[rancid] FWSM compatibility

Ryan West rwest at zyedge.com
Tue Mar 8 12:45:34 UTC 2011


Yes.  I use it for a switch cluster where I only have access to the commander:

add method cust-sw2           {usercmd}
add usercmd cust-sw2          {clogin} {cust-sw1}
add usercmd_chat cust-sw2     {cust-sw1#} {rco 1\r} {cust-sw2#} {\r}

All of your normal cloginrc rules applies to cust-sw1.  Once clogin sees the cust-sw2# prompt, data collection begins for that device.  Router.db contains the entry for both cust-sw1:cisco:up and cust-sw2:cisco:up.

-ryan

From: Jiménez Fernández, Mikel [mailto:m.jimenez at ibermatica.com]
Sent: Tuesday, March 08, 2011 6:47 AM
To: Jiménez Fernández, Mikel; Ryan West; rancid-discuss at shrubbery.net
Subject: RE: FWSM compatibility

It works!!

add method fwbt {usercmd}
add usercmd fwbt {clogin}  {-u} {mike} {-p} {pas}  {-e} {pass} {172.24.133.40}
add usercmd_chat fwbt {fwcat1/admin#} {changeto context fwBT\r} {fwcat1/fwBT#} {sh run\r}

:)

And now, this is possible to integrate with Rancid for making backups ?

________________________________
De: Jiménez Fernández, Mikel
Enviado el: martes, 08 de marzo de 2011 12:21
Para: 'Ryan West'; rancid-discuss at shrubbery.net
Asunto: RE: FWSM compatibility
Hello,

I have succesfully  patched but I have some questions...

My intention is to login like a typical Cisco device and inside it, run commands (usercmd_chat may be...) but the login mode, what should be ?

I have to do "enable" and type the password... I can not use the "ssh" method ?

Can I use SSH method and then call usercmd-chat or what is the recomendation ?
In the patch example I can see "add usercmd host {ssh} {-t} {-p 1234} {command ?¿?}" but what happen with password and "enable ?

Thanks and I hope I will solve it with your help guys!!

Thanks in advance.

________________________________
De: Ryan West [mailto:rwest at zyedge.com]
Enviado el: miércoles, 02 de marzo de 2011 18:03
Para: Jiménez Fernández, Mikel; rancid-discuss at shrubbery.net
Asunto: RE: FWSM compatibility
Just edit clogin in the bin directory to add the patch.
-ryan
From: Jiménez Fernández, Mikel [mailto:m.jimenez at ibermatica.com]
Sent: Wednesday, March 02, 2011 11:57 AM
To: Ryan West; rancid-discuss at shrubbery.net
Subject: RE: FWSM compatibility
So I have to download the source code, patch, compile and it should work ?
Thanks!
________________________________
De: Ryan West [mailto:rwest at zyedge.com]
Enviado el: miércoles, 02 de marzo de 2011 17:43
Para: Jiménez Fernández, Mikel; rancid-discuss at shrubbery.net
Asunto: RE: FWSM compatibility
http://www.shrubbery.net/pipermail/rancid-discuss/2006-May/001490.html
It's a small patch to clogin, but still works in 2.3.6.
-ryan
From: Jiménez Fernández, Mikel [mailto:m.jimenez at ibermatica.com]
Sent: Wednesday, March 02, 2011 11:28 AM
To: Ryan West; rancid-discuss at shrubbery.net
Subject: RE: FWSM compatibility
What do you want to say with "command / chat" ?
I have to use admin context and "jump" from it...
Thanks!!
________________________________
De: Ryan West [mailto:rwest at zyedge.com]
Enviado el: miércoles, 02 de marzo de 2011 17:26
Para: Jiménez Fernández, Mikel; rancid-discuss at shrubbery.net
Asunto: RE: FWSM compatibility
User command / chat might do the trick for you, or create a management interface for the contexts and back them as normal firewalls.
-ryan
From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Jiménez Fernández, Mikel
Sent: Wednesday, March 02, 2011 11:06 AM
To: rancid-discuss at shrubbery.net
Subject: [rancid] FWSM compatibility
Hi!
First of all, I have to say that I have read numerous of forums before asking here anything.
I want to backup Cisco FWSM 3.x and 4.x contexts configurations. Is possible with actual Rancid/Clogin ?
Actually I define a file with the commands, but when I change from admin context to fwlearning2 context, the session get "stalled", here the output.
[rancid at jazznetmon rancid]$ clogin -x file -u mike -p "kikoko"  -e kikoko 172.24.133.40
172.24.133.40
spawn ssh -c 3des -x -l mike 172.24.133.40
mike at 172.24.133.40's<mailto:mike at 172.24.133.40's> password:
*********************************************
 FWSM - FIREWALL SERVICES MODULE
 Dtpo. COMUNICACIONES IBERMATICA 913849100
*********************************************
Type help or '?' for a list of available commands.
fwcat1/admin> enable
Password: ******
fwcat1/admin#
fwcat1/admin# terminal length 0
                       ^
ERROR: % Invalid input detected at '^' marker.
fwcat1/admin#  changeto context fwelearning2  -- "(stalled....)
And here the file with the commands:
[rancid at jazznetmon ~]$ cat file
changeto context fwelearning2
config t
sh run
I doesn´t work to run commands inside another context...
Any ideas ?
Thanks!!

Mikel Jimenez Fernandez

Departamento de Comunicaciones

Ibermatica

Tlf: 91 384 9100 ext 7561

Camino de Hormigueras, 172

28031 MADRID
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20110308/1adf6308/attachment-0001.html>


More information about the Rancid-discuss mailing list