[rancid] Fortigate problem

Skoog, Robert Robert.Skoog at safelite.com
Mon May 20 16:43:58 UTC 2013 

The command before it gives this output:

Somefortinethost # get system status
Version: FortiWiFi-80CM v4.0,build0637,120817 (MR3 Patch 9)
Virus-DB: 17.00657(2013-05-19 11:39)
Extended DB: 14.00000(2011-08-24 17:09)
IPS-DB: 4.00343(2013-05-16 00:16)
FortiClient application signature package: 4.343(2013-05-20 01:43)
Serial-Number: FW80CM111111111111
BIOS version: 04000004
Log hard disk: Not available
Internal Switch mode: switch
Hostname: SomeHostName
Operation Mode: NAT
Current virtual domain: root
Max number of virtual domains: 10
Virtual domains status: 2 in NAT mode, 0 in TP mode
Virtual domain configuration: enable
FIPS-CC mode: disable
Current HA mode: standalone
Wifi Chipset: Ralink RT2860
WiFi firmware version: 2.1.3.0
Distribution: International
Branch point: 637
Release Version Information: MR3 Patch 9
System time: Mon May 20 12:36:30 2013

SomeHostname #

That Regex matches for this line:
Virtual domain configuration: enable

I tried some longer regexes, but had problems with the output being chunked or something.  If vdoms are enabled the "config global" command is sent if they aren't it just picks up at the next prompt.  While the command currently used by fnrancid work fine without the patch we noticed issues when we tried to also the configuration of a device using a list of commands if the config global was sent by rancid and the device didn't use vdoms.

-----Original Message-----
From: heasley [mailto:heas at shrubbery.net] 
Sent: Monday, May 20, 2013 12:06 PM
To: Skoog, Robert
Cc: heasley; Charles van der Spuy; rancid-discuss at shrubbery.net
Subject: Re: [rancid] Fortigate problem

Mon, May 20, 2013 at 03:41:13PM +0000, Skoog, Robert:
> Actually you put up a patch to the mailing list previously which resolves this issue:
> 
> http://www.gossamer-threads.com/lists/rancid/users/6488

thanks; that had been committed.  I missed the difference when I looked at 2.3.8.

> I can't seem to find the post on the shrubbery archives though.  I know the patch resolved my issues when using SSH to connect to fortinets.  I also put up a patch a while ago dealing with devices with and without vdoms.  Devices without vdoms seem not to like having configuration commands sent after the config global command is sent.
> 
> http://www.shrubbery.net/pipermail/rancid-discuss/2013-March/006715.ht
> ml

what effect does that have when vdoms are not in use?

what is being matched here:
+        expect {
+               -re "tion: ena" { expect -re $prompt; send "config global\r"}
+               -re "tion: dis" {}
+              }

____________________________________________________________
This message, including any attachments, may contain confidential information intended for a specific individual and purpose, and may be protected by law. If you are not the intended recipient please delete this message immediately. Any disclosure, copying or distribution of this message, or the taking of any action based on it, by any unintended recipient is strictly prohibited.

More information about the Rancid-discuss mailing list