[rancid] Re: 'changeto context' Issue

Lance Vermilion lance at gheek.net
Tue Jul 24 18:41:24 UTC 2007 

Looks like I will be able to spend some time on this in the next 90
days. We are getting some FWSM and going to be creating more contexts
than we use on our outside firewalls. hehehe.

-lance

> -------- Original Message --------
> Subject: [rancid] Re: 'changeto context' Issue
> From: Lance <rancid at gheek.net>
> Date: Tue, July 24, 2007 10:24 am
> To: Daniel Tuecks <dtuecks at googlemail.com>
> Cc: rancid-discuss at shrubbery.net
> 
> Daniel,
> 
> This is currently not support by rancid. The tricky part is to make this
> function dynamic. To make it static is rather simple. The only way to
> make it dynamic from my point of view is to do it one of a couple of
> ways.
> 
> #
> #Sample router.db format:
> #
> device[my_context]:asa:up
> 
> #
> #Sample processing of $hosts to help control which context is backed up.
> #
> </apps/rancid/bin>: cat asarancid 
> #!/usr/bin/perl -w
> 
> my $host = $ARGV[0];
> my $device;
> my $context;
> 
> if ( $host =~ /(.*)\[(.*)\]/ )
> {
>   
>   $device = $1;
>   $context = $2;
>   print "Device: $device\n";
>   print "Context: $context\n";
> }
> 
> die "Didn't find a context in the prompt: $!\n" if (! $context );
> 
> if ( -e $device_system )
> {
>   my @array = `cat $device_system`;
>   foreach (@array)
>   {
>     print "Process Context: $context\n" if $_ =~ /^context\s$context$/;
>     $match = 1 if $_ =~ /context\s$context/;
>   }
>   print "No context matching $context in the system config for
> $device\n" if (! $match);
> }
> else
> {
>   die "File ($device) doesn't exist: $!\n";
> }
> 
> perl asarancid ops-pix-1[admin]:asa:up
> Device: ops-pix-1
> Context: admin
> Process Context: admin
> 
> 
> perl asarancid ops-pix-1[admin2]:asa:up
> Device: ops-pix-1
> Context: admin2
> Process Context: admin2
> 
> 
> 
> 
> 1.) - connect to the FW or FWSM and changeto system. Issue "sh run".
>     - read the FW/FWSM system config that is saved in the configs
> directory and capture all contexts that are configured there.
>     - using something I would call ASArancid a perl script (slightly
> modified rancid perl script) and read the FW/FWSM system config that is
> saved in the configs directory and capture all contexts names that are
> in the configuration. Then call the existing clogin expect script and
> pass in the commands to run which would include a new command "changeto
> <contexts saved from the ASA system>".
>     - If you want to be able to control the contexts that are collected
> then you could modify ASArancid a little more to simply parse
> $ARGV[0]/$host and check if the context from the example above. 
> 
> That would dynamically capture the configs and allow you to control what
> is captured. Keep in mind you would need to first have an entry for
> "device[system]:asa:up" to create the base config which is only the
> system config. If that wasn't there then all other attempts to get
> configs for contexts on that host would fail. I would also make these be
> saved as device_system. So for my example I would have an example file
> file of var/<group>/configs/ops-pix-1_system. So the file new log line
> would look something like this.
> 
> open(OUTPUT,">$device_$context.new") || die "Can't open
> $device_$context.new for writing: $!\n";
> 
> This is the best I can I think to process it. Maybe I will get some time
> to put a asarancid script together.
> 
> -Lance
> 
> 
> > -------- Original Message --------
> > Subject: [rancid]  'changeto context' Issue
> > From: "Daniel Tuecks" <dtuecks at googlemail.com>
> > Date: Tue, July 24, 2007 2:47 am
> > To: rancid-discuss at shrubbery.net
> > 
> > Hello,
> > 
> > I am trying to backup various fwsm contexts. Using rancid 2.3.2a6, i can
> > issue a command similar to
> > 
> > clogin -c 'changeto context <my_context>;show running-config'
> > fwsm0.my.domain
> > 
> > clogin displays the config, exits and everything is fine.
> > 
> > How can I configure rancid to do this automatically? I'd like to have each
> > context-config treated as a separate device. How would I specify this in the
> > router.db file? I cannot access the context directly.
> > 
> > It would be nice if something like this existed
> > 
> > router.db
> > ---------
> > 
> > fwsm0:cisco-fwcontext[my_context]:up
> > 
> >   or alternatively
> > 
> > fwsm0[my_context]:cisco:up
> > 
> > 
> > -- Daniel<hr>_______________________________________________
> > Rancid-discuss mailing list
> > Rancid-discuss at shrubbery.net
> > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
> 
> _______________________________________________
> Rancid-discuss mailing list
> Rancid-discuss at shrubbery.net
> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss

More information about the Rancid-discuss mailing list