[rancid] rancid with Fortigate FG100A
heas at shrubbery.net
Wed Jul 6 22:06:24 UTC 2011
Wed, Jul 06, 2011 at 02:35:36PM +0100, Gavin McCullagh:
> On Wed, 06 Jul 2011, Diego Ercolani wrote:
> > This is the power of opensource, every one can add a small piece of his
> > knowledge and bring the community a full (hopely errorproof) utility.
> In general, is it better for Rancid to record and version the entire
> config of a device including defaults, or to just version the non-default
> I can see arguments for both:
> - when you upgrade firmware, the defaults might change and rancid could
> presumably only note these if you version the entire config.
thats the impetus for the command that is used. hopefully the route of
least surprise if you must recover a device's config.
> - if the unit should fail, you get a new one and want to deploy the
> config from Rancid, I would usually prefer to just deploy our config
> changes and not override the defaults. If rancid holds the full config,
> you can't really work out what are defaults and what are your settings.
> Perhaps others might prefer to actually set those defaults where
if thats a concern, perhaps you need a full and non-full version [in separate
> I imagine this issue arises with units other than the Fortigates.
> > I have only one clustered installation of fortigate and what I noticed is that
> > from time to time, fortigate adds some line feed that make seem the
> > configuration has changed... this is very annoying but I can't do experiments
> > because it's a productin environment.
perhaps that is a defect in fnrancid's login script?
More information about the Rancid-discuss