From eravin at panix.com  Sat Mar  1 14:25:57 2008
From: eravin at panix.com (Ed Ravin)
Date: Sat, 1 Mar 2008 09:25:57 -0500
Subject: [rancid] Re: OAM Ping scripts?
In-Reply-To: <20080228234456.GA27183@panix.com>
References: <20080228234456.GA27183@panix.com>
Message-ID: <20080301142557.GB19857@panix.com>

On Thu, Feb 28, 2008 at 06:44:57PM -0500, Ed Ravin wrote:
> Has anyone automated performing OAM ping on an interface?  It seems like
> a natural fit for RANCID...

It wasn't so hard to do, it turned out.  Here's some sample shell code.

Assuming that "routercmd" runs the requested command on the appropriate
command line, and $VPI and $VCI have the VPI/VCI of the circuit you want
to OAM ping:

   # determine the ATM subinterface
   routerout=$(routercmd "show atm pvc" | perl -n -e "print \$1, \"\\n\" if /^(\\S+)\\s+\\S+\\s+$VPI\\s+$VCI\\s/")
   #     1       2      3    4
   #  6/0.1438   54     0  1438  PVC    SNAP     UBR    1536    UP

   if [ -z "$routerout" ]
   then
        echo "cannot get data from router - check your VPI/VCI and try again"
        exit 25
   fi

   pingcmd="ping atm interface ATM${routerout} $VPI $VCI end-loopback"
   echo $pingcmd
   routercmd "$pingcmd"


From jethro.binks at strath.ac.uk  Sun Mar  2 21:14:32 2008
From: jethro.binks at strath.ac.uk (Jethro R Binks)
Date: Sun, 2 Mar 2008 21:14:32 +0000 (GMT)
Subject: [rancid] Re: Oddities with Cisco ASA
In-Reply-To: <20080115233734.G62092@defjam.cc.strath.ac.uk>
References: <20080115233734.G62092@defjam.cc.strath.ac.uk>
Message-ID: <20080302210802.X5784@defjam.cc.strath.ac.uk>

On Wed, 16 Jan 2008, Jethro R Binks wrote:

> Despite reports on the list of people having no problems with Cisco ASAs, 
> I am having some problems.  This with code 7.1(2).  Two problems are 
> described here, forgive the length of this.

You may recall my message a while ago to this effect.  I have recently 
made another observation, for which I have no explanation, but offer it as 
merely as an additional data point.

I have been running rancid persistently against this particular ASA ever 
since the above, and it persistently fails in the same way.  However I 
lately upgraded the 7.1(2) to 7.2(3), and immediately afterwards rancid 
was able to connect for the first time since whenever and retrieve the 
config.  Hurrah!  I thought, problem fixed.  Unfortunately, it started to 
fail again about 12 hours later, and that is the way it has remained since 
:(.

FWIW, I am now running rancid.in 1.234 and clogin 1.79.

Jethro.


. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Jethro R Binks
Computing Officer, IT Services
University Of Strathclyde, Glasgow, UK

From yuval.ben.ari at gmail.com  Sun Mar  2 14:12:43 2008
From: yuval.ben.ari at gmail.com (Yuval Ben Ari)
Date: Sun, 2 Mar 2008 16:12:43 +0200
Subject: [rancid] Re: GSR 12k - sho diag / missing subslot spa info
In-Reply-To: <3B715C4683E2F54DBC36ECDD2CA70F5301F14633@VARESTMAIL03.mail.inthosts.net>
References: <3B715C4683E2F54DBC36ECDD2CA70F5301F14628@VARESTMAIL03.mail.inthosts.net>
	<20070627184142.GV22136@shrubbery.net>
	<3B715C4683E2F54DBC36ECDD2CA70F5301F14633@VARESTMAIL03.mail.inthosts.net>
Message-ID: <def57efd0803020612o5249b9bey2ad2ceb962598b92@mail.gmail.com>

I am also having the same problem, and I am also interested to have the S/N
of the SPA
Indeed "show inventory" seems the best way to do it.
has anyone added "show inventory" parser yet?
otherwise I can try to add it and post here.

Yuval

On Wed, Jun 27, 2007 at 10:50 PM, Elliott, Andrew <AElliott at xo.com> wrote:

>
> > > Hello,
> > >
> > > I have been recently asked that my router backups include
> > the SUBSLOT
> > > line from 'sho diag' on the 12k's.
> > >
> > > Here is an example (trimmed for brevity) of the output I
> > want rancid to
> > > parse:
> > >
> > > SLOT 1  (RP/LC 1 ): Modular SPA Interface Card (10G)
> > > -snip-
> > >
> > >   SPA Information:
> > >         subslot 1/0: SPA-10X1GE-V2 (0x508), status is ok
> > >         subslot 1/1: Empty
> > >         subslot 1/2: Empty
> > >         subslot 1/3: Empty
> > >
> > > SUBSLOT  1/0 (SPA-10X1GE-V2): 10-port Gigabit Ethernet Shared Port
> > > Adapter
> > >         Product Identifier (PID) : SPA-10X1GE-V2
> > > -snip-
> > >
> > > This is a new card type that we have recently begun deploying, and
> > > currently all that is backed up is the main SPA IC
> > information, not the
> > > info on the "SUBSLOT" or "SPA -> subslot" lines.
> >
> > I'd need to have the complete output; I don't have GSRs anymore.
> >
> CHR1.NYC-NY#sho diag 1
>
> SLOT 1  (RP/LC 1 ): Modular SPA Interface Card (10G)
>  MAIN: type 149,  00-0000-00 rev A0
>        Deviation:  D090170
>        HW config: 0x20    SW key: 00-00-00
>  PCA:  00-00000-00 rev A0 ver 4
>        Design Release 1.0  S/N SAD000000M0
>  MBUS: Embedded Agent
>        Test hist: 0x00    RMA#: 00-00-00    RMA hist: 0x00
>  DIAG: Test count: 0x00000000    Test results: 0x00000000
>  FRU:  Linecard/Module: 12000-SIP-601=
>        Processor Memory: MEM-LC5-2048=(Non-Replaceable)
>        Packet Memory: MEM-LC5-PKT-256=(Non-Replaceable)
>  L3 Engine: 5 - ISE 10 Gbps
>  MBUS Agent Software version 2.51 (RAM) (ROM version is 3.50)
>  ROM Monitor version 17.1
>  Fabric Downloader version used 4.1 (ROM version is 4.1)
>  Primary clock is CSC 1
>  Board is analyzed
>  Board State is Line Card Enabled (IOS  RUN )
>  Insertion time: 00:22:52 (2w4d ago)
>  Processor Memory size: 2147483648 bytes
>  TX Packet Memory size: 268435456 bytes, Packet Memory pagesize: 32768
> bytes
>  RX Packet Memory size: 268435456 bytes, Packet Memory pagesize: 32768
> bytes
>  0 crashes since restart
>
>  SPA Information:
>        subslot 1/0: SPA-10X1GE-V2 (0x508), status is ok
>        subslot 1/1: Empty
>        subslot 1/2: Empty
>        subslot 1/3: Empty
> CHR1.NYC-NY#
>
> >
> > > It is possible I am using a version of rancid that needs to
> > be upgraded
> > > and/or patched.
> >
> > possibly.  'show inventory' has been added and that ought to
> > include this
> > information...if cisco has gotten around to adding it to this platform
> > yet.
> >
>
> Looks like this might be the best way to go.  From the show inventory:
>
> NAME: "slot 1", DESCR: "ISE 10G Modular Services Card v2"
> PID: 12000-SIP-601     , VID: V02, SN: SAD111403M0
>
> NAME: "SPA subslot 1/0", DESCR: "10-port Gigabit Ethernet Shared Port
> Adapter"
> PID: SPA-10X1GE-V2     , VID: V01, SN: JAB111701NG
>
> _______________________________________________
> Rancid-discuss mailing list
> Rancid-discuss at shrubbery.net
> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20080302/c7260a39/attachment.html 

From AElliott at xo.com  Mon Mar  3 05:16:18 2008
From: AElliott at xo.com (Elliott, Andrew)
Date: Mon, 3 Mar 2008 00:16:18 -0500
Subject: [rancid] Re: GSR 12k - sho diag / missing subslot spa info
References: <3B715C4683E2F54DBC36ECDD2CA70F5301F14628@VARESTMAIL03.mail.inthosts.net>
	<20070627184142.GV22136@shrubbery.net>
	<3B715C4683E2F54DBC36ECDD2CA70F5301F14633@VARESTMAIL03.mail.inthosts.net>
	<def57efd0803020612o5249b9bey2ad2ceb962598b92@mail.gmail.com>
Message-ID: <3B715C4683E2F54DBC36ECDD2CA70F5303C42979@VARESTMAIL03.mail.inthosts.net>

# This routine parses "show inventory".
sub ShowInventory {
    print STDERR "    In ShowInventory: $_" if ($debug);

    while (<INPUT>) {
        tr/\015//d;
        return if (/^\s*\^$/);
        last if (/^$prompt/);
        next if (/^(\s*|\s*$cmd\s*)$/);
        return(1) if /Line has invalid autocommand /;
        return(1) if /(Invalid input detected|Type help or )/;
        return(-1) if (/command authorization failed/i);
        # the pager can not be disabled per-session on the PIX
        if (/^(<-+ More -+>)/) {
            my($len) = length($1);
            s/^$1\s{$len}//;
        }

        if (/^(NAME: "[^"]*",) (DESCR: "[^"]+")/) {
            ProcessHistory("INVENTORY","","", sprintf("!%-30s %s\n", $1,
$2));
            next;
        }
        # split PID/VID/SN line
        if (/^PID: (\S*)\s*, VID: (\S*)\s*, SN: (\S*)\s*$/) {
            my($entries) = "";
            $entries .= "!PID: $1\n" if ($1);
            $entries .= "!VID: $2\n" if ($2);
            $entries .= "!SN: $3\n" if ($3);
            ProcessHistory("INVENTORY","","", "$entries");
            next;
        }
        ProcessHistory("INVENTORY","","","!$_");
    }
    ProcessHistory("INVENTORY","","","!\n");

    return(0);
}

And add this to your command table:

@commandtable = (
        {'show inventory raw'           => 'ShowInventory'}, 
 

---
Andrew Elliott
XO Communications
desk: 989.758.6987
cell: 989.213.5794



 


________________________________

	From: Yuval Ben Ari [mailto:yuval.ben.ari at gmail.com] 
	Sent: Sunday, March 02, 2008 9:13 AM
	To: Elliott, Andrew
	Cc: rancid-discuss at shrubbery.net
	Subject: Re: [rancid] Re: GSR 12k - sho diag / missing subslot
spa info
	
	
	I am also having the same problem, and I am also interested to
have the S/N of the SPA
	Indeed "show inventory" seems the best way to do it.
	has anyone added "show inventory" parser yet?
	otherwise I can try to add it and post here.
	 
	Yuval
	
	
	On Wed, Jun 27, 2007 at 10:50 PM, Elliott, Andrew
<AElliott at xo.com> wrote:
	


		> > Hello,
		> >
		> > I have been recently asked that my router backups
include
		> the SUBSLOT
		> > line from 'sho diag' on the 12k's.
		> >
		> > Here is an example (trimmed for brevity) of the
output I
		> want rancid to
		> > parse:
		> >
		> > SLOT 1  (RP/LC 1 ): Modular SPA Interface Card (10G)
		> > -snip-
		> >
		> >   SPA Information:
		> >         subslot 1/0: SPA-10X1GE-V2 (0x508), status
is ok
		> >         subslot 1/1: Empty
		> >         subslot 1/2: Empty
		> >         subslot 1/3: Empty
		> >
		> > SUBSLOT  1/0 (SPA-10X1GE-V2): 10-port Gigabit
Ethernet Shared Port
		> > Adapter
		> >         Product Identifier (PID) : SPA-10X1GE-V2
		> > -snip-
		> >
		> > This is a new card type that we have recently begun
deploying, and
		> > currently all that is backed up is the main SPA IC
		> information, not the
		> > info on the "SUBSLOT" or "SPA -> subslot" lines.
		>
		> I'd need to have the complete output; I don't have
GSRs anymore.
		>
		
		CHR1.NYC-NY#sho diag 1
		

		SLOT 1  (RP/LC 1 ): Modular SPA Interface Card (10G)
		
		 MAIN: type 149,  00-0000-00 rev A0
		       Deviation:  D090170
		       HW config: 0x20    SW key: 00-00-00
		 PCA:  00-00000-00 rev A0 ver 4
		       Design Release 1.0  S/N SAD000000M0
		 MBUS: Embedded Agent
		       Test hist: 0x00    RMA#: 00-00-00    RMA hist:
0x00
		 DIAG: Test count: 0x00000000    Test results:
0x00000000
		 FRU:  Linecard/Module: 12000-SIP-601=
		       Processor Memory: MEM-LC5-2048=(Non-Replaceable)
		       Packet Memory: MEM-LC5-PKT-256=(Non-Replaceable)
		 L3 Engine: 5 - ISE 10 Gbps
		 MBUS Agent Software version 2.51 (RAM) (ROM version is
3.50)
		 ROM Monitor version 17.1
		 Fabric Downloader version used 4.1 (ROM version is 4.1)
		 Primary clock is CSC 1
		 Board is analyzed
		 Board State is Line Card Enabled (IOS  RUN )
		 Insertion time: 00:22:52 (2w4d ago)
		 Processor Memory size: 2147483648 bytes
		 TX Packet Memory size: 268435456 bytes, Packet Memory
pagesize: 32768
		bytes
		 RX Packet Memory size: 268435456 bytes, Packet Memory
pagesize: 32768
		bytes
		 0 crashes since restart
		

		 SPA Information:
		       subslot 1/0: SPA-10X1GE-V2 (0x508), status is ok
		       subslot 1/1: Empty
		       subslot 1/2: Empty
		       subslot 1/3: Empty
		
		CHR1.NYC-NY#
		

		>
		> > It is possible I am using a version of rancid that
needs to
		> be upgraded
		> > and/or patched.
		>
		> possibly.  'show inventory' has been added and that
ought to
		> include this
		> information...if cisco has gotten around to adding it
to this platform
		> yet.
		>
		
		
		Looks like this might be the best way to go.  From the
show inventory:
		
		NAME: "slot 1", DESCR: "ISE 10G Modular Services Card
v2"
		PID: 12000-SIP-601     , VID: V02, SN: SAD111403M0
		
		NAME: "SPA subslot 1/0", DESCR: "10-port Gigabit
Ethernet Shared Port
		Adapter"
		PID: SPA-10X1GE-V2     , VID: V01, SN: JAB111701NG
		

		_______________________________________________
		Rancid-discuss mailing list
		Rancid-discuss at shrubbery.net
	
http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
		



From Mark.Favas at csiro.au  Mon Mar  3 10:45:07 2008
From: Mark.Favas at csiro.au (Mark.Favas at csiro.au)
Date: Mon, 3 Mar 2008 19:45:07 +0900
Subject: [rancid]  Cisco 9124 SAN Switch
Message-ID: <E4C76C673DBDD54D85ABC2F6FC82FD14903846@exwa3-per.nexus.csiro.au>

Hi,

I'm trying to use rancid on a Cisco MDS 9124 SAN switch running SAN-OS
ver 3.1(3a). Initially I had a problem with the WriteTerm subroutine of
the rancid script not recognising when the "end of config" had been
reached. By making a change similar to  that for the ContentEngine, I
got past that problem (happy to post diffs if there's any interest). Now
I regularly get emails that the config has changed because the order of
some of the output lines changes (below - the "callhome" line flips
about). Has anyone on the list got a Cisco SAN switch working with
rancid?

Thanks,

Mark Favas


  no snmp-server enable traps vrrp
  snmp-server enable traps license
- callhome
  fcalias name SH1_2_2 vsan 1
      member pwwn 21:01:00:1b:32:38:50:10
  
  fcalias name SH2_2_2 vsan 1
@@ -114,8 +113,9 @@
  
  fcalias name L180_DR_1 vsan 1
      member pwwn 50:01:04:f0:00:58:e7:af
  
+ callhome
  zone name SH1_2_2_ZONE vsan 1
      member fcalias SH1_2_2

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20080303/f8b00273/attachment.html 

From rancid at gheek.net  Mon Mar  3 15:12:27 2008
From: rancid at gheek.net (Lance Vermilion)
Date: Mon, 3 Mar 2008 08:12:27 -0700
Subject: [rancid] Re: Cisco 9124 SAN Switch
In-Reply-To: <E4C76C673DBDD54D85ABC2F6FC82FD14903846@exwa3-per.nexus.csiro.au>
References: <E4C76C673DBDD54D85ABC2F6FC82FD14903846@exwa3-per.nexus.csiro.au>
Message-ID: <8423e7bb0803030712k45f48d53i2092b4f979ff25ab@mail.gmail.com>

Here is how it has been done in the past. Refer to this thread.

http://www.shrubbery.net/pipermail/rancid-discuss/2006-June/001542.html

Modifying control_rancid with this line might solve your issue.

--ignore-matching-lines='^callhome$'

cvs -f diff -U 4 --ignore-matching-lines='^callhome$' | sed -e '/^RCS
file: /d' -e '/^--- /d' -e '/^+++ /d' -e 's/^\([-+ ]\)/\1 /'
>$TMP.diff


Similar solution is in this thread too.
http://www.shrubbery.net/pipermail/rancid-discuss/2006-May/001503.html

Note I have not verified this is possible with any version of rancid,
just sharing what others have shared in the past.

-Lance

On 3/3/08, Mark.Favas at csiro.au <Mark.Favas at csiro.au> wrote:
>
>
> Hi,
>
> I'm trying to use rancid on a Cisco MDS 9124 SAN switch running SAN-OS ver
> 3.1(3a). Initially I had a problem with the WriteTerm subroutine of the
> rancid script not recognising when the "end of config" had been reached. By
> making a change similar to  that for the ContentEngine, I got past that
> problem (happy to post diffs if there's any interest). Now I regularly get
> emails that the config has changed because the order of some of the output
> lines changes (below - the "callhome" line flips about). Has anyone on the
> list got a Cisco SAN switch working with rancid?
>
> Thanks,
>
> Mark Favas
>
>
>   no snmp-server enable traps vrrp
>   snmp-server enable traps license
> - callhome
>   fcalias name SH1_2_2 vsan 1
>       member pwwn 21:01:00:1b:32:38:50:10
>
>   fcalias name SH2_2_2 vsan 1
> @@ -114,8 +113,9 @@
>
>   fcalias name L180_DR_1 vsan 1
>       member pwwn 50:01:04:f0:00:58:e7:af
>
> + callhome
>   zone name SH1_2_2_ZONE vsan 1
>       member fcalias SH1_2_2
> _______________________________________________
> Rancid-discuss mailing list
> Rancid-discuss at shrubbery.net
> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
>

From yuval.ben.ari at gmail.com  Mon Mar  3 17:57:18 2008
From: yuval.ben.ari at gmail.com (Yuval Ben Ari)
Date: Mon, 3 Mar 2008 19:57:18 +0200
Subject: [rancid] Re: GSR 12k - sho diag / missing subslot spa info
In-Reply-To: <3B715C4683E2F54DBC36ECDD2CA70F5303C42979@VARESTMAIL03.mail.inthosts.net>
References: <3B715C4683E2F54DBC36ECDD2CA70F5301F14628@VARESTMAIL03.mail.inthosts.net>
	<20070627184142.GV22136@shrubbery.net>
	<3B715C4683E2F54DBC36ECDD2CA70F5301F14633@VARESTMAIL03.mail.inthosts.net>
	<def57efd0803020612o5249b9bey2ad2ceb962598b92@mail.gmail.com>
	<3B715C4683E2F54DBC36ECDD2CA70F5303C42979@VARESTMAIL03.mail.inthosts.net>
Message-ID: <def57efd0803030957x13091bd3ra9c9c0bf3ba6b764@mail.gmail.com>

thanks!, I will try it

On Mon, Mar 3, 2008 at 7:16 AM, Elliott, Andrew <AElliott at xo.com> wrote:

> # This routine parses "show inventory".
> sub ShowInventory {
>    print STDERR "    In ShowInventory: $_" if ($debug);
>
>    while (<INPUT>) {
>        tr/\015//d;
>        return if (/^\s*\^$/);
>        last if (/^$prompt/);
>        next if (/^(\s*|\s*$cmd\s*)$/);
>        return(1) if /Line has invalid autocommand /;
>        return(1) if /(Invalid input detected|Type help or )/;
>        return(-1) if (/command authorization failed/i);
>        # the pager can not be disabled per-session on the PIX
>        if (/^(<-+ More -+>)/) {
>            my($len) = length($1);
>            s/^$1\s{$len}//;
>        }
>
>        if (/^(NAME: "[^"]*",) (DESCR: "[^"]+")/) {
>            ProcessHistory("INVENTORY","","", sprintf("!%-30s %s\n", $1,
> $2));
>            next;
>        }
>        # split PID/VID/SN line
>        if (/^PID: (\S*)\s*, VID: (\S*)\s*, SN: (\S*)\s*$/) {
>            my($entries) = "";
>            $entries .= "!PID: $1\n" if ($1);
>            $entries .= "!VID: $2\n" if ($2);
>            $entries .= "!SN: $3\n" if ($3);
>            ProcessHistory("INVENTORY","","", "$entries");
>            next;
>        }
>        ProcessHistory("INVENTORY","","","!$_");
>    }
>    ProcessHistory("INVENTORY","","","!\n");
>
>    return(0);
> }
>
> And add this to your command table:
>
> @commandtable = (
>        {'show inventory raw'           => 'ShowInventory'},
>
>
> ---
> Andrew Elliott
> XO Communications
> desk: 989.758.6987
> cell: 989.213.5794
>
>
>
>
>
>
> ________________________________
>
>        From: Yuval Ben Ari [mailto:yuval.ben.ari at gmail.com]
>        Sent: Sunday, March 02, 2008 9:13 AM
>        To: Elliott, Andrew
>        Cc: rancid-discuss at shrubbery.net
>        Subject: Re: [rancid] Re: GSR 12k - sho diag / missing subslot
> spa info
>
>
>        I am also having the same problem, and I am also interested to
> have the S/N of the SPA
>        Indeed "show inventory" seems the best way to do it.
>        has anyone added "show inventory" parser yet?
>        otherwise I can try to add it and post here.
>
>        Yuval
>
>
>        On Wed, Jun 27, 2007 at 10:50 PM, Elliott, Andrew
> <AElliott at xo.com> wrote:
>
>
>
>                > > Hello,
>                > >
>                > > I have been recently asked that my router backups
> include
>                > the SUBSLOT
>                > > line from 'sho diag' on the 12k's.
>                > >
>                > > Here is an example (trimmed for brevity) of the
> output I
>                > want rancid to
>                > > parse:
>                > >
>                > > SLOT 1  (RP/LC 1 ): Modular SPA Interface Card (10G)
>                > > -snip-
>                > >
>                > >   SPA Information:
>                > >         subslot 1/0: SPA-10X1GE-V2 (0x508), status
> is ok
>                > >         subslot 1/1: Empty
>                > >         subslot 1/2: Empty
>                > >         subslot 1/3: Empty
>                > >
>                > > SUBSLOT  1/0 (SPA-10X1GE-V2): 10-port Gigabit
> Ethernet Shared Port
>                > > Adapter
>                > >         Product Identifier (PID) : SPA-10X1GE-V2
>                > > -snip-
>                > >
>                > > This is a new card type that we have recently begun
> deploying, and
>                > > currently all that is backed up is the main SPA IC
>                > information, not the
>                > > info on the "SUBSLOT" or "SPA -> subslot" lines.
>                >
>                > I'd need to have the complete output; I don't have
> GSRs anymore.
>                >
>
>                CHR1.NYC-NY#sho diag 1
>
>
>                SLOT 1  (RP/LC 1 ): Modular SPA Interface Card (10G)
>
>                 MAIN: type 149,  00-0000-00 rev A0
>                       Deviation:  D090170
>                       HW config: 0x20    SW key: 00-00-00
>                 PCA:  00-00000-00 rev A0 ver 4
>                       Design Release 1.0  S/N SAD000000M0
>                 MBUS: Embedded Agent
>                       Test hist: 0x00    RMA#: 00-00-00    RMA hist:
> 0x00
>                 DIAG: Test count: 0x00000000    Test results:
> 0x00000000
>                 FRU:  Linecard/Module: 12000-SIP-601=
>                       Processor Memory: MEM-LC5-2048=(Non-Replaceable)
>                       Packet Memory: MEM-LC5-PKT-256=(Non-Replaceable)
>                 L3 Engine: 5 - ISE 10 Gbps
>                 MBUS Agent Software version 2.51 (RAM) (ROM version is
> 3.50)
>                 ROM Monitor version 17.1
>                 Fabric Downloader version used 4.1 (ROM version is 4.1)
>                 Primary clock is CSC 1
>                 Board is analyzed
>                 Board State is Line Card Enabled (IOS  RUN )
>                 Insertion time: 00:22:52 (2w4d ago)
>                 Processor Memory size: 2147483648 bytes
>                 TX Packet Memory size: 268435456 bytes, Packet Memory
> pagesize: 32768
>                bytes
>                 RX Packet Memory size: 268435456 bytes, Packet Memory
> pagesize: 32768
>                bytes
>                 0 crashes since restart
>
>
>                 SPA Information:
>                       subslot 1/0: SPA-10X1GE-V2 (0x508), status is ok
>                       subslot 1/1: Empty
>                       subslot 1/2: Empty
>                       subslot 1/3: Empty
>
>                CHR1.NYC-NY#
>
>
>                >
>                > > It is possible I am using a version of rancid that
> needs to
>                > be upgraded
>                > > and/or patched.
>                >
>                > possibly.  'show inventory' has been added and that
> ought to
>                > include this
>                > information...if cisco has gotten around to adding it
> to this platform
>                > yet.
>                >
>
>
>                Looks like this might be the best way to go.  From the
> show inventory:
>
>                NAME: "slot 1", DESCR: "ISE 10G Modular Services Card
> v2"
>                PID: 12000-SIP-601     , VID: V02, SN: SAD111403M0
>
>                NAME: "SPA subslot 1/0", DESCR: "10-port Gigabit
> Ethernet Shared Port
>                Adapter"
>                PID: SPA-10X1GE-V2     , VID: V01, SN: JAB111701NG
>
>
>                _______________________________________________
>                Rancid-discuss mailing list
>                Rancid-discuss at shrubbery.net
>
> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
>
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20080303/681c4b56/attachment.html 

From ecables at gmail.com  Mon Mar  3 21:11:20 2008
From: ecables at gmail.com (Eric Cables)
Date: Mon, 3 Mar 2008 13:11:20 -0800
Subject: [rancid] Re: Cisco 9124 SAN Switch
In-Reply-To: <8423e7bb0803030712k45f48d53i2092b4f979ff25ab@mail.gmail.com>
References: <E4C76C673DBDD54D85ABC2F6FC82FD14903846@exwa3-per.nexus.csiro.au>
	<8423e7bb0803030712k45f48d53i2092b4f979ff25ab@mail.gmail.com>
Message-ID: <d5c7ccac0803031311q64c110cbq705c77cc34045f53@mail.gmail.com>

It would be nice if a future RANCID release included ignore options in the
rancid.conf file, or by some other intuitive means.

Is this a possibility?

On Mon, Mar 3, 2008 at 7:12 AM, Lance Vermilion <rancid at gheek.net> wrote:

> Here is how it has been done in the past. Refer to this thread.
>
> http://www.shrubbery.net/pipermail/rancid-discuss/2006-June/001542.html
>
> Modifying control_rancid with this line might solve your issue.
>
> --ignore-matching-lines='^callhome$'
>
> cvs -f diff -U 4 --ignore-matching-lines='^callhome$' | sed -e '/^RCS
> file: /d' -e '/^--- /d' -e '/^+++ /d' -e 's/^\([-+ ]\)/\1 /'
> >$TMP.diff
>
>
> Similar solution is in this thread too.
> http://www.shrubbery.net/pipermail/rancid-discuss/2006-May/001503.html
>
> Note I have not verified this is possible with any version of rancid,
> just sharing what others have shared in the past.
>
> -Lance
>
> On 3/3/08, Mark.Favas at csiro.au <Mark.Favas at csiro.au> wrote:
> >
> >
> > Hi,
> >
> > I'm trying to use rancid on a Cisco MDS 9124 SAN switch running SAN-OS
> ver
> > 3.1(3a). Initially I had a problem with the WriteTerm subroutine of the
> > rancid script not recognising when the "end of config" had been reached.
> By
> > making a change similar to  that for the ContentEngine, I got past that
> > problem (happy to post diffs if there's any interest). Now I regularly
> get
> > emails that the config has changed because the order of some of the
> output
> > lines changes (below - the "callhome" line flips about). Has anyone on
> the
> > list got a Cisco SAN switch working with rancid?
> >
> > Thanks,
> >
> > Mark Favas
> >
> >
> >   no snmp-server enable traps vrrp
> >   snmp-server enable traps license
> > - callhome
> >   fcalias name SH1_2_2 vsan 1
> >       member pwwn 21:01:00:1b:32:38:50:10
> >
> >   fcalias name SH2_2_2 vsan 1
> > @@ -114,8 +113,9 @@
> >
> >   fcalias name L180_DR_1 vsan 1
> >       member pwwn 50:01:04:f0:00:58:e7:af
> >
> > + callhome
> >   zone name SH1_2_2_ZONE vsan 1
> >       member fcalias SH1_2_2
> > _______________________________________________
> > Rancid-discuss mailing list
> > Rancid-discuss at shrubbery.net
> > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
> >
> _______________________________________________
> Rancid-discuss mailing list
> Rancid-discuss at shrubbery.net
> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
>



-- 
Eric Cables
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20080303/613334c2/attachment.html 

From ecables at gmail.com  Mon Mar  3 21:12:58 2008
From: ecables at gmail.com (Eric Cables)
Date: Mon, 3 Mar 2008 13:12:58 -0800
Subject: [rancid] Re: Cisco 9124 SAN Switch
In-Reply-To: <E4C76C673DBDD54D85ABC2F6FC82FD14903846@exwa3-per.nexus.csiro.au>
References: <E4C76C673DBDD54D85ABC2F6FC82FD14903846@exwa3-per.nexus.csiro.au>
Message-ID: <d5c7ccac0803031312h559b0c33r1ce375a235be948a@mail.gmail.com>

Mark,

I have been unable to backup my 9500 MDS switches since I've gotten RANCID,
and have been relying on other tools to archive the configs.

What changes did you make to enable the archival of these devices?  I'm not
much of a coder, so the more info on what you did the better.

Thanks,

On Mon, Mar 3, 2008 at 2:45 AM, <Mark.Favas at csiro.au> wrote:

>  Hi,
>
> I'm trying to use rancid on a Cisco MDS 9124 SAN switch running SAN-OS ver
> 3.1(3a). Initially I had a problem with the WriteTerm subroutine of the
> rancid script not recognising when the "end of config" had been reached. By
> making a change similar to  that for the ContentEngine, I got past that
> problem (happy to post diffs if there's any interest). Now I regularly get
> emails that the config has changed because the order of some of the output
> lines changes (below - the "callhome" line flips about). Has anyone on the
> list got a Cisco SAN switch working with rancid?
>
> Thanks,
>
> Mark Favas
>
>   no snmp-server enable traps vrrp
>   snmp-server enable traps license
> - callhome
>   fcalias name SH1_2_2 vsan 1
>       member pwwn 21:01:00:1b:32:38:50:10
>
>   fcalias name SH2_2_2 vsan 1
> @@ -114,8 +113,9 @@
>
>   fcalias name L180_DR_1 vsan 1
>       member pwwn 50:01:04:f0:00:58:e7:af
>
> + callhome
>   zone name SH1_2_2_ZONE vsan 1
>       member fcalias SH1_2_2
>
> _______________________________________________
> Rancid-discuss mailing list
> Rancid-discuss at shrubbery.net
> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
>



-- 
Eric Cables
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20080303/5a480957/attachment.html 

From Mark.Favas at csiro.au  Tue Mar  4 05:52:00 2008
From: Mark.Favas at csiro.au (Mark.Favas at csiro.au)
Date: Tue, 4 Mar 2008 14:52:00 +0900
Subject: [rancid] Re: Cisco 9124 SAN Switch
References: <E4C76C673DBDD54D85ABC2F6FC82FD14903846@exwa3-per.nexus.csiro.au>
	<d5c7ccac0803031312h559b0c33r1ce375a235be948a@mail.gmail.com>
Message-ID: <E4C76C673DBDD54D85ABC2F6FC82FD1490384A@exwa3-per.nexus.csiro.au>

Eric,
 
The diffs against Rancid 2.3.1 are below. Basically, it sets the type to
be "SAN" if it sees the string "Cisco Storage Area Networking Software",
and then assumes it's found the end of the config if it's seen more than
five lines of output and the router type is "SAN". That was enough to
get it to work for me...
 
Cheers,
 
Mark
 
*** rancid Thu Apr  5 05:30:58 2007
--- rancidsan Tue Mar  4 10:30:06 2008
***************
*** 153,158 ****
--- 153,159 ----
       next;
   }
   if (/^Application and Content Networking Software/) { $type="CE"; }
+  if (/^Cisco Storage Area Networking Operating System/) { $type="SAN";
}
   /^Application and Content Networking Software Release /i &&
       ProcessHistory("COMMENTS","keysort","F1", "!Image: $_") && next;
   /^Cisco Secure PIX /i &&
***************
*** 1411,1416 ****
--- 1412,1424 ----
   $found_end = 1;
   return(1);
      }
+     # The Cisco SAN switch running SANOS lacks a definitive "end of
config"
+     # marker.  If we know that it is a SAN switch and we have seen at
least 5
+     # lines of write term o/p, we can be reasonably sure that we got
the config.
+     if ($type =~ /^SAN$/ && $linecnt > 5) {
+  $found_end = 1;
+  return(1);
+     }
  
      return(0);
  }
 
 
 
 

  _____  

From: rancid-discuss-bounces at shrubbery.net
[mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Eric Cables
Sent: Tuesday, 4 March 2008 6:13 AM
To: Favas, Mark (CSIRO IM&T, Kensington)
Cc: rancid-discuss at shrubbery.net
Subject: [rancid] Re: Cisco 9124 SAN Switch


Mark,

I have been unable to backup my 9500 MDS switches since I've gotten
RANCID, and have been relying on other tools to archive the configs.

What changes did you make to enable the archival of these devices?  I'm
not much of a coder, so the more info on what you did the better.

Thanks,


On Mon, Mar 3, 2008 at 2:45 AM, <Mark.Favas at csiro.au> wrote:


	Hi, 

	I'm trying to use rancid on a Cisco MDS 9124 SAN switch running
SAN-OS ver 3.1(3a). Initially I had a problem with the WriteTerm
subroutine of the rancid script not recognising when the "end of config"
had been reached. By making a change similar to  that for the
ContentEngine, I got past that problem (happy to post diffs if there's
any interest). Now I regularly get emails that the config has changed
because the order of some of the output lines changes (below - the
"callhome" line flips about). Has anyone on the list got a Cisco SAN
switch working with rancid?

	Thanks, 

	Mark Favas 


	  no snmp-server enable traps vrrp 
	  snmp-server enable traps license 
	- callhome 
	  fcalias name SH1_2_2 vsan 1 
	      member pwwn 21:01:00:1b:32:38:50:10 
	  
	  fcalias name SH2_2_2 vsan 1 
	@@ -114,8 +113,9 @@ 
	  
	  fcalias name L180_DR_1 vsan 1 
	      member pwwn 50:01:04:f0:00:58:e7:af 
	  
	+ callhome 
	  zone name SH1_2_2_ZONE vsan 1 
	      member fcalias SH1_2_2 


	_______________________________________________
	Rancid-discuss mailing list
	Rancid-discuss at shrubbery.net
	http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
	




-- 
Eric Cables 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20080304/43f0da15/attachment.html 

From rskoog at chrr.osu.edu  Wed Mar  5 14:23:52 2008
From: rskoog at chrr.osu.edu (Rob Skoog)
Date: Wed, 05 Mar 2008 09:23:52 -0500
Subject: [rancid]  Problems using nlogin and nrancdi
Message-ID: <47CEACF8.5000205@chrr.osu.edu>

I'm trying to add a couple of netscreen firewalls to a rancid setup.

Here is what I see when I try to use nlogin.....

bash-3.00$ bin/nlogin -f .cloginrc  -c "get conf" isg-chat-auth
isg-chat-auth
spawn ssh -c 3des -x -l admin isg-chat-auth
admin at isg-chat-auth's password:
Remote Management Console
isg-chat-> can't read "enable": no such variable
     while executing
"if { $enable } {
         if {[do_enable $enauser $enapasswd]} {
             if { $do_command || $do_script } {
                 close; wait
                 continue
             }
         }
     }"
     ("foreach" body line 66)
     invoked from within
"foreach firewall [lrange $argv $i end] {
     set firewall [string tolower $firewall]
     send_user "$firewall\n"

     set prompt ">"

     # Figure out..."
     (file "bin/nlogin" line 423)
bash-3.00$

Here is what I see in the rancid logs when rancid runs.

Missing right curly or square bracket at /var/rancid/bin/nrancid line 
302, at end of line
syntax error at /var/rancid/bin/nrancid line 302, at EOF
Execution of /var/rancid/bin/nrancid aborted due to compilation errors.
Missing right curly or square bracket at /var/rancid/bin/nrancid line 
302, at end of line
syntax error at /var/rancid/bin/nrancid line 302, at EOF
Execution of /var/rancid/bin/nrancid aborted due to compilation errors.


I have tried executing nlogin adding a -noenable but according the the 
man pages that isn't supposed to be necessary. (It also didn't help)

Any assistance would be greatly appreciated.

Thanks,
Rob Skoog

From rskoog at chrr.osu.edu  Wed Mar  5 15:55:15 2008
From: rskoog at chrr.osu.edu (Rob Skoog)
Date: Wed, 05 Mar 2008 10:55:15 -0500
Subject: [rancid] Re: Problems using nlogin and nrancdi
In-Reply-To: <47CEACF8.5000205@chrr.osu.edu>
References: <47CEACF8.5000205@chrr.osu.edu>
Message-ID: <47CEC263.3060403@chrr.osu.edu>

Rob Skoog wrote:
> I'm trying to add a couple of netscreen firewalls to a rancid setup.
> 
> Here is what I see when I try to use nlogin.....
> 
> bash-3.00$ bin/nlogin -f .cloginrc  -c "get conf" isg-chat-auth
> isg-chat-auth
> spawn ssh -c 3des -x -l admin isg-chat-auth
> admin at isg-chat-auth's password:
> Remote Management Console
> isg-chat-> can't read "enable": no such variable
>      while executing
> "if { $enable } {
>          if {[do_enable $enauser $enapasswd]} {
>              if { $do_command || $do_script } {
>                  close; wait
>                  continue
>              }
>          }
>      }"
>      ("foreach" body line 66)
>      invoked from within
> "foreach firewall [lrange $argv $i end] {
>      set firewall [string tolower $firewall]
>      send_user "$firewall\n"
> 
>      set prompt ">"
> 
>      # Figure out..."
>      (file "bin/nlogin" line 423)
> bash-3.00$
> 
> Here is what I see in the rancid logs when rancid runs.
> 
> Missing right curly or square bracket at /var/rancid/bin/nrancid line 
> 302, at end of line
> syntax error at /var/rancid/bin/nrancid line 302, at EOF
> Execution of /var/rancid/bin/nrancid aborted due to compilation errors.
> Missing right curly or square bracket at /var/rancid/bin/nrancid line 
> 302, at end of line
> syntax error at /var/rancid/bin/nrancid line 302, at EOF
> Execution of /var/rancid/bin/nrancid aborted due to compilation errors.
> 
> 
> I have tried executing nlogin adding a -noenable but according the the 
> man pages that isn't supposed to be necessary. (It also didn't help)
> 
> Any assistance would be greatly appreciated.
> 
> Thanks,
> Rob Skoog
> _______________________________________________
> Rancid-discuss mailing list
> Rancid-discuss at shrubbery.net
> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss

I found this posting shortly after I made this posting:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=342274


Updating to the latest alpha (2.3.2a7) fixed my issues.

Thanks,
Rob Skoog



From bhdbmv at gmail.com  Wed Mar  5 16:34:05 2008
From: bhdbmv at gmail.com (Raymond Venner)
Date: Wed, 5 Mar 2008 11:34:05 -0500
Subject: [rancid]  Rancid on Redhat 5 64bit
Message-ID: <509d59e0803050834o5b7fe5ay9220323c52cc2a64@mail.gmail.com>

Does anybody have rancid installed on a 64 bit machine (redhat)?  Any
initial installation information would be greatly appreciated.

Thanks!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20080305/92d5fcd0/attachment.html 

From Todd at equivoice.com  Wed Mar  5 19:21:19 2008
From: Todd at equivoice.com (Todd Heide)
Date: Wed, 5 Mar 2008 13:21:19 -0600
Subject: [rancid] Re: Rancid on Redhat 5 64bit
In-Reply-To: <509d59e0803050834o5b7fe5ay9220323c52cc2a64@mail.gmail.com>
References: <509d59e0803050834o5b7fe5ay9220323c52cc2a64@mail.gmail.com>
Message-ID: <082FEA82DC985B4F8A6B412D5AC4E220C12999@exchange.Equivoice.local>

 

I have it running on FC6 x64 with no additional mods. 

________________________________

From: rancid-discuss-bounces at shrubbery.net
[mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Raymond
Venner
Sent: Wednesday, March 05, 2008 10:34 AM
To: rancid-discuss at shrubbery.net
Subject: [rancid] Rancid on Redhat 5 64bit

 

Does anybody have rancid installed on a 64 bit machine (redhat)?  Any
initial installation information would be greatly appreciated.

 

Thanks!

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20080305/ff63bacd/attachment.html 

From jethro.binks at strath.ac.uk  Wed Mar  5 20:54:31 2008
From: jethro.binks at strath.ac.uk (Jethro R Binks)
Date: Wed, 5 Mar 2008 20:54:31 +0000 (GMT)
Subject: [rancid]  Less rancid duplication
Message-ID: <20080305204635.R5784@defjam.cc.strath.ac.uk>

Hi,

Are there any plans to make rancid more modular, in order to reduce the 
duplication of code across the various *login and *rancid files?  Should 
there be?

I ask 'cos it appears I need to write a *login/*rancid module for HP blade 
ethernet switches (Bladesystems rebadged), and I'm wondering (a) with 
which of the existing ones to start, and (b) when the most commonly used 
one (ie, the Cisco one) gets useful updates that are generally applicable, 
how they can be tracked and backported to the modules for other types of 
devices.

Sort of related, will Michael Stefaniuc's wrapper stuff (recently 
mentioned again, and also here:

http://www.shrubbery.net/pipermail/rancid-discuss/2005-November/001276.html

) be included in a future rancid?

Jethro.

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Jethro R Binks
Computing Officer, IT Services
University Of Strathclyde, Glasgow, UK

From nate.beck at jivesoftware.com  Wed Mar  5 21:00:36 2008
From: nate.beck at jivesoftware.com (Nate Beck)
Date: Wed, 05 Mar 2008 13:00:36 -0800
Subject: [rancid] Re: Rancid on Redhat 5 64bit
In-Reply-To: <509d59e0803050834o5b7fe5ay9220323c52cc2a64@mail.gmail.com>
Message-ID: <C3F449F4.2218%nate.beck@jivesoftware.com>

I have it running on a RHEL5 (64bit) box with no issues.  I am running
2.3.2a8.  I just had to ensure that I had expect running.  This is with the
CVS backend, I could not get the SVN backend to work correctly.

-Nate


On 3/5/08 8:34 AM, "Raymond Venner" <bhdbmv at gmail.com> wrote:

> Does anybody have rancid installed on a 64 bit machine (redhat)?  Any initial
> installation information would be greatly appreciated.
>  
> Thanks!
> 
> 
> _______________________________________________
> Rancid-discuss mailing list
> Rancid-discuss at shrubbery.net
> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20080305/586ce497/attachment.html 

From danm at prime.gushi.org  Thu Mar  6 00:09:22 2008
From: danm at prime.gushi.org (Dan Mahoney, System Admin)
Date: Wed, 5 Mar 2008 19:09:22 -0500 (EST)
Subject: [rancid]  nslogin and clipaging
Message-ID: <alpine.BSF.1.00.0803051716560.91863@prime.gushi.org>

I'm guessing some of the rancid scripts are kind of old and not seldom 
used.

I am trying to use nslogin to do a "get arp" on my netscreen firewall.

The first issue I hit was that it seems to be looking for a # in the 
prompt -- this is not a global settable (although maybe it should be?)

I changed the initial "set prompt #" to "set prompt \\-\\>" as our usual 
prompt is "fw1->".

However, I still have the issue that the script doesn't recognize the 
"more" prompt as set by the firewall.  I know other versions of the script 
set something session-based on the router to disable this -- on this 
firewall it looks like a global that I'd have to unset and reset.

The paging prompt appears to be "--- more --- ", for what it's worth.

My expect skills are weak, so...

a) Can someone tell me where to send the commands to disable (and 
reenable) cli paging in the script (i.e. I know the commands, just not the 
nslogin flow so I wouldn't know where to put them).

or

b) Can someone help me figure out how to make nslogin recognize the above 
"more" prompt?

I'm willing to commit my changes, if that helps at all.

I can't provide access to test systems but can try to give as much debug 
output as possible.

-Dan Mahoney

--

<Belldandy> ha. you have not met me.
<BaldDwarf> ha. but i have sene pictures
<Belldandy> thanks but uh.,
<BaldDwarf> seen dammit! SEEN!
<Gushi> I don't know who dammit! is.
<Belldandy> so anyway

-Undernet #reboot, October 2nd, 2000, 3AM

--------Dan Mahoney--------
Techie,  Sysadmin,  WebGeek
Gushi on efnet/undernet IRC
ICQ: 13735144   AIM: LarpGM
Site:  http://www.gushi.org
---------------------------


From heas at shrubbery.net  Thu Mar  6 06:41:59 2008
From: heas at shrubbery.net (john heasley)
Date: Wed, 5 Mar 2008 22:41:59 -0800
Subject: [rancid] Re: Rancid on Redhat 5 64bit
In-Reply-To: <C3F449F4.2218%nate.beck@jivesoftware.com>
References: <509d59e0803050834o5b7fe5ay9220323c52cc2a64@mail.gmail.com>
	<C3F449F4.2218%nate.beck@jivesoftware.com>
Message-ID: <20080306064159.GT13713@shrubbery.net>

I have no redhat experience, but it definitely works (ie: cvs, svn, and
even expect) on 64bit Solaris and NetBSD, either endianess.

Wed, Mar 05, 2008 at 01:00:36PM -0800, Nate Beck:
> I have it running on a RHEL5 (64bit) box with no issues.  I am running
> 2.3.2a8.  I just had to ensure that I had expect running.  This is with the
> CVS backend, I could not get the SVN backend to work correctly.
> 
> -Nate
> 
> 
> On 3/5/08 8:34 AM, "Raymond Venner" <bhdbmv at gmail.com> wrote:
> 
> > Does anybody have rancid installed on a 64 bit machine (redhat)?  Any initial
> > installation information would be greatly appreciated.
> >  
> > Thanks!
> > 
> > 
> > _______________________________________________
> > Rancid-discuss mailing list
> > Rancid-discuss at shrubbery.net
> > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
> 

> _______________________________________________
> Rancid-discuss mailing list
> Rancid-discuss at shrubbery.net
> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss

From heas at shrubbery.net  Thu Mar  6 06:55:50 2008
From: heas at shrubbery.net (john heasley)
Date: Wed, 5 Mar 2008 22:55:50 -0800
Subject: [rancid] Re: Cisco 9124 SAN Switch
In-Reply-To: <d5c7ccac0803031311q64c110cbq705c77cc34045f53@mail.gmail.com>
References: <E4C76C673DBDD54D85ABC2F6FC82FD14903846@exwa3-per.nexus.csiro.au>
	<8423e7bb0803030712k45f48d53i2092b4f979ff25ab@mail.gmail.com>
	<d5c7ccac0803031311q64c110cbq705c77cc34045f53@mail.gmail.com>
Message-ID: <20080306065550.GV13713@shrubbery.net>

Can't this go in ~/.cvsrc?

Mon, Mar 03, 2008 at 01:11:20PM -0800, Eric Cables:
> It would be nice if a future RANCID release included ignore options in the
> rancid.conf file, or by some other intuitive means.
> 
> Is this a possibility?
> 
> On Mon, Mar 3, 2008 at 7:12 AM, Lance Vermilion <rancid at gheek.net> wrote:
> 
> > Here is how it has been done in the past. Refer to this thread.
> >
> > http://www.shrubbery.net/pipermail/rancid-discuss/2006-June/001542.html
> >
> > Modifying control_rancid with this line might solve your issue.
> >
> > --ignore-matching-lines='^callhome$'
> >
> > cvs -f diff -U 4 --ignore-matching-lines='^callhome$' | sed -e '/^RCS
> > file: /d' -e '/^--- /d' -e '/^+++ /d' -e 's/^\([-+ ]\)/\1 /'
> > >$TMP.diff
> >
> >
> > Similar solution is in this thread too.
> > http://www.shrubbery.net/pipermail/rancid-discuss/2006-May/001503.html
> >
> > Note I have not verified this is possible with any version of rancid,
> > just sharing what others have shared in the past.
> >
> > -Lance
> >
> > On 3/3/08, Mark.Favas at csiro.au <Mark.Favas at csiro.au> wrote:
> > >
> > >
> > > Hi,
> > >
> > > I'm trying to use rancid on a Cisco MDS 9124 SAN switch running SAN-OS
> > ver
> > > 3.1(3a). Initially I had a problem with the WriteTerm subroutine of the
> > > rancid script not recognising when the "end of config" had been reached.
> > By
> > > making a change similar to  that for the ContentEngine, I got past that
> > > problem (happy to post diffs if there's any interest). Now I regularly
> > get
> > > emails that the config has changed because the order of some of the
> > output
> > > lines changes (below - the "callhome" line flips about). Has anyone on
> > the
> > > list got a Cisco SAN switch working with rancid?
> > >
> > > Thanks,
> > >
> > > Mark Favas
> > >
> > >
> > >   no snmp-server enable traps vrrp
> > >   snmp-server enable traps license
> > > - callhome
> > >   fcalias name SH1_2_2 vsan 1
> > >       member pwwn 21:01:00:1b:32:38:50:10
> > >
> > >   fcalias name SH2_2_2 vsan 1
> > > @@ -114,8 +113,9 @@
> > >
> > >   fcalias name L180_DR_1 vsan 1
> > >       member pwwn 50:01:04:f0:00:58:e7:af
> > >
> > > + callhome
> > >   zone name SH1_2_2_ZONE vsan 1
> > >       member fcalias SH1_2_2
> > > _______________________________________________
> > > Rancid-discuss mailing list
> > > Rancid-discuss at shrubbery.net
> > > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
> > >
> > _______________________________________________
> > Rancid-discuss mailing list
> > Rancid-discuss at shrubbery.net
> > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
> >
> 
> 
> 
> -- 
> Eric Cables

> _______________________________________________
> Rancid-discuss mailing list
> Rancid-discuss at shrubbery.net
> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss

From jethro.binks at strath.ac.uk  Thu Mar  6 10:36:40 2008
From: jethro.binks at strath.ac.uk (Jethro R Binks)
Date: Thu, 6 Mar 2008 10:36:40 +0000 (GMT)
Subject: [rancid] Re: Oddities with Cisco ASA
In-Reply-To: <20080302210802.X5784@defjam.cc.strath.ac.uk>
References: <20080115233734.G62092@defjam.cc.strath.ac.uk>
	<20080302210802.X5784@defjam.cc.strath.ac.uk>
Message-ID: <20080306090344.G5784@defjam.cc.strath.ac.uk>

On Sun, 2 Mar 2008, Jethro R Binks wrote:

> On Wed, 16 Jan 2008, Jethro R Binks wrote:
> 
> > Despite reports on the list of people having no problems with Cisco ASAs, 
> > I am having some problems.  This with code 7.1(2).  Two problems are 
> > described here, forgive the length of this.
> 
> You may recall my message a while ago to this effect.  I have recently 
> made another observation, for which I have no explanation, but offer it as 
> merely as an additional data point.
> 
> I have been running rancid persistently against this particular ASA ever 
> since the above, and it persistently fails in the same way.  However I 
> lately upgraded the 7.1(2) to 7.2(3), and immediately afterwards rancid 
> was able to connect for the first time since whenever and retrieve the 
> config.  Hurrah!  I thought, problem fixed.  Unfortunately, it started 
> to fail again about 12 hours later, and that is the way it has remained 
> since :(.

I have made a little more progress.  Ultimately, the reason for the 
failure now is because it thinks there are still commands to run.

rancid tries to run these two commands, treated as equivalent:

        {'show running-config'          => 'WriteTerm'},
        {'write term'                   => 'WriteTerm'},

For some reason, at least with my ASA (see previous messages for detail), 
rancid isn't able to pick out the output of the second command, but it can 
process the output from the first, so it's not a problem; it sets 
$found_end and the command is deleted from the commands list:

        delete($commands{$cmd});

Then it tries to call WriteTerm for the second time, and it exits earlier 
because $found_end is already set:

        return(0) if ($found_end);              # Only do this routine once

I think what is happening is that this time:

    while (/#\s*($cmds_regexp)\s*$/) {

doesn't match, because it couldn't parse the output for the second 
command, and so:

        delete($commands{$cmd});

is never called, the command gets left in the command list, and rancid 
exits with failure:

missed cmd(s): write term

I suppose the solution is that if WriteTerm has been called once 
successfully, it removes all the commands that process that sub from the 
command list.  However I do not know if for some Cisco kit "show 
running-config" and "write term" are intrinsically different in some way.

As a short term fix, I have commented out "write term" from the list of 
commands to run, and rancid now works against my ASA.

Grateful for any thoughts on this interpretation.

Jethro.










rancid isn't able to see the output


In the case of the ASA, "show running-config" doesn't work (as a 
not-level-15 priv user

In my case, it seems both work, but when the output 
from the first is found, it notes that "show running-config" was 
successful, and doesn't run the second:


 
Unfortunately, the command is still in the command list (, and at the end 
of 
the loop it assumes a command failed because it wasn't removed from the 
command list.

I'm puzzled why others do not see this behaviour though ... I checked to 
see if I'd made other modifications but other than debugging statements, 
no.


I tried with rancid.in,v 1.174 2004/05/27, unmodified, 

and that did 
exactly the same.

J.

> 
> FWIW, I am now running rancid.in 1.234 and clogin 1.79.
> 
> Jethro.
> 
> 
> . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
> Jethro R Binks
> Computing Officer, IT Services
> University Of Strathclyde, Glasgow, UK
> 

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Jethro R Binks
Computing Officer, IT Services
University Of Strathclyde, Glasgow, UK

From jethro.binks at strath.ac.uk  Thu Mar  6 10:50:13 2008
From: jethro.binks at strath.ac.uk (Jethro R Binks)
Date: Thu, 6 Mar 2008 10:50:13 +0000 (GMT)
Subject: [rancid] Re: Oddities with Cisco ASA
In-Reply-To: <20080306090344.G5784@defjam.cc.strath.ac.uk>
References: <20080115233734.G62092@defjam.cc.strath.ac.uk>
	<20080302210802.X5784@defjam.cc.strath.ac.uk>
	<20080306090344.G5784@defjam.cc.strath.ac.uk>
Message-ID: <20080306104856.U5784@defjam.cc.strath.ac.uk>

On Thu, 6 Mar 2008, Jethro R Binks wrote:

> Grateful for any thoughts on this interpretation.
> 
> Jethro.

Excuse the babble after my message, it was from an earlier draft :)

> rancid isn't able to see the output
...


. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Jethro R Binks
Computing Officer, IT Services
University Of Strathclyde, Glasgow, UK

From danm at prime.gushi.org  Thu Mar  6 15:01:00 2008
From: danm at prime.gushi.org (Dan Mahoney, System Admin)
Date: Thu, 6 Mar 2008 10:01:00 -0500 (EST)
Subject: [rancid]  Minor Bug in nrancid
Message-ID: <alpine.BSF.1.00.0803060959320.96170@prime.gushi.org>

Perl complained about missing a curly bracket.  After using an editor to 
find matching brackets, I found that one's missing on line 200:

sub GetConf {
     print STDERR "    In GetConf: $_" if ($debug);
     while (<INPUT>) {
         tr/\015//d;
         next if /^\s*$/;
         last if(/$prompt/);

         if (/^set admin name "(\S+)"$/ && $filter_pwds >= 1) {
             ProcessHistory("ADMIN","","","!set admin name <removed>\n");
             next;
         }
         if (/^set admin password (\S+)$/ && $filter_pwds >= 1) {
             ProcessHistory("ADMIN","","","!set admin password 
<removed>\n");
             next;
         }
         if (/^set admin user (\S+) password (\S+) privilege (\S+)$/ &&
                                                         $filter_pwds >= 1) 
{
             ProcessHistory("ADMIN","","",
                 "!set admin user $1 password <removed> privilege $3\n");
             next;
HERE -->}
         ProcessHistory("","","","$_");
     }
     $found_end=1;
     return(1);
}

Please include this in the next version, whenever.

-Dan Mahoney


--

"I'm sorry, that is bull$@%^, but they did not say 'Exsqueeze Me' A Long Time Ago in a Galaxy Far Far Away."

-Richard Bozzello, on Jar Jar Binks

--------Dan Mahoney--------
Techie,  Sysadmin,  WebGeek
Gushi on efnet/undernet IRC
ICQ: 13735144   AIM: LarpGM
Site:  http://www.gushi.org
---------------------------


From mtwomey at beakstar.com  Thu Mar  6 20:51:55 2008
From: mtwomey at beakstar.com (Matthew Twomey)
Date: Thu, 6 Mar 2008 14:51:55 -0600
Subject: [rancid]  Question and potential feature request
In-Reply-To: <mailman.0.1204836087.9650.rancid-discuss@shrubbery.net>
References: <mailman.0.1204836087.9650.rancid-discuss@shrubbery.net>
Message-ID: <004801c87fcb$e9fc64e0$06c1a8c0@letni>

Greetings,

I have been a long time user of Rancid and I've always thought it was a
fantastic tool. Recently I've been revamping our backups and that has gotten
me to thinking about a couple of things:

1. We backup literally hundred of devices with Rancid and due to
inconsistency across Cisco IOS releases we are struggling to keep ahead of
the curve when it comes to specifying autoenable 1 or autoenable 0. I don't
always manage the routers I backup, so an updated IOS often reverses this
requirement (e.g. used to work with autoenable on and now it needs it off).
This also often happens when router administrators enable/disable/make
certain changes to tacacs. In any event I'm wondering if anyone has thought
of a way to autodetect the autoenable state of a device?

2. I'm guessing this has been asked before, but I find myself often wishing
there was a grouping feature in the .cloginrc file so that you could define
a group of routers or globs and then apply commands to the group. Something
like:

add group tacacs_ios_cisco_routers r1.aaa.com, r2.aaa.com s3.bbb.com,
s4.bbb.com

add autoenable tacacs_ios_cisco_routers 1
add password tacacs_ios_cisco_routers mypasswd

Has this idea been considered or is there something else which might get me
closer to this?

Thanks!

-Matt


From smunzani at comcast.net  Thu Mar  6 21:49:28 2008
From: smunzani at comcast.net (Sam Munzani)
Date: Thu, 06 Mar 2008 15:49:28 -0600
Subject: [rancid] Re: Question and potential feature request
In-Reply-To: <004801c87fcb$e9fc64e0$06c1a8c0@letni>
References: <mailman.0.1204836087.9650.rancid-discuss@shrubbery.net>
	<004801c87fcb$e9fc64e0$06c1a8c0@letni>
Message-ID: <47D066E8.7070403@comcast.net>

Matthew,

We have a lot of device types too. Below is how we get around these 
challenges.
> Greetings,
>
> I have been a long time user of Rancid and I've always thought it was a
> fantastic tool. Recently I've been revamping our backups and that has gotten
> me to thinking about a couple of things:
>
> 1. We backup literally hundred of devices with Rancid and due to
> inconsistency across Cisco IOS releases we are struggling to keep ahead of
> the curve when it comes to specifying autoenable 1 or autoenable 0. I don't
> always manage the routers I backup, so an updated IOS often reverses this
> requirement (e.g. used to work with autoenable on and now it needs it off).
> This also often happens when router administrators enable/disable/make
> certain changes to tacacs. In any event I'm wondering if anyone has thought
> of a way to autodetect the autoenable state of a device?
>   
Our rancid box runs net-snmp package too. Using snmptrap command, we 
send out a trap to our monitoring station if the backup failed to a 
device. The trap we send passes the IP address of failed device so the 
NetCool associates alert to the failed device. Then somebody can look at 
the log and find out if the password changed or account got locked out etc.
> 2. I'm guessing this has been asked before, but I find myself often wishing
> there was a grouping feature in the .cloginrc file so that you could define
> a group of routers or globs and then apply commands to the group. Something
> like:
>
> add group tacacs_ios_cisco_routers r1.aaa.com, r2.aaa.com s3.bbb.com,
> s4.bbb.com
>
> add autoenable tacacs_ios_cisco_routers 1
> add password tacacs_ios_cisco_routers mypasswd
>   
This kind of feature is surely helpful but we found the RegEx mostly 
addresses our needs.
add autoenable r*.com 1 etc.
> Has this idea been considered or is there something else which might get me
> closer to this?
>
> Thanks!
>
> -Matt
>
> _______________________________________________
> Rancid-discuss mailing list
> Rancid-discuss at shrubbery.net
> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
>
>   


From ssnodgra at pheran.com  Fri Mar  7 02:45:03 2008
From: ssnodgra at pheran.com (Steve Snodgrass)
Date: Thu, 06 Mar 2008 21:45:03 -0500
Subject: [rancid] Re: Question and potential feature request
In-Reply-To: <004801c87fcb$e9fc64e0$06c1a8c0@letni>
References: <mailman.0.1204836087.9650.rancid-discuss@shrubbery.net>
	<004801c87fcb$e9fc64e0$06c1a8c0@letni>
Message-ID: <47D0AC2F.1000305@pheran.com>

Matthew Twomey wrote:
> Greetings,
> 
> I have been a long time user of Rancid and I've always thought it was a
> fantastic tool. Recently I've been revamping our backups and that has gotten
> me to thinking about a couple of things:
> 
> 1. We backup literally hundred of devices with Rancid and due to
> inconsistency across Cisco IOS releases we are struggling to keep ahead of
> the curve when it comes to specifying autoenable 1 or autoenable 0. I don't
> always manage the routers I backup, so an updated IOS often reverses this
> requirement (e.g. used to work with autoenable on and now it needs it off).
> This also often happens when router administrators enable/disable/make
> certain changes to tacacs. In any event I'm wondering if anyone has thought
> of a way to autodetect the autoenable state of a device?

This might be nice for me too.  I'm bringing up a rancid install for the 
first time and I was banging my head on the wall today because I can't 
figure out any way to get my ASAs to log directly into enable mode like 
I do on the IOS boxes using a TACACS server.  Obviously I could manually 
specify autoenable 0 for the ASAs, but this would be a cool feature.

-- 
Steve Snodgrass * ssnodgra at pheran.com * Network/Security/Linux/Perl Geek
"If you want to be somebody else, change your mind."  -Sister Hazel

From rancid at gheek.net  Fri Mar  7 03:57:34 2008
From: rancid at gheek.net (Lance Vermilion)
Date: Thu, 6 Mar 2008 20:57:34 -0700
Subject: [rancid] Re: Question and potential feature request
In-Reply-To: <47D0AC2F.1000305@pheran.com>
References: <mailman.0.1204836087.9650.rancid-discuss@shrubbery.net>
	<004801c87fcb$e9fc64e0$06c1a8c0@letni> <47D0AC2F.1000305@pheran.com>
Message-ID: <8423e7bb0803061957q7c59864dn2e30359a4b682ed5@mail.gmail.com>

All,

Correct me if I am wrong but RANCID is suppose to backup your
configurations. It does that very well. Having to all this extra
figuring out etc can add extra fat in the scripts to make it figure
what it should be doing and yet it still may not always work. If
something fails you will get an email from RANCID. That should be a
pretty good heads up that something has been changed. To me that is
when I also go and verify nothing else has changed. As a network admin
I like to know what is changing.

Sam pointed a very simple solution to bring it front and center and
allow it to get a ticket opened on it etc. Then again it does require
some knowledge of programming.

Just my two cents.

-Lance

On 3/6/08, Steve Snodgrass <ssnodgra at pheran.com> wrote:
> Matthew Twomey wrote:
> > Greetings,
> >
> > I have been a long time user of Rancid and I've always thought it was a
> > fantastic tool. Recently I've been revamping our backups and that has gotten
> > me to thinking about a couple of things:
> >
> > 1. We backup literally hundred of devices with Rancid and due to
> > inconsistency across Cisco IOS releases we are struggling to keep ahead of
> > the curve when it comes to specifying autoenable 1 or autoenable 0. I don't
> > always manage the routers I backup, so an updated IOS often reverses this
> > requirement (e.g. used to work with autoenable on and now it needs it off).
> > This also often happens when router administrators enable/disable/make
> > certain changes to tacacs. In any event I'm wondering if anyone has thought
> > of a way to autodetect the autoenable state of a device?
>
> This might be nice for me too.  I'm bringing up a rancid install for the
> first time and I was banging my head on the wall today because I can't
> figure out any way to get my ASAs to log directly into enable mode like
> I do on the IOS boxes using a TACACS server.  Obviously I could manually
> specify autoenable 0 for the ASAs, but this would be a cool feature.
>
> --
> Steve Snodgrass * ssnodgra at pheran.com * Network/Security/Linux/Perl Geek
> "If you want to be somebody else, change your mind."  -Sister Hazel
> _______________________________________________
> Rancid-discuss mailing list
> Rancid-discuss at shrubbery.net
> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
>

From jethro.binks at strath.ac.uk  Fri Mar  7 11:41:57 2008
From: jethro.binks at strath.ac.uk (Jethro R Binks)
Date: Fri, 7 Mar 2008 11:41:57 +0000 (GMT)
Subject: [rancid]  'add noenable' modifications
Message-ID: <20080307112132.E5784@defjam.cc.strath.ac.uk>

Currently in .clogin it says:

# add noenable <router name glob>

although the given example has:

# the route-server's do not provide enable access.  cmdline -noenable
# equivalent.
#add noenable route-server*     1

So you might expect that the comment should read:

# add noenable <router name glob> <1/0>

In the code, however, any value is acceptable, rather than 1 or 0:

    # look for noenable option in .cloginrc
    if { [find noenable $router] != "" } {
        set enable 0
    }

I would suggest making this consistent with autoenable, which is described 
as such in cloginrc:

# add autoenable <router name glob> <1/0>

with corresponding code:

        set ae [find autoenable $router]
        if { "$ae" == "1" } {
            set autoenable 1
            set enable 0
            set prompt "(#| \\(enable\\))"
        } else {
            set autoenable 0
            set enable $avenable
            set prompt ">"
        }


I suggest the following replacement code for the noenable code:

    if { [find noenable $router] == "1" } {
        set enable 0
    }

Jethro.


. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Jethro R Binks
Computing Officer, IT Services
University Of Strathclyde, Glasgow, UK

From mtwomey at beakstar.com  Fri Mar  7 14:11:32 2008
From: mtwomey at beakstar.com (Matthew Twomey)
Date: Fri, 7 Mar 2008 08:11:32 -0600
Subject: [rancid] Re: Question and potential feature request
In-Reply-To: <8423e7bb0803061957q7c59864dn2e30359a4b682ed5@mail.gmail.com>
References: <mailman.0.1204836087.9650.rancid-discuss@shrubbery.net>
	<004801c87fcb$e9fc64e0$06c1a8c0@letni>
	<47D0AC2F.1000305@pheran.com>
	<8423e7bb0803061957q7c59864dn2e30359a4b682ed5@mail.gmail.com>
Message-ID: <006801c8805d$26483780$06c1a8c0@letni>

I agree that it does it well, but that doesn't mean new capabilities or
features can't be added. We don't have an issue getting notified when
backups fail, we're just trying to reduce the number of occurrences of this
as well as reduce the windows of "unprotected time" that take place between
the time a backup failed and the appropriate corrections are made. Reducing
the likelihood of a backup failure would help with this.

Thanks,

-Matt

-----Original Message-----
From: lavermil at gheek.net [mailto:lavermil at gheek.net] On Behalf Of Lance
Vermilion
Sent: Thursday, March 06, 2008 9:58 PM
To: Steve Snodgrass
Cc: Matthew Twomey; Rancid-discuss at shrubbery.net
Subject: Re: [rancid] Re: Question and potential feature request

All,

Correct me if I am wrong but RANCID is suppose to backup your
configurations. It does that very well. Having to all this extra
figuring out etc can add extra fat in the scripts to make it figure
what it should be doing and yet it still may not always work. If
something fails you will get an email from RANCID. That should be a
pretty good heads up that something has been changed. To me that is
when I also go and verify nothing else has changed. As a network admin
I like to know what is changing.

Sam pointed a very simple solution to bring it front and center and
allow it to get a ticket opened on it etc. Then again it does require
some knowledge of programming.

Just my two cents.

-Lance

On 3/6/08, Steve Snodgrass <ssnodgra at pheran.com> wrote:
> Matthew Twomey wrote:
> > Greetings,
> >
> > I have been a long time user of Rancid and I've always thought it was a
> > fantastic tool. Recently I've been revamping our backups and that has
gotten
> > me to thinking about a couple of things:
> >
> > 1. We backup literally hundred of devices with Rancid and due to
> > inconsistency across Cisco IOS releases we are struggling to keep ahead
of
> > the curve when it comes to specifying autoenable 1 or autoenable 0. I
don't
> > always manage the routers I backup, so an updated IOS often reverses
this
> > requirement (e.g. used to work with autoenable on and now it needs it
off).
> > This also often happens when router administrators enable/disable/make
> > certain changes to tacacs. In any event I'm wondering if anyone has
thought
> > of a way to autodetect the autoenable state of a device?
>
> This might be nice for me too.  I'm bringing up a rancid install for the
> first time and I was banging my head on the wall today because I can't
> figure out any way to get my ASAs to log directly into enable mode like
> I do on the IOS boxes using a TACACS server.  Obviously I could manually
> specify autoenable 0 for the ASAs, but this would be a cool feature.
>
> --
> Steve Snodgrass * ssnodgra at pheran.com * Network/Security/Linux/Perl Geek
> "If you want to be somebody else, change your mind."  -Sister Hazel
> _______________________________________________
> Rancid-discuss mailing list
> Rancid-discuss at shrubbery.net
> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
>


From Michael.Skinner at virginmedia.co.uk  Fri Mar  7 17:24:33 2008
From: Michael.Skinner at virginmedia.co.uk (Skinner, Michael)
Date: Fri, 7 Mar 2008 17:24:33 -0000
Subject: [rancid] Re: nslogin and clipaging
Message-ID: <AC578DE72A44424587F495F76B6D8C9A142727@KN3-XMB-P0001.systems.private>

Try using nlogin rather than nslogin.

Mike

-----Original Message-----
From: rancid-discuss-bounces at shrubbery.net
[mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Dan Mahoney,
System Admin
Sent: 06 March 2008 00:09
To: rancid-discuss at shrubbery.net
Subject: [rancid] nslogin and clipaging

I'm guessing some of the rancid scripts are kind of old and not seldom
used.

I am trying to use nslogin to do a "get arp" on my netscreen firewall.

The first issue I hit was that it seems to be looking for a # in the
prompt -- this is not a global settable (although maybe it should be?)

I changed the initial "set prompt #" to "set prompt \\-\\>" as our usual
prompt is "fw1->".

However, I still have the issue that the script doesn't recognize the
"more" prompt as set by the firewall.  I know other versions of the
script set something session-based on the router to disable this -- on
this firewall it looks like a global that I'd have to unset and reset.

The paging prompt appears to be "--- more --- ", for what it's worth.

My expect skills are weak, so...

a) Can someone tell me where to send the commands to disable (and
reenable) cli paging in the script (i.e. I know the commands, just not
the nslogin flow so I wouldn't know where to put them).

or

b) Can someone help me figure out how to make nslogin recognize the
above "more" prompt?

I'm willing to commit my changes, if that helps at all.

I can't provide access to test systems but can try to give as much debug
output as possible.

-Dan Mahoney

--

<Belldandy> ha. you have not met me.
<BaldDwarf> ha. but i have sene pictures <Belldandy> thanks but uh.,
<BaldDwarf> seen dammit! SEEN!
<Gushi> I don't know who dammit! is.
<Belldandy> so anyway

-Undernet #reboot, October 2nd, 2000, 3AM

--------Dan Mahoney--------
Techie,  Sysadmin,  WebGeek
Gushi on efnet/undernet IRC
ICQ: 13735144   AIM: LarpGM
Site:  http://www.gushi.org
---------------------------

_______________________________________________
Rancid-discuss mailing list
Rancid-discuss at shrubbery.net
http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss

------------------------------------------------------------------------------
Save Paper - Do you really need to print this e-mail?

Visit www.virginmedia.com for more information, and more fun.

This email and any attachments are or may be confidential and legally privileged and are sent solely for the attention of the addressee(s). If you have received this email in error, please delete it from your system: its use, disclosure or copying is unauthorised. Statements and opinions expressed in this email may not represent those of Virgin Media. Any representations or commitments in this email are subject to contract. Please note that we are migrating our email addresses to a company wide address of "@virginmedia.co.uk". If you are sending to a Telewest or ntl email address your email will be re-directed. 

Registered office: 160 Great Portland Street, London W1W 5QA. Registered in England and Wales with number 2591237


==============================================================================


From rskoog at chrr.osu.edu  Fri Mar  7 20:50:50 2008
From: rskoog at chrr.osu.edu (Rob Skoog)
Date: Fri, 7 Mar 2008 15:50:50 -0500 (EST)
Subject: [rancid] Re: nslogin and clipaging
In-Reply-To: <AC578DE72A44424587F495F76B6D8C9A142727@KN3-XMB-P0001.systems.private>
Message-ID: <621704999.220041204923050659.JavaMail.root@oasis.chrr.ohio-state.edu>

I would also make sure you are running the latest alpha, there a bugs in both the nrancid and nlogin executables which make them unusable in the current stable version.

Rob
----- Original Message -----
From: "Michael Skinner" <Michael.Skinner at virginmedia.co.uk>
To: rancid-discuss at shrubbery.net
Sent: Friday, March 7, 2008 12:24:33 PM GMT -05:00 US/Canada Eastern
Subject: [rancid] Re: nslogin and clipaging

Try using nlogin rather than nslogin.

Mike

-----Original Message-----
From: rancid-discuss-bounces at shrubbery.net
[mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Dan Mahoney,
System Admin
Sent: 06 March 2008 00:09
To: rancid-discuss at shrubbery.net
Subject: [rancid] nslogin and clipaging

I'm guessing some of the rancid scripts are kind of old and not seldom
used.

I am trying to use nslogin to do a "get arp" on my netscreen firewall.

The first issue I hit was that it seems to be looking for a # in the
prompt -- this is not a global settable (although maybe it should be?)

I changed the initial "set prompt #" to "set prompt \\-\\>" as our usual
prompt is "fw1->".

However, I still have the issue that the script doesn't recognize the
"more" prompt as set by the firewall.  I know other versions of the
script set something session-based on the router to disable this -- on
this firewall it looks like a global that I'd have to unset and reset.

The paging prompt appears to be "--- more --- ", for what it's worth.

My expect skills are weak, so...

a) Can someone tell me where to send the commands to disable (and
reenable) cli paging in the script (i.e. I know the commands, just not
the nslogin flow so I wouldn't know where to put them).

or

b) Can someone help me figure out how to make nslogin recognize the
above "more" prompt?

I'm willing to commit my changes, if that helps at all.

I can't provide access to test systems but can try to give as much debug
output as possible.

-Dan Mahoney

--

<Belldandy> ha. you have not met me.
<BaldDwarf> ha. but i have sene pictures <Belldandy> thanks but uh.,
<BaldDwarf> seen dammit! SEEN!
<Gushi> I don't know who dammit! is.
<Belldandy> so anyway

-Undernet #reboot, October 2nd, 2000, 3AM

--------Dan Mahoney--------
Techie,  Sysadmin,  WebGeek
Gushi on efnet/undernet IRC
ICQ: 13735144   AIM: LarpGM
Site:  http://www.gushi.org
---------------------------

_______________________________________________
Rancid-discuss mailing list
Rancid-discuss at shrubbery.net
http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss

------------------------------------------------------------------------------
Save Paper - Do you really need to print this e-mail?

Visit www.virginmedia.com for more information, and more fun.

This email and any attachments are or may be confidential and legally privileged and are sent solely for the attention of the addressee(s). If you have received this email in error, please delete it from your system: its use, disclosure or copying is unauthorised. Statements and opinions expressed in this email may not represent those of Virgin Media. Any representations or commitments in this email are subject to contract. Please note that we are migrating our email addresses to a company wide address of "@virginmedia.co.uk". If you are sending to a Telewest or ntl email address your email will be re-directed. 

Registered office: 160 Great Portland Street, London W1W 5QA. Registered in England and Wales with number 2591237


==============================================================================

_______________________________________________
Rancid-discuss mailing list
Rancid-discuss at shrubbery.net
http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss

From bhdbmv at gmail.com  Fri Mar  7 21:16:38 2008
From: bhdbmv at gmail.com (Raymond Venner)
Date: Fri, 7 Mar 2008 16:16:38 -0500
Subject: [rancid]  End of run not found
Message-ID: <509d59e0803071316l60a559aeq2cc9a64ed13b8a59@mail.gmail.com>

Trying to run rancid on the following devices

WS-C6506
WS-C6509
but keep getting the following error.

End of run not found

Anybody know of a fix?

Thanks in advance.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20080307/e2a4c760/attachment.html 

From chtse at starhub.com  Mon Mar 10 07:33:16 2008
From: chtse at starhub.com (Jonathan TSE Chi Hang)
Date: Mon, 10 Mar 2008 15:33:16 +0800
Subject: [rancid]   Re: Huawei routers
Message-ID: <27D89286A520D24691C78B4882F6A73106C01B52@MINDEN.starhubsg.sh.in c>

Hi Georg,

I have made rancid modules for Huawei router. Tested on NE80E router,
software V3R2

cheers,
Jonathan.
P.S. Sorry, reply 1.5 year after... ;-)


------------------------------------------------------------------------
--------georg.naggies at r-it.at georg.naggies at r-it.at 
Thu Jun 29 06:40:18 UTC 2006 

Anyone got Rancid to work with Huawei equipment and would care to share?

Regards,



StarHub Ltd.    Reg. No.: 199802208C This email is confidential and privileged.  If you are not the intended recipient, you must not view, disseminate, use or copy this email. Kindly notify the sender immediately, and delete this email from your system. Thank you. Please visit our website at www.starhub.com

-------------- next part --------------
A non-text attachment was scrubbed...
Name: hwlogin
Type: application/octet-stream
Size: 14614 bytes
Desc: hwlogin
Url : http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20080310/83eea0ec/attachment.obj 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: hwrancid
Type: application/octet-stream
Size: 8052 bytes
Desc: hwrancid
Url : http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20080310/83eea0ec/attachment-0001.obj 

From jethro.binks at strath.ac.uk  Mon Mar 10 09:57:21 2008
From: jethro.binks at strath.ac.uk (Jethro R Binks)
Date: Mon, 10 Mar 2008 09:57:21 +0000 (GMT)
Subject: [rancid] Re: Huawei routers
In-Reply-To: <27D89286A520D24691C78B4882F6A73106C01B52@MINDEN.starhubsg.sh.in
	c>
References: <27D89286A520D24691C78B4882F6A73106C01B52@MINDEN.starhubsg.sh.in c>
Message-ID: <20080310095536.Q5784@defjam.cc.strath.ac.uk>

On Mon, 10 Mar 2008, Jonathan TSE Chi Hang wrote:

> I have made rancid modules for Huawei router. Tested on NE80E router,
> software V3R2

That's annoying, I wrote the something similar last week :)  Mine was 
specifically aimed at the 3Com/Huawei joint venture switches, however I 
will compare the two presently.

Jethro.


> 
> cheers,
> Jonathan.
> P.S. Sorry, reply 1.5 year after... ;-)
> 
> 
> ------------------------------------------------------------------------
> --------georg.naggies at r-it.at georg.naggies at r-it.at 
> Thu Jun 29 06:40:18 UTC 2006 
> 
> Anyone got Rancid to work with Huawei equipment and would care to share?
> 
> Regards,
> 
> 
> 
> StarHub Ltd.    Reg. No.: 199802208C This email is confidential and privileged.  If you are not the intended recipient, you must not view, disseminate, use or copy this email. Kindly notify the sender immediately, and delete this email from your system. Thank you. Please visit our website at www.starhub.com
> 
> 

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Jethro R Binks
Computing Officer, IT Services
University Of Strathclyde, Glasgow, UK

From bhdbmv at gmail.com  Mon Mar 10 13:42:50 2008
From: bhdbmv at gmail.com (Raymond Venner)
Date: Mon, 10 Mar 2008 09:42:50 -0400
Subject: [rancid] Re: End of run not found
In-Reply-To: <509d59e0803071316l60a559aeq2cc9a64ed13b8a59@mail.gmail.com>
References: <509d59e0803071316l60a559aeq2cc9a64ed13b8a59@mail.gmail.com>
Message-ID: <509d59e0803100642q133e7b31k765f91c2a38199c3@mail.gmail.com>

Greetings,
Still no luck with this issue and can't seem to find any informational
threads online.  This seems to be CAT os related but I can't seem to
pinpoint the issue. Any info would be greatly appreciated..

On Fri, Mar 7, 2008 at 5:16 PM, Raymond Venner <bhdbmv at gmail.com> wrote:

> Trying to run rancid on the following devices
>
> WS-C6506
> WS-C6509
> but keep getting the following error.
>
> End of run not found
>
> Anybody know of a fix?
>
> Thanks in advance.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20080310/91da59bd/attachment.html 

From wrjacqmein at gmail.com  Mon Mar 10 20:21:47 2008
From: wrjacqmein at gmail.com (Bill Jacqmein)
Date: Mon, 10 Mar 2008 16:21:47 -0400
Subject: [rancid]  Login script for Riverbed Steelheads
Message-ID: <3c9a5bae0803101321k68288c63xfdab59ad135d8364@mail.gmail.com>

Tested and working on 200, 3010.

Was looking for what people would be interested in capturing

show configuration
show licenses
show hardware
show info


Any others.
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: rblogin.txt
Url: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20080310/91a045af/attachment.txt 

From eravin at panix.com  Mon Mar 10 20:53:44 2008
From: eravin at panix.com (Ed Ravin)
Date: Mon, 10 Mar 2008 16:53:44 -0400
Subject: [rancid]  plus in the prompt?
Message-ID: <20080310205344.GA21438@panix.com>

I'm trying to get the "X&Y Corporation" router into RANCID.  Here's
what a clogin attempt to run a command looks like:

[...]
User Access Verification

Username: cisco
Password: 

x+y>enable
Password: 
x+y#
x+y#term length 0
x+y#
Error: TIMEOUT reached

Looks like it's the plus sign in the prompt.  If I change it to "XandY"
instead of "x+y" clogin works as expected.

Why does it work for the enable and the "term length 0" command, but not
afterwards?

From jalspach at shastacoe.org  Tue Mar 11 00:28:24 2008
From: jalspach at shastacoe.org (James Alspach)
Date: Mon, 10 Mar 2008 17:28:24 -0700
Subject: [rancid]  New Groups not working
Message-ID: <D87C1436D1DECB4A8FEB646F4FFDCE8606B5A1E1@EXCHANGE08.shastalink.k12.ca.us>

I had RANCID running great for our location under one group.  Today I
added additional groups (separated by a space) into the rancid.conf
file.

I then ran (as the rancid user) rancid-cvs (I am using SVN but I think
it is the same setup file).

This created my additional group folders and the initial files.  I then
edited the router.db file in each new directory to add the routers I
needed. I then ran rancid-run and waited for it to finish.  Once it did,
I looked in the logs and found that, while my original group updated
just fine, the rest were similar to:

 

svn: 'r1-frhs-fall_river' is not a working copy

 

 

Trying to get all of the configs.

All routers sucessfully completed.

 

svn: '.' is not a working copy

svn: '/usr/local/rancid/var/Fall_River' is not a working copy

 

What am I missing?  Any suggestions on where to look next or what to
try?  

 

Thanks;

James

 

 

 

 

James Alspach
Systems Applications Technician

Shasta County Office of Education

1644 Magnolia avenue

Redding, California

96003
jalspach at shastacoe.org <mailto:jalspach at shastacoe.org> 
(530) 225-0293

 

IT Hotline: 225-0279

hotline at shastacoe.org <mailto:hotline at shastacoe.org> 

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20080310/6324dbf1/attachment.html 

From tex at off.org  Tue Mar 11 05:22:10 2008
From: tex at off.org (Austin Schutz)
Date: Mon, 10 Mar 2008 22:22:10 -0700
Subject: [rancid] Re: plus in the prompt?
In-Reply-To: <20080310205344.GA21438@panix.com>
References: <20080310205344.GA21438@panix.com>
Message-ID: <20080311052210.GE14933@gblx.net>

On Mon, Mar 10, 2008 at 04:53:44PM -0400, Ed Ravin wrote:
> Looks like it's the plus sign in the prompt.  If I change it to "XandY"
> instead of "x+y" clogin works as expected.
> 
> Why does it work for the enable and the "term length 0" command, but not
> afterwards?

	Just tossing a guess out here: expect is looking for a prompt using
a regex. The + you have in your prompt is being treated like a regex +,
so expect is looking for a string that looks like xy or xxxy, etc.
	Probably best to not do that, if you can avoid it.

	Austin

From peter.lothegard at lidendata.com  Tue Mar 11 06:02:05 2008
From: peter.lothegard at lidendata.com (=?us-ascii?Q?Peter_Lothegard?=)
Date: Tue, 11 Mar 2008 07:02:05 +0100
Subject: [rancid] Re: upgrade from 2.3.2a6 to 2.3.2a8
In-Reply-To: <GBEJKCEIFGJKLDGNLBGJIEFOCCAA.peter.lothegard@lidendata.com>
Message-ID: <GBEJKCEIFGJKLDGNLBGJKEHPCCAA.peter.lothegard@lidendata.com>

BUMP

-----Ursprungligt meddelande-----
Fran: rancid-discuss-bounces at shrubbery.net
[mailto:rancid-discuss-bounces at shrubbery.net]For Peter Lothegard
Skickat: den 25 februari 2008 17:03
Till: rancid-discuss at shrubbery.net
Amne: [rancid] upgrade from 2.3.2a6 to 2.3.2a8



Hi

Can I replace specific files if I want to upgrade from 2.3.2a6 to 2.3.2a8 or
do i need to compile and install from scratch?

Regards
/Peter

------------------------------------
Lidero Network AB
Peter Lothegard
------------------------------------


_______________________________________________
Rancid-discuss mailing list
Rancid-discuss at shrubbery.net
http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss



From peter.lothegard at lidendata.com  Tue Mar 11 06:28:38 2008
From: peter.lothegard at lidendata.com (=?iso-8859-1?Q?Peter_L=F6theg=E5rd?=)
Date: Tue, 11 Mar 2008 07:28:38 +0100
Subject: [rancid] Re: upgrade from 2.3.2a6 to 2.3.2a8
In-Reply-To: <8423e7bb0803102310h38ad6985i9e46057c22baf7dd@mail.gmail.com>
Message-ID: <GBEJKCEIFGJKLDGNLBGJGEIBCCAA.peter.lothegard@lidendata.com>

Thanx,
I have not made any modifications, its a standard rancid install that
collects configs from my cisco routers.

If i make a new install is there a backup/restore procedure so I dont lose
my current configs?

Regards
/Peter

-----Ursprungligt meddelande-----
Fr?n: lavermil at gheek.net [mailto:lavermil at gheek.net]F?r Lance Vermilion
Skickat: den 11 mars 2008 07:11
Till: Peter L?theg?rd
Kopia: rancid-discuss at shrubbery.net
?mne: Re: [rancid] upgrade from 2.3.2a6 to 2.3.2a8


Sure, but you might miss something if you aren't careful. If you have
made modifications you will need to do that again.

-Lance

On 2/25/08, Peter L?theg?rd <peter.lothegard at lidendata.com> wrote:
>
>  Hi
>
>  Can I replace specific files if I want to upgrade from 2.3.2a6 to 2.3.2a8
or
>  do i need to compile and install from scratch?
>
>  Regards
>  /Peter
>
>  ------------------------------------
>  Lidero Network AB
>  Peter Lothegard
>  ------------------------------------
>
>
>  _______________________________________________
>  Rancid-discuss mailing list
>  Rancid-discuss at shrubbery.net
>  http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
>



From rancid at gheek.net  Tue Mar 11 06:10:37 2008
From: rancid at gheek.net (Lance Vermilion)
Date: Mon, 10 Mar 2008 23:10:37 -0700
Subject: [rancid] Re: upgrade from 2.3.2a6 to 2.3.2a8
In-Reply-To: <GBEJKCEIFGJKLDGNLBGJIEFOCCAA.peter.lothegard@lidendata.com>
References: <GBEJKCEIFGJKLDGNLBGJOEFNCCAA.peter.lothegard@lidendata.com>
	<GBEJKCEIFGJKLDGNLBGJIEFOCCAA.peter.lothegard@lidendata.com>
Message-ID: <8423e7bb0803102310h38ad6985i9e46057c22baf7dd@mail.gmail.com>

Sure, but you might miss something if you aren't careful. If you have
made modifications you will need to do that again.

-Lance

On 2/25/08, Peter L?theg?rd <peter.lothegard at lidendata.com> wrote:
>
>  Hi
>
>  Can I replace specific files if I want to upgrade from 2.3.2a6 to 2.3.2a8 or
>  do i need to compile and install from scratch?
>
>  Regards
>  /Peter
>
>  ------------------------------------
>  Lidero Network AB
>  Peter Lothegard
>  ------------------------------------
>
>
>  _______________________________________________
>  Rancid-discuss mailing list
>  Rancid-discuss at shrubbery.net
>  http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
>

From rancid at gheek.net  Tue Mar 11 07:32:14 2008
From: rancid at gheek.net (Lance Vermilion)
Date: Tue, 11 Mar 2008 00:32:14 -0700
Subject: [rancid] Re: upgrade from 2.3.2a6 to 2.3.2a8
In-Reply-To: <GBEJKCEIFGJKLDGNLBGJGEIBCCAA.peter.lothegard@lidendata.com>
References: <8423e7bb0803102310h38ad6985i9e46057c22baf7dd@mail.gmail.com>
	<GBEJKCEIFGJKLDGNLBGJGEIBCCAA.peter.lothegard@lidendata.com>
Message-ID: <8423e7bb0803110032y130bb533qfb703dabc108c973@mail.gmail.com>

I haven't done it in a long while. But I think you can just move those
directories and then move them back.

John H. has answered this before in previous messages. I don't recall
off the top of my head.

-Lance

On 3/10/08, Peter L?theg?rd <peter.lothegard at lidendata.com> wrote:
> Thanx,
> I have not made any modifications, its a standard rancid install that
> collects configs from my cisco routers.
>
> If i make a new install is there a backup/restore procedure so I dont lose
> my current configs?
>
> Regards
> /Peter
>
> -----Ursprungligt meddelande-----
> Fr?n: lavermil at gheek.net [mailto:lavermil at gheek.net]F?r Lance Vermilion
> Skickat: den 11 mars 2008 07:11
> Till: Peter L?theg?rd
> Kopia: rancid-discuss at shrubbery.net
> ?mne: Re: [rancid] upgrade from 2.3.2a6 to 2.3.2a8
>
>
> Sure, but you might miss something if you aren't careful. If you have
> made modifications you will need to do that again.
>
> -Lance
>
> On 2/25/08, Peter L?theg?rd <peter.lothegard at lidendata.com> wrote:
> >
> >  Hi
> >
> >  Can I replace specific files if I want to upgrade from 2.3.2a6 to 2.3.2a8
> or
> >  do i need to compile and install from scratch?
> >
> >  Regards
> >  /Peter
> >
> >  ------------------------------------
> >  Lidero Network AB
> >  Peter Lothegard
> >  ------------------------------------
> >
> >
> >  _______________________________________________
> >  Rancid-discuss mailing list
> >  Rancid-discuss at shrubbery.net
> >  http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
> >
>
>
> _______________________________________________
> Rancid-discuss mailing list
> Rancid-discuss at shrubbery.net
> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
>

From jethro.binks at strath.ac.uk  Tue Mar 11 09:43:51 2008
From: jethro.binks at strath.ac.uk (Jethro R Binks)
Date: Tue, 11 Mar 2008 09:43:51 +0000 (GMT)
Subject: [rancid] Re: plus in the prompt?
In-Reply-To: <20080311052210.GE14933@gblx.net>
References: <20080310205344.GA21438@panix.com>
	<20080311052210.GE14933@gblx.net>
Message-ID: <20080311094042.P5784@defjam.cc.strath.ac.uk>

On Mon, 10 Mar 2008, Austin Schutz wrote:

> On Mon, Mar 10, 2008 at 04:53:44PM -0400, Ed Ravin wrote:
> > Looks like it's the plus sign in the prompt.  If I change it to "XandY"
> > instead of "x+y" clogin works as expected.
> > 
> > Why does it work for the enable and the "term length 0" command, but not
> > afterwards?
> 
> 	Just tossing a guess out here: expect is looking for a prompt using
> a regex. The + you have in your prompt is being treated like a regex +,
> so expect is looking for a string that looks like xy or xxxy, etc.
> 	Probably best to not do that, if you can avoid it.

I think I am correct in saying that if you look in clogin and equivalents, 
in:

proc run_commands { prompt command } {

There is code like:

        # escape any parens in the prompt, such as "(enable)"
        regsub -all {[)(]} $prompt {\\&} reprompt
        # match cisco config mode prompts too, such as router(config-if)#,
        # but catalyst does not change in this fashion.
        regsub -all {^(.{1,14}).*([#>])$} $reprompt {\1([^#>\r\n]+)?[#>](\\([^)\\r\\n]+\\))?} reprompt

which on my reading seems to be escaping certain chars in reprompt so that 
they aren't interpreted by expect when used later on as part of a regexp 
match against input.  I guess you will need to add something to escape + 
characters as well, if that's what you need to use in the prompt.

Jethro.

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Jethro R Binks
Computing Officer, IT Services
University Of Strathclyde, Glasgow, UK

From david+rancid at luyer.net  Tue Mar 11 15:57:18 2008
From: david+rancid at luyer.net (David Luyer)
Date: Tue, 11 Mar 2008 08:57:18 -0700 (PDT)
Subject: [rancid] Re: plus in the prompt?
In-Reply-To: <20080311094042.P5784@defjam.cc.strath.ac.uk>
References: <20080310205344.GA21438@panix.com>
	<20080311052210.GE14933@gblx.net>
	<20080311094042.P5784@defjam.cc.strath.ac.uk>
Message-ID: <57529.2001:5a8:4:4280:216:cbff:fe06:dee0.1205251038.squirrel@www.luyer.net>

If you really need such characters in your prompt, this:

>         # escape any parens in the prompt, such as "(enable)"
>         regsub -all {[)(]} $prompt {\\&} reprompt

could be changed to something more like:

         # escape all regexp magic characters in the prompt
         regsub -all {[+*.|(){}[\]]} $prompt {\\&} reprompt

David.


From heas at shrubbery.net  Tue Mar 11 16:47:33 2008
From: heas at shrubbery.net (john heasley)
Date: Tue, 11 Mar 2008 09:47:33 -0700
Subject: [rancid] Re: upgrade from 2.3.2a6 to 2.3.2a8
In-Reply-To: <8423e7bb0803110032y130bb533qfb703dabc108c973@mail.gmail.com>
References: <8423e7bb0803102310h38ad6985i9e46057c22baf7dd@mail.gmail.com>
	<GBEJKCEIFGJKLDGNLBGJGEIBCCAA.peter.lothegard@lidendata.com>
	<8423e7bb0803110032y130bb533qfb703dabc108c973@mail.gmail.com>
Message-ID: <20080311164733.GD29935@shrubbery.net>

there is nothing to do.  if you don't trust it, tar up /var/rancid beforehand.
the big change was 2.2 -> 2.3

Tue, Mar 11, 2008 at 12:32:14AM -0700, Lance Vermilion:
> I haven't done it in a long while. But I think you can just move those
> directories and then move them back.
> 
> John H. has answered this before in previous messages. I don't recall
> off the top of my head.
> 
> -Lance
> 
> On 3/10/08, Peter L?theg?rd <peter.lothegard at lidendata.com> wrote:
> > Thanx,
> > I have not made any modifications, its a standard rancid install that
> > collects configs from my cisco routers.
> >
> > If i make a new install is there a backup/restore procedure so I dont lose
> > my current configs?
> >
> > Regards
> > /Peter
> >
> > -----Ursprungligt meddelande-----
> > Fr?n: lavermil at gheek.net [mailto:lavermil at gheek.net]F?r Lance Vermilion
> > Skickat: den 11 mars 2008 07:11
> > Till: Peter L?theg?rd
> > Kopia: rancid-discuss at shrubbery.net
> > ?mne: Re: [rancid] upgrade from 2.3.2a6 to 2.3.2a8
> >
> >
> > Sure, but you might miss something if you aren't careful. If you have
> > made modifications you will need to do that again.
> >
> > -Lance
> >
> > On 2/25/08, Peter L?theg?rd <peter.lothegard at lidendata.com> wrote:
> > >
> > >  Hi
> > >
> > >  Can I replace specific files if I want to upgrade from 2.3.2a6 to 2.3.2a8
> > or
> > >  do i need to compile and install from scratch?
> > >
> > >  Regards
> > >  /Peter
> > >
> > >  ------------------------------------
> > >  Lidero Network AB
> > >  Peter Lothegard
> > >  ------------------------------------
> > >
> > >
> > >  _______________________________________________
> > >  Rancid-discuss mailing list
> > >  Rancid-discuss at shrubbery.net
> > >  http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
> > >
> >
> >
> > _______________________________________________
> > Rancid-discuss mailing list
> > Rancid-discuss at shrubbery.net
> > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
> >
> _______________________________________________
> Rancid-discuss mailing list
> Rancid-discuss at shrubbery.net
> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss

From rancid at gheek.net  Tue Mar 11 16:52:51 2008
From: rancid at gheek.net (Lance Vermilion)
Date: Tue, 11 Mar 2008 09:52:51 -0700
Subject: [rancid] Re: upgrade from 2.3.2a6 to 2.3.2a8
In-Reply-To: <20080311164733.GD29935@shrubbery.net>
References: <8423e7bb0803102310h38ad6985i9e46057c22baf7dd@mail.gmail.com>
	<GBEJKCEIFGJKLDGNLBGJGEIBCCAA.peter.lothegard@lidendata.com>
	<8423e7bb0803110032y130bb533qfb703dabc108c973@mail.gmail.com>
	<20080311164733.GD29935@shrubbery.net>
Message-ID: <8423e7bb0803110952t1b439bbi7686545b153bbeb8@mail.gmail.com>

The big question I think he had was regarding the CVS/SVN portion
since he didn't want to lose that.


-lance

On 3/11/08, john heasley <heas at shrubbery.net> wrote:
> there is nothing to do.  if you don't trust it, tar up /var/rancid beforehand.
> the big change was 2.2 -> 2.3
>
> Tue, Mar 11, 2008 at 12:32:14AM -0700, Lance Vermilion:
> > I haven't done it in a long while. But I think you can just move those
> > directories and then move them back.
> >
> > John H. has answered this before in previous messages. I don't recall
> > off the top of my head.
> >
> > -Lance
> >
> > On 3/10/08, Peter L?theg?rd <peter.lothegard at lidendata.com> wrote:
> > > Thanx,
> > > I have not made any modifications, its a standard rancid install that
> > > collects configs from my cisco routers.
> > >
> > > If i make a new install is there a backup/restore procedure so I dont lose
> > > my current configs?
> > >
> > > Regards
> > > /Peter
> > >
> > > -----Ursprungligt meddelande-----
> > > Fr?n: lavermil at gheek.net [mailto:lavermil at gheek.net]F?r Lance Vermilion
> > > Skickat: den 11 mars 2008 07:11
> > > Till: Peter L?theg?rd
> > > Kopia: rancid-discuss at shrubbery.net
> > > ?mne: Re: [rancid] upgrade from 2.3.2a6 to 2.3.2a8
> > >
> > >
> > > Sure, but you might miss something if you aren't careful. If you have
> > > made modifications you will need to do that again.
> > >
> > > -Lance
> > >
> > > On 2/25/08, Peter L?theg?rd <peter.lothegard at lidendata.com> wrote:
> > > >
> > > >  Hi
> > > >
> > > >  Can I replace specific files if I want to upgrade from 2.3.2a6 to 2.3.2a8
> > > or
> > > >  do i need to compile and install from scratch?
> > > >
> > > >  Regards
> > > >  /Peter
> > > >
> > > >  ------------------------------------
> > > >  Lidero Network AB
> > > >  Peter Lothegard
> > > >  ------------------------------------
> > > >
> > > >
> > > >  _______________________________________________
> > > >  Rancid-discuss mailing list
> > > >  Rancid-discuss at shrubbery.net
> > > >  http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
> > > >
> > >
> > >
> > > _______________________________________________
> > > Rancid-discuss mailing list
> > > Rancid-discuss at shrubbery.net
> > > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
> > >
> > _______________________________________________
> > Rancid-discuss mailing list
> > Rancid-discuss at shrubbery.net
> > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
>

From heas at shrubbery.net  Tue Mar 11 16:56:39 2008
From: heas at shrubbery.net (john heasley)
Date: Tue, 11 Mar 2008 09:56:39 -0700
Subject: [rancid] Re: upgrade from 2.3.2a6 to 2.3.2a8
In-Reply-To: <8423e7bb0803110952t1b439bbi7686545b153bbeb8@mail.gmail.com>
References: <8423e7bb0803102310h38ad6985i9e46057c22baf7dd@mail.gmail.com>
	<GBEJKCEIFGJKLDGNLBGJGEIBCCAA.peter.lothegard@lidendata.com>
	<8423e7bb0803110032y130bb533qfb703dabc108c973@mail.gmail.com>
	<20080311164733.GD29935@shrubbery.net>
	<8423e7bb0803110952t1b439bbi7686545b153bbeb8@mail.gmail.com>
Message-ID: <20080311165639.GF29935@shrubbery.net>

yes, there is nothing to do.  no cvs/svn foo occurs during the install.
rancid-cvs creates, but only those that do not exist.  your rancid.conf
will not (unless you're using a pkg system thats altered the scripts) be
overwritten.

The only things that have changed with cvs over time is
- svn added
- router.db added to cvs
- the default repository location moved to make linux people happier

all before 2.3

Tue, Mar 11, 2008 at 09:52:51AM -0700, Lance Vermilion:
> The big question I think he had was regarding the CVS/SVN portion
> since he didn't want to lose that.
> 
> 
> -lance
> 
> On 3/11/08, john heasley <heas at shrubbery.net> wrote:
> > there is nothing to do.  if you don't trust it, tar up /var/rancid beforehand.
> > the big change was 2.2 -> 2.3
> >
> > Tue, Mar 11, 2008 at 12:32:14AM -0700, Lance Vermilion:
> > > I haven't done it in a long while. But I think you can just move those
> > > directories and then move them back.
> > >
> > > John H. has answered this before in previous messages. I don't recall
> > > off the top of my head.
> > >
> > > -Lance
> > >
> > > On 3/10/08, Peter L?theg?rd <peter.lothegard at lidendata.com> wrote:
> > > > Thanx,
> > > > I have not made any modifications, its a standard rancid install that
> > > > collects configs from my cisco routers.
> > > >
> > > > If i make a new install is there a backup/restore procedure so I dont lose
> > > > my current configs?
> > > >
> > > > Regards
> > > > /Peter
> > > >
> > > > -----Ursprungligt meddelande-----
> > > > Fr?n: lavermil at gheek.net [mailto:lavermil at gheek.net]F?r Lance Vermilion
> > > > Skickat: den 11 mars 2008 07:11
> > > > Till: Peter L?theg?rd
> > > > Kopia: rancid-discuss at shrubbery.net
> > > > ?mne: Re: [rancid] upgrade from 2.3.2a6 to 2.3.2a8
> > > >
> > > >
> > > > Sure, but you might miss something if you aren't careful. If you have
> > > > made modifications you will need to do that again.
> > > >
> > > > -Lance
> > > >
> > > > On 2/25/08, Peter L?theg?rd <peter.lothegard at lidendata.com> wrote:
> > > > >
> > > > >  Hi
> > > > >
> > > > >  Can I replace specific files if I want to upgrade from 2.3.2a6 to 2.3.2a8
> > > > or
> > > > >  do i need to compile and install from scratch?
> > > > >
> > > > >  Regards
> > > > >  /Peter
> > > > >
> > > > >  ------------------------------------
> > > > >  Lidero Network AB
> > > > >  Peter Lothegard
> > > > >  ------------------------------------
> > > > >
> > > > >
> > > > >  _______________________________________________
> > > > >  Rancid-discuss mailing list
> > > > >  Rancid-discuss at shrubbery.net
> > > > >  http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
> > > > >
> > > >
> > > >
> > > > _______________________________________________
> > > > Rancid-discuss mailing list
> > > > Rancid-discuss at shrubbery.net
> > > > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
> > > >
> > > _______________________________________________
> > > Rancid-discuss mailing list
> > > Rancid-discuss at shrubbery.net
> > > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
> >

From heas at shrubbery.net  Tue Mar 11 18:58:19 2008
From: heas at shrubbery.net (john heasley)
Date: Tue, 11 Mar 2008 11:58:19 -0700
Subject: [rancid] Re: Question and potential feature request
In-Reply-To: <8423e7bb0803061957q7c59864dn2e30359a4b682ed5@mail.gmail.com>
References: <mailman.0.1204836087.9650.rancid-discuss@shrubbery.net>
	<004801c87fcb$e9fc64e0$06c1a8c0@letni>
	<47D0AC2F.1000305@pheran.com>
	<8423e7bb0803061957q7c59864dn2e30359a4b682ed5@mail.gmail.com>
Message-ID: <20080311185819.GM29935@shrubbery.net>

The tool/computer should do the work for you, if possible.

I suppose there is no reason it couldn't do this, at least for cisco, and
procket.  if it considers all the possible prompts and can determine which
are enabled and not enabled, then it should be ok.

Perhaps something like the attached.


Thu, Mar 06, 2008 at 08:57:34PM -0700, Lance Vermilion:
> All,
> 
> Correct me if I am wrong but RANCID is suppose to backup your
> configurations. It does that very well. Having to all this extra
> figuring out etc can add extra fat in the scripts to make it figure
> what it should be doing and yet it still may not always work. If
> something fails you will get an email from RANCID. That should be a
> pretty good heads up that something has been changed. To me that is
> when I also go and verify nothing else has changed. As a network admin
> I like to know what is changing.
> 
> Sam pointed a very simple solution to bring it front and center and
> allow it to get a ticket opened on it etc. Then again it does require
> some knowledge of programming.
> 
> Just my two cents.
> 
> -Lance
> 
> On 3/6/08, Steve Snodgrass <ssnodgra at pheran.com> wrote:
> > Matthew Twomey wrote:
> > > Greetings,
> > >
> > > I have been a long time user of Rancid and I've always thought it was a
> > > fantastic tool. Recently I've been revamping our backups and that has gotten
> > > me to thinking about a couple of things:
> > >
> > > 1. We backup literally hundred of devices with Rancid and due to
> > > inconsistency across Cisco IOS releases we are struggling to keep ahead of
> > > the curve when it comes to specifying autoenable 1 or autoenable 0. I don't
> > > always manage the routers I backup, so an updated IOS often reverses this
> > > requirement (e.g. used to work with autoenable on and now it needs it off).
> > > This also often happens when router administrators enable/disable/make
> > > certain changes to tacacs. In any event I'm wondering if anyone has thought
> > > of a way to autodetect the autoenable state of a device?
> >
> > This might be nice for me too.  I'm bringing up a rancid install for the
> > first time and I was banging my head on the wall today because I can't
> > figure out any way to get my ASAs to log directly into enable mode like
> > I do on the IOS boxes using a TACACS server.  Obviously I could manually
> > specify autoenable 0 for the ASAs, but this would be a cool feature.
> >
> > --
> > Steve Snodgrass * ssnodgra at pheran.com * Network/Security/Linux/Perl Geek
> > "If you want to be somebody else, change your mind."  -Sister Hazel
> > _______________________________________________
> > Rancid-discuss mailing list
> > Rancid-discuss at shrubbery.net
> > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
> >
> _______________________________________________
> Rancid-discuss mailing list
> Rancid-discuss at shrubbery.net
> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
-------------- next part --------------
Index: bin/clogin.in
===================================================================
RCS file: /home/rancid/.CVS/rancid/bin/clogin.in,v
retrieving revision 1.123
diff -d -u -r1.123 clogin.in
--- bin/clogin.in	11 Mar 2008 18:40:21 -0000	1.123
+++ bin/clogin.in	11 Mar 2008 18:57:52 -0000
@@ -319,7 +319,7 @@
 # returns: 0 on success, 1 on failure, -1 if rsh was used successfully
 proc login { router user userpswd passwd enapasswd cmethod cyphertype } {
     global command spawn_id in_proc do_command do_script platform
-    global prompt u_prompt p_prompt e_prompt sshcmd
+    global prompt prompt_match u_prompt p_prompt e_prompt sshcmd
     set in_proc 1
     set uprompt_seen 0
 
@@ -542,7 +542,10 @@
 				  }
 				  exp_continue
 				}
-	-re "$prompt"		{ break; }
+	-re "$prompt"		{
+				  set prompt_match $expect_out(0,string);
+				  break;
+				}
 	"Login invalid"		{
 				  send_user "\nError: Invalid login: $router\n";
 				  catch {close}; catch {wait}; return 1
@@ -731,32 +734,15 @@
 source_password_file $password_file
 set in_proc 0
 set exitval 0
+set prompt_match ""
 foreach router [lrange $argv $i end] {
     set router [string tolower $router]
     # attempt at platform switching.
     set platform ""
     send_user -- "$router\n"
 
-    # Figure out the prompt.
-    # autoenable is off by default.  If we have it defined, it was done
-    # on the command line.  If it is not specifically set on the command
-    # line, check the password file.
-    if $avautoenable {
-	set autoenable 1
-	set enable 0
-	set prompt "(#| \\(enable\\))"
-    } else {
-	set ae [find autoenable $router]
-	if { "$ae" == "1" } {
-	    set autoenable 1
-	    set enable 0
-	    set prompt "(#| \\(enable\\))"
-	} else {
-	    set autoenable 0
-	    set enable $avenable
-	    set prompt ">"
-	}
-    }
+    # Default prompt.
+    set prompt "(>|#| \\(enable\\))"
 
     # look for noenable option in .cloginrc
     if { [find noenable $router] != "" } {
@@ -770,10 +756,6 @@
 	send_user -- "\nError: no password for $router in $password_file.\n"
 	continue
       }
-      if { $enable && $do_enapasswd && $autoenable == 0 && [llength $pswd] < 2 } {
-	send_user -- "\nError: no enable password for $router in $password_file.\n"
-	continue
-      }
       set passwd [join [lindex $pswd 0] ""]
       set enapasswd [join [lindex $pswd 1] ""]
     } else {
@@ -851,7 +833,20 @@
 	# if login failed or rsh was unsuccessful, move on to the next device
 	continue
     }
+    # Figure out the prompt.
+    if { [regexp -- "(#| \\(enable\\))" $prompt_match junk] == 1 } {
+	set enable 0
+    } elseif { $avenable } {
+	set enable 1
+    } else {
+	set enable 0
+    }
     if { $enable } {
+	if { $do_enapasswd && [string bytelength $enapasswd] < 2 } {
+	    send_user -- "\nError: $enapasswd\n"
+	    send_user -- "\nError: no enable password for $router in $password_file.\n"
+	    continue
+	}
 	if {[do_enable $enauser $enapasswd]} {
 	    if { $do_command || $do_script } {
 		incr exitval

From eravin at panix.com  Wed Mar 12 15:27:06 2008
From: eravin at panix.com (Ed Ravin)
Date: Wed, 12 Mar 2008 11:27:06 -0400
Subject: [rancid] Re: plus in the prompt?
In-Reply-To: <57529.2001:5a8:4:4280:216:cbff:fe06:dee0.1205251038.squirrel@www.luyer.net>
References: <20080310205344.GA21438@panix.com>
	<20080311052210.GE14933@gblx.net>
	<20080311094042.P5784@defjam.cc.strath.ac.uk>
	<57529.2001:5a8:4:4280:216:cbff:fe06:dee0.1205251038.squirrel@www.luyer.net>
Message-ID: <20080312152706.GA27708@panix.com>

On Tue, Mar 11, 2008 at 08:57:18AM -0700, David Luyer wrote:
> If you really need such characters in your prompt, this:
> 
> >         # escape any parens in the prompt, such as "(enable)"
> >         regsub -all {[)(]} $prompt {\\&} reprompt
> 
> could be changed to something more like:
> 
>          # escape all regexp magic characters in the prompt
>          regsub -all {[+*.|(){}[\]]} $prompt {\\&} reprompt

Thank you, that works.  It's the customer's router and it didn't
seem right to say "I need to change your router hostname, because,
well, ummm..."


From eravin at panix.com  Wed Mar 12 16:00:38 2008
From: eravin at panix.com (Ed Ravin)
Date: Wed, 12 Mar 2008 12:00:38 -0400
Subject: [rancid] Re: plus in the prompt?
In-Reply-To: <20080312112923.Q74863@dust.noc.drexel.edu>
References: <20080310205344.GA21438@panix.com>
	<20080311052210.GE14933@gblx.net>
	<20080311094042.P5784@defjam.cc.strath.ac.uk>
	<"57529.2001:5a8:4:4280:216:cbff:fe06:dee0.1205251038.squirrel"@www.luyer.net>
	<20080312152706.GA27708@panix.com>
	<20080312112923.Q74863@dust.noc.drexel.edu>
Message-ID: <20080312160037.GC27708@panix.com>

On Wed, Mar 12, 2008 at 11:34:27AM -0400, Andrew Brennan wrote:
> Isn't the hostname + domain name used in setting up a SSH key in IOS?

And other things, like setting up LAT names for Appletalk.  But IOS
accepts it and many other strange chars in the "hostname" command,
and I'm not going to argue with Cisco.  In the case of the LAT name,
Cisco issues a warning and works around it.

> You could always sell it as "+" isn't a valid character in a FQDN, so you
> can run into trouble later with some SSH clients having trouble connecting?

I could, but I would rather wait until it actually causes a problem
and then I can give the customer a real reason why it needs to be
changed.

> But, the code mod to support all possible characters in a hostname is more 
> likely the better way to go for cases like this.

Absolutely.  This is easy to fix and will make clogin more reliable.

From andrew.brennan at drexel.edu  Wed Mar 12 15:34:27 2008
From: andrew.brennan at drexel.edu (Andrew Brennan)
Date: Wed, 12 Mar 2008 11:34:27 -0400 (EDT)
Subject: [rancid] Re: plus in the prompt?
In-Reply-To: <20080312152706.GA27708@panix.com>
References: <20080310205344.GA21438@panix.com>
	<20080311052210.GE14933@gblx.net>
	<20080311094042.P5784@defjam.cc.strath.ac.uk>
	<"57529.2001:5a8:4:4280:216:cbff:fe06:dee0.1205251038.squirrel"@www.luyer.net>
	<20080312152706.GA27708@panix.com>
Message-ID: <20080312112923.Q74863@dust.noc.drexel.edu>

Isn't the hostname + domain name used in setting up a SSH key in IOS?  You 
could always sell it as "+" isn't a valid character in a FQDN, so you can 
run into trouble later with some SSH clients having trouble connecting?

But, the code mod to support all possible characters in a hostname is more 
likely the better way to go for cases like this.

andrew.

On Wed, 12 Mar 2008, Ed Ravin wrote:

> On Tue, Mar 11, 2008 at 08:57:18AM -0700, David Luyer wrote:
>> If you really need such characters in your prompt, this:
>>
>>>         # escape any parens in the prompt, such as "(enable)"
>>>         regsub -all {[)(]} $prompt {\\&} reprompt
>>
>> could be changed to something more like:
>>
>>          # escape all regexp magic characters in the prompt
>>          regsub -all {[+*.|(){}[\]]} $prompt {\\&} reprompt
>
> Thank you, that works.  It's the customer's router and it didn't
> seem right to say "I need to change your router hostname, because,
> well, ummm..."
>
> _______________________________________________
> Rancid-discuss mailing list
> Rancid-discuss at shrubbery.net
> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
>

From eravin at panix.com  Wed Mar 12 21:43:05 2008
From: eravin at panix.com (Ed Ravin)
Date: Wed, 12 Mar 2008 17:43:05 -0400
Subject: [rancid] Re: plus in the prompt?
In-Reply-To: <20080312152706.GA27708@panix.com>
References: <20080310205344.GA21438@panix.com>
	<20080311052210.GE14933@gblx.net>
	<20080311094042.P5784@defjam.cc.strath.ac.uk>
	<57529.2001:5a8:4:4280:216:cbff:fe06:dee0.1205251038.squirrel@www.luyer.net>
	<20080312152706.GA27708@panix.com>
Message-ID: <20080312214305.GB21942@panix.com>

On Wed, Mar 12, 2008 at 11:27:06AM -0400, Ed Ravin wrote:
> On Tue, Mar 11, 2008 at 08:57:18AM -0700, David Luyer wrote:
> > If you really need such characters in your prompt, this:
> > 
> > >         # escape any parens in the prompt, such as "(enable)"
> > >         regsub -all {[)(]} $prompt {\\&} reprompt
> > 
> > could be changed to something more like:
> > 
> >          # escape all regexp magic characters in the prompt
> >          regsub -all {[+*.|(){}[\]]} $prompt {\\&} reprompt
> 

And I also needed to change the corresponding code in rancid:

-           $prompt =~ s/([][}{)(\\])/\\$1/g;
+           $prompt =~ s/([][+.*}{)(\\])/\\$1/g;


From steve at host-it.co.uk  Thu Mar 13 10:20:24 2008
From: steve at host-it.co.uk (Steve Ousley)
Date: Thu, 13 Mar 2008 10:20:24 -0000
Subject: [rancid]  Historical logs
Message-ID: <001c01c884f3$d9b58350$8d2089f0$@co.uk>

Hi

 

I have just installed RANCID on my machine, and have it collecting data from
one firewall.  What I would like is some kind of differential on this
however as it seems to simply overwrite the old configuration with the new
one.

 

I have read the documentation that I can find, and cannot see anything about
keeping old versions of the log files.  The reason for wanting this is that
the firewall config often gets changed and there is the possible requirement
that we will need to roll back the config a few days.

 

Many thanks for any help anyone can provide.

 

Steve Ousley

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20080313/a8fe4228/attachment.html 

From Michael.Skinner at virginmedia.co.uk  Thu Mar 13 11:31:04 2008
From: Michael.Skinner at virginmedia.co.uk (Skinner, Michael)
Date: Thu, 13 Mar 2008 11:31:04 -0000
Subject: [rancid] Re: Historical logs
Message-ID: <AC578DE72A44424587F495F76B6D8C9A142736@KN3-XMB-P0001.systems.private>

You can generate any given previous configuration from the CVS
repository.  Rather than doing this via command line you may wish to
install the excellent CVSweb on your rancid box:
http://www.freebsd.org/projects/cvsweb.html  This will allow you to
browse through config changes over time, produce graphical diff's, and
download old configs.
 
It really does bring rancid to life!
 
Mike

________________________________

From: rancid-discuss-bounces at shrubbery.net
[mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Steve Ousley
Sent: 13 March 2008 10:20
To: rancid-discuss at shrubbery.net
Subject: [rancid] Historical logs



Hi

 

I have just installed RANCID on my machine, and have it collecting data
from one firewall.  What I would like is some kind of differential on
this however as it seems to simply overwrite the old configuration with
the new one.

 

I have read the documentation that I can find, and cannot see anything
about keeping old versions of the log files.  The reason for wanting
this is that the firewall config often gets changed and there is the
possible requirement that we will need to roll back the config a few
days.

 

Many thanks for any help anyone can provide.

 

Steve Ousley


------------------------------------------------------------------------------
Save Paper - Do you really need to print this e-mail?

Visit www.virginmedia.com for more information, and more fun.

This email and any attachments are or may be confidential and legally privileged and are sent solely for the attention of the addressee(s). If you have received this email in error, please delete it from your system: its use, disclosure or copying is unauthorised. Statements and opinions expressed in this email may not represent those of Virgin Media. Any representations or commitments in this email are subject to contract. Please note that we are migrating our email addresses to a company wide address of "@virginmedia.co.uk". If you are sending to a Telewest or ntl email address your email will be re-directed. 

Registered office: 160 Great Portland Street, London W1W 5QA. Registered in England and Wales with number 2591237


==============================================================================
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20080313/fe577366/attachment.html 

From steve at host-it.co.uk  Thu Mar 13 12:31:57 2008
From: steve at host-it.co.uk (Steve Ousley)
Date: Thu, 13 Mar 2008 12:31:57 -0000
Subject: [rancid] Re: Historical logs
In-Reply-To: <AC578DE72A44424587F495F76B6D8C9A142736@KN3-XMB-P0001.systems.private>
References: <AC578DE72A44424587F495F76B6D8C9A142736@KN3-XMB-P0001.systems.private>
Message-ID: <005101c88506$3b3116f0$b19344d0$@co.uk>

Hi, this is great.  I have installed this on my machine, but when I go to
http://server/cgi-bin/cvsweb/ I just see the folder CVSROOT/ and in there I
do not see any of the files that have been downloaded.  Is there a setting
somewhere that I need to enable to ensure that this goes into CVS?

 

Steve

 

From: rancid-discuss-bounces at shrubbery.net
[mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Skinner, Michael
Sent: 13 March 2008 11:31
To: rancid-discuss at shrubbery.net
Subject: [rancid] Re: Historical logs

 

You can generate any given previous configuration from the CVS repository.
Rather than doing this via command line you may wish to install the
excellent CVSweb on your rancid box:
http://www.freebsd.org/projects/cvsweb.html  This will allow you to browse
through config changes over time, produce graphical diff's, and download old
configs.

 

It really does bring rancid to life!

 

Mike

 

  _____  

From: rancid-discuss-bounces at shrubbery.net
[mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Steve Ousley
Sent: 13 March 2008 10:20
To: rancid-discuss at shrubbery.net
Subject: [rancid] Historical logs

Hi

 

I have just installed RANCID on my machine, and have it collecting data from
one firewall.  What I would like is some kind of differential on this
however as it seems to simply overwrite the old configuration with the new
one.

 

I have read the documentation that I can find, and cannot see anything about
keeping old versions of the log files.  The reason for wanting this is that
the firewall config often gets changed and there is the possible requirement
that we will need to roll back the config a few days.

 

Many thanks for any help anyone can provide.

 

Steve Ousley

----------------------------------------------------------------------------
--
Save Paper - Do you really need to print this e-mail?
 
Visit www.virginmedia.com for more information, and more fun.
 
This email and any attachments are or may be confidential and legally
privileged and are sent solely for the attention of the addressee(s). If you
have received this email in error, please delete it from your system: its
use, disclosure or copying is unauthorised. Statements and opinions
expressed in this email may not represent those of Virgin Media. Any
representations or commitments in this email are subject to contract. Please
note that we are migrating our email addresses to a company wide address of
"@virginmedia.co.uk". If you are sending to a Telewest or ntl email address
your email will be re-directed. 
 
Registered office: 160 Great Portland Street, London W1W 5QA. Registered in
England and Wales with number 2591237
 
 
============================================================================
==
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20080313/bdd80ecd/attachment.html 

From steve at host-it.co.uk  Thu Mar 13 13:45:27 2008
From: steve at host-it.co.uk (Steve Ousley)
Date: Thu, 13 Mar 2008 13:45:27 -0000
Subject: [rancid] Re: Historical logs
In-Reply-To: <005101c88506$3b3116f0$b19344d0$@co.uk>
References: <AC578DE72A44424587F495F76B6D8C9A142736@KN3-XMB-P0001.systems.private>
	<005101c88506$3b3116f0$b19344d0$@co.uk>
Message-ID: <006601c88510$7f12f960$7d38ec20$@co.uk>

As a further not to this, I notice this in the logs: 

 

starting: Thu Mar 13 13:44:21 GMT 2008

 

cvs status: cannot open CVS/Entries for reading: No such file or directory

cvs status: use `cvs add' to create an entry for `xxx.xxx.xxx.xxx'

cvs add: in directory `.':

cvs [add aborted]: there is no version here; do `cvs checkout' first

CVS added missing router xxx.xxx.xxx.xxx

 

 

Trying to get all of the configs.

All routers sucessfully completed.

 

cvs diff: in directory .:

cvs [diff aborted]: there is no version here; run 'cvs checkout' first

cvs commit: in directory .:

cvs [commit aborted]: there is no version here; run 'cvs checkout' first

 

ending: Thu Mar 13 13:44:32 GMT 2008

 

 

I guess this will be why it cannot put the stuff in CVS, however I cannot
work out where the CVS/Entries file needs to go, I have tried putting it in
the same folder as "CVSROOT", to no avail.

 

Any help much appreciated.

 

Steve

 

From: rancid-discuss-bounces at shrubbery.net
[mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Steve Ousley
Sent: 13 March 2008 12:32
To: rancid-discuss at shrubbery.net
Subject: [rancid] Re: Historical logs

 

Hi, this is great.  I have installed this on my machine, but when I go to
http://server/cgi-bin/cvsweb/ I just see the folder CVSROOT/ and in there I
do not see any of the files that have been downloaded.  Is there a setting
somewhere that I need to enable to ensure that this goes into CVS?

 

Steve

 

From: rancid-discuss-bounces at shrubbery.net
[mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Skinner, Michael
Sent: 13 March 2008 11:31
To: rancid-discuss at shrubbery.net
Subject: [rancid] Re: Historical logs

 

You can generate any given previous configuration from the CVS repository.
Rather than doing this via command line you may wish to install the
excellent CVSweb on your rancid box:
http://www.freebsd.org/projects/cvsweb.html  This will allow you to browse
through config changes over time, produce graphical diff's, and download old
configs.

 

It really does bring rancid to life!

 

Mike

 

  _____  

From: rancid-discuss-bounces at shrubbery.net
[mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Steve Ousley
Sent: 13 March 2008 10:20
To: rancid-discuss at shrubbery.net
Subject: [rancid] Historical logs

Hi

 

I have just installed RANCID on my machine, and have it collecting data from
one firewall.  What I would like is some kind of differential on this
however as it seems to simply overwrite the old configuration with the new
one.

 

I have read the documentation that I can find, and cannot see anything about
keeping old versions of the log files.  The reason for wanting this is that
the firewall config often gets changed and there is the possible requirement
that we will need to roll back the config a few days.

 

Many thanks for any help anyone can provide.

 

Steve Ousley

----------------------------------------------------------------------------
--
Save Paper - Do you really need to print this e-mail?
 
Visit www.virginmedia.com for more information, and more fun.
 
This email and any attachments are or may be confidential and legally
privileged and are sent solely for the attention of the addressee(s). If you
have received this email in error, please delete it from your system: its
use, disclosure or copying is unauthorised. Statements and opinions
expressed in this email may not represent those of Virgin Media. Any
representations or commitments in this email are subject to contract. Please
note that we are migrating our email addresses to a company wide address of
"@virginmedia.co.uk". If you are sending to a Telewest or ntl email address
your email will be re-directed. 
 
Registered office: 160 Great Portland Street, London W1W 5QA. Registered in
England and Wales with number 2591237
 
 
============================================================================
==
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20080313/4738a7b4/attachment.html 

From Michael.Skinner at virginmedia.co.uk  Thu Mar 13 13:56:57 2008
From: Michael.Skinner at virginmedia.co.uk (Skinner, Michael)
Date: Thu, 13 Mar 2008 13:56:57 -0000
Subject: [rancid] Re: Historical logs
Message-ID: <AC578DE72A44424587F495F76B6D8C9A142739@KN3-XMB-P0001.systems.private>

I recommend you take a look at
http://www.linuxhomenetworking.com/wiki/index.php/Quick_HOWTO_:_Ch1_:_Ne
twork_Backups_With_Rancid
<http://www.linuxhomenetworking.com/wiki/index.php/Quick_HOWTO_:_Ch1_:_N
etwork_Backups_With_Rancid> 
 
It doesn't look like you have done the cvs checkout yet, so rancid is
not fully configured.  Take a look at step 5 in the "Initial Rancid
Configuration" section.  You might want to run through the other areas
in this doc in case you have missed anything else.
 
Mike
 
 

________________________________

From: rancid-discuss-bounces at shrubbery.net
[mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Steve Ousley
Sent: 13 March 2008 13:45
To: rancid-discuss at shrubbery.net
Subject: [rancid] Re: Historical logs



As a further not to this, I notice this in the logs: 

 

starting: Thu Mar 13 13:44:21 GMT 2008

 

cvs status: cannot open CVS/Entries for reading: No such file or
directory

cvs status: use `cvs add' to create an entry for `xxx.xxx.xxx.xxx'

cvs add: in directory `.':

cvs [add aborted]: there is no version here; do `cvs checkout' first

CVS added missing router xxx.xxx.xxx.xxx

 

 

Trying to get all of the configs.

All routers sucessfully completed.

 

cvs diff: in directory .:

cvs [diff aborted]: there is no version here; run 'cvs checkout' first

cvs commit: in directory .:

cvs [commit aborted]: there is no version here; run 'cvs checkout' first

 

ending: Thu Mar 13 13:44:32 GMT 2008

 

 

I guess this will be why it cannot put the stuff in CVS, however I
cannot work out where the CVS/Entries file needs to go, I have tried
putting it in the same folder as "CVSROOT", to no avail.

 

Any help much appreciated.

 

Steve

 

From: rancid-discuss-bounces at shrubbery.net
[mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Steve Ousley
Sent: 13 March 2008 12:32
To: rancid-discuss at shrubbery.net
Subject: [rancid] Re: Historical logs

 

Hi, this is great.  I have installed this on my machine, but when I go
to http://server/cgi-bin/cvsweb/ I just see the folder CVSROOT/ and in
there I do not see any of the files that have been downloaded.  Is there
a setting somewhere that I need to enable to ensure that this goes into
CVS?

 

Steve

 

From: rancid-discuss-bounces at shrubbery.net
[mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Skinner,
Michael
Sent: 13 March 2008 11:31
To: rancid-discuss at shrubbery.net
Subject: [rancid] Re: Historical logs

 

You can generate any given previous configuration from the CVS
repository.  Rather than doing this via command line you may wish to
install the excellent CVSweb on your rancid box:
http://www.freebsd.org/projects/cvsweb.html  This will allow you to
browse through config changes over time, produce graphical diff's, and
download old configs.

 

It really does bring rancid to life!

 

Mike

 

________________________________

From: rancid-discuss-bounces at shrubbery.net
[mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Steve Ousley
Sent: 13 March 2008 10:20
To: rancid-discuss at shrubbery.net
Subject: [rancid] Historical logs

Hi

 

I have just installed RANCID on my machine, and have it collecting data
from one firewall.  What I would like is some kind of differential on
this however as it seems to simply overwrite the old configuration with
the new one.

 

I have read the documentation that I can find, and cannot see anything
about keeping old versions of the log files.  The reason for wanting
this is that the firewall config often gets changed and there is the
possible requirement that we will need to roll back the config a few
days.

 

Many thanks for any help anyone can provide.

 

Steve Ousley

------------------------------------------------------------------------
------
Save Paper - Do you really need to print this e-mail?
 
Visit www.virginmedia.com for more information, and more fun.
 
This email and any attachments are or may be confidential and legally
privileged and are sent solely for the attention of the addressee(s). If
you have received this email in error, please delete it from your
system: its use, disclosure or copying is unauthorised. Statements and
opinions expressed in this email may not represent those of Virgin
Media. Any representations or commitments in this email are subject to
contract. Please note that we are migrating our email addresses to a
company wide address of "@virginmedia.co.uk". If you are sending to a
Telewest or ntl email address your email will be re-directed. 
 
Registered office: 160 Great Portland Street, London W1W 5QA. Registered
in England and Wales with number 2591237
 
 
========================================================================
======

------------------------------------------------------------------------------

Save Paper - Do you really need to print this e-mail?

Visit www.virginmedia.com for more information, and more fun.

This email and any attachments are or may be confidential and legally privileged and are sent solely for the attention of the addressee(s). If you have received this email in error, please delete it from your system: its use, disclosure or copying is unauthorised. Statements and opinions expressed in this email may not represent those of Virgin Media. Any representations or commitments in this email are subject to contract. Please note that we are migrating our email addresses to a company wide address of "@virginmedia.co.uk". If you are sending to a Telewest or ntl email address your email will be re-directed. 

Registered office: 160 Great Portland Street, London W1W 5QA. Registered in England and Wales with number 2591237


==============================================================================
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20080313/5fd9a317/attachment.html 

From steve at host-it.co.uk  Thu Mar 13 15:20:38 2008
From: steve at host-it.co.uk (Steve Ousley)
Date: Thu, 13 Mar 2008 15:20:38 -0000
Subject: [rancid] Re: Historical logs
In-Reply-To: <AC578DE72A44424587F495F76B6D8C9A14273A@KN3-XMB-P0001.systems.private>
References: <AC578DE72A44424587F495F76B6D8C9A14273A@KN3-XMB-P0001.systems.private>
Message-ID: <008701c8851d$cad9db40$608d91c0$@co.uk>

I can see what you mean.  It does make it *VERY* easy to analyse the changes
made on there.

 

From: Skinner, Michael [mailto:Michael.Skinner at virginmedia.co.uk] 
Sent: 13 March 2008 15:06
To: Steve Ousley
Subject: RE: [rancid] Re: Historical logs

 

No worries, glad you got it working, cvs web is cool, its almost not worth
having rancid without it (ok, maybe I'm exaggerating just a bit).

 

  _____  

From: Steve Ousley [mailto:steve at host-it.co.uk] 
Sent: 13 March 2008 14:57
To: Skinner, Michael
Subject: RE: [rancid] Re: Historical logs

Many thanks Mike.

 

I went through the rancid-cvs file manually and everything seemed to work,
and it seemed to be adding to the CVS repo correctly, so tried to get dvsweb
working, but failed, so decided to reinstall from scratch.

 

Did all of this, and the CVS then seemed to be working ok J however cvsweb
still wasn't working, I then realised the *HUGE* error in my ways... had I
configured cvsweb to read from RANCID's CVSROOT? Nope!! Duh! Did that, and
all ok, and I can see the diff's in cvsweb now :D

 

Thanks for your help.

 

Steve

 

From: rancid-discuss-bounces at shrubbery.net
[mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Skinner, Michael
Sent: 13 March 2008 13:57
To: rancid-discuss at shrubbery.net
Subject: [rancid] Re: Historical logs

 

I recommend you take a look at
<http://www.linuxhomenetworking.com/wiki/index.php/Quick_HOWTO_:_Ch1_:_Netwo
rk_Backups_With_Rancid>
http://www.linuxhomenetworking.com/wiki/index.php/Quick_HOWTO_:_Ch1_:_Networ
k_Backups_With_Rancid

 

It doesn't look like you have done the cvs checkout yet, so rancid is not
fully configured.  Take a look at step 5 in the "Initial Rancid
Configuration" section.  You might want to run through the other areas in
this doc in case you have missed anything else.

 

Mike

 

 

 

  _____  

From: rancid-discuss-bounces at shrubbery.net
[mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Steve Ousley
Sent: 13 March 2008 13:45
To: rancid-discuss at shrubbery.net
Subject: [rancid] Re: Historical logs

As a further not to this, I notice this in the logs: 

 

starting: Thu Mar 13 13:44:21 GMT 2008

 

cvs status: cannot open CVS/Entries for reading: No such file or directory

cvs status: use `cvs add' to create an entry for `xxx.xxx.xxx.xxx'

cvs add: in directory `.':

cvs [add aborted]: there is no version here; do `cvs checkout' first

CVS added missing router xxx.xxx.xxx.xxx

 

 

Trying to get all of the configs.

All routers sucessfully completed.

 

cvs diff: in directory .:

cvs [diff aborted]: there is no version here; run 'cvs checkout' first

cvs commit: in directory .:

cvs [commit aborted]: there is no version here; run 'cvs checkout' first

 

ending: Thu Mar 13 13:44:32 GMT 2008

 

 

I guess this will be why it cannot put the stuff in CVS, however I cannot
work out where the CVS/Entries file needs to go, I have tried putting it in
the same folder as "CVSROOT", to no avail.

 

Any help much appreciated.

 

Steve

 

From: rancid-discuss-bounces at shrubbery.net
[mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Steve Ousley
Sent: 13 March 2008 12:32
To: rancid-discuss at shrubbery.net
Subject: [rancid] Re: Historical logs

 

Hi, this is great.  I have installed this on my machine, but when I go to
http://server/cgi-bin/cvsweb/ I just see the folder CVSROOT/ and in there I
do not see any of the files that have been downloaded.  Is there a setting
somewhere that I need to enable to ensure that this goes into CVS?

 

Steve

 

From: rancid-discuss-bounces at shrubbery.net
[mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Skinner, Michael
Sent: 13 March 2008 11:31
To: rancid-discuss at shrubbery.net
Subject: [rancid] Re: Historical logs

 

You can generate any given previous configuration from the CVS repository.
Rather than doing this via command line you may wish to install the
excellent CVSweb on your rancid box:
http://www.freebsd.org/projects/cvsweb.html  This will allow you to browse
through config changes over time, produce graphical diff's, and download old
configs.

 

It really does bring rancid to life!

 

Mike

 

  _____  

From: rancid-discuss-bounces at shrubbery.net
[mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Steve Ousley
Sent: 13 March 2008 10:20
To: rancid-discuss at shrubbery.net
Subject: [rancid] Historical logs

Hi

 

I have just installed RANCID on my machine, and have it collecting data from
one firewall.  What I would like is some kind of differential on this
however as it seems to simply overwrite the old configuration with the new
one.

 

I have read the documentation that I can find, and cannot see anything about
keeping old versions of the log files.  The reason for wanting this is that
the firewall config often gets changed and there is the possible requirement
that we will need to roll back the config a few days.

 

Many thanks for any help anyone can provide.

 

Steve Ousley

----------------------------------------------------------------------------
--
Save Paper - Do you really need to print this e-mail?
 
Visit www.virginmedia.com for more information, and more fun.
 
This email and any attachments are or may be confidential and legally
privileged and are sent solely for the attention of the addressee(s). If you
have received this email in error, please delete it from your system: its
use, disclosure or copying is unauthorised. Statements and opinions
expressed in this email may not represent those of Virgin Media. Any
representations or commitments in this email are subject to contract. Please
note that we are migrating our email addresses to a company wide address of
"@virginmedia.co.uk". If you are sending to a Telewest or ntl email address
your email will be re-directed. 
 
Registered office: 160 Great Portland Street, London W1W 5QA. Registered in
England and Wales with number 2591237
 
 
============================================================================
==
----------------------------------------------------------------------------
--
 
Save Paper - Do you really need to print this e-mail?
 
Visit www.virginmedia.com for more information, and more fun.
 
This email and any attachments are or may be confidential and legally
privileged and are sent solely for the attention of the addressee(s). If you
have received this email in error, please delete it from your system: its
use, disclosure or copying is unauthorised. Statements and opinions
expressed in this email may not represent those of Virgin Media. Any
representations or commitments in this email are subject to contract. Please
note that we are migrating our email addresses to a company wide address of
"@virginmedia.co.uk". If you are sending to a Telewest or ntl email address
your email will be re-directed. 
 
Registered office: 160 Great Portland Street, London W1W 5QA. Registered in
England and Wales with number 2591237
 
 
============================================================================
==
----------------------------------------------------------------------------
--
 
Save Paper - Do you really need to print this e-mail?
 
Visit www.virginmedia.com for more information, and more fun.
 
This email and any attachments are or may be confidential and legally
privileged and are sent solely for the attention of the addressee(s). If you
have received this email in error, please delete it from your system: its
use, disclosure or copying is unauthorised. Statements and opinions
expressed in this email may not represent those of Virgin Media. Any
representations or commitments in this email are subject to contract. Please
note that we are migrating our email addresses to a company wide address of
"@virginmedia.co.uk". If you are sending to a Telewest or ntl email address
your email will be re-directed. 
 
Registered office: 160 Great Portland Street, London W1W 5QA. Registered in
England and Wales with number 2591237
 
 
============================================================================
==
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20080313/1dbd4281/attachment.html 

From tex at off.org  Thu Mar 13 23:56:12 2008
From: tex at off.org (Austin Schutz)
Date: Thu, 13 Mar 2008 16:56:12 -0700
Subject: [rancid] Re: plus in the prompt?
In-Reply-To: <20080312160037.GC27708@panix.com>
References: <20080310205344.GA21438@panix.com>
	<20080311052210.GE14933@gblx.net>
	<20080311094042.P5784@defjam.cc.strath.ac.uk>
	<"57529.2001:5a8:4:4280:216:cbff:fe06:dee0.1205251038.squirrel"@www.luyer.net>
	<20080312152706.GA27708@panix.com>
	<20080312112923.Q74863@dust.noc.drexel.edu>
	<20080312160037.GC27708@panix.com>
Message-ID: <20080313235612.GA20174@gblx.net>

On Wed, Mar 12, 2008 at 12:00:38PM -0400, Ed Ravin wrote:
> On Wed, Mar 12, 2008 at 11:34:27AM -0400, Andrew Brennan wrote:
> > Isn't the hostname + domain name used in setting up a SSH key in IOS?
> 
> And other things, like setting up LAT names for Appletalk.  But IOS
> accepts it and many other strange chars in the "hostname" command,
> and I'm not going to argue with Cisco.  In the case of the LAT name,
> Cisco issues a warning and works around it.
> 
> > You could always sell it as "+" isn't a valid character in a FQDN, so you
> > can run into trouble later with some SSH clients having trouble connecting?
> 
> I could, but I would rather wait until it actually causes a problem
> and then I can give the customer a real reason why it needs to be
> changed.
> 

	Because rancid doesn't support it works for me. I have it set up so
the name of the configured device (router.db) has to match what's in the
prompt, nicely allowing for case insensitivity. As our company has absorbed
other networks, it's been handy to force a bare minimum of organization to
get things manageable.
	It has been my experience that it's just easier to have users fix
their oddities (which I non-judgementally tend to privately refer to as
stupid fu***ng bu****it) rather than deal later with the inevitable annoying
repurcussions, such as users configuring the same host to be polled twice,
incorrectly renamed hosts, etc.  Some people may think the tools should allow
for every dumbass thing a user can think to do to their network, I guess I
disagree.
	If they're doing stupid things like having +s in the prompt it's
most assuredly only the tip of a very large iceberg. Yeah.. but you know
that already, you're there trying to melt it. Good luck.

	I guess that qualifies as a rant, sorry.

	Austin

From eravin at panix.com  Fri Mar 14 00:19:48 2008
From: eravin at panix.com (Ed Ravin)
Date: Thu, 13 Mar 2008 20:19:48 -0400
Subject: [rancid] Re: plus in the rant?
In-Reply-To: <20080313235612.GA20174@gblx.net>
References: <20080310205344.GA21438@panix.com>
	<20080311052210.GE14933@gblx.net>
	<20080311094042.P5784@defjam.cc.strath.ac.uk>
	<"57529.2001:5a8:4:4280:216:cbff:fe06:dee0.1205251038.squirrel"@www.luyer.net>
	<20080312152706.GA27708@panix.com>
	<20080312112923.Q74863@dust.noc.drexel.edu>
	<20080312160037.GC27708@panix.com>
	<20080313235612.GA20174@gblx.net>
Message-ID: <20080314001948.GA12282@panix.com>

On Thu, Mar 13, 2008 at 04:56:12PM -0700, Austin Schutz wrote:
> 	Because rancid doesn't support it works for me. I have it set up so
> the name of the configured device (router.db) has to match what's in the
> prompt, nicely allowing for case insensitivity. As our company has absorbed
> other networks, it's been handy to force a bare minimum of organization to
> get things manageable.

But that's a customization you made to RANCID - over here, once I
patched clogin and rancid, there's been no problem.  My customer's
company name has the "+" in it (love them modern Internet biz names),
so it's not like they were thinking up ways to break RANCID before
they hired us.

> It has been my experience that it's just easier to have users fix
> their oddities (which I non-judgementally tend to privately refer to as
> stupid fu***ng bu****it) rather than deal later with the inevitable annoying
> repurcussions

I don't see any blowback from this - if IOS accepts the + as a valid
char in the prompt, and the router still works the way it is supposed to,
what's the problem?  If we later discover that the router won't do
something it needs to do, we'll change the prompt, and I'll get an
extra email from RANCID about the change.  Stil no problem.

Years ago I worked for a company that made network monitoring software.
We had a debate one day about whether we would support networks that
had more than one node with the same IP (v4) address.  Apparently, thanks
to the joy of NAT, such networks exist, and we had to figure out how to
discover those nodes and tell them apart, and telling the customer to
fix their network so that they could buy our software was not an option.

Has anyone ever asked for THAT feature in RANCID?

From steve at host-it.co.uk  Fri Mar 14 09:56:47 2008
From: steve at host-it.co.uk (Steve Ousley)
Date: Fri, 14 Mar 2008 09:56:47 -0000
Subject: [rancid]  3Com Switches
Message-ID: <00dd01c885b9$b7904af0$26b0e0d0$@co.uk>

Hi

 

I have read online that RANCID can be used in order to backup 3Com switches
as well as just Cisco stuff.  What option do I need to use on clogin in
order to do this.

 

Also, what setup do I need to perform (if any) on the 3Com switch in order
to enable RANCID to back up the switch? Is it simply ssh/telnet access for
RANCID.

 

Thanks for any help (again)

 

Steve Ousley

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20080314/8007b761/attachment.html 

From jethro.binks at strath.ac.uk  Fri Mar 14 10:04:01 2008
From: jethro.binks at strath.ac.uk (Jethro R Binks)
Date: Fri, 14 Mar 2008 10:04:01 +0000 (GMT)
Subject: [rancid] Re: 3Com Switches
In-Reply-To: <00dd01c885b9$b7904af0$26b0e0d0$@co.uk>
References: <00dd01c885b9$b7904af0$26b0e0d0$@co.uk>
Message-ID: <20080314100157.G5784@defjam.cc.strath.ac.uk>

On Fri, 14 Mar 2008, Steve Ousley wrote:

> I have read online that RANCID can be used in order to backup 3Com 
> switches as well as just Cisco stuff.  What option do I need to use on 
> clogin in order to do this.

What models of 3Com switches are you talking about?  There has been recent 
chat about support for the Huawei-3Com switches (5500 and similar), which 
have a Cisco-like command line.  However if you are asking about the older 
switches (4400, 4200, 3300, etc) then it can't be done directly by rancid, 
as they don't have such a command-line, it's a menu driven system, and you 
can't 'dump out' the config in text.

I think some of those models had the facility to tftp the config to 
somewhere, but I think it is a binary file so rancid can't really do 
anything much with it.

Jethro.

> 
>  
> 
> Also, what setup do I need to perform (if any) on the 3Com switch in order
> to enable RANCID to back up the switch? Is it simply ssh/telnet access for
> RANCID.
> 
>  
> 
> Thanks for any help (again)
> 
>  
> 
> Steve Ousley
> 
> 

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Jethro R Binks
Computing Officer, IT Services
University Of Strathclyde, Glasgow, UK

From steve at host-it.co.uk  Fri Mar 14 10:15:27 2008
From: steve at host-it.co.uk (Steve Ousley)
Date: Fri, 14 Mar 2008 10:15:27 -0000
Subject: [rancid] Re: 3Com Switches
In-Reply-To: <20080314100157.G5784@defjam.cc.strath.ac.uk>
References: <00dd01c885b9$b7904af0$26b0e0d0$@co.uk>
	<20080314100157.G5784@defjam.cc.strath.ac.uk>
Message-ID: <00e801c885bc$535d2be0$fa1783a0$@co.uk>

Many thanks for the quick response Jethro, this is not the answer I wanted
(We use 3Com 4400's) but I'll have to live with it.  I can see why it's not
possible, and it's not too much of a problem, we will have to investigate
some other method of doing this.

Cheers again.

Steve

-----Original Message-----
From: rancid-discuss-bounces at shrubbery.net
[mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Jethro R Binks
Sent: 14 March 2008 10:04
To: rancid-discuss at shrubbery.net
Subject: [rancid] Re: 3Com Switches

On Fri, 14 Mar 2008, Steve Ousley wrote:

> I have read online that RANCID can be used in order to backup 3Com 
> switches as well as just Cisco stuff.  What option do I need to use on 
> clogin in order to do this.

What models of 3Com switches are you talking about?  There has been recent 
chat about support for the Huawei-3Com switches (5500 and similar), which 
have a Cisco-like command line.  However if you are asking about the older 
switches (4400, 4200, 3300, etc) then it can't be done directly by rancid, 
as they don't have such a command-line, it's a menu driven system, and you 
can't 'dump out' the config in text.

I think some of those models had the facility to tftp the config to 
somewhere, but I think it is a binary file so rancid can't really do 
anything much with it.

Jethro.

> 
>  
> 
> Also, what setup do I need to perform (if any) on the 3Com switch in order
> to enable RANCID to back up the switch? Is it simply ssh/telnet access for
> RANCID.
> 
>  
> 
> Thanks for any help (again)
> 
>  
> 
> Steve Ousley
> 
> 

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Jethro R Binks
Computing Officer, IT Services
University Of Strathclyde, Glasgow, UK
_______________________________________________
Rancid-discuss mailing list
Rancid-discuss at shrubbery.net
http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss 


From andrew.brennan at drexel.edu  Fri Mar 14 11:14:06 2008
From: andrew.brennan at drexel.edu (Andrew Brennan)
Date: Fri, 14 Mar 2008 07:14:06 -0400 (EDT)
Subject: [rancid] Re: 3Com Switches
In-Reply-To: <00e801c885bc$535d2be0$fa1783a0$@co.uk>
References: <00dd01c885b9$b7904af0$26b0e0d0$@co.uk>
	<20080314100157.G5784@defjam.cc.strath.ac.uk>
	<00e801c885bc$535d2be0$fa1783a0$@co.uk>
Message-ID: <20080314065311.I74863@dust.noc.drexel.edu>

While 3Com's older switches are menu driven, I believe the 3300s and 4xxx 
models all permit you to "overload" the command - effectively using it as 
though there was a standard CLI.  You can't dump the config to text where 
RANCID would then parse it, but you can script up a rather simple wrapper 
and run a TFTP daemon to collect the configs (which are text files, so if 
RANCID were then reading the files from the dump directory ...)

If you're familiar with Expect and the "autoexpect" script, either SSH or 
Telnet into one of your switches, then issue this:

    system backupConfig save <tftpd-ip> <filename> <notes-field>

... and you'll have your configs (mostly) backed up.  The backup process 
leaves out a few security related bit of data (ssh keys, etc.) so you may
need to include those later before you restore a config to a switch.  The
autoexpect script builds a script to run exactly what you have typed.  If 
you modify that script to read a few arguments when you start it, you'll
be 95% done with your 4400 backup project.

andrew.

On Fri, 14 Mar 2008, Steve Ousley wrote:

> Many thanks for the quick response Jethro, this is not the answer I wanted
> (We use 3Com 4400's) but I'll have to live with it.  I can see why it's not
> possible, and it's not too much of a problem, we will have to investigate
> some other method of doing this.
>
> Cheers again.
>
> Steve
>

From eravin at panix.com  Fri Mar 14 22:09:29 2008
From: eravin at panix.com (Ed Ravin)
Date: Fri, 14 Mar 2008 18:09:29 -0400
Subject: [rancid]  combining aclmaker and RANCID?
Message-ID: <20080314220929.GA1331@panix.com>

Anybody out there besides me using both aclmaker and RANCID?

I need to make some updates to aclmaker (seems like it doesn't
support routers that have "+" in the prompt :-( ) and have been
toying with the idea of having aclmaker use the RANCID database
(and perhaps even the RANCID *login programs) to reach the router
being managed.

That would make aclmaker a lot more convenient, since right now it
requires that you manually log into the router before you can change
an ACL.

So if you are already using aclmaker, please let me know, and we
can start a discussion off-list.  For those of you who are wondering
what I'm talking about, see the brief description of aclmaker below.

	-- Ed


On Tue, Jun 17, 2003 at 09:09:35PM -0400, Ed Ravin wrote:
> Aclmaker is a Perl script that lets you edit Cisco ACLs as files on
> your local system and upload/download them to the router.  It will
> also let you pipe the output of router commands through programs
> on your machine, or save a local copy of the router configuration.
> It normally is used through an existing Telnet session to your router,
> but in most cases you can also use it through ssh, Kermit, Kerberos, cu,
> tip, or any other communications program.
> 
> Aclmaker lives in the "Cisco-centric Open Source Initiative" ('cosi-nms')
> project on Sourceforge.  You can download it from SourceForge.net
> 
>https://sourceforge.net/project/showfiles.php?group_id=25401&release_id=161297


From jethro.binks at strath.ac.uk  Fri Mar 14 23:10:19 2008
From: jethro.binks at strath.ac.uk (Jethro R Binks)
Date: Fri, 14 Mar 2008 23:10:19 +0000 (GMT)
Subject: [rancid] Re: 3Com Switches
In-Reply-To: <20080314065311.I74863@dust.noc.drexel.edu>
References: <00dd01c885b9$b7904af0$26b0e0d0$@co.uk>
	<20080314100157.G5784@defjam.cc.strath.ac.uk>
	<00e801c885bc$535d2be0$fa1783a0$@co.uk>
	<20080314065311.I74863@dust.noc.drexel.edu>
Message-ID: <20080314230036.E5784@defjam.cc.strath.ac.uk>

On Fri, 14 Mar 2008, Andrew Brennan wrote:

> While 3Com's older switches are menu driven, I believe the 3300s and 
> 4xxx models all permit you to "overload" the command - effectively using 
> it as though there was a standard CLI.  You can't dump the config to 
> text where RANCID would then parse it, but you can script up a rather 
> simple wrapper and run a TFTP daemon to collect the configs (which are 
> text files, so if RANCID were then reading the files from the dump 
> directory ...)

Hmm, I didn't know the configs saved through tftp were text files, I'd 
always assumed they were binary.  But then I don't think I've ever looked 
... in that case your solution may well be viable and maybe I'll give it a 
whirl one day (although to be honest while we have a huge legacy of the 
older kit, most of our development concentrates on the newer H3C stuff).

I'm also minded to comment that there are two philosophies for using 
rancid; it is certainly useful as an actual backup tool, but you have to 
be aware that restoring one of those backups requires some care, 
especially if you've been stripping out sensitive information like SNMP 
strings (I can't remember the last time I actually needed the backup of a 
switch config).

In my environment, it's actually the other functions of rancid that are 
its most useful features - the notification of config changes and the 
ability to review changes over time through CVS.  I work in a team of 
several, and it works well for us to get notified of the changes others 
are making day-to-day.

Jethro.



> If you're familiar with Expect and the "autoexpect" script, either SSH or 
> Telnet into one of your switches, then issue this:
> 
>     system backupConfig save <tftpd-ip> <filename> <notes-field>
> 
> ... and you'll have your configs (mostly) backed up.  The backup process 
> leaves out a few security related bit of data (ssh keys, etc.) so you may
> need to include those later before you restore a config to a switch.  The
> autoexpect script builds a script to run exactly what you have typed.  If 
> you modify that script to read a few arguments when you start it, you'll
> be 95% done with your 4400 backup project.
> 
> andrew.
> 
> On Fri, 14 Mar 2008, Steve Ousley wrote:
> 
> > Many thanks for the quick response Jethro, this is not the answer I wanted
> > (We use 3Com 4400's) but I'll have to live with it.  I can see why it's not
> > possible, and it's not too much of a problem, we will have to investigate
> > some other method of doing this.
> >
> > Cheers again.
> >
> > Steve
> >
> _______________________________________________
> Rancid-discuss mailing list
> Rancid-discuss at shrubbery.net
> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
> 

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Jethro R Binks
Computing Officer, IT Services
University Of Strathclyde, Glasgow, UK

From Paul.Birch at serco.com  Mon Mar 17 09:25:26 2008
From: Paul.Birch at serco.com (Paul.Birch at serco.com)
Date: Mon, 17 Mar 2008 09:25:26 +0000
Subject: [rancid]  !Last configuration change at .... missing on cisco
Message-ID: <OF33A11B03.04095AC3-ON0025740F.003368F0@itnetplc.com>

Show run has the two lines

! Last configuration change at 18:56:10 GMT Fri Mar 14 2008

! NVRAM config last updated at 18:13:54 GMT Fri Mar 14 2008 by user123

 

How do I run rancid to get these two lines

 

Cheers

 



***Disclaimer****
This e-mail and any attachments are for the intended addressee(s) only and may contain confidential and/or privileged material. If you are not a named addressee, do not use, retain or disclose such information. This email is not guaranteed to be free from viruses and does not bind  Serco in any contract or obligation.

Serco Limited. Registered in England and Wales. No: 242246 Registered Office: Serco House,16 Bartley Wood Business Park, Bartley Way, Hook, Hampshire RG27 9UY United Kingdom.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20080317/c8c8070d/attachment.html 

From john at sackheads.org  Mon Mar 17 14:20:38 2008
From: john at sackheads.org (John Payne)
Date: Mon, 17 Mar 2008 10:20:38 -0400
Subject: [rancid] Re: End of run not found
In-Reply-To: <509d59e0803100642q133e7b31k765f91c2a38199c3@mail.gmail.com>
References: <509d59e0803071316l60a559aeq2cc9a64ed13b8a59@mail.gmail.com>
	<509d59e0803100642q133e7b31k765f91c2a38199c3@mail.gmail.com>
Message-ID: <3435B936-5DB7-4ED8-B8A7-58D148AEF4E3@sackheads.org>


On Mar 10, 2008, at 9:42 AM, Raymond Venner wrote:

> Greetings,
> Still no luck with this issue and can't seem to find any  
> informational threads online.  This seems to be CAT os related but  
> I can't seem to pinpoint the issue. Any info would be greatly  
> appreciated..

I'm having similar problems with SOME IOS devices.
running rancid manually with -d I see it hanging on show controllers...

>
>
> On Fri, Mar 7, 2008 at 5:16 PM, Raymond Venner <bhdbmv at gmail.com>  
> wrote:
> Trying to run rancid on the following devices
>
> WS-C6506
> WS-C6509
> but keep getting the following error.
>
> End of run not found
>
> Anybody know of a fix?
>
> Thanks in advance.
>
> _______________________________________________
> Rancid-discuss mailing list
> Rancid-discuss at shrubbery.net
> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20080317/ecd66329/attachment.html 

From jbilder at csstars.com  Mon Mar 17 15:04:19 2008
From: jbilder at csstars.com (Bilder, Jeff)
Date: Mon, 17 Mar 2008 10:04:19 -0500
Subject: [rancid]  RANCID stuck at 1 point in time.
Message-ID: <EF82995A9FDF1E42933F9FBB2DFB18C578E461@KR-EP2-EXVS1.krollworldwide.com>

I seem to be having an issue with Rancid currently.  It seems like it
has CVS at some point in time, and it tries to update the configurations
but appears to be unable to commit the information since that one point
in time.  I've checked all the permissions and everything is in line.
Is there a way I can get CVS to commit the changes?


Thanks,

 

JB

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20080317/bc360220/attachment.html 

From john at sackheads.org  Mon Mar 17 15:20:02 2008
From: john at sackheads.org (John Payne)
Date: Mon, 17 Mar 2008 11:20:02 -0400
Subject: [rancid] Re: End of run not found
In-Reply-To: <3435B936-5DB7-4ED8-B8A7-58D148AEF4E3@sackheads.org>
References: <509d59e0803071316l60a559aeq2cc9a64ed13b8a59@mail.gmail.com>
	<509d59e0803100642q133e7b31k765f91c2a38199c3@mail.gmail.com>
	<3435B936-5DB7-4ED8-B8A7-58D148AEF4E3@sackheads.org>
Message-ID: <A4A561E5-1D20-40C7-BB0D-7C3EB3C1676C@sackheads.org>


On Mar 17, 2008, at 10:20 AM, John Payne wrote:

>
> On Mar 10, 2008, at 9:42 AM, Raymond Venner wrote:
>
>> Greetings,
>> Still no luck with this issue and can't seem to find any  
>> informational threads online.  This seems to be CAT os related but  
>> I can't seem to pinpoint the issue. Any info would be greatly  
>> appreciated..
>
> I'm having similar problems with SOME IOS devices.
> running rancid manually with -d I see it hanging on show  
> controllers...

Actually, a bit more digging... it looks like some kind of buffering  
issue.

## $Id: clogin.in,v 1.77 2004/03/12 05:44:06 asp Exp $

with a clogin -c 'show controllers' <routername>   works fine.

clogin from 2.3.2a7:
## $Id: clogin.in,v 1.107 2006/12/08 21:28:25 heas Exp $

with a clogin -c 'show controllers' <routername> hangs after Fifo13,  
and then eventually completes (several minutes later).

I see similar things with 'show run' on a different device.

Of course... that sent me hunting and it looks like I'm using an  
unpatched expect.

*sigh*


>
>>
>>
>> On Fri, Mar 7, 2008 at 5:16 PM, Raymond Venner <bhdbmv at gmail.com>  
>> wrote:
>> Trying to run rancid on the following devices
>>
>> WS-C6506
>> WS-C6509
>> but keep getting the following error.
>>
>> End of run not found
>>
>> Anybody know of a fix?
>>
>> Thanks in advance.
>>
>> _______________________________________________
>> Rancid-discuss mailing list
>> Rancid-discuss at shrubbery.net
>> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
>
> _______________________________________________
> Rancid-discuss mailing list
> Rancid-discuss at shrubbery.net
> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20080317/8e4bfa81/attachment.html 

From mashcraft at omniture.com  Mon Mar 17 15:58:31 2008
From: mashcraft at omniture.com (Mike Ashcraft)
Date: Mon, 17 Mar 2008 09:58:31 -0600
Subject: [rancid] Re: RANCID stuck at 1 point in time.
In-Reply-To: <EF82995A9FDF1E42933F9FBB2DFB18C578E461@KR-EP2-EXVS1.krollworldwide.com>
References: <EF82995A9FDF1E42933F9FBB2DFB18C578E461@KR-EP2-EXVS1.krollworldwide.com>
Message-ID: <45EB285310B55542A513F93230F0A533049D7B4E@EXCHANGE0.orm.omniture.com>

Jeff,

 

Can you provide the log output?  This would help to explain why CVS is not being updated.

 

Thanks,

 

Mike

 

From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Bilder, Jeff
Sent: Monday, March 17, 2008 9:04 AM
To: rancid-discuss at shrubbery.net
Subject: [rancid] RANCID stuck at 1 point in time.

 

I seem to be having an issue with Rancid currently.  It seems like it has CVS at some point in time, and it tries to update the configurations but appears to be unable to commit the information since that one point in time.  I?ve checked all the permissions and everything is in line.  Is there a way I can get CVS to commit the changes?


Thanks,

 

JB

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20080317/aafd28ba/attachment.html 

From rancid at gheek.net  Mon Mar 17 17:07:30 2008
From: rancid at gheek.net (Lance Vermilion)
Date: Mon, 17 Mar 2008 10:07:30 -0700
Subject: [rancid] Re: End of run not found
In-Reply-To: <A4A561E5-1D20-40C7-BB0D-7C3EB3C1676C@sackheads.org>
References: <509d59e0803071316l60a559aeq2cc9a64ed13b8a59@mail.gmail.com>
	<509d59e0803100642q133e7b31k765f91c2a38199c3@mail.gmail.com>
	<3435B936-5DB7-4ED8-B8A7-58D148AEF4E3@sackheads.org>
	<A4A561E5-1D20-40C7-BB0D-7C3EB3C1676C@sackheads.org>
Message-ID: <8423e7bb0803171007h3d56f2dci6ad6162b47e900ac@mail.gmail.com>

John Payne,

Did the patching of expect fix you?

-lance

On 3/17/08, John Payne <john at sackheads.org> wrote:
>
>
> On Mar 17, 2008, at 10:20 AM, John Payne wrote:
>
>
> On Mar 10, 2008, at 9:42 AM, Raymond Venner wrote:
>
> Greetings,
> Still no luck with this issue and can't seem to find any informational
> threads online.  This seems to be CAT os related but I can't seem to
> pinpoint the issue. Any info would be greatly appreciated..
>
> I'm having similar problems with SOME IOS devices.
> running rancid manually with -d I see it hanging on show controllers...
>
> Actually, a bit more digging... it looks like some kind of buffering issue.
>
> ## $Id: clogin.in,v 1.77 2004/03/12 05:44:06 asp Exp $
>
> with a clogin -c 'show controllers' <routername>   works fine.
>
> clogin from 2.3.2a7:
> ## $Id: clogin.in,v 1.107 2006/12/08 21:28:25 heas Exp $
>
> with a clogin -c 'show controllers' <routername> hangs after Fifo13, and
> then eventually completes (several minutes later).
>
> I see similar things with 'show run' on a different device.
>
> Of course... that sent me hunting and it looks like I'm using an unpatched
> expect.
>
> *sigh*
>
>
>
>
>
>
>
> On Fri, Mar 7, 2008 at 5:16 PM, Raymond Venner <bhdbmv at gmail.com> wrote:
> >
> > Trying to run rancid on the following devices
> >
> > WS-C6506
> > WS-C6509
> > but keep getting the following error.
> >
> > End of run not found
> >
> > Anybody know of a fix?
> >
> > Thanks in advance.
>
> _______________________________________________
> Rancid-discuss mailing list
> Rancid-discuss at shrubbery.net
> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
> _______________________________________________
> Rancid-discuss mailing list
> Rancid-discuss at shrubbery.net
> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
>
> _______________________________________________
> Rancid-discuss mailing list
> Rancid-discuss at shrubbery.net
> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
>

From lavermil at gheek.net  Mon Mar 17 17:12:23 2008
From: lavermil at gheek.net (Lance Vermilion)
Date: Mon, 17 Mar 2008 10:12:23 -0700
Subject: [rancid] Re: !Last configuration change at .... missing on cisco
In-Reply-To: <OF33A11B03.04095AC3-ON0025740F.003368F0@itnetplc.com>
References: <OF33A11B03.04095AC3-ON0025740F.003368F0@itnetplc.com>
Message-ID: <8423e7bb0803171012r117357c1t251817c016ab1cd3@mail.gmail.com>

Paul,

refer to this post from back in May of last year.

http://www.shrubbery.net/pipermail/rancid-discuss/2007-May.txt

-Lance

On 3/17/08, Paul.Birch at serco.com <Paul.Birch at serco.com> wrote:
>
>
>
> Show run has the two lines
>
> ! Last configuration change at 18:56:10 GMT Fri Mar 14 2008
>
> ! NVRAM config last updated at 18:13:54 GMT Fri Mar 14 2008 by user123
>
>
>
> How do I run rancid to get these two lines
>
>
>
> Cheers
>
>
>
>
>
> ***Disclaimer****
> This e-mail and any attachments are for the intended addressee(s) only and
> may contain confidential and/or privileged material. If you are not a named
> addressee, do not use, retain or disclose such information. This email is
> not guaranteed to be free from viruses and does not bind  Serco in any
> contract or obligation.
>
> Serco Limited. Registered in England and Wales. No: 242246 Registered
> Office: Serco House,16 Bartley Wood Business Park, Bartley Way, Hook,
> Hampshire RG27 9UY United Kingdom.
> _______________________________________________
> Rancid-discuss mailing list
> Rancid-discuss at shrubbery.net
> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
>

From jbilder at csstars.com  Mon Mar 17 17:17:46 2008
From: jbilder at csstars.com (Bilder, Jeff)
Date: Mon, 17 Mar 2008 12:17:46 -0500
Subject: [rancid] Re: End of run not found
In-Reply-To: <8423e7bb0803171007h3d56f2dci6ad6162b47e900ac@mail.gmail.com>
References: <509d59e0803071316l60a559aeq2cc9a64ed13b8a59@mail.gmail.com><509d59e0803100642q133e7b31k765f91c2a38199c3@mail.gmail.com><3435B936-5DB7-4ED8-B8A7-58D148AEF4E3@sackheads.org><A4A561E5-1D20-40C7-BB0D-7C3EB3C1676C@sackheads.org>
	<8423e7bb0803171007h3d56f2dci6ad6162b47e900ac@mail.gmail.com>
Message-ID: <EF82995A9FDF1E42933F9FBB2DFB18C578E544@KR-EP2-EXVS1.krollworldwide.com>

Thanks, it ended up being a config that was missing.  I touched the file
and rancid delete it and was able to commit the revision.

Thanks,

JB

-----Original Message-----
From: rancid-discuss-bounces at shrubbery.net
[mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Lance
Vermilion
Sent: Monday, March 17, 2008 12:08 PM
To: John Payne
Cc: rancid-discuss at shrubbery.net
Subject: [rancid] Re: End of run not found

John Payne,

Did the patching of expect fix you?

-lance

On 3/17/08, John Payne <john at sackheads.org> wrote:
>
>
> On Mar 17, 2008, at 10:20 AM, John Payne wrote:
>
>
> On Mar 10, 2008, at 9:42 AM, Raymond Venner wrote:
>
> Greetings,
> Still no luck with this issue and can't seem to find any informational
> threads online.  This seems to be CAT os related but I can't seem to
> pinpoint the issue. Any info would be greatly appreciated..
>
> I'm having similar problems with SOME IOS devices.
> running rancid manually with -d I see it hanging on show
controllers...
>
> Actually, a bit more digging... it looks like some kind of buffering
issue.
>
> ## $Id: clogin.in,v 1.77 2004/03/12 05:44:06 asp Exp $
>
> with a clogin -c 'show controllers' <routername>   works fine.
>
> clogin from 2.3.2a7:
> ## $Id: clogin.in,v 1.107 2006/12/08 21:28:25 heas Exp $
>
> with a clogin -c 'show controllers' <routername> hangs after Fifo13,
and
> then eventually completes (several minutes later).
>
> I see similar things with 'show run' on a different device.
>
> Of course... that sent me hunting and it looks like I'm using an
unpatched
> expect.
>
> *sigh*
>
>
>
>
>
>
>
> On Fri, Mar 7, 2008 at 5:16 PM, Raymond Venner <bhdbmv at gmail.com>
wrote:
> >
> > Trying to run rancid on the following devices
> >
> > WS-C6506
> > WS-C6509
> > but keep getting the following error.
> >
> > End of run not found
> >
> > Anybody know of a fix?
> >
> > Thanks in advance.
>
> _______________________________________________
> Rancid-discuss mailing list
> Rancid-discuss at shrubbery.net
> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
> _______________________________________________
> Rancid-discuss mailing list
> Rancid-discuss at shrubbery.net
> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
>
> _______________________________________________
> Rancid-discuss mailing list
> Rancid-discuss at shrubbery.net
> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
>
_______________________________________________
Rancid-discuss mailing list
Rancid-discuss at shrubbery.net
http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss

From netadmin at onwin.ca  Tue Mar 18 12:54:39 2008
From: netadmin at onwin.ca (Jeff Perri)
Date: Tue, 18 Mar 2008 08:54:39 -0400
Subject: [rancid]  Rancid for Slackware firewalls
Message-ID: <20080318130128.CB7818655A@guelah.shrubbery.net>

Hello, 

 

I have used Rancid before on Cisco Routers and Switches and was wondering if
anyone has ever set it up to be able to login to a Slackware firewall to
monitor the firewall script (rc.firewall)? I need a way to track the changes
made to this file and have them emailed to me.

 

Any input would be appreciated

 

 

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20080318/567048bb/attachment.html 

From rancid at gheek.net  Tue Mar 18 16:28:26 2008
From: rancid at gheek.net (Lance Vermilion)
Date: Tue, 18 Mar 2008 09:28:26 -0700
Subject: [rancid] Re: Rancid for Slackware firewalls
In-Reply-To: <20080318130128.CB7818655A@guelah.shrubbery.net>
References: <20080318130128.CB7818655A@guelah.shrubbery.net>
Message-ID: <8423e7bb0803180928v770b1217xa7d4d4231cb38f93@mail.gmail.com>

Jeff,

You can take the F5 script and slightly modify the command table to be
what you want and go from there. This script should make into the next
release of RANCID by shrubbery.

http://test.gheek.net/?p=45

-Lance

On 3/18/08, Jeff Perri <netadmin at onwin.ca> wrote:
>
>
>
> Hello,
>
>
>
> I have used Rancid before on Cisco Routers and Switches and was wondering if
> anyone has ever set it up to be able to login to a Slackware firewall to
> monitor the firewall script (rc.firewall)? I need a way to track the changes
> made to this file and have them emailed to me.
>
>
>
> Any input would be appreciated
>
>
>
>
>
>
> _______________________________________________
> Rancid-discuss mailing list
> Rancid-discuss at shrubbery.net
> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
>

From bsuresh1976 at hotmail.com  Thu Mar 20 06:17:57 2008
From: bsuresh1976 at hotmail.com (bsuresh1976)
Date: Thu, 20 Mar 2008 11:47:57 +0530
Subject: [rancid] Re: ASSISTANCE NEEDED
In-Reply-To: <8423e7bb0802280556x105ad7abxa5b25ecb3156c18@mail.gmail.com>
References: <002801c87917$5cab7b90$7f3da8c0@webex.local>
	<OF70B85967.41383CDF-ONC12573FC.002D4693-C12573FC.002DBA94@mdcs.at>
	<20080227095402.GC3548@shrubbery.net>
	<BAY126-DAV16B17128B11191E77B69E9AE1B0@phx.gbl>
	<8423e7bb0802280556x105ad7abxa5b25ecb3156c18@mail.gmail.com>
Message-ID: <BAY126-DAV6B0666CE40185C1AC706BAE000@phx.gbl>

Thanks for your suggestion. it works now. There was some routing issue. 

Regards 

Suresh

-----Original Message-----
From: lavermil at gheek.net [mailto:lavermil at gheek.net] On Behalf Of Lance
Vermilion
Sent: Thursday, February 28, 2008 7:26 PM
To: bsuresh1976
Cc: john heasley; georg.naggies at r-it.at; rancid-discuss at shrubbery.net
Subject: Re: [rancid] Re: ASSISTANCE NEEDED

Suresh,

>From the same machine you run rancid from what happens if you ssh?

-Lance

On 2/27/08, bsuresh1976 <bsuresh1976 at hotmail.com> wrote:
>
>
>
> John,
>
>
>
> Thanks for your time... here is the issue ...
>
>
>
> If I enable telnet on the router
>
> Line vty 0 4
>
> transport input telnet ssh ( I added telnet here )
>
>
>
>
>
>
>
> The result is that it partially  works, but its dead slow..
>
>
>
> rancid at rancid ~]$ clogin -c "show run" bom01-wxbb-art01
>
> bom01-wxbb-art01
>
> spawn telnet bom01-wxbb-art01
>
> Trying 210.4.192.33...
>
> Connected to bom01-wxbb-art01.webex.com (210.4.192.33).
>
> Escape character is '^]'.
>
>
>
> Username: rancid
>
> Password:
>
>
>
> bom01-wxbb-art01#
>
> bom01-wxbb-art01#term length 0 ( I pressed ctrl+c here . )
>
> bom01-wxbb-art01#[rancid at rancid ~]$
>
>
>
> If I disable telnet.
>
>
>
> Lien vty 0 4
>
> Transport input ssh ( I removed the telnet here )
>
>
>
>
>
> Then the result is as below.
>
>
>
>  [rancid at rancid ~]$
>
> [rancid at rancid ~]$ clogin -c "show run" bom01-wxbb-art01
>
> bom01-wxbb-art01
>
> spawn telnet bom01-wxbb-art01
>
> Trying 210.4.192.33...
>
> telnet: connect to address 210.4.192.33: Connection refused
>
> spawn ssh -c 3des -x -l rancid bom01-wxbb-art01
>
>
>
> Error: TIMEOUT reached
>
>
>
>
>
> Please suggest whether do I need regenerate the crypto keys for ssh
access?
> I am able to ssh to  bom01-wxbb-art01 router from putty with out any
issues.
>
>
>
> This router's brother bom01-wxbb-art02 is working fine with out any
issues.
>
>
>
>
>
> Regards
>
>
>
> Suresh
>
>
>
>
> -----Original Message-----
> From: john heasley [mailto:heas at shrubbery.net]
> Sent: Wednesday, February 27, 2008 3:24 PM
> To: georg.naggies at r-it.at
> Cc: bsuresh1976 at hotmail.com; rancid-discuss at shrubbery.net
> Subject: Re: [rancid] ASSISTANCE NEEDED
>
>
>
> Wed, Feb 27, 2008 at 09:19:26AM +0100, georg.naggies at r-it.at:
>
> > Hi!
>
> >
>
> > "TIMEOUT reached" just means that the device was not reachable, offline,
>
> > powered down, could have been anything.
>
> >
>
> > Georg
>
>
>
> not quite, it appears that it got through at least the first command.  So,
>
> the login was successful and its began ok.  Please see section 3 of the
FAQ.
>
>
>
> >
>
> >
>
> >
>
> >
>
> > bsuresh1976 at hotmail.com
>
> > Gesendet von: rancid-discuss-bounces at shrubbery.net
>
> > 27.02.2008 09:04
>
> >
>
> > An
>
> > rancid-discuss at shrubbery.net
>
> > Kopie
>
> >
>
> > Thema
>
> > [rancid]  ASSISTANCE NEEDED
>
> >
>
> >
>
> >
>
> >
>
> >
>
> >
>
> > Guys,
>
> >
>
> > I am new to the RANCID. Rancid was setup by my colleague & I am the end
>
> > user. Some of the routers works fine, but on some of the routers I get
the
>
> > below error.
>
> >
>
> > Could some one please assist me?? I googled for an answer, but I could
not
>
> > get the correct answer?
>
> >
>
> > routers.20080226.223517:bom01-wxbb-art01.webex.com: End
> of run not found
>
> > routers.20080226.223517:bom01-wxbb-art01.webex.com clogin
> error: Error:
>
> > TIMEOUT reached
>
> > routers.20080226.223517:bom01-wxbb-art01.webex.com:
> missed cmd(s): dir
>
> > /all slavedisk2:,show rsp chassis-info,dir /all s
>
> > ec-slot2:,show diag,dir /all disk1:,show gsr chassis,dir /all
>
> > sec-nvram:,dir /all disk2:,dir /all sec-bootflash:,show sp
>
> > e version,dir /all slaveslot2:,dir /all disk0:,show bootvar,dir /all
>
> > slaveslot0:,dir /all sec-slot1:,dir /all harddiska:
>
> > ,dir /all slavenvram:,show flash,dir /all sec-disk2:,dir /all
>
> > slavesup-bootflash:,dir /all sec-disk0:,dir /all harddiskb
>
> > :,show variables boot,show boot,dir /all slavedisk1:,show module,show
>
> > controllers,show diagbus,dir /all slavedisk0:,dir
>
> > /all bootflash:,dir /all sec-slot0:,dir /all sec-disk1:,write term,show
>
> > vtp status,dir /all sup-bootflash:,dir /all slot
>
> > 2:,dir /all harddisk:,dir /all slot0:,dir /all sup-microcode:,show
>
> > vlan,dir /all slavebootflash:,show controllers cbus,d
>
> > ir /all slaveslot1:,dir /all nvram:,show running-config,show c7200,dir
>
> > /all slot1:
>
> > routers.20080226.223517:bom01-wxbb-art01.webex.com: End
> of run not found
>
> >
>
> > Regards,
>
> >
>
> > Suresh
>
> >
>
> >  _______________________________________________
>
> > Rancid-discuss mailing list
>
> > Rancid-discuss at shrubbery.net
>
> >
> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
>
> >
>
> >
>
> > ----------------------------------------
>
> > Raiffeisen Informatik GmbH, Firmenbuchnr. 88239p, Handelsgericht Wien,
DVR
> 0486809, UID ATU 16351908
>
> >
>
> > Der Austausch von Nachrichten mit oben angefuehrtem Absender via E-Mail
> dient ausschliesslich Informationszwecken. Rechtsgeschaeftliche
Erklaerungen
> duerfen ueber dieses Medium nicht ausgetauscht werden.
>
> > Correspondence with above mentioned sender via e-mail is only for
> information purposes. This medium may not be used for exchange of
> legally-binding communications.
>
> > ----------------------------------------
>
>
>
> > _______________________________________________
>
> > Rancid-discuss mailing list
>
> > Rancid-discuss at shrubbery.net
>
> >
> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
> _______________________________________________
> Rancid-discuss mailing list
> Rancid-discuss at shrubbery.net
> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
>


From bsuresh1976 at hotmail.com  Thu Mar 20 06:20:36 2008
From: bsuresh1976 at hotmail.com (bsuresh1976)
Date: Thu, 20 Mar 2008 11:50:36 +0530
Subject: [rancid]  AUTHENTICATION NEEDED FOR RANCID
Message-ID: <BAY126-DAV463F5DEE099AAC113FCA5AE000@phx.gbl>

Hi,

 

Can some one help me to configure the authentication needed to access the
RANCID web page?  I don't want any one from the corp network to access this
page.  Do I need to configure authentication for Apache?

 

Thanks in advance.

Regards 

Suresh

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20080320/2487980e/attachment.html 

From rancid at ale.cx  Thu Mar 20 08:21:22 2008
From: rancid at ale.cx (alex)
Date: Thu, 20 Mar 2008 08:21:22 +0000
Subject: [rancid] Re: AUTHENTICATION NEEDED FOR RANCID
In-Reply-To: <BAY126-DAV463F5DEE099AAC113FCA5AE000@phx.gbl>
References: <BAY126-DAV463F5DEE099AAC113FCA5AE000@phx.gbl>
Message-ID: <200803200821.22842.rancid@ale.cx>

On Thursday 20 March 2008 06:20:36 bsuresh1976 wrote:

> Can some one help me to configure the authentication needed to access the
> RANCID web page?  I don't want any one from the corp network to access this
> page.  Do I need to configure authentication for Apache?

Yes. The easiest way to do it would be with a .htaccess file. There are many 
sites on the internet that will generate an .htacess and .htpasswd file for 
you.

alexd

From peter.lothegard at lidero.net  Thu Mar 20 06:37:49 2008
From: peter.lothegard at lidero.net (=?us-ascii?Q?Peter_Lothegard?=)
Date: Thu, 20 Mar 2008 07:37:49 +0100
Subject: [rancid] Re: AUTHENTICATION NEEDED FOR RANCID
In-Reply-To: <BAY126-DAV463F5DEE099AAC113FCA5AE000@phx.gbl>
Message-ID: <GBEJKCEIFGJKLDGNLBGJKELOCCAA.peter.lothegard@lidero.net>

If you run it on a linux webserver you can use .htaccess
  -----Ursprungligt meddelande-----
  Fran: rancid-discuss-bounces at shrubbery.net
[mailto:rancid-discuss-bounces at shrubbery.net]For bsuresh1976
  Skickat: den 20 mars 2008 07:21
  Till: rancid-discuss at shrubbery.net
  Amne: [rancid] AUTHENTICATION NEEDED FOR RANCID


  Hi,



  Can some one help me to configure the authentication needed to access the
RANCID web page?  I don't want any one from the corp network to access this
page.  Do I need to configure authentication for Apache?



  Thanks in advance.

  Regards

  Suresh


-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20080320/ca426a16/attachment.html 

From ssnodgra at pheran.com  Fri Mar 21 15:32:08 2008
From: ssnodgra at pheran.com (Steve Snodgrass)
Date: Fri, 21 Mar 2008 11:32:08 -0400
Subject: [rancid]  Rancid randomly reports routers added/deleted
Message-ID: <20080321153208.GA6703@narn.pheran.com>

I'm using 2.3.2a8 and sometimes it just randomly reports that routers
have been added/deleted, even when nothing was changed in routers.db.
Example from this morning:

Routers changed to up:
        s3750-floor-b1.example.com:cisco

Added routers:
        s3750-floor-b1.example.com:cisco

Deleted routers:
        s3750-floor-b1.example.com:cisco

Obviously I obfuscated the actual domain.  This appears in the log file:

starting: Fri Mar 21 05:00:01 EDT 2008

cvs add: s3750-floor-b1.example.com already exists, with version number 1.3
Added s3750-floor-b1.example.com

Any idea why this happens?  Thanks.

-- 
Steve Snodgrass * ssnodgra at pheran.com * Network/Security/Linux/Perl Geek
"If you want to be somebody else, change your mind."  -Sister Hazel

From justin at justinshore.com  Fri Mar 21 15:49:53 2008
From: justin at justinshore.com (Justin Shore)
Date: Fri, 21 Mar 2008 10:49:53 -0500
Subject: [rancid] Re: Rancid randomly reports routers added/deleted
In-Reply-To: <20080321153208.GA6703@narn.pheran.com>
References: <20080321153208.GA6703@narn.pheran.com>
Message-ID: <47E3D921.7030008@justinshore.com>

I get that as well whenever I modify a certain group.  It's always the 
same two routers "added".  Everything works though...

Justin


Steve Snodgrass wrote:
> I'm using 2.3.2a8 and sometimes it just randomly reports that routers
> have been added/deleted, even when nothing was changed in routers.db.
> Example from this morning:
> 
> Routers changed to up:
>         s3750-floor-b1.example.com:cisco
> 
> Added routers:
>         s3750-floor-b1.example.com:cisco
> 
> Deleted routers:
>         s3750-floor-b1.example.com:cisco
> 
> Obviously I obfuscated the actual domain.  This appears in the log file:
> 
> starting: Fri Mar 21 05:00:01 EDT 2008
> 
> cvs add: s3750-floor-b1.example.com already exists, with version number 1.3
> Added s3750-floor-b1.example.com
> 
> Any idea why this happens?  Thanks.
> 

From ssnodgra at pheran.com  Fri Mar 21 15:58:41 2008
From: ssnodgra at pheran.com (Steve Snodgrass)
Date: Fri, 21 Mar 2008 11:58:41 -0400
Subject: [rancid] Trouble with Cisco CSS backup (cssrancid prompt problem?)
Message-ID: <20080321155841.GA7411@narn.pheran.com>

I have some Cisco CSS 11503 load balancers that I'm trying to back up.  My
normal rancid account is a TACACS-controlled account with command
authorization which can only execute a limited set of commands that rancid
needs.  The CSS seems to have the unusual property that it uses a '>'
prompt instead of '#' based solely on what kind of command authorization
list it gets from TACACS.  Anyway, through experiments I've found that I can
get a good CSS backup only if the prompt has a # character and that it
fails if there is a > character instead.  Note that I have modified the
.cloginrc file with the appropriate values of "noenable" or "autoenable"
depending on the prompt.  The weird part is that if I execute the same
command set that cssrancid is trying to use via clogin, it works perfectly
fine.  Here is what shows up in the log file:

Trying to get all of the configs.
slb01.example.com: missed cmd(s): term length 65535,show run,show
version,show boot
slb01.example.com: End of run not found

But, running this command by hand works perfectly:

clogin -c 'term length 65535;show run;show version;show boot' slb01.example.com

I'm wondering if there is some kind of hardcoded prompt setting in
cssrancid?  Thanks.

-- 
Steve Snodgrass * ssnodgra at pheran.com * Network/Security/Linux/Perl Geek
"If you want to be somebody else, change your mind."  -Sister Hazel

From ecables at gmail.com  Fri Mar 21 16:31:21 2008
From: ecables at gmail.com (Eric Cables)
Date: Fri, 21 Mar 2008 09:31:21 -0700
Subject: [rancid]  clogin error: Error: Couldn't login: <device name>
Message-ID: <d5c7ccac0803210931l32ae6adcyd71519798e8db7f4@mail.gmail.com>

For some reason rancid-run is reporting in its logs that it is unable to
login to certain devices (MDS switches).  I can login to these devices
manually with clogin, but rancid-run continually fails.

log entry:
sdhq-mds-02-04.sege.local clogin error: Error: Couldn't login:
sdhq-mds-02-04.sege.local

[rancid at light (~)]$ bin/clogin sdhq-mds-02-04.sege.local
sdhq-mds-02-04.sege.local
spawn ssh -c 3des -x -l rancid sdhq-mds-02-04.sege.local
MDS Switch
Password:
Cisco Storage Area Networking Operating System (SAN-OS) Software
TAC support: http://www.cisco.com/tac
Copyright (c) 2002-2006, Cisco Systems, Inc. All rights reserved.
The copyrights to certain works contained herein are owned by
other third parties and are used and distributed under license.
Some parts of this software are covered under the GNU Public
License. A copy of the license is available at
http://www.gnu.org/licenses/gpl.html.
SDHQ-MDS-02-04#
SDHQ-MDS-02-04# exit
Connection to sdhq-mds-02-04.sege.local closed.

Any assistance in troubleshooting this would be nice.  Is there a debug mode
I can turn on somewhere?

-- 
Eric Cables
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20080321/b7effad8/attachment.html 

From ecables at gmail.com  Fri Mar 21 19:48:37 2008
From: ecables at gmail.com (Eric Cables)
Date: Fri, 21 Mar 2008 12:48:37 -0700
Subject: [rancid]  CVS or SVN?
Message-ID: <d5c7ccac0803211248m148acbc1wef7fe38bdaab753e@mail.gmail.com>

Just wondering who is using CVS or SVN to manage their RANCID repository.
Has anyone switched from one to the other, if so, why?

Thanks,

-- 
Eric Cables
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20080321/e1f78724/attachment.html 

From hvgeekwtrvl at gmail.com  Fri Mar 21 22:31:53 2008
From: hvgeekwtrvl at gmail.com (james machado)
Date: Fri, 21 Mar 2008 15:31:53 -0700
Subject: [rancid] Re: CVS or SVN?
In-Reply-To: <d5c7ccac0803211248m148acbc1wef7fe38bdaab753e@mail.gmail.com>
References: <d5c7ccac0803211248m148acbc1wef7fe38bdaab753e@mail.gmail.com>
Message-ID: <b43f608a0803211531p35c55684o208e9db426451d16@mail.gmail.com>

Hi Eric,

I'm running SVN myself.  I do not have any prior experience with either CVS
or SVN however over the years I've heard enough horror stories about CVS and
at least 1 less about SVN to push me that way.  I would be interested in
running git but I'm not willing to experiment with the patch that came out
last year  to make it work.

James
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20080321/e3ea3a49/attachment.html 

From ssnodgra at pheran.com  Sat Mar 22 01:28:15 2008
From: ssnodgra at pheran.com (Steve Snodgrass)
Date: Fri, 21 Mar 2008 21:28:15 -0400
Subject: [rancid] Re: CVS or SVN?
In-Reply-To: <d5c7ccac0803211248m148acbc1wef7fe38bdaab753e@mail.gmail.com>
References: <d5c7ccac0803211248m148acbc1wef7fe38bdaab753e@mail.gmail.com>
Message-ID: <47E460AF.1070109@pheran.com>

On 3/21/2008 3:48 PM, Eric Cables wrote:
> Just wondering who is using CVS or SVN to manage their RANCID
> repository.  Has anyone switched from one to the other, if so, why?

I'm using CVS, but I use subversion for some other things.  Frankly, the
limitations of CVS do not matter for rancid, so I see not reason not to use
it since it's a bit easier to set up.  Add a web server with cvsweb for best
results - being able to review all your configs and diffs via the web
interface is extremely nice.

-- 
Steve Snodgrass * ssnodgra at pheran.com * Network/Security/Linux/Perl Geek
"If you want to be somebody else, change your mind."  -Sister Hazel

From saku+rancid at ytti.fi  Sat Mar 22 08:05:19 2008
From: saku+rancid at ytti.fi (Saku Ytti)
Date: Sat, 22 Mar 2008 10:05:19 +0200
Subject: [rancid] Re: CVS or SVN?
In-Reply-To: <d5c7ccac0803211248m148acbc1wef7fe38bdaab753e@mail.gmail.com>
References: <d5c7ccac0803211248m148acbc1wef7fe38bdaab753e@mail.gmail.com>
Message-ID: <20080322080518.GA5451@mx.ytti.net>

On (2008-03-21 12:48 -0700), Eric Cables wrote:

> Just wondering who is using CVS or SVN to manage their RANCID repository.
> Has anyone switched from one to the other, if so, why?

I use CVS and can't migrate to SVN as it lacks way to checkout whole
repository to stdout, which I need for 'grepping' network configuration
for given regexp for arbitrary date.
For SVN I'd need to fork SVN checkout for each file in repo, and it would
make this particular program vastly slower.

-- 
  ++ytti

From heas at shrubbery.net  Sat Mar 22 17:29:54 2008
From: heas at shrubbery.net (john heasley)
Date: Sat, 22 Mar 2008 17:29:54 +0000
Subject: [rancid] Re: Rancid randomly reports routers added/deleted
In-Reply-To: <20080321153208.GA6703@narn.pheran.com>
References: <20080321153208.GA6703@narn.pheran.com>
Message-ID: <20080322172954.GC3655@shrubbery.net>

This NEVER occurs for me on any of the 5 installations that I manage.  But,
I never have CVS problems either. :)

control_rancid uses perl to create the router.{up,down,all} files from
router.db and then diffs them.  Is it failing to rename router.*.new to
router.*?  Do you have a script that is overwriting or removing them?

Fri, Mar 21, 2008 at 11:32:08AM -0400, Steve Snodgrass:
> I'm using 2.3.2a8 and sometimes it just randomly reports that routers
> have been added/deleted, even when nothing was changed in routers.db.
> Example from this morning:
> 
> Routers changed to up:
>         s3750-floor-b1.example.com:cisco
> 
> Added routers:
>         s3750-floor-b1.example.com:cisco
> 
> Deleted routers:
>         s3750-floor-b1.example.com:cisco
> 
> Obviously I obfuscated the actual domain.  This appears in the log file:
> 
> starting: Fri Mar 21 05:00:01 EDT 2008
> 
> cvs add: s3750-floor-b1.example.com already exists, with version number 1.3
> Added s3750-floor-b1.example.com
> 
> Any idea why this happens?  Thanks.
> 
> -- 
> Steve Snodgrass * ssnodgra at pheran.com * Network/Security/Linux/Perl Geek
> "If you want to be somebody else, change your mind."  -Sister Hazel
> _______________________________________________
> Rancid-discuss mailing list
> Rancid-discuss at shrubbery.net
> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss

From ecables at gmail.com  Sat Mar 22 17:30:19 2008
From: ecables at gmail.com (Eric Cables)
Date: Sat, 22 Mar 2008 10:30:19 -0700
Subject: [rancid] Re: CVS or SVN?
In-Reply-To: <47E460AF.1070109@pheran.com>
References: <d5c7ccac0803211248m148acbc1wef7fe38bdaab753e@mail.gmail.com>
	<47E460AF.1070109@pheran.com>
Message-ID: <d5c7ccac0803221030s6bf70214w89458193979f9dcd@mail.gmail.com>

Does Subversion not have a "svnweb" equivalent?  I am using CVS currently,
and use cvsweb to view config diffs, and find it very useful.

On Fri, Mar 21, 2008 at 6:28 PM, Steve Snodgrass <ssnodgra at pheran.com>
wrote:

> On 3/21/2008 3:48 PM, Eric Cables wrote:
> > Just wondering who is using CVS or SVN to manage their RANCID
> > repository.  Has anyone switched from one to the other, if so, why?
>
> I'm using CVS, but I use subversion for some other things.  Frankly, the
> limitations of CVS do not matter for rancid, so I see not reason not to
> use
> it since it's a bit easier to set up.  Add a web server with cvsweb for
> best
> results - being able to review all your configs and diffs via the web
> interface is extremely nice.
>
> --
> Steve Snodgrass * ssnodgra at pheran.com * Network/Security/Linux/Perl Geek
> "If you want to be somebody else, change your mind."  -Sister Hazel
>



-- 
Eric Cables
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20080322/9003c430/attachment.html 

From heas at shrubbery.net  Sat Mar 22 18:16:39 2008
From: heas at shrubbery.net (john heasley)
Date: Sat, 22 Mar 2008 18:16:39 +0000
Subject: [rancid] Re: CVS or SVN?
In-Reply-To: <b43f608a0803211531p35c55684o208e9db426451d16@mail.gmail.com>
References: <d5c7ccac0803211248m148acbc1wef7fe38bdaab753e@mail.gmail.com>
	<b43f608a0803211531p35c55684o208e9db426451d16@mail.gmail.com>
Message-ID: <20080322181639.GF4352@shrubbery.net>

Choose based upon the features that you want or what you're already using
for other tasks.  For rancid's purposes, either work just fine.

Fri, Mar 21, 2008 at 03:31:53PM -0700, james machado:
> Hi Eric,
> 
> I'm running SVN myself.  I do not have any prior experience with either CVS
> or SVN however over the years I've heard enough horror stories about CVS and
> at least 1 less about SVN to push me that way.  I would be interested in
> running git but I'm not willing to experiment with the patch that came out
> last year  to make it work.
> 
> James

> _______________________________________________
> Rancid-discuss mailing list
> Rancid-discuss at shrubbery.net
> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss

From randy at psg.com  Sat Mar 22 22:21:29 2008
From: randy at psg.com (Randy Bush)
Date: Sun, 23 Mar 2008 07:21:29 +0900
Subject: [rancid] Re: CVS or SVN?
In-Reply-To: <b43f608a0803211531p35c55684o208e9db426451d16@mail.gmail.com>
References: <d5c7ccac0803211248m148acbc1wef7fe38bdaab753e@mail.gmail.com>
	<b43f608a0803211531p35c55684o208e9db426451d16@mail.gmail.com>
Message-ID: <47E58669.6030605@psg.com>

for other reasons, i am moving all my tons of gunk from cvs to svn.
anyone have the recipe for what one has to do to rancid for the
conversion, other than running cvs2svn?

randy

From ecables at gmail.com  Sun Mar 23 01:53:08 2008
From: ecables at gmail.com (Eric Cables)
Date: Sat, 22 Mar 2008 18:53:08 -0700
Subject: [rancid] Re: CVS or SVN?
In-Reply-To: <47E58669.6030605@psg.com>
References: <d5c7ccac0803211248m148acbc1wef7fe38bdaab753e@mail.gmail.com>
	<b43f608a0803211531p35c55684o208e9db426451d16@mail.gmail.com>
	<47E58669.6030605@psg.com>
Message-ID: <d5c7ccac0803221853i698621aao85500aedbbd80ba4@mail.gmail.com>

Can you elaborate on your reasons for moving from CVS -> SVN?

On Sat, Mar 22, 2008 at 3:21 PM, Randy Bush <randy at psg.com> wrote:

> for other reasons, i am moving all my tons of gunk from cvs to svn.
> anyone have the recipe for what one has to do to rancid for the
> conversion, other than running cvs2svn?
>
> randy
> _______________________________________________
> Rancid-discuss mailing list
> Rancid-discuss at shrubbery.net
> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
>



-- 
Eric Cables
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20080322/8eca9746/attachment.html 

From stsimb at irc.gr  Mon Mar 24 08:59:48 2008
From: stsimb at irc.gr (Sotiris Tsimbonis)
Date: Mon, 24 Mar 2008 10:59:48 +0200
Subject: [rancid] Re: Rancid randomly reports routers added/deleted
In-Reply-To: <20080322172954.GC3655@shrubbery.net>
References: <20080321153208.GA6703@narn.pheran.com>
	<20080322172954.GC3655@shrubbery.net>
Message-ID: <47E76D84.9070603@irc.gr>

On 03/22/2008 07:29 PM, john heasley wrote:
> This NEVER occurs for me on any of the 5 installations that I manage.  But,
> I never have CVS problems either. :)
> 
> control_rancid uses perl to create the router.{up,down,all} files from
> router.db and then diffs them.  Is it failing to rename router.*.new to
> router.*?  Do you have a script that is overwriting or removing them?
> 
> Fri, Mar 21, 2008 at 11:32:08AM -0400, Steve Snodgrass:
>> I'm using 2.3.2a8 and sometimes it just randomly reports that routers
>> have been added/deleted, even when nothing was changed in routers.db.
>> Example from this morning:
>>
>> Routers changed to up:
>>         s3750-floor-b1.example.com:cisco
>>
>> Added routers:
>>         s3750-floor-b1.example.com:cisco
>>
>> Deleted routers:
>>         s3750-floor-b1.example.com:cisco
>>
>> Obviously I obfuscated the actual domain.  This appears in the log file:
>>
>> starting: Fri Mar 21 05:00:01 EDT 2008
>>
>> cvs add: s3750-floor-b1.example.com already exists, with version number 1.3
>> Added s3750-floor-b1.example.com
>>
>> Any idea why this happens?  Thanks.


It looks similar to this old case..
http://www.shrubbery.net/pipermail/rancid-discuss/2005-November/001275.html

So try adding the following line at the end of router.db ..
FIX_DIFF_BUG:cisco:down

Sot.

>>
>> -- 
>> Steve Snodgrass * ssnodgra at pheran.com * Network/Security/Linux/Perl Geek
>> "If you want to be somebody else, change your mind."  -Sister Hazel
>> _______________________________________________
>> Rancid-discuss mailing list
>> Rancid-discuss at shrubbery.net
>> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
> _______________________________________________
> Rancid-discuss mailing list
> Rancid-discuss at shrubbery.net
> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
> 


From john at sackheads.org  Mon Mar 24 18:18:14 2008
From: john at sackheads.org (John Payne)
Date: Mon, 24 Mar 2008 14:18:14 -0400
Subject: [rancid] Re: End of run not found
In-Reply-To: <8423e7bb0803171007h3d56f2dci6ad6162b47e900ac@mail.gmail.com>
References: <509d59e0803071316l60a559aeq2cc9a64ed13b8a59@mail.gmail.com>
	<509d59e0803100642q133e7b31k765f91c2a38199c3@mail.gmail.com>
	<3435B936-5DB7-4ED8-B8A7-58D148AEF4E3@sackheads.org>
	<A4A561E5-1D20-40C7-BB0D-7C3EB3C1676C@sackheads.org>
	<8423e7bb0803171007h3d56f2dci6ad6162b47e900ac@mail.gmail.com>
Message-ID: <4EF9D3EC-D910-4720-BE6A-A4264586B87F@sackheads.org>


On Mar 17, 2008, at 1:07 PM, Lance Vermilion wrote:

> John Payne,
>
> Did the patching of expect fix you?

Yep!

>
> -lance
>
> On 3/17/08, John Payne <john at sackheads.org> wrote:
>>
>>
>> On Mar 17, 2008, at 10:20 AM, John Payne wrote:
>>
>>
>> On Mar 10, 2008, at 9:42 AM, Raymond Venner wrote:
>>
>> Greetings,
>> Still no luck with this issue and can't seem to find any  
>> informational
>> threads online.  This seems to be CAT os related but I can't seem to
>> pinpoint the issue. Any info would be greatly appreciated..
>>
>> I'm having similar problems with SOME IOS devices.
>> running rancid manually with -d I see it hanging on show  
>> controllers...
>>
>> Actually, a bit more digging... it looks like some kind of  
>> buffering issue.
>>
>> ## $Id: clogin.in,v 1.77 2004/03/12 05:44:06 asp Exp $
>>
>> with a clogin -c 'show controllers' <routername>   works fine.
>>
>> clogin from 2.3.2a7:
>> ## $Id: clogin.in,v 1.107 2006/12/08 21:28:25 heas Exp $
>>
>> with a clogin -c 'show controllers' <routername> hangs after  
>> Fifo13, and
>> then eventually completes (several minutes later).
>>
>> I see similar things with 'show run' on a different device.
>>
>> Of course... that sent me hunting and it looks like I'm using an  
>> unpatched
>> expect.
>>
>> *sigh*
>>
>>
>>
>>
>>
>>
>>
>> On Fri, Mar 7, 2008 at 5:16 PM, Raymond Venner <bhdbmv at gmail.com>  
>> wrote:
>>>
>>> Trying to run rancid on the following devices
>>>
>>> WS-C6506
>>> WS-C6509
>>> but keep getting the following error.
>>>
>>> End of run not found
>>>
>>> Anybody know of a fix?
>>>
>>> Thanks in advance.
>>
>> _______________________________________________
>> Rancid-discuss mailing list
>> Rancid-discuss at shrubbery.net
>> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
>> _______________________________________________
>> Rancid-discuss mailing list
>> Rancid-discuss at shrubbery.net
>> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
>>
>> _______________________________________________
>> Rancid-discuss mailing list
>> Rancid-discuss at shrubbery.net
>> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
>>
>


From max.clark at gmail.com  Tue Mar 25 00:53:52 2008
From: max.clark at gmail.com (Max Clark)
Date: Mon, 24 Mar 2008 17:53:52 -0700
Subject: [rancid]  cannot "exit" when using clogin
Message-ID: <2fa1e1780803241753w29bfb2a9naa672c745ba67d6c@mail.gmail.com>

Hello,

I have a Cisco 2811 (show ver below) that I can execute "telnet" from
the command line, connect, authenticate, and "exit" without problems.
When I use clogin to connect to this device it authenticates fine, and
I can execute commands on the router. However when I issue an "exit"
the system does not disconnect. This is causing rancid to hang on this
device. I have several Cisco routers/switches that are not a problem,
only this unit.

How do I resolve this?

Thanks,
Max

rancid[~]% clogin 2811.foo.com
2811.foo.com
spawn telnet 2811.foo.com
Trying 10.10.10.46...
Connected to 2811.foo.com.
Escape character is '^]'.

This system is for the use of authorized users only. Individuals using
this system without authority, or in excess of their authority,
are subject to having all of their activities on this system monitored
and recorded by system personnel.

In the course of monitoring individuals improperly using this system,
or in the course of system maintenance, the activities of authorized
users may also be monitored.

Anyone using this system expressly consents to such monitoring and is
advised that if such monitoring reveals possible evidence of criminal
activity, system personnel may provide the evidence of such monitoring
to law enforcement officials.


User Access Verification

Username: user
Password:

Router#exit

Error: TIMEOUT reached

Router#show ver
Cisco IOS Software, 2800 Software (C2800NM-ADVIPSERVICESK9-M), Version
12.4(7), RELEASE SOFTWARE (fc6)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2006 by Cisco Systems, Inc.
Compiled Wed 01-Mar-06 07:23 by alnguyen

ROM: System Bootstrap, Version 12.3(8r)T7, RELEASE SOFTWARE (fc1)

Router uptime is 2 days, 44 minutes
System returned to ROM by reload at 16:03:44 PCTime Sat Mar 22 2008
System restarted at 00:06:18 UTC Sun Mar 23 2008
System image file is "flash:c2800nm-advipservicesk9-mz.124-7"


This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.

A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html

If you require further assistance please contact us by sending email to
export at cisco.com.

Cisco 2811 (revision 53.51) with 249856K/12288K bytes of memory.
Processor board ID FHK0909F0S8
6 FastEthernet interfaces
1 Serial interface
1 Virtual Private Network (VPN) Module
DRAM configuration is 64 bits wide with parity enabled.
239K bytes of non-volatile configuration memory.
62592K bytes of ATA CompactFlash (Read/Write)

Configuration register is 0x2102

From rancid at gheek.net  Tue Mar 25 02:00:07 2008
From: rancid at gheek.net (Lance Vermilion)
Date: Mon, 24 Mar 2008 19:00:07 -0700
Subject: [rancid] Re: cannot "exit" when using clogin
In-Reply-To: <2fa1e1780803241753w29bfb2a9naa672c745ba67d6c@mail.gmail.com>
References: <2fa1e1780803241753w29bfb2a9naa672c745ba67d6c@mail.gmail.com>
Message-ID: <8423e7bb0803241900o2f4db414u1508a613f9199f7b@mail.gmail.com>

Please show us your .cloginrc

-Lance

On Mon, Mar 24, 2008 at 5:53 PM, Max Clark <max.clark at gmail.com> wrote:
> Hello,
>
> I have a Cisco 2811 (show ver below) that I can execute "telnet" from
> the command line, connect, authenticate, and "exit" without problems.
> When I use clogin to connect to this device it authenticates fine, and
> I can execute commands on the router. However when I issue an "exit"
> the system does not disconnect. This is causing rancid to hang on this
> device. I have several Cisco routers/switches that are not a problem,
> only this unit.
>
> How do I resolve this?
>
> Thanks,
> Max
>
> rancid[~]% clogin 2811.foo.com
> 2811.foo.com
> spawn telnet 2811.foo.com
> Trying 10.10.10.46...
> Connected to 2811.foo.com.
> Escape character is '^]'.
>
> This system is for the use of authorized users only. Individuals using
> this system without authority, or in excess of their authority,
> are subject to having all of their activities on this system monitored
> and recorded by system personnel.
>
> In the course of monitoring individuals improperly using this system,
> or in the course of system maintenance, the activities of authorized
> users may also be monitored.
>
> Anyone using this system expressly consents to such monitoring and is
> advised that if such monitoring reveals possible evidence of criminal
> activity, system personnel may provide the evidence of such monitoring
> to law enforcement officials.
>
>
> User Access Verification
>
> Username: user
> Password:
>
> Router#exit
>
> Error: TIMEOUT reached
>
> Router#show ver
> Cisco IOS Software, 2800 Software (C2800NM-ADVIPSERVICESK9-M), Version
> 12.4(7), RELEASE SOFTWARE (fc6)
> Technical Support: http://www.cisco.com/techsupport
> Copyright (c) 1986-2006 by Cisco Systems, Inc.
> Compiled Wed 01-Mar-06 07:23 by alnguyen
>
> ROM: System Bootstrap, Version 12.3(8r)T7, RELEASE SOFTWARE (fc1)
>
> Router uptime is 2 days, 44 minutes
> System returned to ROM by reload at 16:03:44 PCTime Sat Mar 22 2008
> System restarted at 00:06:18 UTC Sun Mar 23 2008
> System image file is "flash:c2800nm-advipservicesk9-mz.124-7"
>
>
> This product contains cryptographic features and is subject to United
> States and local country laws governing import, export, transfer and
> use. Delivery of Cisco cryptographic products does not imply
> third-party authority to import, export, distribute or use encryption.
> Importers, exporters, distributors and users are responsible for
> compliance with U.S. and local country laws. By using this product you
> agree to comply with applicable laws and regulations. If you are unable
> to comply with U.S. and local laws, return this product immediately.
>
> A summary of U.S. laws governing Cisco cryptographic products may be found at:
> http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
>
> If you require further assistance please contact us by sending email to
> export at cisco.com.
>
> Cisco 2811 (revision 53.51) with 249856K/12288K bytes of memory.
> Processor board ID FHK0909F0S8
> 6 FastEthernet interfaces
> 1 Serial interface
> 1 Virtual Private Network (VPN) Module
> DRAM configuration is 64 bits wide with parity enabled.
> 239K bytes of non-volatile configuration memory.
> 62592K bytes of ATA CompactFlash (Read/Write)
>
> Configuration register is 0x2102
> _______________________________________________
> Rancid-discuss mailing list
> Rancid-discuss at shrubbery.net
> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
>

From max.clark at gmail.com  Tue Mar 25 03:21:03 2008
From: max.clark at gmail.com (Max Clark)
Date: Mon, 24 Mar 2008 20:21:03 -0700
Subject: [rancid] Re: cannot "exit" when using clogin
In-Reply-To: <8423e7bb0803241900o2f4db414u1508a613f9199f7b@mail.gmail.com>
References: <2fa1e1780803241753w29bfb2a9naa672c745ba67d6c@mail.gmail.com>
	<8423e7bb0803241900o2f4db414u1508a613f9199f7b@mail.gmail.com>
Message-ID: <2fa1e1780803242021h48e11904q8b1792af7451816c@mail.gmail.com>

I forgot to add the autoenable to the router - adding that solved the
issue. Strange because it logged me in just fine, just had a problem
exiting.

Thanks,
Max

On Mon, Mar 24, 2008 at 7:00 PM, Lance Vermilion <rancid at gheek.net> wrote:
> Please show us your .cloginrc
>
>  -Lance
>
>
>
>  On Mon, Mar 24, 2008 at 5:53 PM, Max Clark <max.clark at gmail.com> wrote:
>  > Hello,
>  >
>  > I have a Cisco 2811 (show ver below) that I can execute "telnet" from
>  > the command line, connect, authenticate, and "exit" without problems.
>  > When I use clogin to connect to this device it authenticates fine, and
>  > I can execute commands on the router. However when I issue an "exit"
>  > the system does not disconnect. This is causing rancid to hang on this
>  > device. I have several Cisco routers/switches that are not a problem,
>  > only this unit.
>  >
>  > How do I resolve this?
>  >
>  > Thanks,
>  > Max
>  >
>  > rancid[~]% clogin 2811.foo.com
>  > 2811.foo.com
>  > spawn telnet 2811.foo.com
>  > Trying 10.10.10.46...
>  > Connected to 2811.foo.com.
>  > Escape character is '^]'.
>  >
>  > This system is for the use of authorized users only. Individuals using
>  > this system without authority, or in excess of their authority,
>  > are subject to having all of their activities on this system monitored
>  > and recorded by system personnel.
>  >
>  > In the course of monitoring individuals improperly using this system,
>  > or in the course of system maintenance, the activities of authorized
>  > users may also be monitored.
>  >
>  > Anyone using this system expressly consents to such monitoring and is
>  > advised that if such monitoring reveals possible evidence of criminal
>  > activity, system personnel may provide the evidence of such monitoring
>  > to law enforcement officials.
>  >
>  >
>  > User Access Verification
>  >
>  > Username: user
>  > Password:
>  >
>  > Router#exit
>  >
>  > Error: TIMEOUT reached
>  >
>  > Router#show ver
>  > Cisco IOS Software, 2800 Software (C2800NM-ADVIPSERVICESK9-M), Version
>  > 12.4(7), RELEASE SOFTWARE (fc6)
>  > Technical Support: http://www.cisco.com/techsupport
>  > Copyright (c) 1986-2006 by Cisco Systems, Inc.
>  > Compiled Wed 01-Mar-06 07:23 by alnguyen
>  >
>  > ROM: System Bootstrap, Version 12.3(8r)T7, RELEASE SOFTWARE (fc1)
>  >
>  > Router uptime is 2 days, 44 minutes
>  > System returned to ROM by reload at 16:03:44 PCTime Sat Mar 22 2008
>  > System restarted at 00:06:18 UTC Sun Mar 23 2008
>  > System image file is "flash:c2800nm-advipservicesk9-mz.124-7"
>  >
>  >
>  > This product contains cryptographic features and is subject to United
>  > States and local country laws governing import, export, transfer and
>  > use. Delivery of Cisco cryptographic products does not imply
>  > third-party authority to import, export, distribute or use encryption.
>  > Importers, exporters, distributors and users are responsible for
>  > compliance with U.S. and local country laws. By using this product you
>  > agree to comply with applicable laws and regulations. If you are unable
>  > to comply with U.S. and local laws, return this product immediately.
>  >
>  > A summary of U.S. laws governing Cisco cryptographic products may be found at:
>  > http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
>  >
>  > If you require further assistance please contact us by sending email to
>  > export at cisco.com.
>  >
>  > Cisco 2811 (revision 53.51) with 249856K/12288K bytes of memory.
>  > Processor board ID FHK0909F0S8
>  > 6 FastEthernet interfaces
>  > 1 Serial interface
>  > 1 Virtual Private Network (VPN) Module
>  > DRAM configuration is 64 bits wide with parity enabled.
>  > 239K bytes of non-volatile configuration memory.
>  > 62592K bytes of ATA CompactFlash (Read/Write)
>  >
>  > Configuration register is 0x2102
>  > _______________________________________________
>  > Rancid-discuss mailing list
>  > Rancid-discuss at shrubbery.net
>  > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
>  >
>

From giesen at snickers.org  Mon Mar 31 14:59:33 2008
From: giesen at snickers.org (Gary T. Giesen)
Date: Mon, 31 Mar 2008 10:59:33 -0400
Subject: [rancid]  Rancid "stuck" when grabbing configs
Message-ID: <9a9d0c6a0803310759q52696bd1w9ac7472515ed4681@mail.gmail.com>

I have a problem with some new hosts I've added to rancid (2.3.2a7
w/usercmd patch) in that rancid seems to get stuck on one particular
line in the config. This has happened with about 30% of the new hosts
I've added. There doesn't seem to be a commonality between IOS
versions, (I've expeperienced the problem in 12.3(8) and 12.4(17)) .
The only commonality seems to be that it gets stuck when listing the
interfaces. The interface it gets stuck on is not consistent (it could
be Serial, Ethernet, etc). The line for the interface is listed over
and over, I have several configs that are 20 M when they should be
more like 4K.

Note that rancid never completes getting the rest of the config, just
thousands and thousands of lines of the interface. See example below:

!RANCID-CONTENT-TYPE: cisco
!
!
!Memory: nvram 191K
!
!
!
!Image: Software: C1841-ADVIPSERVICESK9-M, 12.4(17), RELEASE SOFTWARE (fc1)
!Image: Compiled: Fri 07-Sep-07 15:27 by prod_rel_team
!Image: flash:c1841-advipservicesk9-mz.124-17.bin
!
!ROM Bootstrap: Version 12.4(13r)T, RELEASE SOFTWARE (fc1)
!
!
!Flash: -#- --length-- -----date/time------ path
!Flash: 1     23476236 Jan 25 2008 12:45:12 -05:00
c1841-advipservicesk9-mz.124-17.bin
!Flash: 8454144 bytes available (23478272 bytes used)
!
!Flash: nvram: Directory of nvram:/
!Flash: nvram:   186  -rw-        2086                    <no date>
startup-config
!Flash: nvram:   187  ----        1962                    <no date>
private-config
!Flash: nvram:   188  -rw-        2086                    <no date>
underlying-config
!Flash: nvram:     1  -rw-         137                    <no date>
ifIndex-table
!Flash: nvram:     2  ----          12                    <no date>
persistent-data
!Flash: nvram: 196600 bytes total (190452 bytes free)
!
!Interface: FastEthernet0/0, GT96K FE ADDR: 632C9568, FASTSEND:
61BEEA20, MCI_INDEX: 0
!Interface: FastEthernet0/1, GT96K FE ADDR: 632D6850, FASTSEND:
61BEEA20, MCI_INDEX: 0
!Interface: Serial0/0/0, GT96K with Integrated FT1 CSU/DSU module
!Interface: Serial0/1/0, GT96K with Integrated FT1 CSU/DSU module
!Interface: Serial0/1/0, GT96K with Integrated FT1 CSU/DSU module
!Interface: Serial0/1/0, GT96K with Integrated FT1 CSU/DSU module
!Interface: Serial0/1/0, GT96K with Integrated FT1 CSU/DSU module
!Interface: Serial0/1/0, GT96K with Integrated FT1 CSU/DSU module
!Interface: Serial0/1/0, GT96K with Integrated FT1 CSU/DSU module
!Interface: Serial0/1/0, GT96K with Integrated FT1 CSU/DSU module
!Interface: Serial0/1/0, GT96K with Integrated FT1 CSU/DSU module
!Interface: Serial0/1/0, GT96K with Integrated FT1 CSU/DSU module
!Interface: Serial0/1/0, GT96K with Integrated FT1 CSU/DSU module
!Interface: Serial0/1/0, GT96K with Integrated FT1 CSU/DSU module
!Interface: Serial0/1/0, GT96K with Integrated FT1 CSU/DSU module
!Interface: Serial0/1/0, GT96K with Integrated FT1 CSU/DSU module
!Interface: Serial0/1/0, GT96K with Integrated FT1 CSU/DSU module
!Interface: Serial0/1/0, GT96K with Integrated FT1 CSU/DSU module
!Interface: Serial0/1/0, GT96K with Integrated FT1 CSU/DSU module
!Interface: Serial0/1/0, GT96K with Integrated FT1 CSU/DSU module
!Interface: Serial0/1/0, GT96K with Integrated FT1 CSU/DSU module
!Interface: Serial0/1/0, GT96K with Integrated FT1 CSU/DSU module
!Interface: Serial0/1/0, GT96K with Integrated FT1 CSU/DSU module
!Interface: Serial0/1/0, GT96K with Integrated FT1 CSU/DSU module
...

A (sanitized) config snippet below:

# Cusotmer - Central Router
add user        customer.dom.tld     rancid-user
add password    customer.dom.tld     rancid-pass
add autoenable  customer.dom.tld     1
add method      customer.dom.tld     ssh

# Customer - CPE (via Central Router)
add method              customer-cpe             {usercmd}
add usercmd             customer-cpe             {clogin} {customer.dom.tld}
add usercmd_chat        customer-cpe             {#} {telnet
172.16.12.34 /vrf CUSTOMER\r} {User Access Verification\r} {}
add user                customer-cpe             rancid-user
add password            customer-cpe             rancid-pass
add autoenable          customer-cpe             1


Note that 'clogin customer-cpe' works just fine and doesn't show any
issues. Anyone have *any* ideas what this might be?