From remyheiden at gmail.com Wed Jun 2 00:02:44 2010 From: remyheiden at gmail.com (Remy Heiden) Date: Wed, 2 Jun 2010 02:02:44 +0200 Subject: [rancid] Re: New device on .cloginrc In-Reply-To: <4BC8CC3E.10407@pop-sp.rnp.br> References: <4BC38F0D.5060006@pop-sp.rnp.br> <5DC4853C6CC3EE4788779E0726E034DD1D27AF@zy-ex1.zyedge.local> <4BC45C74.7010809@pop-sp.rnp.br> <20100413120535.GA9580@merboo.mamista.net> <4BC472B7.4080204@pop-sp.rnp.br> <5DC4853C6CC3EE4788779E0726E034DD1D3CA7@zy-ex1.zyedge.local> <4BC4CA31.9030106@pop-sp.rnp.br> <5DC4853C6CC3EE4788779E0726E034DD1D4B1E@zy-ex1.zyedge.local> <4BC4D1E0.9050502@pop-sp.rnp.br> <4BBAF403456ED74981E7164ED3A4C22401DF815C@CA-EVS02.pelco.org> <4BC4D978.9020306@pop-sp.rnp.br> <5DC4853C6CC3EE4788779E0726E034DD1D4D73@zy-ex1.zyedge.local> <4BC868B0.9040706@pop-sp.rnp.br> <2462C3A55E5DA04395C77B0400E5300306E0266689@ZAMDC02104.vodacom.corp> <4BC86F98.3040502@laposte.fr> <4BC8CC3E.10407@pop-sp.rnp.br> Message-ID: Please check that the user and vty-password resemble the ones known to the RADIUS server. Regards, Remy On Fri, Apr 16, 2010 at 10:44 PM, Wagner Pereira wrote: > Mickael, > > Yes, my .cloginrc is exactly like the below (omitting all the real > values, obviously): > > add password 10.0.0.2 {vty passwd} {enable passwd} > add user 10.0.0.2 user > add userprompt 10.0.0.2 {"Username:"} > add passprompt 10.0.0.2 {"Password:"} > add method 10.0.0.2 {ssh} {telnet} > add enableprompt 10.0.0.2 {"Password:"} > add cyphertype 10.0.0.2 {3des} > > I already have another device rancid'ing perfectly, that means my > .cloginrc lines are correctly written, since I declared it at the same > way that the above. > > Hugs, > > -- > > Wagner Pereira > > PoP-SP/RNP - Ponto de Presen?a da RNP em S?o Paulo > CCE/USP - Centro de Computa??o Eletr?nica da Universidade de S?o Paulo > http://www.pop-sp.rnp.br > Tel. (11) 3091-8901 > > > Em 16/4/2010 11:09, Mickael GARNIER escreveu: > > Hi, > > > > do you have a 'add user' entry in your .cloginrc ? > > > > it should be like : > > add user > > add password > > add method ssh > > > > MG > > > > > > Le 16/04/2010 15:46, Drikus Brits a ?crit : > > > >> Hi, > >> > >> The root user is most likely because clogin is being executed as the > root user, ie: you're logged in as root when you try to clogin into your > router. > >> > >> Hope this helps, > >> > >> Drikus. > >> > >> -----Original Message----- > >> From: rancid-discuss-bounces at shrubbery.net [mailto: > rancid-discuss-bounces at shrubbery.net] On Behalf Of Wagner Pereira > >> Sent: 16 April 2010 03:40 PM > >> Cc: Rancid Mailing List > >> Subject: [rancid] Re: New device on .cloginrc > >> > >> Ryan, > >> > >> When I try to connect to my device using /home/rancid/bin/clogin, this > >> is what I get: > >> > >> -------------------- > >> spawn ssh -c 3des -x -l root 10.0.0.2 > >> root at 10.0.0.2's password: > >> -------------------- > >> > >> But, there is no root user written in my .cloginrc file. > >> > >> Where does this root user should come from? > >> > >> Hugs, > >> > >> > >> > > Post-scriptum La Poste > > > > Ce message est confidentiel. Sous reserve de tout accord conclu par > > ecrit entre vous et La Poste, son contenu ne represente en aucun cas un > > engagement de la part de La Poste. Toute publication, utilisation ou > > diffusion, meme partielle, doit etre autorisee prealablement. Si vous > > n'etes pas destinataire de ce message, merci d'en avertir immediatement > > l'expediteur. > > > > _______________________________________________ > > Rancid-discuss mailing list > > Rancid-discuss at shrubbery.net > > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20100602/912e49e2/attachment.html From bohara at ripe.net Thu Jun 3 12:24:43 2010 From: bohara at ripe.net (Ben O'Hara) Date: Thu, 3 Jun 2010 14:24:43 +0200 Subject: [rancid] patch for mrvrancid Message-ID: <4A9BC403-D843-4ADC-949A-6FB9A7B589DF@ripe.net> Hi, We recently started using rancid with some MRV LambdaDriver 800P. Using the 'mrv' in rancid works great, it pulls the configs down etc but we were being mailed for diffs in a couple of things that wernt really changing. voltages, temprature and uptime. The attached patch skips these during the diff so you dont hear about them changing on every run. Could you add this to rancid? Cheers Ben -------------- next part -------------- A non-text attachment was scrubbed... Name: mrvrancid.patch Type: application/octet-stream Size: 646 bytes Desc: not available Url : http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20100603/6c7d8058/attachment.obj -------------- next part -------------- -- Ben O'Hara RIPE Network Coordination Center Systems Engineer Singel 258, Amsterdam, NL http://www.ripe.net +31 20 535 4444 PGP Fingerprint: 080A 52FF BF0A A7FB F176 E7DB 513D 9A3D E968 7DBC From rhys.evans at Redblade.co.uk Tue Jun 8 16:36:26 2010 From: rhys.evans at Redblade.co.uk (Rhys Evans) Date: Tue, 8 Jun 2010 17:36:26 +0100 Subject: [rancid] Re: Rancid support for Brocade switches In-Reply-To: <02FBECA25E68744CBEACFCC9EDFA36684A726AC2@J-F-Exch01.jumacorp.com> References: <02FBECA25E68744CBEACFCC9EDFA36684A726AC2@J-F-Exch01.jumacorp.com> Message-ID: Hi Was there ever a copy of this script released? Thanks Rhys Evans Technical Consultant | Redblade Ltd | Tel: +44 (0)845 094 2389 | Fax: +44 (0)20 7735 1555 | Southbank House, Vauxhall | www.redblade.co.uk | -----Original Message----- From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Stephen Flanagan Sent: 05 March 2010 12:37 To: 'R.Epping at meteo.nl'; 'rancid-discuss at shrubbery.net' Subject: [rancid] Re: Rancid support for Brocade switches Absolutely, its really holding thing back. Thanks -------------------------------------- This message has been transmitted from a mobile device. If you are not the intended recipient please notify sender and discard message. Thank you, Juma Corp IT Department. ----- Original Message ----- From: rancid-discuss-bounces at shrubbery.net To: rancid-discuss at shrubbery.net ; NMaio at guesswho.com Sent: Fri Mar 05 07:04:12 2010 Subject: [rancid] Re: Rancid support for Brocade switches Hi, Tue Jan 26 22:12:55 UTC 2010 nmaio at guesswho.com wrote: > Yes I did but I modified a script do just do a cfgshow and > configshow. Would you like a copy? > It only works with OS versions that don't paginate the output. I'm interested too. Would it be possible to share your copy with this list? THNX && GRTNX, RobJE -- Home is near Enter. ((c) RonA) ======================================================================== Tel: +31 - 317 - 399800 s-mail: P.O. box 617 Fax: +31 - 317 - 423164 6700 AP Wageningen MailTo: r.epping at meteo.nl WWW: http://www.meteo.nl/ -- This e-mail is from Meteo Consult B.V., a MeteoGroup company. For more information, see http://www.weer.nl/gebruiksvoorwaarden. This e-mail may contain confidential information. Only the addressee is permitted to read, copy, distribute or otherwise use this e-mail or any attachments. If you have received it in error, please contact the sender immediately. Any opinion expressed in this e-mail is personal to the sender and may not reflect the opinion of MeteoGroup. Any e-mail reply to this address may be subject to interception or monitoring for operational reasons or for lawful business practices. _______________________________________________ Rancid-discuss mailing list Rancid-discuss at shrubbery.net http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss _______________________________________________ Rancid-discuss mailing list Rancid-discuss at shrubbery.net http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss Redblade Ltd is a Company Limited by Guarantee, registered in England, no: 5821834 Registered Office: Southbank House, Black Prince Road, Vauxhall, London, SE1 7SJ This email and its content are subject to the disclaimer as displayed at the following link http://www.redblade.co.uk/disclaimer.htm From paleola at gmail.com Tue Jun 8 14:53:34 2010 From: paleola at gmail.com (Aleksey P) Date: Tue, 8 Jun 2010 18:53:34 +0400 Subject: [rancid] Not working rancid with Cisco without enable. Message-ID: Hello. I can't understand why rancid didn't work with Cisco Routers (Switches) without enable password!? OS - FreeBSD Here some of config: /usr/local/libexec/rancid]# vi /usr/local/etc/rancid/.cloginrc # THIS IS FOR CISCO add noenable 172.16.2.2 1 #add autoenable 172.16.2.2 1 add user 172.16.2.2 username add password 172.16.2.2 password add method 172.16.2.2 ssh Trying /usr/local/libexec/rancid/clogin -t 90 -c"show configuration" 172.16.2.2 All work just fine - no enable promt - show configuration - that is all we need: /usr/local/libexec/rancid/clogin -t 90 -c"show configuration" 172.16.2.2 172.16.2.2 spawn ssh -c 3des -x -l username 172.16.2.2 username at 172.16.2.2's password: Router> Router>terminal length 0 Router>>show configuration ... here we see our config ... end Router>exit Connection to 172.16.2.2 closed. But if i run rancid-run in my logs i will see: Trying to get all of the configs. 172.16.2.2: missed cmd(s): show configuration 172.16.2.2: End of run not found ! ===================================== Getting missed routers: round 1. 172.16.2.2: missed cmd(s): show configuration 172.16.2.2: End of run not found I can't understand why it works like this. Help me if u can :) -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20100608/6e205a0c/attachment.html From jsalmeron at gmail.com Wed Jun 9 07:56:21 2010 From: jsalmeron at gmail.com (Julian Salmeron) Date: Wed, 9 Jun 2010 09:56:21 +0200 Subject: [rancid] Modify rancid scripts to enter on Cisco devices level 7 (enable 7 command) Message-ID: Hi all. First of all, hi everybody, it's the first time I post in this list but I've been long time reading all of you and learning with you. I have a strange situation with a Cisco device where I have to login as normal user , then type the "enable 7" command to enter in level 7 and then type "show startup config" instead of "show running config". So I have to modify some of the rancid scripts (clogin, rancid and maybe some more), and that's my problem...I don't know how to do that and I'm not sure which scripts I have to modify. If you could give me a hand on it, I'll thanks to you a lot. Thanks in advanced. Julian (Sorry for my poor English, I'm Spanish and my English is a bit strong) :P -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20100609/32b169c4/attachment.html From Steve at host-it.co.uk Wed Jun 9 17:46:12 2010 From: Steve at host-it.co.uk (Steve Ousley) Date: Wed, 9 Jun 2010 18:46:12 +0100 Subject: [rancid] Re: changes in routers In-Reply-To: <20100528215348.GG7486@shrubbery.net> References: <20100528215348.GG7486@shrubbery.net> Message-ID: Hi John It seems that I've deleted the source for Rancid at some point. Would there be any other place that this would be set? Somewhere in the Rancid etc or var folder maybe? Steve Ousley steve at host-it.co.uk Nuco Technologies Ltd Unit 1 - Northampton Science Park - Kings Park Road - Moulton Park - Northampton - England - NN3 6LG TEL: (0844) 745 1300 FAX: (0844) 745 1303 Skype: nucotech-support WEB: www.host-it.co.uk www.nucotechnologies.com - www.computalynx.net - www.northampton.it ---------------------------------------------------------------- IMPORTANT - The information transmitted in this email is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please delete this email and inform domainadministrator at host-it.co.uk immediately ---------------------------------------------------------------- Nuco Technologies Ltd is a company registered in England and Wales with company number 04470751 (14) -----Original Message----- From: john heasley [mailto:heas at shrubbery.net] Sent: 28 May 2010 22:54 To: Steve Ousley Cc: rancid-discuss at shrubbery.net Subject: Re: [rancid] changes in routers Fri, May 28, 2010 at 01:43:48PM +0100, Steve Ousley: > What I did notice was that there was an email generated for each group stating a list of routers who's status had changed to down, the list, however, consisted of no routers. > > I thought this was maybe an oddity as it was the first run of rancid since the update, so ignored it. > > Now, after it's scheduled run, I get the email again. > > Literally the entire contents of the email is: > > > "Routers changed to down:" > > Does anyone have any ideas why seemingly the upgrade to Lenny could have caused this? this is most likely the configure script or the PATH in rancid.conf winding-up with arguments for diff that it doesnt like. see DIFF_CMD in the config.status file that was generated by configure. From heas at shrubbery.net Wed Jun 9 19:10:10 2010 From: heas at shrubbery.net (john heasley) Date: Wed, 9 Jun 2010 12:10:10 -0700 Subject: [rancid] Re: Modify rancid scripts to enter on Cisco devices level 7 (enable 7 command) In-Reply-To: References: Message-ID: <20100609191010.GL4014@shrubbery.net> Wed, Jun 09, 2010 at 09:56:21AM +0200, Julian Salmeron: > I have a strange situation with a Cisco device where I have to login as > normal user , then type the "enable 7" command to enter in level 7 and then > type "show startup config" instead of "show running config". > So I have to modify some of the rancid scripts (clogin, rancid and maybe > some more), and that's my problem...I don't know how to do that and I'm not > sure which scripts I have to modify. clogin/*login does not have a way to alter the enable command. afaik, other commands will fail at lower privilege levels, so i'm not inclined to add the feature now. you'd have to create a clogin, rancid, and device type with new names; example, clogin7, rancid7, cisco7 (rancid-fe script). change rancid7 to use clogin7, change clogin7 to use the right enable command, add the cisco7 type to rancid-fe, and change your router.db for the device to be the cisco7 device type. > (Sorry for my poor English, I'm Spanish and my English is a bit strong) :P your english is fine. From jethro.binks at strath.ac.uk Wed Jun 9 19:57:03 2010 From: jethro.binks at strath.ac.uk (Jethro R Binks) Date: Wed, 9 Jun 2010 20:57:03 +0100 (BST) Subject: [rancid] Re: Modify rancid scripts to enter on Cisco devices level 7 (enable 7 command) In-Reply-To: <20100609191010.GL4014@shrubbery.net> References: <20100609191010.GL4014@shrubbery.net> Message-ID: On Wed, 9 Jun 2010, john heasley wrote: > Wed, Jun 09, 2010 at 09:56:21AM +0200, Julian Salmeron: > > I have a strange situation with a Cisco device where I have to login as > > normal user , then type the "enable 7" command to enter in level 7 and then > > type "show startup config" instead of "show running config". > > So I have to modify some of the rancid scripts (clogin, rancid and maybe > > some more), and that's my problem...I don't know how to do that and I'm not > > sure which scripts I have to modify. > > clogin/*login does not have a way to alter the enable command. afaik, > other commands will fail at lower privilege levels, so i'm not inclined > to add the feature now. That's true; I also needed the feature for some 3Com/H3C gear which doesn't use "enable". I wasn't inclined to add the feature either, but I did make it slightly easier for myself in case I ever did; I simply: set enacmd "system-view" then later: send "$enacmd\r" If the facility to change it ever gets added in via .cloginrc, I at least had part of the framework there, and in the meantime it reminds me to think about it again every so often. Jethro. . . . . . . . . . . . . . . . . . . . . . . . . . Jethro R Binks Computing Officer, IT Services, University Of Strathclyde, Glasgow, UK From heas at shrubbery.net Wed Jun 9 20:28:30 2010 From: heas at shrubbery.net (john heasley) Date: Wed, 9 Jun 2010 13:28:30 -0700 Subject: [rancid] Re: Modify rancid scripts to enter on Cisco devices level 7 (enable 7 command) In-Reply-To: References: <20100609191010.GL4014@shrubbery.net> Message-ID: <20100609202830.GD4014@shrubbery.net> Wed, Jun 09, 2010 at 08:57:03PM +0100, Jethro R Binks: > On Wed, 9 Jun 2010, john heasley wrote: > > > Wed, Jun 09, 2010 at 09:56:21AM +0200, Julian Salmeron: > > > I have a strange situation with a Cisco device where I have to login as > > > normal user , then type the "enable 7" command to enter in level 7 and then > > > type "show startup config" instead of "show running config". > > > So I have to modify some of the rancid scripts (clogin, rancid and maybe > > > some more), and that's my problem...I don't know how to do that and I'm not > > > sure which scripts I have to modify. > > > > clogin/*login does not have a way to alter the enable command. afaik, > > other commands will fail at lower privilege levels, so i'm not inclined > > to add the feature now. > > That's true; I also needed the feature for some 3Com/H3C gear which > doesn't use "enable". I wasn't inclined to add the feature either, but I > did make it slightly easier for myself in case I ever did; I simply: > > set enacmd "system-view" > > then later: > > send "$enacmd\r" > > If the facility to change it ever gets added in via .cloginrc, I at least > had part of the framework there, and in the meantime it reminds me to > think about it again every so often. i'd have created a separate script for that one, especially because its a 3com. yes, i won't hide my disdain for 3com. but, 'enablecmd' is what i was thinking about. however, because folks would be inclined to do things like julian is, it affects authorization for other commands and quickly becomes far more complicated. From jethro.binks at strath.ac.uk Wed Jun 9 20:52:40 2010 From: jethro.binks at strath.ac.uk (Jethro R Binks) Date: Wed, 9 Jun 2010 21:52:40 +0100 (BST) Subject: [rancid] Re: Modify rancid scripts to enter on Cisco devices level 7 (enable 7 command) In-Reply-To: <20100609202830.GD4014@shrubbery.net> References: <20100609191010.GL4014@shrubbery.net> <20100609202830.GD4014@shrubbery.net> Message-ID: On Wed, 9 Jun 2010, john heasley wrote: > > If the facility to change it ever gets added in via .cloginrc, I at least > > had part of the framework there, and in the meantime it reminds me to > > think about it again every so often. > > i'd have created a separate script for that one, especially because its a > 3com. yes, i won't hide my disdain for 3com. :) But I did: h3clogin. That's where I put the simple framework, Just In Case. > but, 'enablecmd' is what i was thinking about. however, because folks > would be inclined to do things like julian is, it affects authorization > for other commands and quickly becomes far more complicated. I was just thinking about the general case of "a device where the enable command isn't literally 'enable'", rather than Julian's more specialised case where he is specifying a particular priv level, but you are correct that in that case it can get complicated. As it happens, my rancid logs into a ASA/PIX with a user of lower priv level; I did have to make some of the commands available to the lower priv level. My 'framework', such as it was, was really an example of my continuing view (mentioned before) that the more system-specific detail can be abstracted out from the scripts themselves, then the less different the scripts become. It then becomes much easier to: 1. abstract common functions out from the scripts; 2. make updates to general functionality across all the scripts; 3. write a script for a new device, concentrating on just the stuff that really is different rather than trying to cobble something together comparing different scripts for other different devices Obviously some devices really are quite different, or pernikity, but if you can abstract even the simple things like "what's the command to run to get to privileged mode", and "how do i turn off paging" to the clogin level, or a simple config file listing the vendors and the equivalent commands, then you might get some way down that road. Net::Appliance::Session attempts to do something like this, by the use of vendor-specific 'phrasebooks', e.g.: http://cpansearch.perl.org/src/OLIVER/Net-Appliance-Phrasebook-1.8/lib/Net/Appliance/Phrasebook/nas-pb.yml Jethro. . . . . . . . . . . . . . . . . . . . . . . . . . Jethro R Binks Computing Officer, IT Services, University Of Strathclyde, Glasgow, UK From heas at shrubbery.net Wed Jun 9 21:35:06 2010 From: heas at shrubbery.net (john heasley) Date: Wed, 9 Jun 2010 14:35:06 -0700 Subject: [rancid] Re: Not working rancid with Cisco without enable. In-Reply-To: References: Message-ID: <20100609213506.GO4014@shrubbery.net> Tue, Jun 08, 2010 at 06:53:34PM +0400, Aleksey P: > Hello. I can't understand why rancid didn't work with Cisco Routers > (Switches) without enable password!? > OS - FreeBSD > Here some of config: > /usr/local/libexec/rancid]# vi /usr/local/etc/rancid/.cloginrc > # THIS IS FOR CISCO > add noenable 172.16.2.2 1 > #add autoenable 172.16.2.2 1 > add user 172.16.2.2 username > add password 172.16.2.2 password > add method 172.16.2.2 ssh > > Trying /usr/local/libexec/rancid/clogin -t 90 -c"show configuration" > 172.16.2.2 > All work just fine - no enable promt - show configuration - that is all we > need: > > /usr/local/libexec/rancid/clogin -t 90 -c"show configuration" 172.16.2.2 > 172.16.2.2 > spawn ssh -c 3des -x -l username 172.16.2.2 > username at 172.16.2.2's password: > > Router> > Router>terminal length 0 > Router>>show configuration > ... > here we see our config > ... > end > > Router>exit > Connection to 172.16.2.2 closed. it may be the command before this that failed. in general, for it to runn all the commands, it needs enable. try export NOPIPE=YES rancid -d 172.16.2.2 172.16.2.2.raw will have the output from the device and .new the crunched output. > But if i run rancid-run in my logs i will see: > > Trying to get all of the configs. > 172.16.2.2: missed cmd(s): show configuration > 172.16.2.2: End of run not found > ! > ===================================== > Getting missed routers: round 1. > 172.16.2.2: missed cmd(s): show configuration > 172.16.2.2: End of run not found > > I can't understand why it works like this. > Help me if u can :) > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss From david at prophecy.net.nz Wed Jun 9 22:46:26 2010 From: david at prophecy.net.nz (David Young) Date: Thu, 10 Jun 2010 10:46:26 +1200 Subject: [rancid] Re: Has anybody solved the extreme "unsaved changes" bug? In-Reply-To: <20100506165133.GQ21825@shrubbery.net> References: <4BD0CBF6.7010203@prophecy.net.nz> <20100422234954.GV24599@shrubbery.net> <4BDDD94A.6080201@prophecy.net.nz> <20100506165133.GQ21825@shrubbery.net> Message-ID: <4C1019C2.4080608@prophecy.net.nz> Hi John, > > could you show the o/p of "clogin -c 'show version' host" to me? ie: the > match of the clogin -d o/p below. > > Sorry it took a while, here's the output: --- [rancid at stats ~]$ clogin -c 'show version' myswitch.local myswitch.local spawn telnet myswitch.local Trying 10.0.0.1.. Connected to myswitch.local (10.0.0.1). Escape character is '^]'. Copyright (C) 1999 by Extreme Networks login: admin password: Press the key at any time for completions. Don't forget to save your configuration changes. * myswitch:1 # enable Syntax error at end of line. Next possible completions: autodst bootp bootprelay cli-config-logging clipaging dvmrp edp esrp gvrp icmp idletimeouts igmp ignore-stp iparp ipforwarding ipmcforwarding iproute isq ipxrip ipxsap jumbo irdp learning license log mirroring multinetting ospf pace pim-dm ports qosmonitor radius rip rmon sharing smartredundancy snmp sntp-client stpd subvlan-proxy-arp summitlink syslog telnet type20 web * myswitch:2 # couldn't compile regular expression pattern: quantifier operand invalid while executing "expect -nobrace -re {* myswitch([^#>\r\n]+)?[#>](\([^)\r\n]+\))?} {} -re {[ ]+} { exp_continue }" invoked from within "expect { -re $reprompt {} -re "\[\n\r]+" { exp_continue } }" (procedure "run_commands" line 21) invoked from within "run_commands $prompt $command" ("foreach" body line 155) invoked from within "foreach router [lrange $argv $i end] { set router [string tolower $router] # attempt at platform switching. set platform "" send_user ..." (file "/usr/bin/clogin" line 722) [rancid at stats ~]$ --- -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20100610/f2f40e4b/attachment.html From wbrown at qualcomm.com Wed Jun 9 22:59:31 2010 From: wbrown at qualcomm.com (Brown IV, Bill (MFT)) Date: Wed, 9 Jun 2010 15:59:31 -0700 Subject: [rancid] How to Get 'show version' on Cisco 2811 Message-ID: <74A76F5DF2E5124CBE0396FD39D171860A78E74AFC@NALASEXMB03.na.qualcomm.com> Hello Rancid Experts, I apologize if this question has been asked before - I couldn't find a reference in the archives. For some reason, the backups of my Cisco 2811 routers do not have the 'show version' output in them. Could someone please tell me how to get that info in the backups? My prompt looks like: router# Same as the rest of the devices, like 3560 and 3750 switches. Thanks in advance, Bill -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20100609/bad5ffe0/attachment.html From jsalmeron at gmail.com Thu Jun 10 07:27:24 2010 From: jsalmeron at gmail.com (Julian Salmeron) Date: Thu, 10 Jun 2010 09:27:24 +0200 Subject: [rancid] Re: Modify rancid scripts to enter on Cisco devices level 7 (enable 7 command) In-Reply-To: References: <20100609191010.GL4014@shrubbery.net> <20100609202830.GD4014@shrubbery.net> Message-ID: Hi again. Sorry I sent the last email to Jethro directly, not to the list... :P Anyway, it works perfect!!! I have created rancid7, clogin7 and modified rancid-fe script ,and now I can get the configs. *rancid at nagios3:~/bin$ clogin7 -t 90 172.16.20.1 172.16.20.1 spawn telnet 172.16.20.1 Trying 172.16.20.1... Connected to 172.16.20.1. Escape character is '^]'. . . . User Access Verification Username: rancid Password: gw1>enable 7 Password: gw1# * Thanks a lot for your help, is nice to see a gurus like you. Regards, Julian 2010/6/10 Julian Salmeron > Hi John/Jethro. > > Thanks for the quick reply. > > I'll try to create the separate scripts and let you know. > > Regards, > Julian > > 2010/6/9 Jethro R Binks > > On Wed, 9 Jun 2010, john heasley wrote: >> >> > > If the facility to change it ever gets added in via .cloginrc, I at >> least >> > > had part of the framework there, and in the meantime it reminds me to >> > > think about it again every so often. >> > >> > i'd have created a separate script for that one, especially because its >> a >> > 3com. yes, i won't hide my disdain for 3com. >> >> :) But I did: h3clogin. That's where I put the simple framework, Just In >> Case. >> >> > but, 'enablecmd' is what i was thinking about. however, because folks >> > would be inclined to do things like julian is, it affects authorization >> > for other commands and quickly becomes far more complicated. >> >> I was just thinking about the general case of "a device where the enable >> command isn't literally 'enable'", rather than Julian's more specialised >> case where he is specifying a particular priv level, but you are correct >> that in that case it can get complicated. >> >> As it happens, my rancid logs into a ASA/PIX with a user of lower priv >> level; I did have to make some of the commands available to the lower priv >> level. >> >> My 'framework', such as it was, was really an example of my continuing >> view (mentioned before) that the more system-specific detail can be >> abstracted out from the scripts themselves, then the less different the >> scripts become. It then becomes much easier to: >> >> 1. abstract common functions out from the scripts; >> >> 2. make updates to general functionality across all the scripts; >> >> 3. write a script for a new device, concentrating on just the stuff that >> really is different rather than trying to cobble something together >> comparing different scripts for other different devices >> >> Obviously some devices really are quite different, or pernikity, but if >> you can abstract even the simple things like "what's the command to run to >> get to privileged mode", and "how do i turn off paging" to the clogin >> level, or a simple config file listing the vendors and the equivalent >> commands, then you might get some way down that road. >> Net::Appliance::Session attempts to do something like this, by the use of >> vendor-specific 'phrasebooks', e.g.: >> >> >> http://cpansearch.perl.org/src/OLIVER/Net-Appliance-Phrasebook-1.8/lib/Net/Appliance/Phrasebook/nas-pb.yml >> >> Jethro. >> >> . . . . . . . . . . . . . . . . . . . . . . . . . >> Jethro R Binks >> Computing Officer, IT Services, University Of Strathclyde, Glasgow, UK >> _______________________________________________ >> Rancid-discuss mailing list >> Rancid-discuss at shrubbery.net >> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss >> > > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20100610/48b2af84/attachment.html From heas at shrubbery.net Thu Jun 10 19:59:22 2010 From: heas at shrubbery.net (john heasley) Date: Thu, 10 Jun 2010 12:59:22 -0700 Subject: [rancid] Re: How to Get 'show version' on Cisco 2811 In-Reply-To: <74A76F5DF2E5124CBE0396FD39D171860A78E74AFC@NALASEXMB03.na.qualcomm.com> References: <74A76F5DF2E5124CBE0396FD39D171860A78E74AFC@NALASEXMB03.na.qualcomm.com> Message-ID: <20100610195922.GL13536@shrubbery.net> Wed, Jun 09, 2010 at 03:59:31PM -0700, Brown IV, Bill (MFT): > Hello Rancid Experts, > > I apologize if this question has been asked before - I couldn't find a reference in the archives. For some reason, the backups of my Cisco 2811 routers do not have the 'show version' output in them. Could someone please tell me how to get that info in the backups? rancid chews that input and produces summary lines. if they arent there, it couldnt parse the input from show version. start by making sure that you're using a recent version of rancid. > My prompt looks like: > > router# > > Same as the rest of the devices, like 3560 and 3750 switches. > > Thanks in advance, > Bill > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss From paleola at gmail.com Fri Jun 11 08:45:53 2010 From: paleola at gmail.com (Aleksey P) Date: Fri, 11 Jun 2010 12:45:53 +0400 Subject: [rancid] Re: Not working rancid with Cisco without enable. In-Reply-To: <20100609213506.GO4014@shrubbery.net> References: <20100609213506.GO4014@shrubbery.net> Message-ID: Hello. In my rancid file i delete all commands, except "show configuration". This work fine with Juniper switches (becouse they don't have enable mode and have '>' in command line (i think)). I did as you say: In racid.conf i have: NOPIPE=YES; export NOPIPE Then i did: ]# /usr/local/libexec/rancid/rancid -d 172.16.2.2 executing /usr/local/libexec/rancid/clogin -t 90 -c"show configuration" 172.16.2.2 172.16.2.2: missed cmd(s): show configuration 172.16.2.2: missed cmd(s): show configuration 172.16.2.2: End of run not found 172.16.2.2: End of run not found ! ]# cat /usr/local/libexec/rancid/172.16.2.2.new !RANCID-CONTENT-TYPE: cisco ! ! ! ! and that is all that in this file. -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20100611/24b096f9/attachment.html From heas at shrubbery.net Fri Jun 11 16:48:38 2010 From: heas at shrubbery.net (john heasley) Date: Fri, 11 Jun 2010 09:48:38 -0700 Subject: [rancid] Re: Not working rancid with Cisco without enable. In-Reply-To: References: <20100609213506.GO4014@shrubbery.net> Message-ID: <20100611164836.GG14129@shrubbery.net> Fri, Jun 11, 2010 at 12:45:53PM +0400, Aleksey P: > Hello. > In my rancid file i delete all commands, except "show configuration". This > work fine with Juniper switches (becouse they don't have enable mode and it must have show version. > have '>' in command line (i think)). the rancid script shouldnt care about which prompt it shows, but in general, enable mode is required. > I did as you say: > In racid.conf i have: > NOPIPE=YES; export NOPIPE > > Then i did: > > ]# /usr/local/libexec/rancid/rancid -d 172.16.2.2 > executing /usr/local/libexec/rancid/clogin -t 90 -c"show configuration" > 172.16.2.2 > 172.16.2.2: missed cmd(s): show configuration > 172.16.2.2: missed cmd(s): show configuration > 172.16.2.2: End of run not found > 172.16.2.2: End of run not found > ! > ]# cat /usr/local/libexec/rancid/172.16.2.2.new > !RANCID-CONTENT-TYPE: cisco > ! > ! > ! > ! > and that is all that in this file. and what is in the 172.16.2.2.raw file? From paleola at gmail.com Tue Jun 15 06:38:11 2010 From: paleola at gmail.com (Aleksey P) Date: Tue, 15 Jun 2010 10:38:11 +0400 Subject: [rancid] Re: Not working rancid with Cisco without enable. In-Reply-To: <20100611164836.GG14129@shrubbery.net> References: <20100609213506.GO4014@shrubbery.net> <20100611164836.GG14129@shrubbery.net> Message-ID: Hello. >> ]# cat /usr/local/libexec/rancid/172.16.2.2.new > >> !RANCID-CONTENT-TYPE: cisco > >> ! > >> ! > >> ! > >> ! > >> and that is all that in this file. > > >and what is in the 172.16.2.2.raw file? > Nothing, that's all - only one line " !RANCID-CONTENT-TYPE: cisco" and that's all. >it must have show version. I am not sure i understand you right. In rancid file i must use 'show version'? >the rancid script shouldnt care about which prompt it shows, but in >general, enable mode is required. But in theory - can rancid work with Cisco device w/o 'enable'? -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20100615/c7011463/attachment.html From peo at chalmers.se Tue Jun 15 10:39:21 2010 From: peo at chalmers.se (Per-Olof Olsson) Date: Tue, 15 Jun 2010 12:39:21 +0200 Subject: [rancid] Re: Not working rancid with Cisco without enable. In-Reply-To: References: <20100609213506.GO4014@shrubbery.net> <20100611164836.GG14129@shrubbery.net> Message-ID: <4C175859.60605@chalmers.se> Aleksey P wrote: > Hello. > > >> ]# cat /usr/local/libexec/rancid/172.16.2.2.new > >> !RANCID-CONTENT-TYPE: cisco > >> ! > >> ! > >> ! > >> ! > >> and that is all that in this file. > > >and what is in the 172.16.2.2.raw file? > > > Nothing, that's all - only one line " !RANCID-CONTENT-TYPE: cisco" and > that's all. > >>it must have show version. > I am not sure i understand you right. In rancid file i must use 'show > version'? > > >>the rancid script shouldnt care about which prompt it shows, but in >>general, enable mode is required. > But in theory - can rancid work with Cisco device w/o 'enable'? > Yes. In .clogin set add autoenable 1 Run ok for HP direct login to manager level and cisco nexus switches that don't have enabler level. (nexus use nxrancid and clogin scripts/program) /Peo ---------------------------------------------------------- Per-Olof Olsson Email: peo at chalmers.se Chalmers tekniska h?gskola IT-service H?rsalsv?gen 5 412 96 G?teborg Tel: 031/772 6738 Fax: 031/772 8660 ---------------------------------------------------------- From devon at noved.org Tue Jun 15 15:24:19 2010 From: devon at noved.org (Devon True) Date: Tue, 15 Jun 2010 11:24:19 -0400 Subject: [rancid] Different outputs with fnrancid and rancid-run Message-ID: <4C179B23.9050309@noved.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 All: I have modified the fnrancid script to omit some data the new Fortigate software gives during the "get system status". When I manually run fnrancid, the output is how I expect. However, if I run rancid-run, the data that should be removed is not. fnrancid: sub GetSystem { print STDERR " In GetSystem: $_" if ($debug); while () { tr/\015//d; next if /^\s*$/; last if(/$prompt/); if (/(^\s*System time:)(.*)/ && $filter_pwds >= 1) { ProcessHistory("ENC","","","$1=\n"); next; } if (/(^\s*FortiClient application signature package:)(.*)/ && $filter_pwds >= 1) { ProcessHistory("ENC","","","$1=\n"); next; } ProcessHistory("","","","$_"); } #print STDOUT "Vendor: $vendor"; ProcessHistory("SYSTEM","","","\n"); return(0); } Manual run of fnrancid creates a .new file with the output I would expect: !RANCID-CONTENT-TYPE: fortigate [snip] Branch point: 272 Release Version Information: MR2 System time:= #config-version=FG200A-4.00-FW-build272-100331:opmode=0:vdom=0 #conf_file_ver= However, if I run "rancid-run" and modify control.rancid to not delete the temp files created, I see the information that should have been removed: retrieving revision 1.33 diff -U 4 -r1.33 @@ -18,12 +18,12 @@ Current HA mode: a-p, master Distribution: International Branch point: 272 Release Version Information: MR2 - - System time: Tue Jun 15 10:15:38 2010 + System time: Tue Jun 15 11:04:55 2010 #config-version=FG200A-4.00-FW-build272-100331:opmode=0:vdom=0 - - #conf_file_ver=7431428455965478911 + #conf_file_ver=17778636958364288780 I tried searching through rancid-run, control-rancid, rancid-fe, and par. I can also run "par -q -n 2 -c 'rancid-fe {}' $DIR/routers.single" manually and get the output I expect. Any suggestions or hints about where to look? - -- Devon -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.12 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkwXmyMACgkQWP2WrBTHBS+dqACfQ1Pu6U1ZdbYnkZFScnzJ3U8g IVoAoKib0jnDhEDXboKaYOrAZAYGEWl1 =wB/f -----END PGP SIGNATURE----- From denyipanyany at gmail.com Tue Jun 15 15:43:01 2010 From: denyipanyany at gmail.com (Deny IP Any Any) Date: Tue, 15 Jun 2010 11:43:01 -0400 Subject: [rancid] current version of WLC script Message-ID: Where is the best place to get rancid scripts for a Cisco WLC 5508, running version 6.0? I've found a few from April in the mail archive, not sure if that is the latest version or not. Thank you. -- deny ip any any (4393649193 matches) From heas at shrubbery.net Tue Jun 15 18:20:39 2010 From: heas at shrubbery.net (john heasley) Date: Tue, 15 Jun 2010 11:20:39 -0700 Subject: [rancid] Re: Not working rancid with Cisco without enable. In-Reply-To: References: <20100609213506.GO4014@shrubbery.net> <20100611164836.GG14129@shrubbery.net> Message-ID: <20100615182039.GD27773@shrubbery.net> Tue, Jun 15, 2010 at 10:38:11AM +0400, Aleksey P: > Hello. > > >> ]# cat /usr/local/libexec/rancid/172.16.2.2.new > > >> !RANCID-CONTENT-TYPE: cisco > > >> ! > > >> ! > > >> ! > > >> ! > > >> and that is all that in this file. > > > > >and what is in the 172.16.2.2.raw file? > > > > Nothing, that's all - only one line " !RANCID-CONTENT-TYPE: cisco" and > that's all. thats 172.16.2.2.new, not 172.16.2.2.raw. > >it must have show version. > I am not sure i understand you right. In rancid file i must use 'show > version'? yes, it must include show version since its used in writeterm, at least for some platforms. > > >the rancid script shouldnt care about which prompt it shows, but in > >general, enable mode is required. > But in theory - can rancid work with Cisco device w/o 'enable'? some commands require higher privledges. if you eliminate those that do, then it'd work. From paleola at gmail.com Wed Jun 16 07:50:44 2010 From: paleola at gmail.com (Aleksey P) Date: Wed, 16 Jun 2010 11:50:44 +0400 Subject: [rancid] Re: Not working rancid with Cisco without enable. In-Reply-To: <20100615182039.GD27773@shrubbery.net> References: <20100609213506.GO4014@shrubbery.net> <20100611164836.GG14129@shrubbery.net> <20100615182039.GD27773@shrubbery.net> Message-ID: Hello. > > >thats 172.16.2.2.new, not 172.16.2.2.raw. > Sorry, my fault. > When i run rancid-run - file 172.16.2.2.raw created for very short time and then deleted. But I was able to see what in it: tail -F /usr/local/var/rancid/TEST/configs/172.16.2.2.raw *172.16.2.2 spawn ssh -c 3des -x -l username 172.16.2.2 **username**@172.16.2.2's password: C2960-USR-1> C2960-USR-1>terminal length 0 C2960-USR-1>show version Cisco IOS Software, C2960 Software * and so on... than i see 'show configuration' command and all config. That all walks four times and than file 172.16.2.2.raw somehow disappear. But in logs i see: *Trying to get all of the configs. 172.16.2.2: missed cmd(s): show configuration,show version 172.16.2.2: End of run not found ! ===================================== Getting missed routers: round 1. 172.16.2.2: missed cmd(s): show configuration,show version 172.16.2.2: End of run not found* and no any normal config file :( -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20100616/534f3651/attachment.html From mstefani at redhat.com Wed Jun 16 08:31:05 2010 From: mstefani at redhat.com (Michael Stefaniuc) Date: Wed, 16 Jun 2010 10:31:05 +0200 Subject: [rancid] Re: current version of WLC script In-Reply-To: References: Message-ID: <4C188BC9.1030801@redhat.com> Deny IP Any Any wrote: > Where is the best place to get rancid scripts for a Cisco WLC 5508, > running version 6.0? I've found a few from April in the mail archive, > not sure if that is the latest version or not. Yeah, that should be the latest one. John Heasley intended to accept it upstream. bye michael From cderemer at phoebe.org Wed Jun 16 15:40:41 2010 From: cderemer at phoebe.org (Christopher DeRemer) Date: Wed, 16 Jun 2010 11:40:41 -0400 Subject: [rancid] Re: current version of WLC script In-Reply-To: <4C188BC9.1030801@redhat.com> References: <4C188BC9.1030801@redhat.com> Message-ID: <671DC9312DF0CC4D8A7F3ABE978DD5ADE84D5B0B42@MAIL.phoebe.local> >Deny IP Any Any wrote: >> Where is the best place to get rancid scripts for a Cisco WLC 5508, >> running version 6.0? I've found a few from April in the mail archive, >>not sure if that is the latest version or not. >Yeah, that should be the latest one. John Heasley intended to accept it upstream. >bye > michael Can we all set up a Git or something to work on the WLC script because I've found it to be troublesome with my version 5 controllers... haven't tried version 6 yet but I'm not headed to that revision soon anyway. Cheers, Christopher DeRemer, CCENT Network Administrator Phoebe Services 484.619.2168 (Single # Reach) NOTICE: This confidential message/attachment contains information intended for a specific individual(s). Any inappropriate use, distribution or duplication is strictly prohibited. If received in error, notify the sender and immediately delete this transmission. From devon at noved.org Wed Jun 16 16:09:07 2010 From: devon at noved.org (Devon True) Date: Wed, 16 Jun 2010 12:09:07 -0400 Subject: [rancid] Re: Different outputs with fnrancid and rancid-run In-Reply-To: <4C179B23.9050309@noved.org> References: <4C179B23.9050309@noved.org> Message-ID: <4C18F723.7050109@noved.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 6/15/2010 11:24 AM, Devon True wrote: [snip message] > Any suggestions or hints about where to look? Responding to myself for posterity. The issue was previous incarnations of the fnrancid script stored locally forced the $filter_pwds parameter to "1". When I applied the same logic to my new copy of fnrancid, the issue was resolved. - -- Devon -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.12 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkwY9yMACgkQWP2WrBTHBS8jpgCg+DXor6A9MOUl5zcsF6whC9l5 OTIAoKk1UNKy6hMpEz1RQaUm+L19GVyd =9l8i -----END PGP SIGNATURE----- From heas at shrubbery.net Wed Jun 16 16:59:57 2010 From: heas at shrubbery.net (john heasley) Date: Wed, 16 Jun 2010 09:59:57 -0700 Subject: [rancid] Re: Different outputs with fnrancid and rancid-run In-Reply-To: <4C179B23.9050309@noved.org> References: <20100616165814.8DE3311CEC0@ni.shrubbery.net> <4C179B23.9050309@noved.org> Message-ID: <20100616165957.GG5934@shrubbery.net> Tue, Jun 15, 2010 at 11:24:19AM -0400, Devon True: > All: > > I have modified the fnrancid script to omit some data the new Fortigate > software gives during the "get system status". When I manually run > fnrancid, the output is how I expect. However, if I run rancid-run, the > data that should be removed is not. > > retrieving revision 1.33 > diff -U 4 -r1.33 > @@ -18,12 +18,12 @@ > Current HA mode: a-p, master > Distribution: International > Branch point: 272 > Release Version Information: MR2 > - System time: Tue Jun 15 10:15:38 2010 > + System time: Tue Jun 15 11:04:55 2010 > > #config-version=FG200A-4.00-FW-build272-100331:opmode=0:vdom=0 > - #conf_file_ver=7431428455965478911 > + #conf_file_ver=17778636958364288780 This is probably the right patch: Index: bin/fnrancid.in =================================================================== --- bin/fnrancid.in (revision 2199) +++ bin/fnrancid.in (working copy) @@ -173,10 +173,13 @@ while () { tr/\015//d; next if /^\s*$/; - last if(/$prompt/); + last if (/$prompt/); + + next if (/^System Time:/); + next if (/^conf_file_ver=:/); + ProcessHistory("","","","$_"); } - print STDOUT "Vendor: $vendor"; ProcessHistory("SYSTEM","","","\n"); return(0); } From heas at shrubbery.net Wed Jun 16 17:09:33 2010 From: heas at shrubbery.net (john heasley) Date: Wed, 16 Jun 2010 10:09:33 -0700 Subject: [rancid] Re: current version of WLC script In-Reply-To: <4C188BC9.1030801@redhat.com> References: <4C188BC9.1030801@redhat.com> Message-ID: <20100616170932.GJ5934@shrubbery.net> Wed, Jun 16, 2010 at 10:31:05AM +0200, Michael Stefaniuc: > Deny IP Any Any wrote: > > Where is the best place to get rancid scripts for a Cisco WLC 5508, > > running version 6.0? I've found a few from April in the mail archive, > > not sure if that is the latest version or not. > Yeah, that should be the latest one. John Heasley intended to accept it > upstream. Ryan West was going to merge the two scripts and test with David Mantock. i dont believe they're done. From bohara at ripe.net Thu Jun 17 15:32:17 2010 From: bohara at ripe.net (Ben O'Hara) Date: Thu, 17 Jun 2010 17:32:17 +0200 Subject: [rancid] avorancid and ssh Message-ID: <918A12D8-DDCA-410D-B4A0-0EDD9E4FC694@ripe.net> Hi, I've just added some cyclades console servers to our racnid setup and set them as avocent devices to be accessed via ssh. I was getting the following errors when running rancid, which looked to be because $cmd wasnt set if it was via ssh. Trying to get all of the configs. sincns.ripe.net avologin error: Error: ssh failed: can't read "cmd": no such variable sincns.ripe.net: missed cmd(s): cat /etc/network/ifcfg_eth0,cat /etc/snmp/snmpd.conf,cat /etc/passwd,cat /etc/resolv.conf,cat /etc/hostname,cat /etc/domainname.conf,cat /etc/portslave/pslave.conf,cat /etc/network/st_routes,cat /etc/security.opts sincns.ripe.net: End of run not found I've fixed this with the attached patch which I copied from clogin into avologin. Anyone see any problems with this? It now seems to work OK. -------------- next part -------------- A non-text attachment was scrubbed... Name: avologin.in.patch Type: application/octet-stream Size: 401 bytes Desc: not available Url : http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20100617/8a5e84ee/attachment.obj -------------- next part -------------- Cheers Ben -- Ben O'Hara RIPE Network Coordination Center Systems Engineer Singel 258, Amsterdam, NL http://www.ripe.net +31 20 535 4444 PGP Fingerprint: 080A 52FF BF0A A7FB F176 E7DB 513D 9A3D E968 7DBC From peo at chalmers.se Sat Jun 19 08:18:20 2010 From: peo at chalmers.se (Per-Olof Olsson) Date: Sat, 19 Jun 2010 10:18:20 +0200 Subject: [rancid] Re: Not working rancid with Cisco without enable. In-Reply-To: <20100615182039.GD27773@shrubbery.net> References: <20100609213506.GO4014@shrubbery.net> <20100611164836.GG14129@shrubbery.net> <20100615182039.GD27773@shrubbery.net> Message-ID: <4C1C7D4C.80209@chalmers.se> john heasley skrev 2010-06-15 20:20: > Tue, Jun 15, 2010 at 10:38:11AM +0400, Aleksey P: >> Hello. >> >>>> ]# cat /usr/local/libexec/rancid/172.16.2.2.new >>>>> !RANCID-CONTENT-TYPE: cisco >>>>> ! >>>>> ! >>>>> ! >>>>> ! >>>>> and that is all that in this file. >>> >>>> and what is in the 172.16.2.2.raw file? >>> >> >> Nothing, that's all - only one line " !RANCID-CONTENT-TYPE: cisco" and >> that's all. > > thats 172.16.2.2.new, not 172.16.2.2.raw. > >>> it must have show version. >> I am not sure i understand you right. In rancid file i must use 'show >> version'? > > yes, it must include show version since its used in writeterm, at least > for some platforms. >> >>> the rancid script shouldnt care about which prompt it shows, but in >>> general, enable mode is required. >> But in theory - can rancid work with Cisco device w/o 'enable'? > > some commands require higher privledges. if you eliminate those that > do, then it'd work. > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss Sorry but it will not work to use rancid for unpriv level, and ">"-prompt. After some try to grab all open information in unpriv mode from cisco switches, there have to be some changes to fix a working script. I add a new switch type/script where I replase all "return(-1)" abort on "authorization failed" to "retrun(1)" continue on "authorization failed". See included diff for rancid to rancid_noen Add -noenabler to clogin command to not have to change in my running .cloginrc settings To run cisco rancid script in unpriv mode, there must be some code update to find >-prompt and to match commands (cmds_regexp) with >-prompt. Today rancid script only match for #-prompt. Notice that "show running-config" in nopriv gives error text "% Invalid input detected at '^' marker." and you have to set "found_end" before exit "write terminal" parsing else you will not get a clean run. If I don't have access to "show running" there is left one extra line "more system:running-config" in output. Can't understand to remove that extra line from my rancid_noen just now. If I run my rancid_noen vs. rancid using full priv there is no diffs in outputs to switch files. /Peo ---------------------------------------------------------- Per-Olof Olsson Email: peo at chalmers.se Chalmers tekniska h?gskola IT-service H?rsalsv?gen 5 412 96 G?teborg Tel: 031/772 6738 Fax: 031/772 8680 ---------------------------------------------------------- -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: rancid_noen-diff.txt Url: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20100619/c64778b7/attachment.txt From heas at shrubbery.net Sat Jun 19 18:05:25 2010 From: heas at shrubbery.net (john heasley) Date: Sat, 19 Jun 2010 18:05:25 +0000 Subject: [rancid] Re: Not working rancid with Cisco without enable. In-Reply-To: <4C1C7D4C.80209@chalmers.se> References: <20100609213506.GO4014@shrubbery.net> <20100611164836.GG14129@shrubbery.net> <20100615182039.GD27773@shrubbery.net> <4C1C7D4C.80209@chalmers.se> Message-ID: <20100619180525.GB812@shrubbery.net> Sat, Jun 19, 2010 at 10:18:20AM +0200, Per-Olof Olsson: > To run cisco rancid script in unpriv mode, there must be some code > update to find >-prompt and to match commands (cmds_regexp) with > >-prompt. Today rancid script only match for #-prompt. that is not right; it accepts either on. > If I don't have access to "show running" there is left one > extra line "more system:running-config" in output. > Can't understand to remove that extra line from my rancid_noen just now. thats for the pix. From bmahaffey at pelco.com Mon Jun 21 18:10:06 2010 From: bmahaffey at pelco.com (Mahaffey, Brian) Date: Mon, 21 Jun 2010 11:10:06 -0700 Subject: [rancid] couldn't compile regular expression pattern: parentheses () not balanced In-Reply-To: <4BBAF403456ED74981E7164ED3A4C22401FE203D@CA-EVS02.pelco.org> References: <4BBAF403456ED74981E7164ED3A4C22401EF84EA@CA-EVS02.pelco.org> <4BBAF403456ED74981E7164ED3A4C22401FE203D@CA-EVS02.pelco.org> Message-ID: <4BBAF403456ED74981E7164ED3A4C224020DA2A7@CA-EVS02.pelco.org> Rancid 2.3.3 expect 5.43 When rancid runs I am unable to collect data from HP switches via hlogin I get an error in the log file. When I manually run hlogin -c 'show run' HP5308-B6-1 I get a device timeout. If I run hlogin HP5308-B6-1 rancid logins successfully. I have tried this on another HP 5406 switch with the same issues. -bash-3.2$ hlogin HP5308-B6-1 hp5308-b6-1 spawn ssh -c 3des -x -l rancid hp5308-b6-1 rancid at hp5308-b6-1's password: ProCurve J4819A Switch 5308xl Software revision E.11.10 HP5308-B6-1> enable Password: HP5308-B6-1# HP5308-B6-1# exit HP5308-B6-1> exit Do you want to log out [y/n]? y ----------------------------------------------------- -bash-3.2$ hlogin -c 'show run' HP5308-B6-1 hp5308-b6-1 spawn ssh -c 3des -x -l rancid hp5308-b6-1 rancid at hp5308-b6-1's password: HP5308-B6-1> enable Password: HP5308-B6-1# HP5308-B6-1# couldn't compile regular expression pattern: parentheses () not balanced while executing ^#>\r\n]+)?[#>](\([^)\r\n]+\))?} {} -re {[ ]+} { exp_continue }" invoked from within "expect { -re $reprompt {} -re "\[\n\r]+" { exp_continue } }" (procedure "run_commands" line 9) invoked from within "run_commands $prompt $command" ("foreach" body line 148) invoked from within "foreach router [lrange $argv $i end] { set router [string tolower $router] send_user "$router\n" # device timeout set timeout [find t..." (file "/mnt/iscsi/apps/rancid/bin/hlogin" line 594) --------------------------------------------------------------- I don't know how much of this is relevant for you my apologizes I just grabbed a snip from the log file. "expect {re "\[\n\r]+"md{ exp_continue }show module,show flash,show version,show system-information,write term,show system information }"-b-re $repromptrun{}ot found (pro-re "\[\n\r]+"mm{ exp_continue } }"voked from withind(s): show stack,show module,show flash,show version,show system-information,write term,show system information (procedure "run_commands" line 9) invoked from withine 148) "run_commands $prompt $command"w stack,show module,show flash,show version,show system-information,write term,show system information ^#>\r\n]+)?[#>](\([^)\r\n]+\))?} {} -re {[ ]+} { exp_continue }"intolower $router]show module,show flash,show version,show system-information,write term,show system information ^#>\r\n]+)?[#>](\([^)\r\n]+\))?} {} -re {[ ]+} { exp_continue }"g tolower $router] ^#>\r\n]+)?[#>](\([^)\r\n]+\))?} {} -re {[ ]+} { exp_continue }""t.{ exp_continue }ern: parentheses () not balanced ^#>\r\n]+)?[#>](\([^)\r\n]+\))?} {} -re {[in" line 594) ]+} { exp_continue }""mm{ exp_continue }ern: parentheses () not balanced ^#>\r\n]+)?[#>](\([^)\r\n]+\))?} {} -re {[ ]+} { exp_continue }""mm{ exp_continue }show module,show flash,show version,show system-information,write term,show system information invoked from withine{}48)found "expect {re "\[\n\r]+"mm{ exp_continue } }" -re $reprompt {} (pro-re "\[\n\r]+"mm{ exp_continue } }"voked from withine 148) $i end] { (procedure "run_commands" line 9)r] invoked from withine 148) $i end] { "run_commands $prompt $command"$router]tern: parentheses () not balanced ("foreach" body line 148) $i end] {login" line 594) invoked from withintolower $router]tern: parentheses () not balanced "foreach router [lrange $argv $i end] {login" line 594) set router [string tolower $router]tern: parentheses () not balanced send_user "$router\n"s/rancid/bin/hlogin" line 594) set timeout [find t..."pression pattern: parentheses () not balanced # device timeouti/apps/rancid/bin/hlogin" line 594) ^#>\r\n]+)?[#>](\([^)\r\n]+\))?} {} -re {[n: parentheses () not balanced ]+} { exp_continue }"/apps/rancid/bin/hlogin" line 594) ^#>\r\n]+)?[#>](\([^)\r\n]+\))?} {} -re {[w module,show flash,show version,show system-information,write term,show system information ]+} { exp_continue }"un not found invoked from withind{}): show stack,show module,show flash,show version,show system-information,write term,show system information "expect {re "\[\n\r]+"un{ exp_continue } }" -re $reprompt {} (pro-re "\[\n\r]+"mm{ exp_continue }show module,show flash,show version,show system-information,write term,show system information }"voked from withinn not found (procedure "run_commands" line 9)k,show module,show flash,show version,show system-information,write term,show system information invoked from withine 148)ound "run_commands $prompt $command" ("foreach" body line 148) $i end] { invoked from withintolower $router] "foreach router [lrange $argv $i end] {show module,show flash,show version,show system-information,write term,show system information set router [string tolower $router] send_user "$router\n" set timeout [find t..."pression pattern: parentheses () not balanced # device timeouti/apps/rancid/bin/hlogin" line 594) set timeout [find t..."pression pattern: parentheses () not balanced (file "/mnt/iscsi/apps/rancid/bin/hlogin" line 594) This transmission is intended only for use by the intended recipient(s). If you are not an intended recipient you should not read, disclose copy, circulate or in any other way use the information contained in this transmission. The information contained in this transmission may be confidential and/or privileged. If you have received this transmission in error, please notify the sender immediately and delete this transmission including any attachments. This transmission is intended only for use by the intended recipient(s). If you are not an intended recipient you should not read, disclose copy, circulate or in any other way use the information contained in this transmission. The information contained in this transmission may be confidential and/or privileged. If you have received this transmission in error, please notify the sender immediately and delete this transmission including any attachments. This transmission is intended only for use by the intended recipient(s). If you are not an intended recipient you should not read, disclose copy, circulate or in any other way use the information contained in this transmission. The information contained in this transmission may be confidential and/or privileged. If you have received this transmission in error, please notify the sender immediately and delete this transmission including any attachments. -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20100621/424965c6/attachment.html From cchandler at mediatemple.net Mon Jun 21 23:07:23 2010 From: cchandler at mediatemple.net (Corey Chandler) Date: Mon, 21 Jun 2010 16:07:23 -0700 Subject: [rancid] Initial setup -- repository not created Message-ID: Running 2.3.3 here. Followed the guide located at http://www.linuxhomenetworking.com/wiki/index.php/Quick_HOWTO_:_Ch1_:_Network_Backups_With_Rancid Every time the daemon runs, it generates this: rancid at rancid:~/var$ cat logs/edgeswitches.20100621.185155 starting: Mon Jun 21 18:51:55 EDT 2010 svn: warning: 'edgeswitch32' is not a working copy Trying to get all of the configs. All routers sucessfully completed. svn: '.' is not a working copy svn: '/usr/local/rancid/var/edgeswitches' is not a working copy ending: Mon Jun 21 18:53:26 EDT 2010 I've run the /usr/local/rancid/bin/rancid-cvs; it returns without any message at all. rancid at rancid:~/etc$ grep -v \# rancid.conf TERM=network;export TERM umask 027 TMPDIR=/tmp; export TMPDIR BASEDIR=/usr/local/rancid/var; export BASEDIR PATH=/usr/local/rancid/bin:/usr/bin:/usr/sbin:.:/bin:/usr/local/bin:/usr/bin; export PATH CVSROOT=$BASEDIR/CVS; export CVSROOT LOGDIR=$BASEDIR/logs; export LOGDIR RCSSYS=svn; export RCSSYS LIST_OF_GROUPS="edgeswitches" FILTER_PWDS=NO; export FILTER_PWDS NOCOMMSTR=NO; export NOCOMMSTR MAX_ROUNDS=4; export MAX_ROUNDS OLDTIME=4; export OLDTIME LOCKTIME=4; export LOCKTIME PAR_COUNT=5; export PAR_COUNT MAILHEADERS="Precedence: bulk"; export MAILHEADERS What am I doing wrong? -- Corey Chandler From blam at rockyou.com Mon Jun 21 19:32:26 2010 From: blam at rockyou.com (Brian Lam) Date: Mon, 21 Jun 2010 12:32:26 -0700 Subject: [rancid] output that triggers annoying email notification - I am sure we have all seen this before from rancid. :) Message-ID: All, I am using rancid 2.3.2. with force 10 switches (S50N - 48-port). The following line keeps triggering an email notification, which is annoying because we get desensitized to the notification email when there is an actual change. - !Chassis: 0 up medium up up up up up up + !Chassis: 0 up low up up up up up up The router command that spit out this status is (I believe) 'show system'. I searched for the command and believe it's in the following file: bin/f10rancid: {'show system' => 'ShowChassis'}, I am going to hack the script to see if I can filter the annoying output. I will probably will remove the command 'show system' if I don't figure out how to filter out the annoying line. But this affect the output globally and I would like to get the rest of the output. I was wondering if someone has experience changing the code base to deal w/ this case? Any pointer would be apreciated. Thanks! Example of system command and system outputs: r305-sw2-secondary#show system Stack MAC : 00:01:e8:d6:86:6e -- Unit 0 -- Unit Type : Management Unit Status : online Next Boot : online Required Type : S50N - 48-port E/FE/GE (SB) Current Type : S50N - 48-port E/FE/GE (SB) Master priority : 0 Hardware Rev : 2.0 Num Ports : 52 Up Time : 11 wk, 5 day, 11 hr, 47 min FTOS Version : 7.8.1.3 Jumbo Capable : yes POE Capable : no Burned In MAC : 00:01:e8:d6:86:6e No Of MACs : 3 -- Module 0 -- Status : not present -- Module 1 -- Status : not present -- Power Supplies -- Unit Bay Status Type --------------------------------------------------------------------------- 0 0 up AC 0 1 absent -- Fan Status -- Unit TrayStatus Speed Fan0 Fan1 Fan2 Fan3 Fan4 Fan5 -------------------------------------------------------------------------------- 0 up low up up up up up up -- Unit 1 -- Unit Type : Member Unit ... ... Brian Lam | IT/Operations | Rockyou, Inc. -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20100621/b683829b/attachment.html From cchandler at mediatemple.net Tue Jun 22 01:15:50 2010 From: cchandler at mediatemple.net (Corey Chandler) Date: Mon, 21 Jun 2010 18:15:50 -0700 Subject: [rancid] Re: Initial setup -- repository not created In-Reply-To: References: Message-ID: On Jun 21, 2010, at 4:07 PM, Corey Chandler wrote: > > > svn: '.' is not a working copy > svn: '/usr/local/rancid/var/edgeswitches' is not a working copy > > ending: Mon Jun 21 18:53:26 EDT 2010 I've solved this. Blowing away /usr/local/rancid/var/edgeswitches after backing up router.db, running rancid-cvs, restoring router.db, then checking router.db into subversion by hand sorted this out. Ideally this'll help anyone who comes here looking for the same solution down the road. -- Corey -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20100621/d807ee00/attachment.html From sylvain74230 at yahoo.fr Tue Jun 22 17:17:23 2010 From: sylvain74230 at yahoo.fr (Sylvain 74) Date: Tue, 22 Jun 2010 17:17:23 +0000 (GMT) Subject: [rancid] SSH issues "couldn't compile regular expression pattern: parentheses () not balanced" Message-ID: <250808.63127.qm@web28504.mail.ukl.yahoo.com> Hi everyone, I can't connect to my HP Procurve 2625 nor 2524 using SSH. Telnet is ok as you can see : ----------------------TELNET CONNEXION OK------------------ [rancid at erf ~]$ bin/hlogin -f .cloginrc -c "sh version" lapphpsw27 lapphpsw27 spawn hpuifilter -- telnet lapphpsw27 Trying 134.xxx.xxx.xx... Connected to lapphpsw27.xxxxx.xx (134.xxx.xxx.xx). Escape character is '^]'. ProCurve J4900B Switch 2626 Software revision H.10.50 Copyright (C) 1991-2007 Hewlett-Packard Co. All Rights Reserved. RESTRICTED RIGHTS LEGEND Use, duplication, or disclosure by the Government is subject to restrictions as set forth in subdivision (b) (3) (ii) of the Rights in Technical Data and Computer Software clause at 52.227-7013. HEWLETT-PACKARD COMPANY, 3000 Hanover St., Palo Alto, CA 94303 Press any key to continueUsername: manager Password: hpsh27# hpsh27# no page hpsh27# sh version Image stamp: /sw/code/build/fish(mkfs) Oct 9 2007 15:00:51 H.10.50 359 Boot Image: Primary hpsh27#exit hpsh27> exit Do you want to log out [y/n]? y Connection closed by foreign host. ----------------------------------------------------------- When I run the same command using "add method ssh" in config file : -------------------SSH CONNEXION FAILED-------------------- [rancid at erf ~]$ bin/hlogin -f .cloginrc -c "sh version" lapphpsw27 lapphpsw27 spawn ssh -c 3des -x -l manager lapphpsw27 manager at lapphpsw27's password: ProCurve J4900B Switch 2626 Software revision H.10.50 Copyright (C) 1991-2007 Hewlett-Packard Co. All Rights Reserved. RESTRICTED RIGHTS LEGEND Use, duplication, or disclosure by the Government is subject to restrictions as set forth in subdivision (b) (3) (ii) of the Rights in Technical Data and Computer Software clause at 52.227-7013. HEWLETT-PACKARD COMPANY, 3000 Hanover St., Palo Alto, CA 94303 Press any key to continue hpsh27# hpsh27# couldn't compile regular expression pattern: parentheses () not balanced while executing [^#>\r\n]+)?[#>](\([^)\r\n]+\))?} {} -re {[ ]+} { exp_continue }" invoked from within "expect { -re $reprompt {} -re "\[\n\r]+" { exp_continue } }" (procedure "run_commands" line 9) invoked from within "run_commands $prompt $command" ("foreach" body line 148) invoked from within "foreach router [lrange $argv $i end] { set router [string tolower $router] send_user "$router\n" # device timeout set timeout [find t..." (file "bin/hlogin" line 594) [rancid at erf ~]$ ----------------------------------------------------------- My .cloginrc file : ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ add user lapphpsw27 {xxxxx} add password lapphpsw27 {xxxx} {xxxx} add method lapphpsw27 ssh ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ The problem seems to be localised line 505 in hlogin : ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ # Turn off the pager and escape regex meta characters in the $prompt send "no page\r" regsub -all {[)(]} $prompt {\\&} reprompt -> regsub -all {^(.{1,11}).*([#>])$} $reprompt {\1([^#>\r\n]+)?[#>](\\([^)\\r\\n]+\\))?} reprompt expect { -re $reprompt {} -re "\[\n\r]+" { exp_continue } } ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ If I replace this line by -> regsub -all {^(.{1,11}).*([#>])$} $reprompt {\1] reprompt then SSH seems to be ok but it closes strangely : ----------------SSH WITH LINE 505 MODIFIED----------- [rancid at erf ~]$ bin/hlogin -f .cloginrc -c "sh version" lapphpsw27 lapphpsw27 spawn ssh -c 3des -x -l manager lapphpsw27 manager at lapphpsw27's password: ProCurve J4900B Switch 2626 Software revision H.10.50 Copyright (C) 1991-2007 Hewlett-Packard Co. All Rights Reserved. RESTRICTED RIGHTS LEGEND Use, duplication, or disclosure by the Government is subject to restrictions as set forth in subdivision (b) (3) (ii) of the Rights in Technical Data and Computer Software clause at 52.227-7013. HEWLETT-PACKARD COMPANY, 3000 Hanover St., Palo Alto, CA 94303 Press any key to continue hpsh27# no page hpsh27# sh version Image stamp: /sw/code/build/fish(mkfs) Oct 9 2007 15:00:51 H.10.50 359 Boot Image: Primary hpsh27# [xit9He hpsh27> exit Do you want to log out [y/n]? y ------------------------------------------------------------ As you can see the "exit" before logout is messed up. I would love to correct this line in hlogin (line 505), but I fear I'm not able to do that. Rancid v2.3.3 Expect v5.42.1 SSH is ok when I log in manually on my HP switches. The error message is exactly the same when using clogin with HP switches. I don't have any problem when I connect to cisco switches using clogin and SSH. Any suggestion ? sylvain; PS : Thanks all for your job, this soft is simply awesome ! From blam at rockyou.com Tue Jun 22 17:44:00 2010 From: blam at rockyou.com (Brian Lam) Date: Tue, 22 Jun 2010 10:44:00 -0700 Subject: [rancid] Re: output that triggers annoying email notification - I am sure we have all seen this before from rancid. :) In-Reply-To: References: Message-ID: I haven't heard back so I went ahead and comment out the line below: {'show system' => 'ShowChassis'}, Unfortunately, it removed a lot of valuable information so I am going to attempt to 'intercept' the output files and remove the '!Chassis...' line there in the file: - !Chassis: 0 up medium up up up up up up + !Chassis: 0 up low up up up up up up I think I narrow down it to the following in the bin/f10rancid: ... ... ... open(OUTPUT,">$host.new") || die "Can't open $host.new for writing: $!\n"; select(OUTPUT); # make OUTPUT unbuffered if debugging if ($debug) { $| = 1; } if ($file) { print STDERR "opening file $host\n" if ($debug); print STDOUT "opening file $host\n" if ($log); open(INPUT,"<$host") || die "open failed for $host: $!\n"; } else { print STDERR "executing clogin -t $timeo -c\"$cisco_cmds\" $host\n" if ($debug); print STDOUT "executing clogin -t $timeo -c\"$cisco_cmds\" $host\n" if ($log); if (defined($ENV{NOPIPE})) { system "clogin -t $timeo -c \"$cisco_cmds\" $host $host.raw 2>&1" || die "clogin failed for $host: $!\n"; open(INPUT, "< $host.raw") || die "clogin failed for $host: $!\n"; } else { open(INPUT,"clogin -t $timeo -c \"$cisco_cmds\" $host wrote: > All, > > I am using rancid 2.3.2. with force 10 switches (S50N - 48-port). > > The following line keeps triggering an email notification, which is > annoying because we get desensitized to the notification email when there is > an actual change. > > - !Chassis: 0 up medium up up up up up > up > + !Chassis: 0 up low up up up up up > up > > The router command that spit out this status is (I believe) 'show system'. > I searched for the command and believe it's in the following file: > > bin/f10rancid: {'show system' => 'ShowChassis'}, > > I am going to hack the script to see if I can filter the annoying output. > I will probably will remove the command 'show system' if I don't figure out > how to filter out the annoying line. But this affect the output globally > and I would like to get the rest of the output. > > I was wondering if someone has experience changing the code base to deal w/ > this case? Any pointer would be apreciated. Thanks! > > Example of system command and system outputs: > > r305-sw2-secondary#show system > > Stack MAC : 00:01:e8:d6:86:6e > > -- Unit 0 -- > Unit Type : Management Unit > Status : online > Next Boot : online > Required Type : S50N - 48-port E/FE/GE (SB) > Current Type : S50N - 48-port E/FE/GE (SB) > Master priority : 0 > Hardware Rev : 2.0 > Num Ports : 52 > Up Time : 11 wk, 5 day, 11 hr, 47 min > FTOS Version : 7.8.1.3 > Jumbo Capable : yes > POE Capable : no > Burned In MAC : 00:01:e8:d6:86:6e > No Of MACs : 3 > > -- Module 0 -- > Status : not present > > -- Module 1 -- > Status : not present > > -- Power Supplies -- > Unit Bay Status Type > --------------------------------------------------------------------------- > 0 0 up AC > 0 1 absent > > -- Fan Status -- > Unit TrayStatus Speed Fan0 Fan1 Fan2 Fan3 Fan4 Fan5 > > -------------------------------------------------------------------------------- > 0 up low up up up up up up > > -- Unit 1 -- > Unit Type : Member Unit > ... > ... > > > Brian Lam | IT/Operations | Rockyou, Inc. > > > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20100622/04a36c9c/attachment.html From alligator94 at wanadoo.fr Tue Jun 22 18:01:46 2010 From: alligator94 at wanadoo.fr (Alligator) Date: Tue, 22 Jun 2010 20:01:46 +0200 Subject: [rancid] clogin with CUE Cisco module Message-ID: Hello, I use rancid to back up my cisco configurations files. It runs fine except for Call Manager Express( CUE ) . It is a module inside the Cisco router accessible using telnet and you can do "show run". It is possible to telnet on the cisco router using a specific port ( here it is 2066) and it telnet the module. I get a timeout because , once the password has been entered , I need one or two supplementary "enter" to get the autoenable prompt. See below : $ bin/clogin router-ip-address spawn router-ip-address 2066 Trying router-ip-address... Connected to router-ip-address Escape character is '^]'. User Access Verification Username: xxx Password: Error: TIMEOUT reached Does someone already experienced to use rancid for this kind of module ? Does someone know how to add several "enter" ( I suppose "\n" or "\r" ) after entering the password ( without having the prompt) ? I read the forum til 2008 and found nothing. Thank you for your help Alligator94 -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20100622/5feeee85/attachment.html From heas at shrubbery.net Tue Jun 22 23:11:08 2010 From: heas at shrubbery.net (john heasley) Date: Tue, 22 Jun 2010 16:11:08 -0700 Subject: [rancid] Re: Not working rancid with Cisco without enable. In-Reply-To: <20100619180525.GB812@shrubbery.net> References: <20100609213506.GO4014@shrubbery.net> <20100611164836.GG14129@shrubbery.net> <20100615182039.GD27773@shrubbery.net> <4C1C7D4C.80209@chalmers.se> <20100619180525.GB812@shrubbery.net> Message-ID: <20100622231108.GA4817@shrubbery.net> Sat, Jun 19, 2010 at 06:05:25PM +0000, john heasley: > Sat, Jun 19, 2010 at 10:18:20AM +0200, Per-Olof Olsson: > > To run cisco rancid script in unpriv mode, there must be some code > > update to find >-prompt and to match commands (cmds_regexp) with > > >-prompt. Today rancid script only match for #-prompt. > > that is not right; it accepts either on. Sorry, Per-Olof; you are correct. I was looking at a local change. I'll include this '>' prompt handling change with 2.3.4. From collabrotech at gmail.com Tue Jun 22 22:58:01 2010 From: collabrotech at gmail.com (A J) Date: Tue, 22 Jun 2010 15:58:01 -0700 (PDT) Subject: [rancid] Command Questions Message-ID: sorry for the newbie questions... I having trouble making rancid work with cvsweb... What command do I use to make rancid save a config to cvs? Is there a command to see if cvs or cvsweb is configured and working? Thank you!!! A J From willie at qis.net Wed Jun 23 04:26:42 2010 From: willie at qis.net (Willie Bollinger) Date: Wed, 23 Jun 2010 00:26:42 -0400 Subject: [rancid] Dell Switch Errors Message-ID: <4C218D02.6040507@qis.net> I am running a couple of Dell 5448 Switches and am having issues with the dell dell extensions. I know this isn't part of the standard install but am hoping someone may have an idea as to what is going on. This is what I am seeing in the logs when rancid runs ===================================== Getting missed routers: round 1. opened network stream from 10.10.111.2 if () at /home2/rancid/bin/drancid line 2 72. FOUND PROMPT: dsw1-cc# found_end = 1, clean_run = 0 10.10.111.2: End of run not found end ===================================== The interesting thing is I can use dlogin manually and do a show run and everything works so I assume my .cloginrc file is fine rancid at staff$ ./dlogin -autoenable -c "show run" -f ../.cloginrc 10.10.111.2 10.10.111.2 spawn telnet 10.10.111.2 Trying 10.10.111.2... Connected to 10.10.111.2. Escape character is '^]'. User Name:rancid Password:******* dsw1-cc# dsw1-cc# show run port jumbo-frame interface ethernet g48 switchport mode trunk exit vlan database Any input would be appreciated -- -------------------------------------------------------------------------- Willie Bollinger | Quantum Internet and Telecommunications 410-239-6920 | 2975B Manchester Rd., Manchester, MD 21102 -------------------------------------------------------------------------- From cchandler at mediatemple.net Wed Jun 23 04:33:08 2010 From: cchandler at mediatemple.net (Corey Chandler) Date: Tue, 22 Jun 2010 21:33:08 -0700 Subject: [rancid] Re: Dell Switch Errors In-Reply-To: <4C218D02.6040507@qis.net> References: <4C218D02.6040507@qis.net> Message-ID: <7E95B929-0BC1-4325-A441-F03D0F002A77@mediatemple.net> On Jun 22, 2010, at 9:26 PM, Willie Bollinger wrote: > > rancid at staff$ ./dlogin -autoenable -c "show run" -f ../.cloginrc 10.10.111.2 > 10.10.111.2 > spawn telnet 10.10.111.2 > Trying 10.10.111.2... > Connected to 10.10.111.2. > Escape character is '^]'. > > > User Name:rancid > Password:******* > > dsw1-cc# > dsw1-cc# show run > port jumbo-frame > interface ethernet g48 > switchport mode trunk > exit > vlan database > > > > > Any input would be appreciated I assume this works when you telnet in and run these commands. What you might end up doing is running a packet capture via wireshark / tcpdump, and compare doing it by hand to your clogin command; it may be an improper newline or something simple like that. -- Corey / KB1JWQ http://serverwrangler.com From willie at qis.net Wed Jun 23 04:47:37 2010 From: willie at qis.net (Willie Bollinger) Date: Wed, 23 Jun 2010 00:47:37 -0400 Subject: [rancid] Re: Dell Switch Errors In-Reply-To: <7E95B929-0BC1-4325-A441-F03D0F002A77@mediatemple.net> References: <4C218D02.6040507@qis.net> <7E95B929-0BC1-4325-A441-F03D0F002A77@mediatemple.net> Message-ID: <4C2191E9.3090907@qis.net> From what I can see the script does a show version, show vlan, and show running-config and all of these work properly when I telnet into the switch and run them manually. Corey Chandler wrote: > On Jun 22, 2010, at 9:26 PM, Willie Bollinger wrote: > >> rancid at staff$ ./dlogin -autoenable -c "show run" -f ../.cloginrc 10.10.111.2 >> 10.10.111.2 >> spawn telnet 10.10.111.2 >> Trying 10.10.111.2... >> Connected to 10.10.111.2. >> Escape character is '^]'. >> >> >> User Name:rancid >> Password:******* >> >> dsw1-cc# >> dsw1-cc# show run >> port jumbo-frame >> interface ethernet g48 >> switchport mode trunk >> exit >> vlan database >> >> >> >> >> Any input would be appreciated > > I assume this works when you telnet in and run these commands. What you might end up doing is running a packet capture via wireshark / tcpdump, and compare doing it by hand to your clogin command; it may be an improper newline or something simple like that. > -- -------------------------------------------------------------------------- Willie Bollinger | Quantum Internet and Telecommunications 410-239-6920 | 2975B Manchester Rd., Manchester, MD 21102 -------------------------------------------------------------------------- From heas at shrubbery.net Wed Jun 23 04:52:00 2010 From: heas at shrubbery.net (john heasley) Date: Wed, 23 Jun 2010 04:52:00 +0000 Subject: [rancid] Re: Dell Switch Errors In-Reply-To: <4C2191E9.3090907@qis.net> References: <4C218D02.6040507@qis.net> <7E95B929-0BC1-4325-A441-F03D0F002A77@mediatemple.net> <4C2191E9.3090907@qis.net> Message-ID: <20100623045200.GB25126@shrubbery.net> Wed, Jun 23, 2010 at 12:47:37AM -0400, Willie Bollinger: > From what I can see the script does a show version, show vlan, and show > running-config and all of these work properly when I telnet into the > switch and run them manually. set NOPIPE=YES and use the rancid script with -d (hopefully the author maintained that) so that you get a .raw file and log of commands recognized. > Corey Chandler wrote: > > On Jun 22, 2010, at 9:26 PM, Willie Bollinger wrote: > > > >> rancid at staff$ ./dlogin -autoenable -c "show run" -f ../.cloginrc 10.10.111.2 > >> 10.10.111.2 > >> spawn telnet 10.10.111.2 > >> Trying 10.10.111.2... > >> Connected to 10.10.111.2. > >> Escape character is '^]'. > >> > >> > >> User Name:rancid > >> Password:******* > >> > >> dsw1-cc# > >> dsw1-cc# show run > >> port jumbo-frame > >> interface ethernet g48 > >> switchport mode trunk > >> exit > >> vlan database > >> > >> > >> > >> > >> Any input would be appreciated > > > > I assume this works when you telnet in and run these commands. What you might end up doing is running a packet capture via wireshark / tcpdump, and compare doing it by hand to your clogin command; it may be an improper newline or something simple like that. > > > > -- > -------------------------------------------------------------------------- > Willie Bollinger | Quantum Internet and Telecommunications > 410-239-6920 | 2975B Manchester Rd., Manchester, MD 21102 > -------------------------------------------------------------------------- > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss From cchandler at mediatemple.net Wed Jun 23 04:52:34 2010 From: cchandler at mediatemple.net (Corey Chandler) Date: Tue, 22 Jun 2010 21:52:34 -0700 Subject: [rancid] Re: Dell Switch Errors In-Reply-To: <4C2191E9.3090907@qis.net> References: <4C218D02.6040507@qis.net> <7E95B929-0BC1-4325-A441-F03D0F002A77@mediatemple.net> <4C2191E9.3090907@qis.net> Message-ID: <4D9C98ED-1655-462D-A233-050FB6EB7D84@mediatemple.net> On Jun 22, 2010, at 9:47 PM, Willie Bollinger wrote: > From what I can see the script does a show version, show vlan, and show running-config and all of these work properly when I telnet into the switch and run them manually. Right, which is why you need to take a look at a packet capture to see if it's a broken newline or similar. Compare and contrast what the script is sending with what you're sending when you do it by hand. That'll be the easiest way to diagnose things. -- Corey / KB1JWQ http://serverwrangler.com -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20100622/3534a424/attachment.html From cchandler at mediatemple.net Wed Jun 23 04:53:05 2010 From: cchandler at mediatemple.net (Corey Chandler) Date: Tue, 22 Jun 2010 21:53:05 -0700 Subject: [rancid] Re: Dell Switch Errors In-Reply-To: <20100623045200.GB25126@shrubbery.net> References: <4C218D02.6040507@qis.net> <7E95B929-0BC1-4325-A441-F03D0F002A77@mediatemple.net> <4C2191E9.3090907@qis.net> <20100623045200.GB25126@shrubbery.net> Message-ID: <8D150B94-299F-4BFE-8975-224F0F79070F@mediatemple.net> On Jun 22, 2010, at 9:52 PM, john heasley wrote: > Wed, Jun 23, 2010 at 12:47:37AM -0400, Willie Bollinger: >> From what I can see the script does a show version, show vlan, and show >> running-config and all of these work properly when I telnet into the >> switch and run them manually. > > set NOPIPE=YES and use the rancid script with -d (hopefully the author > maintained that) so that you get a .raw file and log of commands > recognized. Er, or this. I didn't realize rancid had that option. :-) My error. -- Corey / KB1JWQ http://serverwrangler.com -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20100622/8006e312/attachment.html From willie at qis.net Wed Jun 23 04:55:04 2010 From: willie at qis.net (Willie Bollinger) Date: Wed, 23 Jun 2010 00:55:04 -0400 Subject: [rancid] Re: Dell Switch Errors In-Reply-To: <20100623045200.GB25126@shrubbery.net> References: <4C218D02.6040507@qis.net> <7E95B929-0BC1-4325-A441-F03D0F002A77@mediatemple.net> <4C2191E9.3090907@qis.net> <20100623045200.GB25126@shrubbery.net> Message-ID: <4C2193A8.8030601@qis.net> Where do I set NOPIPE=YES at? john heasley wrote: > Wed, Jun 23, 2010 at 12:47:37AM -0400, Willie Bollinger: >> From what I can see the script does a show version, show vlan, and show >> running-config and all of these work properly when I telnet into the >> switch and run them manually. > > set NOPIPE=YES and use the rancid script with -d (hopefully the author > maintained that) so that you get a .raw file and log of commands > recognized. > >> Corey Chandler wrote: >>> On Jun 22, 2010, at 9:26 PM, Willie Bollinger wrote: >>> >>>> rancid at staff$ ./dlogin -autoenable -c "show run" -f ../.cloginrc 10.10.111.2 >>>> 10.10.111.2 >>>> spawn telnet 10.10.111.2 >>>> Trying 10.10.111.2... >>>> Connected to 10.10.111.2. >>>> Escape character is '^]'. >>>> >>>> >>>> User Name:rancid >>>> Password:******* >>>> >>>> dsw1-cc# >>>> dsw1-cc# show run >>>> port jumbo-frame >>>> interface ethernet g48 >>>> switchport mode trunk >>>> exit >>>> vlan database >>>> >>>> >>>> >>>> >>>> Any input would be appreciated >>> I assume this works when you telnet in and run these commands. What you might end up doing is running a packet capture via wireshark / tcpdump, and compare doing it by hand to your clogin command; it may be an improper newline or something simple like that. >>> >> -- >> -------------------------------------------------------------------------- >> Willie Bollinger | Quantum Internet and Telecommunications >> 410-239-6920 | 2975B Manchester Rd., Manchester, MD 21102 >> -------------------------------------------------------------------------- >> _______________________________________________ >> Rancid-discuss mailing list >> Rancid-discuss at shrubbery.net >> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss -- -------------------------------------------------------------------------- Willie Bollinger | Quantum Internet and Telecommunications 410-239-6920 | 2975B Manchester Rd., Manchester, MD 21102 -------------------------------------------------------------------------- From peo at chalmers.se Wed Jun 23 05:10:00 2010 From: peo at chalmers.se (Per-Olof Olsson) Date: Wed, 23 Jun 2010 07:10:00 +0200 Subject: [rancid] Re: SSH issues "couldn't compile regular expression pattern: parentheses () not balanced" In-Reply-To: <250808.63127.qm@web28504.mail.ukl.yahoo.com> References: <250808.63127.qm@web28504.mail.ukl.yahoo.com> Message-ID: <4C219728.8040606@chalmers.se> Hi Missing hpuifilter in hlogin 2.3.3 for ssh. < set retval [ catch {eval spawn [split "$cmd -c $cyphertype -x -l $user $router" { }]} reason ] --- > set retval [ catch {eval spawn hpuifilter -- [split "$cmd -c $cyphertype -x -l $user $router" { }]} reason ] more info from old subject/case "[rancid] Re: Rancid stopped working for my HP switches" from 04/03/2010 Sylvain 74 wrote: > Hi everyone, > > I can't connect to my HP Procurve 2625 nor 2524 using SSH. Telnet is ok as you can see : > > ----------------------TELNET CONNEXION OK------------------ > [rancid at erf ~]$ bin/hlogin -f .cloginrc -c "sh version" lapphpsw27 > lapphpsw27 > spawn hpuifilter -- telnet lapphpsw27 > Trying 134.xxx.xxx.xx... > Connected to lapphpsw27.xxxxx.xx (134.xxx.xxx.xx). > Escape character is '^]'. > ProCurve J4900B Switch 2626 > Software revision H.10.50 > > Copyright (C) 1991-2007 Hewlett-Packard Co. All Rights Reserved. > > RESTRICTED RIGHTS LEGEND > > Use, duplication, or disclosure by the Government is subject to restrictions > as set forth in subdivision (b) (3) (ii) of the Rights in Technical Data and > Computer Software clause at 52.227-7013. > > HEWLETT-PACKARD COMPANY, 3000 Hanover St., Palo Alto, CA 94303 > > Press any key to continueUsername: manager > Password: > hpsh27# > hpsh27# no page > hpsh27# sh version > Image stamp: /sw/code/build/fish(mkfs) > Oct 9 2007 15:00:51 > H.10.50 > 359 > Boot Image: Primary > hpsh27#exit > hpsh27> exit > Do you want to log out [y/n]? y > > Connection closed by foreign host. > ----------------------------------------------------------- > > When I run the same command using "add method ssh" in config file : > > -------------------SSH CONNEXION FAILED-------------------- > [rancid at erf ~]$ bin/hlogin -f .cloginrc -c "sh version" lapphpsw27 > lapphpsw27 > spawn ssh -c 3des -x -l manager lapphpsw27 > manager at lapphpsw27's password: > ProCurve J4900B Switch 2626 > Software revision H.10.50 > > Copyright (C) 1991-2007 Hewlett-Packard Co. All Rights Reserved. > > RESTRICTED RIGHTS LEGEND > > Use, duplication, or disclosure by the Government is subject to restrictions > as set forth in subdivision (b) (3) (ii) of the Rights in Technical Data and > Computer Software clause at 52.227-7013. > > HEWLETT-PACKARD COMPANY, 3000 Hanover St., Palo Alto, CA 94303 > > > Press any key to continue > > hpsh27# > hpsh27# couldn't compile regular expression pattern: parentheses () not balanced > while executing > [^#>\r\n]+)?[#>](\([^)\r\n]+\))?} {} -re {[ > ]+} { exp_continue }" > invoked from within > "expect { > -re $reprompt {} > -re "\[\n\r]+" { exp_continue } > }" > (procedure "run_commands" line 9) > invoked from within > "run_commands $prompt $command" > ("foreach" body line 148) > invoked from within > "foreach router [lrange $argv $i end] { > set router [string tolower $router] > send_user "$router\n" > > # device timeout > set timeout [find t..." > (file "bin/hlogin" line 594) > [rancid at erf ~]$ > ----------------------------------------------------------- > > My .cloginrc file : > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > add user lapphpsw27 {xxxxx} > add password lapphpsw27 {xxxx} {xxxx} > add method lapphpsw27 ssh > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > > > The problem seems to be localised line 505 in hlogin : > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > # Turn off the pager and escape regex meta characters in the $prompt > send "no page\r" > regsub -all {[)(]} $prompt {\\&} reprompt > -> regsub -all {^(.{1,11}).*([#>])$} $reprompt {\1([^#>\r\n]+)?[#>](\\([^)\\r\\n]+\\))?} reprompt > expect { > -re $reprompt {} > -re "\[\n\r]+" { exp_continue } > } > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > > If I replace this line by > -> regsub -all {^(.{1,11}).*([#>])$} $reprompt {\1] reprompt > then SSH seems to be ok but it closes strangely : > > ----------------SSH WITH LINE 505 MODIFIED----------- > [rancid at erf ~]$ bin/hlogin -f .cloginrc -c "sh version" lapphpsw27 > lapphpsw27 > spawn ssh -c 3des -x -l manager lapphpsw27 > manager at lapphpsw27's password: > ProCurve J4900B Switch 2626 > Software revision H.10.50 > > Copyright (C) 1991-2007 Hewlett-Packard Co. All Rights Reserved. > > RESTRICTED RIGHTS LEGEND > > Use, duplication, or disclosure by the Government is subject to restrictions > as set forth in subdivision (b) (3) (ii) of the Rights in Technical Data and > Computer Software clause at 52.227-7013. > > HEWLETT-PACKARD COMPANY, 3000 Hanover St., Palo Alto, CA 94303 > > > Press any key to continue > > > hpsh27# no page > hpsh27# sh version > Image stamp: /sw/code/build/fish(mkfs) > Oct 9 2007 15:00:51 > H.10.50 > 359 > Boot Image: Primary > hpsh27# [xit9He > hpsh27> exit > Do you want to log out [y/n]? y > ------------------------------------------------------------ > > As you can see the "exit" before logout is messed up. > I would love to correct this line in hlogin (line 505), but I fear I'm not able to do that. > > Rancid v2.3.3 > Expect v5.42.1 > SSH is ok when I log in manually on my HP switches. > The error message is exactly the same when using clogin with HP switches. > I don't have any problem when I connect to cisco switches using clogin and SSH. > > Any suggestion ? > > > sylvain; > > > PS : Thanks all for your job, this soft is simply awesome ! > > > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss /Peo ---------------------------------------------------------- Per-Olof Olsson Email: peo at chalmers.se Chalmers tekniska h?gskola IT-service H?rsalsv?gen 5 412 96 G?teborg Tel: 031/772 6738 Fax: 031/772 8660 ---------------------------------------------------------- From bmahaffey at pelco.com Wed Jun 23 06:09:43 2010 From: bmahaffey at pelco.com (Mahaffey, Brian) Date: Tue, 22 Jun 2010 23:09:43 -0700 Subject: [rancid] Re: couldn't compile regular expression pattern: parentheses() not balanced In-Reply-To: <4BBAF403456ED74981E7164ED3A4C224020DA2A7@CA-EVS02.pelco.org> References: <4BBAF403456ED74981E7164ED3A4C22401EF84EA@CA-EVS02.pelco.org><4BBAF403456ED74981E7164ED3A4C22401FE203D@CA-EVS02.pelco.org> <4BBAF403456ED74981E7164ED3A4C224020DA2A7@CA-EVS02.pelco.org> Message-ID: <4BBAF403456ED74981E7164ED3A4C224020DA437@CA-EVS02.pelco.org> I don't know why but I had a duplicate rancid directory located @ /usr/local/rancid once I removed this directory HP switches were working perfectly. Eh go figure J From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Mahaffey, Brian Sent: Monday, June 21, 2010 11:10 AM To: rancid-discuss at shrubbery.net Subject: [rancid] couldn't compile regular expression pattern: parentheses() not balanced Rancid 2.3.3 expect 5.43 When rancid runs I am unable to collect data from HP switches via hlogin I get an error in the log file. When I manually run hlogin -c 'show run' HP5308-B6-1 I get a device timeout. If I run hlogin HP5308-B6-1 rancid logins successfully. I have tried this on another HP 5406 switch with the same issues. -bash-3.2$ hlogin HP5308-B6-1 hp5308-b6-1 spawn ssh -c 3des -x -l rancid hp5308-b6-1 rancid at hp5308-b6-1's password: ProCurve J4819A Switch 5308xl Software revision E.11.10 HP5308-B6-1> enable Password: HP5308-B6-1# HP5308-B6-1# exit HP5308-B6-1> exit Do you want to log out [y/n]? y ----------------------------------------------------- -bash-3.2$ hlogin -c 'show run' HP5308-B6-1 hp5308-b6-1 spawn ssh -c 3des -x -l rancid hp5308-b6-1 rancid at hp5308-b6-1's password: HP5308-B6-1> enable Password: HP5308-B6-1# HP5308-B6-1# couldn't compile regular expression pattern: parentheses () not balanced while executing ^#>\r\n]+)?[#>](\([^)\r\n]+\))?} {} -re {[ ]+} { exp_continue }" invoked from within "expect { -re $reprompt {} -re "\[\n\r]+" { exp_continue } }" (procedure "run_commands" line 9) invoked from within "run_commands $prompt $command" ("foreach" body line 148) invoked from within "foreach router [lrange $argv $i end] { set router [string tolower $router] send_user "$router\n" # device timeout set timeout [find t..." (file "/mnt/iscsi/apps/rancid/bin/hlogin" line 594) --------------------------------------------------------------- I don't know how much of this is relevant for you my apologizes I just grabbed a snip from the log file. "expect {re "\[\n\r]+"md{ exp_continue }show module,show flash,show version,show system-information,write term,show system information }"-b-re $repromptrun{}ot found (pro-re "\[\n\r]+"mm{ exp_continue } }"voked from withind(s): show stack,show module,show flash,show version,show system-information,write term,show system information (procedure "run_commands" line 9) invoked from withine 148) "run_commands $prompt $command"w stack,show module,show flash,show version,show system-information,write term,show system information ^#>\r\n]+)?[#>](\([^)\r\n]+\))?} {} -re {[ ]+} { exp_continue }"intolower $router]show module,show flash,show version,show system-information,write term,show system information ^#>\r\n]+)?[#>](\([^)\r\n]+\))?} {} -re {[ ]+} { exp_continue }"g tolower $router] ^#>\r\n]+)?[#>](\([^)\r\n]+\))?} {} -re {[ ]+} { exp_continue }""t.{ exp_continue }ern: parentheses () not balanced ^#>\r\n]+)?[#>](\([^)\r\n]+\))?} {} -re {[in" line 594) ]+} { exp_continue }""mm{ exp_continue }ern: parentheses () not balanced ^#>\r\n]+)?[#>](\([^)\r\n]+\))?} {} -re {[ ]+} { exp_continue }""mm{ exp_continue }show module,show flash,show version,show system-information,write term,show system information invoked from withine{}48)found "expect {re "\[\n\r]+"mm{ exp_continue } }" -re $reprompt {} (pro-re "\[\n\r]+"mm{ exp_continue } }"voked from withine 148) $i end] { (procedure "run_commands" line 9)r] invoked from withine 148) $i end] { "run_commands $prompt $command"$router]tern: parentheses () not balanced ("foreach" body line 148) $i end] {login" line 594) invoked from withintolower $router]tern: parentheses () not balanced "foreach router [lrange $argv $i end] {login" line 594) set router [string tolower $router]tern: parentheses () not balanced send_user "$router\n"s/rancid/bin/hlogin" line 594) set timeout [find t..."pression pattern: parentheses () not balanced # device timeouti/apps/rancid/bin/hlogin" line 594) ^#>\r\n]+)?[#>](\([^)\r\n]+\))?} {} -re {[n: parentheses () not balanced ]+} { exp_continue }"/apps/rancid/bin/hlogin" line 594) ^#>\r\n]+)?[#>](\([^)\r\n]+\))?} {} -re {[w module,show flash,show version,show system-information,write term,show system information ]+} { exp_continue }"un not found invoked from withind{}): show stack,show module,show flash,show version,show system-information,write term,show system information "expect {re "\[\n\r]+"un{ exp_continue } }" -re $reprompt {} (pro-re "\[\n\r]+"mm{ exp_continue }show module,show flash,show version,show system-information,write term,show system information }"voked from withinn not found (procedure "run_commands" line 9)k,show module,show flash,show version,show system-information,write term,show system information invoked from withine 148)ound "run_commands $prompt $command" ("foreach" body line 148) $i end] { invoked from withintolower $router] "foreach router [lrange $argv $i end] {show module,show flash,show version,show system-information,write term,show system information set router [string tolower $router] send_user "$router\n" set timeout [find t..."pression pattern: parentheses () not balanced # device timeouti/apps/rancid/bin/hlogin" line 594) set timeout [find t..."pression pattern: parentheses () not balanced (file "/mnt/iscsi/apps/rancid/bin/hlogin" line 594) This transmission is intended only for use by the intended recipient(s). If you are not an intended recipient you should not read, disclose copy, circulate or in any other way use the information contained in this transmission. The information contained in this transmission may be confidential and/or privileged. If you have received this transmission in error, please notify the sender immediately and delete this transmission including any attachments. This transmission is intended only for use by the intended recipient(s). If you are not an intended recipient you should not read, disclose copy, circulate or in any other way use the information contained in this transmission. The information contained in this transmission may be confidential and/or privileged. If you have received this transmission in error, please notify the sender immediately and delete this transmission including any attachments. This transmission is intended only for use by the intended recipient(s). If you are not an intended recipient you should not read, disclose copy, circulate or in any other way use the information contained in this transmission. The information contained in this transmission may be confidential and/or privileged. If you have received this transmission in error, please notify the sender immediately and delete this transmission including any attachments. This transmission is intended only for use by the intended recipient(s). If you are not an intended recipient you should not read, disclose copy, circulate or in any other way use the information contained in this transmission. The information contained in this transmission may be confidential and/or privileged. If you have received this transmission in error, please notify the sender immediately and delete this transmission including any attachments. -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20100622/e83686ff/attachment.html From mrgreiner at gmail.com Wed Jun 23 13:30:39 2010 From: mrgreiner at gmail.com (Roberto Greiner) Date: Wed, 23 Jun 2010 10:30:39 -0300 Subject: [rancid] D-Link In-Reply-To: <4BBAF403456ED74981E7164ED3A4C224020DA437@CA-EVS02.pelco.org> References: <4BBAF403456ED74981E7164ED3A4C22401EF84EA@CA-EVS02.pelco.org><4BBAF403456ED74981E7164ED3A4C22401FE203D@CA-EVS02.pelco.org> <4BBAF403456ED74981E7164ED3A4C224020DA2A7@CA-EVS02.pelco.org> <4BBAF403456ED74981E7164ED3A4C224020DA437@CA-EVS02.pelco.org> Message-ID: <4C220C7F.4040701@gmail.com> Hi, I know this has been asked, but I haven't seen this question in some time. Has anyone a working configuration for D-Link switches? In my case I have some DES-3550 and DGS-3100-24. Thanks, Roberto -- ----------------------------------------------------- Marcos Roberto Greiner Os otimistas acham que estamos no melhor dos mundos Os pessimistas tem medo de que isto seja verdade James Branch Cabell ----------------------------------------------------- From willie at qis.net Wed Jun 23 15:05:45 2010 From: willie at qis.net (Willie Bollinger) Date: Wed, 23 Jun 2010 11:05:45 -0400 Subject: [rancid] Re: Dell Switch Errors In-Reply-To: <8D150B94-299F-4BFE-8975-224F0F79070F@mediatemple.net> References: <4C218D02.6040507@qis.net> <7E95B929-0BC1-4325-A441-F03D0F002A77@mediatemple.net> <4C2191E9.3090907@qis.net> <20100623045200.GB25126@shrubbery.net> <8D150B94-299F-4BFE-8975-224F0F79070F@mediatemple.net> Message-ID: <4C2222C9.8060907@qis.net> I am not sure if I am using the rancid command correctly but here is what it outputs $ ./rancid -d -f ../.cloginrc 10.10.111.2 opening file ../.cloginrc ../.cloginrc: missed cmd(s): dir /all slavedisk2:,show rsp chassis-info,dir /all sec-slot2:,show diag,dir /all disk1:,show gsr chassis,dir /all sec-nvram:,dir /all disk2:,dir /all sec-bootflash:,show spe version,dir /all slaveslot2:,dir /all disk0:,show install active,show bootvar,dir /all slaveslot0:,dir /all sec-slot1:,dir /all harddiska:,dir /all slavenvram:,show flash,dir /all sec-disk2:,dir /all slavesup-bootflash:,dir /all sec-disk0:,dir /all harddiskb:,show variables boot,show boot,dir /all slavedisk1:,show env all,show module,show controllers,show diagbus,dir /all slavedisk0:,show idprom backplane,dir /all bootflash:,dir /all sec-slot0:,dir /all sec-disk1:,write term,show vtp status,dir /all sup-bootflash:,dir /all slot2:,dir /all harddisk:,dir /all slot0:,dir /all sup-microcode:,show vlan,dir /all slavebootflash:,show controllers cbus,dir /all slaveslot1:,dir /all nvram:,show version,show redundancy secondary,show running-config,show c7200,dir /all slot1: ../.cloginrc: missed cmd(s): dir /all slavedisk2:,show rsp chassis-info,dir /all sec-slot2:,show diag,dir /all disk1:,show gsr chassis,dir /all sec-nvram:,dir /all disk2:,dir /all sec-bootflash:,show spe version,dir /all slaveslot2:,dir /all disk0:,show install active,show bootvar,dir /all slaveslot0:,dir /all sec-slot1:,dir /all harddiska:,dir /all slavenvram:,show flash,dir /all sec-disk2:,dir /all slavesup-bootflash:,dir /all sec-disk0:,dir /all harddiskb:,show variables boot,show boot,dir /all slavedisk1:,show env all,show module,show controllers,show diagbus,dir /all slavedisk0:,show idprom backplane,dir /all bootflash:,dir /all sec-slot0:,dir /all sec-disk1:,write term,show vtp status,dir /all sup-bootflash:,dir /all slot2:,dir /all harddisk:,dir /all slot0:,dir /all sup-microcode:,show vlan,dir /all slavebootflash:,show controllers cbus,dir /all slaveslot1:,dir /all nvram:,show version,show redundancy secondary,show running-config,show c7200,dir /all slot1: ../.cloginrc: End of run not found ../.cloginrc: End of run not found ! $ Corey Chandler wrote: > > On Jun 22, 2010, at 9:52 PM, john heasley wrote: > >> Wed, Jun 23, 2010 at 12:47:37AM -0400, Willie Bollinger: >>> From what I can see the script does a show version, show vlan, and show >>> running-config and all of these work properly when I telnet into the >>> switch and run them manually. >> >> set NOPIPE=YES and use the rancid script with -d (hopefully the author >> maintained that) so that you get a .raw file and log of commands >> recognized. > > Er, or this. > > I didn't realize rancid had that option. :-) My error. > > -- > Corey / KB1JWQ > http://serverwrangler.com > > > ------------------------------------------------------------------------ > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss -- -------------------------------------------------------------------------- Willie Bollinger | Quantum Internet and Telecommunications 410-239-6920 | 2975B Manchester Rd., Manchester, MD 21102 -------------------------------------------------------------------------- From collabrotech at gmail.com Wed Jun 23 01:57:31 2010 From: collabrotech at gmail.com (A J) Date: Tue, 22 Jun 2010 18:57:31 -0700 (PDT) Subject: [rancid] provisioning a config with rancid Message-ID: <4d4125fc-7546-46e5-a0c5-d1375532c9b5@q12g2000yqj.googlegroups.com> i noticed the [-x command-file] usage and was wondering if this is perhaps the way to provision commands to the switches...like if I wanted to change the password on a few different switches at once. -bash-3.2$ /usr/local/rancid/bin/clogin Error: Usage: /usr/local/rancid/bin/clogin [-dSV] [-autoenable] [- noenable] [-c command] [-Evar=x] [-e enable-password] [-f cloginrc- file] [-p user-password] [-s script-file] [-t timeout] [-u username] [-v vty-password] [-w enable-username] [-x command-file] [-y ssh_cypher_type] router [router...] -bash-3.2$ From collabrotech at gmail.com Wed Jun 23 01:58:26 2010 From: collabrotech at gmail.com (A J) Date: Tue, 22 Jun 2010 18:58:26 -0700 (PDT) Subject: [rancid] rancid irc channel? Message-ID: Is there a rancid irc channel? From aducey at water.ca.gov Wed Jun 23 02:20:46 2010 From: aducey at water.ca.gov (Ducey, Anne) Date: Tue, 22 Jun 2010 19:20:46 -0700 Subject: [rancid] rancid and cvsweb Message-ID: <7752432D1DB4BF419BC08EC9081AA23A0B14C5B0@mrsbmapp20306.ad.water.ca.gov> When I issue the command: -bash-3.2$ /usr/local/rancid/bin/rancid-cvs -bash-3.2$ Nothing happens..how do I troubleshoot this? Thank you, A J -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20100622/8d5b0a02/attachment.html From willie at qis.net Wed Jun 23 16:29:01 2010 From: willie at qis.net (Willie Bollinger) Date: Wed, 23 Jun 2010 12:29:01 -0400 Subject: [rancid] Re: Dell Switch Errors In-Reply-To: <20100623162003.GB12324@shrubbery.net> References: <4C218D02.6040507@qis.net> <7E95B929-0BC1-4325-A441-F03D0F002A77@mediatemple.net> <4C2191E9.3090907@qis.net> <20100623045200.GB25126@shrubbery.net> <4C2193A8.8030601@qis.net> <20100623155107.GA17369@shrubbery.net> <4C222FF2.3060504@qis.net> <20100623160915.GA12324@shrubbery.net> <4C2233A6.2060305@qis.net> <20100623162003.GB12324@shrubbery.net> Message-ID: <4C22364D.7050901@qis.net> I added the path and it appears to be getting output now but I just got an email that the switch cannot be successfully contacted rancid at staff$ ./drancid -dl 10.10.111.2 executing dlogin -t 90 -c"show version;show vlan;show running-config" 10.10.111.2 executing dlogin -t 90 -c"show version;show vlan;show running-config" 10.10.111.2 opened 10.10.111.2.raw PROMPT MATCH: dsw1-cc# HIT COMMAND:dsw1-cc# show version In ShowVersion: dsw1-cc# show version SW version 2.0.0.35 ( date 27-Jan-2009 time 18:13:34 ) ShowVersion: Boot version 2.0.0.0 ( date 12-Nov-2008 time 12:56:52 ) ShowVersion: HW version 00.00.02 ShowVersion: dsw1-cc# show vlan FOUND PROMPT: dsw1-cc# HIT COMMAND:dsw1-cc# show vlan In ShowVLAN: dsw1-cc# show vlan ShowVLAN: ShowVLAN: Vlan Name Ports Type Authorization ShowVLAN: ---- ----------------- --------------------------- ------------ ------------- ShowVLAN: 1 1 g(1-12,14-47),ch(1-8) other Required ShowVLAN: 200 management g(13,48) permanent Required ShowVLAN: ShowVLAN: dsw1-cc# show running-config HIT COMMAND:dsw1-cc# show running-config In WriteTerm: dsw1-cc# show running-config interface ethernet g13 WriteTerm: description "MANAGEMENT INTERFACE TO DIAMOND4" WriteTerm: exit WriteTerm: interface ethernet g47 WriteTerm: description "INTERCONNECT TO DSW2-CC" WriteTerm: exit WriteTerm: interface ethernet g48 WriteTerm: description "INTERCONNECT TO CSW1-CC" WriteTerm: exit WriteTerm: port jumbo-frame WriteTerm: interface range ethernet g(47-48) WriteTerm: switchport mode trunk WriteTerm: exit WriteTerm: vlan database WriteTerm: vlan 200 WriteTerm: exit WriteTerm: interface ethernet g13 WriteTerm: switchport access vlan 200 WriteTerm: exit WriteTerm: interface ethernet g48 WriteTerm: switchport trunk native vlan 200 WriteTerm: exit interface vlan 200 : WriteTerm: name management WriteTerm: exit WriteTerm: voice vlan oui-table add 0001e3 Siemens_AG_phone________ WriteTerm: voice vlan oui-table add 00036b Cisco_phone_____________ WriteTerm: voice vlan oui-table add 00096e Avaya___________________ WriteTerm: voice vlan oui-table add 000fe2 H3C_Aolynk______________ WriteTerm: voice vlan oui-table add 0060b9 Philips_and_NEC_AG_phone WriteTerm: voice vlan oui-table add 00d01e Pingtel_phone___________ WriteTerm: voice vlan oui-table add 00e075 Polycom/Veritel_phone___ WriteTerm: voice vlan oui-table add 00e0bb 3Com_phone______________ WriteTerm: iscsi target port 860 address 0.0.0.0 WriteTerm: iscsi target port 3260 address 0.0.0.0 WriteTerm: interface vlan 200 WriteTerm: ip address 10.10.111.2 255.255.255.0 WriteTerm: exit WriteTerm: ip default-gateway 10.10.111.1 WriteTerm: hostname dsw1-cc ip ssh server : WriteTerm: snmp-server community Dell_Network_Manager rw view DefaultSuper WriteTerm: clock timezone -4 WriteTerm: clock summer-time recurring usa WriteTerm: sntp client enable vlan 200 WriteTerm: clock source sntp WriteTerm: sntp server 209.150.96.19 poll WriteTerm: WriteTerm: WriteTerm: WriteTerm: WriteTerm: WriteTerm: WriteTerm: Default settings: WriteTerm: Service tag: 9QJQFH1 WriteTerm: WriteTerm: SW version 2.0.0.35 (date 27-Jan-2009 time 18:13:34) WriteTerm: WriteTerm: Gigabit Ethernet Ports WriteTerm: ============================= WriteTerm: no shutdown WriteTerm: speed 1000 duplex full : WriteTerm: negotiation WriteTerm: flow-control off WriteTerm: mdix auto WriteTerm: no back-pressure WriteTerm: WriteTerm: interface vlan 1 WriteTerm: interface port-channel 1 - 8 WriteTerm: WriteTerm: spanning-tree WriteTerm: spanning-tree mode STP WriteTerm: WriteTerm: qos basic WriteTerm: qos trust cos WriteTerm: dsw1-cc#exitConnection to 10.10.111.2 closed by foreign host. Done : found_end = 1, clean_run = 0 10.10.111.2: End of run not found end rancid at staff$ The following routers have not been successfully contacted for more than 4 hours. -rw-r----- 1 rancid netadm 0 Jun 22 23:54 10.10.111.2 john heasley wrote: > Wed, Jun 23, 2010 at 12:17:42PM -0400, Willie Bollinger: >> This is what it outputs >> >> >> $ ./drancid -dl 10.10.111.2 >>>> executing dlogin -t 90 -c"show version;show vlan;show running-config" >> 10.10.111.2 >> executing dlogin -t 90 -c"show version;show vlan;show running-config" >> 10.10.111.2 >> opened network stream from 10.10.111.2 if (1) at ./drancid line 272. >> sh: dlogin: not found > > you need to fix that; fix your path so that it includes the directory > where dlogin is. > >> Done : >> 10.10.111.2: missed cmd(s): show version,show running-config,show vlan >> found_end = 0, clean_run = 0 >> 10.10.111.2: End of run not found >> ! >> $ > > >> >> >> john heasley wrote: >>> Wed, Jun 23, 2010 at 12:01:54PM -0400, Willie Bollinger: >>>> I exported it and then sent another email with the output but im not >>>> sure of the exact syntax of the rancid command >>> I didnt receive/see the mail. >>> >>> i think the dell script is called drancid. if so, drancid -dl 10.10.111.2 >>>> john heasley wrote: >>>>> Wed, Jun 23, 2010 at 12:55:04AM -0400, Willie Bollinger: >>>>>> Where do I set NOPIPE=YES at? >>>>> in your shell environment; you also need to export it, in case you >>>>> didnt know that. >>>>> >>>>>> john heasley wrote: >>>>>>> Wed, Jun 23, 2010 at 12:47:37AM -0400, Willie Bollinger: >>>>>>>> From what I can see the script does a show version, show >>>>>>>> vlan, and show running-config and all of these work properly >>>>>>>> when I telnet into the switch and run them manually. >>>>>>> set NOPIPE=YES and use the rancid script with -d (hopefully the author >>>>>>> maintained that) so that you get a .raw file and log of commands >>>>>>> recognized. >>>>>>> >>>>>>>> Corey Chandler wrote: >>>>>>>>> On Jun 22, 2010, at 9:26 PM, Willie Bollinger wrote: >>>>>>>>> >>>>>>>>>> rancid at staff$ ./dlogin -autoenable -c "show run" -f ../.cloginrc 10.10.111.2 >>>>>>>>>> 10.10.111.2 >>>>>>>>>> spawn telnet 10.10.111.2 >>>>>>>>>> Trying 10.10.111.2... >>>>>>>>>> Connected to 10.10.111.2. >>>>>>>>>> Escape character is '^]'. >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> User Name:rancid >>>>>>>>>> Password:******* >>>>>>>>>> >>>>>>>>>> dsw1-cc# >>>>>>>>>> dsw1-cc# show run >>>>>>>>>> port jumbo-frame >>>>>>>>>> interface ethernet g48 >>>>>>>>>> switchport mode trunk >>>>>>>>>> exit >>>>>>>>>> vlan database >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> Any input would be appreciated >>>>>>>>> I assume this works when you telnet in and run these >>>>>>>>> commands. What you might end up doing is running a packet >>>>>>>>> capture via wireshark / tcpdump, and compare doing it by >>>>>>>>> hand to your clogin command; it may be an improper newline >>>>>>>>> or something simple like that. >>>>>>>>> >>>>>>>> -- >>>>>>>> -------------------------------------------------------------------------- >>>>>>>> Willie Bollinger | Quantum Internet and Telecommunications >>>>>>>> 410-239-6920 | 2975B Manchester Rd., Manchester, MD 21102 >>>>>>>> -------------------------------------------------------------------------- >>>>>>>> _______________________________________________ >>>>>>>> Rancid-discuss mailing list >>>>>>>> Rancid-discuss at shrubbery.net >>>>>>>> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss >>>>>> -- >>>>>> -------------------------------------------------------------------------- >>>>>> Willie Bollinger | Quantum Internet and Telecommunications >>>>>> 410-239-6920 | 2975B Manchester Rd., Manchester, MD 21102 >>>>>> -------------------------------------------------------------------------- >>>> -- >>>> -------------------------------------------------------------------------- >>>> Willie Bollinger | Quantum Internet and Telecommunications >>>> 410-239-6920 | 2975B Manchester Rd., Manchester, MD 21102 >>>> -------------------------------------------------------------------------- >> -- >> -------------------------------------------------------------------------- >> Willie Bollinger | Quantum Internet and Telecommunications >> 410-239-6920 | 2975B Manchester Rd., Manchester, MD 21102 >> -------------------------------------------------------------------------- -- -------------------------------------------------------------------------- Willie Bollinger | Quantum Internet and Telecommunications 410-239-6920 | 2975B Manchester Rd., Manchester, MD 21102 -------------------------------------------------------------------------- From sylvain74230 at yahoo.fr Thu Jun 24 09:43:16 2010 From: sylvain74230 at yahoo.fr (Sylvain 74) Date: Thu, 24 Jun 2010 09:43:16 +0000 (GMT) Subject: [rancid] Re: SSH issues "couldn't compile regular expression pattern: parentheses () not balanced" In-Reply-To: <4C219728.8040606@chalmers.se> Message-ID: <454488.97260.qm@web28515.mail.ukl.yahoo.com> Hi, --- En date de?: Mer 23.6.10, Per-Olof Olsson a ?crit?: > De: Per-Olof Olsson > Objet: Re: [rancid] SSH issues "couldn't compile regular expression pattern: parentheses () not balanced" > ?: "Sylvain 74" > Cc: "rancid-discuss at shrubbery.net" > Date: Mercredi 23 juin 2010, 7h10 > Hi > > > Missing hpuifilter in hlogin 2.3.3 for ssh. > > > retval [ catch {eval spawn [split "$cmd -c $cyphertype > -x -l $user $router" { }]} reason ] > --- > >? ? ? ? ???set > retval [ catch {eval spawn hpuifilter -- [split "$cmd -c > $cyphertype -x -l $user $router" { }]} reason ] > > > more info from old subject/case > "[rancid] Re: Rancid stopped working for my HP switches" > from 04/03/2010 > Following this case I downloaded heas's patched version (threaded on Apr 8, 2010) and I applyed patches you suggest in the last thread. It seems to works perfectly now. Thanks a lot ! s. > > > Sylvain 74 wrote: > > Hi everyone, > > > > I can't connect to my HP Procurve 2625 nor 2524 using > SSH. Telnet is ok as you can see : > > > > ----------------------TELNET CONNEXION > OK------------------ > > [rancid at erf ~]$ bin/hlogin -f .cloginrc -c "sh > version" lapphpsw27 > > lapphpsw27 > > spawn hpuifilter -- telnet lapphpsw27 > > Trying 134.xxx.xxx.xx... > > Connected to lapphpsw27.xxxxx.xx (134.xxx.xxx.xx). > > Escape character is '^]'. > > ProCurve J4900B Switch 2626 > > Software revision H.10.50 > > > > Copyright (C) 1991-2007 Hewlett-Packard Co.? All > Rights Reserved. > > > >? ? ? ? ? ? ? ? > ? ? ? ? ? ? RESTRICTED RIGHTS > LEGEND > > > >? Use, duplication, or disclosure by the > Government is subject to restrictions > >? as set forth in subdivision (b) (3) (ii) of the > Rights in Technical Data and > >? Computer Software clause at 52.227-7013. > > > >? ? ? ? ? HEWLETT-PACKARD > COMPANY, 3000 Hanover St., Palo Alto, CA 94303 > > > > Press any key to continueUsername: manager > > Password: > > hpsh27# > > hpsh27# no page > > hpsh27#? sh version > > Image stamp:? ? /sw/code/build/fish(mkfs) > >? ? ? ? ? ? ? > ???Oct? 9 2007 15:00:51 > >? ? ? ? ? ? ? > ???H.10.50 > >? ? ? ? ? ? ? > ???359 > > Boot Image:? ???Primary > > hpsh27#exit > > hpsh27> exit > > Do you want to log out [y/n]? y > > > > Connection closed by foreign host. > > > ----------------------------------------------------------- > > > > When I run the same command using "add method ssh" in > config file : > > > > -------------------SSH CONNEXION > FAILED-------------------- > > [rancid at erf ~]$ bin/hlogin -f .cloginrc -c "sh > version" lapphpsw27? ? ? ? ? ? > ? ? ? ? ? ? ? ? > ? ? ? ? ? ? ? ? > ? ? ? ? ? ? ? ? > ? ? ??? > > lapphpsw27 > > spawn ssh -c 3des -x -l manager lapphpsw27 > > manager at lapphpsw27's password: > > ProCurve J4900B Switch 2626 > > Software revision H.10.50 > > > > Copyright (C) 1991-2007 Hewlett-Packard Co.? All > Rights Reserved. > > > >? ? ? ? ? ? ? ? > ? ? ? ? ? ? RESTRICTED RIGHTS > LEGEND > > > >? Use, duplication, or disclosure by the > Government is subject to restrictions > >? as set forth in subdivision (b) (3) (ii) of the > Rights in Technical Data and > >? Computer Software clause at 52.227-7013. > > > >? ? ? ? ? HEWLETT-PACKARD > COMPANY, 3000 Hanover St., Palo Alto, CA 94303 > > > > > > Press any key to continue > > > > hpsh27# > > hpsh27# couldn't compile regular expression pattern: > parentheses () not balanced > >? ???while executing > > [^#>\r\n]+)?[#>](\([^)\r\n]+\))?} {} -re {[ > > ]+} { exp_continue }" > >? ???invoked from within > > "expect { > >? ? ? ???-re > $reprompt???{} > >? ? ? ???-re > "\[\n\r]+"? { exp_continue } > >? ???}" > >? ???(procedure "run_commands" line > 9) > >? ???invoked from within > > "run_commands $prompt $command" > >? ???("foreach" body line 148) > >? ???invoked from within > > "foreach router [lrange $argv $i end] { > >? ???set router [string tolower > $router] > >? ???send_user "$router\n" > > > >? ???# device timeout > >? ???set timeout [find t..." > >? ???(file "bin/hlogin" line 594) > > [rancid at erf ~]$ > > > ----------------------------------------------------------- > > > > My .cloginrc file : > > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > > add user lapphpsw27? ???{xxxxx} > > add password lapphpsw27 {xxxx} {xxxx} > > add method lapphpsw27???ssh > > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > > > > > > The problem seems to be localised line 505 in hlogin > : > > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > >? ???# Turn off the pager and > escape regex meta characters in the $prompt > >? ???send "no page\r" > >? ???regsub -all {[)(]} $prompt > {\\&} reprompt > > ->? regsub -all {^(.{1,11}).*([#>])$} > $reprompt {\1([^#>\r\n]+)?[#>](\\([^)\\r\\n]+\\))?} > reprompt > >? ???expect { > >? ? ? ???-re > $reprompt???{} > >? ? ? ???-re > "\[\n\r]+"? { exp_continue } > >? ???} > > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > > > > If I replace this line by > > ->? regsub -all {^(.{1,11}).*([#>])$} > $reprompt {\1] reprompt > > then SSH seems to be ok but it closes strangely : > > > > ----------------SSH WITH LINE 505 MODIFIED----------- > > [rancid at erf ~]$ bin/hlogin -f .cloginrc -c "sh > version" lapphpsw27 > > lapphpsw27 > > spawn ssh -c 3des -x -l manager lapphpsw27 > > manager at lapphpsw27's password: > > ProCurve J4900B Switch 2626 > > Software revision H.10.50 > > > > Copyright (C) 1991-2007 Hewlett-Packard Co.? All > Rights Reserved. > > > >? ? ? ? ? ? ? ? > ? ? ? ? ? ? RESTRICTED RIGHTS > LEGEND > > > >? Use, duplication, or disclosure by the > Government is subject to restrictions > >? as set forth in subdivision (b) (3) (ii) of the > Rights in Technical Data and > >? Computer Software clause at 52.227-7013. > > > >? ? ? ? ? HEWLETT-PACKARD > COMPANY, 3000 Hanover St., Palo Alto, CA 94303 > > > > > > Press any key to continue > > > > > > hpsh27# no page > > hpsh27# sh version > > Image stamp:? ? /sw/code/build/fish(mkfs) > >? ? ? ? ? ? ? > ???Oct? 9 2007 15:00:51 > >? ? ? ? ? ? ? > ???H.10.50 > >? ? ? ? ? ? ? > ???359 > > Boot Image:? ???Primary > > hpsh27# [xit9He > > hpsh27> exit > > Do you want to log out [y/n]? y > > > ------------------------------------------------------------ > > > > As you can see the "exit" before logout is messed up. > > I would love to correct this line in hlogin (line > 505), but I fear I'm not able to do that. > > > > Rancid v2.3.3 > > Expect v5.42.1 > > SSH is ok when I log in manually on my HP switches. > > The error message is exactly the same when using > clogin with HP switches. > > I don't have any problem when I connect to cisco > switches using clogin and SSH. > > > > Any suggestion ? > > > > > > sylvain; > > > > > > PS : Thanks all for your job, this soft is simply > awesome ! > > > > > >? ? ??? > > _______________________________________________ > > Rancid-discuss mailing list > > Rancid-discuss at shrubbery.net > > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > > > /Peo > ---------------------------------------------------------- > Per-Olof Olsson? ? ? ? ? ? > ???Email: peo at chalmers.se > Chalmers tekniska h?gskola? ? IT-service > H?rsalsv?gen 5? ? ? ? ? ? > ? ? 412 96 G?teborg > Tel: 031/772 6738? Fax: 031/772 8660 > ---------------------------------------------------------- > From sylvain74230 at yahoo.fr Thu Jun 24 18:00:43 2010 From: sylvain74230 at yahoo.fr (Sylvain 74) Date: Thu, 24 Jun 2010 18:00:43 +0000 (GMT) Subject: [rancid] Extreme Networks x650 Login timeout solved issue Message-ID: <983254.83401.qm@web28502.mail.ukl.yahoo.com> Hi all, I had the following error using clogin provided with Rancid 2.3.3 to connect to my Extreme Network x650 (XOS 12.3.3.6.xxx) : ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ [rancid at cpt ~]$ bin/clogin. -f .cloginrc -c "show configuration" lapgensw0 lapgensw0 spawn ssh -c 3des -x -l manager lapgensw0 Keyboard-interactive authentication Enter password for manager: Error: TIMEOUT reached [rancid at cpt ~]$ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ I had to modify clogin and now it's ok : [rancid at cpt bin]$ diff clogin clogin.new 818c818 < set p_prompt "(\[Pp]assword|passwd):" --- > set p_prompt "(\[Pp]assword|passwd|Enter password for .+):" Please note that 'manager' in the password prompt is my login. Hope it can help. sylvain From rancid at ale.cx Thu Jun 24 20:09:05 2010 From: rancid at ale.cx (Alex DEKKER) Date: Thu, 24 Jun 2010 21:09:05 +0100 Subject: [rancid] Re: rancid irc channel? In-Reply-To: References: Message-ID: <201006242109.05964.rancid@ale.cx> On Wednesday 23 June 2010 02:58:26 A J wrote: > Is there a rancid irc channel? If there isn't a #rancid on freenode.net,#juniper, #cisco and #netdisco are likely to contain people who use RANCID. alexd From paleola at gmail.com Fri Jun 25 07:27:12 2010 From: paleola at gmail.com (Aleksey P) Date: Fri, 25 Jun 2010 11:27:12 +0400 Subject: [rancid] Re: Not working rancid with Cisco without enable. In-Reply-To: <20100622231108.GA4817@shrubbery.net> References: <20100609213506.GO4014@shrubbery.net> <20100611164836.GG14129@shrubbery.net> <20100615182039.GD27773@shrubbery.net> <4C1C7D4C.80209@chalmers.se> <20100619180525.GB812@shrubbery.net> <20100622231108.GA4817@shrubbery.net> Message-ID: Good day. When version 2.3.4 will be? On Wed, Jun 23, 2010 at 3:11 AM, john heasley wrote: > > Sorry, Per-Olof; you are correct. I was looking at a local change. I'll > include this '>' prompt handling change with 2.3.4. > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20100625/4c0e7660/attachment.html From sylvain74230 at yahoo.fr Fri Jun 25 08:24:01 2010 From: sylvain74230 at yahoo.fr (Sylvain 74) Date: Fri, 25 Jun 2010 08:24:01 +0000 (GMT) Subject: [rancid] Re: Extreme Networks x650 Login timeout solved issue In-Reply-To: <20100624191330.GG3624@shrubbery.net> Message-ID: <402410.55647.qm@web28504.mail.ukl.yahoo.com> --- En date de?: Jeu 24.6.10, john heasley a ?crit?: > De: john heasley > Objet: Re: [rancid] Extreme Networks x650 Login timeout solved issue > ?: "Sylvain 74" > Cc: "john heasley" > Date: Jeudi 24 juin 2010, 21h13 > Thu, Jun 24, 2010 at 06:00:43PM > +0000, Sylvain 74: > > Hi all, > > > > I had the following error using clogin provided with > Rancid 2.3.3 to connect to my Extreme Network x650 (XOS > 12.3.3.6.xxx) : > > > > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > > [rancid at cpt ~]$ bin/clogin. -f .cloginrc -c "show > configuration" lapgensw0? ? ? ? ? > ? ? ? ? ? ? ? ? > ? ? ? > > lapgensw0 > > spawn ssh -c 3des -x -l manager lapgensw0 > > > > Keyboard-interactive authentication > > Enter password for manager: > > Error: TIMEOUT reached > > [rancid at cpt ~]$ > > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > > > > > > I had to modify clogin and now it's ok : > > [rancid at cpt bin]$ diff clogin clogin.new > > 818c818 > > "(\[Pp]assword|passwd):" > > --- > > >? ? ???set p_prompt > "(\[Pp]assword|passwd|Enter password for .+):" > > > > Please note that 'manager' in the password prompt is > my login. > > what is the .+ for?? a username?? should match > that more specifically, Yes it is a username. > something like \[^ :]+ would do it, i think.? would > you test that? > It works as expected : [rancid at cpt bin]$ diff clogin clogin.new 818c818 < set p_prompt "(\[Pp]assword|passwd):" --- > set p_prompt "(\[Pp]assword|passwd|Enter password for \[^ :]+):" Cheers. s. > > Hope it can help. > > > > sylvain > > > > > >? ? ??? > > _______________________________________________ > > Rancid-discuss mailing list > > Rancid-discuss at shrubbery.net > > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > From jim.buchele at us.army.mil Thu Jun 24 23:50:32 2010 From: jim.buchele at us.army.mil (Buchele, Jim Mr CTR USA USA) Date: Thu, 24 Jun 2010 19:50:32 -0400 Subject: [rancid] Alteon 184 In-Reply-To: <20100322223323.GM25670@shrubbery.net> Message-ID: <8m73dl$5675u3@mxoutdr1.us.army.mil> Heas Et All, After following shrubbery.net/pipermail/rancid-discuss/2009-July/004094.html, I'm still coming up at a loss troubleshooting RANCID against an Alteon loadbalancer. I'm running Solaris 10, I've installed the expect2 hack. After forcing ssh v1, I've managed to successfully login to the unit with alogin, and confirmed that alogin passes commands to the unit, and gets output. At this point, in my /var/logs I'm seeing: lb1.foo.com: missed cmd(s): /info/sys,/cfg/dump lb1.foo.com: End of run not found Here's where I am: === [Force SSH v1] === I created a config file in my .ssh directory: [ranciduser at myserver /rancid/bin]$cat /home/ranciduser/.ssh/config Host lb1.foo.com Protocol 1 === [.cloginrc] === [ranciduser at myserver /rancid/bin]$cat /home/ranciduser/.cloginrc # Alteon 184 add user lb1* admin add userpassword lb1* my_password add password lb1* my_password add autoenable lb1* 1 add method lb1* ssh ===[Pass command to Alteon via RANCID]=== [ranciduser at myserver /rancid/bin]$./alogin -c '/info/slb/dump' lb1.foo.com lb1.foo.com spawn ssh -c 3des -x -l admin lb1.foo.com sh: /usr/local/bin/stty: not found admin at lb1.foo.com's password: System Information at 23:02:04 Thu Jun 24, 2010 Alteon 184 sysName: lb1.foo sysLocation: Alpha_Site Switch is up 131 days, 14 hours, 2 minutes and 18 seconds. Last boot: 9:02:02 Sat Feb 13, 2010 (power cycle) MAC address: 00:04:38:ea:8d:71 IP (If 1) address: 192.168.10.11 Hardware Revision: B Hardware Part No: 200009E05 Software Version 10.1.1.1 (FLASH image2), active configuration. Authorized use only! Go Away! ------------------------------------------------------------ [Main Menu] info - Information Menu stats - Statistics Menu cfg - Configuration Menu oper - Operations Command Menu boot - Boot Options Menu maint - Maintenance Menu diff - Show pending config changes [global command] apply - Apply pending config changes [global command] save - Save updated config to FLASH [global command] revert - Revert pending or applied changes [global command] exit - Exit [global command, always available] >> lb1.foo - Main# lines 0 Lines-per-screen changed from 24 to 0 >> lb1.foo - Main# /info/slb/dump Real server state: 20: web01.foo.com, 00:15:17:ab:c4:2e, vlan 10 port 3, health 4, up 21: web02.foo.com, 00:00:00:00:00:00, vlan 0, port 0, health 4, FAILED 22: web03.foo.com, 00:00:00:00:00:00, vlan 0, port 0, health 4, FAILED 23: web04.foo.com, 00:15:17:a8:00:6a, vlan 10, port 3, health 4, up 24: web05.foo.com, 00:15:17:b2:11:c6, vlan 10, port 3, health 4, up Virtual server state: 10: 192.168.9.4, 00:00:5e:00:01:0a, dname www.foo.com virtual ports: 80: rport 80, group 1, www-internal, backup none, script2 real servers: 20: web01.foo.com, backup none, 0 ms, group ena, PASS 21: web02.foo.com, backup none, 0 ms, group ena, FAILED 11: 192.168.9.4, 00:00:5e:00:01:0a, dname www.foo.com virtual ports: 21: rport 80, group 1, www-internal, backup none, script2 real servers: 22: web03.foo.com, backup none, 0 ms, group ena, FAILED 23: web04.foo.com, backup none, 0 ms, group ena, PASS Redirect filter state: Port state: 1: 192.168.35.1, client 2: 192.168.35.2, proxy, client, server 3: 192.168.35.3, proxy, client, server 4: 192.168.35.4 5: 192.168.35.5, client, server 6: 192.168.35.6 7: 192.168.35.7 8: 192.168.35.8 9: 0.0.0.0 >> lb1.foo - Server Load Balancing Information# exit Session terminated at 23:02:05 Thu Jun 24, 2010. Connection to lb1.foo.com closed by remote host. Connection to lb1.foo.com closed. [ranciduser at myserver /rancid/bin]$ ===[Test RANCID Comands]=== [ranciduser at myserver /rancid/bin]$./rancid -d lb1.foo.com executing clogin -t 90 -c"admin show version;show version;show redundancy secondary;show idprom backplane;show install active;admin show env all;show env all;show rsp chassis-info;show gsr chassis;show diag chassis-info;show boot;show bootvar;admin show variables boot;show variables boot;show flash;dir /all nvram:;dir /all bootflash:;dir /all slot0:;dir /all disk0:;dir /all slot1:;dir /all disk1:;dir /all slot2:;dir /all disk2:;dir /all harddisk:;dir /all harddiska:;dir /all harddiskb:;dir /all sup-bootflash:;dir /all sup-microcode:;dir /all slavenvram:;dir /all slavebootflash:;dir /all slaveslot0:;dir /all slavedisk0:;dir /all slaveslot1:;dir /all slavedisk1:;dir /all slaveslot2:;dir /all slavedisk2:;dir /all slavesup-bootflash:;dir /all sec-nvram:;dir /all sec-bootflash:;dir /all sec-slot0:;dir /all sec-disk0:;dir /all sec-slot1:;dir /all sec-disk1:;dir /all sec-slot2:;dir /all sec-disk2:;show controllers;show controllers cbus;show diagbus;admin show diag;show diag;show module;show spe version;show c7200;show inventory raw;show vtp status;show vlan;show vlan-switch;show debug;more system:running-config;show running-config;write term" lb1.foo.com sh: clogin: not found lb1.foo.com: missed cmd(s): admin show diag,dir /all slavedisk2:,show rsp chassis-info,dir /all sec-slot2:,show diag,dir /all disk1:,show gsr chassis,dir /all sec-nvram:,show diag chassis-info,dir /all disk2:,dir /all sec-bootflash:,show spe version,dir /all slaveslot2:,dir /all disk0:,show install active,show bootvar,dir /all slaveslot0:,dir /all sec-slot1:,dir /all harddiska:,dir /all slavenvram:,show flash,dir /all sec-disk2:,dir /all slavesup-bootflash:,dir /all sec-disk0:,dir /all harddiskb:,show variables boot,show boot,show inventory raw,dir /all slavedisk1:,show env all,show module,admin show env all,show controllers,admin show version,show diagbus,more system:running-config,dir /all slavedisk0:,show debug,show idprom backplane,dir /all bootflash:,dir /all sec-slot0:,dir /all sec-disk1:,write term,show vtp status,dir /all sup-bootflash:,dir /all slot2:,dir /all harddisk:,dir /all slot0:,dir /all sup-microcode:,show vlan,dir /all slavebootflash:,show controllers cbus,dir /all slaveslot1:,dir /all nvram:,show version,show vlan-switch,admin show variables boot,show redundancy secondary,show running-config,show c7200,dir /all slot1: lb1.foo.com: missed cmd(s): admin show diag,dir /all slavedisk2:,show rsp chassis-info,dir /all sec-slot2:,show diag,dir /all disk1:,show gsr chassis,dir /all sec-nvram:,show diag chassis-info,dir /all disk2:,dir /all sec-bootflash:,show spe version,dir /all slaveslot2:,dir /all disk0:,show install active,show bootvar,dir /all slaveslot0:,dir /all sec-slot1:,dir /all harddiska:,dir /all slavenvram:,show flash,dir /all sec-disk2:,dir /all slavesup-bootflash:,dir /all sec-disk0:,dir /all harddiskb:,show variables boot,show boot,show inventory raw,dir /all slavedisk1:,show env all,show module,admin show env all,show controllers,admin show version,show diagbus,more system:running-config,dir /all slavedisk0:,show debug,show idprom backplane,dir /all bootflash:,dir /all sec-slot0:,dir /all sec-disk1:,write term,show vtp status,dir /all sup-bootflash:,dir /all slot2:,dir /all harddisk:,dir /all slot0:,dir /all sup-microcode:,show vlan,dir /all slavebootflash:,show controllers cbus,dir /all slaveslot1:,dir /all nvram:,show version,show vlan-switch,admin show variables boot,show redundancy secondary,show running-config,show c7200,dir /all slot1: lb1.foo.com: End of run not found lb1.foo.com: End of run not found ! [ranciduser at myserver /rancid/bin]$ ===[View Output]=== [ranciduser at myserver/rancid/bin]$cat lb1.foo.com.new !RANCID-CONTENT-TYPE: cisco ! ! ! ! ! [ranciduser at myserver/rancid/bin]$ From smainklh at free.fr Mon Jun 28 20:09:50 2010 From: smainklh at free.fr (=?ISO-8859-1?Q?Sma=EFne?= Kahlouch) Date: Mon, 28 Jun 2010 22:09:50 +0200 Subject: [rancid] Rancid & Fortinet issue Message-ID: <1277755790.14163.2.camel@mazhost> Hi everyone, I just finished to install Rancid, everything works fine with CISCO equipments but i still have some issue for backing up my Fortigate firewalls. I've seen these patches and wanted to know if it could be applied to the current version 2.3.3 http://www.shrubbery.net/pipermail/rancid-discuss/2009-June/004005.html I have the same problem as describe here What should i change to solve my problem ? My prompt is like "FGT[model][s/n] # " Thanks for your help, Regards, Sma?ne -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20100628/e263252c/attachment.html From devon at noved.org Tue Jun 29 15:55:23 2010 From: devon at noved.org (Devon True) Date: Tue, 29 Jun 2010 11:55:23 -0400 Subject: [rancid] Re: Rancid & Fortinet issue In-Reply-To: <1277755790.14163.2.camel@mazhost> References: <1277755790.14163.2.camel@mazhost> Message-ID: <4C2A176B.1040307@noved.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 6/28/2010 4:09 PM, Sma?ne Kahlouch wrote: > Hi everyone, > > I just finished to install Rancid, everything works fine with CISCO > equipments but i still have some issue for backing up my Fortigate > firewalls. > > I've seen these patches and wanted to know if it could be applied to the > current version 2.3.3 > http://www.shrubbery.net/pipermail/rancid-discuss/2009-June/004005.html > > I have the same problem as describe here > > What should i change to solve my problem ? My prompt is like > "FGT[model][s/n] # " Attached are the fnrancid.diff and ftlogin.diff I wrote to backup Fortigate devices. I did not try the patches you link; I opted to troubleshoot and write my own. I basically copied the nlogin script included in the rancid tarball to ftlogin and then applied the attached diff. I also patched fnrancid included with rancid. Some of the modifications may not be necessary and thanks for John Heasley for some behind-the-scenes advice. These modifications work for me running a mixture of v3 and v4 FortiOS on several devices. - -- Devon -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.12 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkwqF2sACgkQWP2WrBTHBS/8PgCgyPZkEbXveBiASIAQVsyqjeux m48AoKbsTHFmOX/U7Sq2e51VWSo/AfGs =ld8H -----END PGP SIGNATURE----- -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: fnrancid.diff Url: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20100629/69f5a066/attachment.ksh -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: ftlogin.diff Url: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20100629/69f5a066/attachment-0001.ksh From smainklh at free.fr Tue Jun 29 17:53:56 2010 From: smainklh at free.fr (=?ISO-8859-1?Q?Sma=EFne?= Kahlouch) Date: Tue, 29 Jun 2010 19:53:56 +0200 Subject: [rancid] Re: Rancid & Fortinet issue In-Reply-To: <4C2A176B.1040307@noved.org> References: <1277755790.14163.2.camel@mazhost> <4C2A176B.1040307@noved.org> Message-ID: <1277834036.10352.12.camel@mazhost> Hi Devon, Thanks a lot for your help. Is that work for rancid-2.3.3 ? I just tried that but it doesn't work for me. Here is what i did, maybe i'm mistaken : # cp nlogin ftlogin # patch -p1 < /home/ipoc/ftlogin.diff missing header for unified diff at line 3 of patch can't find file to patch at input line 3 Perhaps you used the wrong -p or --strip option? The text leading up to this was: -------------------------- |--- nlogin 2010-06-16 14:36:18.000000000 +0000 |+++ ftlogin 2010-06-17 17:28:20.000000000 +0000 -------------------------- File to patch: /usr/lib/rancid/bin/ftlogin patching file /usr/lib/rancid/bin/ftlogin Hunk #2 FAILED at 448. Hunk #3 FAILED at 488. patch unexpectedly ends in middle of line Hunk #4 FAILED at 563. 3 out of 4 hunks FAILED -- saving rejects to file /usr/lib/rancid/bin/ftlogin.rej # cat /usr/lib/rancid/bin/ftlogin.rej *************** *** 445,451 **** expect { -re "\[\n\r]+" { exp_continue } -re "$prompt" {} - -gl "--- more ---" { send " " exp_continue } } --- 448,454 ---- expect { -re "\[\n\r]+" { exp_continue } -re "$prompt" {} + -gl "--More-- " { send " " exp_continue } } *************** *** 485,491 **** set timeout $timeoutdflt } - set prompt {-> } # Figure out passwords if { $do_passwd || $do_enapasswd } { --- 488,494 ---- set timeout $timeoutdflt } + set prompt {# } # Figure out passwords if { $do_passwd || $do_enapasswd } { *************** *** 560,566 **** continue } } elseif { $do_script } { - send "set console page 0\r" expect -re $prompt {} source $sfile --- 563,572 ---- continue } } elseif { $do_script } { + #send "set console page 0\r" + send "config system console\r" + send "set output standard\r" + send "end\r" expect -re $prompt {} source $sfile -------- Message initial -------- De: Devon True ?: Sma?ne Kahlouch Cc: rancid-discuss at shrubbery.net Sujet: Re: [rancid] Rancid & Fortinet issue Date: Tue, 29 Jun 2010 11:55:23 -0400 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 6/28/2010 4:09 PM, Sma?ne Kahlouch wrote: > Hi everyone, > > I just finished to install Rancid, everything works fine with CISCO > equipments but i still have some issue for backing up my Fortigate > firewalls. > > I've seen these patches and wanted to know if it could be applied to the > current version 2.3.3 > http://www.shrubbery.net/pipermail/rancid-discuss/2009-June/004005.html > > I have the same problem as describe here > > What should i change to solve my problem ? My prompt is like > "FGT[model][s/n] # " Attached are the fnrancid.diff and ftlogin.diff I wrote to backup Fortigate devices. I did not try the patches you link; I opted to troubleshoot and write my own. I basically copied the nlogin script included in the rancid tarball to ftlogin and then applied the attached diff. I also patched fnrancid included with rancid. Some of the modifications may not be necessary and thanks for John Heasley for some behind-the-scenes advice. These modifications work for me running a mixture of v3 and v4 FortiOS on several devices. - -- Devon -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.12 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkwqF2sACgkQWP2WrBTHBS/8PgCgyPZkEbXveBiASIAQVsyqjeux m48AoKbsTHFmOX/U7Sq2e51VWSo/AfGs =ld8H -----END PGP SIGNATURE----- From smainklh at free.fr Tue Jun 29 18:15:40 2010 From: smainklh at free.fr (=?ISO-8859-1?Q?Sma=EFne?= Kahlouch) Date: Tue, 29 Jun 2010 20:15:40 +0200 Subject: [rancid] Re: Rancid & Fortinet issue In-Reply-To: <1277834036.10352.12.camel@mazhost> References: <1277755790.14163.2.camel@mazhost> <4C2A176B.1040307@noved.org> <1277834036.10352.12.camel@mazhost> Message-ID: <1277835340.10352.14.camel@mazhost> Don't worry i'll modify it by hand. Thanks again -------- Message initial -------- De: Sma?ne Kahlouch ?: Devon True Cc: rancid-discuss at shrubbery.net Sujet: [rancid] Re: Rancid & Fortinet issue Date: Tue, 29 Jun 2010 19:53:56 +0200 Hi Devon, Thanks a lot for your help. Is that work for rancid-2.3.3 ? I just tried that but it doesn't work for me. Here is what i did, maybe i'm mistaken : # cp nlogin ftlogin # patch -p1 < /home/ipoc/ftlogin.diff missing header for unified diff at line 3 of patch can't find file to patch at input line 3 Perhaps you used the wrong -p or --strip option? The text leading up to this was: -------------------------- |--- nlogin 2010-06-16 14:36:18.000000000 +0000 |+++ ftlogin 2010-06-17 17:28:20.000000000 +0000 -------------------------- File to patch: /usr/lib/rancid/bin/ftlogin patching file /usr/lib/rancid/bin/ftlogin Hunk #2 FAILED at 448. Hunk #3 FAILED at 488. patch unexpectedly ends in middle of line Hunk #4 FAILED at 563. 3 out of 4 hunks FAILED -- saving rejects to file /usr/lib/rancid/bin/ftlogin.rej # cat /usr/lib/rancid/bin/ftlogin.rej *************** *** 445,451 **** expect { -re "\[\n\r]+" { exp_continue } -re "$prompt" {} - -gl "--- more ---" { send " " exp_continue } } --- 448,454 ---- expect { -re "\[\n\r]+" { exp_continue } -re "$prompt" {} + -gl "--More-- " { send " " exp_continue } } *************** *** 485,491 **** set timeout $timeoutdflt } - set prompt {-> } # Figure out passwords if { $do_passwd || $do_enapasswd } { --- 488,494 ---- set timeout $timeoutdflt } + set prompt {# } # Figure out passwords if { $do_passwd || $do_enapasswd } { *************** *** 560,566 **** continue } } elseif { $do_script } { - send "set console page 0\r" expect -re $prompt {} source $sfile --- 563,572 ---- continue } } elseif { $do_script } { + #send "set console page 0\r" + send "config system console\r" + send "set output standard\r" + send "end\r" expect -re $prompt {} source $sfile -------- Message initial -------- De: Devon True ?: Sma?ne Kahlouch Cc: rancid-discuss at shrubbery.net Sujet: Re: [rancid] Rancid & Fortinet issue Date: Tue, 29 Jun 2010 11:55:23 -0400 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 6/28/2010 4:09 PM, Sma?ne Kahlouch wrote: > Hi everyone, > > I just finished to install Rancid, everything works fine with CISCO > equipments but i still have some issue for backing up my Fortigate > firewalls. > > I've seen these patches and wanted to know if it could be applied to the > current version 2.3.3 > http://www.shrubbery.net/pipermail/rancid-discuss/2009-June/004005.html > > I have the same problem as describe here > > What should i change to solve my problem ? My prompt is like > "FGT[model][s/n] # " Attached are the fnrancid.diff and ftlogin.diff I wrote to backup Fortigate devices. I did not try the patches you link; I opted to troubleshoot and write my own. I basically copied the nlogin script included in the rancid tarball to ftlogin and then applied the attached diff. I also patched fnrancid included with rancid. Some of the modifications may not be necessary and thanks for John Heasley for some behind-the-scenes advice. These modifications work for me running a mixture of v3 and v4 FortiOS on several devices. - -- Devon -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.12 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkwqF2sACgkQWP2WrBTHBS/8PgCgyPZkEbXveBiASIAQVsyqjeux m48AoKbsTHFmOX/U7Sq2e51VWSo/AfGs =ld8H -----END PGP SIGNATURE----- _______________________________________________ Rancid-discuss mailing list Rancid-discuss at shrubbery.net http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss From devon at noved.org Tue Jun 29 18:21:39 2010 From: devon at noved.org (Devon True) Date: Tue, 29 Jun 2010 14:21:39 -0400 Subject: [rancid] Re: Rancid & Fortinet issue In-Reply-To: <1277834036.10352.12.camel@mazhost> References: <1277755790.14163.2.camel@mazhost> <4C2A176B.1040307@noved.org> <1277834036.10352.12.camel@mazhost> Message-ID: <4C2A39B3.2090604@noved.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 6/29/2010 1:53 PM, Sma?ne Kahlouch wrote: > Hi Devon, > > Thanks a lot for your help. Is that work for rancid-2.3.3 ? > I just tried that but it doesn't work for me. > Here is what i did, maybe i'm mistaken : > > # cp nlogin ftlogin > # patch -p1 < /home/ipoc/ftlogin.diff > > missing header for unified diff at line 3 of patch > can't find file to patch at input line 3 > Perhaps you used the wrong -p or --strip option? > The text leading up to this was: [snip] It looks like it may be related to the difference in whitespace. $ patch -p1 -l < ftlogin.diff missing header for unified diff at line 3 of patch can't find file to patch at input line 3 Perhaps you used the wrong -p or --strip option? The text leading up to this was: - -------------------------- |--- nlogin 2010-06-16 14:36:18.000000000 +0000 |+++ ftlogin 2010-06-17 17:28:20.000000000 +0000 - -------------------------- File to patch: ftlogin patching file ftlogin A visual inspection of the diff between nlogin and ftlogin looks good. Here is a unified diff based off nlogin that should resolve whitespace issues: - --- nlogin 2010-03-23 19:33:49.000000000 -0400 +++ ftlogin 2010-06-29 14:17:01.000000000 -0400 @@ -435,7 +435,9 @@ global in_proc set in_proc 1 - - send "set console page 0\r" + send "config system console\r" + send "set output standard\r" + send "end\r" expect -re $prompt {} set commands [split $command \;] @@ -445,7 +447,7 @@ expect { -re "\[\n\r]+" { exp_continue } -re "$prompt" {} - - -gl "--- more ---" { send " " + -gl "--More--" { send " " exp_continue } } @@ -485,7 +487,7 @@ set timeout $timeoutdflt } - - set prompt {-> } + set prompt {# } # Figure out passwords if { $do_passwd || $do_enapasswd } { @@ -560,7 +562,9 @@ continue } } elseif { $do_script } { - - send "set console page 0\r" + send "config system console\r" + send "set output standard\r" + send "end\r" expect -re $prompt {} source $sfile catch {close}; - -- Devon -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.12 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkwqObMACgkQWP2WrBTHBS+jGACgvgNIQkwNt4JmDs0nq3mCmcdI WsUAoOIuNctechn30WHWEZnKTYruOzGO =9fYx -----END PGP SIGNATURE----- From smainklh at free.fr Tue Jun 29 18:53:32 2010 From: smainklh at free.fr (=?ISO-8859-1?Q?Sma=EFne?= Kahlouch) Date: Tue, 29 Jun 2010 20:53:32 +0200 Subject: [rancid] Re: Rancid & Fortinet issue In-Reply-To: <4C2A39F1.3050404@noved.org> References: <1277755790.14163.2.camel@mazhost> <4C2A176B.1040307@noved.org> <1277834036.10352.12.camel@mazhost> <1277835340.10352.14.camel@mazhost> <4C2A39F1.3050404@noved.org> Message-ID: <1277837612.10352.17.camel@mazhost> Perfectly, thanks. You roxx :p. Now i have to see if it's possible to make rancid work with bluecoat load balancers and checkpoint firewalls. See you soon -------- Message initial -------- De: Devon True ?: Sma?ne Kahlouch Sujet: Re: [rancid] Re: Rancid & Fortinet issue Date: Tue, 29 Jun 2010 14:22:41 -0400 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 6/29/2010 2:15 PM, Sma?ne Kahlouch wrote: > Don't worry i'll modify it by hand. > Thanks again Oops! I saw this response too late. :) Glad you got it patched. Did the patches fix the issue? - -- Devon -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.12 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkwqOfEACgkQWP2WrBTHBS+pQQCfTubO0mRJYFQ6j9ur2XApK/z4 n+0An26vWM4b3T0s0t6MsDuE8Vsxy7e+ =yOaq -----END PGP SIGNATURE----- From cderemer at phoebe.org Tue Jun 29 19:42:42 2010 From: cderemer at phoebe.org (Christopher DeRemer) Date: Tue, 29 Jun 2010 15:42:42 -0400 Subject: [rancid] Applying Patches Message-ID: <671DC9312DF0CC4D8A7F3ABE978DD5ADE84D5B0B64@MAIL.phoebe.local> Sorry for the newbie questions but after a brief search I didn't find any clear instructions. How do I apply .diff file patches to my Rancid Cheers, Christopher DeRemer, CCENT Network Administrator Phoebe Services 484.619.2168 (Single # Reach) ________________________________ NOTICE: This confidential message/attachment contains information intended for a specific individual(s). Any inappropriate use, distribution or duplication is strictly prohibited. If received in error, notify the sender and immediately delete this transmission. -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20100629/eb82684a/attachment.html From heas at shrubbery.net Wed Jun 30 01:22:59 2010 From: heas at shrubbery.net (john heasley) Date: Tue, 29 Jun 2010 18:22:59 -0700 Subject: [rancid] Re: Rancid & Fortinet issue In-Reply-To: <4C2A176B.1040307@noved.org> References: <1277755790.14163.2.camel@mazhost> <4C2A176B.1040307@noved.org> Message-ID: <20100630012259.GL18387@shrubbery.net> Tue, Jun 29, 2010 at 11:55:23AM -0400, Devon True: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On 6/28/2010 4:09 PM, Sma?ne Kahlouch wrote: > > Hi everyone, > > > > I just finished to install Rancid, everything works fine with CISCO > > equipments but i still have some issue for backing up my Fortigate > > firewalls. > > > > I've seen these patches and wanted to know if it could be applied to the > > current version 2.3.3 > > http://www.shrubbery.net/pipermail/rancid-discuss/2009-June/004005.html > > > > I have the same problem as describe here > > > > What should i change to solve my problem ? My prompt is like > > "FGT[model][s/n] # " > > Attached are the fnrancid.diff and ftlogin.diff I wrote to backup > Fortigate devices. I did not try the patches you link; I opted to > troubleshoot and write my own. > > I basically copied the nlogin script included in the rancid tarball to > ftlogin and then applied the attached diff. I also patched fnrancid > included with rancid. > > Some of the modifications may not be necessary and thanks for John > Heasley for some behind-the-scenes advice. These modifications work for > me running a mixture of v3 and v4 FortiOS on several devices. I dont have any Fortinet devices and do not know anything about them. When did the prompt change? Are there old devices that can not be upgraded and whose prompt has not changed? ie: does the old script need to remain? Has anyone else tested these changes? > - -- > Devon > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v2.0.12 (MingW32) > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ > > iEYEARECAAYFAkwqF2sACgkQWP2WrBTHBS/8PgCgyPZkEbXveBiASIAQVsyqjeux > m48AoKbsTHFmOX/U7Sq2e51VWSo/AfGs > =ld8H > -----END PGP SIGNATURE----- > --- fnrancid.orig 2010-06-16 14:46:06.000000000 +0000 > +++ fnrancid 2010-06-25 14:24:18.000000000 +0000 > @@ -59,7 +59,7 @@ > $file = $opt_f; > $host = $ARGV[0]; > $found_end = 0; > -$timeo = 90; # nlogin timeout in seconds > +$timeo = 90; # ftlogin timeout in seconds > > my(@commandtable, %commands, @commands);# command lists > my($aclsort) = ("ipsort"); # ACL sorting mode > @@ -174,6 +174,9 @@ > tr/\015//d; > next if /^\s*$/; > last if(/$prompt/); > + next if (/^get system status/); > + next if (/^System time:/); > + next if (/^FortiClient application signature package:/); > ProcessHistory("","","","$_"); > } > print STDOUT "Vendor: $vendor"; > @@ -196,10 +199,23 @@ > tr/\015//d; > next if /^\s*$/; > last if(/$prompt/); > - if (/(^set.*)('Enc .*')(.*)/) { > - ProcessHistory("ENC","","","!$1 'Enc **encoding removed**' $3\n"); > - next; > - } > + next if (/^#conf_file_ver=/); > + if (/(^set.*)('Enc .*')(.*)/) { > + ProcessHistory("ENC","","","!$1 'Enc **encoding removed**' $3\n"); > + next; > + } > + if (/(^\s*set psksecret)(\sENC .*)/ && $filter_pwds >= 1) { > + ProcessHistory("ENC","","","$1 \n"); > + next; > + } > + if (/(^\s*set passwd)(\sENC .*)/ && $filter_pwds >= 1) { > + ProcessHistory("ENC","","","$1 \n"); > + next; > + } > + if (/(^\s*set password)(\sENC .*)/ && $filter_pwds >= 1) { > + ProcessHistory("ENC","","","$1 \n"); > + next; > + } > ProcessHistory("","","","$_"); > } > $found_end = 1; > @@ -212,7 +228,7 @@ > # Main > @commandtable = ( > {'get system status' => 'GetSystem'}, > - {'get conf' => 'GetConf'} > + {'show' => 'GetConf'} > ); > # Use an array to preserve the order of the commands and a hash for mapping > # commands to the subroutine and track commands that have been completed. > @@ -241,13 +257,13 @@ > print STDOUT "opening file $host\n" if ($log); > open(INPUT,"<$host") || die "open failed for $host: $!\n"; > } else { > - print STDERR "executing nlogin -t $timeo -c\"$cisco_cmds\" $host\n" if ($debug); > - print STDOUT "executing nlogin -t $timeo -c\"$cisco_cmds\" $host\n" if ($log); > + print STDERR "executing ftlogin -t $timeo -c\"$cisco_cmds\" $host\n" if ($debug); > + print STDOUT "executing ftlogin -t $timeo -c\"$cisco_cmds\" $host\n" if ($log); > if (defined($ENV{NOPIPE})) { > - system "nlogin -t $timeo -c \"$cisco_cmds\" $host $host.raw 2>&1" || die "nlogin failed for $host: $!\n"; > - open(INPUT, "< $host.raw") || die "nlogin failed for $host: $!\n"; > + system "ftlogin -t $timeo -c \"$cisco_cmds\" $host $host.raw 2>&1" || die "ftlogin failed for $host: $!\n"; > + open(INPUT, "< $host.raw") || die "ftlogin failed for $host: $!\n"; > } else { > - open(INPUT,"nlogin -t $timeo -c \"$cisco_cmds\" $host + open(INPUT,"ftlogin -t $timeo -c \"$cisco_cmds\" $host } > } > > @@ -263,25 +279,27 @@ > $filter_commstr = 0; > } > # determine password filtering mode > -if ($ENV{"FILTER_PWDS"} =~ /no/i) { > - $filter_pwds = 0; > -} elsif ($ENV{"FILTER_PWDS"} =~ /all/i) { > - $filter_pwds = 2; > -} else { > - $filter_pwds = 1; > -} > +#if ($ENV{"FILTER_PWDS"} =~ /no/i) { > +# $filter_pwds = 0; > +#} elsif ($ENV{"FILTER_PWDS"} =~ /all/i) { > +# $filter_pwds = 2; > +#} else { > +# $filter_pwds = 1; > +#} > +# Force $filter_pwds to 1 > +$filter_pwds = 1; > > ProcessHistory("","","","!RANCID-CONTENT-TYPE: fortigate\n\n"); > TOP: while() { > tr/\015//d; > if (/^Error:/) { > - print STDOUT ("$host nlogin error: $_"); > - print STDERR ("$host nlogin error: $_") if ($debug); > + print STDOUT ("$host ftlogin error: $_"); > + print STDERR ("$host ftlogin error: $_") if ($debug); > last; > } > - while (/>\s*($cmds_regexp)\s*$/) { > + while (/#\s*($cmds_regexp)\s*$/) { > $cmd = $1; > - if (!defined($prompt)) { $prompt = " >\s*"; } > + if (!defined($prompt)) { $prompt = " #\s*"; } > print STDERR ("HIT COMMAND:$_") if ($debug); > if (!defined($commands{$cmd})) { > print STDERR "$host: found unexpected command - \"$cmd\"\n"; > --- nlogin 2010-06-16 14:36:18.000000000 +0000 > +++ ftlogin 2010-06-17 17:28:20.000000000 +0000 > @@ -435,7 +435,10 @@ > global in_proc > set in_proc 1 > > - send "set console page 0\r" > + #send "set console page 0\r" > + send "config system console\r" > + send "set output standard\r" > + send "end\r" What does that do? does that affect the "nvram" config? > expect -re $prompt {} > > set commands [split $command \;] > @@ -445,7 +448,7 @@ > expect { > -re "\[\n\r]+" { exp_continue } > -re "$prompt" {} > - -gl "--- more ---" { send " " > + -gl "--More-- " { send " " > exp_continue > } > } > @@ -485,7 +488,7 @@ > set timeout $timeoutdflt > } > > - set prompt {-> } > + set prompt {# } > > # Figure out passwords > if { $do_passwd || $do_enapasswd } { > @@ -560,7 +563,10 @@ > continue > } > } elseif { $do_script } { > - send "set console page 0\r" > + #send "set console page 0\r" > + send "config system console\r" > + send "set output standard\r" > + send "end\r" > expect -re $prompt {} > source $sfile > catch {close}; > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss From devon at noved.org Wed Jun 30 12:59:46 2010 From: devon at noved.org (Devon True) Date: Wed, 30 Jun 2010 08:59:46 -0400 Subject: [rancid] Re: Rancid & Fortinet issue In-Reply-To: <20100630012259.GL18387@shrubbery.net> References: <1277755790.14163.2.camel@mazhost> <4C2A176B.1040307@noved.org> <20100630012259.GL18387@shrubbery.net> Message-ID: <4C2B3FC2.20107@noved.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 6/29/2010 9:22 PM, john heasley wrote: > I dont have any Fortinet devices and do not know anything about them. When > did the prompt change? Are there old devices that can not be upgraded and > whose prompt has not changed? ie: does the old script need to remain? I have only been using Fortinet devices for the past 1.5 years, but I don't recall ever seeing the prompt ->; it was either $ or #. On the Netscreen devices I admin, -> is the prompt and the nlogin script works great on those devices. There was some discussion about the prompt changing back in 2006 on this mailing list. http://thread.gmane.org/gmane.network.rancid/1515/focus=1527 - -- Devon -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.12 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkwrP8IACgkQWP2WrBTHBS/Q1ACfcZ20Fom4vRuBXH7nrGZa0YTK k38AoMUyVcUpdUpkLdPfV1evkdTI8I34 =Bnbu -----END PGP SIGNATURE----- From cderemer at phoebe.org Wed Jun 30 17:19:16 2010 From: cderemer at phoebe.org (Christopher DeRemer) Date: Wed, 30 Jun 2010 13:19:16 -0400 Subject: [rancid] Re: Applying Patches In-Reply-To: <4C2B6422.6000304@noved.org> References: <671DC9312DF0CC4D8A7F3ABE978DD5ADE84D5B0B64@MAIL.phoebe.local> <4C2B6422.6000304@noved.org> Message-ID: <671DC9312DF0CC4D8A7F3ABE978DD5ADE84D5B0B65@MAIL.phoebe.local> >>On 6/29/2010 3:42 PM, Christopher DeRemer wrote: >> Sorry for the newbie questions but after a brief search I didn?t find >> any clear instructions. How do I apply .diff file patches to my Rancid >After installing rancid, you should be able to go into the appropriate directory (most like RANCID_DIR/bin/) and use the "patch" command to apply the patchfile (e.g. >patch -p1 < patchfile). Some massaging of the patch process may be required and if the patch is small enough, editing the file directly by hand (save a backup first!) is >not hard. Background... trying to patch Michael Stafaniuc's Cisco WLC patch http://www.gossamer-threads.com/lists/rancid/users/4895 If I try "patch -p1 < rancid-ciscowlc.diff" I get the following output: can't find file to patch at input line 4 Perhaps you used the wrong -p or --strip option? The text leading up to this was: -------------------------- |diff -up ./bin/Makefile.am.wlc ./bin/Makefile.am |--- ./bin/Makefile.am.wlc 2010-03-24 00:33:51.000000000 +0100 |+++ ./bin/Makefile.am 2010-04-27 19:11:43.000000000 +0200 -------------------------- File to patch: As far as I can tell he's not just modifying one file, it seems like he has several files that he's changing (see thread content) Cheers, Chris NOTICE: This confidential message/attachment contains information intended for a specific individual(s). Any inappropriate use, distribution or duplication is strictly prohibited. If received in error, notify the sender and immediately delete this transmission. From devon at noved.org Wed Jun 30 17:50:40 2010 From: devon at noved.org (Devon True) Date: Wed, 30 Jun 2010 13:50:40 -0400 Subject: [rancid] Re: Applying Patches In-Reply-To: <671DC9312DF0CC4D8A7F3ABE978DD5ADE84D5B0B65@MAIL.phoebe.local> References: <671DC9312DF0CC4D8A7F3ABE978DD5ADE84D5B0B64@MAIL.phoebe.local> <4C2B6422.6000304@noved.org> <671DC9312DF0CC4D8A7F3ABE978DD5ADE84D5B0B65@MAIL.phoebe.local> Message-ID: <4C2B83F0.9070608@noved.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 6/30/2010 1:19 PM, Christopher DeRemer wrote: >>> On 6/29/2010 3:42 PM, Christopher DeRemer wrote: >>> Sorry for the newbie questions but after a brief search I didn?t find >>> any clear instructions. How do I apply .diff file patches to my Rancid > >> After installing rancid, you should be able to go into the appropriate directory (most like RANCID_DIR/bin/) and use the "patch" command to apply the patchfile (e.g. >patch -p1 < patchfile). Some massaging of the patch process may be required and if the patch is small enough, editing the file directly by hand (save a backup first!) is >not hard. > > Background... trying to patch Michael Stafaniuc's Cisco WLC patch http://www.gossamer-threads.com/lists/rancid/users/4895 > > If I try "patch -p1 < rancid-ciscowlc.diff" I get the following output: > can't find file to patch at input line 4 > Perhaps you used the wrong -p or --strip option? > The text leading up to this was: > -------------------------- > |diff -up ./bin/Makefile.am.wlc ./bin/Makefile.am > |--- ./bin/Makefile.am.wlc 2010-03-24 00:33:51.000000000 +0100 > |+++ ./bin/Makefile.am 2010-04-27 19:11:43.000000000 +0200 > -------------------------- > File to patch: > > As far as I can tell he's not just modifying one file, it seems like he has several files that he's changing (see thread content) I extracted the rancid-2.3.3 tarball, entered the directory, copied the rancid-ciscowlc.diff into that directory, and used the "-p0" option. That seems to have worked: $ tar -xzf rancid-2.3.3.tar.gz $ cd rancid-2.3.3/ $ patch -p0 < rancid-ciscowlc.diff patching file ./bin/Makefile.am patching file ./bin/rancid-fe.in patching file ./bin/wlclogin.in patching file ./bin/wlcrancid.in patching file ./configure.in - -- Devon -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.12 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkwrg/AACgkQWP2WrBTHBS/OuwCfaoOT79WJw+IBBP+MFTf8SBby fo8AniEfjSJTfy/lI9y8X2NZ7Ly65Atd =rGHx -----END PGP SIGNATURE----- From jeremys at rickyninja.net Wed Jun 30 20:08:16 2010 From: jeremys at rickyninja.net (Jeremy Singletary) Date: Wed, 30 Jun 2010 13:08:16 -0700 Subject: [rancid] Re: Dell Switch Errors In-Reply-To: <4C22364D.7050901@qis.net> References: <7E95B929-0BC1-4325-A441-F03D0F002A77@mediatemple.net> <4C2191E9.3090907@qis.net> <20100623045200.GB25126@shrubbery.net> <4C2193A8.8030601@qis.net> <20100623155107.GA17369@shrubbery.net> <4C222FF2.3060504@qis.net> <20100623160915.GA12324@shrubbery.net> <4C2233A6.2060305@qis.net> <20100623162003.GB12324@shrubbery.net> <4C22364D.7050901@qis.net> Message-ID: <20100630200816.GA3197@pegasus.billn.net> On 06/23/10, Willie Bollinger said: > WriteTerm: qos basic > WriteTerm: qos trust cos > WriteTerm: dsw1-cc#exitConnection to 10.10.111.2 closed by foreign host. The line above leads me to believe that the regex is failing because the regex expects the last character on the line to be the t in exit. drancid: if (/$prompt\s?exit$/) { warn "left WriteTerm on: $_"; $clean_run=1;last; } also in drancid: if (/[>#]\s?exit$/) { $clean_run=1; last; } Try removing the $ after the word exit in one or both of those regex conditions. -jeremy From heas at shrubbery.net Wed Jun 30 20:17:51 2010 From: heas at shrubbery.net (john heasley) Date: Wed, 30 Jun 2010 20:17:51 +0000 Subject: [rancid] Re: Dell Switch Errors In-Reply-To: <20100630200816.GA3197@pegasus.billn.net> References: <4C2191E9.3090907@qis.net> <20100623045200.GB25126@shrubbery.net> <4C2193A8.8030601@qis.net> <20100623155107.GA17369@shrubbery.net> <4C222FF2.3060504@qis.net> <20100623160915.GA12324@shrubbery.net> <4C2233A6.2060305@qis.net> <20100623162003.GB12324@shrubbery.net> <4C22364D.7050901@qis.net> <20100630200816.GA3197@pegasus.billn.net> Message-ID: <20100630201751.GA7365@shrubbery.net> Wed, Jun 30, 2010 at 01:08:16PM -0700, Jeremy Singletary: > On 06/23/10, Willie Bollinger said: > > WriteTerm: qos basic > > WriteTerm: qos trust cos > > WriteTerm: dsw1-cc#exitConnection to 10.10.111.2 closed by foreign host. > > The line above leads me to believe that the regex is failing because the > regex expects the last character on the line to be the t in exit. > > drancid: > if (/$prompt\s?exit$/) { warn "left WriteTerm on: $_"; $clean_run=1;last; } > > also in drancid: > if (/[>#]\s?exit$/) { > $clean_run=1; > last; > } > > Try removing the $ after the word exit in one or both of those regex conditions. you should try it like the extreme script (xrancid) to be safer. From jeremys at rickyninja.net Wed Jun 30 20:35:58 2010 From: jeremys at rickyninja.net (Jeremy Singletary) Date: Wed, 30 Jun 2010 13:35:58 -0700 Subject: [rancid] Re: Dell Switch Errors In-Reply-To: <20100630201751.GA7365@shrubbery.net> References: <20100623045200.GB25126@shrubbery.net> <4C2193A8.8030601@qis.net> <20100623155107.GA17369@shrubbery.net> <4C222FF2.3060504@qis.net> <20100623160915.GA12324@shrubbery.net> <4C2233A6.2060305@qis.net> <20100623162003.GB12324@shrubbery.net> <4C22364D.7050901@qis.net> <20100630200816.GA3197@pegasus.billn.net> <20100630201751.GA7365@shrubbery.net> Message-ID: <20100630203558.GB3197@pegasus.billn.net> On 06/30/10, john heasley said: > Wed, Jun 30, 2010 at 01:08:16PM -0700, Jeremy Singletary: > > On 06/23/10, Willie Bollinger said: > > > WriteTerm: qos basic > > > WriteTerm: qos trust cos > > > WriteTerm: dsw1-cc#exitConnection to 10.10.111.2 closed by foreign host. > > > > The line above leads me to believe that the regex is failing because the > > regex expects the last character on the line to be the t in exit. > > > > drancid: > > if (/$prompt\s?exit$/) { warn "left WriteTerm on: $_"; $clean_run=1;last; } > > > > also in drancid: > > if (/[>#]\s?exit$/) { > > $clean_run=1; > > last; > > } > > > > Try removing the $ after the word exit in one or both of those regex conditions. > > you should try it like the extreme script (xrancid) to be safer. Thanks, I'll copy that regex from xrancid.