From AElliott at xo.com Wed Jan 2 18:31:49 2008 From: AElliott at xo.com (Elliott, Andrew) Date: Wed, 2 Jan 2008 13:31:49 -0500 Subject: [rancid] Cisco CRS/IOS XR Message-ID: <3B715C4683E2F54DBC36ECDD2CA70F5303C427DB@VARESTMAIL03.mail.inthosts.net> Is anyone running rancid on Cisco devices running IOS XR? We just deployed a bunch of CRS's with IOS XR and I have them backing up to rancid, but wanted to know if there were any specific issues that anyone has run into with running rancid against IOS XR. (or anything specific to IOS XR or CRS that anyone has added which helped out) Thanks, --- (o< Andrew Elliott desk: 989.758.6987 //\ Tier II Data cell: 989.213.5794 V_/_ XO Communications -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= "Don't EVER cross the streams." From michael at lyngbol.dk Wed Jan 2 19:24:14 2008 From: michael at lyngbol.dk (Michael =?iso-8859-1?Q?Lyngb=F8l?=) Date: Wed, 2 Jan 2008 20:24:14 +0100 Subject: [rancid] Re: Cisco CRS/IOS XR In-Reply-To: <3B715C4683E2F54DBC36ECDD2CA70F5303C427DB@VARESTMAIL03.mail.inthosts.net> References: <3B715C4683E2F54DBC36ECDD2CA70F5303C427DB@VARESTMAIL03.mail.inthosts.net> Message-ID: <20080102192414.GV37966@freesbee.wheel.dk> On 02.01.2008 13:31:49 -0500, Elliott, Andrew wrote: > Is anyone running rancid on Cisco devices running IOS XR? Yes. > We just deployed a bunch of CRS's with IOS XR and I have them backing up > to rancid, but wanted to know if there were any specific issues that > anyone has run into with running rancid against IOS XR. (or anything > specific to IOS XR or CRS that anyone has added which helped out) You'll need 2.3.2a for XR support. Works great here. /Michael -- Michael Lyngb?l -- michael at lyngbol dot dk Network Architect, AS3292 TDC, IP?backbone From cmoody at qualcomm.com Wed Jan 2 19:41:04 2008 From: cmoody at qualcomm.com (Chris Moody) Date: Wed, 02 Jan 2008 11:41:04 -0800 Subject: [rancid] Re: Rancid troubleshooting In-Reply-To: References: Message-ID: <477BE8D0.3060508@qualcomm.com> This is SSH telling you that the host key is different than the one SSH has stored (via prior connections). SSH tells you what to do to rectify the problem in the message that it printed. If this is a valid host, but the SSH key has changed, just remove the particular line from the file it mentions (/opt/rancid/home/.ssh/known_hosts) and you're all set. Rancid will automatically ack the 'yes/no' prompt when the new key is imported. If this is a system that is a "failover" configuration, like a PIX/FWSM, etc ...where the end-host that answers on a given IP may change if one or the other system is active, you can run a cronjob to remove the known_hosts file on a periodic basis to avoid these kinds of failures. Sure, your SSH keychain validity is decreased, but hopefully you're in control of what you're logging into to back-up anyway. Cheers, -Chris Shane Haslem wrote: > Hi all, > > > > I am getting the following: > > > > Any ideas? > > > > > > > > Error: Couldn't login: nics066-ce01-2821 > > -sh-3.1$ /opt/rancid/bin/clogin nics082-ce01-2821 > > nics082-ce01-2821 > > spawn ssh -c 3des -x -l rancidaccess nics082-ce01-2821 > > @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ > > @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @ > > @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ > > IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY! > > Someone could be eavesdropping on you right now (man-in-the-middle attack)! > > It is also possible that the RSA host key has just been changed. > > The fingerprint for the RSA key sent by the remote host is > > ee:a1:54:7e:16:9d:f7:c9:ac:56:af:ad:7f:40:d7:56. > > Please contact your system administrator. > > Add correct host key in /opt/rancid/home/.ssh/known_hosts to get rid of > this message. > > Offending key in /opt/rancid/home/.ssh/known_hosts:12 > > RSA host key for nics082-ce01-2821 has changed and you have requested > strict checking. > > Host key verification failed. > > > > Error: The host key for nics082-ce01-2821 has changed. Update the SSH > known_hosts file accordingly. > > > > > > > > *Shane Haslem* > > *Eircom NI* > > *Alexandra House* > > *283 Upper Newtownards Road* > > *Belfast* > > *BT4 3JH* > > *Phone: (+44) 02890 002135* > > *Mob: (+44) 07791539378* > > > > > > > The information contained in this e-mail and any files transmitted with > it is confidential and may be subject to legal professional privilege. > It is intended solely for the use of the addressee(s). If you are not > the intended recipient of this e-mail, please note that any review, > dissemination, disclosure, alteration, printing, copying or transmission > of this e-mail and/or any file transmitted with it, is prohibited and > may be unlawful. If you have received this e-mail by mistake, please > promptly inform the sender by reply e-mail and delete the material. > Whilst this e-mail message has been swept for the presence of computer > viruses, eircom (UK) Limited does not, except as required by law, > represent, warrant and/or guarantee that the integrity of this > communication has been maintained nor that the communication is free of > errors, viruses, interception or interference. eircom (UK) Limited. > Private Company Limited by Shares. Registered in England and Wales. > Registration Number 03478971. Registered Office - South Quay, Plaza 2, > 183 Marsh Wall, London, E14 9SH. > > > ------------------------------------------------------------------------ > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss From peter.serwe at gmail.com Fri Jan 4 04:05:35 2008 From: peter.serwe at gmail.com (Peter Serwe) Date: Thu, 3 Jan 2008 20:05:35 -0800 Subject: [rancid] Acme Packet session director. Message-ID: I've been attempting to get my acme packet devices up and running in rancid, and found the following issues. 1) hlogin actually gets me to the enabled privilege prompt, clogin doesn't because you have to put in three passwords. 2) #1 doesn't matter because an unprivileged user can still use 'show running-config'. 3) hlogin works for a procurve switch, but pretty much won't do anything except login, because the cli has about three cisco-like features and none of the HP ones. ;) 4) At some point, screwing around with it, I actually got rancid to save out a config file, but it choked when the config exceeded 102400 bytes. 5) blogin worked as far as an unprivileged user, but when I attempted to set the type in my router.db to 'baynet' rancid choked, claiming 'invalid type'. Basically, that's where I'm at with it. Let me say fairly loudly that the CLI for these devices blows goats(I have proof), but aside from that, I'd like to get them into the rancid fold. There are a few questions that come to mind. A) How can I increase the size of the file rancid can yank down and store in svn? B) How can I extend rancid's capability, i.e., string hlogin together with the cisco show running-config so I can capture and diff the output? C) Along the lines of question A), has anyone ever stored the flash images off any of these devices for the purpose of at least keeping the versions going back? Peter -- ???? From Brad.Fox at bdk.com Fri Jan 4 13:59:25 2008 From: Brad.Fox at bdk.com (Fox, Brad) Date: Fri, 4 Jan 2008 08:59:25 -0500 Subject: [rancid] WAE devices Message-ID: Gentlemen, Is anyone currently catching configurations for Cisco Wide Area Application Engine's? I attempted a while back but because the EOF for WAE boxes is different of that of other Cisco devices I have since excluded them from Rancid. Thanks, >From WAAS: exit ! ! ! ! End of WAAS configuration >From Cisco Router: End Anyone know where to change "end" to "exit" Brad A. Fox -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20080104/9acb30aa/attachment.html From joaje at dongenergy.dk Fri Jan 4 15:16:00 2008 From: joaje at dongenergy.dk (Joachim Jerberg Jensen) Date: Fri, 4 Jan 2008 16:16:00 +0100 Subject: [rancid] Re: WAE devices In-Reply-To: References: Message-ID: <8DBE4A01414BDD409232EF0C48A87E1B01B80A81@CLU01EX.de-prod.dk> >From: Fox, Brad ;Sent: Friday, January 04, 2008 2:59 PM > >Gentlemen, > >Is anyone currently catching configurations for Cisco Wide Area Application Engine's? I attempted a while back but because the EOF for WAE boxes is different of that of other Cisco >devices I have since excluded them from Rancid. Thanks, > > >From WAAS: > >exit > >! End of WAAS configuration Try to edit rancid. Go to line 1402 Replace: if (/^(: +)?end$/) { With: if (/^End of WAAS configuration/i) { This should set $found_end = 1; when it detects " End of WAAS configuration". It's a hack that means backup of some other cisco stuff will fail, but try to test it. (you can always add it) I haven't tried it on WAE's, but I did something similar on some Extreme boxes to make it work. BR Joachim Jerberg Jensen From tex at off.org Sat Jan 5 22:55:57 2008 From: tex at off.org (Austin Schutz) Date: Sat, 5 Jan 2008 14:55:57 -0800 Subject: [rancid] Re: Acme Packet session director. In-Reply-To: References: Message-ID: <20080105225557.GU11577@gblx.net> On Thu, Jan 03, 2008 at 08:05:35PM -0800, Peter Serwe wrote: > I've been attempting to get my acme packet devices up and running in > rancid, and found the following issues. > > 1) hlogin actually gets me to the enabled privilege prompt, clogin > doesn't because you have to put in three passwords. > > 2) #1 doesn't matter because an unprivileged user can still use 'show > running-config'. > > 3) hlogin works for a procurve switch, but pretty much won't do > anything except login, because the cli has about three cisco-like > features and none of the HP ones. ;) > > 4) At some point, screwing around with it, I actually got rancid to > save out a config file, but it choked when the config exceeded 102400 > bytes. This is not a rancid issue. This is an artifact of the Acme CLI blowing goats. You can get around this by logging in via the console, then issuing carriage returns until the entire config is displayed. This seems to be fixed in their current firmware, you might try upgrading. > C) Along the lines of question A), has anyone ever stored the flash > images off any of these devices for the purpose of at least keeping > the versions going back? I haven't. Austin From Emmanuel.Halbwachs at obspm.fr Mon Jan 7 18:25:49 2008 From: Emmanuel.Halbwachs at obspm.fr (Emmanuel Halbwachs) Date: Mon, 7 Jan 2008 19:25:49 +0100 Subject: [rancid] HP Procurve (hlogin): interaction in configure mode: possible? Message-ID: <20080107182549.GB9627@sioling.obspm.fr> Hi Everybody, I'm a newbie on this list. I'm happily using rancid (2.3.1, the one in Debian stable etch) for several monthes, but till now only for pushing/retrieving some info with {c,h}login. I plan to use version control for config later. My point: I am trying to change some config parameters in ~50 HP Procurve with some commands like this: $ hlogin -v foo -e bar -c "conf t; foobar; wr mem" $switch The output then hangs after the "conf t" command: switch> enable Password: switch# switch# no page switch# conf t -> hang :-( When using hlogin without entering in configure mode, everything works just fine. I tried to massage the -c command with "\n" without any results. I understand that dealing with the HP CLI seems to be a PIA (thus hpuifilter), but is there a way to enter some commands in configure mode? TIA for any hint, -- Emmanuel Halbwachs Resp. R?seau/S?curit? Observatoire de Paris-Meudon tel : (+33)1 45 07 75 54 5 Place Jules Janssen fax : (+33)1 45 07 76 13 F 92195 MEUDON CEDEX From cgauthie at pcc.edu Mon Jan 7 18:32:34 2008 From: cgauthie at pcc.edu (Chris Gauthier) Date: Mon, 07 Jan 2008 10:32:34 -0800 Subject: [rancid] Eliminating two lines from foundry output Message-ID: <47827042.6000009@pcc.edu> Hello, I am a happy user of rancid for my Foundry switches (except the EdgeIron line, which needs support, but I haven't worked on that yet), but have become annoyed in the past weeks because I get an email nearly every time rancid checks one switch. It is because it displays the temp. Here is the output: Index: configs/10.x.x.x =================================================================== retrieving revision 1.1031 diff -U4 -r1.1031 10.x.x.x @@ -22,9 +22,9 @@ ! ! Fan 1 ok, speed (auto): 1<->2<->[[3]] ! Fan 2 ok, speed (auto): 1<->2<->[[3]] ! - ! Fan controlled temperature: 35.0 deg-C + ! Fan controlled temperature: 35.5 deg-C ! ! Fan speed switching temperature thresholds: ! Speed 1: NM<----->30 deg-C ! Speed 2: 25<----->40 deg-C My problem is that I want to eliminate the "Fan controlled temperature lines" so I don't get an email every 1/2 hour (as I have rancid configured to poll). Any thoughts on how to do this? Thanks, Chris -- Chris Gauthier, CCNA, Network+, A+ Network Administration Team Portland Community College Portland, Oregon "For once you have tasted flight you will walk the earth with your eyes turned skywards, for there you have been and there you will long to return." --Leonardo da Vinci From mashcraft at omniture.com Mon Jan 7 18:44:14 2008 From: mashcraft at omniture.com (Mike Ashcraft) Date: Mon, 7 Jan 2008 11:44:14 -0700 Subject: [rancid] Re: Eliminating two lines from foundry output In-Reply-To: <47827042.6000009@pcc.edu> References: <47827042.6000009@pcc.edu> Message-ID: <45EB285310B55542A513F93230F0A53303795F79@EXCHANGE0.orm.omniture.com> Chris, This is a fairly simple modification to francid. I don't have a Foundry handy to figure this out but the following steps should get you there quickly. open francid with an editor and find the line that starts with @commandtable After this are the commands run on the switch followed by the name of the subroutine that processes the output. Find the name of the subroutine that processes the output you want to eliminate and modify that subroutine to skip the desired line. If my guesses are right, you will find the following line which eliminates TEMPERATURE output but doesn't match on this specific switch: if (/(POWERS|TEMPERATURE READINGS)/) { You can add 'temperature' to this line like: if (/(POWERS|TEMPERATURE READINGS|temperature)/) { Or otherwise modify the subroutine to skip this output. Good luck, Mike -----Original Message----- From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Chris Gauthier Sent: Monday, January 07, 2008 11:33 AM To: 'rancid-discuss at shrubbery.net' Subject: [rancid] Eliminating two lines from foundry output Hello, I am a happy user of rancid for my Foundry switches (except the EdgeIron line, which needs support, but I haven't worked on that yet), but have become annoyed in the past weeks because I get an email nearly every time rancid checks one switch. It is because it displays the temp. Here is the output: Index: configs/10.x.x.x =================================================================== retrieving revision 1.1031 diff -U4 -r1.1031 10.x.x.x @@ -22,9 +22,9 @@ ! ! Fan 1 ok, speed (auto): 1<->2<->[[3]] ! Fan 2 ok, speed (auto): 1<->2<->[[3]] ! - ! Fan controlled temperature: 35.0 deg-C + ! Fan controlled temperature: 35.5 deg-C ! ! Fan speed switching temperature thresholds: ! Speed 1: NM<----->30 deg-C ! Speed 2: 25<----->40 deg-C My problem is that I want to eliminate the "Fan controlled temperature lines" so I don't get an email every 1/2 hour (as I have rancid configured to poll). Any thoughts on how to do this? Thanks, Chris -- Chris Gauthier, CCNA, Network+, A+ Network Administration Team Portland Community College Portland, Oregon "For once you have tasted flight you will walk the earth with your eyes turned skywards, for there you have been and there you will long to return." --Leonardo da Vinci _______________________________________________ Rancid-discuss mailing list Rancid-discuss at shrubbery.net http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss From atonns at corsis.com Mon Jan 7 20:28:39 2008 From: atonns at corsis.com (Anthony Tonns) Date: Mon, 7 Jan 2008 15:28:39 -0500 Subject: [rancid] netscaler support? Message-ID: <2627F8DAA3B0C8438E8FC1BAAFBC06810509D7C8@CORSIS-EXCH.corsisny.com> Any updates on using rancid with Netscaler? Posts to the list within the last year haven't been very promising. I have a pair of NS6.1 boxes I'd like to get config backups for, but need the tweaks to make it work. All assistance is welcome. Thanks, Tony From atonns at corsis.com Mon Jan 7 22:05:16 2008 From: atonns at corsis.com (Anthony Tonns) Date: Mon, 7 Jan 2008 17:05:16 -0500 Subject: [rancid] Re: netscaler support? In-Reply-To: <2627F8DAA3B0C8438E8FC1BAAFBC06810509D7C8@CORSIS-EXCH.corsisny.com> References: <2627F8DAA3B0C8438E8FC1BAAFBC06810509D7C8@CORSIS-EXCH.corsisny.com> Message-ID: <2627F8DAA3B0C8438E8FC1BAAFBC06810509D7FF@CORSIS-EXCH.corsisny.com> > Subject: [rancid] netscaler support? > > Any updates on using rancid with Netscaler? Posts to the list within the > last year haven't been very promising. I have a pair of NS6.1 boxes I'd > like to get config backups for, but need the tweaks to make it work. All > assistance is welcome. All-in-all, a successful fishing trip :-). One reply with a version of nslogin (no nsrancid), another that said "watch out if your netscaler config is too big" and finally a working nslogin/nsrancid combo. Thanks go to Andy for the working nslogin/nsrancid. Tony From Todd at equivoice.com Tue Jan 8 21:51:35 2008 From: Todd at equivoice.com (Todd Heide) Date: Tue, 8 Jan 2008 15:51:35 -0600 Subject: [rancid] Latest version Message-ID: <082FEA82DC985B4F8A6B412D5AC4E220B3834D@exchange.Equivoice.local> What is the latest version and how can I find out which I am running? I need to build a new box and want to get as up to date as possible running on Fedora. Thanks CCSP CCNA CCDA Nothing ever goes as planned, Its a hell of a notion, Even pharaohs turn to sand, Like a drop in the ocean -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20080108/07d0e5a6/attachment.html From rancid at gheek.net Tue Jan 8 22:08:35 2008 From: rancid at gheek.net (Lance) Date: Tue, 08 Jan 2008 15:08:35 -0700 Subject: [rancid] Re: Latest version Message-ID: <20080108150835.8e114e4890519e5179c192e02d6bca26.d7c290823e.wbe@email.secureserver.net> Todd, You will want to check the versions of every script inside of "/bin" to make sure you know all your existing versions. You should download the latest alpha if you want the latest greatest, but remember this is alpha, not production. A while back I posted a script called PSV that will append all script versions that are used when collecting your configs. You should be able to do a search for "rancid PSV" and it should return the thread. Here is an example of what gets added to each of your configs. Example of what it adds to the file. !RANCID-CONTENT-TYPE: cisco-cat ! !RANCID-SCRIPT-TYPE: [rancid-fe.in (v 1.37)] !RANCID-SCRIPT-TYPE: [rancid-run.in (v 1.32)] !RANCID-SCRIPT-TYPE: [control_rancid.in (v 1.76)] !RANCID-SCRIPT-TYPE: [par.in (v 1.11)] !RANCID-SCRIPT-TYPE: [clogin.in (v 1.94)] !RANCID-SCRIPT-TYPE: [cat5rancid.in (v 1.45)] This is one of the posts for it. http://www.shrubbery.net/pipermail/rancid-discuss/2006-September/001777.html -lance > -------- Original Message -------- > Subject: [rancid] Latest version > From: "Todd Heide" > Date: Tue, January 08, 2008 2:51 pm > To: > What is the latest version and how can I find out which I am running? I > need to build a new box and want to get as up to date as possible > running on Fedora. > > Thanks > CCSP CCNA CCDA > > Nothing ever goes as planned, Its a hell of a notion, > Even pharaohs turn to sand, Like a drop in the ocean
_______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss From Anton.Yurchenko at elan.com Tue Jan 8 22:54:38 2008 From: Anton.Yurchenko at elan.com (Yurchenko, Anton) Date: Tue, 8 Jan 2008 15:54:38 -0700 Subject: [rancid] Getting configs from CSS Message-ID: Hi All, I have an issue getting configs from Cisco CSS loadbalancers. I have verified that clogin into the device works successfully. But when I run rancid-run it is not able to collect configs, and in the logs I see messages that commands "term len 65535" and "sh run" are not recognized. Same commands work from regular CLI of course. Any advice would be appreciated. Thanks, ******************************************************** This communication and any files transmitted with it may contain information that is confidential, privileged and exempt from disclosure under applicable law. It is intended solely for the use of the individual or entity to which it is addressed. If you are not the intended recipient, you are hereby notified that any use, dissemination or copying of this communication is strictly prohibited. If you have received this communication in error, please notify the sender. Thank you for your co-operation. ******************************************************** -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20080108/7a118275/attachment.html From cmoody at qualcomm.com Tue Jan 8 23:26:03 2008 From: cmoody at qualcomm.com (Chris Moody) Date: Tue, 08 Jan 2008 15:26:03 -0800 Subject: [rancid] Re: Getting configs from CSS In-Reply-To: References: Message-ID: <4784068B.90200@qualcomm.com> You need to set the device type to "css" in the router.db file. ex> rcomp2-css1.qualcomm.com:css:up Cheers, -Chris Yurchenko, Anton wrote: > Hi All, > > > > I have an issue getting configs from Cisco CSS loadbalancers. I have > verified that clogin into the device works successfully. But when I run > rancid-run it is not able to collect configs, and in the logs I see > messages that commands ?term len 65535? and ?sh run? are not recognized. > Same commands work from regular CLI of course. > > Any advice would be appreciated. > > > > Thanks, > > > > ******************************************************** > > This communication and any files transmitted with it > > may contain information that is confidential, privileged > > and exempt from disclosure under applicable law. It is > > intended solely for the use of the individual or entity > > to which it is addressed. If you are not the intended > > recipient, you are hereby notified that any use, > > dissemination or copying of this communication is > > strictly prohibited. If you have received this > > communication in error, please notify the sender. > > Thank you for your co-operation. > > ******************************************************** > > > > > ------------------------------------------------------------------------ > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss From jeff at ocjtech.us Tue Jan 8 22:03:38 2008 From: jeff at ocjtech.us (Jeffrey Ollie) Date: Tue, 8 Jan 2008 16:03:38 -0600 Subject: [rancid] Re: Latest version In-Reply-To: <082FEA82DC985B4F8A6B412D5AC4E220B3834D@exchange.Equivoice.local> References: <082FEA82DC985B4F8A6B412D5AC4E220B3834D@exchange.Equivoice.local> Message-ID: <935ead450801081403l788ebdddr19f77bc27d307e51@mail.gmail.com> On 1/8/08, Todd Heide wrote: > > What is the latest version and how can I find out which I am running? I need > to build a new box and want to get as up to date as possible running on > Fedora. I periodically check the FTP site. The main web page doesn't always get updated promptly. Ignore the 'alpha' designation and get 2.3.2a7. ftp://ftp.shrubbery.net/pub/rancid/ Jeff From mohacsi at niif.hu Wed Jan 9 09:02:56 2008 From: mohacsi at niif.hu (Mohacsi Janos) Date: Wed, 9 Jan 2008 10:02:56 +0100 (CET) Subject: [rancid] Re: Latest version In-Reply-To: <935ead450801081403l788ebdddr19f77bc27d307e51@mail.gmail.com> References: <082FEA82DC985B4F8A6B412D5AC4E220B3834D@exchange.Equivoice.local> <935ead450801081403l788ebdddr19f77bc27d307e51@mail.gmail.com> Message-ID: <20080109100204.Q10680@mignon.ki.iif.hu> On Tue, 8 Jan 2008, Jeffrey Ollie wrote: > On 1/8/08, Todd Heide wrote: >> >> What is the latest version and how can I find out which I am running? I need >> to build a new box and want to get as up to date as possible running on >> Fedora. > > I periodically check the FTP site. The main web page doesn't always > get updated promptly. Ignore the 'alpha' designation and get 2.3.2a7. > > ftp://ftp.shrubbery.net/pub/rancid/ By the way, when the final 2.3.2 will be released? Regards, Janos Mohacsi From rancid at gheek.net Wed Jan 9 18:10:49 2008 From: rancid at gheek.net (Lance) Date: Wed, 09 Jan 2008 11:10:49 -0700 Subject: [rancid] Re: sonicwall and big-ip Message-ID: <20080109111049.8e114e4890519e5179c192e02d6bca26.a241ea26ef.wbe@email.secureserver.net> Mike, Great work on making it perfect so far. I did need more options so i added them. I find these a requirement to track and also very handy when restoring/duplicating configs. You might want to note that people need to make this addition to rancid-fe too. #rancid-run 'f5' => 'f5rancid', I added lines 198,251-254 to r5rancid. #f5rancid Line188: # sub ConfFile 31-Jan-2007 Mike Ashcraft mashcraft at omniture.com Line189: # This routine parses "cat filename" Line190: sub ConfFile { Line191: print STDERR " In ConfFile: $_" if ($debug); Line192: Line193: ProcessHistory("COMMENTS","","BO","!\n!\n! #### Running $cmd\n!\n!\n"); Line194: Line195: while () { Line196: tr/\015//d; Line197: last if (/^$prompt/); Line198: next if ($cmd =~ /config sync show/ && !/^\s+Status/); Line199: ProcessHistory("","","$cmd","$_"); Line200: } Line201: $found_end = 1; Line202: return(0); Line203:} ... ... Line243: # Main Line244: @commandtable = ( Line245: {'TERM=xterm' => 'NoOutput'}, Line246: {'export TERM' => 'NoOutput'}, Line247: {'bigpipe platform' => 'Platform'}, Line248: {'bigpipe version' => 'ConfFile'}, Line249: {'bigpipe list' => 'ConfFile'}, Line250: {'bigpipe base list' => 'ConfFile'}, Line251: {'bigpipe profile list' => 'ConfFile'}, Line252: {'bigpipe monitor list' => 'ConfFile'}, Line253: {'bigpipe config sync show | grep Status' => 'ConfFile'}, Line254: {'cat /config/RegKey.license' => 'ConfFile'}, Line255: {'bigpipe route static show' => 'ConfFile'}, Line256: {'ls --full-time --color=never /config/ssl/ssl.crt' => 'DirList'}, Line257: {'ls --full-time --color=never /config/ssl/ssl.key' => 'DirList'}, Line258: ); -Lance > -------- Original Message -------- > Subject: [rancid] Re: sonicwall and big-ip > From: "Mike Ashcraft" > Date: Tue, November 27, 2007 10:09 am > To: "Shon Hender" , > > I posted rancid scripts for F5 big-ip to the list back in July. Since > then, I have fixed all the known issues and sent it to a few individuals > for testing. Let me know how these work for you. Installation > instructions are in the comments at the top of f5rancid. > Mike > -----Original Message----- > From: rancid-discuss-bounces at shrubbery.net > [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Shon Hender > Sent: Tuesday, November 27, 2007 9:37 AM > To: rancid-discuss at shrubbery.net > Subject: [rancid] sonicwall and big-ip > Does anyone have login scripts for sonicwall and/or big-ip devices? > Thanks, > -Shon > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
_______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss From cgauthie at pcc.edu Wed Jan 9 22:08:25 2008 From: cgauthie at pcc.edu (Chris Gauthier) Date: Wed, 09 Jan 2008 14:08:25 -0800 Subject: [rancid] Re: Eliminating two lines from foundry output In-Reply-To: <45EB285310B55542A513F93230F0A53303795F79@EXCHANGE0.orm.omniture.com> References: <47827042.6000009@pcc.edu> <45EB285310B55542A513F93230F0A53303795F79@EXCHANGE0.orm.omniture.com> Message-ID: <478545D9.7050005@pcc.edu> That did the trick, though I have one other trick I need to pull out of my sleeve (after I learn it). I still am getting config changes, even though nothing actually changes... Exerpt: - ! Fan 1 ok, speed (auto): 1<->2<->[[3]] - ! Fan 2 ok, speed (auto): 1<->2<->[[3]] + ! Fan 1 ok, speed (auto): 1<->[[2]]<->3 + ! Fan 2 ok, speed (auto): 1<->[[2]]<->3 What I want to do is preserve the "Fan X ok" or "Fan X failed", but with out the fan speed information. Why? Because the temperature hangs right at the threshold between the two fan speeds, so it goes up and down several times per day. Is there a way to be that granular in my string processing without bogging everything down? Chris Mike Ashcraft wrote: > Chris, > > This is a fairly simple modification to francid. > > I don't have a Foundry handy to figure this out but the following steps > should get you there quickly. > > open francid with an editor and find the line that starts with > @commandtable > After this are the commands run on the switch followed by the name of > the subroutine that processes the output. > > Find the name of the subroutine that processes the output you want to > eliminate and modify that subroutine to skip the desired line. > > If my guesses are right, you will find the following line which > eliminates TEMPERATURE output but doesn't match on this specific switch: > > if (/(POWERS|TEMPERATURE READINGS)/) { > > You can add 'temperature' to this line like: > > if (/(POWERS|TEMPERATURE READINGS|temperature)/) { > > Or otherwise modify the subroutine to skip this output. > > Good luck, > > Mike > > > > -----Original Message----- > From: rancid-discuss-bounces at shrubbery.net > [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Chris > Gauthier > Sent: Monday, January 07, 2008 11:33 AM > To: 'rancid-discuss at shrubbery.net' > Subject: [rancid] Eliminating two lines from foundry output > > Hello, > > I am a happy user of rancid for my Foundry switches (except the EdgeIron > > line, which needs support, but I haven't worked on that yet), but have > become annoyed in the past weeks because I get an email nearly every > time rancid checks one switch. It is because it displays the temp. > Here is the output: > > Index: configs/10.x.x.x > =================================================================== > retrieving revision 1.1031 > diff -U4 -r1.1031 10.x.x.x > @@ -22,9 +22,9 @@ > ! > ! Fan 1 ok, speed (auto): 1<->2<->[[3]] > ! Fan 2 ok, speed (auto): 1<->2<->[[3]] > ! > - ! Fan controlled temperature: 35.0 deg-C > + ! Fan controlled temperature: 35.5 deg-C > ! > ! Fan speed switching temperature thresholds: > ! Speed 1: NM<----->30 deg-C > ! Speed 2: 25<----->40 deg-C > > > My problem is that I want to eliminate the "Fan controlled temperature > lines" so I don't get an email every 1/2 hour (as I have rancid > configured to poll). > > Any thoughts on how to do this? > > Thanks, > > Chris > > -- Chris Gauthier, CCNA, Network+, A+ Network Administration Team Portland Community College Portland, Oregon "For once you have tasted flight you will walk the earth with your eyes turned skywards, for there you have been and there you will long to return." --Leonardo da Vinci From jeremys at rickyninja.net Wed Jan 9 22:32:57 2008 From: jeremys at rickyninja.net (Jeremy Singletary) Date: Wed, 9 Jan 2008 15:32:57 -0700 Subject: [rancid] Re: Eliminating two lines from foundry output In-Reply-To: <478545D9.7050005@pcc.edu> References: <47827042.6000009@pcc.edu> <45EB285310B55542A513F93230F0A53303795F79@EXCHANGE0.orm.omniture.com> <478545D9.7050005@pcc.edu> Message-ID: <20080109223257.GA14557@pegasus.billn.net> #!/usr/bin/perl use strict; use warnings; while () { if (/^!\s+Fan\s+\d+/) { $_ = (split /:/, $_)[0] . "\n"; } print; } __DATA__ ! ! Fan 1 ok, speed (auto): 1<->2<->[[3]] ! Fan 2 ok, speed (auto): 1<->2<->[[3]] ! ! Fan controlled temperature: 35.0 deg-C ! Fan controlled temperature: 35.5 deg-C ! ! Fan speed switching temperature thresholds: ! Speed 1: NM<----->30 deg-C ! Speed 2: 25<----->40 deg-C On 01/09/08, Chris Gauthier said: > That did the trick, though I have one other trick I need to pull out of > my sleeve (after I learn it). > > I still am getting config changes, even though nothing actually changes... > > Exerpt: > > - ! Fan 1 ok, speed (auto): 1<->2<->[[3]] > - ! Fan 2 ok, speed (auto): 1<->2<->[[3]] > + ! Fan 1 ok, speed (auto): 1<->[[2]]<->3 > + ! Fan 2 ok, speed (auto): 1<->[[2]]<->3 > > What I want to do is preserve the "Fan X ok" or "Fan X failed", but with > out the fan speed information. Why? Because the temperature hangs > right at the threshold between the two fan speeds, so it goes up and > down several times per day. > > Is there a way to be that granular in my string processing without > bogging everything down? > > Chris > > > Mike Ashcraft wrote: > > Chris, > > > > This is a fairly simple modification to francid. > > > > I don't have a Foundry handy to figure this out but the following steps > > should get you there quickly. > > > > open francid with an editor and find the line that starts with > > @commandtable > > After this are the commands run on the switch followed by the name of > > the subroutine that processes the output. > > > > Find the name of the subroutine that processes the output you want to > > eliminate and modify that subroutine to skip the desired line. > > > > If my guesses are right, you will find the following line which > > eliminates TEMPERATURE output but doesn't match on this specific switch: > > > > if (/(POWERS|TEMPERATURE READINGS)/) { > > > > You can add 'temperature' to this line like: > > > > if (/(POWERS|TEMPERATURE READINGS|temperature)/) { > > > > Or otherwise modify the subroutine to skip this output. > > > > Good luck, > > > > Mike > > > > > > > > -----Original Message----- > > From: rancid-discuss-bounces at shrubbery.net > > [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Chris > > Gauthier > > Sent: Monday, January 07, 2008 11:33 AM > > To: 'rancid-discuss at shrubbery.net' > > Subject: [rancid] Eliminating two lines from foundry output > > > > Hello, > > > > I am a happy user of rancid for my Foundry switches (except the EdgeIron > > > > line, which needs support, but I haven't worked on that yet), but have > > become annoyed in the past weeks because I get an email nearly every > > time rancid checks one switch. It is because it displays the temp. > > Here is the output: > > > > Index: configs/10.x.x.x > > =================================================================== > > retrieving revision 1.1031 > > diff -U4 -r1.1031 10.x.x.x > > @@ -22,9 +22,9 @@ > > ! > > ! Fan 1 ok, speed (auto): 1<->2<->[[3]] > > ! Fan 2 ok, speed (auto): 1<->2<->[[3]] > > ! > > - ! Fan controlled temperature: 35.0 deg-C > > + ! Fan controlled temperature: 35.5 deg-C > > ! > > ! Fan speed switching temperature thresholds: > > ! Speed 1: NM<----->30 deg-C > > ! Speed 2: 25<----->40 deg-C > > > > > > My problem is that I want to eliminate the "Fan controlled temperature > > lines" so I don't get an email every 1/2 hour (as I have rancid > > configured to poll). > > > > Any thoughts on how to do this? > > > > Thanks, > > > > Chris > > > > > > -- > Chris Gauthier, CCNA, Network+, A+ > Network Administration Team > Portland Community College > Portland, Oregon > > "For once you have tasted flight you will walk the earth with your eyes turned skywards, for there you have been and there you will long to return." > --Leonardo da Vinci > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss From ecables at gmail.com Wed Jan 9 18:30:22 2008 From: ecables at gmail.com (Eric Cables) Date: Wed, 9 Jan 2008 10:30:22 -0800 Subject: [rancid] Re: Latest version In-Reply-To: <20080109100204.Q10680@mignon.ki.iif.hu> References: <082FEA82DC985B4F8A6B412D5AC4E220B3834D@exchange.Equivoice.local> <935ead450801081403l788ebdddr19f77bc27d307e51@mail.gmail.com> <20080109100204.Q10680@mignon.ki.iif.hu> Message-ID: What were the changes between a6 and a7? I'm running a6 now, but unless the changes to a7 are noteworthy I was just going to delay upgrading until the next major release (assuming there is one). The CHANGES file does not indicate sub-version changes, just major version changes. Thanks, On Jan 9, 2008 1:02 AM, Mohacsi Janos wrote: > > > > On Tue, 8 Jan 2008, Jeffrey Ollie wrote: > > > On 1/8/08, Todd Heide wrote: > >> > >> What is the latest version and how can I find out which I am running? I > need > >> to build a new box and want to get as up to date as possible running on > >> Fedora. > > > > I periodically check the FTP site. The main web page doesn't always > > get updated promptly. Ignore the 'alpha' designation and get 2.3.2a7. > > > > ftp://ftp.shrubbery.net/pub/rancid/ > > By the way, when the final 2.3.2 will be released? > > Regards, > Janos Mohacsi > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > -- Eric Cables -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20080109/1214ba86/attachment.html From heas at shrubbery.net Thu Jan 10 00:41:24 2008 From: heas at shrubbery.net (john heasley) Date: Thu, 10 Jan 2008 00:41:24 +0000 Subject: [rancid] Re: Latest version In-Reply-To: <20080109100204.Q10680@mignon.ki.iif.hu> References: <082FEA82DC985B4F8A6B412D5AC4E220B3834D@exchange.Equivoice.local> <935ead450801081403l788ebdddr19f77bc27d307e51@mail.gmail.com> <20080109100204.Q10680@mignon.ki.iif.hu> Message-ID: <20080110004124.GJ18583@shrubbery.net> Wed, Jan 09, 2008 at 10:02:56AM +0100, Mohacsi Janos: > > > > On Tue, 8 Jan 2008, Jeffrey Ollie wrote: > > > On 1/8/08, Todd Heide wrote: > >> > >> What is the latest version and how can I find out which I am running? I need > >> to build a new box and want to get as up to date as possible running on > >> Fedora. > > > > I periodically check the FTP site. The main web page doesn't always > > get updated promptly. Ignore the 'alpha' designation and get 2.3.2a7. > > > > ftp://ftp.shrubbery.net/pub/rancid/ > > By the way, when the final 2.3.2 will be released? I have 3 things to get done before rolling 2.3.2...languishing as they may be; test 1 new module, whats-his-name's CSC patch, and *login exit value patch. From laichenkang at gmail.com Thu Jan 10 04:26:48 2008 From: laichenkang at gmail.com (Lai Chen Kang) Date: Thu, 10 Jan 2008 12:26:48 +0800 Subject: [rancid] changing the from for emails Message-ID: <47859E88.4010401@gmail.com> Hi all I am rather new to linux and not sure if this is the right place to post this. I want the email to be from hostname at mydomain.com. However what I am getting is rancid at hostname.mydomain.com. Any idea how I can configure this? Lai From justin at justinshore.com Thu Jan 10 12:14:28 2008 From: justin at justinshore.com (Justin Shore) Date: Thu, 10 Jan 2008 06:14:28 -0600 Subject: [rancid] Re: changing the from for emails In-Reply-To: <47859E88.4010401@gmail.com> References: <47859E88.4010401@gmail.com> Message-ID: <47860C24.6020301@justinshore.com> Lai, Is MAILDOMAIN defined in your etc/rancid.conf? Justin Lai Chen Kang wrote: > Hi all > > I am rather new to linux and not sure if this is the right place to post this. I want the email to be from > hostname at mydomain.com. However what I am getting is rancid at hostname.mydomain.com. Any idea how I can configure this? From laichenkang at gmail.com Thu Jan 10 12:26:52 2008 From: laichenkang at gmail.com (Lai Chen Kang) Date: Thu, 10 Jan 2008 20:26:52 +0800 Subject: [rancid] Re: changing the from for emails In-Reply-To: <47860C24.6020301@justinshore.com> References: <47859E88.4010401@gmail.com> <47860C24.6020301@justinshore.com> Message-ID: <47860F0C.3070601@gmail.com> it is. I've put in @mydomain.com Justin Shore wrote: > Lai, > > Is MAILDOMAIN defined in your etc/rancid.conf? > > Justin > > Lai Chen Kang wrote: >> Hi all >> >> I am rather new to linux and not sure if this is the right place to >> post this. I want the email to be from hostname at mydomain.com. However >> what I am getting is rancid at hostname.mydomain.com. Any idea how I can >> configure this? > From lerik at nolink.net Thu Jan 10 13:26:40 2008 From: lerik at nolink.net (Lars Erik Gullerud) Date: Thu, 10 Jan 2008 14:26:40 +0100 (CET) Subject: [rancid] Rancid/Expect failing on FreeBSD/SMP systems Message-ID: <20080110132211.D75682@electra.nolink.net> My apologies for posting this both to the Rancid list and FreeBSD-STABLE, however I am not sure where to start troubleshooting this issue - I am suspecting it is a FreeBSD issue, but I am thinking we are probably not the only shop running RANCID (ports/net-mgmt/rancid) on FreeBSD (since it is quite popular in ISP environments), so hopefully someone can look at it from the RANCID angle and give some helpful input on how to troubleshoot this further. The problem: After finally giving in and starting to phase out some of our oldest FreeBSD 4.11 servers and replace them with FreeBSD 6.x on some fresh hardware, I got around to start moving our RANCID server. This however, has been the start of a real nightmare. I don't think the problems I am seeing are in RANCID itself, however it can be reliable reproduced every time i run RANCID and I have not been able to reproduce it in any other way with pure expect test-cases directly. What happens: Expect processes "hang" during RANCID runs, and go into infinite loops eating 100% CPU (on one CPU core). The problem is reliably reproduced everytime we do a full rancid-run, but the actual device it chokes on varies between runs so it is not device-related. It does seem to happen most often when collecting Juniper M-series gear with large configurations though, using jrancid and ssh. We can NOT seem to reproduce it by running jrancid (or any other) on a single device at at time - which is somewhat confusing at is DOES happen when setting PAR_COUNT to 1 and doing a rancid-run (which should IMHO be pretty much the same as doing sequential single device runs...) Our environment: We run RANCID extensively to collect a few hundred devices, including Cisco, Cisco-CatOS, Juniper, Extreme, Extreme-XOS, Riverstone, FortiNet/FortiGate, etc. We want to start storing CPE configs in addition to our own core gear in RANCID now, which means we will be putting several thousand routers into RANCID, which also explains the need for fresher hardware... RANCID version does not seem to matter, I have tested with both some ancient 2.3.0 scripts and 2.3.2a7, same behaviour. Using the same RANCID instance (I have tarballed it up and installed it on a bunch of servers, i.e. using the same CVS and the same router.db files etc.), it fails on: FreeBSD 7.0-BETA4, amd64, SMP kernel, 8 x CPU cores (2 x quad Xeon 5335) FreeBSD 6.2-STABLE, i386, SMP kernel, 2 x CPU cores (2 x single-core Xeon) Both have perl-5.8.8_1, expect 5.43.0_3 and tcl-8.4.16,1 built from ports. It however seems to work fine on: Linux CentOS 4.5 x86-64, 4 x CPU cores (2 x dual Xeon 5130) FreeBSD 4.11 i386, UP kernel, 1 x CPU core (1 x single-core Xeon) FreeBSD 7.0-RC1, i386, UP kernel, 1 x CPU core (1 x P4) (Linux box has Expect 5.42 and Tcl 8.3...) So it only seems to be on newer FreeBSD with SMP. (If anyone have RANCID working okay on FreeBSD 6.x/7.x on SMP systems at all, please let me know...) Now, for some details, if anyone has any ideas. What is actually happening is this, when truss'ing the stuck Expect-process: fcntl(4,F_GETFL,) = 0 (0x0) fcntl(4,F_SETFL,0x0) ERR#25 'Inappropriate ioctl for device' fcntl(4,F_GETFL,) = 0 (0x0) fcntl(4,F_SETFL,0x0) ERR#25 'Inappropriate ioctl for device' So, which device is it trying to fcntl, and what is it trying to do? lsof shows the following: expect 1417 rancid cwd VDIR 0,86 2048 7607662 /local/rancid/var/core/configs expect 1417 rancid rtd VDIR 0,81 512 2 / expect 1417 rancid 0r VCHR 0,24 0t0 24 /dev/null expect 1417 rancid 2r VCHR 0,24 0t0 24 /dev/null expect 1417 rancid 3r VCHR 0,24 0t0 24 /dev/null expect 1417 rancid 4r VCHR 0,24 0t0 24 /dev/null file descriptor 4 is /dev/null. Why is it trying to F_SETFL /dev/null to BLOCKING mode (which is failing)? Why should it be playing with /dev/null at all? Well, digging a little, this is what the lsof output looked like 10 seconds earlier: expect 1417 rancid cwd VDIR 0,86 2048 7607662 /local/rancid/var/core/configs expect 1417 rancid rtd VDIR 0,81 512 2 / expect 1417 rancid 0r VCHR 0,24 0t0 24 /dev/null expect 1417 rancid 1u PIPE 0x38bfcf8 0 ->0xffffff00038bfba0 expect 1417 rancid 2w VREG 0,86 76 7583772 /local (/dev/mfid0s1f) expect 1417 rancid 3u VCHR 0,108 0t0 108 /dev/ttyp2 expect 1417 rancid 4u VCHR 0,117 0t45 117 /dev/ptyp7 ssh 1418 rancid cwd VDIR 0,86 2048 7607662 /local/rancid/var/core/configs ssh 1418 rancid rtd VDIR 0,81 512 2 / ssh 1418 rancid txt unknown file system type: 8\xb9^_^B\xff\xff\xff^Xb\xab)^B\xff\xff\xffE ssh 1418 rancid 0u VCHR 0,118 0t0 118 /dev/ttyp7 ssh 1418 rancid 1u VCHR 0,118 0t0 118 /dev/ttyp7 ssh 1418 rancid 2u VCHR 0,118 0t0 118 /dev/ttyp7 ssh 1418 rancid 3w VREG 0,86 76 7583772 /local (/dev/mfid0s1f) ssh 1418 rancid 4u IPv4 0xffffff008c030240 0t0 TCP *:27776->*:49323 ssh 1418 rancid 5u VCHR 0,118 0t45 118 /dev/ttyp7 Here, fd 4 is actually a pty (pty7), which seems to be a fork to PID 1418, the ssh session to the router, and everything seems to be normal. PID 1418 is no longer there on the most recent lsof, so 1418 seems to have died(?) and PID 1417 now has /dev/null on its file descriptor 4. I don't know why that is, but why is it trying to fcntl it to Blocking I/O mode? Here is a gdb attach to the PID and a backtrace: (gdb) bt #0 0x0000000800aefc9c in fcntl () from /lib/libc.so.7 #1 0x00000000004072c5 in ?? () #2 0x00000008006a8c18 in StackSetBlockMode () from /usr/local/lib/libtcl84.so.1 #3 0x00000008006a8c54 in SetBlockMode () from /usr/local/lib/libtcl84.so.1 #4 0x00000008006acf75 in Tcl_SetChannelOption () from /usr/local/lib/libtcl84.so.1 #5 0x00000008006aeda0 in TclFinalizeIOSubsystem () from /usr/local/lib/libtcl84.so.1 #6 0x0000000800697f74 in Tcl_FinalizeThread () from /usr/local/lib/libtcl84.so.1 #7 0x0000000800698081 in Tcl_Finalize () from /usr/local/lib/libtcl84.so.1 #8 0x000000080069833a in Tcl_Exit () from /usr/local/lib/libtcl84.so.1 #9 0x0000000000409610 in ?? () #10 0x00000008006742be in TclInvokeStringCommand () from /usr/local/lib/libtcl84.so.1 #11 0x0000000800675944 in TclEvalObjvInternal () from /usr/local/lib/libtcl84.so.1 #12 0x0000000800675dff in Tcl_EvalEx () from /usr/local/lib/libtcl84.so.1 #13 0x00000008006b55d9 in Tcl_FSEvalFile () from /usr/local/lib/libtcl84.so.1 #14 0x00000008006b5690 in Tcl_EvalFile () from /usr/local/lib/libtcl84.so.1 #15 0x0000000000404f58 in ?? () #16 0x0000000000404d47 in ?? () >From the functions it is running in Tcl, it seems it is Tcl's cleanup code that is failing, when it is trying to restore a Tcl "channel" to normal mode during an exit event. This is where my clue runs out, and I am at a loss as to how to proceed from here. I have tried digging in both Tcl and Expect source code to see if can catch anything obvious, but alas, this is somewhat outside my area of expertise (I am a networking guy, not a programmer)... Any suggestions on how to proceed to find and fix this issue would be welcome, as the only other option for us is to abandon FreeBSD and go with Linux on the server, and we have already replaced too many FreeBSD boxes with Linux for my liking, I don't want to see yet another one go... Regards, Lars Erik Gullerud From Todd at equivoice.com Thu Jan 10 14:06:15 2008 From: Todd at equivoice.com (Todd Heide) Date: Thu, 10 Jan 2008 08:06:15 -0600 Subject: [rancid] Re: Latest version In-Reply-To: <20080110004124.GJ18583@shrubbery.net> References: <082FEA82DC985B4F8A6B412D5AC4E220B3834D@exchange.Equivoice.local> <935ead450801081403l788ebdddr19f77bc27d307e51@mail.gmail.com> <20080109100204.Q10680@mignon.ki.iif.hu> <20080110004124.GJ18583@shrubbery.net> Message-ID: <082FEA82DC985B4F8A6B412D5AC4E220B3842A@exchange.Equivoice.local> CSC patch, as in the CSC module in the ASA? Thanks CCSP CCNA CCDA Nothing ever goes as planned, Its a hell of a notion, Even pharaohs turn to sand, Like a drop in the ocean -----Original Message----- From: john heasley [mailto:heas at shrubbery.net] Sent: Wednesday, January 09, 2008 6:41 PM To: Mohacsi Janos Cc: Jeffrey Ollie; Todd Heide; rancid-discuss at shrubbery.net Subject: Re: [rancid] Re: Latest version Wed, Jan 09, 2008 at 10:02:56AM +0100, Mohacsi Janos: > > > > On Tue, 8 Jan 2008, Jeffrey Ollie wrote: > > > On 1/8/08, Todd Heide wrote: > >> > >> What is the latest version and how can I find out which I am running? I need > >> to build a new box and want to get as up to date as possible running on > >> Fedora. > > > > I periodically check the FTP site. The main web page doesn't always > > get updated promptly. Ignore the 'alpha' designation and get 2.3.2a7. > > > > ftp://ftp.shrubbery.net/pub/rancid/ > > By the way, when the final 2.3.2 will be released? I have 3 things to get done before rolling 2.3.2...languishing as they may be; test 1 new module, whats-his-name's CSC patch, and *login exit value patch. From mohacsi at niif.hu Thu Jan 10 15:04:02 2008 From: mohacsi at niif.hu (Mohacsi Janos) Date: Thu, 10 Jan 2008 16:04:02 +0100 (CET) Subject: [rancid] Re: Rancid/Expect failing on FreeBSD/SMP systems In-Reply-To: <20080110132211.D75682@electra.nolink.net> References: <20080110132211.D75682@electra.nolink.net> Message-ID: <20080110160036.A40486@mignon.ki.iif.hu> Hi Lars, You should use expect-devel port to avoid hunging on pty have a look at http://www.freebsd.org/cgi/query-pr.cgi?pr=118452 Janos Mohacsi Network Engineer, Research Associate, Head of Network Planning and Projects NIIF/HUNGARNET, HUNGARY Key 70EF9882: DEC2 C685 1ED4 C95A 145F 4300 6F64 7B00 70EF 9882 On Thu, 10 Jan 2008, Lars Erik Gullerud wrote: > My apologies for posting this both to the Rancid list and FreeBSD-STABLE, > however I am not sure where to start troubleshooting this issue - I am > suspecting it is a FreeBSD issue, but I am thinking we are probably not > the only shop running RANCID (ports/net-mgmt/rancid) on FreeBSD (since it > is quite popular in ISP environments), so hopefully someone can look at > it from the RANCID angle and give some helpful input on how to > troubleshoot this further. > > The problem: After finally giving in and starting to phase out some of our > oldest FreeBSD 4.11 servers and replace them with FreeBSD 6.x on some > fresh hardware, I got around to start moving our RANCID server. This > however, has been the start of a real nightmare. I don't think the > problems I am seeing are in RANCID itself, however it can be reliable > reproduced every time i run RANCID and I have not been able to reproduce > it in any other way with pure expect test-cases directly. > > What happens: > > Expect processes "hang" during RANCID runs, and go into infinite loops > eating 100% CPU (on one CPU core). The problem is reliably reproduced > everytime we do a full rancid-run, but the actual device it chokes on > varies between runs so it is not device-related. It does seem to happen > most often when collecting Juniper M-series gear with large configurations > though, using jrancid and ssh. > > We can NOT seem to reproduce it by running jrancid (or any other) on a > single device at at time - which is somewhat confusing at is DOES happen > when setting PAR_COUNT to 1 and doing a rancid-run (which > should IMHO be pretty much the same as doing sequential single device > runs...) > > Our environment: > > We run RANCID extensively to collect a few hundred devices, including > Cisco, Cisco-CatOS, Juniper, Extreme, Extreme-XOS, Riverstone, > FortiNet/FortiGate, etc. We want to start storing CPE configs in addition > to our own core gear in RANCID now, which means we will be putting several > thousand routers into RANCID, which also explains the need for fresher > hardware... > > RANCID version does not seem to matter, I have tested with both some > ancient 2.3.0 scripts and 2.3.2a7, same behaviour. > > Using the same RANCID instance (I have tarballed it up and installed it on > a bunch of servers, i.e. using the same CVS and the same router.db files > etc.), it fails on: > > FreeBSD 7.0-BETA4, amd64, SMP kernel, 8 x CPU cores (2 x quad Xeon 5335) > FreeBSD 6.2-STABLE, i386, SMP kernel, 2 x CPU cores (2 x single-core Xeon) > > Both have perl-5.8.8_1, expect 5.43.0_3 and tcl-8.4.16,1 built from ports. > > It however seems to work fine on: > > Linux CentOS 4.5 x86-64, 4 x CPU cores (2 x dual Xeon 5130) > FreeBSD 4.11 i386, UP kernel, 1 x CPU core (1 x single-core Xeon) > FreeBSD 7.0-RC1, i386, UP kernel, 1 x CPU core (1 x P4) > > (Linux box has Expect 5.42 and Tcl 8.3...) > > So it only seems to be on newer FreeBSD with SMP. (If anyone have RANCID > working okay on FreeBSD 6.x/7.x on SMP systems at all, please let me > know...) > > Now, for some details, if anyone has any ideas. What is actually > happening is this, when truss'ing the stuck Expect-process: > > fcntl(4,F_GETFL,) = 0 (0x0) > fcntl(4,F_SETFL,0x0) ERR#25 'Inappropriate ioctl for device' > fcntl(4,F_GETFL,) = 0 (0x0) > fcntl(4,F_SETFL,0x0) ERR#25 'Inappropriate ioctl for device' > > > So, which device is it trying to fcntl, and what is it trying to do? lsof > shows the following: > > expect 1417 rancid cwd VDIR 0,86 2048 7607662 /local/rancid/var/core/configs > expect 1417 rancid rtd VDIR 0,81 512 2 / > expect 1417 rancid 0r VCHR 0,24 0t0 24 /dev/null > expect 1417 rancid 2r VCHR 0,24 0t0 24 /dev/null > expect 1417 rancid 3r VCHR 0,24 0t0 24 /dev/null > expect 1417 rancid 4r VCHR 0,24 0t0 24 /dev/null > > file descriptor 4 is /dev/null. Why is it trying to F_SETFL /dev/null to > BLOCKING mode (which is failing)? Why should it be playing with /dev/null > at all? Well, digging a little, this is what the lsof output looked like > 10 seconds earlier: > > expect 1417 rancid cwd VDIR 0,86 2048 7607662 /local/rancid/var/core/configs > expect 1417 rancid rtd VDIR 0,81 512 2 / > expect 1417 rancid 0r VCHR 0,24 0t0 24 /dev/null > expect 1417 rancid 1u PIPE 0x38bfcf8 0 ->0xffffff00038bfba0 > expect 1417 rancid 2w VREG 0,86 76 7583772 /local (/dev/mfid0s1f) > expect 1417 rancid 3u VCHR 0,108 0t0 108 /dev/ttyp2 > expect 1417 rancid 4u VCHR 0,117 0t45 117 /dev/ptyp7 > ssh 1418 rancid cwd VDIR 0,86 2048 7607662 /local/rancid/var/core/configs > ssh 1418 rancid rtd VDIR 0,81 512 2 / > ssh 1418 rancid txt unknown file system type: 8\xb9^_^B\xff\xff\xff^Xb\xab)^B\xff\xff\xffE > ssh 1418 rancid 0u VCHR 0,118 0t0 118 /dev/ttyp7 > ssh 1418 rancid 1u VCHR 0,118 0t0 118 /dev/ttyp7 > ssh 1418 rancid 2u VCHR 0,118 0t0 118 /dev/ttyp7 > ssh 1418 rancid 3w VREG 0,86 76 7583772 /local (/dev/mfid0s1f) > ssh 1418 rancid 4u IPv4 0xffffff008c030240 0t0 TCP *:27776->*:49323 > ssh 1418 rancid 5u VCHR 0,118 0t45 118 /dev/ttyp7 > > Here, fd 4 is actually a pty (pty7), which seems to be a fork to PID 1418, > the ssh session to the router, and everything seems to be normal. > > PID 1418 is no longer there on the most recent lsof, so 1418 seems to > have died(?) and PID 1417 now has /dev/null on its file descriptor 4. I > don't know why that is, but why is it trying to fcntl it to Blocking I/O > mode? Here is a gdb attach to the PID and a backtrace: > > (gdb) bt > #0 0x0000000800aefc9c in fcntl () from /lib/libc.so.7 > #1 0x00000000004072c5 in ?? () > #2 0x00000008006a8c18 in StackSetBlockMode () > from /usr/local/lib/libtcl84.so.1 > #3 0x00000008006a8c54 in SetBlockMode () from > /usr/local/lib/libtcl84.so.1 > #4 0x00000008006acf75 in Tcl_SetChannelOption () > from /usr/local/lib/libtcl84.so.1 > #5 0x00000008006aeda0 in TclFinalizeIOSubsystem () > from /usr/local/lib/libtcl84.so.1 > #6 0x0000000800697f74 in Tcl_FinalizeThread () > from /usr/local/lib/libtcl84.so.1 > #7 0x0000000800698081 in Tcl_Finalize () from > /usr/local/lib/libtcl84.so.1 > #8 0x000000080069833a in Tcl_Exit () from /usr/local/lib/libtcl84.so.1 > #9 0x0000000000409610 in ?? () > #10 0x00000008006742be in TclInvokeStringCommand () > from /usr/local/lib/libtcl84.so.1 > #11 0x0000000800675944 in TclEvalObjvInternal () > from /usr/local/lib/libtcl84.so.1 > #12 0x0000000800675dff in Tcl_EvalEx () from /usr/local/lib/libtcl84.so.1 > #13 0x00000008006b55d9 in Tcl_FSEvalFile () from > /usr/local/lib/libtcl84.so.1 > #14 0x00000008006b5690 in Tcl_EvalFile () from > /usr/local/lib/libtcl84.so.1 > #15 0x0000000000404f58 in ?? () > #16 0x0000000000404d47 in ?? () > >> From the functions it is running in Tcl, it seems it is Tcl's cleanup > code that is failing, when it is trying to restore a Tcl "channel" to > normal mode during an exit event. > > This is where my clue runs out, and I am at a loss as to how to proceed > from here. I have tried digging in both Tcl and Expect source code to see > if can catch anything obvious, but alas, this is somewhat outside my area > of expertise (I am a networking guy, not a programmer)... > > Any suggestions on how to proceed to find and fix this issue would be > welcome, as the only other option for us is to abandon FreeBSD and go with > Linux on the server, and we have already replaced too many FreeBSD boxes > with Linux for my liking, I don't want to see yet another one go... > > Regards, > Lars Erik Gullerud > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > From paris.stone at gmail.com Fri Jan 4 13:34:47 2008 From: paris.stone at gmail.com (Paris Stone) Date: Fri, 4 Jan 2008 08:34:47 -0500 Subject: [rancid] F5 login & F5 rancid files Message-ID: <281dadb30801040534n75df5284wb9f7fe2bfc66fa75@mail.gmail.com> I have been looking for login&rancid files that would support getting F5, BigIPs configs. I have seen some postings, and diffs, discussion like that, but haven't actually seen the files. Could someone reply with a link for downloading them, please? -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20080104/fbb444f0/attachment.html From heas at shrubbery.net Thu Jan 10 16:45:09 2008 From: heas at shrubbery.net (john heasley) Date: Thu, 10 Jan 2008 16:45:09 +0000 Subject: [rancid] Re: changing the from for emails In-Reply-To: <47860C24.6020301@justinshore.com> References: <47859E88.4010401@gmail.com> <47860C24.6020301@justinshore.com> Message-ID: <20080110164509.GA9159@shrubbery.net> That does not affect the From, an indeed some MTAs do not permit unprivleged users to set From. This should be corrected in the MTA configuration. In postfix that'd be the myorigin knob. Thu, Jan 10, 2008 at 06:14:28AM -0600, Justin Shore: > Lai, > > Is MAILDOMAIN defined in your etc/rancid.conf? > > Justin > > Lai Chen Kang wrote: > > Hi all > > > > I am rather new to linux and not sure if this is the right place to post this. I want the email to be from > > hostname at mydomain.com. However what I am getting is rancid at hostname.mydomain.com. Any idea how I can configure this? > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss From rancid at gheek.net Thu Jan 10 17:12:45 2008 From: rancid at gheek.net (Lance) Date: Thu, 10 Jan 2008 10:12:45 -0700 Subject: [rancid] Re: F5 login & F5 rancid files Message-ID: <20080110101245.8e114e4890519e5179c192e02d6bca26.28fc615eba.wbe@email.secureserver.net> Paris, I would point you to one link if I could find it asap. But the fastest way for me was to post what Mike Ashcraft did for the F5. The version I just posted has a few additions I just added. http://www.gheek.net/scripts/perl/f5rancid_pl.txt http://www.gheek.net/scripts/expect/f5login_exp.txt Here is the post I just sent about Mikes last version and what needs to be added (which is in the version I just posted on my site) to make it work. http://www.shrubbery.net/pipermail/rancid-discuss/2008-January/002662.html Bah, I did the search and here is mikes post as well. http://www.shrubbery.net/pipermail/rancid-discuss/2007-November/002601.html -lance > -------- Original Message -------- > Subject: [rancid] F5 login & F5 rancid files > From: "Paris Stone" > Date: Fri, January 04, 2008 6:34 am > To: rancid-discuss at shrubbery.net > I have been looking for login&rancid files that would support getting F5, > BigIPs configs. I have seen some postings, and diffs, discussion like that, > but haven't actually seen the files. > Could someone reply with a link for downloading them, please?
_______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss From AElliott at xo.com Thu Jan 10 21:17:49 2008 From: AElliott at xo.com (Elliott, Andrew) Date: Thu, 10 Jan 2008 16:17:49 -0500 Subject: [rancid] IFBrief no longer reporting for Cisco gear with 2.3.2a7 Message-ID: <3B715C4683E2F54DBC36ECDD2CA70F5303C42816@VARESTMAIL03.mail.inthosts.net> Hello, Is there any plans to include the IFBrief output in future releases or patches? Since moving to 2.3.2a7, that portion of the output is no longer included in the backups. Is there an easy way to edit bin/rancid to add the support back in? --- (o< Andrew Elliott desk: 989.758.6987 //\ Tier II Data cell: 989.213.5794 V_/_ XO Communications -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= "Don't EVER cross the streams." From laichenkang at gmail.com Fri Jan 11 10:01:20 2008 From: laichenkang at gmail.com (Lai Chen Kang) Date: Fri, 11 Jan 2008 18:01:20 +0800 Subject: [rancid] Re: changing the from for emails In-Reply-To: <20080110164509.GA9159@shrubbery.net> References: <47859E88.4010401@gmail.com> <47860C24.6020301@justinshore.com> <20080110164509.GA9159@shrubbery.net> Message-ID: <47873E70.1000302@gmail.com> I am using sendmail. Any idea how I can configure this in sendmail? john heasley wrote: > That does not affect the From, an indeed some MTAs do not permit unprivleged > users to set From. This should be corrected in the MTA configuration. In > postfix that'd be the myorigin knob. > > Thu, Jan 10, 2008 at 06:14:28AM -0600, Justin Shore: >> Lai, >> >> Is MAILDOMAIN defined in your etc/rancid.conf? >> >> Justin >> >> Lai Chen Kang wrote: >>> Hi all >>> >>> I am rather new to linux and not sure if this is the right place to post this. I want the email to be from >>> hostname at mydomain.com. However what I am getting is rancid at hostname.mydomain.com. Any idea how I can configure this? >> _______________________________________________ >> Rancid-discuss mailing list >> Rancid-discuss at shrubbery.net >> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss From stsimb at irc.gr Fri Jan 11 14:09:24 2008 From: stsimb at irc.gr (Sotiris Tsimbonis) Date: Fri, 11 Jan 2008 16:09:24 +0200 Subject: [rancid] Re: changing the from for emails In-Reply-To: <47873E70.1000302@gmail.com> References: <47859E88.4010401@gmail.com> <47860C24.6020301@justinshore.com> <20080110164509.GA9159@shrubbery.net> <47873E70.1000302@gmail.com> Message-ID: <47877894.2090806@irc.gr> Lai Chen Kang wrote: > I am using sendmail. Any idea how I can configure this in sendmail? > You need to do masquerading in your .mc file and generate a new sendmail.cf .. http://www.sendmail.org/m4/masquerading.html Sot. > john heasley wrote: >> That does not affect the From, an indeed some MTAs do not permit unprivleged >> users to set From. This should be corrected in the MTA configuration. In >> postfix that'd be the myorigin knob. >> >> Thu, Jan 10, 2008 at 06:14:28AM -0600, Justin Shore: >>> Lai, >>> >>> Is MAILDOMAIN defined in your etc/rancid.conf? >>> >>> Justin >>> >>> Lai Chen Kang wrote: >>>> Hi all >>>> >>>> I am rather new to linux and not sure if this is the right place to post this. I want the email to be from >>>> hostname at mydomain.com. However what I am getting is rancid at hostname.mydomain.com. Any idea how I can configure this? >>> _______________________________________________ >>> Rancid-discuss mailing list >>> Rancid-discuss at shrubbery.net >>> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > From heas at shrubbery.net Fri Jan 11 19:52:14 2008 From: heas at shrubbery.net (john heasley) Date: Fri, 11 Jan 2008 19:52:14 +0000 Subject: [rancid] Re: IFBrief no longer reporting for Cisco gear with 2.3.2a7 In-Reply-To: <3B715C4683E2F54DBC36ECDD2CA70F5303C42816@VARESTMAIL03.mail.inthosts.net> References: <3B715C4683E2F54DBC36ECDD2CA70F5303C42816@VARESTMAIL03.mail.inthosts.net> Message-ID: <20080111195214.GD21882@shrubbery.net> I do not understand what it is that you're calling "IFBrief output." Thu, Jan 10, 2008 at 04:17:49PM -0500, Elliott, Andrew: > Hello, > > Is there any plans to include the IFBrief output in future releases or > patches? Since moving to 2.3.2a7, that portion of the output is no > longer included in the backups. > > Is there an easy way to edit bin/rancid to add the support back in? > > --- > (o< Andrew Elliott desk: 989.758.6987 > //\ Tier II Data cell: 989.213.5794 > V_/_ XO Communications > -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= > "Don't EVER cross the streams." > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss From AElliott at xo.com Fri Jan 11 20:06:27 2008 From: AElliott at xo.com (Elliott, Andrew) Date: Fri, 11 Jan 2008 15:06:27 -0500 Subject: [rancid] Re: IFBrief no longer reporting for Cisco gear with 2.3.2a7 References: <3B715C4683E2F54DBC36ECDD2CA70F5303C42816@VARESTMAIL03.mail.inthosts.net> <20080111195214.GD21882@shrubbery.net> Message-ID: <3B715C4683E2F54DBC36ECDD2CA70F5303C4281E@VARESTMAIL03.mail.inthosts.net> With the older version of rancid, the output of "show ip interface brief" was included in the backups (preceeded in the output by "IFBrief: etc..." Since moving to 2.3.2a7, that output is missing from the backups. --- Andrew Elliott Tier II Data XO Communications desk: 989.758.6987 cell: 989.213.5794 > -----Original Message----- > From: john heasley [mailto:heas at shrubbery.net] > Sent: Friday, January 11, 2008 2:52 PM > To: Elliott, Andrew > Cc: rancid-discuss at shrubbery.net > Subject: Re: [rancid] IFBrief no longer reporting for Cisco > gear with 2.3.2a7 > > I do not understand what it is that you're calling "IFBrief output." > > Thu, Jan 10, 2008 at 04:17:49PM -0500, Elliott, Andrew: > > Hello, > > > > Is there any plans to include the IFBrief output in future > releases or > > patches? Since moving to 2.3.2a7, that portion of the output is no > > longer included in the backups. > > > > Is there an easy way to edit bin/rancid to add the support back in? > > > > --- > > (o< Andrew Elliott desk: 989.758.6987 > > //\ Tier II Data cell: 989.213.5794 > > V_/_ XO Communications > > -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= > > "Don't EVER cross the streams." > > _______________________________________________ > > Rancid-discuss mailing list > > Rancid-discuss at shrubbery.net > > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > From heas at shrubbery.net Fri Jan 11 20:09:18 2008 From: heas at shrubbery.net (john heasley) Date: Fri, 11 Jan 2008 20:09:18 +0000 Subject: [rancid] Re: IFBrief no longer reporting for Cisco gear with 2.3.2a7 In-Reply-To: <3B715C4683E2F54DBC36ECDD2CA70F5303C4281E@VARESTMAIL03.mail.inthosts.net> References: <3B715C4683E2F54DBC36ECDD2CA70F5303C42816@VARESTMAIL03.mail.inthosts.net> <20080111195214.GD21882@shrubbery.net> <3B715C4683E2F54DBC36ECDD2CA70F5303C4281E@VARESTMAIL03.mail.inthosts.net> Message-ID: <20080111200918.GH21882@shrubbery.net> Fri, Jan 11, 2008 at 03:06:27PM -0500, Elliott, Andrew: > With the older version of rancid, the output of "show ip interface > brief" was included in the backups (preceeded in the output by "IFBrief: > etc..." No, that was never collected. You had a local modification. > Since moving to 2.3.2a7, that output is missing from the backups. > > --- > Andrew Elliott > Tier II Data > XO Communications > desk: 989.758.6987 > cell: 989.213.5794 > > > > > -----Original Message----- > > From: john heasley [mailto:heas at shrubbery.net] > > Sent: Friday, January 11, 2008 2:52 PM > > To: Elliott, Andrew > > Cc: rancid-discuss at shrubbery.net > > Subject: Re: [rancid] IFBrief no longer reporting for Cisco > > gear with 2.3.2a7 > > > > I do not understand what it is that you're calling "IFBrief output." > > > > Thu, Jan 10, 2008 at 04:17:49PM -0500, Elliott, Andrew: > > > Hello, > > > > > > Is there any plans to include the IFBrief output in future > > releases or > > > patches? Since moving to 2.3.2a7, that portion of the output is no > > > longer included in the backups. > > > > > > Is there an easy way to edit bin/rancid to add the support back in? > > > > > > --- > > > (o< Andrew Elliott desk: 989.758.6987 > > > //\ Tier II Data cell: 989.213.5794 > > > V_/_ XO Communications > > > -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= > > > "Don't EVER cross the streams." > > > _______________________________________________ > > > Rancid-discuss mailing list > > > Rancid-discuss at shrubbery.net > > > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > > From AElliott at xo.com Fri Jan 11 20:19:00 2008 From: AElliott at xo.com (Elliott, Andrew) Date: Fri, 11 Jan 2008 15:19:00 -0500 Subject: [rancid] Re: IFBrief no longer reporting for Cisco gear with 2.3.2a7 References: <3B715C4683E2F54DBC36ECDD2CA70F5303C42816@VARESTMAIL03.mail.inthosts.net> <20080111195214.GD21882@shrubbery.net> <3B715C4683E2F54DBC36ECDD2CA70F5303C4281E@VARESTMAIL03.mail.inthosts.net> <20080111200918.GH21882@shrubbery.net> Message-ID: <3B715C4683E2F54DBC36ECDD2CA70F5303C42820@VARESTMAIL03.mail.inthosts.net> John, Thanks so much for the answer! I tried to add it myself by adding this line to the commandtable: {'show ip interface brief' => "ShowIFBrief"}, And this routine: sub ShowIFBrief { print STDERR " In ShowIFBrief: $_" if ($debug); while () { tr/\015//d; last if (/^$prompt/); next if (/^(\s*|\s*$cmd\s*)$/); return(-1) if (/command authorization failed/i); ProcessHistory("COMMENTS","","","!IFBrief: $_"); } ProcessHistory("COMMENTS","","","!\n"); return(0); } --- Andrew Elliott Tier II Data XO Communications desk: 989.758.6987 cell: 989.213.5794 > -----Original Message----- > From: john heasley [mailto:heas at shrubbery.net] > Sent: Friday, January 11, 2008 3:09 PM > To: Elliott, Andrew > Cc: john heasley; rancid-discuss at shrubbery.net > Subject: Re: [rancid] IFBrief no longer reporting for Cisco > gear with 2.3.2a7 > > Fri, Jan 11, 2008 at 03:06:27PM -0500, Elliott, Andrew: > > With the older version of rancid, the output of "show ip interface > > brief" was included in the backups (preceeded in the output > by "IFBrief: > > etc..." > > No, that was never collected. You had a local modification. > > > Since moving to 2.3.2a7, that output is missing from the backups. > > > > --- > > Andrew Elliott > > Tier II Data > > XO Communications > > desk: 989.758.6987 > > cell: 989.213.5794 > > > > > > > > > -----Original Message----- > > > From: john heasley [mailto:heas at shrubbery.net] > > > Sent: Friday, January 11, 2008 2:52 PM > > > To: Elliott, Andrew > > > Cc: rancid-discuss at shrubbery.net > > > Subject: Re: [rancid] IFBrief no longer reporting for Cisco > > > gear with 2.3.2a7 > > > > > > I do not understand what it is that you're calling > "IFBrief output." > > > > > > Thu, Jan 10, 2008 at 04:17:49PM -0500, Elliott, Andrew: > > > > Hello, > > > > > > > > Is there any plans to include the IFBrief output in future > > > releases or > > > > patches? Since moving to 2.3.2a7, that portion of the > output is no > > > > longer included in the backups. > > > > > > > > Is there an easy way to edit bin/rancid to add the > support back in? > > > > > > > > --- > > > > (o< Andrew Elliott desk: 989.758.6987 > > > > //\ Tier II Data cell: 989.213.5794 > > > > V_/_ XO Communications > > > > -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= > > > > "Don't EVER cross the streams." > > > > _______________________________________________ > > > > Rancid-discuss mailing list > > > > Rancid-discuss at shrubbery.net > > > > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > > > > From heas at shrubbery.net Fri Jan 11 20:26:10 2008 From: heas at shrubbery.net (john heasley) Date: Fri, 11 Jan 2008 20:26:10 +0000 Subject: [rancid] Re: IFBrief no longer reporting for Cisco gear with 2.3.2a7 In-Reply-To: <3B715C4683E2F54DBC36ECDD2CA70F5303C42820@VARESTMAIL03.mail.inthosts.net> References: <3B715C4683E2F54DBC36ECDD2CA70F5303C42816@VARESTMAIL03.mail.inthosts.net> <20080111195214.GD21882@shrubbery.net> <3B715C4683E2F54DBC36ECDD2CA70F5303C4281E@VARESTMAIL03.mail.inthosts.net> <20080111200918.GH21882@shrubbery.net> <3B715C4683E2F54DBC36ECDD2CA70F5303C42820@VARESTMAIL03.mail.inthosts.net> Message-ID: <20080111202610.GJ21882@shrubbery.net> Fri, Jan 11, 2008 at 03:19:00PM -0500, Elliott, Andrew: > John, > > Thanks so much for the answer! > > I tried to add it myself by adding this line to the commandtable: > > {'show ip interface brief' => "ShowIFBrief"}, > > And this routine: > > sub ShowIFBrief { > print STDERR " In ShowIFBrief: $_" if ($debug); > > while () { > tr/\015//d; > last if (/^$prompt/); > next if (/^(\s*|\s*$cmd\s*)$/); > return(-1) if (/command authorization failed/i); > ProcessHistory("COMMENTS","","","!IFBrief: $_"); > } > ProcessHistory("COMMENTS","","","!\n"); > return(0); > } > I'm trying to add a way to make local additions (and omissions) like this easier. but it will not be ready until after 2.3.2. From NPabon at archstonesmith.com Fri Jan 11 20:31:47 2008 From: NPabon at archstonesmith.com (Pabon, Nestor) Date: Fri, 11 Jan 2008 13:31:47 -0700 Subject: [rancid] Searching for Half-duplex Interfaces Message-ID: <58B7A531794E6A49B3BAD57E3332254402968821@engexc11.archstonesmith.com> First of all I want to thank the developers for such a great tool. I need to discover in a network of 200+ routers, which ones have FastEthernet interfaces; either 0/0 or 0/1 set to "Half-duplex". Can someone help me script this query? My objective is to investigate why they are set to Half-duplex, and then change them to full or hard code them where appropriate. Regards, Nestor -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20080111/ad8b7f22/attachment.html From rancid at gheek.net Fri Jan 11 20:56:24 2008 From: rancid at gheek.net (Lance) Date: Fri, 11 Jan 2008 13:56:24 -0700 Subject: [rancid] Re: Searching for Half-duplex Interfaces Message-ID: <20080111135624.8e114e4890519e5179c192e02d6bca26.f4076e1b84.wbe@email.secureserver.net> use clogin and do a sho int for each interface. the look for half somewhere in the output of the show interface. > -------- Original Message -------- > Subject: [rancid] Searching for Half-duplex Interfaces > From: "Pabon, Nestor" > Date: Fri, January 11, 2008 1:31 pm > To: > First of all I want to thank the developers for such a great tool. > > I need to discover in a network of 200+ routers, which ones have > FastEthernet interfaces; either 0/0 or 0/1 set to "Half-duplex". > > Can someone help me script this query? > > My objective is to investigate why they are set to Half-duplex, and then > change them to full or hard code them where appropriate. > > Regards, > Nestor
_______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss From heas at shrubbery.net Fri Jan 11 21:29:39 2008 From: heas at shrubbery.net (john heasley) Date: Fri, 11 Jan 2008 21:29:39 +0000 Subject: [rancid] Re: Searching for Half-duplex Interfaces In-Reply-To: <58B7A531794E6A49B3BAD57E3332254402968821@engexc11.archstonesmith.com> References: <58B7A531794E6A49B3BAD57E3332254402968821@engexc11.archstonesmith.com> Message-ID: <20080111212939.GK21882@shrubbery.net> Fri, Jan 11, 2008 at 01:31:47PM -0700, Pabon, Nestor: > First of all I want to thank the developers for such a great tool. > > > > I need to discover in a network of 200+ routers, which ones have > FastEthernet interfaces; either 0/0 or 0/1 set to "Half-duplex". > > > > Can someone help me script this query? an snmpwalk of interfaces seems like a better approach. however... for rtr in ...list...; do clogin -c 'show interfaces | in (line protocol|duplex|speed)' $rtr \ >>output 2>&1 done or xargs or whatever your fancy. then perl/awk/human/whatever you like to exclude the uninteresting stuff from the output. From NPabon at archstonesmith.com Fri Jan 11 21:33:32 2008 From: NPabon at archstonesmith.com (Pabon, Nestor) Date: Fri, 11 Jan 2008 14:33:32 -0700 Subject: [rancid] Re: Searching for Half-duplex Interfaces In-Reply-To: <20080111135624.8e114e4890519e5179c192e02d6bca26.f4076e1b84.wbe@email.secureserver.net> References: <20080111135624.8e114e4890519e5179c192e02d6bca26.f4076e1b84.wbe@email.secureserver.net> Message-ID: <58B7A531794E6A49B3BAD57E333225440296885D@engexc11.archstonesmith.com> I'm not sure I conveyed my goal correctly. If I use clogin or log directly into the router I know I can query issuing the following: "sh interface | i Half-duplex" But this will only return something like: "Half-duplex, 10Mb/s, 100BaseTX/FX" I rather do a: "show int" And have the output go to a file named "show-duplex" And then somehow get a report which will give the device name which had an interface set to Half-duplex". Hope this helps. Regards, Nestor -----Original Message----- From: Lance [mailto:rancid at gheek.net] Sent: Friday, January 11, 2008 1:56 PM To: Pabon, Nestor Cc: rancid-discuss at shrubbery.net Subject: RE: [rancid] Searching for Half-duplex Interfaces use clogin and do a sho int for each interface. the look for half somewhere in the output of the show interface. > -------- Original Message -------- > Subject: [rancid] Searching for Half-duplex Interfaces > From: "Pabon, Nestor" > Date: Fri, January 11, 2008 1:31 pm > To: > First of all I want to thank the developers for such a great tool. > > I need to discover in a network of 200+ routers, which ones have > FastEthernet interfaces; either 0/0 or 0/1 set to "Half-duplex". > > Can someone help me script this query? > > My objective is to investigate why they are set to Half-duplex, and then > change them to full or hard code them where appropriate. > > Regards, > Nestor
_______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss From NPabon at archstonesmith.com Fri Jan 11 22:02:22 2008 From: NPabon at archstonesmith.com (Pabon, Nestor) Date: Fri, 11 Jan 2008 15:02:22 -0700 Subject: [rancid] Re: Searching for Half-duplex Interfaces In-Reply-To: <20080111212939.GK21882@shrubbery.net> References: <58B7A531794E6A49B3BAD57E3332254402968821@engexc11.archstonesmith.com> <20080111212939.GK21882@shrubbery.net> Message-ID: <58B7A531794E6A49B3BAD57E3332254402968876@engexc11.archstonesmith.com> This looks interesting. Got to figure out how to script it. -----Original Message----- From: john heasley [mailto:heas at shrubbery.net] Sent: Friday, January 11, 2008 2:30 PM To: Pabon, Nestor Cc: rancid-discuss at shrubbery.net Subject: Re: [rancid] Searching for Half-duplex Interfaces Fri, Jan 11, 2008 at 01:31:47PM -0700, Pabon, Nestor: > First of all I want to thank the developers for such a great tool. > > > > I need to discover in a network of 200+ routers, which ones have > FastEthernet interfaces; either 0/0 or 0/1 set to "Half-duplex". > > > > Can someone help me script this query? an snmpwalk of interfaces seems like a better approach. however... for rtr in ...list...; do clogin -c 'show interfaces | in (line protocol|duplex|speed)' $rtr \ >>output 2>&1 done or xargs or whatever your fancy. then perl/awk/human/whatever you like to exclude the uninteresting stuff from the output. From eravin at panix.com Fri Jan 11 22:29:16 2008 From: eravin at panix.com (Ed Ravin) Date: Fri, 11 Jan 2008 17:29:16 -0500 Subject: [rancid] Re: Searching for Half-duplex Interfaces In-Reply-To: <58B7A531794E6A49B3BAD57E333225440296885D@engexc11.archstonesmith.com> References: <20080111135624.8e114e4890519e5179c192e02d6bca26.f4076e1b84.wbe@email.secureserver.net> <58B7A531794E6A49B3BAD57E333225440296885D@engexc11.archstonesmith.com> Message-ID: <20080111222916.GA18828@panix.com> On Fri, Jan 11, 2008 at 02:33:32PM -0700, Pabon, Nestor wrote: > I'm not sure I conveyed my goal correctly. > > If I use clogin or log directly into the router I know I can query > issuing the following: > > "sh interface | i Half-duplex" > > But this will only return something like: > > "Half-duplex, 10Mb/s, 100BaseTX/FX" But if you followed John's instructions (repeated below, with slight edits for clarity), you would get something much better than that. Note the regexp which will match things like: FastEthernet0/0/0 is up, line protocol is up So you'll see the interface names, and then their duplex settings if they are Ethernet-based. -------- for rtr in ...list... do clogin -c 'show interfaces | inc (line protocol|duplex|speed)' $rtr >>output.file 2>&1 done From NPabon at archstonesmith.com Fri Jan 11 23:19:42 2008 From: NPabon at archstonesmith.com (Pabon, Nestor) Date: Fri, 11 Jan 2008 16:19:42 -0700 Subject: [rancid] Re: Searching for Half-duplex Interfaces In-Reply-To: <20080111222916.GA18828@panix.com> References: <20080111135624.8e114e4890519e5179c192e02d6bca26.f4076e1b84.wbe@email.secureserver.net> <58B7A531794E6A49B3BAD57E333225440296885D@engexc11.archstonesmith.com> <20080111222916.GA18828@panix.com> Message-ID: <58B7A531794E6A49B3BAD57E33322544029688CC@engexc11.archstonesmith.com> So the list of routers is in: /opt/rancid/data/mpls-routers Does this mean that "for rtr in ...list..." Becomes "for rtr in /opt/rancid/data/mpls-routers/router.db" Regards, Nestor -----Original Message----- From: Ed Ravin [mailto:eravin at panix.com] Sent: Friday, January 11, 2008 3:29 PM To: Pabon, Nestor Cc: rancid-discuss at shrubbery.net Subject: Re: [rancid] Re: Searching for Half-duplex Interfaces On Fri, Jan 11, 2008 at 02:33:32PM -0700, Pabon, Nestor wrote: > I'm not sure I conveyed my goal correctly. > > If I use clogin or log directly into the router I know I can query > issuing the following: > > "sh interface | i Half-duplex" > > But this will only return something like: > > "Half-duplex, 10Mb/s, 100BaseTX/FX" But if you followed John's instructions (repeated below, with slight edits for clarity), you would get something much better than that. Note the regexp which will match things like: FastEthernet0/0/0 is up, line protocol is up So you'll see the interface names, and then their duplex settings if they are Ethernet-based. -------- for rtr in ...list... do clogin -c 'show interfaces | inc (line protocol|duplex|speed)' $rtr >>output.file 2>&1 done From mashcraft at omniture.com Fri Jan 11 23:28:21 2008 From: mashcraft at omniture.com (Mike Ashcraft) Date: Fri, 11 Jan 2008 16:28:21 -0700 Subject: [rancid] Re: Searching for Half-duplex Interfaces In-Reply-To: <58B7A531794E6A49B3BAD57E33322544029688CC@engexc11.archstonesmith.com> References: <20080111135624.8e114e4890519e5179c192e02d6bca26.f4076e1b84.wbe@email.secureserver.net><58B7A531794E6A49B3BAD57E333225440296885D@engexc11.archstonesmith.com><20080111222916.GA18828@panix.com> <58B7A531794E6A49B3BAD57E33322544029688CC@engexc11.archstonesmith.com> Message-ID: <45EB285310B55542A513F93230F0A533039A3391@EXCHANGE0.orm.omniture.com> Close. You need to trim the data in router.db for rtr in $(cat router.db | cut -d: -f1); do clogin $rtr ... ; done Mike -----Original Message----- From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Pabon, Nestor Sent: Friday, January 11, 2008 4:20 PM To: Ed Ravin Cc: rancid-discuss at shrubbery.net Subject: [rancid] Re: Searching for Half-duplex Interfaces So the list of routers is in: /opt/rancid/data/mpls-routers Does this mean that "for rtr in ...list..." Becomes "for rtr in /opt/rancid/data/mpls-routers/router.db" Regards, Nestor -----Original Message----- From: Ed Ravin [mailto:eravin at panix.com] Sent: Friday, January 11, 2008 3:29 PM To: Pabon, Nestor Cc: rancid-discuss at shrubbery.net Subject: Re: [rancid] Re: Searching for Half-duplex Interfaces On Fri, Jan 11, 2008 at 02:33:32PM -0700, Pabon, Nestor wrote: > I'm not sure I conveyed my goal correctly. > > If I use clogin or log directly into the router I know I can query > issuing the following: > > "sh interface | i Half-duplex" > > But this will only return something like: > > "Half-duplex, 10Mb/s, 100BaseTX/FX" But if you followed John's instructions (repeated below, with slight edits for clarity), you would get something much better than that. Note the regexp which will match things like: FastEthernet0/0/0 is up, line protocol is up So you'll see the interface names, and then their duplex settings if they are Ethernet-based. -------- for rtr in ...list... do clogin -c 'show interfaces | inc (line protocol|duplex|speed)' $rtr >>output.file 2>&1 done _______________________________________________ Rancid-discuss mailing list Rancid-discuss at shrubbery.net http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss From cmoody at qualcomm.com Fri Jan 11 23:42:44 2008 From: cmoody at qualcomm.com (Chris Moody) Date: Fri, 11 Jan 2008 15:42:44 -0800 Subject: [rancid] Re: Searching for Half-duplex Interfaces In-Reply-To: <58B7A531794E6A49B3BAD57E33322544029688CC@engexc11.archstonesmith.com> References: <20080111135624.8e114e4890519e5179c192e02d6bca26.f4076e1b84.wbe@email.secureserver.net> <58B7A531794E6A49B3BAD57E333225440296885D@engexc11.archstonesmith.com> <20080111222916.GA18828@panix.com> <58B7A531794E6A49B3BAD57E33322544029688CC@engexc11.archstonesmith.com> Message-ID: <4787FEF4.8050708@qualcomm.com> You can use the shell routine I gave you. ./rancid-config-apply.sh Put the commands you want to issue to the device into the location defined in the COMMANDSFILEPATH variable...and then just answer the prompts. ex> rancid at fittipaldi ~ $ cat command-scripts/interface-duplex show interfaces | inc (line protocol|duplex|speed) ##### rancid at fittipaldi ~ $ ./scripts/bash/rancid-config-apply.sh =====[ Rancid Config Apply Script ]===== Please enter the nodegroup: mpls-routers Please enter name of commands-file: interface-duplex ... ##### and the routine will take off from there...only logging into devices that are flagged as "up" in rancid. Cheers, -Chris Pabon, Nestor wrote: > So the list of routers is in: > > /opt/rancid/data/mpls-routers > > Does this mean that > > "for rtr in ...list..." > > Becomes > > "for rtr in /opt/rancid/data/mpls-routers/router.db" > > Regards, > Nestor > > > > -----Original Message----- > From: Ed Ravin [mailto:eravin at panix.com] > Sent: Friday, January 11, 2008 3:29 PM > To: Pabon, Nestor > Cc: rancid-discuss at shrubbery.net > Subject: Re: [rancid] Re: Searching for Half-duplex Interfaces > > On Fri, Jan 11, 2008 at 02:33:32PM -0700, Pabon, Nestor wrote: >> I'm not sure I conveyed my goal correctly. >> >> If I use clogin or log directly into the router I know I can query >> issuing the following: >> >> "sh interface | i Half-duplex" >> >> But this will only return something like: >> >> "Half-duplex, 10Mb/s, 100BaseTX/FX" > > But if you followed John's instructions (repeated below, with slight > edits > for clarity), you would get something much better than that. Note the > regexp which will match things like: > > FastEthernet0/0/0 is up, line protocol is up > > So you'll see the interface names, and then their duplex settings if > they are Ethernet-based. > > -------- > > for rtr in ...list... > do > clogin -c 'show interfaces | inc (line protocol|duplex|speed)' > $rtr >>output.file 2>&1 > done > > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > > From NPabon at archstonesmith.com Fri Jan 11 23:51:39 2008 From: NPabon at archstonesmith.com (Pabon, Nestor) Date: Fri, 11 Jan 2008 16:51:39 -0700 Subject: [rancid] Re: Searching for Half-duplex Interfaces In-Reply-To: <4787FEF4.8050708@qualcomm.com> References: <20080111135624.8e114e4890519e5179c192e02d6bca26.f4076e1b84.wbe@email.secureserver.net> <58B7A531794E6A49B3BAD57E333225440296885D@engexc11.archstonesmith.com> <20080111222916.GA18828@panix.com> <58B7A531794E6A49B3BAD57E33322544029688CC@engexc11.archstonesmith.com> <4787FEF4.8050708@qualcomm.com> Message-ID: <58B7A531794E6A49B3BAD57E33322544029688D9@engexc11.archstonesmith.com> Hi Chris; I'm trying to incorporate your script, and it is working. The part I'm lost in is how end up with a file containing the output. Regards, Nestor -----Original Message----- From: Chris Moody [mailto:cmoody at qualcomm.com] Sent: Friday, January 11, 2008 4:43 PM To: Pabon, Nestor Cc: Ed Ravin; rancid-discuss at shrubbery.net Subject: Re: [rancid] Re: Searching for Half-duplex Interfaces You can use the shell routine I gave you. ./rancid-config-apply.sh Put the commands you want to issue to the device into the location defined in the COMMANDSFILEPATH variable...and then just answer the prompts. ex> rancid at fittipaldi ~ $ cat command-scripts/interface-duplex show interfaces | inc (line protocol|duplex|speed) ##### rancid at fittipaldi ~ $ ./scripts/bash/rancid-config-apply.sh =====[ Rancid Config Apply Script ]===== Please enter the nodegroup: mpls-routers Please enter name of commands-file: interface-duplex ... ##### and the routine will take off from there...only logging into devices that are flagged as "up" in rancid. Cheers, -Chris Pabon, Nestor wrote: > So the list of routers is in: > > /opt/rancid/data/mpls-routers > > Does this mean that > > "for rtr in ...list..." > > Becomes > > "for rtr in /opt/rancid/data/mpls-routers/router.db" > > Regards, > Nestor > > > > -----Original Message----- > From: Ed Ravin [mailto:eravin at panix.com] > Sent: Friday, January 11, 2008 3:29 PM > To: Pabon, Nestor > Cc: rancid-discuss at shrubbery.net > Subject: Re: [rancid] Re: Searching for Half-duplex Interfaces > > On Fri, Jan 11, 2008 at 02:33:32PM -0700, Pabon, Nestor wrote: >> I'm not sure I conveyed my goal correctly. >> >> If I use clogin or log directly into the router I know I can query >> issuing the following: >> >> "sh interface | i Half-duplex" >> >> But this will only return something like: >> >> "Half-duplex, 10Mb/s, 100BaseTX/FX" > > But if you followed John's instructions (repeated below, with slight > edits > for clarity), you would get something much better than that. Note the > regexp which will match things like: > > FastEthernet0/0/0 is up, line protocol is up > > So you'll see the interface names, and then their duplex settings if > they are Ethernet-based. > > -------- > > for rtr in ...list... > do > clogin -c 'show interfaces | inc (line protocol|duplex|speed)' > $rtr >>output.file 2>&1 > done > > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > > From cmoody at qualcomm.com Fri Jan 11 23:57:23 2008 From: cmoody at qualcomm.com (Chris Moody) Date: Fri, 11 Jan 2008 15:57:23 -0800 Subject: [rancid] Re: Searching for Half-duplex Interfaces In-Reply-To: <58B7A531794E6A49B3BAD57E33322544029688D9@engexc11.archstonesmith.com> References: <20080111135624.8e114e4890519e5179c192e02d6bca26.f4076e1b84.wbe@email.secureserver.net> <58B7A531794E6A49B3BAD57E333225440296885D@engexc11.archstonesmith.com> <20080111222916.GA18828@panix.com> <58B7A531794E6A49B3BAD57E33322544029688CC@engexc11.archstonesmith.com> <4787FEF4.8050708@qualcomm.com> <58B7A531794E6A49B3BAD57E33322544029688D9@engexc11.archstonesmith.com> Message-ID: <47880263.5090106@qualcomm.com> Bash shell scripting 101. [ http://tldp.org/LDP/abs/html/ ] Edit 3 lines of the code. Insert this after the "read COMMANDSFILE" line: --- echo "Please enter the name of the file you want to store this data in:" read OUTPUTFILE --- and then edit this line: --- $CLOGINPATH -f $CREDENTIALS -x $COMMANDSFILEPATH/$COMMANDSFILE $i --- to look like this: --- $CLOGINPATH -f $CREDENTIALS -x $COMMANDSFILEPATH/$COMMANDSFILE $i >> $OUTPUTFILE --- For anyone else wondering what I'm referring to, I wrote a shell wrapper routine for Nestor a few weeks back. It's only like a 30-second quick rough draft... [ http://www.siliconhotrod.com/files/rancid-config-apply.sh ] Cheers, -Chris Pabon, Nestor wrote: > Hi Chris; > > I'm trying to incorporate your script, and it is working. The part I'm > lost in is how end up with a file containing the output. > > Regards, > Nestor > > -----Original Message----- > From: Chris Moody [mailto:cmoody at qualcomm.com] > Sent: Friday, January 11, 2008 4:43 PM > To: Pabon, Nestor > Cc: Ed Ravin; rancid-discuss at shrubbery.net > Subject: Re: [rancid] Re: Searching for Half-duplex Interfaces > > You can use the shell routine I gave you. > > ./rancid-config-apply.sh > > Put the commands you want to issue to the device into the location > defined in the COMMANDSFILEPATH variable...and then just answer the > prompts. > > ex> > rancid at fittipaldi ~ $ cat command-scripts/interface-duplex > show interfaces | inc (line protocol|duplex|speed) > > ##### > rancid at fittipaldi ~ $ ./scripts/bash/rancid-config-apply.sh > =====[ Rancid Config Apply Script ]===== > > Please enter the nodegroup: > mpls-routers > Please enter name of commands-file: > interface-duplex > ... > ##### > > and the routine will take off from there...only logging into devices > that are flagged as "up" in rancid. > > Cheers, > -Chris > > > Pabon, Nestor wrote: >> So the list of routers is in: >> >> /opt/rancid/data/mpls-routers >> >> Does this mean that >> >> "for rtr in ...list..." >> >> Becomes >> >> "for rtr in /opt/rancid/data/mpls-routers/router.db" >> >> Regards, >> Nestor >> >> >> >> -----Original Message----- >> From: Ed Ravin [mailto:eravin at panix.com] >> Sent: Friday, January 11, 2008 3:29 PM >> To: Pabon, Nestor >> Cc: rancid-discuss at shrubbery.net >> Subject: Re: [rancid] Re: Searching for Half-duplex Interfaces >> >> On Fri, Jan 11, 2008 at 02:33:32PM -0700, Pabon, Nestor wrote: >>> I'm not sure I conveyed my goal correctly. >>> >>> If I use clogin or log directly into the router I know I can query >>> issuing the following: >>> >>> "sh interface | i Half-duplex" >>> >>> But this will only return something like: >>> >>> "Half-duplex, 10Mb/s, 100BaseTX/FX" >> But if you followed John's instructions (repeated below, with slight >> edits >> for clarity), you would get something much better than that. Note the >> regexp which will match things like: >> >> FastEthernet0/0/0 is up, line protocol is up >> >> So you'll see the interface names, and then their duplex settings if >> they are Ethernet-based. >> >> -------- >> >> for rtr in ...list... >> do >> clogin -c 'show interfaces | inc (line protocol|duplex|speed)' >> $rtr >>output.file 2>&1 >> done >> >> >> _______________________________________________ >> Rancid-discuss mailing list >> Rancid-discuss at shrubbery.net >> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss >> >> > > From NPabon at archstonesmith.com Sat Jan 12 00:37:52 2008 From: NPabon at archstonesmith.com (Pabon, Nestor) Date: Fri, 11 Jan 2008 17:37:52 -0700 Subject: [rancid] Re: Searching for Half-duplex Interfaces In-Reply-To: <47880263.5090106@qualcomm.com> References: <20080111135624.8e114e4890519e5179c192e02d6bca26.f4076e1b84.wbe@email.secureserver.net> <58B7A531794E6A49B3BAD57E333225440296885D@engexc11.archstonesmith.com> <20080111222916.GA18828@panix.com> <58B7A531794E6A49B3BAD57E33322544029688CC@engexc11.archstonesmith.com> <4787FEF4.8050708@qualcomm.com> <58B7A531794E6A49B3BAD57E33322544029688D9@engexc11.archstonesmith.com> <47880263.5090106@qualcomm.com> Message-ID: <58B7A531794E6A49B3BAD57E33322544029688FB@engexc11.archstonesmith.com> Worked like a charm. Thank you. Regards, Nestor -----Original Message----- From: Chris Moody [mailto:cmoody at qualcomm.com] Sent: Friday, January 11, 2008 4:57 PM To: Pabon, Nestor Cc: Ed Ravin; rancid-discuss at shrubbery.net Subject: Re: [rancid] Re: Searching for Half-duplex Interfaces Bash shell scripting 101. [ http://tldp.org/LDP/abs/html/ ] Edit 3 lines of the code. Insert this after the "read COMMANDSFILE" line: --- echo "Please enter the name of the file you want to store this data in:" read OUTPUTFILE --- and then edit this line: --- $CLOGINPATH -f $CREDENTIALS -x $COMMANDSFILEPATH/$COMMANDSFILE $i --- to look like this: --- $CLOGINPATH -f $CREDENTIALS -x $COMMANDSFILEPATH/$COMMANDSFILE $i >> $OUTPUTFILE --- For anyone else wondering what I'm referring to, I wrote a shell wrapper routine for Nestor a few weeks back. It's only like a 30-second quick rough draft... [ http://www.siliconhotrod.com/files/rancid-config-apply.sh ] Cheers, -Chris Pabon, Nestor wrote: > Hi Chris; > > I'm trying to incorporate your script, and it is working. The part I'm > lost in is how end up with a file containing the output. > > Regards, > Nestor > > -----Original Message----- > From: Chris Moody [mailto:cmoody at qualcomm.com] > Sent: Friday, January 11, 2008 4:43 PM > To: Pabon, Nestor > Cc: Ed Ravin; rancid-discuss at shrubbery.net > Subject: Re: [rancid] Re: Searching for Half-duplex Interfaces > > You can use the shell routine I gave you. > > ./rancid-config-apply.sh > > Put the commands you want to issue to the device into the location > defined in the COMMANDSFILEPATH variable...and then just answer the > prompts. > > ex> > rancid at fittipaldi ~ $ cat command-scripts/interface-duplex > show interfaces | inc (line protocol|duplex|speed) > > ##### > rancid at fittipaldi ~ $ ./scripts/bash/rancid-config-apply.sh > =====[ Rancid Config Apply Script ]===== > > Please enter the nodegroup: > mpls-routers > Please enter name of commands-file: > interface-duplex > ... > ##### > > and the routine will take off from there...only logging into devices > that are flagged as "up" in rancid. > > Cheers, > -Chris > > > Pabon, Nestor wrote: >> So the list of routers is in: >> >> /opt/rancid/data/mpls-routers >> >> Does this mean that >> >> "for rtr in ...list..." >> >> Becomes >> >> "for rtr in /opt/rancid/data/mpls-routers/router.db" >> >> Regards, >> Nestor >> >> >> >> -----Original Message----- >> From: Ed Ravin [mailto:eravin at panix.com] >> Sent: Friday, January 11, 2008 3:29 PM >> To: Pabon, Nestor >> Cc: rancid-discuss at shrubbery.net >> Subject: Re: [rancid] Re: Searching for Half-duplex Interfaces >> >> On Fri, Jan 11, 2008 at 02:33:32PM -0700, Pabon, Nestor wrote: >>> I'm not sure I conveyed my goal correctly. >>> >>> If I use clogin or log directly into the router I know I can query >>> issuing the following: >>> >>> "sh interface | i Half-duplex" >>> >>> But this will only return something like: >>> >>> "Half-duplex, 10Mb/s, 100BaseTX/FX" >> But if you followed John's instructions (repeated below, with slight >> edits >> for clarity), you would get something much better than that. Note the >> regexp which will match things like: >> >> FastEthernet0/0/0 is up, line protocol is up >> >> So you'll see the interface names, and then their duplex settings if >> they are Ethernet-based. >> >> -------- >> >> for rtr in ...list... >> do >> clogin -c 'show interfaces | inc (line protocol|duplex|speed)' >> $rtr >>output.file 2>&1 >> done >> >> >> _______________________________________________ >> Rancid-discuss mailing list >> Rancid-discuss at shrubbery.net >> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss >> >> > > From heas at shrubbery.net Sat Jan 12 18:08:43 2008 From: heas at shrubbery.net (john heasley) Date: Sat, 12 Jan 2008 18:08:43 +0000 Subject: [rancid] Re: HP Procurve (hlogin): interaction in configure mode: possible? In-Reply-To: <20080107182549.GB9627@sioling.obspm.fr> References: <20080107182549.GB9627@sioling.obspm.fr> Message-ID: <20080112180843.GH19074@shrubbery.net> Mon, Jan 07, 2008 at 07:25:49PM +0100, Emmanuel Halbwachs: > Hi Everybody, > > I'm a newbie on this list. > > I'm happily using rancid (2.3.1, the one in Debian stable etch) for > several monthes, but till now only for pushing/retrieving some info > with {c,h}login. I plan to use version control for config later. > > My point: > > I am trying to change some config parameters in ~50 HP Procurve with > some commands like this: > > $ hlogin -v foo -e bar -c "conf t; foobar; wr mem" $switch two things; 1) your string of commands would leave cli in configuration mode, and hlogin would run "exit;exit" then leaving it at the un-enabled cli. you need -c "conf t; foo; exit" 2) it appears that hlogin has difficulty with the prompt changing. A change was applied to clogin to make this work, but apparently not applied to hlogin. you should be able to work-around it using the -x method. > The output then hangs after the "conf t" command: > > switch> enable > Password: > switch# > switch# no page > switch# conf t > > -> hang :-( > > > When using hlogin without entering in configure mode, everything works > just fine. > > I tried to massage the -c command with "\n" without any results. > > I understand that dealing with the HP CLI seems to be a PIA (thus > hpuifilter), but is there a way to enter some commands in configure > mode? > > TIA for any hint, > > -- > Emmanuel Halbwachs > Resp. R?seau/S?curit? Observatoire de Paris-Meudon > tel : (+33)1 45 07 75 54 5 Place Jules Janssen > fax : (+33)1 45 07 76 13 F 92195 MEUDON CEDEX > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss From rancid at gheek.net Mon Jan 14 17:13:59 2008 From: rancid at gheek.net (Lance) Date: Mon, 14 Jan 2008 10:13:59 -0700 Subject: [rancid] Re: F5 login & F5 rancid files Message-ID: <20080114101358.8e114e4890519e5179c192e02d6bca26.14e72002f5.wbe@email.secureserver.net> Hey All, I repackaged the rancid distro with the F5 scripts in case anyone wants them already installed as part of the package. I have attached them here and also put them up on my site. http://www.gheek.net/scripts/misc/rancid-2.3.2a7.1.tar.gz John, I edited all the make files/etc so this should be a complete add. Please make sure it makes it to the next alpha/major release. -Lance > -------- Original Message -------- > Subject: RE: [rancid] F5 login & F5 rancid files > From: Lance > Date: Thu, January 10, 2008 10:12 am > To: Paris Stone > Cc: rancid-discuss at shrubbery.net > Paris, > I would point you to one link if I could find it asap. But the fastest > way for me was to post what Mike Ashcraft did for the F5. The version I > just posted has a few additions I just added. > http://www.gheek.net/scripts/perl/f5rancid_pl.txt > http://www.gheek.net/scripts/expect/f5login_exp.txt > Here is the post I just sent about Mikes last version and what needs to > be added (which is in the version I just posted on my site) to make it > work. > http://www.shrubbery.net/pipermail/rancid-discuss/2008-January/002662.html > Bah, I did the search and here is mikes post as well. > http://www.shrubbery.net/pipermail/rancid-discuss/2007-November/002601.html > -lance > > -------- Original Message -------- > > Subject: [rancid] F5 login & F5 rancid files > > From: "Paris Stone" > > Date: Fri, January 04, 2008 6:34 am > > To: rancid-discuss at shrubbery.net > > I have been looking for login&rancid files that would support getting F5, > > BigIPs configs. I have seen some postings, and diffs, discussion like that, > > but haven't actually seen the files. > > Could someone reply with a link for downloading them, please?
_______________________________________________ > > Rancid-discuss mailing list > > Rancid-discuss at shrubbery.net > > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss -------------- next part -------------- A non-text attachment was scrubbed... Name: rancid-2.3.2a7.1.tar.gz Type: application/x-gzip Size: 316248 bytes Desc: not available Url : http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20080114/effd4658/attachment.bin From jean.benoit at crc.u-strasbg.fr Mon Jan 14 18:09:56 2008 From: jean.benoit at crc.u-strasbg.fr (Jean BENOIT) Date: Mon, 14 Jan 2008 19:09:56 +0100 Subject: [rancid] jlogin timeout Message-ID: <20080114180955.GC7144@crc.u-strasbg.fr> Hello, jlogin stopped working after I upgraded expect. I am using expect-devel from the FreeBSD ports, which is based on expect 5.44.1 (reasons for upgrading expect : http://www.shrubbery.net/pipermail/rancid-discuss/2008-January/002672.html ) While doing a ssh password authentication on a Juniper router, expect finds no matching expression. Previous version of expect was tolerant with this line : "\[Pp]assword:" { sleep 1; send "$passwd\r" exp_continue } The "-re" flag should be provided for this line to work. -- Jean -------------- next part -------------- A non-text attachment was scrubbed... Name: jlogin.diff Type: text/x-diff Size: 452 bytes Desc: not available Url : http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20080114/77a2e972/attachment.bin From smunzani at comcast.net Mon Jan 14 18:54:12 2008 From: smunzani at comcast.net (Sam Munzani) Date: Mon, 14 Jan 2008 12:54:12 -0600 Subject: [rancid] Leveraging rancid framework for unix Message-ID: <478BAFD4.5020508@comcast.net> Hi, Did anybody ever explored leveraging rancid frame work for unix login and mass changes? I have a need to make edit some files on 200+ servers. I was thinking to take F5 rancid files, hack it a bit(to do sudo instead of cisco enable) and share with a team. However if somebody already worked on this aspect, why reinvent the wheel? I can carry forward and tune(if any required) and share with the team. Thanks, Sam Munzani From smitha at byui.edu Mon Jan 14 18:56:51 2008 From: smitha at byui.edu (Aaron Smith) Date: Mon, 14 Jan 2008 11:56:51 -0700 Subject: [rancid] Re: Leveraging rancid framework for unix In-Reply-To: <478BAFD4.5020508@comcast.net> References: <478BAFD4.5020508@comcast.net> Message-ID: <1200337011.7531.69.camel@preto> On Mon, 2008-01-14 at 12:54 -0600, Sam Munzani wrote: > Hi, > > Did anybody ever explored leveraging rancid frame work for unix login > and mass changes? I have a need to make edit some files on 200+ servers. > I was thinking to take F5 rancid files, hack it a bit(to do sudo instead > of cisco enable) and share with a team. However if somebody already > worked on this aspect, why reinvent the wheel? I can carry forward and > tune(if any required) and share with the team. How about "for a in $LIST; do ssh $a $CMD; done"? I think trying to use rancid might be reinventing the wheel for something SSH might already be capable of doing. -- @@ron Smith IT Infrastructure BYU Idaho From smunzani at comcast.net Mon Jan 14 19:09:43 2008 From: smunzani at comcast.net (Sam Munzani) Date: Mon, 14 Jan 2008 13:09:43 -0600 Subject: [rancid] Re: Leveraging rancid framework for unix In-Reply-To: <1200337011.7531.69.camel@preto> References: <478BAFD4.5020508@comcast.net> <1200337011.7531.69.camel@preto> Message-ID: <478BB377.2080503@comcast.net> Aaron, The goal is not to just run one line command but feed a command-list file like we typically do on rancid. An example below of my command list. sed -e 's/x.x.x.x/y.y.y.y/g' srcfile1 > tmpfile mv tmpfile srcfile1 sed -e 's/snmp-community/xyz/g' srcfile2 > tmpfile mv tmpfile srcfile2 There are many commands like that. In short, I need to mass change snmp agent configuration file on all servers with new trap destination, new snmp string etc. This is just an example but the changes I need takes roughly 18 commands. If this could be achieved by the ssh syntax you suggested, I am all up for that. Thanks, sam > On Mon, 2008-01-14 at 12:54 -0600, Sam Munzani wrote: > >> Hi, >> >> Did anybody ever explored leveraging rancid frame work for unix login >> and mass changes? I have a need to make edit some files on 200+ servers. >> I was thinking to take F5 rancid files, hack it a bit(to do sudo instead >> of cisco enable) and share with a team. However if somebody already >> worked on this aspect, why reinvent the wheel? I can carry forward and >> tune(if any required) and share with the team. >> > > How about "for a in $LIST; do ssh $a $CMD; done"? I think trying to use > rancid might be reinventing the wheel for something SSH might already be > capable of doing. > > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20080114/49308f52/attachment.html From cmoody at qualcomm.com Mon Jan 14 19:36:04 2008 From: cmoody at qualcomm.com (Chris Moody) Date: Mon, 14 Jan 2008 11:36:04 -0800 Subject: [rancid] Re: Leveraging rancid framework for unix In-Reply-To: <478BB377.2080503@comcast.net> References: <478BAFD4.5020508@comcast.net> <1200337011.7531.69.camel@preto> <478BB377.2080503@comcast.net> Message-ID: <478BB9A4.6090909@qualcomm.com> Just a thought, but why not have the systems scp/wget down their new config(s) from a central location. That way you would only need to do something like this: --- for i in `cat serverlist`; do for x in `cat files-to-copy`; do ssh user@$i "wget http://fileserver/$x ." ; done Cheers, -Chris Sam Munzani wrote: > Aaron, > > The goal is not to just run one line command but feed a command-list > file like we typically do on rancid. An example below of my command list. > > sed -e 's/x.x.x.x/y.y.y.y/g' srcfile1 > tmpfile > mv tmpfile srcfile1 > sed -e 's/snmp-community/xyz/g' srcfile2 > tmpfile > mv tmpfile srcfile2 > > There are many commands like that. In short, I need to mass change snmp > agent configuration file on all servers with new trap destination, new > snmp string etc. This is just an example but the changes I need takes > roughly 18 commands. If this could be achieved by the ssh syntax you > suggested, I am all up for that. > > Thanks, > sam >> On Mon, 2008-01-14 at 12:54 -0600, Sam Munzani wrote: >> >>> Hi, >>> >>> Did anybody ever explored leveraging rancid frame work for unix login >>> and mass changes? I have a need to make edit some files on 200+ servers. >>> I was thinking to take F5 rancid files, hack it a bit(to do sudo instead >>> of cisco enable) and share with a team. However if somebody already >>> worked on this aspect, why reinvent the wheel? I can carry forward and >>> tune(if any required) and share with the team. >>> >> >> How about "for a in $LIST; do ssh $a $CMD; done"? I think trying to use >> rancid might be reinventing the wheel for something SSH might already be >> capable of doing. >> >> > > > ------------------------------------------------------------------------ > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss From jsidwell at perisys.net Mon Jan 14 19:49:52 2008 From: jsidwell at perisys.net (Joshua Sidwell) Date: Mon, 14 Jan 2008 12:49:52 -0700 Subject: [rancid] Trouble with rancid-run when working from command line Message-ID: <518c26420801141149t66c633y30ac82e20075370f@mail.gmail.com> any help with following output would be greatly appreciated. This is brand new (reinstall) on an fc8 box. [rancid at rancid logs]$ tail -f `ls -tr | tail -1` starting: Mon Jan 14 12:27:01 MST 2008 Trying to get all of the configs. can not find channel named "exp5" while executing "close" ("foreach" body line 117) invoked from within "foreach router [lrange $argv $i end] { set router [string tolower $router] send_user "$router\n" # Figure out prompt. # Since autoena..." (file "/home/rancid/bin/clogin" line 616) 10.0.0.1 clogin error: Error: EOF received 10.0.0.1: missed cmd(s): dir /all slavedisk2:,show rsp chassis-info,dir /all sec-slot2:,show diag,dir /all disk1:,show gsr .... [truncated output] /all nvram:,show version,show redundancy secondary,show running-config,show c7200,dir /all slot1: 10.0.0.1: End of run not found ! -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20080114/50366b12/attachment.html From rancid at gheek.net Mon Jan 14 20:20:13 2008 From: rancid at gheek.net (Lance) Date: Mon, 14 Jan 2008 13:20:13 -0700 Subject: [rancid] Re: Leveraging rancid framework for unix Message-ID: <20080114132013.8e114e4890519e5179c192e02d6bca26.f5f35069d9.wbe@email.secureserver.net> Sam, You could always use Ed Ravins wrapper script to most things. I have only used it to scrap configs not change configs. At works sam you migt want to check out NDCC. They claim to work with unix/linux...not sure if it is just config collection or what. -lance > -------- Original Message -------- > Subject: [rancid] Re: Leveraging rancid framework for unix > From: Chris Moody > Date: Mon, January 14, 2008 12:36 pm > To: smunzani at comcast.net > Cc: rancid-discuss at shrubbery.net > Just a thought, but why not have the systems scp/wget down their new > config(s) from a central location. > That way you would only need to do something like this: > --- > for i in `cat serverlist`; do for x in `cat files-to-copy`; do ssh > user@$i "wget http://fileserver/$x ." ; done > Cheers, > -Chris > Sam Munzani wrote: > > Aaron, > > > > The goal is not to just run one line command but feed a command-list > > file like we typically do on rancid. An example below of my command list. > > > > sed -e 's/x.x.x.x/y.y.y.y/g' srcfile1 > tmpfile > > mv tmpfile srcfile1 > > sed -e 's/snmp-community/xyz/g' srcfile2 > tmpfile > > mv tmpfile srcfile2 > > > > There are many commands like that. In short, I need to mass change snmp > > agent configuration file on all servers with new trap destination, new > > snmp string etc. This is just an example but the changes I need takes > > roughly 18 commands. If this could be achieved by the ssh syntax you > > suggested, I am all up for that. > > > > Thanks, > > sam > >> On Mon, 2008-01-14 at 12:54 -0600, Sam Munzani wrote: > >> > >>> Hi, > >>> > >>> Did anybody ever explored leveraging rancid frame work for unix login > >>> and mass changes? I have a need to make edit some files on 200+ servers. > >>> I was thinking to take F5 rancid files, hack it a bit(to do sudo instead > >>> of cisco enable) and share with a team. However if somebody already > >>> worked on this aspect, why reinvent the wheel? I can carry forward and > >>> tune(if any required) and share with the team. > >>> > >> > >> How about "for a in $LIST; do ssh $a $CMD; done"? I think trying to use > >> rancid might be reinventing the wheel for something SSH might already be > >> capable of doing. > >> > >> > > > > > > ------------------------------------------------------------------------ > > > > _______________________________________________ > > Rancid-discuss mailing list > > Rancid-discuss at shrubbery.net > > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss From smunzani at comcast.net Mon Jan 14 20:45:50 2008 From: smunzani at comcast.net (Sam Munzani) Date: Mon, 14 Jan 2008 14:45:50 -0600 Subject: [rancid] Re: Leveraging rancid framework for unix In-Reply-To: <478BB9A4.6090909@qualcomm.com> References: <478BAFD4.5020508@comcast.net> <1200337011.7531.69.camel@preto> <478BB377.2080503@comcast.net> <478BB9A4.6090909@qualcomm.com> Message-ID: <478BC9FE.4050806@comcast.net> It doesn't work either. Each system agent file has some server specific information so pushing a file doesn't work. Only the choice is either manually edit the files or do automation on changes with sed. Thanks, Sam > Just a thought, but why not have the systems scp/wget down their new > config(s) from a central location. > > That way you would only need to do something like this: > --- > for i in `cat serverlist`; do for x in `cat files-to-copy`; do ssh > user@$i "wget http://fileserver/$x ." ; done > > Cheers, > -Chris > > Sam Munzani wrote: >> Aaron, >> >> The goal is not to just run one line command but feed a command-list >> file like we typically do on rancid. An example below of my command >> list. >> >> sed -e 's/x.x.x.x/y.y.y.y/g' srcfile1 > tmpfile >> mv tmpfile srcfile1 >> sed -e 's/snmp-community/xyz/g' srcfile2 > tmpfile >> mv tmpfile srcfile2 >> >> There are many commands like that. In short, I need to mass change >> snmp agent configuration file on all servers with new trap >> destination, new snmp string etc. This is just an example but the >> changes I need takes roughly 18 commands. If this could be achieved >> by the ssh syntax you suggested, I am all up for that. >> >> Thanks, >> sam >>> On Mon, 2008-01-14 at 12:54 -0600, Sam Munzani wrote: >>> >>>> Hi, >>>> >>>> Did anybody ever explored leveraging rancid frame work for unix >>>> login and mass changes? I have a need to make edit some files on >>>> 200+ servers. I was thinking to take F5 rancid files, hack it a >>>> bit(to do sudo instead of cisco enable) and share with a team. >>>> However if somebody already worked on this aspect, why reinvent the >>>> wheel? I can carry forward and tune(if any required) and share with >>>> the team. >>>> >>> >>> How about "for a in $LIST; do ssh $a $CMD; done"? I think trying to >>> use >>> rancid might be reinventing the wheel for something SSH might >>> already be >>> capable of doing. >>> >>> >> >> >> ------------------------------------------------------------------------ >> >> _______________________________________________ >> Rancid-discuss mailing list >> Rancid-discuss at shrubbery.net >> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > From smitha at byui.edu Mon Jan 14 21:34:08 2008 From: smitha at byui.edu (Aaron Smith) Date: Mon, 14 Jan 2008 14:34:08 -0700 Subject: [rancid] Re: Leveraging rancid framework for unix In-Reply-To: <478BB377.2080503@comcast.net> References: <478BAFD4.5020508@comcast.net> <1200337011.7531.69.camel@preto> <478BB377.2080503@comcast.net> Message-ID: <1200346448.7531.75.camel@preto> On Mon, 2008-01-14 at 13:09 -0600, Sam Munzani wrote: > Aaron, > > The goal is not to just run one line command but feed a command-list > file like we typically do on rancid. An example below of my command > list. > > sed -e 's/x.x.x.x/y.y.y.y/g' srcfile1 > tmpfile > mv tmpfile srcfile1 > sed -e 's/snmp-community/xyz/g' srcfile2 > tmpfile > mv tmpfile srcfile2 > > There are many commands like that. In short, I need to mass change > snmp agent configuration file on all servers with new trap > destination, new snmp string etc. This is just an example but the > changes I need takes roughly 18 commands. If this could be achieved by > the ssh syntax you suggested, I am all up for that. > Perhaps something like this: for a in $LIST; do scp $SCRIPTFILE $a: ; ssh $a ./$SCRIPTFILE; done ...where $SCRIPTFILE contains all the commands you need to execute. -- @@ron Smith IT Infrastructure BYU Idaho From rancid at gheek.net Mon Jan 14 22:41:31 2008 From: rancid at gheek.net (Lance) Date: Mon, 14 Jan 2008 15:41:31 -0700 Subject: [rancid] Re: F5 login & F5 rancid files Message-ID: <20080114154131.8e114e4890519e5179c192e02d6bca26.cdefa025b9.wbe@email.secureserver.net> All, I did miss one thing in the package I sent out. It is corrected in the one on the website. You just need to modify bin/f5rancid.in change the very first line to: #! @PERLV_PATH@ from #! @EXPECT_PATH@ -- BTW, I am also attempting to add the wrancid stuff to that distro as well so it will be current with some nice extensions. -Lance > -------- Original Message -------- > Subject: RE: [rancid] F5 login & F5 rancid files > From: Lance > Date: Mon, January 14, 2008 10:13 am > To: Lance > Cc: rancid-discuss at shrubbery.net, Paris Stone > Hey All, > I repackaged the rancid distro with the F5 scripts in case anyone wants > them already installed as part of the package. > I have attached them here and also put them up on my site. > http://www.gheek.net/scripts/misc/rancid-2.3.2a7.1.tar.gz > John, > I edited all the make files/etc so this should be a complete add. Please > make sure it makes it to the next alpha/major release. > -Lance > > -------- Original Message -------- > > Subject: RE: [rancid] F5 login & F5 rancid files > > From: Lance > > Date: Thu, January 10, 2008 10:12 am > > To: Paris Stone > > Cc: rancid-discuss at shrubbery.net > > Paris, > > I would point you to one link if I could find it asap. But the fastest > > way for me was to post what Mike Ashcraft did for the F5. The version I > > just posted has a few additions I just added. > > http://www.gheek.net/scripts/perl/f5rancid_pl.txt > > http://www.gheek.net/scripts/expect/f5login_exp.txt > > Here is the post I just sent about Mikes last version and what needs to > > be added (which is in the version I just posted on my site) to make it > > work. > > http://www.shrubbery.net/pipermail/rancid-discuss/2008-January/002662.html > > Bah, I did the search and here is mikes post as well. > > http://www.shrubbery.net/pipermail/rancid-discuss/2007-November/002601.html > > -lance > > > -------- Original Message -------- > > > Subject: [rancid] F5 login & F5 rancid files > > > From: "Paris Stone" > > > Date: Fri, January 04, 2008 6:34 am > > > To: rancid-discuss at shrubbery.net > > > I have been looking for login&rancid files that would support getting F5, > > > BigIPs configs. I have seen some postings, and diffs, discussion like that, > > > but haven't actually seen the files. > > > Could someone reply with a link for downloading them, please?
_______________________________________________ > > > Rancid-discuss mailing list > > > Rancid-discuss at shrubbery.net > > > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss From rancid at gheek.net Mon Jan 14 23:00:03 2008 From: rancid at gheek.net (Lance) Date: Mon, 14 Jan 2008 16:00:03 -0700 Subject: [rancid] Re: Leveraging rancid framework for unix Message-ID: <20080114160003.8e114e4890519e5179c192e02d6bca26.5572a599b6.wbe@email.secureserver.net> YIKES!!! Many appologies to Michael Stefaniuc @ Redhat. The script was written by Michael and not Ed. http://www.shrubbery.net/pipermail/rancid-discuss/2005-November/001276.html -Lance > -------- Original Message -------- > Subject: [rancid] Re: Leveraging rancid framework for unix > From: Lance > Date: Mon, January 14, 2008 1:20 pm > To: Chris Moody > Cc: rancid-discuss at shrubbery.net > Sam, > You could always use Ed Ravins wrapper script to most things. > I have only used it to scrap configs not change configs. > At works sam you migt want to check out NDCC. They claim to work with > unix/linux...not sure if it is just config collection or what. > -lance > > -------- Original Message -------- > > Subject: [rancid] Re: Leveraging rancid framework for unix > > From: Chris Moody > > Date: Mon, January 14, 2008 12:36 pm > > To: smunzani at comcast.net > > Cc: rancid-discuss at shrubbery.net > > Just a thought, but why not have the systems scp/wget down their new > > config(s) from a central location. > > That way you would only need to do something like this: > > --- > > for i in `cat serverlist`; do for x in `cat files-to-copy`; do ssh > > user@$i "wget http://filese