[rancid] Re: CVS changes with ASA

john heasley heas at shrubbery.net
Mon Feb 2 21:44:22 UTC 2009 

Mon, Feb 02, 2009 at 08:48:18PM +0000, Jethro R Binks:
> On Mon, 2 Feb 2009, Jethro R Binks wrote:
> 
> > I'm investigating several PIX/ASA related difficulties with rancid at the 
> > moment ...
> 
> Since we're looking at these in detail at the moment, here's two more 
> things:
> 
> As another note, it would be useful to send "term pager 0" as well, to
> prevent output paging:
> 
> --- clogin.1.118        Fri Jan 30 19:40:20 2009
> +++ clogin.1.118.mod    Fri Jan 30 21:01:26 2009
> @@ -603,6 +603,8 @@
>             set command "set logging session disable;$command"
>         } else {
>             send "term length 0\r"
> +            # ASA 7.x takes this instead:
> +           send "term pager 0\r"
>         }
>         # escape any parens in the prompt, such as "(enable)"
>         regsub -all {[)(]} $prompt {\\&} reprompt
> 
> 
> 
> The other thing is that parsing of the serial numbers/hardware revisions 
> isn't correct.  I haven't looked at this in detail yet, but what you get 
> is garbled, for example:
> 
> !Slot 0/: type ASA 5550 Adaptive
> !Slot 0/: part Security, serial Appliance
> !Slot 0/: hvers ASA5550
> !Slot 0: hvers 2.0, firmware 1.0(11)2, sw 7.2(4)
> !
> !Slot 1: hvers 1.0, firmware 1.0(0)8, sw 1.0(0)10
> !
> !Slot 1/0: type SSM-4GE Included with ASA
> !Slot 1/0: part 5550, serial System
> !Slot 1/0: hvers SSM-4GE-INC
> 
> 
> I suppose the output generated by PIX/ASA doesn't match the usual IOS 
> output.  If no-one else gets to it, I will take a closer look in a few 
> days hopefully.
> 
> One other things I would note: I find getting configs out of my PIX/ASAs 
> is much more reliable (but not perfect) if I only let rancid run one of 
> "more system:running-config", "write terminal", or "show running-config".  
> If two or three run, the output gets a bit garbled, and rancid fails to 
> find the end.  I speculate this is something to do with the box producing 
> the output, but asynchronously returning the prompt, or some such.

I think it is time that ASA/PIX became a separate script.  Trying to wedge
it in with IOS and IOX is becoming painful.

> At this point, can I also suggest this small patch, which helped me to 
> narrow down the cause of failure in a couple of cases (sorry no line 
> numbers for this one, but it is right at the end of 'rancid'):
> 
> -       print STDERR "$host: End of run not found\n" if ($debug);
> +        print STDERR "$host: End of run not found ",
> +              "(clean_run=$clean_run, found_end=$found_end)\n" if ($debug);
> 
> Jethro.
> 
> -- 
> .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .
> Jethro R Binks
> Computing Officer, IT Services, University Of Strathclyde, Glasgow, UK
> _______________________________________________
> Rancid-discuss mailing list
> Rancid-discuss at shrubbery.net
> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss

More information about the Rancid-discuss mailing list