the changes. '-' is used for the old file and '+' for the new file. The first number is the start line of the chunk and second one is the lenght of the chunk. @@ -old_chunk_start_line,old_chunk_length +new_chunk_start_line,new_chunk_length Hope this helps. bye michael -- Michael Stefaniuc Tel.: +49-711-96437-199 Sr. Network Engineer Fax.: +49-711-96437-111 Red Hat GmbH Email: mstefani at redhat.com Hauptstaetterstr. 58 http://www.redhat.de/ D-70178 Stuttgart From Todd at equivoice.com Mon Aug 28 18:37:47 2006 From: Todd at equivoice.com (Todd Heide) Date: Mon, 28 Aug 2006 13:37:47 -0500 Subject: [rancid] Backup what? Message-ID: <082FEA82DC985B4F8A6B412D5AC4E2203683A2@exchange.Equivoice.local> I need to rebuild the server to try out a newer version of Redhat, RHEL3 or 4, and want to backup my Rancid files, at least the ones needed for configuring Rancid, via FTP. What files should I back up that are not part of the install? From sawall at gmail.com Mon Aug 28 19:02:33 2006 From: sawall at gmail.com (sawall) Date: Mon, 28 Aug 2006 14:02:33 -0500 Subject: [rancid] changing enable level Message-ID: <870bf9090608281202i55097580o25db6800d66b4b3b@mail.gmail.com> I tried searching through clogin and as much of the mail archives as possible, but I'm not seeing what I need. Is there a way to set the script to use something like "enable 5" instead of just "enable"? I have a specific user set up in the PIX with limited command capability. Any help or pointers would be great. Thanks, Chris -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20060828/5bfa3257/attachment.html From heas at shrubbery.net Mon Aug 28 20:17:01 2006 From: heas at shrubbery.net (john heasley) Date: Mon, 28 Aug 2006 20:17:01 +0000 Subject: [rancid] Re: Backup what? In-Reply-To: <082FEA82DC985B4F8A6B412D5AC4E2203683A2@exchange.Equivoice.local> References: <082FEA82DC985B4F8A6B412D5AC4E2203683A2@exchange.Equivoice.local> Message-ID: <20060828201701.GB19644@shrubbery.net> Mon, Aug 28, 2006 at 01:37:47PM -0500, Todd Heide: > > > I need to rebuild the server to try out a newer version of Redhat, RHEL3 > or 4, and want to backup my Rancid files, at least the ones needed for > configuring Rancid, via FTP. What files should I back up that are not > part of the install? etc/rancid.conf etc/lg.conf /var/rancid the linux rpm likes to move those things. you're on your own there. From sawall at gmail.com Mon Aug 28 21:50:55 2006 From: sawall at gmail.com (sawall) Date: Mon, 28 Aug 2006 16:50:55 -0500 Subject: [rancid] Re: changing enable level In-Reply-To: <870bf9090608281202i55097580o25db6800d66b4b3b@mail.gmail.com> References: <870bf9090608281202i55097580o25db6800d66b4b3b@mail.gmail.com> Message-ID: <870bf9090608281450kb451c48q9fa1fbde832fe954@mail.gmail.com> OK. I think I found a solution. Would be appreciated it anyone thought there was a better way or if it should be configured differently. In "clogin" on line 462, I changed this line: send "enable\r" to this instead: send "enable 5\r" This appears to work and it logs into the firewall just fine. Thanks, Chris On 8/28/06, sawall wrote: > > I tried searching through clogin and as much of the mail archives as > possible, but I'm not seeing what I need. > > Is there a way to set the script to use something like "enable 5" instead > of just "enable"? I have a specific user set up in the PIX with limited > command capability. Any help or pointers would be great. > > Thanks, > Chris > > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20060828/6a50e04d/attachment.html From llc at dansketelecom.com Tue Aug 29 11:32:12 2006 From: llc at dansketelecom.com (Lars Lystrup Christensen) Date: Tue, 29 Aug 2006 13:32:12 +0200 Subject: [rancid] "End of run not found" what to do? Message-ID: <5DCC4AA34F470741B0CAE586CC8C8BB3DC69E0@exchange.office.dansketelecom.com> Hi there I'm currently working on a script to collect various informations about some of our equipment (Nextnet Wireless Expedience). I've tried to modify the "rancid" script to parse the output from my login script, which works quite well. However when I run my rancid script I get a "End of run not found". I'm not quite sure where the problem is, so please give a hint :-) The script is included right below: ---------------- START OF SCRIPT ------------------ #! /usr/bin/perl ## ## $Id: prancid.in,v 1.29 2004/01/11 03:49:13 heas Exp $ ## ## Copyright (C) 1997-2004 by Terrapin Communications, Inc. ## All rights reserved. ## ## This software may be freely copied, modified and redistributed ## without fee for non-commerical purposes provided that this license ## remains intact and unmodified with any RANCID distribution. ## ## There is no warranty or other guarantee of fitness of this software. ## It is provided solely "as is". The author(s) disclaim(s) all ## responsibility and liability with respect to this software's usage ## or its effect upon hardware, computer systems, other software, or ## anything else. ## ## Except where noted otherwise, rancid was written by and is maintained by ## Henry Kilmer, John Heasley, Andrew Partan, Pete Whiting, and Austin Schutz. ## # # This version of rancid tries to deal with Nextnet Wireless Expedience System. # Done by Lars L. Christensen # # RANCID - Really Awesome New Cisco confIg Differ # # usage: expedrancid [-d] [-l] [-f filename | $host] # use Getopt::Std; getopts('dfl'); $log = $opt_l; $debug = $opt_d; $file = $opt_f; $host = $ARGV[0]; $clean_run = 0; $found_end = 0; $timeo = 90; # clogin timeout in seconds my($platform); # platform/cpu type my(%filter_pwds); # password filtering mode # This routine is used to print out the router configuration sub ProcessHistory { my($new_hist_tag,$new_command,$command_string, at string)=(@_); if((($new_hist_tag ne $hist_tag) || ($new_command ne $command)) && defined %history) { print eval "$command \%history"; undef %history; } if (($new_hist_tag) && ($new_command) && ($command_string)) { if ($history{$command_string}) { $history{$command_string} = "$history{$command_string}@string"; } else { $history{$command_string} = "@string"; } } elsif (($new_hist_tag) && ($new_command)) { $history{++$#history} = "@string"; } else { print "@string"; } $hist_tag = $new_hist_tag; $command = $new_command; 1; } sub numerically { $a <=> $b; } # This is a sort routing that will sort numerically on the # keys of a hash as if it were a normal array. sub keynsort { local(%lines)=@_; local($i) = 0; local(@sorted_lines); foreach $key (sort numerically keys(%lines)) { $sorted_lines[$i] = $lines{$key}; $i++; } @sorted_lines; } # This is a sort routing that will sort on the # keys of a hash as if it were a normal array. sub keysort { local(%lines)=@_; local($i) = 0; local(@sorted_lines); foreach $key (sort keys(%lines)) { $sorted_lines[$i] = $lines{$key}; $i++; } @sorted_lines; } # This is a sort routing that will sort on the # values of a hash as if it were a normal array. sub valsort{ local(%lines)=@_; local($i) = 0; local(@sorted_lines); foreach $key (sort values %lines) { $sorted_lines[$i] = $key; $i++; } @sorted_lines; } # This is a numerical sort routing (ascending). sub numsort { local(%lines)=@_; local($i) = 0; local(@sorted_lines); foreach $num (sort {$a <=> $b} keys %lines) { $sorted_lines[$i] = $lines{$num}; $i++; } @sorted_lines; } # This is a sort routine that will sort on the # ip address when the ip address is anywhere in # the strings. sub ipsort { local(%lines)=@_; local($i) = 0; local(@sorted_lines); foreach $addr (sort sortbyipaddr keys %lines) { $sorted_lines[$i] = $lines{$addr}; $i++; } @sorted_lines; } # These two routines will sort based upon IP addresses sub ipaddrval { my(@a) = ($_[0] =~ m#^(\d+)\.(\d+)\.(\d+)\.(\d+)$#); $a[3]+256*($a[2]+256*($a[1]+256*$a[0])); } sub sortbyipaddr { &ipaddrval($a) <=> &ipaddrval($b); } # This routine parses "show version" sub ShowVersion { print STDERR " In ShowVersion: $_" if ($debug); while () { tr/\015//d; last if(/^$prompt/); next if(/^(\s*|\s*$cmd\s*)$/); return(-1) if (/command authorization failed/i); /^version/ && ProcessHistory("COMMENTS","keysort","B1", "# $_") && next; /^ATI/ && ProcessHistory("COMMENTS","keysort","B2", "# $_") && next; /^ASIC/ && ProcessHistory("COMMENTS","keysort","B3", "# $_") && next; } return(0); } # This routine processes a "write term" sub WriteTerm { print STDERR " In WriteTerm: $_" if ($debug); while () { tr/\015//d; last if(/^$prompt/); return(-1) if (/command authorization failed/i); # filter out any RCS/CVS tags to avoid confusing local CVS storage s/\$(Revision|Id):/ $1:/; # catch anything that wasnt matched above. ProcessHistory("","","","$_"); # end of config. if (/^$/) { $found_end = 1; return(1); } } return(0); } # dummy function sub DoNothing {print STDOUT;} # Main %commands=( 'show version' => "ShowVersion", 'show -fn' => "WriteTerm" ); # keys() doesnt return things in the order entered and the order of the # cmds is important (show version first and write term last). pita @commands=( "show version", "show -fn" ); $cisco_cmds=join(";", at commands); $cmds_regexp=join("|", at commands); open(OUTPUT,">$host.new") || die "Can't open $host.new for writing: $!\n"; select(OUTPUT); # make OUTPUT unbuffered if debugging if ($debug) { $| = 1; } if ($file) { print STDERR "opening file $host\n" if ($debug); print STDOUT "opening file $host\n" if ($log); open(INPUT,"<$host") || die "open failed for $host: $!\n"; } else { print STDERR "executing expedlogin -t $timeo -c \"$cisco_cmds\" $host\n" if ($debug); print STDOUT "executing expedlogin -t $timeo -c \"$cisco_cmds\" $host\n" if ($log); if (defined($ENV{NOPIPE})) { system "expedlogin -t $timeo -c \"$cisco_cmds\" $host $host.raw 2>&1" || die "expedlogin failed for $host: $!\n"; open(INPUT, "< $host.raw") || die "expedlogin failed for $host: $!\n"; } else { open(INPUT,"expedlogin -t $timeo -c \"$cisco_cmds\" $host ) { tr/\015//d; if (/[>#]\s?exit$/) { $clean_run=1; last; } if (/^Error:/) { print STDOUT ("$host expedlogin error: $_"); print STDERR ("$host expedlogin error: $_") if ($debug); $clean_run=0; last; } while (/[>#]\s*($cmds_regexp)\s*$/) { $cmd = $1; if (!defined($prompt)) { $prompt = ($_ =~ /^([^>]+>)/)[0]; print STDERR ("PROMPT MATCH: $prompt\n") if ($debug); } print STDERR ("HIT COMMAND:$_") if ($debug); if (! defined($commands{$cmd})) { print STDERR "$host: found unexpected command - \"$cmd\"\n"; $clean_run = 0; last TOP; } $rval = &{$commands{$cmd}}; delete($commands{$cmd}); if ($rval == -1) { $clean_run = 0; last TOP; } } } print STDOUT "Done $logincmd: $_\n" if ($log); # Flush History ProcessHistory("","","",""); # Cleanup close(INPUT); close(OUTPUT); if (defined($ENV{NOPIPE})) { unlink("$host.raw") if (! $debug); } # check for completeness if (scalar(%commands) || !$clean_run || !$found_end) { if (scalar(%commands)) { printf(STDOUT "$host: missed cmd(s): %s\n", join(',', keys(%commands))); printf(STDERR "$host: missed cmd(s): %s\n", join(',', keys(%commands))) if ($debug); } if (!$clean_run || !$found_end) { print STDOUT "$host: End of run not found\n"; print STDERR "$host: End of run not found\n" if ($debug); system("/usr/bin/tail -1 $host.new"); } unlink "$host.new" if (! $debug); } ------------- END OF SCRIPT --------------- ______________________________________ Med venlig hilsen / Kind regards Lars Lystrup Christensen Network Engineer Danske Telecom A/S - Clearwire Denmark -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20060829/a5e8a345/attachment.html From g_wyn at hotmail.com Tue Aug 29 15:00:14 2006 From: g_wyn at hotmail.com (George Gagbla) Date: Tue, 29 Aug 2006 16:00:14 +0100 Subject: [rancid] Huawie Router and Switchs Message-ID: Hi, Is it possible to use rancid for Huawei routers and switchs? If yes, I will appreciate some lines of code. Cheers George -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20060829/aa1c7db1/attachment.html From groberts at hcis.net Tue Aug 29 20:55:19 2006 From: groberts at hcis.net (Gary Roberts) Date: Tue, 29 Aug 2006 15:55:19 -0500 Subject: [rancid] Cofig file names Message-ID: Is there a way to have rancid save the configs as the hostname? as opposed to the host-ip? OR How to add descriptions to my CVS Repo so when accessed with a viewer, it shows hostname as well. Thanks -- --- Gary From mstefani at redhat.com Wed Aug 30 09:24:36 2006 From: mstefani at redhat.com (Michael Stefaniuc) Date: Wed, 30 Aug 2006 11:24:36 +0200 Subject: [rancid] Re: Cofig file names In-Reply-To: References: Message-ID: <44F55954.5010900@redhat.com> Gary Roberts wrote: > Is there a way to have rancid save the configs as the hostname? as opposed to the host-ip? Yes, by putting the hostname into router.db and not the IP. > > OR > > How to add descriptions to my CVS Repo so when accessed with a viewer, it shows hostname as well. cvs admin -t $file then input the text and hit ENTER followed by a CTRL-D. This adds a description to the file which can be viewed with cvs log $file But viewvc aka webcvs do not show that info in the file list. bye michael -- Michael Stefaniuc Tel.: +49-711-96437-199 Sr. Network Engineer Fax.: +49-711-96437-111 Red Hat GmbH Email: mstefani at redhat.com Hauptstaetterstr. 58 http://www.redhat.de/ D-70178 Stuttgart From rmordasiewicz at samuelmanutech.com Wed Aug 30 15:17:56 2006 From: rmordasiewicz at samuelmanutech.com (Robin Mordasiewicz) Date: Wed, 30 Aug 2006 11:17:56 -0400 (EDT) Subject: [rancid] Re: Cofig file names In-Reply-To: <44F55954.5010900@redhat.com> References: <44F55954.5010900@redhat.com> Message-ID: On Wed, 30 Aug 2006, Michael Stefaniuc wrote: > Gary Roberts wrote: > > Is there a way to have rancid save the configs as the hostname? as opposed to the host-ip? > Yes, by putting the hostname into router.db and not the IP. > This is what I do. we do not actually have dns available for the routers, so we have entries in the /etc/hosts file to match the dns name to ip address. From heas at shrubbery.net Wed Aug 30 18:33:07 2006 From: heas at shrubbery.net (john heasley) Date: Wed, 30 Aug 2006 11:33:07 -0700 Subject: [rancid] Re: "End of run not found" what to do? In-Reply-To: <5DCC4AA34F470741B0CAE586CC8C8BB3DC69E0@exchange.office.dansketelecom.com> References: <5DCC4AA34F470741B0CAE586CC8C8BB3DC69E0@exchange.office.dansketelecom.com> Message-ID: <20060830183307.GB10267@shrubbery.net> Tue, Aug 29, 2006 at 01:32:12PM +0200, Lars Lystrup Christensen: > Hi there > > > > I'm currently working on a script to collect various informations about > some of our equipment (Nextnet Wireless Expedience). > > > > I've tried to modify the "rancid" script to parse the output from my > login script, which works quite well. However when I run my rancid > script I get a "End of run not found". > > > > I'm not quite sure where the problem is, so please give a hint :-) what marks the end of a configuration is device dependant, but something has to set $found_end. This helps detect a complete config from a truncated one. You should compare the handling in rancid, jrancid, and cat5rancid. From psmith at metafore.ca Wed Aug 30 21:52:59 2006 From: psmith at metafore.ca (psmith at metafore.ca) Date: Wed, 30 Aug 2006 17:52:59 -0400 Subject: [rancid] problem running command files on Netscreens using nlogin - x Message-ID: Netscreen configs contain "" around arguments... Such as the following: set interface "tunnel.1" zone "VPN-Zone" set interface "tunnel.2" zone "VPN-Zone" So I have these commands and many others in a file, and run nlogin with -x to call the command file. I assume Rancid is quitting after it sees the first set of "", thinking it is the end of the commands. Can anyone tell me how I can get around this? When I have run nlogin with -c, I had to use it like follows: nlogin -c 'set console timeout 0;set route x.x.x.x/32 vrouter "untrust-vr" preference 20; save soft from tftp xxx.xxx.xxx.xxx ns5gt.5.3.0fz1.0 to flash; reset save-config yes no-prompt' -t 30000 xxx.xxx.xxx.xxx However, with the number of commands I need run, using -c would be huge. If I need to though I will, but maybe this could be fixed easily or quickly? Thanks! Paul Smith --------------------------------------------------- Paul W. Smith Senior Network Operations Engineer MCP, SCWSE, SCSA, SCNA, ACE, 3CSA, CNS, CLS, JNCIA-FWV, JNSS-S, JNSA-S Enterprise Services Metafore IT Solutions Direct: 905.362.7290 Cell: 416.271.6937 Toll Free: 800.563.7515 x 4086 psmith at metafore.ca http://www.metafore.ca M E T A F O R E IT SOLUTIONS ---------------------------------------------------- From psmith at metafore.ca Wed Aug 30 23:59:05 2006 From: psmith at metafore.ca (psmith at metafore.ca) Date: Wed, 30 Aug 2006 19:59:05 -0400 Subject: [rancid] Re: problem running command files on Netscreens using nlogin - x In-Reply-To: Message-ID: Hate to reply to myself. but I have figured out something. It isn't the "" causing the problems, it is the fact that when ScreenOS enters a vrouter, the prompt changes. Here is what happens every time.. host5007-> set policy from "VPN-Zone" to "Trust" "Any" "Private_LAN" "ANY" permit log policy id = 17 host5007-> set policy from "Trust" to "VPN-Zone" "Private_LAN" "Any" "ANY" permit log policy id = 18 host5007-> set vrouter trust-vr host5007(trust-vr)-> Once the prompt changes from host-> to host(anything)-> , rancid does not process any further commands. Is there any easy way to fix this? Otherwise, I am unable to run any commands involving the routing tables... Thanks --------------------------------------------------- Paul W. Smith Senior Network Operations Engineer MCP, SCWSE, SCSA, SCNA, ACE, 3CSA, CNS, CLS, JNCIA-FWV, JNSS-S, JNSA-S Enterprise Services Metafore IT Solutions Direct: 905.362.7290 Cell: 416.271.6937 Toll Free: 800.563.7515 x 4086 psmith at metafore.ca http://www.metafore.ca M E T A F O R E IT SOLUTIONS ---------------------------------------------------- psmith at metafore.c a Sent by: To rancid-discuss-bo rancid-discuss at shrubbery.net unces at shrubbery.n cc et Subject [rancid] problem running command 08/30/2006 05:52 files on Netscreens using nlogin - PM x Netscreen configs contain "" around arguments... Such as the following: set interface "tunnel.1" zone "VPN-Zone" set interface "tunnel.2" zone "VPN-Zone" So I have these commands and many others in a file, and run nlogin with -x to call the command file. I assume Rancid is quitting after it sees the first set of "", thinking it is the end of the commands. Can anyone tell me how I can get around this? When I have run nlogin with -c, I had to use it like follows: nlogin -c 'set console timeout 0;set route x.x.x.x/32 vrouter "untrust-vr" preference 20; save soft from tftp xxx.xxx.xxx.xxx ns5gt.5.3.0fz1.0 to flash; reset save-config yes no-prompt' -t 30000 xxx.xxx.xxx.xxx However, with the number of commands I need run, using -c would be huge. If I need to though I will, but maybe this could be fixed easily or quickly? Thanks! Paul Smith --------------------------------------------------- Paul W. Smith Senior Network Operations Engineer MCP, SCWSE, SCSA, SCNA, ACE, 3CSA, CNS, CLS, JNCIA-FWV, JNSS-S, JNSA-S Enterprise Services Metafore IT Solutions Direct: 905.362.7290 Cell: 416.271.6937 Toll Free: 800.563.7515 x 4086 psmith at metafore.ca http://www.metafore.ca M E T A F O R E IT SOLUTIONS ---------------------------------------------------- _______________________________________________ Rancid-discuss mailing list Rancid-discuss at shrubbery.net http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss From heas at shrubbery.net Thu Aug 31 00:13:21 2006 From: heas at shrubbery.net (john heasley) Date: Wed, 30 Aug 2006 17:13:21 -0700 Subject: [rancid] Re: problem running command files on Netscreens using nlogin - x In-Reply-To: References:

Message-ID: <20060831001321.GV10267@shrubbery.net> Wed, Aug 30, 2006 at 07:59:05PM -0400, psmith at metafore.ca: > Hate to reply to myself. but I have figured out something. > > It isn't the "" causing the problems, it is the fact that when ScreenOS > enters a vrouter, the prompt changes. > > Here is what happens every time.. > > host5007-> set policy from "VPN-Zone" to "Trust" "Any" "Private_LAN" > "ANY" permit log > policy id = 17 > host5007-> set policy from "Trust" to "VPN-Zone" "Private_LAN" "Any" > "ANY" permit log > policy id = 18 > host5007-> set vrouter trust-vr > host5007(trust-vr)-> > > Once the prompt changes from host-> to host(anything)-> , rancid does not > process any further commands. > > Is there any easy way to fix this? Otherwise, I am unable to run any > commands involving the routing tables... > > Thanks the login scripts do not handle this ATM. you can use the -s or -x options as work-arounds. From psmith at metafore.ca Thu Aug 31 00:25:52 2006 From: psmith at metafore.ca (psmith at metafore.ca) Date: Wed, 30 Aug 2006 20:25:52 -0400 Subject: [rancid] Re: problem running command files on Netscreens using nlogin - x In-Reply-To: <20060831001321.GV10267@shrubbery.net> Message-ID: I did try using the -x first, and got the exact same results once it hit a line that contained the first vrouter changes, which below is set vrouter "untrust-vr". unset interface tunnel.1 ip unset interface tunnel.2 ip unset interface untrust track-ip ip unset interface trust dhcp server option dns1 set vrouter "untrust-vr" unset route 0.0.0.0/0 interface serial unset route 172.18.125.208/28 vrouter "trust-vr" exit Also, in order to get out of a vrouter config on a Netscreen, you must have the exit command issued. Once rancid sees exit, it quits everything, even though there is more commands to be run, it was just exiting the router config mode. Paul Smith john heasley To psmith at metafore.ca 08/30/2006 08:13 cc PM rancid-discuss at shrubbery.net Subject Re: [rancid] Re: problem running command files on Netscreens using nlogin - x Wed, Aug 30, 2006 at 07:59:05PM -0400, psmith at metafore.ca: > Hate to reply to myself. but I have figured out something. > > It isn't the "" causing the problems, it is the fact that when ScreenOS > enters a vrouter, the prompt changes. > > Here is what happens every time.. > > host5007-> set policy from "VPN-Zone" to "Trust" "Any" "Private_LAN" > "ANY" permit log > policy id = 17 > host5007-> set policy from "Trust" to "VPN-Zone" "Private_LAN" "Any" > "ANY" permit log > policy id = 18 > host5007-> set vrouter trust-vr > host5007(trust-vr)-> > > Once the prompt changes from host-> to host(anything)-> , rancid does not > process any further commands. > > Is there any easy way to fix this? Otherwise, I am unable to run any > commands involving the routing tables... > > Thanks the login scripts do not handle this ATM. you can use the -s or -x options as work-arounds. From esteinke at speakasy.net Thu Aug 31 17:00:10 2006 From: esteinke at speakasy.net (liz) Date: Thu, 31 Aug 2006 10:00:10 -0700 (PDT) Subject: [rancid] Documentation on adding an unsupported device. Message-ID: <38468.69.25.140.12.1157043610.squirrel@trumpy.devnull.org.nz> Hi! I have googled around a bit and cant find any documentation on how to add an unsupported device to rancid. Specifically, I have a wireless switch that does not behave well with the default clogin. I can get logged into the switch with clogin but the commands that rancid is running dont all quite work as it expects. I am specifically puzzled as to how it determines which device type uses which login script. Any help or pointers to documentation would be fantastic! Thanks, Liz From eravin at panix.com Thu Aug 31 17:24:00 2006 From: eravin at panix.com (Ed Ravin) Date: Thu, 31 Aug 2006 13:24:00 -0400 Subject: [rancid] Re: Documentation on adding an unsupported device. In-Reply-To: <38468.69.25.140.12.1157043610.squirrel@trumpy.devnull.org.nz> References: <38468.69.25.140.12.1157043610.squirrel@trumpy.devnull.org.nz> Message-ID: <20060831172400.GA9838@panix.com> On Thu, Aug 31, 2006 at 10:00:10AM -0700, liz wrote: > I have googled around a bit and cant find any documentation on how to add > an unsupported device to rancid. The only documentation is occasional discussions on this list and the various patches submitted. > Specifically, I have a wireless switch > that does not behave well with the default clogin. I can get logged into > the switch with clogin but the commands that rancid is running dont all > quite work as it expects. Could the problem be fixed by having clogin ignore the erroneous command output? > I am specifically puzzled as to how it determines which device type uses > which login script. The rancid-fe script has the device type definitions hard-coded within. Reading through that should answer your questions. From jsherrill at currentcomm.net Thu Aug 31 18:25:31 2006 From: jsherrill at currentcomm.net (Justin Sherrill) Date: Thu, 31 Aug 2006 14:25:31 -0400 Subject: [rancid] Missing FAQ Message-ID: <7D3405B5488C0648B39948C26AE91A9B028AC982@rocexch01.currentcomm.com> I see this: http://threebit.net/mail-archive/cisco-nsp/msg00053.html mentioning a way to automatically collect data when a config is updated, but I don't see this question in the FAQ. http://www.shrubbery.net/rancid/FAQ What happened to it? ----------------------------------------- Justin C. Sherrill - CURRENT Communications 100 Town Centre Drive, Suite G Rochester, New York 14623 P: 585.486.0549 F: 585.486.0030 ***CONFIDENTIALITY NOTICE*** The information in this email may be confidential and/or privileged. This email is intended to be reviewed by only the individual or organization named above. If you are not the intended recipient or an authorized representative of the intended recipient, you are hereby notified that any review, dissemination or copying of this email and its attachments, if any, or the information contained herein is prohibited. If you have received this email in error, please immediately notify the sender by return email and delete this message from your system. From heas at shrubbery.net Thu Aug 31 18:56:22 2006 From: heas at shrubbery.net (john heasley) Date: Thu, 31 Aug 2006 11:56:22 -0700 Subject: [rancid] Re: Missing FAQ In-Reply-To: <7D3405B5488C0648B39948C26AE91A9B028AC982@rocexch01.currentcomm.com> References: <7D3405B5488C0648B39948C26AE91A9B028AC982@rocexch01.currentcomm.com> Message-ID: <20060831185622.GB28108@shrubbery.net> Thu, Aug 31, 2006 at 02:25:31PM -0400, Justin Sherrill: > > I see this: > > http://threebit.net/mail-archive/cisco-nsp/msg00053.html > > mentioning a way to automatically collect data when a config is updated, > but I don't see this question in the FAQ. > > http://www.shrubbery.net/rancid/FAQ > > What happened to it? Andrew's a bad dawg. He apparently added it but did not commit and it was overwritten. From heas at shrubbery.net Thu Aug 31 21:34:53 2006 From: heas at shrubbery.net (john heasley) Date: Thu, 31 Aug 2006 21:34:53 +0000 Subject: [rancid] Re: problem running command files on Netscreens using nlogin - x In-Reply-To: References: <20060831001321.GV10267@shrubbery.net> Message-ID: <20060831213453.GF6438@shrubbery.net> Wed, Aug 30, 2006 at 08:25:52PM -0400, psmith at metafore.ca: > I did try using the -x first, and got the exact same results once it hit a > line that contained the first vrouter changes, which below is set vrouter > "untrust-vr". > > unset interface tunnel.1 ip > unset interface tunnel.2 ip > unset interface untrust track-ip ip > unset interface trust dhcp server option dns1 > set vrouter "untrust-vr" > unset route 0.0.0.0/0 interface serial > unset route 172.18.125.208/28 vrouter "trust-vr" > exit > > Also, in order to get out of a vrouter config on a Netscreen, you must have > the exit command issued. Once rancid sees exit, it quits everything, even > though there is more commands to be run, it was just exiting the router > config mode. The script does not parse your "exit" in any fashion, so it should not be exiting due to that. There has to be something causing the config editor or connection to terminate. Sorry, I do not have a netscreen to test. From Dan.Chitty at morganstanley.com Thu Aug 31 13:44:43 2006 From: Dan.Chitty at morganstanley.com (Chitty, Dan (IT)) Date: Thu, 31 Aug 2006 14:44:43 +0100 Subject: [rancid] nlogin of rancid-2.3.2a Message-ID: <0F354FDFECA12647B75F7B154EC3828502592FBF@LNWEXMB58.msad.ms.com> Hi Getting this error when trying to connect to a device. -bash-2.05b$ bin/nlogin pislns01 invalid command name "@INCLUDE" while executing "@INCLUDE login.top@" (file "bin/nlogin" line 34) -bash-2.05b$ Please help Thanks Dan Chitty Information Security Morgan Stanley IT 25 Cabot Square London, E14 4QA Phone +44 20 7677 9092 -------------------------------------------------------- NOTICE: If received in error, please destroy and notify sender. Sender does not intend to waive confidentiality or privilege. Use of this email is prohibited when received in error. -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20060831/d6bba8eb/attachment.html