From heas at shrubbery.net Sat Jul 1 18:39:50 2017 From: heas at shrubbery.net (heasley) Date: Sat, 1 Jul 2017 18:39:50 +0000 Subject: [rancid] ignoring files in flash In-Reply-To: <20170701174359.C50229BB91@sea.shrubbery.net> Message-ID: <20170701183950.GA94410@shrubbery.net> Thu, Jun 29, 2017 at 01:03:07PM -0700, allonon: > Hi, Unfortunately my lack of programming skils requires me to ask this > question. > > I updated our config to write an archived config copy to flash every > night. That has the side affect of having rancid email me for the > changes. I found the area in ios.pm to to drop files entirely, addded the > following "|archived\-config*" to the line (without the double quotes) but > it's not ignoring the daily files. > > Please help me ignore these files Thanks Index: CHANGES =================================================================== --- CHANGES (revision 3689) +++ CHANGES (working copy) @@ -1,4 +1,7 @@ 3.99.99 + ios.pm: filter config archive file names running-config-archive-*; no + reasonable file name suggestion found in docs. + aeos.pm: filter unsaved config changes notification ios.pm: ignore size of throughput_monitor_params on XE - Emille Blanc Index: lib/ios.pm.in =================================================================== --- lib/ios.pm.in (revision 3688) +++ lib/ios.pm.in (working copy) @@ -951,7 +951,7 @@ # to: # vlan.dat # vlan.dat - if (/(dhcp_[^. ]*\.txt|vlan\.dat|sflog|snooping|smart-log\/agentlog|syslog)\s*$/) { + if (/(dhcp_[^. ]*\.txt|vlan\.dat|running-config-archive-\S+|sflog|snooping|smart-log\/agentlog|syslog)\s*$/) { if (/(\s*\d+)(\s+[-rwx]+\s+)(\d+)(\s+)(\w+ \d+\s+\d+ \d+:\d+:\d+ .\d+:\d+)/) { my($fn, $a, $sz, $c, $dt, $rem) = ($1, $2, $3, $4, $5, $'); my($fnl, $szl, $dtl) = (length($fn), length($sz), length($dt)); @@ -1061,7 +1061,7 @@ # to: # -rw- vlan.dat # -rw- vlan.dat - if (/(dhcp_[^. ]*\.txt|vlan\.dat|sflog|snooping|syslog)\s*$/) { + if (/(dhcp_[^. ]*\.txt|vlan\.dat|running-config-archive-\S+|sflog|snooping|syslog)\s*$/) { if (/(\s*\d+)(\s+\S+\s+)(\d+)(\s+)(\w+ \d+\s+\d+ \d+:\d+:\d+ .\d+:\d+)/) { my($fn, $a, $sz, $c, $dt, $rem) = ($1, $2, $3, $4, $5, $'); my($fnl, $szl, $dtl) = (length($fn), length($sz), length($dt)); From jethro.binks at strath.ac.uk Mon Jul 3 08:17:53 2017 From: jethro.binks at strath.ac.uk (Jethro R Binks) Date: Mon, 3 Jul 2017 09:17:53 +0100 (BST) Subject: [rancid] Brocade - ignore secure-mac-address changes In-Reply-To: <20170630190854.GC43575@shrubbery.net> References: <20170630190854.GC43575@shrubbery.net> Message-ID: On Fri, 30 Jun 2017, heasley wrote: > Tue, Jun 06, 2017 at 11:42:11AM -0400, Gerhard Mourani: > > Hello, > > > > I'm using Rancid 3.2 on CentOS 6.8 and would like to ensure that any > > change in secure-mac-address in my Brocade config is hidden or > > removed. Here I guest is the corresponding line of code in foundry.pm > > to sort those lines. > > > > /secure-mac-address (\S+)/ && > > ProcessHistory("SECMAC","keysort","$1","$_") && next; > > > > How to make the above to ignore secure-mac-address changes ? > > I'm not sure what to do about this particular config line. IIUC, this is > configuration that could appear by manual intervention or automatically; > which is a subject of annoyance for me, that ephemeral configuration like > this would appear in the show running config. > > I understand how this could be annoying, but that some might wish to > retain it, while others may wish to filter it. I'm inclined to add a > knob similar to FILTER_OSC, but it seems like there are 4 classes of such > things; beyond what FILTER_OSC filters, there are 2) this auto-configuration > (VTP vlans), 3) auto-configuration that can also be manually configured > (secure-mac), 4) informational stuff that changes frequently (flash space). > > It does not seem like one knob could/should address all of these. I agree; I have also found things that I have wanted or actually filtered, but also considered that others might not want that same decision. Jethro. . . . . . . . . . . . . . . . . . . . . . . . . . Jethro R Binks, Network Manager, Information Services Directorate, University Of Strathclyde, Glasgow, UK The University of Strathclyde is a charitable body, registered in Scotland, number SC015263. From b.candler at pobox.com Mon Jul 3 06:00:57 2017 From: b.candler at pobox.com (Brian Candler) Date: Mon, 3 Jul 2017 07:00:57 +0100 Subject: [rancid] Mismatched braces in tlogin Message-ID: <0497b5ef-95ea-6d93-cc35-6672dc12a9de@pobox.com> Just been trying to use tlogin from 3.3.0 with Netgear [^1] There appears to be a spurious closing brace in the Tcl, giving an error "extra switch pattern with no body". It looks like 3.3.2 has this problem too. This fixes it for me: --- tlogin.in.orig 2017-01-10 20:59:52.000000000 +0000 +++ tlogin.in 2017-07-03 05:53:45.562490564 +0000 @@ -65,7 +65,7 @@ set arg [lindex $argv $i] switch -glob -- $arg { - } -d { + -d { exp_internal 1 # Username } -u* { After that, the only problem I had was with the prompt, which is "User:" for a Netgear with telnet. I probably should have set the userprompt variable, but I made a local patch instead: @@ -732,7 +732,7 @@ # Figure out prompts set u_prompt [find userprompt $router] if { "$u_prompt" == "" } { - set u_prompt "(Username|Login|login|user name|name):" + set u_prompt "(Username|Login|login|user name|name|User):" } else { set u_prompt [join [lindex $u_prompt 0] ""] } Cheers, Brian. [^1] Using an old "grancid" which I dug up from here years ago: http://www.shrubbery.net/pipermail/rancid-discuss/2008-June/003128.html From David.Raymond at ca.ebarrette.com Tue Jul 4 20:59:03 2017 From: David.Raymond at ca.ebarrette.com (Raymond, David) Date: Tue, 4 Jul 2017 20:59:03 +0000 Subject: [rancid] Need help with fixing custom Rancid script (IBM flex switches) Message-ID: <1CF7452C5294544D92F307FA283E5F91014B3BF126@stjs-ca-ex01.barrette.wan> Hi Auzzik, Can you share you modification, I need to do the same thing as you, this will help a lot. Thanks David -------------- next part -------------- An HTML attachment was scrubbed... URL: From cgauthier at comscore.com Thu Jul 6 14:46:46 2017 From: cgauthier at comscore.com (Gauthier, Chris) Date: Thu, 6 Jul 2017 14:46:46 +0000 Subject: [rancid] --with-git Message-ID: <033FC8BE-CE43-4F0A-9E60-9CBE098FDD8C@comscore.com> Heasley, I know you fixed the ?with-git option (broken in 3.6.2) in the current alpha build. After looking at the CHANGES file, is it safe to copy the alpha?s configure file to 3.6.2 and have the ?with-git option work? Our sysadmins really don?t want to run alpha anything, but we do need the git compatibility. Or, is running 3.6.1 a better option? --chris Chris GauthierSenior Network Engineer | comScore, Inc. o +1 503-331-2704cgauthier at comscore.com 317 SW Alder St, Suite 500 | Portland | OR97204 ............................................................................................................................................................................................................................ -------------- next part -------------- An HTML attachment was scrubbed... URL: From heas at shrubbery.net Thu Jul 6 15:37:14 2017 From: heas at shrubbery.net (heasley) Date: Thu, 6 Jul 2017 15:37:14 +0000 Subject: [rancid] --with-git In-Reply-To: <033FC8BE-CE43-4F0A-9E60-9CBE098FDD8C@comscore.com> References: <033FC8BE-CE43-4F0A-9E60-9CBE098FDD8C@comscore.com> Message-ID: <20170706153714.GC2617@shrubbery.net> Thu, Jul 06, 2017 at 02:46:46PM +0000, Gauthier, Chris: > Heasley, > > I know you fixed the ?with-git option (broken in 3.6.2) in the current alpha build. After looking at the CHANGES file, is it safe to copy the alpha?s configure file to 3.6.2 and have the ?with-git option work? Our sysadmins really don?t want to run alpha anything, but we do need the git compatibility. Or, is running 3.6.1 a better option? yes, i think that you can just copy configure. if you can wait a few days, that alpha will soon be the next version; i'm trying to wrap-up the 2 problems recently reported for ASA and cienna. From heas at shrubbery.net Thu Jul 6 16:01:29 2017 From: heas at shrubbery.net (heasley) Date: Thu, 6 Jul 2017 16:01:29 +0000 Subject: [rancid] IOS-XE dual-RE show version Message-ID: <20170706160129.GG2617@shrubbery.net> If someone here happens to have an IOS-XE device with dual-REs, please send the full output of 'show version' to me. feel free to obfuscate hostnames. TIA From cgauthier at comscore.com Thu Jul 6 15:57:20 2017 From: cgauthier at comscore.com (Gauthier, Chris) Date: Thu, 6 Jul 2017 15:57:20 +0000 Subject: [rancid] --with-git In-Reply-To: <20170706153714.GC2617@shrubbery.net> References: <033FC8BE-CE43-4F0A-9E60-9CBE098FDD8C@comscore.com> <20170706153714.GC2617@shrubbery.net> Message-ID: Thu, Jul 06, 2017 at 02:46:46PM +0000, Gauthier, Chris: > Heasley, > > I know you fixed the ?with-git option (broken in 3.6.2) in the current alpha build. After looking at the CHANGES file, is it safe to copy the alpha?s configure file to 3.6.2 and have the ?with-git option work? Our sysadmins really don?t want to run alpha anything, but we do need the git compatibility. Or, is running 3.6.1 a better option? yes, i think that you can just copy configure. if you can wait a few days, that alpha will soon be the next version; i'm trying to wrap-up the 2 problems recently reported for ASA and cienna. I will probably use the new version once it is out. However, I did a diff this morning and added the specific lines that pertain to ?git? in the alpha into the 3.6.2 configure. In the meantime, I am planning on continuing with the 3.6.2 route. Here is the diff output for everyone?s benefit. [user at localhost rancid-3.6.2]$ diff -u configure-3.6.2-orig configure --- configure-3.6.2-orig 2017-07-06 08:31:24.889061430 -0700 +++ configure 2017-07-06 08:37:46.235204141 -0700 @@ -759,6 +759,7 @@ enable_mk_localstatedir enable_conf_install with_svn +with_git enable_mail_plus enable_adminmail_plus ' @@ -1408,6 +1409,7 @@ --without-PACKAGE do not use PACKAGE (same as --with-PACKAGE=no) --with-svn=fstype use subversion instead of cvs, with optional svn fstype (fsfs|bdb) + --with-git use git instead of cvs Some influential environment variables: CC C compiler command @@ -4936,7 +4938,27 @@ else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } - RCSSYS="cvs" + +# Check whether --with-git was given. +if test "${with_git+set}" = set; then : + withval=$with_git; case "$withval" in + yes) + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } + RCSSYS="git" + ;; + no) + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } + RCSSYS="cvs" + esac + +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } + RCSSYS="cvs" + +fi fi Chris GauthierSenior Network Engineer | comScore, Inc. o +1 503-331-2704cgauthier at comscore.com 317 SW Alder St, Suite 500 | Portland | OR97204 ............................................................................................................................................................................................................................ -------------- next part -------------- An HTML attachment was scrubbed... URL: From cgauthier at comscore.com Thu Jul 6 18:32:05 2017 From: cgauthier at comscore.com (Gauthier, Chris) Date: Thu, 6 Jul 2017 18:32:05 +0000 Subject: [rancid] expect/tcl bug? Message-ID: <9345A0BD-5277-4626-BCFF-9C1E8C01E0C5@comscore.com> Is the expect/tcl bug still relevant even though it was first reported in 2001? TIA --Chris Chris GauthierSenior Network Engineer | comScore, Inc. o +1 503-331-2704cgauthier at comscore.com 317 SW Alder St, Suite 500 | Portland | OR97204 ............................................................................................................................................................................................................................ -------------- next part -------------- An HTML attachment was scrubbed... URL: From heas at shrubbery.net Thu Jul 6 18:34:33 2017 From: heas at shrubbery.net (heasley) Date: Thu, 6 Jul 2017 18:34:33 +0000 Subject: [rancid] expect/tcl bug? In-Reply-To: <9345A0BD-5277-4626-BCFF-9C1E8C01E0C5@comscore.com> References: <9345A0BD-5277-4626-BCFF-9C1E8C01E0C5@comscore.com> Message-ID: <20170706183433.GE56097@shrubbery.net> Thu, Jul 06, 2017 at 06:32:05PM +0000, Gauthier, Chris: > Is the expect/tcl bug still relevant even though it was first reported in 2001? TIA I can't say if it is. it is difficult to replicate and I have just blindy applied applied it to all solaris/linux installs since. From cgauthier at comscore.com Thu Jul 6 18:40:31 2017 From: cgauthier at comscore.com (Gauthier, Chris) Date: Thu, 6 Jul 2017 18:40:31 +0000 Subject: [rancid] expect/tcl bug? In-Reply-To: <20170706183433.GE56097@shrubbery.net> References: <9345A0BD-5277-4626-BCFF-9C1E8C01E0C5@comscore.com> <20170706183433.GE56097@shrubbery.net> Message-ID: Thu, Jul 06, 2017 at 06:32:05PM +0000, Gauthier, Chris: > Is the expect/tcl bug still relevant even though it was first reported in 2001? TIA I can't say if it is. it is difficult to replicate and I have just blindy applied applied it to all solaris/linux installs since. I?m willing to test it, but don?t know how to replicate it. Chris GauthierSenior Network Engineer | comScore, Inc. o +1 503-331-2704cgauthier at comscore.com 317 SW Alder St, Suite 500 | Portland | OR97204 ............................................................................................................................................................................................................................ -------------- next part -------------- An HTML attachment was scrubbed... URL: From heas at shrubbery.net Thu Jul 6 19:22:30 2017 From: heas at shrubbery.net (heasley) Date: Thu, 6 Jul 2017 19:22:30 +0000 Subject: [rancid] expect/tcl bug? In-Reply-To: References: <9345A0BD-5277-4626-BCFF-9C1E8C01E0C5@comscore.com> <20170706183433.GE56097@shrubbery.net> Message-ID: <20170706192229.GG56097@shrubbery.net> Thu, Jul 06, 2017 at 06:40:31PM +0000, Gauthier, Chris: > > Thu, Jul 06, 2017 at 06:32:05PM +0000, Gauthier, Chris: > > Is the expect/tcl bug still relevant even though it was first reported in 2001? TIA > > I can't say if it is. it is difficult to replicate and I have just blindy > applied applied it to all solaris/linux installs since. > > I?m willing to test it, but don?t know how to replicate it. exactly. :) what happens, iirc, is that due to timing (ie: when data arrives & when & how much tcl decides to read from the fd), there is a partial match on the buffer, and after that rather than a match attempt again, there is a read(2), at which point it hangs because the fd is blocking. There isnt more data to read, the needed data is in the buffer already. eg buffer: some output.....blah blah blah \r\nprompt# it has that in the buffer. reads up to the \n, calls read(2) and blocks until the timeout. but the device is waiting for more commands. and the prompt is in buffer already, it just needs to run the expect again. the patch/hack fixes this by making the fd non-blocking (temporarily). From doug.hughes at keystonenap.com Thu Jul 6 19:24:06 2017 From: doug.hughes at keystonenap.com (Doug Hughes) Date: Thu, 6 Jul 2017 15:24:06 -0400 Subject: [rancid] expect/tcl bug? In-Reply-To: <9345A0BD-5277-4626-BCFF-9C1E8C01E0C5@comscore.com> References: <9345A0BD-5277-4626-BCFF-9C1E8C01E0C5@comscore.com> Message-ID: seems very, very unlikely. That was Pre TCL 8, even. On 7/6/2017 2:32 PM, Gauthier, Chris wrote: > Is the expect/tcl bug still relevant even though it was first reported > in 2001? TIA > > --Chris > > > Chris Gauthier Senior Network Engineer | comScore, Inc. > > o +1 *503-331-2704* *cgauthier at comscore.com* > > > 317 SW Alder St, Suite 500 | Portland | OR 97204 > > ............................................................................................................................................................................................................................ > > > > > > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss -- Doug Hughes Keystone NAP Fairless Hills, PA 1.844.KEYBLOCK (539.2562) -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: keystone-nap.png Type: image/png Size: 3476 bytes Desc: not available URL: From weylin at bu.edu Thu Jul 6 20:38:03 2017 From: weylin at bu.edu (Piegorsch, Weylin William) Date: Thu, 6 Jul 2017 20:38:03 +0000 Subject: [rancid] IOS-XE dual-RE show version In-Reply-To: <20170706160129.GG2617@shrubbery.net> References: <20170706160129.GG2617@shrubbery.net> Message-ID: <1D4289E2-758C-4ADB-855A-340DC9B64A45@bu.edu> Do you mean dual route processor? I?m not sure what an RE is. weylin -----Original Message----- From: heasley Date: Thursday, July 6, 2017 at 12:01 To: Subject: [rancid] IOS-XE dual-RE show version If someone here happens to have an IOS-XE device with dual-REs, please send the full output of 'show version' to me. feel free to obfuscate hostnames. TIA From heas at shrubbery.net Thu Jul 6 21:09:14 2017 From: heas at shrubbery.net (heasley) Date: Thu, 6 Jul 2017 21:09:14 +0000 Subject: [rancid] IOS-XE dual-RE show version In-Reply-To: <1D4289E2-758C-4ADB-855A-340DC9B64A45@bu.edu> References: <20170706160129.GG2617@shrubbery.net> <1D4289E2-758C-4ADB-855A-340DC9B64A45@bu.edu> Message-ID: <20170706210914.GA65251@shrubbery.net> Thu, Jul 06, 2017 at 08:38:03PM +0000, Piegorsch, Weylin William: > Do you mean dual route processor? I?m not sure what an RE is. > weylin Yes, Routing Engine (junos terminology, i suppose). I have one; I wouldnt mind an example from a more recent version. > -----Original Message----- > From: heasley > Date: Thursday, July 6, 2017 at 12:01 > To: > Subject: [rancid] IOS-XE dual-RE show version > > If someone here happens to have an IOS-XE device with dual-REs, please send > the full output of 'show version' to me. feel free to obfuscate hostnames. > TIA > > > > From weylin at bu.edu Thu Jul 6 21:21:53 2017 From: weylin at bu.edu (Piegorsch, Weylin William) Date: Thu, 6 Jul 2017 21:21:53 +0000 Subject: [rancid] IOS-XE dual-RE show version In-Reply-To: <20170706210914.GA65251@shrubbery.net> References: <20170706160129.GG2617@shrubbery.net> <1D4289E2-758C-4ADB-855A-340DC9B64A45@bu.edu> <20170706210914.GA65251@shrubbery.net> Message-ID: <7462874F-0375-46E8-BD24-F9ABEDCAC49A@bu.edu> I?m not sure how to tell, but I can share this. Weylin ASR1002-X#sh ver Cisco IOS XE Software, Version 03.16.05.S - Extended Support Release Cisco IOS Software, ASR1000 Software (X86_64_LINUX_IOSD-UNIVERSALK9-M), Version 15.5(3)S5, RELEASE SOFTWARE (fc2) Technical Support: http://www.cisco.com/techsupport Copyright (c) 1986-2017 by Cisco Systems, Inc. Compiled Thu 19-Jan-17 09:17 by mcpre Cisco IOS-XE software, Copyright (c) 2005-2017 by cisco Systems, Inc. All rights reserved. Certain components of Cisco IOS-XE software are licensed under the GNU General Public License ("GPL") Version 2.0. The software code licensed under GPL Version 2.0 is free software that comes with ABSOLUTELY NO WARRANTY. You can redistribute and/or modify such GPL code under the terms of GPL Version 2.0. For more details, see the documentation or "License Notice" file accompanying the IOS-XE software, or the applicable URL provided on the flyer accompanying the IOS-XE software. ROM: IOS-XE ROMMON comm881-nat-aca01 uptime is 5 weeks, 6 days, 18 hours, 42 minutes Uptime for this control processor is 5 weeks, 6 days, 18 hours, 43 minutes System returned to ROM by reload at 22:35:38 EDT Thu May 25 2017 System restarted at 22:38:32 EDT Thu May 25 2017 System image file is "bootflash:asr1002x-universalk9.03.16.05.S.155-3.S5-ext.SPA.bin" Last reload reason: Reload Command This product contains cryptographic features and is subject to United States and local country laws governing import, export, transfer and use. Delivery of Cisco cryptographic products does not imply third-party authority to import, export, distribute or use encryption. Importers, exporters, distributors and users are responsible for compliance with U.S. and local country laws. By using this product you agree to comply with applicable laws and regulations. If you are unable to comply with U.S. and local laws, return this product immediately. A summary of U.S. laws governing Cisco cryptographic products may be found at: http://www.cisco.com/wwl/export/crypto/tool/stqrg.html If you require further assistance please contact us by sending email to export at cisco.com. License Level: advipservices License Type: Permanent Next reload license Level: advipservices cisco ASR1002-X (2RU-X) processor (revision 2KP) with 3728853K/6147K bytes of memory. Processor board ID FOX2008GH12 6 Gigabit Ethernet interfaces 32768K bytes of non-volatile configuration memory. 8388608K bytes of physical memory. 6684671K bytes of eUSB flash at bootflash:. Configuration register is 0x2102 ASR1002-X# -----Original Message----- From: heasley Date: Thursday, July 6, 2017 at 17:09 To: Weylin Piegorsch Cc: heasley , "rancid-discuss at shrubbery.net" Subject: Re: [rancid] IOS-XE dual-RE show version Thu, Jul 06, 2017 at 08:38:03PM +0000, Piegorsch, Weylin William: > Do you mean dual route processor? I?m not sure what an RE is. > weylin Yes, Routing Engine (junos terminology, i suppose). I have one; I wouldnt mind an example from a more recent version. > -----Original Message----- > From: heasley > Date: Thursday, July 6, 2017 at 12:01 > To: > Subject: [rancid] IOS-XE dual-RE show version > > If someone here happens to have an IOS-XE device with dual-REs, please send > the full output of 'show version' to me. feel free to obfuscate hostnames. > TIA > > > > From weylin at bu.edu Thu Jul 6 21:24:09 2017 From: weylin at bu.edu (Piegorsch, Weylin William) Date: Thu, 6 Jul 2017 21:24:09 +0000 Subject: [rancid] IOS-XE dual-RE show version In-Reply-To: <20170706210914.GA65251@shrubbery.net> References: <20170706160129.GG2617@shrubbery.net> <1D4289E2-758C-4ADB-855A-340DC9B64A45@bu.edu> <20170706210914.GA65251@shrubbery.net> Message-ID: <59B600F6-7DB1-4CA0-B9FE-C5B2EF560078@bu.edu> I can also share this. Weylin ISR4451-X#sh ver Cisco IOS XE Software, Version 03.13.06.S - Extended Support Release Cisco IOS Software, ISR Software (X86_64_LINUX_IOSD-UNIVERSALK9-M), Version 15.4(3)S6, RELEASE SOFTWARE (fc1) Technical Support: http://www.cisco.com/techsupport Copyright (c) 1986-2016 by Cisco Systems, Inc. Compiled Wed 03-Aug-16 23:27 by mcpre Cisco IOS-XE software, Copyright (c) 2005-2016 by cisco Systems, Inc. All rights reserved. Certain components of Cisco IOS-XE software are licensed under the GNU General Public License ("GPL") Version 2.0. The software code licensed under GPL Version 2.0 is free software that comes with ABSOLUTELY NO WARRANTY. You can redistribute and/or modify such GPL code under the terms of GPL Version 2.0. For more details, see the documentation or "License Notice" file accompanying the IOS-XE software, or the applicable URL provided on the flyer accompanying the IOS-XE software. ROM: IOS-XE ROMMON ISR4451-X uptime is 41 weeks, 11 hours, 16 minutes Uptime for this control processor is 41 weeks, 11 hours, 17 minutes System returned to ROM by reload at 06:04:00 EDT Thu Sep 22 2016 System restarted at 06:06:38 EDT Thu Sep 22 2016 System image file is "bootflash:isr4400-universalk9.03.13.06.S.154-3.S6-ext.SPA.bin" Last reload reason: Reload Command This product contains cryptographic features and is subject to United States and local country laws governing import, export, transfer and use. Delivery of Cisco cryptographic products does not imply third-party authority to import, export, distribute or use encryption. Importers, exporters, distributors and users are responsible for compliance with U.S. and local country laws. By using this product you agree to comply with applicable laws and regulations. If you are unable to comply with U.S. and local laws, return this product immediately. A summary of U.S. laws governing Cisco cryptographic products may be found at: http://www.cisco.com/wwl/export/crypto/tool/stqrg.html If you require further assistance please contact us by sending email to export at cisco.com. Technology Package License Information: ----------------------------------------------------------------- Technology Technology-package Technology-package Current Type Next reboot ------------------------------------------------------------------ appx None None None uc uck9 Permanent uck9 security securityk9 Permanent securityk9 ipbase ipbasek9 Permanent ipbasek9 cisco ISR4451-X/K9 (2RU) processor with 1686704K/6147K bytes of memory. Processor board ID FJC1933D10M 12 Gigabit Ethernet interfaces 2 Ten Gigabit Ethernet interfaces 72 Serial interfaces 8 Channelized T1/PRI ports 32768K bytes of non-volatile configuration memory. 4194304K bytes of physical memory. 7341807K bytes of flash memory at bootflash:. Configuration register is 0x2102 ISR4451-X# -----Original Message----- From: heasley Date: Thursday, July 6, 2017 at 17:09 To: Weylin Piegorsch Cc: heasley , "rancid-discuss at shrubbery.net" Subject: Re: [rancid] IOS-XE dual-RE show version Thu, Jul 06, 2017 at 08:38:03PM +0000, Piegorsch, Weylin William: > Do you mean dual route processor? I?m not sure what an RE is. > weylin Yes, Routing Engine (junos terminology, i suppose). I have one; I wouldnt mind an example from a more recent version. > -----Original Message----- > From: heasley > Date: Thursday, July 6, 2017 at 12:01 > To: > Subject: [rancid] IOS-XE dual-RE show version > > If someone here happens to have an IOS-XE device with dual-REs, please send > the full output of 'show version' to me. feel free to obfuscate hostnames. > TIA > > > > From David.Raymond at ca.ebarrette.com Fri Jul 7 14:42:34 2017 From: David.Raymond at ca.ebarrette.com (Raymond, David) Date: Fri, 7 Jul 2017 14:42:34 +0000 Subject: [rancid] backup IBM Flex switches Message-ID: <1CF7452C5294544D92F307FA283E5F91014B3C10AF@stjs-ca-ex01.barrette.wan> Hi, Does someone have try to backup IBM Flex switches ? I try to find out how can I get it done. thanks David -------------- next part -------------- An HTML attachment was scrubbed... URL: From allonon at gmail.com Sat Jul 8 04:45:32 2017 From: allonon at gmail.com (allonon) Date: Fri, 7 Jul 2017 21:45:32 -0700 Subject: [rancid] ignoring files in flash In-Reply-To: <20170701183950.GA94410@shrubbery.net> References: <20170701183950.GA94410@shrubbery.net> Message-ID: <3cfee83f-f409-8841-e305-5012d10838e6@gmail.com> Thanks, I actually had to apply the change to this line to accomplish what I wanted, but appreciate the pointer # Drop these files entirely. /\s+(private-multiple-fs|multiple-fs|LISP-MapCache-IPv\S+|nv_hdr)$/ && next; one of these days I'll need to update the scripts to the latest version On 7/1/17 11:39, heasley wrote: > > Index: CHANGES > =================================================================== > --- CHANGES (revision 3689) > +++ CHANGES (working copy) > @@ -1,4 +1,7 @@ > 3.99.99 > + ios.pm: filter config archive file names running-config-archive-*; no > + reasonable file name suggestion found in docs. > + > aeos.pm: filter unsaved config changes notification > > ios.pm: ignore size of throughput_monitor_params on XE - Emille Blanc > Index: lib/ios.pm.in > =================================================================== > --- lib/ios.pm.in (revision 3688) > +++ lib/ios.pm.in (working copy) > @@ -951,7 +951,7 @@ > # to: > # vlan.dat > # vlan.dat > - if (/(dhcp_[^. ]*\.txt|vlan\.dat|sflog|snooping|smart-log\/agentlog|syslog)\s*$/) { > + if (/(dhcp_[^. ]*\.txt|vlan\.dat|running-config-archive-\S+|sflog|snooping|smart-log\/agentlog|syslog)\s*$/) { > if (/(\s*\d+)(\s+[-rwx]+\s+)(\d+)(\s+)(\w+ \d+\s+\d+ \d+:\d+:\d+ .\d+:\d+)/) { > my($fn, $a, $sz, $c, $dt, $rem) = ($1, $2, $3, $4, $5, $'); > my($fnl, $szl, $dtl) = (length($fn), length($sz), length($dt)); > @@ -1061,7 +1061,7 @@ > # to: > # -rw- vlan.dat > # -rw- vlan.dat > - if (/(dhcp_[^. ]*\.txt|vlan\.dat|sflog|snooping|syslog)\s*$/) { > + if (/(dhcp_[^. ]*\.txt|vlan\.dat|running-config-archive-\S+|sflog|snooping|syslog)\s*$/) { > if (/(\s*\d+)(\s+\S+\s+)(\d+)(\s+)(\w+ \d+\s+\d+ \d+:\d+:\d+ .\d+:\d+)/) { > my($fn, $a, $sz, $c, $dt, $rem) = ($1, $2, $3, $4, $5, $'); > my($fnl, $szl, $dtl) = (length($fn), length($sz), length($dt)); > From bipinsharma091 at gmail.com Sat Jul 8 17:02:38 2017 From: bipinsharma091 at gmail.com (Bipin Sharma) Date: Sat, 8 Jul 2017 22:47:38 +0545 Subject: [rancid] Need Help Message-ID: Hi there, I have configured rancid 2.3.8 and viewvc to view cvs file on my enterprise network but while getting the configs it shows the error. i.e switch1.x.x.x: missed cmd(s): show chassis alarms,show chassis hardware detail,show system license,show chassis scb,show chassis feb,show chassis routing-engine,show chassis firmware,show version detail,show chassis feb detail,show configuration,show system boot-messages,show chassis cfeb,show chassis clocks,show chassis sfm detail,show chassis ssb,show chassis fpc detail,show chassis environment,show system core-dumps switch1.x.x.x: End of run not found I even tried to rancid -d after that i get half configuration i.e !RANCID-CONTENT-TYPE: cisco ! !Chassis type: WS-C2960CPD-8PT-L - a 2900XL switch !CPU: PowerPC405 ! !Memory: main 131072K !Serial Number: FOC1745Y2SP !Model revision number : C0 !Model number : WS-C2960CPD-8PT-L !Motherboard assembly number : 73-12988-06 !Motherboard serial number : FOC17448QAT !Motherboard revision number : A0 ! !Processor ID: FOC1745Y2SP ! !Power: Power Source Type Power(w) Mode ! !Image: Software: C2960c405-UNIVERSALK9-M, 12.2(55)EX2, RELEASE SOFTWARE (fc1) !Image: Compiled: Wed 18-May-11 13:53 by prod_rel_team !Image: flash:/c2960c405-universalk9-mz.122-55.EX2/c2960c405-universalk9-mz.122-55.EX2.bin ! !BOOTLDR: Version 12.2(55r)EX4, RELEASE SOFTWARE (fc1) ! ! !Variable: BOOT path-list : flash:/c2960c405-universalk9-mz.122-55.EX2/c2960c405-universalk9-mz.122-55.EX2.bin !Variable: Config file : flash:/config.text !Variable: Private Config file : flash:/private-config.text !Variable: Enable Break : no !Variable: Manual Boot : no !Variable: HELPER path-list : !Variable: Auto upgrade : yes !Variable: Auto upgrade path : !Variable: NVRAM/Config file !Variable: buffer size: 65536 !Variable: Timeout for Config !Variable: Download: 0 seconds !Variable: Config Download !Variable: via DHCP: disabled (next boot: disabled) ! !Flash: Directory of flash:/ !Flash: 4 -rwx 3576 Mar 9 1993 23:32:09 +00:00 config.text !Flash: 5 -rwx 1915 Mar 9 1993 23:32:09 +00:00 private-config.text !Flash: 6 drwx 512 Mar 1 1993 00:14:41 +00:00 c2960c405-universalk9-mz.122-55.EX2 !Flash: 59996160 bytes total (45029376 bytes free) ! !Flash: nvram: Directory of nvram:/ !Flash: nvram: 57 -rw- 3576 startup-config !Flash: nvram: 58 ---- 1915 private-config !Flash: nvram: 1 ---- 35 persistent-data !Flash: nvram: 2 -rw- 0 ifIndex-table !Flash: nvram: 3 -rw- 597 IOS-Self-Sig#3838.cer !Flash: nvram: 65536 bytes total (56921 bytes free) ! ! !NAME: "1", DESCR: "WS-C2960CPD-8PT-L" !PID: WS-C2960CPD-8PT-L !VID: V01 !SN: FOC1745Y2SP !NAME: "WS-C2960CPD-8PT-L - Sensor 0", DESCR: "WS-C2960CPD-8PT-L - Sensor 0" !NAME: "WS-C2960CPD-8PT-L - Fixed Module 0", DESCR: "WS-C2960CPD-8PT-L - Fixed Module 0" !NAME: "FastEthernet0/1", DESCR: "FastEthernet0/1" !NAME: "FastEthernet0/2", DESCR: "FastEthernet0/2" !NAME: "FastEthernet0/3", DESCR: "FastEthernet0/3" !NAME: "FastEthernet0/4", DESCR: "FastEthernet0/4" !NAME: "FastEthernet0/5", DESCR: "FastEthernet0/5" !NAME: "FastEthernet0/6", DESCR: "FastEthernet0/6" !NAME: "FastEthernet0/7", DESCR: "FastEthernet0/7" !NAME: "FastEthernet0/8", DESCR: "FastEthernet0/8" !NAME: "GigabitEthernet0/1", DESCR: "GigabitEthernet0/1" !NAME: "GigabitEthernet0/2", DESCR: "GigabitEthernet0/2" ! !VTP: VTP Version capable : 1 to 3 !VTP: VTP version running : 1 !VTP: VTP Domain Name : !VTP: VTP Pruning Mode : Disabled !VTP: VTP Traps Generation : Disabled !VTP: Device ID : 5ca4.8a5f.8980 !VTP: Local updater ID is 172.22.8.76 on interface Vl63 (lowest numbered VLAN interface found) !VTP: Feature VLAN: !VTP: -------------- !VTP: VTP Operating Mode : Server !VTP: Maximum VLANs supported locally : 255 !VTP: Number of existing VLANs : 7 !VTP: Configuration Revision : 2 !VTP: MD5 digest : 0x72 0xEB 0x10 0xEA 0x47 0x2B 0x07 0xE1 !VTP: 0x6A 0x8D 0xD2 0x9E 0x4A 0x99 0x42 0x5C ! !VLAN: VLAN Name Status Ports !VLAN: ---- -------------------------------- --------- ------------------------------- !VLAN: 1 default active Gi0/1, Gi0/2 !VLAN: 63 ***mgmt_vlan*** active Fa0/8 !VLAN: 748 soalti_nas1_atarkhel active Fa0/2, Fa0/3, Fa0/4, Fa0/5, Fa0/6, Fa0/7 !VLAN: 1002 fddi-default act/unsup !VLAN: 1003 token-ring-default act/unsup !VLAN: 1004 fddinet-default act/unsup !VLAN: 1005 trnet-default act/unsup !VLAN: VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2 !VLAN: ---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------ !VLAN: 1 enet 100001 1500 - - - - - 0 0 !VLAN: 63 enet 100063 1500 - - - - - 0 0 !VLAN: 748 enet 100748 1500 - - - - - 0 0 !VLAN: 1002 fddi 101002 1500 - - - - - 0 0 !VLAN: 1003 tr 101003 1500 - - - - - 0 0 !VLAN: 1004 fdnet 101004 1500 - - - ieee - 0 0 !VLAN: 1005 trnet 101005 1500 - - - ibm - 0 0 !VLAN: Remote SPAN VLANs !VLAN: ------------------------------------------------------------------------------ !VLAN: Primary Secondary Type Ports !VLAN: ------- --------- ----------------- ------------------------------------------ ! So Please help me to over come this error.. I have tried almost every thing to fix this bug but i failed in every way.. Hope you guys would help me and suggest me to work out.. regards. -------------- next part -------------- An HTML attachment was scrubbed... URL: From bipinsharma091 at gmail.com Sun Jul 9 07:38:15 2017 From: bipinsharma091 at gmail.com (Bipin Sharma) Date: Sun, 9 Jul 2017 13:23:15 +0545 Subject: [rancid] Need Help In-Reply-To: References: Message-ID: Any one Please help me on this isseu.. san-sw1.subisu.net.np: missed cmd(s): show running-config view full,write term,show running-configsan-sw1.subisu.net.np: missed cmd(s): show running-config view full,write term,show running-config On Sat, Jul 8, 2017 at 10:47 PM, Bipin Sharma wrote: > Hi there, > > > I have configured rancid 2.3.8 and viewvc to view cvs file on my > enterprise network but while getting the configs it shows the error. i.e > > switch1.x.x.x: missed cmd(s): show chassis alarms,show chassis hardware > detail,show system license,show chassis scb,show chassis feb,show chassis > routing-engine,show chassis firmware,show version detail,show chassis feb > detail,show configuration,show system boot-messages,show chassis cfeb,show > chassis clocks,show chassis sfm detail,show chassis ssb,show chassis fpc > detail,show chassis environment,show system core-dumps > switch1.x.x.x: End of run not found > > > I even tried to rancid -d after that i get half > configuration i.e > > !RANCID-CONTENT-TYPE: cisco > ! > !Chassis type: WS-C2960CPD-8PT-L - a 2900XL switch > !CPU: PowerPC405 > ! > !Memory: main 131072K > !Serial Number: FOC1745Y2SP > !Model revision number : C0 > !Model number : WS-C2960CPD-8PT-L > !Motherboard assembly number : 73-12988-06 > !Motherboard serial number : FOC17448QAT > !Motherboard revision number : A0 > ! > !Processor ID: FOC1745Y2SP > ! > !Power: Power Source Type Power(w) Mode > ! > !Image: Software: C2960c405-UNIVERSALK9-M, 12.2(55)EX2, RELEASE SOFTWARE > (fc1) > !Image: Compiled: Wed 18-May-11 13:53 by prod_rel_team > !Image: flash:/c2960c405-universalk9-mz.122-55.EX2/c2960c405-universalk9-mz.122-55.EX2.bin > > ! > !BOOTLDR: Version 12.2(55r)EX4, RELEASE SOFTWARE (fc1) > ! > ! > !Variable: BOOT path-list : flash:/c2960c405-universalk9- > mz.122-55.EX2/c2960c405-universalk9-mz.122-55.EX2.bin > !Variable: Config file : flash:/config.text > !Variable: Private Config file : flash:/private-config.text > !Variable: Enable Break : no > !Variable: Manual Boot : no > !Variable: HELPER path-list : > !Variable: Auto upgrade : yes > !Variable: Auto upgrade path : > !Variable: NVRAM/Config file > !Variable: buffer size: 65536 > !Variable: Timeout for Config > !Variable: Download: 0 seconds > !Variable: Config Download > !Variable: via DHCP: disabled (next boot: disabled) > ! > !Flash: Directory of flash:/ > !Flash: 4 -rwx 3576 Mar 9 1993 23:32:09 +00:00 config.text > !Flash: 5 -rwx 1915 Mar 9 1993 23:32:09 +00:00 > private-config.text > !Flash: 6 drwx 512 Mar 1 1993 00:14:41 +00:00 > c2960c405-universalk9-mz.122-55.EX2 > !Flash: 59996160 bytes total (45029376 bytes free) > ! > !Flash: nvram: Directory of nvram:/ > !Flash: nvram: 57 -rw- 3576 > startup-config > !Flash: nvram: 58 ---- 1915 > private-config > !Flash: nvram: 1 ---- 35 > persistent-data > !Flash: nvram: 2 -rw- 0 > ifIndex-table > !Flash: nvram: 3 -rw- 597 > IOS-Self-Sig#3838.cer > !Flash: nvram: 65536 bytes total (56921 bytes free) > ! > ! > !NAME: "1", DESCR: "WS-C2960CPD-8PT-L" > !PID: WS-C2960CPD-8PT-L > !VID: V01 > !SN: FOC1745Y2SP > !NAME: "WS-C2960CPD-8PT-L - Sensor 0", DESCR: "WS-C2960CPD-8PT-L - Sensor > 0" > !NAME: "WS-C2960CPD-8PT-L - Fixed Module 0", DESCR: "WS-C2960CPD-8PT-L - > Fixed Module 0" > !NAME: "FastEthernet0/1", DESCR: "FastEthernet0/1" > !NAME: "FastEthernet0/2", DESCR: "FastEthernet0/2" > !NAME: "FastEthernet0/3", DESCR: "FastEthernet0/3" > !NAME: "FastEthernet0/4", DESCR: "FastEthernet0/4" > !NAME: "FastEthernet0/5", DESCR: "FastEthernet0/5" > !NAME: "FastEthernet0/6", DESCR: "FastEthernet0/6" > !NAME: "FastEthernet0/7", DESCR: "FastEthernet0/7" > !NAME: "FastEthernet0/8", DESCR: "FastEthernet0/8" > !NAME: "GigabitEthernet0/1", DESCR: "GigabitEthernet0/1" > !NAME: "GigabitEthernet0/2", DESCR: "GigabitEthernet0/2" > ! > !VTP: VTP Version capable : 1 to 3 > !VTP: VTP version running : 1 > !VTP: VTP Domain Name : > !VTP: VTP Pruning Mode : Disabled > !VTP: VTP Traps Generation : Disabled > !VTP: Device ID : 5ca4.8a5f.8980 > !VTP: Local updater ID is 172.22.8.76 on interface Vl63 (lowest numbered > VLAN interface found) > !VTP: Feature VLAN: > !VTP: -------------- > !VTP: VTP Operating Mode : Server > !VTP: Maximum VLANs supported locally : 255 > !VTP: Number of existing VLANs : 7 > !VTP: Configuration Revision : 2 > !VTP: MD5 digest : 0x72 0xEB 0x10 0xEA 0x47 0x2B > 0x07 0xE1 > !VTP: 0x6A 0x8D 0xD2 0x9E 0x4A 0x99 > 0x42 0x5C > ! > !VLAN: VLAN Name Status Ports > !VLAN: ---- -------------------------------- --------- > ------------------------------- > !VLAN: 1 default active Gi0/1, Gi0/2 > !VLAN: 63 ***mgmt_vlan*** active Fa0/8 > !VLAN: 748 soalti_nas1_atarkhel active Fa0/2, Fa0/3, > Fa0/4, Fa0/5, Fa0/6, Fa0/7 > !VLAN: 1002 fddi-default act/unsup > !VLAN: 1003 token-ring-default act/unsup > !VLAN: 1004 fddinet-default act/unsup > !VLAN: 1005 trnet-default act/unsup > !VLAN: VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode > Trans1 Trans2 > !VLAN: ---- ----- ---------- ----- ------ ------ -------- ---- -------- > ------ ------ > !VLAN: 1 enet 100001 1500 - - - - - > 0 0 > !VLAN: 63 enet 100063 1500 - - - - - > 0 0 > !VLAN: 748 enet 100748 1500 - - - - - > 0 0 > !VLAN: 1002 fddi 101002 1500 - - - - - > 0 0 > !VLAN: 1003 tr 101003 1500 - - - - - > 0 0 > !VLAN: 1004 fdnet 101004 1500 - - - ieee - > 0 0 > !VLAN: 1005 trnet 101005 1500 - - - ibm - > 0 0 > !VLAN: Remote SPAN VLANs > !VLAN: ------------------------------------------------------------------------------ > > !VLAN: Primary Secondary Type Ports > !VLAN: ------- --------- ----------------- ------------------------------------------ > > ! > > > > So Please help me to over come this error.. I have tried almost every > thing to fix this bug but i failed in every way.. Hope you guys would help > me and suggest me to work out.. > > > regards. > -------------- next part -------------- An HTML attachment was scrubbed... URL: From heas at shrubbery.net Sun Jul 9 21:16:53 2017 From: heas at shrubbery.net (Heasley) Date: Sun, 9 Jul 2017 14:16:53 -0700 Subject: [rancid] Need Help In-Reply-To: References: Message-ID: > Am 09.07.2017 um 00:38 schrieb Bipin Sharma : > > Any one Please help me on this isseu.. > Sorry, 2.3.8 is no longer supported. Please upgrade. > > san-sw1.subisu.net.np: missed cmd(s): show running-config view full,write term,show running-configsan-sw1.subisu.net.np: missed cmd(s): show running-config view full,write term,show running-config > >> On Sat, Jul 8, 2017 at 10:47 PM, Bipin Sharma wrote: >> Hi there, >> >> >> I have configured rancid 2.3.8 and viewvc to view cvs file on my enterprise network but while getting the configs it shows the error. i.e >> >> switch1.x.x.x: missed cmd(s): show chassis alarms,show chassis hardware detail,show system license,show chassis scb,show chassis feb,show chassis routing-engine,show chassis firmware,show version detail,show chassis feb detail,show configuration,show system boot-messages,show chassis cfeb,show chassis clocks,show chassis sfm detail,show chassis ssb,show chassis fpc detail,show chassis environment,show system core-dumps >> switch1.x.x.x: End of run not found >> >> >> I even tried to rancid -d after that i get half configuration i.e >> >> !RANCID-CONTENT-TYPE: cisco >> ! >> !Chassis type: WS-C2960CPD-8PT-L - a 2900XL switch >> !CPU: PowerPC405 >> ! >> !Memory: main 131072K >> !Serial Number: FOC1745Y2SP >> !Model revision number : C0 >> !Model number : WS-C2960CPD-8PT-L >> !Motherboard assembly number : 73-12988-06 >> !Motherboard serial number : FOC17448QAT >> !Motherboard revision number : A0 >> ! >> !Processor ID: FOC1745Y2SP >> ! >> !Power: Power Source Type Power(w) Mode >> ! >> !Image: Software: C2960c405-UNIVERSALK9-M, 12.2(55)EX2, RELEASE SOFTWARE (fc1) >> !Image: Compiled: Wed 18-May-11 13:53 by prod_rel_team >> !Image: flash:/c2960c405-universalk9-mz.122-55.EX2/c2960c405-universalk9-mz.122-55.EX2.bin >> ! >> !BOOTLDR: Version 12.2(55r)EX4, RELEASE SOFTWARE (fc1) >> ! >> ! >> !Variable: BOOT path-list : flash:/c2960c405-universalk9-mz.122-55.EX2/c2960c405-universalk9-mz.122-55.EX2.bin >> !Variable: Config file : flash:/config.text >> !Variable: Private Config file : flash:/private-config.text >> !Variable: Enable Break : no >> !Variable: Manual Boot : no >> !Variable: HELPER path-list : >> !Variable: Auto upgrade : yes >> !Variable: Auto upgrade path : >> !Variable: NVRAM/Config file >> !Variable: buffer size: 65536 >> !Variable: Timeout for Config >> !Variable: Download: 0 seconds >> !Variable: Config Download >> !Variable: via DHCP: disabled (next boot: disabled) >> ! >> !Flash: Directory of flash:/ >> !Flash: 4 -rwx 3576 Mar 9 1993 23:32:09 +00:00 config.text >> !Flash: 5 -rwx 1915 Mar 9 1993 23:32:09 +00:00 private-config.text >> !Flash: 6 drwx 512 Mar 1 1993 00:14:41 +00:00 c2960c405-universalk9-mz.122-55.EX2 >> !Flash: 59996160 bytes total (45029376 bytes free) >> ! >> !Flash: nvram: Directory of nvram:/ >> !Flash: nvram: 57 -rw- 3576 startup-config >> !Flash: nvram: 58 ---- 1915 private-config >> !Flash: nvram: 1 ---- 35 persistent-data >> !Flash: nvram: 2 -rw- 0 ifIndex-table >> !Flash: nvram: 3 -rw- 597 IOS-Self-Sig#3838.cer >> !Flash: nvram: 65536 bytes total (56921 bytes free) >> ! >> ! >> !NAME: "1", DESCR: "WS-C2960CPD-8PT-L" >> !PID: WS-C2960CPD-8PT-L >> !VID: V01 >> !SN: FOC1745Y2SP >> !NAME: "WS-C2960CPD-8PT-L - Sensor 0", DESCR: "WS-C2960CPD-8PT-L - Sensor 0" >> !NAME: "WS-C2960CPD-8PT-L - Fixed Module 0", DESCR: "WS-C2960CPD-8PT-L - Fixed Module 0" >> !NAME: "FastEthernet0/1", DESCR: "FastEthernet0/1" >> !NAME: "FastEthernet0/2", DESCR: "FastEthernet0/2" >> !NAME: "FastEthernet0/3", DESCR: "FastEthernet0/3" >> !NAME: "FastEthernet0/4", DESCR: "FastEthernet0/4" >> !NAME: "FastEthernet0/5", DESCR: "FastEthernet0/5" >> !NAME: "FastEthernet0/6", DESCR: "FastEthernet0/6" >> !NAME: "FastEthernet0/7", DESCR: "FastEthernet0/7" >> !NAME: "FastEthernet0/8", DESCR: "FastEthernet0/8" >> !NAME: "GigabitEthernet0/1", DESCR: "GigabitEthernet0/1" >> !NAME: "GigabitEthernet0/2", DESCR: "GigabitEthernet0/2" >> ! >> !VTP: VTP Version capable : 1 to 3 >> !VTP: VTP version running : 1 >> !VTP: VTP Domain Name : >> !VTP: VTP Pruning Mode : Disabled >> !VTP: VTP Traps Generation : Disabled >> !VTP: Device ID : 5ca4.8a5f.8980 >> !VTP: Local updater ID is 172.22.8.76 on interface Vl63 (lowest numbered VLAN interface found) >> !VTP: Feature VLAN: >> !VTP: -------------- >> !VTP: VTP Operating Mode : Server >> !VTP: Maximum VLANs supported locally : 255 >> !VTP: Number of existing VLANs : 7 >> !VTP: Configuration Revision : 2 >> !VTP: MD5 digest : 0x72 0xEB 0x10 0xEA 0x47 0x2B 0x07 0xE1 >> !VTP: 0x6A 0x8D 0xD2 0x9E 0x4A 0x99 0x42 0x5C >> ! >> !VLAN: VLAN Name Status Ports >> !VLAN: ---- -------------------------------- --------- ------------------------------- >> !VLAN: 1 default active Gi0/1, Gi0/2 >> !VLAN: 63 ***mgmt_vlan*** active Fa0/8 >> !VLAN: 748 soalti_nas1_atarkhel active Fa0/2, Fa0/3, Fa0/4, Fa0/5, Fa0/6, Fa0/7 >> !VLAN: 1002 fddi-default act/unsup >> !VLAN: 1003 token-ring-default act/unsup >> !VLAN: 1004 fddinet-default act/unsup >> !VLAN: 1005 trnet-default act/unsup >> !VLAN: VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2 >> !VLAN: ---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------ >> !VLAN: 1 enet 100001 1500 - - - - - 0 0 >> !VLAN: 63 enet 100063 1500 - - - - - 0 0 >> !VLAN: 748 enet 100748 1500 - - - - - 0 0 >> !VLAN: 1002 fddi 101002 1500 - - - - - 0 0 >> !VLAN: 1003 tr 101003 1500 - - - - - 0 0 >> !VLAN: 1004 fdnet 101004 1500 - - - ieee - 0 0 >> !VLAN: 1005 trnet 101005 1500 - - - ibm - 0 0 >> !VLAN: Remote SPAN VLANs >> !VLAN: ------------------------------------------------------------------------------ >> !VLAN: Primary Secondary Type Ports >> !VLAN: ------- --------- ----------------- ------------------------------------------ >> ! >> >> >> >> So Please help me to over come this error.. I have tried almost every thing to fix this bug but i failed in every way.. Hope you guys would help me and suggest me to work out.. >> >> >> regards. > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss -------------- next part -------------- An HTML attachment was scrubbed... URL: From tsimban at mail.ru Tue Jul 11 08:55:18 2017 From: tsimban at mail.ru (=?UTF-8?B?0JrQvtC70Y8=?=) Date: Tue, 11 Jul 2017 11:55:18 +0300 Subject: [rancid] =?utf-8?q?Rancid_script__for_F5_BIG-IP_version_12?= Message-ID: <1499763318.313008809@f42.i.mail.ru> Hello! I've use RANCID version 2.3.8 for backuping network devices, everything works with Cisco devices. Recently we added new devices F5 BIG-IP with ?OS version 12.0. In rancid we have script for F5 - "f5rancid", but there is syntax for oldest OS version - 10 (bigpipe), but it doesn't work with version 12.1.1 . I found in internet some information and tried add it(see below) in current old script - "f5rancid"?, but it doesn't work: @commandtable = ( # {'bigpipe version' => 'ShowVersion'}, # {'bigpipe platform' => 'ShowPlatform'}, # {'cat /config/bigip.license' => 'ShowLicense'}, # {'bigpipe monitor list all' => 'ShowMonitor'}, # {'bigpipe profile list' => 'ShowProfile'}, # {'bigpipe base list' => 'ShowBaseRun'}, # {'bigpipe db show' => 'ShowDb'}, # {'bigpipe route static show' => 'ShowRouteStatic'}, # {'ls --full-time --color=never /config/ssl/ssl.crt' => 'ShowSslCrt'}, # {'ls --full-time --color=never /config/ssl/ssl.key' => 'ShowSslKey'}, # {'bigpipe list' => 'WriteTerm'}, {'show sys version' => 'ShowVersion'}, {'show sys hardware' => 'ShowHardware'}, {'show sys license' => 'ShowLicense'}, {'show net route static' => 'ShowRouteStatic'}, # {'ls --full-time --color=never /config/ssl/ssl.crt' => 'ShowSslCrt'}, # {'ls --full-time --color=never /config/ssl/ssl.key' => 'ShowSslKey'}, {'tmsh -q list' => 'WriteTermTMSH'}, ); QUESTION: Could you help me to create new script for os vesrion ?12.1.1 (tmos) or just modify the current old script? How can I fix this issue? Thank you for help! ? -------------- next part -------------- An HTML attachment was scrubbed... URL: From heas at shrubbery.net Tue Jul 11 09:22:20 2017 From: heas at shrubbery.net (heasley) Date: Tue, 11 Jul 2017 09:22:20 +0000 Subject: [rancid] Rancid script for F5 BIG-IP version 12 In-Reply-To: <1499763318.313008809@f42.i.mail.ru> References: <1499763318.313008809@f42.i.mail.ru> Message-ID: <20170711092220.GF11729@shrubbery.net> Tue, Jul 11, 2017 at 11:55:18AM +0300, ????: > > Hello! > > I've use RANCID version 2.3.8 for backuping network devices, everything works with Cisco devices. > Recently we added new devices F5 BIG-IP with ?OS version 12.0. > In rancid we have script for F5 - "f5rancid", but there is syntax for oldest OS version - 10 (bigpipe), but it doesn't work with version 12.1.1 . > > I found in internet some information and tried add it(see below) in current old script - "f5rancid"?, but it doesn't work: > > @commandtable = ( > # {'bigpipe version' => 'ShowVersion'}, > # {'bigpipe platform' => 'ShowPlatform'}, > # {'cat /config/bigip.license' => 'ShowLicense'}, > # {'bigpipe monitor list all' => 'ShowMonitor'}, > # {'bigpipe profile list' => 'ShowProfile'}, > # {'bigpipe base list' => 'ShowBaseRun'}, > # {'bigpipe db show' => 'ShowDb'}, > # {'bigpipe route static show' => 'ShowRouteStatic'}, > # {'ls --full-time --color=never /config/ssl/ssl.crt' => 'ShowSslCrt'}, > # {'ls --full-time --color=never /config/ssl/ssl.key' => 'ShowSslKey'}, > # {'bigpipe list' => 'WriteTerm'}, > {'show sys version' => 'ShowVersion'}, > {'show sys hardware' => 'ShowHardware'}, > {'show sys license' => 'ShowLicense'}, > {'show net route static' => 'ShowRouteStatic'}, > # {'ls --full-time --color=never /config/ssl/ssl.crt' => 'ShowSslCrt'}, > # {'ls --full-time --color=never /config/ssl/ssl.key' => 'ShowSslKey'}, > {'tmsh -q list' => 'WriteTermTMSH'}, > > ); > > > > > QUESTION: Could you help me to create new script for os vesrion ?12.1.1 (tmos) or just modify the current old script? > How can I fix this issue? > > Thank you for help! Sorry, rancid 2.3.8 is no longer supported. Please upgrade 3.x; and I recommend the current alpha version. From tsimban at mail.ru Tue Jul 11 11:09:17 2017 From: tsimban at mail.ru (=?UTF-8?B?0JrQvtC70Y8=?=) Date: Tue, 11 Jul 2017 14:09:17 +0300 Subject: [rancid] =?utf-8?q?Rancid_script__for_F5_BIG-IP_version_12?= In-Reply-To: <20170711092220.GF11729@shrubbery.net> References: <1499763318.313008809@f42.i.mail.ru> <20170711092220.GF11729@shrubbery.net> Message-ID: <1499771357.178317130@f396.i.mail.ru> Thank you!? What is ?current alpha version? ?You mean just upgrade current 2.3.8 to version 3.x? ?And not install ?clear?new version 3.x? Am I right? >???????, 11 ???? 2017, 12:22 +03:00 ?? heasley : > >Tue, Jul 11, 2017 at 11:55:18AM +0300, ????: >> >> Hello! >> >> I've use RANCID version 2.3.8 for backuping network devices, everything works with Cisco devices. >> Recently we added new devices F5 BIG-IP with ?OS version 12.0. >> In rancid we have script for F5 - "f5rancid", but there is syntax for oldest OS version - 10 (bigpipe), but it doesn't work with version 12.1.1 . >> >> I found in internet some information and tried add it(see below) in current old script - "f5rancid"?, but it doesn't work: >> >> @commandtable = ( >> # {'bigpipe version' => 'ShowVersion'}, >> # {'bigpipe platform' => 'ShowPlatform'}, >> # {'cat /config/bigip.license' => 'ShowLicense'}, >> # {'bigpipe monitor list all' => 'ShowMonitor'}, >> # {'bigpipe profile list' => 'ShowProfile'}, >> # {'bigpipe base list' => 'ShowBaseRun'}, >> # {'bigpipe db show' => 'ShowDb'}, >> # {'bigpipe route static show' => 'ShowRouteStatic'}, >> # {'ls --full-time --color=never /config/ssl/ssl.crt' => 'ShowSslCrt'}, >> # {'ls --full-time --color=never /config/ssl/ssl.key' => 'ShowSslKey'}, >> # {'bigpipe list' => 'WriteTerm'}, >> {'show sys version' => 'ShowVersion'}, >> {'show sys hardware' => 'ShowHardware'}, >> {'show sys license' => 'ShowLicense'}, >> {'show net route static' => 'ShowRouteStatic'}, >> # {'ls --full-time --color=never /config/ssl/ssl.crt' => 'ShowSslCrt'}, >> # {'ls --full-time --color=never /config/ssl/ssl.key' => 'ShowSslKey'}, >> {'tmsh -q list' => 'WriteTermTMSH'}, >> >> ); >> >> >> >> >> QUESTION: Could you help me to create new script for os vesrion ?12.1.1 (tmos) or just modify the current old script? >> How can I fix this issue? >> >> Thank you for help! > >Sorry, rancid 2.3.8 is no longer supported. Please upgrade 3.x; and I >recommend the current alpha version. -- ??????? ???????? -------------- next part -------------- An HTML attachment was scrubbed... URL: From cgauthier at comscore.com Tue Jul 11 15:11:53 2017 From: cgauthier at comscore.com (Gauthier, Chris) Date: Tue, 11 Jul 2017 15:11:53 +0000 Subject: [rancid] NX-OS and colorized prompts Message-ID: <7FC9AC73-4412-4C51-A895-09EA3674AA75@comscore.com> In trying to get my Nexus switches working, I discovered a problem. The colorized prompts on the Nexus switches use ANSI Escape codes. This totally trips out rancid and causes it to miss commands. I verified by turning off the colorization manually that is the issue. I copied the cisco-nx and renamed it in my rancid.types.conf file and added cisco-nx5600-9000;command;rancid::RunCommand;no term color right before the line cisco-nx5600-9000;command;rancid::RunCommand;term no monitor Rancid timed out after the ?no term color? command executed and changed the prompt. Suggestions on how to remedy this within rancid? --Chris Chris GauthierSenior Network Engineer | comScore, Inc. o +1 503-331-2704cgauthier at comscore.com 317 SW Alder St, Suite 500 | Portland | OR97204 ............................................................................................................................................................................................................................ -------------- next part -------------- An HTML attachment was scrubbed... URL: From heas at shrubbery.net Tue Jul 11 15:28:50 2017 From: heas at shrubbery.net (heasley) Date: Tue, 11 Jul 2017 15:28:50 +0000 Subject: [rancid] NX-OS and colorized prompts In-Reply-To: <7FC9AC73-4412-4C51-A895-09EA3674AA75@comscore.com> References: <7FC9AC73-4412-4C51-A895-09EA3674AA75@comscore.com> Message-ID: <20170711152850.GM11729@shrubbery.net> Tue, Jul 11, 2017 at 03:11:53PM +0000, Gauthier, Chris: > In trying to get my Nexus switches working, I discovered a problem. The colorized prompts on the Nexus switches use ANSI Escape codes. This totally trips out rancid and causes it to miss commands. I verified by turning off the colorization manually that is the issue. I copied the cisco-nx and renamed it in my rancid.types.conf file and added > > cisco-nx5600-9000;command;rancid::RunCommand;no term color > > right before the line > > cisco-nx5600-9000;command;rancid::RunCommand;term no monitor > > Rancid timed out after the ?no term color? command executed and changed the prompt. Suggestions on how to remedy this within rancid? hold on while i curse for 20 minutes. seriously cisco, what is the utility of this. can you disable it by default in the config? Maybe setting a non-color- supporting TERM would work? From cgauthier at comscore.com Tue Jul 11 17:01:08 2017 From: cgauthier at comscore.com (Gauthier, Chris) Date: Tue, 11 Jul 2017 17:01:08 +0000 Subject: [rancid] NX-OS and colorized prompts In-Reply-To: <20170711152850.GM11729@shrubbery.net> References: <7FC9AC73-4412-4C51-A895-09EA3674AA75@comscore.com> <20170711152850.GM11729@shrubbery.net> Message-ID: <99D06A99-F932-4758-B574-0FD263F14B7D@comscore.com> Chris GauthierSenior Network Engineer | comScore, Inc. o +1 503-331-2704cgauthier at comscore.com 317 SW Alder St, Suite 500 | Portland | OR97204 ............................................................................................................................................................................................................................ -----Original Message----- From: heasley Date: Tuesday, July 11, 2017 at 8:28 AM To: "Gauthier, Chris" Cc: "rancid-discuss at shrubbery.net" Subject: Re: [rancid] NX-OS and colorized prompts Tue, Jul 11, 2017 at 03:11:53PM +0000, Gauthier, Chris: > In trying to get my Nexus switches working, I discovered a problem. The colorized prompts on the Nexus switches use ANSI Escape codes. This totally trips out rancid and causes it to miss commands. I verified by turning off the colorization manually that is the issue. I copied the cisco-nx and renamed it in my rancid.types.conf file and added > > cisco-nx5600-9000;command;rancid::RunCommand;no term color > > right before the line > > cisco-nx5600-9000;command;rancid::RunCommand;term no monitor > > Rancid timed out after the ?no term color? command executed and changed the prompt. Suggestions on how to remedy this within rancid? hold on while i curse for 20 minutes. seriously cisco, what is the utility of this. can you disable it by default in the config? Maybe setting a non-color- supporting TERM would work? It?s disabled by default, but, I do believe rancid should be able to work through this. Btw, I?m running 3.6.2. It?s also an easy to fix on a per-session basis by executing the ?no term color? command, which I tried. I suspect the changed prompt threw off rancid since it didn?t match what it saw before. The testing account I am using happens to have it turned on all the time because humans use it and it?s useful. --Chris -------------- next part -------------- An HTML attachment was scrubbed... URL: From weylin at bu.edu Tue Jul 11 20:32:48 2017 From: weylin at bu.edu (Piegorsch, Weylin William) Date: Tue, 11 Jul 2017 20:32:48 +0000 Subject: [rancid] NX-OS and colorized prompts In-Reply-To: <20170711152850.GM11729@shrubbery.net> References: <7FC9AC73-4412-4C51-A895-09EA3674AA75@comscore.com> <20170711152850.GM11729@shrubbery.net> Message-ID: <45366CCC-FAC6-4ABF-B5E0-CA7F6EF96C38@bu.edu> As Chris mentioned, the colorization s disabled by default. But, the command ?term color persist? will add an entry into a per-user .rc file, which is executed upon login and stored in the bootflash: (you can also manually add additional entries into this file via ?echo foo >> bootflash:///user.rc?, I make extensive use of that for my login to build the CLI environment I prefer). Assuming rancid logs in with the credentials of a service account rather than the credentials of a ?real? user, this should not be an issue. As for ?what is the utility? ? I?ve found this to be highly useful to breakup the output into easily-recognizable blocks, making the output more pleasing to the (er, ?my?) eyes while also making it quicker to read. It?s akin to IDEs that colorize software code. Though... I seem to be the only one on my team that likes it. weylin -----Original Message----- From: heasley Date: Tuesday, July 11, 2017 at 11:28 To: "Gauthier, Chris" Cc: "rancid-discuss at shrubbery.net" Subject: Re: [rancid] NX-OS and colorized prompts Tue, Jul 11, 2017 at 03:11:53PM +0000, Gauthier, Chris: > In trying to get my Nexus switches working, I discovered a problem. The colorized prompts on the Nexus switches use ANSI Escape codes. This totally trips out rancid and causes it to miss commands. I verified by turning off the colorization manually that is the issue. I copied the cisco-nx and renamed it in my rancid.types.conf file and added > > cisco-nx5600-9000;command;rancid::RunCommand;no term color > > right before the line > > cisco-nx5600-9000;command;rancid::RunCommand;term no monitor > > Rancid timed out after the ?no term color? command executed and changed the prompt. Suggestions on how to remedy this within rancid? hold on while i curse for 20 minutes. seriously cisco, what is the utility of this. can you disable it by default in the config? Maybe setting a non-color- supporting TERM would work? From heas at shrubbery.net Tue Jul 18 15:30:25 2017 From: heas at shrubbery.net ('heasley') Date: Tue, 18 Jul 2017 15:30:25 +0000 Subject: [rancid] Avoid Boot Flash :Flash changes in cisco routers In-Reply-To: <20170628221311.GE74817@shrubbery.net> References: <008a01d2e4bf$c5a706f0$50f514d0$@sltnet.lk> <20170614045102.GD84062@shrubbery.net> <047601d2ee82$e2143520$a63c9f60$@sltnet.lk> <20170626143710.GA31559@shrubbery.net> <047e01d2ee8a$fe1a7510$fa4f5f30$@sltnet.lk> <20170626145005.GB31559@shrubbery.net> <59513C59.2020809@foobar.org> <20170626185046.GG3198@shrubbery.net> <20170628221311.GE74817@shrubbery.net> Message-ID: <20170718153025.GD53757@shrubbery.net> Wed, Jun 28, 2017 at 10:13:11PM +0000, 'heasley': > Mon, Jun 26, 2017 at 06:50:46PM +0000, 'heasley': > > Mon, Jun 26, 2017 at 05:54:49PM +0100, Nick Hilliard: > > > 'heasley' wrote: > > > > the line is from the tty timestamp mis-feature, disabled with on of > > > > > > > > terminal no-timestamp > > > > terminal exec prompt no-timestamp > > > > > > > > if you want to disable dir commands in rancid, see rancid.types.conf(5). > > > > > > incidentally, this mechanism doesn't work on XRv for the admin commands. > > > Here's some sample output: > > > > > > > RP/0/RP0/CPU0:Router#admin show license > > > > > > > > nick connected from 127.0.0.1 using console on xr-vm_node0_RP0_CPU0 > > > > sysadmin-vm:0_RP0# terminal length 0 > > > > Mon Jun 26 16:52:28.311 UTC > > > > sysadmin-vm:0_RP0# show license > > > > ------------------------^ > > > > syntax error: element does not exist > > > > sysadmin-vm:0_RP0# > > > > > > > > RP/0/RP0/CPU0:Router# > > > > > > In this instance, there's no way to disable the CLI timestamps in admin > > > mode, so rancid picks them up in the config generation. > > > > > > Nick breif note; there are filters for this in the alpha image. > > i vaguely remember opening a DDTS for that and other cli bugs for xrv. I'll > > check the list; then you too can subscribe to it or open your own. > > I've looked; I can't find that a DDTS was opened for us; it was only an > EFT complaint. > > we'll open one. you should too - please. From casnj3 at gmail.com Tue Jul 18 18:24:11 2017 From: casnj3 at gmail.com (Alan Sklar) Date: Tue, 18 Jul 2017 14:24:11 -0400 Subject: [rancid] New HP/Aruba Switch Error Message-ID: I have a couple of HP and Aruba switches. Just recent one of the HP switches needed to be replaced. I replaced the switch with a comparable model that HP sent. After fixing the SSH key issues, I am getting the below error when attempting to get a backup. the switch log shows rancid is making a connection and hlogin is able to login. Any ideas Getting missed routers: round 4. couldn't compile regular expression pattern: parentheses () not balanced while executing "expect { -re $reprompt {} -re "\[\n\r]+" { exp_continue } }" (procedure "run_commands" line 9) invoked from within "run_commands $prompt $command" ("foreach" body line 161) invoked from within "foreach router [lrange $argv $i end] { set router [string tolower $router] send_user "$router\n" # device timeout set timeout [find t..." (file "/usr/local/rancid/bin/hlogin" line 626) 10.16.100.11: missed cmd(s): all commands 10.16.100.11: End of run not found -------------- next part -------------- An HTML attachment was scrubbed... URL: From heas at shrubbery.net Wed Jul 19 15:48:28 2017 From: heas at shrubbery.net (heasley) Date: Wed, 19 Jul 2017 15:48:28 +0000 Subject: [rancid] Fixed Ciena-ws Rancid 3.6.2 In-Reply-To: References: Message-ID: <20170719154828.GA1347@shrubbery.net> Mon, Jun 19, 2017 at 12:14:37PM -0500, Tanner Lyle: > Ciena Engineer provided the changes needed, prompts were not matching make > following changes to your wavesvros.pm file in /usr/local/rancid/lib/rancid/ > > [rancid at localhost rancid]$ pwd > /usr/local/rancid/lib/rancid > > *wavesvros.pm * > > *Line 112* > *change this line* > while (/>\s*($cmds_regexp)\s*$/) { > *to this * > while (/[#]\s*($cmds_regexp)\s*$/) { > > > *Line 115* > *change this line* > $prompt = ($_ =~ /^([^>]+>)/)[0]; > *to this* > $prompt = ($_ =~ /^([^#]+#)/)[0]; These changes do not seem right to me. i understand that its working for you, but i'm not sure that it will be reliable. Also, of the 4 raw command output examples that i have, all of them have the prompt ">", not "#". Can you tell me why it is different? keep in mind that I havent much experience with these and we no longer have them. If someone could extend remote access to me, I can feel more comfortable accepting these changes. anyone? > > *Line 140* > *change this line* > if (/>\s*exit/) { > *to this* > if (/\s*exit/) { > > > *Line 207 add * > $found_end = 0; > > *from this* > > # This routine parses "configuration show" > sub WriteTerm { > my($INPUT, $OUTPUT, $cmd) = @_; > my($snmp) = 0; > print STDERR " In ShowConfiguration: $_" if ($debug); > > # include the command > > *to this* > > # This routine parses "configuration show" > sub WriteTerm { > my($INPUT, $OUTPUT, $cmd) = @_; > my($snmp) = 0; > $found_end = 0; > print STDERR " In ShowConfiguration: $_" if ($debug); > > # include the command > > *Original line 212 now line 214* > > *from this * > > while (<$INPUT>) { > tr/\015//d; > last if (/^$prompt/); > /no matching entry found/ && return(-1); # unknown cmd > > *to this* > > while (<$INPUT>) { > tr/\015//d; > return (0) if (/^$prompt/); > /no matching entry found/ && return(-1); # unknown cmd > return (0) if ($found_end == 1); > > > *Change Line 265* > > *from this* > > if (/^! END OF CONFIG:/) { > > *to this* > > if (/! END OF CONFIG:/) { > > > > For those of you better at reading diffs than me > > [rancid at localhost rancid]$ diff wavesvros.pm wavesvros.pm.orig > > 112c112 > < while (/[#]\s*($cmds_regexp)\s*$/) { > --- > > while (/>\s*($cmds_regexp)\s*$/) { > 115c115 > < $prompt = ($_ =~ /^([^#]+#)/)[0]; > --- > > $prompt = ($_ =~ /^([^>]+>)/)[0]; > 140c140 > < if (/\s*exit/) { > --- > > if (/>\s*exit/) { > 207d206 > < $found_end = 0; > 215c214 > < return (0) if (/^$prompt/); > --- > > last if (/^$prompt/); > 217d215 > < return (0) if ($found_end == 1); > 265c263 > < if (/! END OF CONFIG:/) { > --- > > if (/^! END OF CONFIG:/) { > > > ---------- Forwarded message ---------- > From: Tanner Lyle > Date: Thu, Jun 8, 2017 at 7:29 AM > Subject: Help ciena-ws Rancid 3.6.2 > To: rancid-discuss at shrubbery.net > > > I cannot get a Ciena Waveserver (192.168.168.32 in the files) to complete, > all commands run and login works but never makes it to the parse output or > get a PROMPT MATCH: like it's trying to run the perl module against the > device. Trying to gain some traction on this, out of ideas and know how to > trouble shoot it. Any suggestions, i think the problem is still in hlogin > or in the wavesvros.pm. > > [rancid at localhost logs]$ export NOPIPE=YES && rancid -d -t ciena-ws > 192.168.168.32 > loadtype: device type ciena-ws > loadtype: found device type ciena-ws in /usr/local/rancid/etc/rancid.t > ypes.base > executing hlogin -t 120 -c"software show;chassis show;configuration show" > 192.168.168.32 > 192.168.168.32: missed cmd(s): all commands > 192.168.168.32: End of run not found > ! > > > I can get different devices to complete and run so i don't think it's a > permissions or install issue > > [rancid at localhost logs]$ export NOPIPE=YES && rancid -d -t foundry 10.0.2.2 > loadtype: device type foundry > loadtype: found device type foundry in /usr/local/rancid/etc/rancid.t > ypes.base > executing flogin -t 90 -c"show version;show chassis;show module;show > media;show media validation;show flash;write term;show running-config" > 10.0.2.2 > PROMPT MATCH: telnet at LAB_MLX16# > HIT COMMAND:telnet at LAB_MLX16#show version > In ShowVersion: telnet at LAB_MLX16#show version > HIT COMMAND:telnet at LAB_MLX16#show chassis > In ShowChassis: telnet at LAB_MLX16#show chassis > HIT COMMAND:telnet at LAB_MLX16#show module > In ShowModule: telnet at LAB_MLX16#show module > HIT COMMAND:telnet at LAB_MLX16#show media > In ShowMedia: telnet at LAB_MLX16#show media > HIT COMMAND:telnet at LAB_MLX16#show media validation > In ShowMedia: telnet at LAB_MLX16#show media validation > HIT COMMAND:telnet at LAB_MLX16#show flash > In ShowFlash: telnet at LAB_MLX16#show flash > HIT COMMAND:telnet at LAB_MLX16#write term > In WriteTerm: telnet at LAB_MLX16#write term > HIT COMMAND:telnet at LAB_MLX16#show running-config > In WriteTerm: telnet at LAB_MLX16#show running-config > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss From gmourani at gmail.com Wed Jul 19 20:18:25 2017 From: gmourani at gmail.com (Gerhard Mourani) Date: Wed, 19 Jul 2017 16:18:25 -0400 Subject: [rancid] Fortiweb 5.8 Message-ID: <77A343A9-B3AE-49F8-A17F-9E498AD556F0@gmail.com> Hello, I'm using Rancid 3.6.2 to backup Fortiweb devices which worked in the past. Since my last update to Fortiweb 5.8, rancid stop to work. Command like su - rancid -c "clogin x.x.x.x" let me connect to it instantly but typing something will return a timeout (Error: TIMEOUT reached). Regards, -------------- next part -------------- An HTML attachment was scrubbed... URL: From me at falz.net Wed Jul 19 20:43:07 2017 From: me at falz.net (Chris Wopat) Date: Wed, 19 Jul 2017 15:43:07 -0500 Subject: [rancid] Fixed Ciena-ws Rancid 3.6.2 In-Reply-To: <20170719154828.GA1347@shrubbery.net> References: <20170719154828.GA1347@shrubbery.net> Message-ID: <226a9815-eafe-d495-bac7-0b55b80e8e4e@falz.net> > These changes do not seem right to me. i understand that its working for > you, but i'm not sure that it will be reliable. > > Also, of the 4 raw command output examples that i have, all of them have > the prompt ">", not "#". Can you tell me why it is different? keep in > mind that I havent much experience with these and we no longer have them. > > If someone could extend remote access to me, I can feel more comfortable > accepting these changes. anyone? The prompt varies depending on userlevel. If you're the superuser account, it's #. If you're a read only or perhaps generally lesser user, it's >. My user is defined as: user create user MYUSERNAME access-level limited I just tested this patch WITHOUT the prompt changes for my user, which is a read only user, and it seemed to work! It sounds like the best case would be to adjust regexp to match # or >. --Chris From heas at shrubbery.net Thu Jul 20 08:56:53 2017 From: heas at shrubbery.net (heasley) Date: Thu, 20 Jul 2017 08:56:53 +0000 Subject: [rancid] Fortiweb 5.8 In-Reply-To: <77A343A9-B3AE-49F8-A17F-9E498AD556F0@gmail.com> References: <77A343A9-B3AE-49F8-A17F-9E498AD556F0@gmail.com> Message-ID: <20170720085653.GD12277@shrubbery.net> Wed, Jul 19, 2017 at 04:18:25PM -0400, Gerhard Mourani: > > Hello, > > I'm using Rancid 3.6.2 to backup Fortiweb devices which worked in the past. Since my last update to Fortiweb 5.8, rancid stop to work. Command like su - rancid -c "clogin x.x.x.x" let me connect to it instantly but typing something will return a timeout (Error: TIMEOUT reached). try fnlogin (or plogin) and we'd need debug output from fnlogin -d to see what is failing in whatis most likely matching of the prompt. From gmourani at gmail.com Thu Jul 20 12:13:20 2017 From: gmourani at gmail.com (Gerhard Mourani) Date: Thu, 20 Jul 2017 08:13:20 -0400 Subject: [rancid] Fortiweb 5.8 In-Reply-To: <20170720085653.GD12277@shrubbery.net> References: <77A343A9-B3AE-49F8-A17F-9E498AD556F0@gmail.com> <20170720085653.GD12277@shrubbery.net> Message-ID: <21817746-F656-495C-BF8E-53B895E620B3@gmail.com> Hi, Thanks for your reply, here the output, look like with fnlogin, the remote FortiWeb wait indefinitely at the password prompt! su - rancid -c "fnlogin -d 172.16.207.10" 172.16.207.10 spawn ssh -p 22 -x -l blesk9 172.16.207.10 parent: waiting for sync byte parent: telling child to go ahead parent: now unsynchronized from child spawn: returns {92600} Gate keeper glob pattern for '(Connection refused|Secure connection [^ ]+ refused)' is ''. Not usable, disabling the performance booster. Gate keeper glob pattern for '(Connection closed by|Connection to [^ ]+ closed)' is ''. Not usable, disabling the performance booster. Gate keeper glob pattern for '(Host key not found |The authenticity of host .* be established)' is ''. Not usable, disabling the performance booster. Gate keeper glob pattern for 'HOST IDENTIFICATION HAS CHANGED' is 'HOST IDENTIFICATION HAS CHANGED'. Activating booster. Gate keeper glob pattern for 'Offending key for ' is 'Offending key for '. Activating booster. Gate keeper glob pattern for '^warning: remote host denied authentication agent forwarding.' is 'warning: remote host denied authentication agent forwarding?'. Activating booster. Gate keeper glob pattern for '(denied|Sorry)' is ''. Not usable, disabling the performance booster. Gate keeper glob pattern for '(login:)' is 'login:'. Activating booster. Gate keeper glob pattern for '@[^ ]+[Pp]assword:' is '@*assword:'. Activating booster. expect: does "" (spawn_id exp3) match regular expression "(Connection refused|Secure connection [^\n\r]+ refused)"? (No Gate, RE only) gate=yes re=no "(Connection closed by|Connection to [^\n\r]+ closed)"? (No Gate, RE only) gate=yes re=no expect: does "" (spawn_id exp3) match glob pattern "unknown host\r"? no expect: does "" (spawn_id exp3) match glob pattern "Host is unreachable"? no "No address associated with name"? no "(Host key not found |The authenticity of host .* be established)"? (No Gate, RE only) gate=yes re=no "HOST IDENTIFICATION HAS CHANGED"? Gate "HOST IDENTIFICATION HAS CHANGED"? gate=no "Offending key for "? Gate "Offending key for "? gate=no expect: does "" (spawn_id exp3) match regular expression "^warning: remote host denied authentication agent forwarding."? Gate "warning: remote host denied authentication agent forwarding?"? gate=no expect: does "" (spawn_id exp3) match regular expression "(denied|Sorry)"? (No Gate, RE only) gate=yes re=no "Login failed"? no "(login:)"? Gate "login:"? gate=no "@[^\r\n]+[Pp]assword:"? Gate "@*assword:"? gate=no "[Pp]assword:"? no "[#\$] "? no please input passwd: expect: does "please input passwd:" (spawn_id exp3) match regular expression "(Connection refused|Secure connection [^\n\r]+ refused)"? (No Gate, RE only) gate=yes re=no "(Connection closed by|Connection to [^\n\r]+ closed)"? (No Gate, RE only) gate=yes re=no expect: does "please input passwd:" (spawn_id exp3) match glob pattern "unknown host\r"? no expect: does "please input passwd:" (spawn_id exp3) match glob pattern "Host is unreachable"? no "No address associated with name"? no "(Host key not found |The authenticity of host .* be established)"? (No Gate, RE only) gate=yes re=no "HOST IDENTIFICATION HAS CHANGED"? Gate "HOST IDENTIFICATION HAS CHANGED"? gate=no "Offending key for "? Gate "Offending key for "? gate=no expect: does "please input passwd:" (spawn_id exp3) match regular expression "^warning: remote host denied authentication agent forwarding."? Gate "warning: remote host denied authentication agent forwarding?"? gate=no expect: does "please input passwd:" (spawn_id exp3) match regular expression "(denied|Sorry)"? (No Gate, RE only) gate=yes re=no "Login failed"? no "(login:)"? Gate "login:"? gate=no "@[^\r\n]+[Pp]assword:"? Gate "@*assword:"? gate=no "[Pp]assword:"? no "[#\$] "? no expect: timed out Error: TIMEOUT reached > On Jul 20, 2017, at 4:56 AM, heasley wrote: > > Wed, Jul 19, 2017 at 04:18:25PM -0400, Gerhard Mourani: >> >> Hello, >> >> I'm using Rancid 3.6.2 to backup Fortiweb devices which worked in the past. Since my last update to Fortiweb 5.8, rancid stop to work. Command like su - rancid -c "clogin x.x.x.x" let me connect to it instantly but typing something will return a timeout (Error: TIMEOUT reached). > > try fnlogin (or plogin) and we'd need debug output from fnlogin -d to see > what is failing in whatis most likely matching of the prompt. -------------- next part -------------- An HTML attachment was scrubbed... URL: From heas at shrubbery.net Thu Jul 20 12:54:14 2017 From: heas at shrubbery.net (heasley) Date: Thu, 20 Jul 2017 12:54:14 +0000 Subject: [rancid] New HP/Aruba Switch Error In-Reply-To: References: Message-ID: <20170720125414.GB63334@shrubbery.net> Tue, Jul 18, 2017 at 02:24:11PM -0400, Alan Sklar: > I have a couple of HP and Aruba switches. Just recent one of the HP > switches needed to be replaced. I replaced the switch with a comparable > model that HP sent. After fixing the SSH key issues, I am getting the below > error when attempting to get a backup. the switch log shows rancid is > making a connection and hlogin is able to login. Any ideas you havent told us what version youre using. This may be a problem that was fixed in rancid 3.5. > Getting missed routers: round 4. > couldn't compile regular expression pattern: parentheses () not balanced > while executing > "expect { > -re $reprompt {} > -re "\[\n\r]+" { exp_continue } > }" > (procedure "run_commands" line 9) > invoked from within > "run_commands $prompt $command" > ("foreach" body line 161) > invoked from within > "foreach router [lrange $argv $i end] { > set router [string tolower $router] > send_user "$router\n" > > # device timeout > set timeout [find t..." > (file "/usr/local/rancid/bin/hlogin" line 626) > 10.16.100.11: missed cmd(s): all commands > 10.16.100.11: End of run not found > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss From heas at shrubbery.net Thu Jul 20 17:17:19 2017 From: heas at shrubbery.net (heasley) Date: Thu, 20 Jul 2017 17:17:19 +0000 Subject: [rancid] Fortiweb 5.8 In-Reply-To: <21817746-F656-495C-BF8E-53B895E620B3@gmail.com> References: <77A343A9-B3AE-49F8-A17F-9E498AD556F0@gmail.com> <20170720085653.GD12277@shrubbery.net> <21817746-F656-495C-BF8E-53B895E620B3@gmail.com> Message-ID: <20170720171719.GC63334@shrubbery.net> Thu, Jul 20, 2017 at 08:13:20AM -0400, Gerhard Mourani: > Hi, > > Thanks for your reply, here the output, look like with fnlogin, the remote FortiWeb wait indefinitely at the password prompt! Looks like they have changed the password prompt. Please complain to them about change with zero value, then try the attached patch and comfirm for us that it works (or not). > expect: does "please input passwd:" (spawn_id exp3) match regular expression "(denied|Sorry)"? (No Gate, RE only) gate=yes re=no > "Login failed"? no > "(login:)"? Gate "login:"? gate=no > "@[^\r\n]+[Pp]assword:"? Gate "@*assword:"? gate=no > "[Pp]assword:"? no > "[#\$] "? no > expect: timed out > > Error: TIMEOUT reached > > > On Jul 20, 2017, at 4:56 AM, heasley wrote: > > > > Wed, Jul 19, 2017 at 04:18:25PM -0400, Gerhard Mourani: > >> > >> Hello, > >> > >> I'm using Rancid 3.6.2 to backup Fortiweb devices which worked in the past. Since my last update to Fortiweb 5.8, rancid stop to work. Command like su - rancid -c "clogin x.x.x.x" let me connect to it instantly but typing something will return a timeout (Error: TIMEOUT reached). > > > > try fnlogin (or plogin) and we'd need debug output from fnlogin -d to see > > what is failing in whatis most likely matching of the prompt. > -------------- next part -------------- A non-text attachment was scrubbed... Name: fnlogin.in.diff Type: text/x-diff Size: 1453 bytes Desc: not available URL: From ericx at whoi.edu Fri Jul 21 12:41:21 2017 From: ericx at whoi.edu (Eric W. Bates) Date: Fri, 21 Jul 2017 08:41:21 -0400 Subject: [rancid] include snmp3 users from IOS Message-ID: Somewhat annoyingly, snmp v3 users are not displayed in cisco IOS as part of the config. Instead, you can only see them by executing "show snmp user" on an enabled command line. e.g.: add a user authentication: conf t snmp-server user SNMPD00D READONLY v3 auth sha auth-secret priv aes 128 crypt-secret access SNMP show a user authentication: switch#sho snmp user User name: SNMPD00D Engine ID: 8000000903002852614BBF01 storage-type: nonvolatile active Authentication Protocol: SHA Privacy Protocol: AES128 Group-name: READONLY I would like to include "show snmp user" in our RANCiD collect. Has anyone already done this? Thanks for your time. -- Clark 159a, MS 46 508/289-3112 -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 4188 bytes Desc: S/MIME Cryptographic Signature URL: From gmourani at gmail.com Fri Jul 21 13:55:25 2017 From: gmourani at gmail.com (Gerhard Mourani) Date: Fri, 21 Jul 2017 09:55:25 -0400 Subject: [rancid] Fortiweb 5.8 In-Reply-To: <20170720171719.GC63334@shrubbery.net> References: <77A343A9-B3AE-49F8-A17F-9E498AD556F0@gmail.com> <20170720085653.GD12277@shrubbery.net> <21817746-F656-495C-BF8E-53B895E620B3@gmail.com> <20170720171719.GC63334@shrubbery.net> Message-ID: <0E8D312A-A897-4A1E-A639-7D9DDB3BBB16@gmail.com> Hi, Just to confirm that it works. Thanks again for your help. Regards, > On Jul 20, 2017, at 1:17 PM, heasley wrote: > > Thu, Jul 20, 2017 at 08:13:20AM -0400, Gerhard Mourani: >> Hi, >> >> Thanks for your reply, here the output, look like with fnlogin, the remote FortiWeb wait indefinitely at the password prompt! > > Looks like they have changed the password prompt. Please complain to them > about change with zero value, then try the attached patch and comfirm for > us that it works (or not). > >> expect: does "please input passwd:" (spawn_id exp3) match regular expression "(denied|Sorry)"? (No Gate, RE only) gate=yes re=no >> "Login failed"? no >> "(login:)"? Gate "login:"? gate=no >> "@[^\r\n]+[Pp]assword:"? Gate "@*assword:"? gate=no >> "[Pp]assword:"? no >> "[#\$] "? no >> expect: timed out >> >> Error: TIMEOUT reached >> >>> On Jul 20, 2017, at 4:56 AM, heasley wrote: >>> >>> Wed, Jul 19, 2017 at 04:18:25PM -0400, Gerhard Mourani: >>>> >>>> Hello, >>>> >>>> I'm using Rancid 3.6.2 to backup Fortiweb devices which worked in the past. Since my last update to Fortiweb 5.8, rancid stop to work. Command like su - rancid -c "clogin x.x.x.x" let me connect to it instantly but typing something will return a timeout (Error: TIMEOUT reached). >>> >>> try fnlogin (or plogin) and we'd need debug output from fnlogin -d to see >>> what is failing in whatis most likely matching of the prompt. >> > -------------- next part -------------- An HTML attachment was scrubbed... URL: From heas at shrubbery.net Fri Jul 21 14:22:16 2017 From: heas at shrubbery.net (heasley) Date: Fri, 21 Jul 2017 14:22:16 +0000 Subject: [rancid] Fixed Ciena-ws Rancid 3.6.2 In-Reply-To: <20170721141850.980F89B444@sea.shrubbery.net> <226a9815-eafe-d495-bac7-0b55b80e8e4e@falz.net> Message-ID: <20170721142216.GA43905@shrubbery.net> Wed, Jul 19, 2017 at 03:43:07PM -0500, Chris Wopat: > > > These changes do not seem right to me. i understand that its working for > > you, but i'm not sure that it will be reliable. > > > > Also, of the 4 raw command output examples that i have, all of them have > > the prompt ">", not "#". Can you tell me why it is different? keep in > > mind that I havent much experience with these and we no longer have them. > > > > If someone could extend remote access to me, I can feel more comfortable > > accepting these changes. anyone? > > The prompt varies depending on userlevel. If you're the superuser > account, it's #. If you're a read only or perhaps generally lesser user, > it's >. > > My user is defined as: > > user create user MYUSERNAME access-level limited > > I just tested this patch WITHOUT the prompt changes for my user, which > is a read only user, and it seemed to work! > > It sounds like the best case would be to adjust regexp to match # or >. great; thanks for testing that. Just addressing that one point, the patch is: Index: lib/wavesvros.pm.in =================================================================== --- lib/wavesvros.pm.in (revision 3719) +++ lib/wavesvros.pm.in (working copy) @@ -62,10 +62,10 @@ $clean_run = 0; last; } - while (/>\s*($cmds_regexp)\s*$/) { + while (/[>#]\s*($cmds_regexp)\s*$/) { $cmd = $1; if (!defined($prompt)) { - $prompt = ($_ =~ /^([^>]+>)/)[0]; + $prompt = ($_ =~ /^([^>#]+[>#])/)[0]; $prompt =~ s/([][}{)(\\])/\\$1/g; # prompt changes when config is unsaved - "foo*> " $prompt =~ s/\*/\\\*/; @@ -90,7 +90,7 @@ last TOP; } } - if (/>\s*exit/) { + if (/[>#]\s*exit/) { $clean_run=1; last; } @@ -103,7 +103,7 @@ print STDERR " In ShowChassisClocks: $_" if ($debug); # include the command - s/^[a-z]+@//; s/^([^ ]+)\*>/$1>/; + s/^[a-z]+@//; s/^([^ ]+)\*([>#])/$1$2/; ProcessHistory("","","","! $_"); while (<$INPUT>) { tr/\015//d; @@ -131,7 +131,7 @@ print STDERR " In ShowVersion: $_" if ($debug); # include the command - s/^[a-z]+@//; s/^([^ ]+)\*>/$1>/; + s/^[a-z]+@//; s/^([^ ]+)\*([>#])/$1$2/; ProcessHistory("","","","! $_"); # skip software state info while (<$INPUT>) { @@ -160,7 +160,7 @@ print STDERR " In ShowConfiguration: $_" if ($debug); # include the command - s/^[a-z]+@//; s/^([^ ]+)\*>/$1>/; + s/^[a-z]+@//; s/^([^ ]+)\*([>#])/$1$2/; ProcessHistory("","","","! $_"); while (<$INPUT>) { tr/\015//d; From casnj3 at gmail.com Thu Jul 20 18:24:53 2017 From: casnj3 at gmail.com (Alan Sklar) Date: Thu, 20 Jul 2017 14:24:53 -0400 Subject: [rancid] New HP/Aruba Switch Error In-Reply-To: <20170720125414.GB63334@shrubbery.net> References: <20170720125414.GB63334@shrubbery.net> Message-ID: Rancid 3.1 On Thu, Jul 20, 2017 at 8:54 AM, heasley wrote: > Tue, Jul 18, 2017 at 02:24:11PM -0400, Alan Sklar: > > I have a couple of HP and Aruba switches. Just recent one of the HP > > switches needed to be replaced. I replaced the switch with a comparable > > model that HP sent. After fixing the SSH key issues, I am getting the > below > > error when attempting to get a backup. the switch log shows rancid is > > making a connection and hlogin is able to login. Any ideas > > you havent told us what version youre using. This may be a problem that > was fixed in rancid 3.5. > > > Getting missed routers: round 4. > > couldn't compile regular expression pattern: parentheses () not balanced > > while executing > > "expect { > > -re $reprompt {} > > -re "\[\n\r]+" { exp_continue } > > }" > > (procedure "run_commands" line 9) > > invoked from within > > "run_commands $prompt $command" > > ("foreach" body line 161) > > invoked from within > > "foreach router [lrange $argv $i end] { > > set router [string tolower $router] > > send_user "$router\n" > > > > # device timeout > > set timeout [find t..." > > (file "/usr/local/rancid/bin/hlogin" line 626) > > 10.16.100.11: missed cmd(s): all commands > > 10.16.100.11: End of run not found > > > _______________________________________________ > > Rancid-discuss mailing list > > Rancid-discuss at shrubbery.net > > http://www.shrubbery.net/mailman/listinfo/rancid-discuss > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From heas at shrubbery.net Fri Jul 21 15:35:04 2017 From: heas at shrubbery.net (heasley) Date: Fri, 21 Jul 2017 15:35:04 +0000 Subject: [rancid] Fixed Ciena-ws Rancid 3.6.2 In-Reply-To: <20170719154828.GA1347@shrubbery.net> References: <20170719154828.GA1347@shrubbery.net> Message-ID: <20170721153504.GD43905@shrubbery.net> Wed, Jul 19, 2017 at 03:48:28PM +0000, heasley: > Mon, Jun 19, 2017 at 12:14:37PM -0500, Tanner Lyle: > > Ciena Engineer provided the changes needed, prompts were not matching make > > following changes to your wavesvros.pm file in /usr/local/rancid/lib/rancid/ > > > > *Line 140* > > *change this line* > > if (/>\s*exit/) { > > *to this* > > if (/\s*exit/) { This should not be necessary; and would/could be a problem. if this is still necesary after the patch I sent, there is another problem that this change is masking. > > *Line 207 add * > > $found_end = 0; This is already initialized in rancid.pm. What is the error that led to this change? > > *from this* > > > > # This routine parses "configuration show" > > sub WriteTerm { > > my($INPUT, $OUTPUT, $cmd) = @_; > > my($snmp) = 0; > > print STDERR " In ShowConfiguration: $_" if ($debug); > > > > # include the command > > > > *to this* > > > > # This routine parses "configuration show" > > sub WriteTerm { > > my($INPUT, $OUTPUT, $cmd) = @_; > > my($snmp) = 0; > > $found_end = 0; > > print STDERR " In ShowConfiguration: $_" if ($debug); > > > > # include the command > > > > *Original line 212 now line 214* > > > > *from this * > > > > while (<$INPUT>) { > > tr/\015//d; > > last if (/^$prompt/); > > /no matching entry found/ && return(-1); # unknown cmd > > > > *to this* > > > > while (<$INPUT>) { > > tr/\015//d; > > return (0) if (/^$prompt/); > > /no matching entry found/ && return(-1); # unknown cmd > > return (0) if ($found_end == 1); Unless the prompt is not being parsed and suffed in $prompt properly, this shouldn't be necessary. > > > > *Change Line 265* > > > > *from this* > > > > if (/^! END OF CONFIG:/) { > > > > *to this* > > > > if (/! END OF CONFIG:/) { This shouldn't be necessary. Is there a case where the ! is not at the beginning of the line? Is the pager perhaps not being disabled properly? The command is in the hlogin. I guess, please try it with just the patch that I sent (or the current alpha). if that fails, share the devicename.raw file with me: NOPIPE=YES; export NOPIPE rancid -t ciena -d devicename and, i'll go back to look at the one you (i think) already shared. > > For those of you better at reading diffs than me > > > > [rancid at localhost rancid]$ diff wavesvros.pm wavesvros.pm.orig diff -u will help you. From cgauthier at comscore.com Fri Jul 21 15:07:58 2017 From: cgauthier at comscore.com (Gauthier, Chris) Date: Fri, 21 Jul 2017 15:07:58 +0000 Subject: [rancid] include snmp3 users from IOS In-Reply-To: References: Message-ID: Chris GauthierSenior Network Engineer | comScore, Inc. o +1 503-331-2704cgauthier at comscore.com 317 SW Alder St, Suite 500 | Portland | OR97204 ............................................................................................................................................................................................................................ -----Original Message----- From: Rancid-discuss on behalf of "Eric W. Bates" Organization: Woods Hole Oceanographic Institution Date: Friday, July 21, 2017 at 5:42 AM To: "rancid-discuss at shrubbery.net" Subject: [rancid] include snmp3 users from IOS Somewhat annoyingly, snmp v3 users are not displayed in cisco IOS as part of the config. Instead, you can only see them by executing "show snmp user" on an enabled command line. e.g.: add a user authentication: conf t snmp-server user SNMPD00D READONLY v3 auth sha auth-secret priv aes 128 crypt-secret access SNMP show a user authentication: switch#sho snmp user User name: SNMPD00D Engine ID: 8000000903002852614BBF01 storage-type: nonvolatile active Authentication Protocol: SHA Privacy Protocol: AES128 Group-name: READONLY I would like to include "show snmp user" in our RANCiD collect. Has anyone already done this? Thanks for your time. The cool part about this is you can modify the commands very easily now, if you are current. The rancid.types.base and rancid.types.conf files are where to look. The original command set for ?cisco-nx? has a lot of commands not applicable to the Nexus 56128P or 9372 running 7.x, so I copied the default cisco-nx profile into rancid.types.conf and changed it to cisco-nx5600-9000 with the commands I want. Works like a champ. --Chris -- Clark 159a, MS 46 508/289-3112 -------------- next part -------------- An HTML attachment was scrubbed... URL: From me at falz.net Fri Jul 21 19:37:08 2017 From: me at falz.net (Chris Wopat) Date: Fri, 21 Jul 2017 14:37:08 -0500 Subject: [rancid] Fixed Ciena-ws Rancid 3.6.2 In-Reply-To: <20170721142216.GA43905@shrubbery.net> References: <20170721142216.GA43905@shrubbery.net> Message-ID: <50a6731d-6313-3d71-c420-1f423de4f2da@falz.net> On 07/21/2017 09:22 AM, heasley wrote: > great; thanks for testing that. Just addressing that one point, the patch > is: I tested this patch against the stock wavesvros.pm, did not work, it goes back to 'end of run not found' as it was always doing. Keeping that patch in place, I stepped through the changes from Tanner's patch and find that it works with only one change, the addition of this line where it is originally stated in context (in sub WriteTerm) return (0) if ($found_end == 1) I did a test run on several Waveservers it seems to work consistently. I did not test with a superuser account that would use the # prompt, just my limited user with > prompt. From heas at shrubbery.net Tue Jul 25 18:53:55 2017 From: heas at shrubbery.net (heasley) Date: Tue, 25 Jul 2017 18:53:55 +0000 Subject: [rancid] Fixed Ciena-ws Rancid 3.6.2 In-Reply-To: <50a6731d-6313-3d71-c420-1f423de4f2da@falz.net> References: <20170721142216.GA43905@shrubbery.net> <50a6731d-6313-3d71-c420-1f423de4f2da@falz.net> Message-ID: <20170725185355.GB45243@shrubbery.net> Fri, Jul 21, 2017 at 02:37:08PM -0500, Chris Wopat: > On 07/21/2017 09:22 AM, heasley wrote: > > > great; thanks for testing that. Just addressing that one point, the patch > > is: > > I tested this patch against the stock wavesvros.pm, did not work, it > goes back to 'end of run not found' as it was always doing. > > Keeping that patch in place, I stepped through the changes from Tanner's > patch and find that it works with only one change, the addition of this > line where it is originally stated in context (in sub WriteTerm) > > return (0) if ($found_end == 1) > > I did a test run on several Waveservers it seems to work consistently. I > did not test with a superuser account that would use the # prompt, just > my limited user with > prompt. somehostname-11^>logout can you tell me what the ^ is in that prompt? in 3 of the 5 examples folks have sent to me, the prompt has this ^ in it after the show configuration command has run. This would cause a problem, which is probably easy to fix if i understand the cause. From cgauthier at comscore.com Tue Jul 25 19:56:39 2017 From: cgauthier at comscore.com (Gauthier, Chris) Date: Tue, 25 Jul 2017 19:56:39 +0000 Subject: [rancid] Aruba support in recent versions? Message-ID: <5BE5E93F-A66B-4D41-8562-257E604E087D@comscore.com> Have the most recent versions been updated to support Aruba, or is it still using rancid 2.x scripts? I did not see aruba as a device type in the rancid.types.* files. Thanks, --Chris Chris GauthierSenior Network Engineer | comScore, Inc. o +1 503-331-2704cgauthier at comscore.com 317 SW Alder St, Suite 500 | Portland | OR97204 ............................................................................................................................................................................................................................ -------------- next part -------------- An HTML attachment was scrubbed... URL: From heas at shrubbery.net Tue Jul 25 23:49:51 2017 From: heas at shrubbery.net (heasley) Date: Tue, 25 Jul 2017 23:49:51 +0000 Subject: [rancid] Aruba support in recent versions? In-Reply-To: <5BE5E93F-A66B-4D41-8562-257E604E087D@comscore.com> References: <5BE5E93F-A66B-4D41-8562-257E604E087D@comscore.com> Message-ID: <20170725234951.GB27697@shrubbery.net> Tue, Jul 25, 2017 at 07:56:39PM +0000, Gauthier, Chris: > Have the most recent versions been updated to support Aruba, or is it still using rancid 2.x scripts? I did not see aruba as a device type in the rancid.types.* files. If it behaves like an hp procurve, i expect it to work. i've not touched one myself. From doug.hughes at keystonenap.com Wed Jul 26 00:31:45 2017 From: doug.hughes at keystonenap.com (doug.hughes at keystonenap.com) Date: Tue, 25 Jul 2017 20:31:45 -0400 Subject: [rancid] Aruba support in recent versions? In-Reply-To: <5BE5E93F-A66B-4D41-8562-257E604E087D@comscore.com> References: <5BE5E93F-A66B-4D41-8562-257E604E087D@comscore.com> Message-ID: i contributed an aruba update for 3.x for the IAPs Sent from my android device. -----Original Message----- From: "Gauthier, Chris" To: "rancid-discuss at shrubbery.net" Sent: Tue, 25 Jul 2017 19:30 Subject: [rancid] Aruba support in recent versions? Have the most recent versions been updated to support Aruba, or is it still using rancid 2.x scripts? I did not see aruba as a device type in the rancid.types.* files. Thanks, --Chris Chris GauthierSenior Network Engineer | comScore, Inc. o +1 503-331-2704cgauthier at comscore.com 317 SW Alder St, Suite 500 | Portland | OR97204 ............................................................................................................................................................................................................................ -------------- next part -------------- An HTML attachment was scrubbed... URL: From cgauthier at comscore.com Wed Jul 26 00:25:43 2017 From: cgauthier at comscore.com (Gauthier, Chris) Date: Wed, 26 Jul 2017 00:25:43 +0000 Subject: [rancid] Aruba support in recent versions? In-Reply-To: <20170725234951.GB27697@shrubbery.net> References: <5BE5E93F-A66B-4D41-8562-257E604E087D@comscore.com> <20170725234951.GB27697@shrubbery.net> Message-ID: <210B1FF5-B1C0-4460-85C4-14A66FD27D5E@comscore.com> > Chris GauthierSenior Network Engineer | comScore, Inc. o +1 503-331-2704cgauthier at comscore.com 317 SW Alder St, Suite 500 | Portland | OR97204 ............................................................................................................................................................................................................................ On 7/25/17, 4:49 PM, "heasley" wrote: > > Tue, Jul 25, 2017 at 07:56:39PM +0000, Gauthier, Chris: > > Have the most recent versions been updated to support Aruba, or is it still using rancid 2.x scripts? I did not see aruba as a device type in the rancid.types.* files. > > If it behaves like an hp procurve, i expect it to work. i've not touched > one myself. Guess I?ll find out when I try it! -------------- next part -------------- An HTML attachment was scrubbed... URL: From awalker at corcentric.com Thu Jul 27 14:40:07 2017 From: awalker at corcentric.com (Walker, Alan) Date: Thu, 27 Jul 2017 14:40:07 +0000 Subject: [rancid] Filtering out flash dir and time change events Message-ID: Hi All, I?ve been using Rancid for a while now and it seems to work pretty well but one thing I?m seeing on certain new Cisco devices such as ISR?s, Nexus, etc are displaying changes for the flash directory changing in size and the time of the device changing. These events come up like this: - !Flash: bootflash: 7113240576 bytes total (6335688704 bytes free) + !Flash: bootflash: 7113240576 bytes total (6335643648 bytes free) - !Time: Thu Jul 27 07:12:05 2017 + !Time: Thu Jul 27 08:12:10 2017 Is there anyway to filter out these types of changes so that I only see more substantial changes? Thanks. [Corcentric] Alan Walker | Network Engineer 457 Haddonfield Road, Suite 220 | Cherry Hill, NJ 08002 O (856) 406-3746 | F awalker at corcentric.com | www.corcentric.com -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image6e048f.PNG Type: image/png Size: 1484 bytes Desc: image6e048f.PNG URL: From doug.hughes at keystonenap.com Thu Jul 27 14:53:12 2017 From: doug.hughes at keystonenap.com (Doug Hughes) Date: Thu, 27 Jul 2017 10:53:12 -0400 Subject: [rancid] Filtering out flash dir and time change events In-Reply-To: References: Message-ID: <9042231d-c0a7-a737-2337-899e3adca915@keystonenap.com> I don't recall where !Time comes from exactly (search in lib/rancid/ios.pm) But Flash comes from etc/rancid.types.base: cisco;command;ios::ShowFlash;show flash You could either comment out that line and then remember to do the same when you upgrade, or you could make a rancid.types.conf and override the entire cisco;command;ios block On 7/27/2017 10:40 AM, Walker, Alan wrote: > > Hi All, > > > > I?ve been using Rancid for a while now and it seems to work pretty > well but one thing I?m seeing on certain new Cisco devices such as > ISR?s, Nexus, etc are displaying changes for the flash directory > changing in size and the time of the device changing. These events > come up like this: > > > > - !Flash: bootflash: 7113240576 bytes total (6335688704 bytes free) > > + !Flash: bootflash: 7113240576 bytes total (6335643648 bytes free) > > > > - !Time: Thu Jul 27 07:12:05 2017 > > + !Time: Thu Jul 27 08:12:10 2017 > > > > Is there anyway to filter out these types of changes so that I only > see more substantial changes? > > > > Thanks. > > > > > > Corcentric > Alan Walker | Network Engineer > 457 Haddonfield Road, Suite 220 | Cherry Hill, NJ 08002 > O (856) 406-3746 | F > awalker at corcentric.com| > www.corcentric.com > > > > > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss -- Doug Hughes Keystone NAP Fairless Hills, PA 1.844.KEYBLOCK (539.2562) -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image6e048f.PNG Type: image/png Size: 1484 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: keystone-nap.png Type: image/png Size: 3476 bytes Desc: not available URL: From ler762 at gmail.com Thu Jul 27 15:51:23 2017 From: ler762 at gmail.com (Lee) Date: Thu, 27 Jul 2017 11:51:23 -0400 Subject: [rancid] Filtering out flash dir and time change events In-Reply-To: <9042231d-c0a7-a737-2337-899e3adca915@keystonenap.com> References: <9042231d-c0a7-a737-2337-899e3adca915@keystonenap.com> Message-ID: On 7/27/17, Doug Hughes wrote: > I don't recall where !Time comes from exactly (search in lib/rancid/ios.pm) > > But Flash comes from etc/rancid.types.base: > cisco;command;ios::ShowFlash;show flash > > You could either comment out that line and then remember to do the same > when you upgrade, or you could make a rancid.types.conf and override the > entire cisco;command;ios block How comfortable are you with modifying the code? Take a look at rancid 3.6.2 - sub ShowFlash in lib/rancid/ios.pm looks for if (/(\d+) bytes (available|total) \((\d+) bytes used\)/) { and changes the line to NN [GMK]B free It doesn't seem like it would be too hard to change NNN bytes total (NNN bytes free) to NN [GMK]B total (NN [GMK]B free) Regards, Lee > On 7/27/2017 10:40 AM, Walker, Alan wrote: >> >> Hi All, >> >> I?ve been using Rancid for a while now and it seems to work pretty >> well but one thing I?m seeing on certain new Cisco devices such as >> ISR?s, Nexus, etc are displaying changes for the flash directory >> changing in size and the time of the device changing. These events >> come up like this: >> >> >> - !Flash: bootflash: 7113240576 bytes total (6335688704 bytes free) >> >> + !Flash: bootflash: 7113240576 bytes total (6335643648 bytes free) >> >> >> >> - !Time: Thu Jul 27 07:12:05 2017 >> >> + !Time: Thu Jul 27 08:12:10 2017 >> >> >> Is there anyway to filter out these types of changes so that I only >> see more substantial changes? >> >> Thanks. >> >> Corcentric >> Alan Walker | Network Engineer >> 457 Haddonfield Road, Suite 220 | Cherry Hill, NJ 08002 >> O (856) 406-3746 | F >> awalker at corcentric.com| >> www.corcentric.com > > -- > Doug Hughes > Keystone NAP > Fairless Hills, PA > 1.844.KEYBLOCK (539.2562) From heas at shrubbery.net Thu Jul 27 17:44:29 2017 From: heas at shrubbery.net (heasley) Date: Thu, 27 Jul 2017 17:44:29 +0000 Subject: [rancid] Filtering out flash dir and time change events In-Reply-To: <9042231d-c0a7-a737-2337-899e3adca915@keystonenap.com> References: <9042231d-c0a7-a737-2337-899e3adca915@keystonenap.com> Message-ID: <20170727174429.GD53650@shrubbery.net> Thu, Jul 27, 2017 at 10:53:12AM -0400, Doug Hughes: > > - !Time: Thu Jul 27 07:12:05 2017 > > > > + !Time: Thu Jul 27 08:12:10 2017 > > this is the stupid command timestamping. on ios-xr RP/0/RSP0/CPU0:device#term e p time RP/0/RSP0/CPU0:device#show ver Thu Jul 27 17:42:21.981 UTC just turn it off on the device. for ios-exr's admin bug, there is a filte in the alpha rancid code. From awalker at corcentric.com Thu Jul 27 20:29:55 2017 From: awalker at corcentric.com (Walker, Alan) Date: Thu, 27 Jul 2017 20:29:55 +0000 Subject: [rancid] Filtering out flash dir and time change events Message-ID: <9686f7c22bad431bbec7e6822c1eb3a8@phlex02.aq.ameriquestcorp.com> Thank you all for the suggestions. I looked into disabling the timestamps with the "terminal exec prompt timestamp" command but this is only supported on some of my devices, and on those devices it was already disabled so I don't think that is related to the changes I'm seeing reported by Rancid. I'm not much a coder and I don't have a ton of Linux experience so I don't know that I would be able to dig through the code too much but I would be willing to try. I did search for some of those files but for my particular version of either Linux or Rancid, they don't appear to exist. This includes /lib/rancid/, /etc/rancid.types.base. This software was installed when I got here so it may well be that it needs to be updated to a newer version. Thanks again. Corcentric Alan Walker | Network Engineer 457 Haddonfield Road, Suite 220 | Cherry Hill, NJ 08002 O (856) 406-3746 | F awalker at corcentric.com | www.corcentric.com -----Original Message----- From: Rancid-discuss [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of rancid-discuss-request at shrubbery.net Sent: Thursday, July 27, 2017 4:00 PM To: rancid-discuss at shrubbery.net Subject: Rancid-discuss Digest, Vol 81, Issue 18 Send Rancid-discuss mailing list submissions to rancid-discuss at shrubbery.net To subscribe or unsubscribe via the World Wide Web, visit http://www.shrubbery.net/mailman/listinfo/rancid-discuss or, via email, send a message with subject or body 'help' to rancid-discuss-request at shrubbery.net You can reach the person managing the list at rancid-discuss-owner at shrubbery.net When replying, please edit your Subject line so it is more specific than "Re: Contents of Rancid-discuss digest..." Today's Topics: 1. Filtering out flash dir and time change events (Walker, Alan) 2. Re: Filtering out flash dir and time change events (Doug Hughes) 3. Re: Filtering out flash dir and time change events (Lee) 4. Re: Filtering out flash dir and time change events (heasley) ---------------------------------------------------------------------- Message: 1 Date: Thu, 27 Jul 2017 14:40:07 +0000 From: "Walker, Alan" To: "rancid-discuss at shrubbery.net" Subject: [rancid] Filtering out flash dir and time change events Message-ID: Content-Type: text/plain; charset="utf-8" Hi All, I?ve been using Rancid for a while now and it seems to work pretty well but one thing I?m seeing on certain new Cisco devices such as ISR?s, Nexus, etc are displaying changes for the flash directory changing in size and the time of the device changing. These events come up like this: - !Flash: bootflash: 7113240576 bytes total (6335688704 bytes free) + !Flash: bootflash: 7113240576 bytes total (6335643648 bytes free) - !Time: Thu Jul 27 07:12:05 2017 + !Time: Thu Jul 27 08:12:10 2017 Is there anyway to filter out these types of changes so that I only see more substantial changes? Thanks. [Corcentric] Alan Walker | Network Engineer 457 Haddonfield Road, Suite 220 | Cherry Hill, NJ 08002 O (856) 406-3746 | F awalker at corcentric.com | www.corcentric.com -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image6e048f.PNG Type: image/png Size: 1484 bytes Desc: image6e048f.PNG URL: ------------------------------ Message: 2 Date: Thu, 27 Jul 2017 10:53:12 -0400 From: Doug Hughes To: rancid-discuss at shrubbery.net Subject: Re: [rancid] Filtering out flash dir and time change events Message-ID: <9042231d-c0a7-a737-2337-899e3adca915 at keystonenap.com> Content-Type: text/plain; charset="utf-8" I don't recall where !Time comes from exactly (search in lib/rancid/ios.pm) But Flash comes from etc/rancid.types.base: cisco;command;ios::ShowFlash;show flash You could either comment out that line and then remember to do the same when you upgrade, or you could make a rancid.types.conf and override the entire cisco;command;ios block On 7/27/2017 10:40 AM, Walker, Alan wrote: > > Hi All, > > > > I?ve been using Rancid for a while now and it seems to work pretty > well but one thing I?m seeing on certain new Cisco devices such as > ISR?s, Nexus, etc are displaying changes for the flash directory > changing in size and the time of the device changing. These events > come up like this: > > > > - !Flash: bootflash: 7113240576 bytes total (6335688704 bytes free) > > + !Flash: bootflash: 7113240576 bytes total (6335643648 bytes free) > > > > - !Time: Thu Jul 27 07:12:05 2017 > > + !Time: Thu Jul 27 08:12:10 2017 > > > > Is there anyway to filter out these types of changes so that I only > see more substantial changes? > > > > Thanks. > > > > > > Corcentric Alan Walker | Network Engineer > 457 Haddonfield Road, Suite 220 | Cherry Hill, NJ 08002 O (856) > 406-3746 | F awalker at corcentric.com| > www.corcentric.com > > > > > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss -- Doug Hughes Keystone NAP Fairless Hills, PA 1.844.KEYBLOCK (539.2562) -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image6e048f.PNG Type: image/png Size: 1484 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: keystone-nap.png Type: image/png Size: 3476 bytes Desc: not available URL: ------------------------------ Message: 3 Date: Thu, 27 Jul 2017 11:51:23 -0400 From: Lee To: rancid-discuss at shrubbery.net Subject: Re: [rancid] Filtering out flash dir and time change events Message-ID: Content-Type: text/plain; charset="UTF-8" On 7/27/17, Doug Hughes wrote: > I don't recall where !Time comes from exactly (search in > lib/rancid/ios.pm) > > But Flash comes from etc/rancid.types.base: > cisco;command;ios::ShowFlash;show flash > > You could either comment out that line and then remember to do the > same when you upgrade, or you could make a rancid.types.conf and > override the entire cisco;command;ios block How comfortable are you with modifying the code? Take a look at rancid 3.6.2 - sub ShowFlash in lib/rancid/ios.pm looks for if (/(\d+) bytes (available|total) \((\d+) bytes used\)/) { and changes the line to NN [GMK]B free It doesn't seem like it would be too hard to change NNN bytes total (NNN bytes free) to NN [GMK]B total (NN [GMK]B free) Regards, Lee > On 7/27/2017 10:40 AM, Walker, Alan wrote: >> >> Hi All, >> >> I?ve been using Rancid for a while now and it seems to work pretty >> well but one thing I?m seeing on certain new Cisco devices such as >> ISR?s, Nexus, etc are displaying changes for the flash directory >> changing in size and the time of the device changing. These events >> come up like this: >> >> >> - !Flash: bootflash: 7113240576 bytes total (6335688704 bytes free) >> >> + !Flash: bootflash: 7113240576 bytes total (6335643648 bytes free) >> >> >> >> - !Time: Thu Jul 27 07:12:05 2017 >> >> + !Time: Thu Jul 27 08:12:10 2017 >> >> >> Is there anyway to filter out these types of changes so that I only >> see more substantial changes? >> >> Thanks. >> >> Corcentric Alan Walker | Network Engineer >> 457 Haddonfield Road, Suite 220 | Cherry Hill, NJ 08002 O (856) >> 406-3746 | F awalker at corcentric.com| >> www.corcentric.com > > -- > Doug Hughes > Keystone NAP > Fairless Hills, PA > 1.844.KEYBLOCK (539.2562) ------------------------------ Message: 4 Date: Thu, 27 Jul 2017 17:44:29 +0000 From: heasley To: Doug Hughes Cc: rancid-discuss at shrubbery.net Subject: Re: [rancid] Filtering out flash dir and time change events Message-ID: <20170727174429.GD53650 at shrubbery.net> Content-Type: text/plain; charset=us-ascii Thu, Jul 27, 2017 at 10:53:12AM -0400, Doug Hughes: > > - !Time: Thu Jul 27 07:12:05 2017 > > > > + !Time: Thu Jul 27 08:12:10 2017 > > this is the stupid command timestamping. on ios-xr RP/0/RSP0/CPU0:device#term e p time RP/0/RSP0/CPU0:device#show ver Thu Jul 27 17:42:21.981 UTC just turn it off on the device. for ios-exr's admin bug, there is a filte in the alpha rancid code. ------------------------------ Subject: Digest Footer _______________________________________________ Rancid-discuss mailing list Rancid-discuss at shrubbery.net http://www.shrubbery.net/mailman/listinfo/rancid-discuss ------------------------------ End of Rancid-discuss Digest, Vol 81, Issue 18 ********************************************** From heas at shrubbery.net Thu Jul 27 20:50:57 2017 From: heas at shrubbery.net (heasley) Date: Thu, 27 Jul 2017 20:50:57 +0000 Subject: [rancid] Filtering out flash dir and time change events In-Reply-To: <9686f7c22bad431bbec7e6822c1eb3a8@phlex02.aq.ameriquestcorp.com> References: <9686f7c22bad431bbec7e6822c1eb3a8@phlex02.aq.ameriquestcorp.com> Message-ID: <20170727205057.GB27981@shrubbery.net> Thu, Jul 27, 2017 at 08:29:55PM +0000, Walker, Alan: > Thank you all for the suggestions. > > I looked into disabling the timestamps with the "terminal exec prompt timestamp" command but this is only supported on some of my devices, and on those devices it was already disabled so I don't think that is related to the changes I'm seeing reported by Rancid. because cisco is so awesome, the command changed at ~xr 3.8. terminal no-timestamp vs terminal exec prompt no-timestamp rancid runs both of these before a collection. again, i'll point you toward the alpha version. From ler762 at gmail.com Thu Jul 27 21:02:07 2017 From: ler762 at gmail.com (Lee) Date: Thu, 27 Jul 2017 17:02:07 -0400 Subject: [rancid] Filtering out flash dir and time change events In-Reply-To: <9686f7c22bad431bbec7e6822c1eb3a8@phlex02.aq.ameriquestcorp.com> References: <9686f7c22bad431bbec7e6822c1eb3a8@phlex02.aq.ameriquestcorp.com> Message-ID: On 7/27/17, Walker, Alan wrote: > Thank you all for the suggestions. > > I looked into disabling the timestamps with the "terminal exec prompt > timestamp" command but this is only supported on some of my devices, and on > those devices it was already disabled so I don't think that is related to > the changes I'm seeing reported by Rancid. > > I'm not much a coder and I don't have a ton of Linux experience so I don't > know that I would be able to dig through the code too much but I would be > willing to try. I did search for some of those files but for my particular > version of either Linux or Rancid, they don't appear to exist. This includes > /lib/rancid/, /etc/rancid.types.base. This software was installed when I got > here so it may well be that it needs to be updated to a newer version. there was no leading slash - the directories were relative to the rancid install dir. Try looking for /usr/local/rancid/etc, /usr/local/rancid/lib/rancid or maybe which clogin to find out where rancid was installed Regards Lee From heas at shrubbery.net Fri Jul 28 17:31:06 2017 From: heas at shrubbery.net (heasley) Date: Fri, 28 Jul 2017 17:31:06 +0000 Subject: [rancid] Fixed Ciena-ws Rancid 3.6.2 In-Reply-To: <20170725185355.GB45243@shrubbery.net> References: <20170721142216.GA43905@shrubbery.net> <50a6731d-6313-3d71-c420-1f423de4f2da@falz.net> <20170725185355.GB45243@shrubbery.net> Message-ID: <20170728173106.GD79820@shrubbery.net> Tue, Jul 25, 2017 at 06:53:55PM +0000, heasley: > Fri, Jul 21, 2017 at 02:37:08PM -0500, Chris Wopat: > > On 07/21/2017 09:22 AM, heasley wrote: > > > > > great; thanks for testing that. Just addressing that one point, the patch > > > is: > > > > I tested this patch against the stock wavesvros.pm, did not work, it > > goes back to 'end of run not found' as it was always doing. > > > > Keeping that patch in place, I stepped through the changes from Tanner's > > patch and find that it works with only one change, the addition of this > > line where it is originally stated in context (in sub WriteTerm) > > > > return (0) if ($found_end == 1) > > > > I did a test run on several Waveservers it seems to work consistently. I > > did not test with a superuser account that would use the # prompt, just > > my limited user with > prompt. > > somehostname-11^>logout > > can you tell me what the ^ is in that prompt? in 3 of the 5 examples > folks have sent to me, the prompt has this ^ in it after the show > configuration command has run. This would cause a problem, which is > probably easy to fix if i understand the cause. anyone? From me at falz.net Fri Jul 28 17:50:51 2017 From: me at falz.net (Chris Wopat) Date: Fri, 28 Jul 2017 12:50:51 -0500 Subject: [rancid] Fixed Ciena-ws Rancid 3.6.2 In-Reply-To: <20170728173106.GD79820@shrubbery.net> References: <20170721142216.GA43905@shrubbery.net> <50a6731d-6313-3d71-c420-1f423de4f2da@falz.net> <20170725185355.GB45243@shrubbery.net> <20170728173106.GD79820@shrubbery.net> Message-ID: I'm not sure what it is. Confirm that it is indeed in the .raw files I sent you a while back. The configuration guide doesn't mention it at all, it does specify what we already know about > vs #: "When a user with super access privileges is logged in, the CLI prompt for that session contains a # (hash or pound) character (for example, Waveserver #)." On Fri, Jul 28, 2017 at 12:31 PM, heasley wrote: > Tue, Jul 25, 2017 at 06:53:55PM +0000, heasley: >> Fri, Jul 21, 2017 at 02:37:08PM -0500, Chris Wopat: >> > On 07/21/2017 09:22 AM, heasley wrote: >> > >> > > great; thanks for testing that. Just addressing that one point, the patch >> > > is: >> > >> > I tested this patch against the stock wavesvros.pm, did not work, it >> > goes back to 'end of run not found' as it was always doing. >> > >> > Keeping that patch in place, I stepped through the changes from Tanner's >> > patch and find that it works with only one change, the addition of this >> > line where it is originally stated in context (in sub WriteTerm) >> > >> > return (0) if ($found_end == 1) >> > >> > I did a test run on several Waveservers it seems to work consistently. I >> > did not test with a superuser account that would use the # prompt, just >> > my limited user with > prompt. >> >> somehostname-11^>logout >> >> can you tell me what the ^ is in that prompt? in 3 of the 5 examples >> folks have sent to me, the prompt has this ^ in it after the show >> configuration command has run. This would cause a problem, which is >> probably easy to fix if i understand the cause. > > anyone? From me at falz.net Fri Jul 28 17:50:51 2017 From: me at falz.net (Chris Wopat) Date: Fri, 28 Jul 2017 12:50:51 -0500 Subject: [rancid] Fixed Ciena-ws Rancid 3.6.2 In-Reply-To: <20170728173106.GD79820@shrubbery.net> References: <20170721142216.GA43905@shrubbery.net> <50a6731d-6313-3d71-c420-1f423de4f2da@falz.net> <20170725185355.GB45243@shrubbery.net> <20170728173106.GD79820@shrubbery.net> Message-ID: I'm not sure what it is. Confirm that it is indeed in the .raw files I sent you a while back. The configuration guide doesn't mention it at all, it does specify what we already know about > vs #: "When a user with super access privileges is logged in, the CLI prompt for that session contains a # (hash or pound) character (for example, Waveserver #)." On Fri, Jul 28, 2017 at 12:31 PM, heasley wrote: > Tue, Jul 25, 2017 at 06:53:55PM +0000, heasley: >> Fri, Jul 21, 2017 at 02:37:08PM -0500, Chris Wopat: >> > On 07/21/2017 09:22 AM, heasley wrote: >> > >> > > great; thanks for testing that. Just addressing that one point, the patch >> > > is: >> > >> > I tested this patch against the stock wavesvros.pm, did not work, it >> > goes back to 'end of run not found' as it was always doing. >> > >> > Keeping that patch in place, I stepped through the changes from Tanner's >> > patch and find that it works with only one change, the addition of this >> > line where it is originally stated in context (in sub WriteTerm) >> > >> > return (0) if ($found_end == 1) >> > >> > I did a test run on several Waveservers it seems to work consistently. I >> > did not test with a superuser account that would use the # prompt, just >> > my limited user with > prompt. >> >> somehostname-11^>logout >> >> can you tell me what the ^ is in that prompt? in 3 of the 5 examples >> folks have sent to me, the prompt has this ^ in it after the show >> configuration command has run. This would cause a problem, which is >> probably easy to fix if i understand the cause. > > anyone? From Shaun.Krok at 888holdings.com Sun Jul 30 08:31:15 2017 From: Shaun.Krok at 888holdings.com (Shaun Krok) Date: Sun, 30 Jul 2017 08:31:15 +0000 Subject: [rancid] F5 BIG-IP issue Message-ID: <57FD84723C05BB4FA3BB5F66AC609F64014DB75D3F@XCH-IL-MB2.888holdings.corp> Hi Heasley We have found a new issue where rancid is unable to collect changes from one of our F5 boxes in a QA environment. The F5 appliance has just been upgraded to 13.0 of BIG-IP + ASM module All was fine with the upgrade and rancid A few days later a new beta product of F5 was installed on the box called AVR (not sure what is does but think it has something to do with IP blocking) The problem is now when I run : export NOPIPE=YES && ./f5rancid -d il-f5-pri IL & I have 2 files created : 1. il-f5-pri.new 2. il-f5-pri.raw The f5rancid script stops with the following message: Error: TIMEOUT reached and when looking to the .RAW file I see where it stops but do not know how to fix it. I know it is part of ShowLicence !! On many of our other sites we have ASM and LTM working fine with Rancid. This QA box has the following option module installed and this is where I can see it breaking ! Any help would be much appreciated ! I have tried to use the lates f5rancid file from version 3.6.2 and it also times out in the same place. If you require can arrange access so you can debug a living box ! Rancid version we are running rancid 3.2.99 is fairly old but very stable ! Thank you Shaun Below is a section Time Limited Modules : ################ Time Limited Modules IPI Subscription, 1Yr, 1600|HDJUFUK-LATUGAQ|20170729|20180730|SUBSCRIPTION ######### ########################################################################################### Sys::License Licensed Version 11.2.1 Registration key BDRZF-OIOWS-GOXXE-UPZYR-KUQNSUW Licensed On 2014/02/02 Service Check Date 2017/07/29 Platform ID C112 Appliance Serial Number f5-zjxo-xvwn Active Modules ASM, Unlimited (FCUIUEO-IXFFTED) LTM, Base, 2000S (IOJQRSN-NOZEOWZ) Application Acceleration Manager, Core IPV6 Gateway Rate Shaping Ram Cache Anti-Virus Checks Base Endpoint Security Checks Firewall Checks Network Access Secure Virtual Keyboard APM, Web Application Machine Certificate Checks Protected Workspace Remote Desktop App Tunnel ASM, Unlimited SSL, 2000S Time Limited Modules IPI Subscription, 1Yr, 1600|HDJUFUK-LATUGAQ|20170729|20180730|SUBSCRIPTION Error: TIMEOUT reached ################################################################################### Shaun Krok Network Team Herzliya Business Park Herzliya Pituach 46140 Israel Telephone: +972 (0)732889406 Mobile: +972 (0)50 2424381 email:shaun.krok at 888holdings.com This email message and its attachments are for the sole use of the intended recipient(s) and may not be shared with any other party. They may contain confidential information of 888 Holdings plc or its direct and indirect subsidiaries (together, the ?888 Group?) and are to be regarded as confidential information under any non-disclosure agreement. Any review, use, disclosure or distribution by persons or entities other than the intended recipient(s) is prohibited. Nothing in this message is capable of or intended to create any legally binding obligation. The 888 Group will only ever assume a legally binding obligation where recorded in a written agreement duly executed by the authorized signatories of the relevant 888 Group company. The 888 Group accepts no liability for any personal views expressed in this message. If you are not the intended recipient, please contact the sender by return and destroy all copies of the original message and its attachments. Thank you From merlin_rbs at hotmail.com Sun Jul 30 09:26:18 2017 From: merlin_rbs at hotmail.com (Ryan) Date: Sun, 30 Jul 2017 09:26:18 +0000 Subject: [rancid] Fortigate Cluster uptime Message-ID: Hi All, Sorry to mail this out but I have searched through a number of groups and cant find anything that actually works. I recently upgraded my Fortinet FW cluster and, unfortunately, the config status displays a new line, "Cluster uptime", from the "get system ha status" cli. e.g. !Virtual domains status: 1 in NAT mode, 0 in TP mode !Virtual domain configuration: disable !FIPS-CC mode: disable !Current HA mode: a-p, master - !Cluster uptime: 35 days, 19 hours, 40 minutes, 13 seconds + !Cluster uptime: 35 days, 20 hours, 40 minutes, 13 seconds !Branch point: 1449 !Release Version Information: GA The "Cluster uptime" means that I get an updated FW version mailed to me every hour of the day. I have tried a number of things to resolve this including: 1. I updated the fnrancid file with the below but both attempts failed: sub GetConf { print STDERR " In GetConf: $_" if ($debug); while () { tr/\015//d; next if /^\s*$/; last if (/$prompt/); # System time is fortigate extraction time next if (/^\s*!System time:/); # remove occurrances of conf_file_ver next if (/^#?conf_file_ver=/); # First think I tried #remove occurances of Cluster Uptime next if (/^\s*!Cluster uptime:/); # next thing I tried. #if (/^\s*!Cluster uptime:/) { # ProcessHistory("","","","","","#$_"); # next; #} 2. I tried other options e.g. writing something similar to the cycling password but I am afraid I reached the end of my skillset. 3. Finally I thought my Rancid server is pretty old 2.3.6 so I built a new rancid server (3.3.0) using Ubuntu 16.04 and updated the fnrancid again without success. Two questions if I may: 1. Anyone know how I can ignore the Cluster uptime line? 2. If I move to using the new server is there a way to export the CVS history on the old server and import it on the new? Thanks in advance! Your help is appreciated! Cheers, -------------- next part -------------- An HTML attachment was scrubbed... URL: From heas at shrubbery.net Mon Jul 31 21:24:49 2017 From: heas at shrubbery.net (heasley) Date: Mon, 31 Jul 2017 21:24:49 +0000 Subject: [rancid] Fixed Ciena-ws Rancid 3.6.2 In-Reply-To: <20170731212142.601A18F02F@sea.shrubbery.net> Message-ID: <20170731212449.GB49389@shrubbery.net> Fri, Jul 28, 2017 at 12:50:51PM -0500, Chris Wopat: > I'm not sure what it is. Confirm that it is indeed in the .raw files I > sent you a while back. > > The configuration guide doesn't mention it at all, it does specify > what we already know about > vs #: > > "When a user with super access privileges is logged in, > the CLI prompt for that session contains a # (hash > or pound) character (for example, Waveserver #)." hrm, well, its clearly there. would you try the patch below (or the current alpha)? based on the examples that i have, it ought to work. > On Fri, Jul 28, 2017 at 12:31 PM, heasley wrote: > > Tue, Jul 25, 2017 at 06:53:55PM +0000, heasley: > >> Fri, Jul 21, 2017 at 02:37:08PM -0500, Chris Wopat: > >> > On 07/21/2017 09:22 AM, heasley wrote: > >> > > >> > > great; thanks for testing that. Just addressing that one point, the patch > >> > > is: > >> > > >> > I tested this patch against the stock wavesvros.pm, did not work, it > >> > goes back to 'end of run not found' as it was always doing. > >> > > >> > Keeping that patch in place, I stepped through the changes from Tanner's > >> > patch and find that it works with only one change, the addition of this > >> > line where it is originally stated in context (in sub WriteTerm) > >> > > >> > return (0) if ($found_end == 1) > >> > > >> > I did a test run on several Waveservers it seems to work consistently. I > >> > did not test with a superuser account that would use the # prompt, just > >> > my limited user with > prompt. > >> > >> somehostname-11^>logout > >> > >> can you tell me what the ^ is in that prompt? in 3 of the 5 examples > >> folks have sent to me, the prompt has this ^ in it after the show > >> configuration command has run. This would cause a problem, which is > >> probably easy to fix if i understand the cause. > > > > anyone? Index: lib/wavesvros.pm.in =================================================================== --- lib/wavesvros.pm.in (revision 3720) +++ lib/wavesvros.pm.in (working copy) @@ -65,10 +65,13 @@ while (/[>#]\s*($cmds_regexp)\s*$/) { $cmd = $1; if (!defined($prompt)) { - $prompt = ($_ =~ /^([^>#]+[>#])/)[0]; + $_ =~ /^([^>#*^]+)([*^])?([>#])/; + $prompt = $1; + my($tail) = $3; $prompt =~ s/([][}{)(\\])/\\$1/g; - # prompt changes when config is unsaved - "foo*> " - $prompt =~ s/\*/\\\*/; + # prompt changes when config is unsaved - "foo*> " and may be + # "foo$> " for some unknown reason. + $prompt .= "[*^]?" . $tail . " ?"; print STDERR ("PROMPT MATCH: $prompt\n") if ($debug); } print STDERR ("HIT COMMAND:$_") if ($debug); From heas at shrubbery.net Mon Jul 31 21:47:43 2017 From: heas at shrubbery.net (heasley) Date: Mon, 31 Jul 2017 21:47:43 +0000 Subject: [rancid] Fortigate Cluster uptime In-Reply-To: References: Message-ID: <20170731214743.GE49389@shrubbery.net> Sun, Jul 30, 2017 at 09:26:18AM +0000, Ryan: > Hi All, > > > Sorry to mail this out but I have searched through a number of groups and cant find anything that actually works. I recently upgraded my Fortinet FW cluster and, unfortunately, the config status displays a new line, "Cluster uptime", from the "get system ha status" cli. e.g. > rancid does not use that command. it uses only get system status. is that command including this output now or have you changed your distribution? > !Virtual domains status: 1 in NAT mode, 0 in TP mode > > !Virtual domain configuration: disable > > !FIPS-CC mode: disable > > !Current HA mode: a-p, master > > - !Cluster uptime: 35 days, 19 hours, 40 minutes, 13 seconds > > + !Cluster uptime: 35 days, 20 hours, 40 minutes, 13 seconds > > !Branch point: 1449 > > !Release Version Information: GA > > > The "Cluster uptime" means that I get an updated FW version mailed to me every hour of the day. I have tried a number of things to resolve this including: > > > 1. I updated the fnrancid file with the below but both attempts failed: > > > sub GetConf { > print STDERR " In GetConf: $_" if ($debug); > > while () { > tr/\015//d; > next if /^\s*$/; > last if (/$prompt/); > > # System time is fortigate extraction time > next if (/^\s*!System time:/); > # remove occurrances of conf_file_ver > next if (/^#?conf_file_ver=/); > > > # First think I tried > > #remove occurances of Cluster Uptime > next if (/^\s*!Cluster uptime:/); no !. > > # next thing I tried. > > #if (/^\s*!Cluster uptime:/) { > # ProcessHistory("","","","","","#$_"); > # next; > #} > > > 2. I tried other options e.g. writing something similar to the cycling password but I am afraid I reached the end of my skillset. > > 3. Finally I thought my Rancid server is pretty old 2.3.6 so I built a new rancid server (3.3.0) using Ubuntu 16.04 and updated the fnrancid again without success. > > > Two questions if I may: > > 1. Anyone know how I can ignore the Cluster uptime line? > 2. If I move to using the new server is there a way to export the CVS history on the old server and import it on the new? > > > Thanks in advance! Your help is appreciated! > > > Cheers, > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss From heas at shrubbery.net Mon Jul 31 22:18:59 2017 From: heas at shrubbery.net (heasley) Date: Mon, 31 Jul 2017 22:18:59 +0000 Subject: [rancid] F5 BIG-IP issue In-Reply-To: <57FD84723C05BB4FA3BB5F66AC609F64014DB75D3F@XCH-IL-MB2.888holdings.corp> References: <57FD84723C05BB4FA3BB5F66AC609F64014DB75D3F@XCH-IL-MB2.888holdings.corp> Message-ID: <20170731221859.GH49389@shrubbery.net> Sun, Jul 30, 2017 at 08:31:15AM +0000, Shaun Krok: > Hi Heasley > > We have found a new issue where rancid is unable to collect changes from one of our F5 boxes in a QA environment. > The F5 appliance has just been upgraded to 13.0 of BIG-IP + ASM module > All was fine with the upgrade and rancid > A few days later a new beta product of F5 was installed on the box called AVR (not sure what is does but think it has something to do with IP blocking) > > The problem is now when I run : export NOPIPE=YES && ./f5rancid -d il-f5-pri IL & > I have 2 files created : > 1. il-f5-pri.new > 2. il-f5-pri.raw > > The f5rancid script stops with the following message: Error: TIMEOUT reached and when looking to the .RAW file I see where it stops but do not know how to fix it. > I know it is part of ShowLicence !! > On many of our other sites we have ASM and LTM working fine with Rancid. > This QA box has the following option module installed and this is where I can see it breaking ! > > Any help would be much appreciated ! > > I have tried to use the lates f5rancid file from version 3.6.2 and it also times out in the same place. > > If you require can arrange access so you can debug a living box ! > > Rancid version we are running rancid 3.2.99 is fairly old but very stable ! > > Thank you > > Shaun > > > > Below is a section Time Limited Modules : > ################ > Time Limited Modules > IPI Subscription, 1Yr, 1600|HDJUFUK-LATUGAQ|20170729|20180730|SUBSCRIPTION > ######### > > > ########################################################################################### > Sys::License > Licensed Version 11.2.1 > Registration key BDRZF-OIOWS-GOXXE-UPZYR-KUQNSUW > Licensed On 2014/02/02 > Service Check Date 2017/07/29 > Platform ID C112 > Appliance Serial Number f5-zjxo-xvwn > > Active Modules > ASM, Unlimited (FCUIUEO-IXFFTED) > LTM, Base, 2000S (IOJQRSN-NOZEOWZ) > Application Acceleration Manager, Core > IPV6 Gateway > Rate Shaping > Ram Cache > Anti-Virus Checks > Base Endpoint Security Checks > Firewall Checks > Network Access > Secure Virtual Keyboard > APM, Web Application > Machine Certificate Checks > Protected Workspace > Remote Desktop > App Tunnel > ASM, Unlimited > SSL, 2000S > > Time Limited Modules > IPI Subscription, 1Yr, 1600|HDJUFUK-LATUGAQ|20170729|20180730|SUBSCRIPTION > Error: TIMEOUT reached > > ################################################################################### 3.2.99 i think would be just f5rancid/device type f5; is therefore the command cat /config/bigip.license? I though perhaps it was just being slow or hanging, but seems unlikely with cat. so, i suspect you have modified the base rancid; how so? From cgauthier at comscore.com Mon Jul 31 22:25:40 2017 From: cgauthier at comscore.com (Gauthier, Chris) Date: Mon, 31 Jul 2017 22:25:40 +0000 Subject: [rancid] F5 BIG-IP issue In-Reply-To: <20170731221859.GH49389@shrubbery.net> References: <57FD84723C05BB4FA3BB5F66AC609F64014DB75D3F@XCH-IL-MB2.888holdings.corp> <20170731221859.GH49389@shrubbery.net> Message-ID: <3B98D614-44FB-473C-82ED-56CFFF640657@comscore.com> Chris GauthierSenior Network Engineer | comScore, Inc. o +1 503-331-2704cgauthier at comscore.com 317 SW Alder St, Suite 500 | Portland | OR97204 ............................................................................................................................................................................................................................ On 7/31/17, 3:19 PM, "Rancid-discuss on behalf of heasley" wrote: Sun, Jul 30, 2017 at 08:31:15AM +0000, Shaun Krok: > Hi Heasley > > We have found a new issue where rancid is unable to collect changes from one of our F5 boxes in a QA environment. > The F5 appliance has just been upgraded to 13.0 of BIG-IP + ASM module > All was fine with the upgrade and rancid > A few days later a new beta product of F5 was installed on the box called AVR (not sure what is does but think it has something to do with IP blocking) > > The problem is now when I run : export NOPIPE=YES && ./f5rancid -d il-f5-pri IL & > I have 2 files created : > 1. il-f5-pri.new > 2. il-f5-pri.raw > > The f5rancid script stops with the following message: Error: TIMEOUT reached and when looking to the .RAW file I see where it stops but do not know how to fix it. > I know it is part of ShowLicence !! > On many of our other sites we have ASM and LTM working fine with Rancid. > This QA box has the following option module installed and this is where I can see it breaking ! > > Any help would be much appreciated ! > > I have tried to use the lates f5rancid file from version 3.6.2 and it also times out in the same place. > > If you require can arrange access so you can debug a living box ! > > Rancid version we are running rancid 3.2.99 is fairly old but very stable ! > > Thank you > > Shaun > > > > Below is a section Time Limited Modules : > ################ > Time Limited Modules > IPI Subscription, 1Yr, 1600|HDJUFUK-LATUGAQ|20170729|20180730|SUBSCRIPTION > ######### > > > ########################################################################################### > Sys::License > Licensed Version 11.2.1 > Registration key BDRZF-OIOWS-GOXXE-UPZYR-KUQNSUW > Licensed On 2014/02/02 > Service Check Date 2017/07/29 > Platform ID C112 > Appliance Serial Number f5-zjxo-xvwn > > Active Modules > ASM, Unlimited (FCUIUEO-IXFFTED) > LTM, Base, 2000S (IOJQRSN-NOZEOWZ) > Application Acceleration Manager, Core > IPV6 Gateway > Rate Shaping > Ram Cache > Anti-Virus Checks > Base Endpoint Security Checks > Firewall Checks > Network Access > Secure Virtual Keyboard > APM, Web Application > Machine Certificate Checks > Protected Workspace > Remote Desktop > App Tunnel > ASM, Unlimited > SSL, 2000S > > Time Limited Modules > IPI Subscription, 1Yr, 1600|HDJUFUK-LATUGAQ|20170729|20180730|SUBSCRIPTION > Error: TIMEOUT reached > > ################################################################################### 3.2.99 i think would be just f5rancid/device type f5; is therefore the command cat /config/bigip.license? I though perhaps it was just being slow or hanging, but seems unlikely with cat. so, i suspect you have modified the base rancid; how so? Actually, rancid.types.base shows that ?bigip? as being for F5 versions 11+ and ?f5? being used for versions <=10. So, he is using the correct type in this case. I?m about to consider 13, so it would be good to know about. -------------- next part -------------- An HTML attachment was scrubbed... URL: From heas at shrubbery.net Mon Jul 31 22:56:10 2017 From: heas at shrubbery.net (heasley) Date: Mon, 31 Jul 2017 22:56:10 +0000 Subject: [rancid] F5 BIG-IP issue In-Reply-To: <3B98D614-44FB-473C-82ED-56CFFF640657@comscore.com> References: <57FD84723C05BB4FA3BB5F66AC609F64014DB75D3F@XCH-IL-MB2.888holdings.corp> <20170731221859.GH49389@shrubbery.net> <3B98D614-44FB-473C-82ED-56CFFF640657@comscore.com> Message-ID: <20170731225610.GI49389@shrubbery.net> Mon, Jul 31, 2017 at 10:25:40PM +0000, Gauthier, Chris: > > Rancid version we are running rancid 3.2.99 is fairly old but very stable ! > 3.2.99 i think would be just f5rancid/device type f5; is therefore the > command cat /config/bigip.license? I though perhaps it was just being > slow or hanging, but seems unlikely with cat. so, i suspect you have > modified the base rancid; how so? > > Actually, rancid.types.base shows that ?bigip? as being for F5 versions 11+ and ?f5? being used for versions <=10. So, he is using the correct type in this case. I?m about to consider 13, so it would be good to know about. > he wrote 3.2.99 and i think that bigip didnt appear until 3.5. From merlin_rbs at hotmail.com Mon Jul 31 22:39:40 2017 From: merlin_rbs at hotmail.com (Ryan) Date: Mon, 31 Jul 2017 22:39:40 +0000 Subject: [rancid] Fortigate Cluster uptime In-Reply-To: <20170731214743.GE49389@shrubbery.net> References: , <20170731214743.GE49389@shrubbery.net> Message-ID: Hi, Thanks for the help. "get system status" also produces the line: DCPGFW1 # get system status Current HA mode: a-p, master Cluster uptime: 37 days, 10 hours, 14 minutes, 55 seconds System time: Tue Aug 1 10:35:45 2017 FYI I removed the ! from the line (next if (/^\s*Cluster uptime:/);) but I get a mail with the following: #FIPS-CC mode: disable #Current HA mode: a-p, master - #Cluster uptime: 35 days, 20 hours, 37 minutes, 22 seconds + #Cluster uptime: 37 days, 10 hours, 16 minutes, 50 seconds Thanks again. ________________________________ From: heasley Sent: 31 July 2017 21:47:43 To: Ryan Cc: rancid-discuss at shrubbery.net Subject: Re: [rancid] Fortigate Cluster uptime Sun, Jul 30, 2017 at 09:26:18AM +0000, Ryan: > Hi All, > > > Sorry to mail this out but I have searched through a number of groups and cant find anything that actually works. I recently upgraded my Fortinet FW cluster and, unfortunately, the config status displays a new line, "Cluster uptime", from the "get system ha status" cli. e.g. > rancid does not use that command. it uses only get system status. is that command including this output now or have you changed your distribution? > !Virtual domains status: 1 in NAT mode, 0 in TP mode > > !Virtual domain configuration: disable > > !FIPS-CC mode: disable > > !Current HA mode: a-p, master > > - !Cluster uptime: 35 days, 19 hours, 40 minutes, 13 seconds > > + !Cluster uptime: 35 days, 20 hours, 40 minutes, 13 seconds > > !Branch point: 1449 > > !Release Version Information: GA > > > The "Cluster uptime" means that I get an updated FW version mailed to me every hour of the day. I have tried a number of things to resolve this including: > > > 1. I updated the fnrancid file with the below but both attempts failed: > > > sub GetConf { > print STDERR " In GetConf: $_" if ($debug); > > while () { > tr/\015//d; > next if /^\s*$/; > last if (/$prompt/); > > # System time is fortigate extraction time > next if (/^\s*!System time:/); > # remove occurrances of conf_file_ver > next if (/^#?conf_file_ver=/); > > > # First think I tried > > #remove occurances of Cluster Uptime > next if (/^\s*!Cluster uptime:/); no !. > > # next thing I tried. > > #if (/^\s*!Cluster uptime:/) { > # ProcessHistory("","","","","","#$_"); > # next; > #} > > > 2. I tried other options e.g. writing something similar to the cycling password but I am afraid I reached the end of my skillset. > > 3. Finally I thought my Rancid server is pretty old 2.3.6 so I built a new rancid server (3.3.0) using Ubuntu 16.04 and updated the fnrancid again without success. > > > Two questions if I may: > > 1. Anyone know how I can ignore the Cluster uptime line? > 2. If I move to using the new server is there a way to export the CVS history on the old server and import it on the new? > > > Thanks in advance! Your help is appreciated! > > > Cheers, > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss -------------- next part -------------- An HTML attachment was scrubbed... URL: