[rancid] Watchguard xml file

Mon Jul 8 20:12:11 UTC 2019

Wed, Jul 03, 2019 at 06:49:20PM +0000, Wayne Eisenberg:
> -----Original Message-----
> From: 'john heasley' <heas at shrubbery.net> 
> Sent: Wednesday, July 03, 2019 1:41 PM
> To: Wayne Eisenberg <Wayne.Eisenberg at CarolinasIT.com>
> Cc: 'john heasley' <heas at shrubbery.net>; 'rancid-discuss at shrubbery.net' <rancid-discuss at shrubbery.net>
> Subject: Re: [rancid] Watchguard xml file
> 
> 
> >> However, in the xtm.pm module, line 102 defines it again. 
> 
> >i'm not familiar with this device, but redefining (or refining) the prompt is normal.  the filter functions and login scripts begin with something loose, and once it sees the prompt, it can be refined to be more precise, and >may later further refine it (eg: in run_commands) to match the prompt when/if it changes in config or other modes that are platform dependent.
> 
> Ah, if I only had that skill.
> 
> >> -----------
> >> while (/\s*($cmds_regexp)\s*$/) {
> >> 	    $cmd = $1;
> >> 	    $prompt = ">>";
>                ^^^^^^^^^^^^ this is probably a mistake; should be part of the while() regex.  I suspect it might be here because the author could not make the regex below match correctly.
> 
> >> 	    if (!defined($prompt)) {
> >> 		$prompt = ($_ =~ /^([^>]+>)/)[0];
> >> 		$prompt =~ s/([][}{)(\\])/\\$1/g;
> >> 		print STDERR ("PROMPT MATCH: $prompt\n") if ($debug);
> >> 	    }
> >> -----------
> >> Once you get to the sub ShowConfiguration section, on line 199 if it sees the prompt, end. Guess what? The "#" character is inside the config (there is some html code in one of the xml sections) and that is where the config ends.
> 
> >seems that the prompt is ">>".
> 
> Yes, in this example. I wanted to show the original file, not something that I modded. In my current version, the line is
> $prompt = ">>|#"
> which works, but causes the problem of the config getting truncated because it sees "#" as the prompt. The $prompt should either be the entire thing or some string that ends in #.

yes, this is why it refines the prompt match to be the complete thing, but
it has to see one before it can extract it.  and your inloop set is at the
top of the loop, so it never refines it to be the whole prompt.

> >> -----------
> >> sub ShowConfiguration {
> >>     my($INPUT, $OUTPUT, $cmd) = @_;
> >>     my($lines) = 0;
> >>     my($snmp) = 0;
> >>     print STDERR "    In ShowConfiguration: $_" if ($debug);
> >>     # We don't care about password filtering as passwords are hashed
> >>     # So don't use this if you need it (or develop the functionality).
> >>     if ($filter_pwds >= 1){
> >>         print STDERR "WARNING: Password filtering isn't implemented yet!\n";
> >>         print STDERR "Either disable password filtering in rancid.conf";
> >>         print STDERR " or don't use this plugin.\n";
> >>     }
> >>     s/^[a-z]+@//;
> >>     ProcessHistory("","","","# $_");
> >>     while (<$INPUT>) {
> >> 	tr/\015//d;
> >> 	next if (/^\s*$/);
> >> 	# end of config - hopefully.
> >> 	# end-of-config tag.  appears to end with "\nPROMPT:~$".
> >> 	if (/$prompt/) {
> >> 	    $found_end++;
> >> 	    last;
> >> 	}
> >> -----------
> >> 
> >> So I'm thinking if I can figure out a different way to define the prompt to be more than just the # sign (at least in the xtm.pm), that should do the trick? Can you do something like $prompt = "#$" ?

it has to be as a set (regex or glob), like; [#$].  but that is a single
atom; if your prompt is or may be ">>", then you likely need to use a
group atom, like (>>|#).

> >its better to anchor it and have it be as complete as reasonable.  eg:
> >not #
> >not hostname#
> >but ^hostname#
> 
> >look at ios.pm.
> 
> Looking, but I don't see anywhere that it defines the prompt. It uses it a lot, but doesn't define it.

its starts with [>#] in the while() (and exit match); then refines it to be
a match the entire prompt with regex atoms escaped in the
if(!defined($prompt)).  after that, it anchors the prompt match when
appropiate; /^$prompt/.

you should do similarly for this watchguard device.  I suspect that you can
just steal the ios.pm inloop() and modify the initial prompt matching.  It
could be kinkier, but it is a good starting point.

i think i;ve answered everything.