[rancid] Update configs by an external means

Doug Hughes doug.hughes at keystonenap.com
Wed Oct 4 20:08:46 UTC 2017 

One thing you could do to fit in with rancid's normal mode of operation,
which is basically printing the output using something like
ProcessHistory, is to make have the usual ranci and login files, maybe
snlogin and snrancid, or sfwlogin or whatever. The login file takes care
of logging into the device and executing the commands as usual. You can
usually just copy another login, or maybe even the standard clogin will
work for that.

The rancid file will do something a bit different though. It will still
execute clogin as normal, but you'll have only one subroutine, maybe
called ExportConfig.

@commandtable will have a single line that has the command to execute on
the left as the key and the subroutine on the right as the value.

This is where things diverge from traditional rancid. Instead of the
command generating output that is filtered, you'll be executing your
command export via scp or ftp and storing it in a temporary directory on
your rancid server, probably as the rancid user so that you can clean it
up. Your callback will probably wait until the command is complete, then
mv the file from /tmp into the currenct directory and rename it to
<device>.new.

That's the key. Now that <device>.new is there, rancid can svn commit it
and you get all the behavior that you are accustomed to.


On 10/3/2017 3:54 PM, Kyle Tucker wrote:
> Hi all,
>
> I've had RANCID with Subversion/WebSVN in place for a few years with
> great success for Cisco gear. I am trying to tackle SonicWall firewalls
> with not much success. I've managed to write my own shell/expect script
> the log onto the SonicWalls and ftp the configs back down where I can
> compare the current and previous configs and upon a change, log back on
> and download the exported "exp" image and I like this method. I also was
> able to get the configs initially into RANCID but without a working
> clogin/sonlogin script, updates aren't being seen. I tried to simply
> copy in a $host.new file but that triggered nothing but it was cleaned
> up. Is there a way I can copy the file in or otherwise inject it into
> RANCID so that rancid-run could accept it and trigger the normal actions
> a diff would trigger? Any thoughts or suggestions appreciated.
>
> Thanks in advance.
>
> Kyle
>
> _______________________________________________
> Rancid-discuss mailing list
> Rancid-discuss at shrubbery.net
> http://www.shrubbery.net/mailman/listinfo/rancid-discuss

-- 
Doug Hughes
Keystone NAP
Fairless Hills, PA
1.844.KEYBLOCK (539.2562) 	

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20171004/35350184/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: keystone-nap.png
Type: image/png
Size: 3476 bytes
Desc: not available
URL: <http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20171004/35350184/attachment.png>

More information about the Rancid-discuss mailing list