<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
  <meta content="text/html;charset=ISO-8859-1" http-equiv="Content-Type">
</head>
<body bgcolor="#ffffff" text="#000000">
Team,<br>
<br>
I am sorry to reopen this old thread but the question I have relates to
this old thread.<br>
Attached 2 rancid login files work fine on newer F5 boxes. However on
old boxes, it prompts for "term type" at the ssh login. I need to
insert logic in the script to answer to this "term type" question.
What's best way to handle it?<br>
<br>
Pass it as an argument like<br>
f5login -t vt100 device-name<br>
<br>
and then catch the variable and add necessary logic for the expect?<br>
<br>
Thanks,<br>
Sam<br>
<blockquote
 cite="mid:45EB285310B55542A513F93230F0A5330115DB4F@EXCHANGE0.orm.omniture.com"
 type="cite">
  <meta http-equiv="Content-Type" content="text/html; ">
  <meta content="MSHTML 6.00.2900.3132" name="GENERATOR">
  <div dir="ltr" align="left"><span class="308284916-17072007"><font
 color="#0000ff" face="Arial" size="2">I have been on vacation for the
last&nbsp;couple of&nbsp;weeks or I would have posted this sooner and possibly
saved some of you a bit of effort.&nbsp;</font></span></div>
  <div dir="ltr" align="left"><span class="308284916-17072007"></span>&nbsp;</div>
  <div dir="ltr" align="left"><span class="308284916-17072007"><font
 color="#0000ff" face="Arial" size="2">It sounds like&nbsp;Lance and
Sam&nbsp;have put together a working f5rancid with&nbsp;basic functionality which
Sam posted last night.&nbsp; I have attached my f5rancid which I have been
running for a few&nbsp;months. &nbsp;Installation instructions are included as
comments in the file.&nbsp; This version uses clogin so that a separate
f5login script is not required.</font></span></div>
  <div dir="ltr" align="left"><span class="308284916-17072007"></span><span
 class="308284916-17072007"></span>&nbsp;</div>
  <div dir="ltr" align="left"><span class="308284916-17072007"><font
 color="#0000ff" face="Arial" size="2">This version&nbsp;formats and
processes the output to make it more usable.&nbsp;&nbsp;As far as what is
captured, I based this on the F5 equivalent of a tech out.&nbsp;&nbsp;It grabs a
copy of all the configuration files, hardware configuration and
software version as well as the timestamps and file sizes for SSL certs
hosted on the device.&nbsp; This facilitates rebuilding from scratch as
quickly as possible if this is ever needed.</font>&nbsp;<font color="#0000ff"
 face="Arial" size="2">&nbsp;</font></span></div>
  <div dir="ltr" align="left"><span class="308284916-17072007"></span><span
 class="308284916-17072007"></span>&nbsp;</div>
  <div dir="ltr" align="left"><span class="308284916-17072007"><font
 color="#0000ff" face="Arial" size="2">I was able to resolve the&nbsp;bug I
mentioned yesterday by increasing the clogin timeout.&nbsp; On&nbsp;a small
number of&nbsp;devices it failed to process the last few commands when
running from cron but always worked properly from the command line on
all devices [making it difficult to track down].&nbsp;&nbsp; I mention this
because it may be an appropriate fix for other intermittent problems
sometimes discussed on this list.</font></span></div>
  <div dir="ltr" align="left"><span class="308284916-17072007"></span>&nbsp;</div>
  <div dir="ltr" align="left"><span class="308284916-17072007"><font
 color="#0000ff" face="Arial" size="2">Any feedback is appreciated.&nbsp; I
hope to get f5 support added to future releases of rancid.&nbsp; </font></span></div>
  <div dir="ltr" align="left"><span class="308284916-17072007"></span>&nbsp;</div>
  <div dir="ltr" align="left"><span class="308284916-17072007"><font
 color="#0000ff" face="Arial" size="2">Thanks,</font></span></div>
  <div dir="ltr" align="left"><span class="308284916-17072007"></span>&nbsp;</div>
  <div dir="ltr" align="left"><span class="308284916-17072007"><font
 color="#0000ff" face="Arial" size="2">Mike</font></span></div>
  <div dir="ltr" align="left"><span class="308284916-17072007"></span>&nbsp;</div>
  <div dir="ltr" align="left"><span class="308284916-17072007"></span>&nbsp;</div>
  <br>
  <div class="OutlookMessageHeader" dir="ltr" align="left" lang="en-us">
  <hr tabindex="-1"><font face="Tahoma" size="2"><b>From:</b> Sam
Munzani [<a class="moz-txt-link-freetext" href="mailto:sam@munzani.com">mailto:sam@munzani.com</a>] <br>
  <b>Sent:</b> Monday, July 16, 2007 7:49 PM<br>
  <b>To:</b> Lance<br>
  <b>Cc:</b> Mike Ashcraft; <a class="moz-txt-link-abbreviated" href="mailto:rancid-discuss@shrubbery.net">rancid-discuss@shrubbery.net</a><br>
  <b>Subject:</b> Re: [rancid] Re: F5 load balancer support<br>
  </font><br>
  </div>
Lance,<br>
  <br>
Thanks a lot for all your help. Pretty much you did all the work while
I watched what you are doing :-)..<br>
  <br>
Attached are cleaned up files. In f5rancid file, I have left some basic
functions(non platform specific) just in case we expand this script to
do a lot more than just "b list" output. In rancid-fe, we defined a new
device type "f5", f5login was copied from clogin and remarked some
"term length" statements we don't need on F5.<br>
  <br>
All 3 files are attached and working great. Please be aware, we are not
parsing anything at all. All its doing is basic function of running "b
list" command and capturing its output. As I expand more on this, I
will be sure to share with the audience here.<br>
  <br>
Again, thanks a lot for all your help today.<br>
  <br>
Regards,<br>
Sam<br>
  <blockquote
 cite="mid:20070716173200.8e114e4890519e5179c192e02d6bca26.b34fb90ffd.wbe@email.secureserver.net"
 type="cite">
    <pre wrap="">I have helped Sam get a working f5rancid which requires a f5login (only
because it doesn't recognize the prompt with a space and exit, unless
you enter a return before the exit). He is cleaning up all the unused
functions and will post it.

Once John H. sends out his script I will look at it and see how it
differs from the one I did with Sam. I will even help Sam get it working
for his setup. We will let you know when it is all working.

-lance

  </pre>
    <blockquote type="cite">
      <pre wrap="">-------- Original Message --------
Subject: [rancid] Re: F5 load balancer support
From: "Mike Ashcraft" <a moz-do-not-send="true"
 class="moz-txt-link-rfc2396E" href="mailto:mashcraft@omniture.com">&lt;mashcraft@omniture.com&gt;</a>
Date: Mon, July 16, 2007 11:48 am
To: <a moz-do-not-send="true" class="moz-txt-link-rfc2396E"
 href="mailto:sam@munzani.com">&lt;sam@munzani.com&gt;</a>
Cc: <a moz-do-not-send="true" class="moz-txt-link-abbreviated"
 href="mailto:rancid-discuss@shrubbery.net">rancid-discuss@shrubbery.net</a>

Sam,
 
I have a working f5rancid that I have been using for a number of months
now.   I have one minor bug related to tracking installed SSL certs
which you probably don't care about.  Other than that, it works great.
 
I did encounter and solve all the problems you have been discussing on
the list.
 
Let me know if you are interested in trying what I have.  I have tested
it with Big-IP 9.1.2.  
 
Mike

________________________________

From: <a moz-do-not-send="true" class="moz-txt-link-abbreviated"
 href="mailto:rancid-discuss-bounces@shrubbery.net">rancid-discuss-bounces@shrubbery.net</a>
[<a moz-do-not-send="true" class="moz-txt-link-freetext"
 href="mailto:rancid-discuss-bounces@shrubbery.net">mailto:rancid-discuss-bounces@shrubbery.net</a>] On Behalf Of Sam Munzani
Sent: Monday, July 16, 2007 10:58 AM
To: <a moz-do-not-send="true" class="moz-txt-link-abbreviated"
 href="mailto:smunzani@comcast.net">smunzani@comcast.net</a>
Cc: <a moz-do-not-send="true" class="moz-txt-link-abbreviated"
 href="mailto:rancid-discuss@shrubbery.net">rancid-discuss@shrubbery.net</a>
Subject: [rancid] Re: F5 load balancer support


BTW, this is what I see in the log when I do rancid-run now. That means
the f5rancid file(hacked copy of rancid) is still missing something.

more nfl.20070716.114842
starting: Mon Jul 16 11:48:42 CDT 2007



Trying to get all of the configs.
test-f5-01: End of run not found
-bash: write: command not found
=====================================
Getting missed routers: round 1.
test-f5-01: End of run not found
-bash: write: command not found
=====================================
Getting missed routers: round 2.
test-f5-01: End of run not found
-bash: write: command not found
=====================================
Getting missed routers: round 3.
test-f5-01: End of run not found
-bash: write: command not found
=====================================
Getting missed routers: round 4.
test-f5-01: End of run not found
-bash: write: command not found

cvs diff: Diffing .
cvs diff: Diffing configs
nfl.20070716.114842 71%starting: Mon Jul 16 11:48:42 CDT 2007



Trying to get all of the configs.
test-f5-01: End of run not found
-bash: write: command not found
=====================================
Getting missed routers: round 1.
test-f5-01: End of run not found
-bash: write: command not found
=====================================
Getting missed routers: round 2.
test-f5-01: End of run not found
-bash: write: command not found
=====================================
Getting missed routers: round 3.
test-f5-01: End of run not found
-bash: write: command not found
=====================================
Getting missed routers: round 4.
test-f5-01: End of run not found
-bash: write: command not found

cvs diff: Diffing .
cvs diff: Diffing configs
cvs diff: cannot find configs/test-f5-01
cvs commit: Examining .
cvs commit: Examining configs
cvs commit: Up-to-date check failed for `configs/test-f5-01'
cvs [commit aborted]: correct above errors first!
ls: test-f5-01: No such file or directory

ending: Mon Jul 16 11:49:41 CDT 2007

Thanks,
Sam


        David,
        
        Thanks a lot for the tip. This worked well. Now f5login goes
much more 
        cleaner and the "root" doesn't set sent again. I still have
other issues 
        where rancid-run is backing up config properly but I am still 
        troubleshooting it.
        
        Now here is a question. What does "bldshgalsjd" mean and how
does it do 
        this miracle?
        
        Thanks,
        Sam
          

                Thanks for this tip, turns out that this is also the
reason the
                username gets entered at a prompt on the cisco IPS
devices. Since it's
                using SSH and therefore doesn't need a username prompt,
solution was
                to simply add in .cloginrc:
                
                add userprompt ids* bldshgalsjd  (&lt;- something that
won't get sent 
                during login)
                
                Regards,
                
                David
                
                On 14/07/07, Lance <a moz-do-not-send="true"
 class="moz-txt-link-rfc2396E" href="mailto:rancid@gheek.net">&lt;rancid@gheek.net&gt;</a>
<a moz-do-not-send="true" class="moz-txt-link-rfc2396E"
 href="mailto:rancid@gheek.net">&lt;mailto:rancid@gheek.net&gt;</a>  wrote:
                    

                        Sam,
                        
                        Have you tried using telnet to login, if the f5
has it enabled.
                        You may also want to set auto enable in your
.cloginrc for this device
                        as it looks to clogin as you are already in a
cisco equivalent equal to
                        enable since your prompt has a # sign in it.
                        
                        Looking at your next email along with this one
it looks like you are
                        already in a cisco equivalent of enable after
you login. f5login seems
                        to be sending your username of root as a command
after you get connected
                        because it sees this line "Last login: Fri Jul
13 14:38:03 2007 from
                        172.24.100.12" and it matches on the word
"Login". See below.
                        
                        "(Username|Login|login|user name):"? yes
                        
                        expect: set expect_out(0,string) "login:"
                        
                        expect: set expect_out(1,string) "login"
                        
                        expect: set expect_out(spawn_id) "exp4"
                        
                        expect: set expect_out(buffer) " \r\nLast
login:"
                        
                        send: sending "root\r" to { exp4 }
                        
                        expect: continuing expect
                        
                        You are just using a Cisco login/parsing script
so it expects prompts
                        from a Cisco device and in this case you have a
*nix SSH banner that
                        gets interrupted. I know you can use RANCID to
backup *nix systems. So
                        it knows how to understand connecting to a *nix
system. You might want
                        to try this email thread which asks about
backing up Linux conifgs.
        
<a moz-do-not-send="true" class="moz-txt-link-rfc2396E"
 href="http://www.shrubbery.net/pipermail/rancid-discuss/2006-August/001649.html">"http://www.shrubbery.net/pipermail/rancid-discuss/2006-August/001649.ht
ml"</a>
<a moz-do-not-send="true" class="moz-txt-link-rfc2396E"
 href="http://www.shrubbery.net/pipermail/rancid-discuss/2006-August/001649.html">&lt;http://www.shrubbery.net/pipermail/rancid-discuss/2006-August/001649.ht
ml&gt;</a>  
                        
                        Or you could modify the existing f5login like
so.
                        
                        I think you have to use the carrot before the ()
to work. I haven't
                        checked this as I am at home and not on a UNIX
system right now. Sorry
                        to lazy to check it out right now. You might
want to uncomment the line
                        below 3. and comment out the line below 2. and
see if that works. This
                        is the only point in the code that I see it look
for login in any line.
                        If that doesn't work send me back the debug and
I will see what I can
                        do. I am sure some people that use expect more
often then I can probably
                        quickly tell you what to use as syntax there.
                        
                        # Figure out prompts
                           set u_prompt [find userprompt $router
                        if { "$u_prompt" == "" } {
                               #1. ORIGINAL
                               #set u_prompt
"^(Username|Login|login|user name):"
                               #2. Modified to read for a line beginning
with 
                        Username,Login,login, or
                        user name.
                               set u_prompt "^(Username|Login|login|user
name):"
                               #3. Modified to read for a line beginning
with Login or login. 
                        but I
                        may be wrong
                               #set u_prompt
"^(Username|^Login|^login|user name):"
                           } else {
                               set u_prompt [join [lindex $u_prompt 0]
""]
                        
                        
                        Let me know if this works for you.
                        
                        -Lance
                        
                              

                                -------- Original Message --------
                                Subject: Re: [rancid]  F5 load balancer
support
                                From: Sam Munzani <a moz-do-not-send="true"
 class="moz-txt-link-rfc2396E" href="mailto:smunzani@comcast.net">&lt;smunzani@comcast.net&gt;</a>
<a moz-do-not-send="true" class="moz-txt-link-rfc2396E"
 href="mailto:smunzani@comcast.net">&lt;mailto:smunzani@comcast.net&gt;</a> 
                                Date: Fri, July 13, 2007 2:30 pm
                                To: Lance <a moz-do-not-send="true" class="moz-txt-link-rfc2396E"
 href="mailto:rancid@gheek.net">&lt;rancid@gheek.net&gt;</a>
<a moz-do-not-send="true" class="moz-txt-link-rfc2396E"
 href="mailto:rancid@gheek.net">&lt;mailto:rancid@gheek.net&gt;</a> 
                                Cc: <a moz-do-not-send="true" class="moz-txt-link-abbreviated"
 href="mailto:rancid-discuss@shrubbery.net">rancid-discuss@shrubbery.net</a>
                                
                                Lance,
                                
                                F5 login works fine with a minor error.
                                
                                $ f5login test-f5-01
                                test-f5-01
                                spawn ssh -c 3des -x -l root test-f5-01
                                Password:
                                Last login: Fri Jul 13 14:26:28 2007
from 172.24.100.12
                                root
                                [root@test-f5-01:Active] config # root
                                -bash: root: command not found
                                [root@test-f5-01:Active] config #
                                [root@test-f5-01:Active] config #
                                [root@test-f5-01:Active] config #
                                
                                I don't know how to debug otherwise I
would turn on debug too. If you
                                can provide some hints on debug, I would
appreciate it.
                                
                                Thanks,
                                Sam
                                        

                                What error(s) do you get when you try to
run your f5rancid?
                                
                                Where does it fail if you debug your
f5login?
                                
                                
                                -lance
                                
                                
                                          

                                -------- Original Message --------
                                Subject: [rancid]  F5 load balancer
support
                                From: Sam Munzani <a moz-do-not-send="true"
 class="moz-txt-link-rfc2396E" href="mailto:smunzani@comcast.net">&lt;smunzani@comcast.net&gt;</a>
<a moz-do-not-send="true" class="moz-txt-link-rfc2396E"
 href="mailto:smunzani@comcast.net">&lt;mailto:smunzani@comcast.net&gt;</a> 
                                Date: Fri, July 13, 2007 12:45 pm
                                To: <a moz-do-not-send="true" class="moz-txt-link-abbreviated"
 href="mailto:rancid-discuss@shrubbery.net">rancid-discuss@shrubbery.net</a>
                                
                                Hi,
                                
                                Did anybody happened to hack one of
Cisco scripts to support 
                                            

                        BigIP F5
                              

                                boxes? It should be pretty simple. All I
want to do is login and
                                            

                                type "b
                                        

                                list" which is equivalent of "show run"
on cisco.
                                
                                However for some reason things not
working. All I did was copied
                                            

                                clogin
                                        

                                to f5login, copied rancid to f5rancid
and added following to
                                            

                                rancid-fe.
                                        

                                elsif ($vendor =~ /^f5$/i)
{ exec('f5rancid', 
                                            

                        $router); }
                              

                                Then modified f5 rancid file and kept
only one command in list of
                                commands "b list".
                                
                                For some reason its not working. I can
post my configs here if
                                            

                                somebody
                                        

                                like to see them.
                                
                                Thanks,
                                Sam
        
_______________________________________________
                                Rancid-discuss mailing list
                                <a moz-do-not-send="true" class="moz-txt-link-abbreviated"
 href="mailto:Rancid-discuss@shrubbery.net">Rancid-discuss@shrubbery.net</a>
        
<a moz-do-not-send="true" class="moz-txt-link-freetext"
 href="http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss">http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss</a>
                                
                                            

                                
                                          

                        _______________________________________________
                        Rancid-discuss mailing list
                        <a moz-do-not-send="true" class="moz-txt-link-abbreviated"
 href="mailto:Rancid-discuss@shrubbery.net">Rancid-discuss@shrubbery.net</a>
        
<a moz-do-not-send="true" class="moz-txt-link-freetext"
 href="http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss">http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss</a>
                        
                              

        
        _______________________________________________
        Rancid-discuss mailing list
        <a moz-do-not-send="true" class="moz-txt-link-abbreviated"
 href="mailto:Rancid-discuss@shrubbery.net">Rancid-discuss@shrubbery.net</a>
        <a moz-do-not-send="true" class="moz-txt-link-freetext"
 href="http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss">http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss</a>&lt;hr&gt;_______________________________________________
Rancid-discuss mailing list
<a moz-do-not-send="true" class="moz-txt-link-abbreviated"
 href="mailto:Rancid-discuss@shrubbery.net">Rancid-discuss@shrubbery.net</a>
<a moz-do-not-send="true" class="moz-txt-link-freetext"
 href="http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss">http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss</a>
    </pre>
    </blockquote>
    <pre wrap=""><!---->
_______________________________________________
Rancid-discuss mailing list
<a moz-do-not-send="true" class="moz-txt-link-abbreviated"
 href="mailto:Rancid-discuss@shrubbery.net">Rancid-discuss@shrubbery.net</a>
<a moz-do-not-send="true" class="moz-txt-link-freetext"
 href="http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss">http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss</a>

  </pre>
  </blockquote>
  <br>
</blockquote>
<br>
</body>
</html>