<div dir="ltr"><div class="gmail_default" style="font-family:trebuchet ms,sans-serif;color:#666666">Ok Thanks, Chris, I will make a note.</div><div class="gmail_default" style="font-family:trebuchet ms,sans-serif;color:#666666"><br></div><div class="gmail_default" style="font-family:trebuchet ms,sans-serif;color:#666666">One more thing, whenever I am pushing changes to Firewalls i am not getting notified through email about changes made but in the case of Cisco, I receive whatever changes are made through email. While in the Firewall I am getting notifications as below every 30 mins.</div><div class="gmail_default" style="font-family:trebuchet ms,sans-serif;color:#666666"><br></div><div class="gmail_default" style="font-family:trebuchet ms,sans-serif;color:#666666"><span class="gmail-im" style="color:rgb(80,0,80)"><span class="gmail-Apple-converted-space"> </span>#wf-private-version: 0<br> #wf-private-release-date: unknown<br> #url-db: paloaltonetworks<br></span>- #wildfire-version: 757373-760822<br>- #wildfire-release-date: 2023/04/06 19:57:32 IST<br>+ #wildfire-version: 757379-760828<br>+ #wildfire-release-date: 2023/04/06 20:27:32 IST<br> #wildfire-rt: Disabled<br>- #url-filtering-version: 20230406.20218<br>+ #url-filtering-version: 20230406.20226<div class="gmail-yj6qo gmail-ajU" style="outline:none;padding:10px 0px;width:22px;margin:2px 0px 0px"></div><br class="gmail-Apple-interchange-newline"></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Thu, 6 Apr 2023 at 18:17, Chris <<a href="mailto:chris.weakland@gmail.com">chris.weakland@gmail.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div class="msg-5860109305518466744"><div lang="EN-US" style="overflow-wrap: break-word;"><div class="m_-5860109305518466744WordSection1"><p class="MsoNormal">I think you can remove step 4, in my experience it should not be needed</p><p class="MsoNormal"><u></u> <u></u></p><p class="MsoNormal">Chris<u></u><u></u></p><p class="MsoNormal"><u></u> <u></u></p><div style="border-right:none;border-bottom:none;border-left:none;border-top:1pt solid rgb(225,225,225);padding:3pt 0in 0in"><p class="MsoNormal" style="border:none;padding:0in"><b>From: </b><a href="mailto:durrani.anwar@gmail.com" target="_blank">Anwar Durrani</a><br><b>Sent: </b>Thursday, April 6, 2023 5:08 AM<br><b>To: </b><a href="mailto:chris.weakland@gmail.com" target="_blank">Chris</a><br><b>Cc: </b><a href="mailto:heas@shrubbery.net" target="_blank">heasley</a>; <a href="mailto:rancid-discuss@www.shrubbery.net" target="_blank">rancid-discuss@www.shrubbery.net</a><br><b>Subject: </b>Re: [rancid] login script for PaloAlto PA850</p></div><p class="MsoNormal"><u></u> <u></u></p><div><div><p class="MsoNormal"><span style="font-family:"Trebuchet MS",sans-serif;color:rgb(102,102,102)">Thanks, Chris for your prompt response.<u></u><u></u></span></p></div><div><p class="MsoNormal"><span style="font-family:"Trebuchet MS",sans-serif;color:rgb(102,102,102)"><u></u> <u></u></span></p></div><div><p class="MsoNormal"><span style="font-family:"Trebuchet MS",sans-serif;color:rgb(102,102,102)">I am putting complete procedure step by step so that every one can easily understand<u></u><u></u></span></p></div><div><p class="MsoNormal"><span style="font-family:"Trebuchet MS",sans-serif;color:rgb(102,102,102)"><u></u> <u></u></span></p></div><div><div><div><p class="MsoNormal" style="line-height:13.5pt;background:rgb(30,30,30)"><span style="font-size:9pt;font-family:"Courier New";color:rgb(212,212,212)">#Configure PaloAlto Firewall on rancid server<u></u><u></u></span></p></div><div><p class="MsoNormal" style="line-height:13.5pt;background:rgb(30,30,30)"><span style="font-size:9pt;font-family:"Courier New";color:rgb(212,212,212)">Rancid Version : 3.13-1 [apt -list | grep rancid]<u></u><u></u></span></p></div><div><p class="MsoNormal" style="line-height:13.5pt;background:rgb(30,30,30)"><span style="font-size:9pt;font-family:"Courier New";color:rgb(212,212,212)">OS Version : Ubuntu 22.04.2 LTS [lsb_release -a]<u></u><u></u></span></p></div><p class="MsoNormal" style="line-height:13.5pt;background:rgb(30,30,30)"><span style="font-size:9pt;font-family:"Courier New";color:rgb(212,212,212)"><u></u> <u></u></span></p><div><p class="MsoNormal" style="line-height:13.5pt;background:rgb(30,30,30)"><span style="font-size:9pt;font-family:"Courier New";color:rgb(103,150,230)">1.</span><span style="font-size:9pt;font-family:"Courier New";color:rgb(212,212,212)"> Make changes in rancid main configuration /etc/rancid/rancid.conf <u></u><u></u></span></p></div><div><p class="MsoNormal" style="line-height:13.5pt;background:rgb(30,30,30)"><span style="font-size:9pt;font-family:"Courier New";color:rgb(212,212,212)"> add firewalls(whatever name you would like to keep) LIST_OF_GROUPS="routers switches waps firewalls"; export LIST_OF_GROUPS<u></u><u></u></span></p></div><p class="MsoNormal" style="line-height:13.5pt;background:rgb(30,30,30)"><span style="font-size:9pt;font-family:"Courier New";color:rgb(212,212,212)"><u></u> <u></u></span></p><div><p class="MsoNormal" style="line-height:13.5pt;background:rgb(30,30,30)"><span style="font-size:9pt;font-family:"Courier New";color:rgb(103,150,230)">2.</span><span style="font-size:9pt;font-family:"Courier New";color:rgb(212,212,212)"> To take effets the changes in configuration run below command but you have to be rancid user first<u></u><u></u></span></p></div><div><p class="MsoNormal" style="line-height:13.5pt;background:rgb(30,30,30)"><span style="font-size:9pt;font-family:"Courier New";color:rgb(212,212,212)"> su - rancid<u></u><u></u></span></p></div><div><p class="MsoNormal" style="line-height:13.5pt;background:rgb(30,30,30)"><span style="font-size:9pt;font-family:"Courier New";color:rgb(212,212,212)"> /usr/lib/rancid/bin/rancid-run<u></u><u></u></span></p></div><p class="MsoNormal" style="line-height:13.5pt;background:rgb(30,30,30)"><span style="font-size:9pt;font-family:"Courier New";color:rgb(212,212,212)"><u></u> <u></u></span></p><div><p class="MsoNormal" style="line-height:13.5pt;background:rgb(30,30,30)"><span style="font-size:9pt;font-family:"Courier New";color:rgb(103,150,230)">3.</span><span style="font-size:9pt;font-family:"Courier New";color:rgb(212,212,212)"> Make change in configuration file and add device<u></u><u></u></span></p></div><div><p class="MsoNormal" style="line-height:13.5pt;background:rgb(30,30,30)"><span style="font-size:9pt;font-family:"Courier New";color:rgb(212,212,212)"> vim /var/lib/rancid/firewalls/router.db<u></u><u></u></span></p></div><p class="MsoNormal" style="line-height:13.5pt;background:rgb(30,30,30)"><span style="font-size:9pt;font-family:"Courier New";color:rgb(212,212,212)"><u></u> <u></u></span></p><div><p class="MsoNormal" style="line-height:13.5pt;background:rgb(30,30,30)"><span style="font-size:9pt;font-family:"Courier New";color:rgb(212,212,212)"> add following line<u></u><u></u></span></p></div><p class="MsoNormal" style="line-height:13.5pt;background:rgb(30,30,30)"><span style="font-size:9pt;font-family:"Courier New";color:rgb(212,212,212)"><u></u> <u></u></span></p><div><p class="MsoNormal" style="line-height:13.5pt;background:rgb(30,30,30)"><span style="font-size:9pt;font-family:"Courier New";color:rgb(212,212,212)"> <a href="http://firewall1.your-domain.com" target="_blank">firewall1.your-domain.com</a>;paloalto;up;<u></u><u></u></span></p></div><p class="MsoNormal" style="line-height:13.5pt;background:rgb(30,30,30)"><span style="font-size:9pt;font-family:"Courier New";color:rgb(212,212,212)"><u></u> <u></u></span></p><div><p class="MsoNormal" style="line-height:13.5pt;background:rgb(30,30,30)"><span style="font-size:9pt;font-family:"Courier New";color:rgb(103,150,230)">4.</span><span style="font-size:9pt;font-family:"Courier New";color:rgb(212,212,212)"> Make changes in <u></u><u></u></span></p></div><div><p class="MsoNormal" style="line-height:13.5pt;background:rgb(30,30,30)"><span style="font-size:9pt;font-family:"Courier New";color:rgb(212,212,212)"> vim /var/lib/rancid/firewalls/routers.up<u></u><u></u></span></p></div><p class="MsoNormal" style="line-height:13.5pt;background:rgb(30,30,30)"><span style="font-size:9pt;font-family:"Courier New";color:rgb(212,212,212)"><u></u> <u></u></span></p><div><p class="MsoNormal" style="line-height:13.5pt;background:rgb(30,30,30)"><span style="font-size:9pt;font-family:"Courier New";color:rgb(212,212,212)"> add below line<u></u><u></u></span></p></div><p class="MsoNormal" style="line-height:13.5pt;background:rgb(30,30,30)"><span style="font-size:9pt;font-family:"Courier New";color:rgb(212,212,212)"><u></u> <u></u></span></p><div><p class="MsoNormal" style="line-height:13.5pt;background:rgb(30,30,30)"><span style="font-size:9pt;font-family:"Courier New";color:rgb(212,212,212)"> <a href="http://firewall1.your-domain.com" target="_blank">firewall1.your-domain.com</a>;paloalto<u></u><u></u></span></p></div><p class="MsoNormal" style="line-height:13.5pt;background:rgb(30,30,30)"><span style="font-size:9pt;font-family:"Courier New";color:rgb(212,212,212)"><u></u> <u></u></span></p><div><p class="MsoNormal" style="line-height:13.5pt;background:rgb(30,30,30)"><span style="font-size:9pt;font-family:"Courier New";color:rgb(103,150,230)">5.</span><span style="font-size:9pt;font-family:"Courier New";color:rgb(212,212,212)"> Make changes in vim /etc/rancid/rancid.types.base<u></u><u></u></span></p></div><p class="MsoNormal" style="line-height:13.5pt;background:rgb(30,30,30)"><span style="font-size:9pt;font-family:"Courier New";color:rgb(212,212,212)"><u></u> <u></u></span></p><div><p class="MsoNormal" style="line-height:13.5pt;background:rgb(30,30,30)"><span style="font-size:9pt;font-family:"Courier New";color:rgb(212,212,212)"> add lines below<u></u><u></u></span></p></div><p class="MsoNormal" style="line-height:13.5pt;background:rgb(30,30,30)"><span style="font-size:9pt;font-family:"Courier New";color:rgb(212,212,212)"><u></u> <u></u></span></p><div><p class="MsoNormal" style="line-height:13.5pt;background:rgb(30,30,30)"><span style="font-size:9pt;font-family:"Courier New";color:rgb(212,212,212)"> paloalto;login;plogin<u></u><u></u></span></p></div><div><p class="MsoNormal" style="line-height:13.5pt;background:rgb(30,30,30)"><span style="font-size:9pt;font-family:"Courier New";color:rgb(212,212,212)"> paloalto;module;panos<u></u><u></u></span></p></div><div><p class="MsoNormal" style="line-height:13.5pt;background:rgb(30,30,30)"><span style="font-size:9pt;font-family:"Courier New";color:rgb(212,212,212)"> paloalto;inloop;panos::inloop<u></u><u></u></span></p></div><div><p class="MsoNormal" style="line-height:13.5pt;background:rgb(30,30,30)"><span style="font-size:9pt;font-family:"Courier New";color:rgb(212,212,212)"> paloalto;command;panos::ShowInfo;show system info<u></u><u></u></span></p></div><div><p class="MsoNormal" style="line-height:13.5pt;background:rgb(30,30,30)"><span style="font-size:9pt;font-family:"Courier New";color:rgb(212,212,212)"> paloalto;command;panos::ShowInventory;show chassis inventory<u></u><u></u></span></p></div><div><p class="MsoNormal" style="line-height:13.5pt;background:rgb(30,30,30)"><span style="font-size:9pt;font-family:"Courier New";color:rgb(212,212,212)"> paloalto;command;panos::ShowConfig;show config merged<u></u><u></u></span></p></div><p class="MsoNormal" style="line-height:13.5pt;background:rgb(30,30,30)"><span style="font-size:9pt;font-family:"Courier New";color:rgb(212,212,212)"><u></u> <u></u></span></p><div><p class="MsoNormal" style="line-height:13.5pt;background:rgb(30,30,30)"><span style="font-size:9pt;font-family:"Courier New";color:rgb(103,150,230)">6.</span><span style="font-size:9pt;font-family:"Courier New";color:rgb(212,212,212)"> Make changes in vim /etc/rancid/rancid.types.conf<u></u><u></u></span></p></div><p class="MsoNormal" style="line-height:13.5pt;background:rgb(30,30,30)"><span style="font-size:9pt;font-family:"Courier New";color:rgb(212,212,212)"><u></u> <u></u></span></p><div><p class="MsoNormal" style="line-height:13.5pt;background:rgb(30,30,30)"><span style="font-size:9pt;font-family:"Courier New";color:rgb(212,212,212)"> </span><b><span style="font-size:9pt;font-family:"Courier New";color:rgb(86,156,214)"># This is for PaloAlto Firewall</span></b><span style="font-size:9pt;font-family:"Courier New";color:rgb(212,212,212)"><u></u><u></u></span></p></div><div><p class="MsoNormal" style="line-height:13.5pt;background:rgb(30,30,30)"><span style="font-size:9pt;font-family:"Courier New";color:rgb(212,212,212)"> paloalto;script;panrancid<u></u><u></u></span></p></div><p class="MsoNormal" style="line-height:13.5pt;background:rgb(30,30,30)"><span style="font-size:9pt;font-family:"Courier New";color:rgb(212,212,212)"><u></u> <u></u></span></p><div><p class="MsoNormal" style="line-height:13.5pt;background:rgb(30,30,30)"><span style="font-size:9pt;font-family:"Courier New";color:rgb(103,150,230)">7.</span><span style="font-size:9pt;font-family:"Courier New";color:rgb(212,212,212)"> Make changes in vim /etc/rancid/rancid.types.conf<u></u><u></u></span></p></div><p class="MsoNormal" style="line-height:13.5pt;background:rgb(30,30,30)"><span style="font-size:9pt;font-family:"Courier New";color:rgb(212,212,212)"><u></u> <u></u></span></p><div><p class="MsoNormal" style="line-height:13.5pt;background:rgb(30,30,30)"><span style="font-size:9pt;font-family:"Courier New";color:rgb(212,212,212)"> add lines as below<u></u><u></u></span></p></div><p class="MsoNormal" style="line-height:13.5pt;background:rgb(30,30,30)"><span style="font-size:9pt;font-family:"Courier New";color:rgb(212,212,212)"><u></u> <u></u></span></p><div><p class="MsoNormal" style="line-height:13.5pt;background:rgb(30,30,30)"><span style="font-size:9pt;font-family:"Courier New";color:rgb(212,212,212)"> </span><b><span style="font-size:9pt;font-family:"Courier New";color:rgb(86,156,214)"># This is for PaloAlto Firewall</span></b><span style="font-size:9pt;font-family:"Courier New";color:rgb(212,212,212)"><u></u><u></u></span></p></div><div><p class="MsoNormal" style="line-height:13.5pt;background:rgb(30,30,30)"><span style="font-size:9pt;font-family:"Courier New";color:rgb(212,212,212)"> paloalto;script;panrancid<u></u><u></u></span></p></div><p class="MsoNormal" style="line-height:13.5pt;background:rgb(30,30,30)"><span style="font-size:9pt;font-family:"Courier New";color:rgb(212,212,212)"><u></u> <u></u></span></p><div><p class="MsoNormal" style="line-height:13.5pt;background:rgb(30,30,30)"><span style="font-size:9pt;font-family:"Courier New";color:rgb(103,150,230)">8.</span><span style="font-size:9pt;font-family:"Courier New";color:rgb(212,212,212)"> Enable email configuration<u></u><u></u></span></p></div><p class="MsoNormal" style="line-height:13.5pt;background:rgb(30,30,30)"><span style="font-size:9pt;font-family:"Courier New";color:rgb(212,212,212)"><u></u> <u></u></span></p><div><p class="MsoNormal" style="line-height:13.5pt;background:rgb(30,30,30)"><span style="font-size:9pt;font-family:"Courier New";color:rgb(212,212,212)"> vim /etc/aliases<u></u><u></u></span></p></div><p class="MsoNormal" style="line-height:13.5pt;background:rgb(30,30,30)"><span style="font-size:9pt;font-family:"Courier New";color:rgb(212,212,212)"><u></u> <u></u></span></p><div><p class="MsoNormal" style="line-height:13.5pt;background:rgb(30,30,30)"><span style="font-size:9pt;font-family:"Courier New";color:rgb(212,212,212)"> add lines below <u></u><u></u></span></p></div><p class="MsoNormal" style="line-height:13.5pt;background:rgb(30,30,30)"><span style="font-size:9pt;font-family:"Courier New";color:rgb(212,212,212)"><u></u> <u></u></span></p><div><p class="MsoNormal" style="line-height:13.5pt;background:rgb(30,30,30)"><span style="font-size:9pt;font-family:"Courier New";color:rgb(212,212,212)"> rancid-firewalls: <a href="mailto:infra-alerts@your-domain.com" target="_blank">infra-alerts@your-domain.com</a><u></u><u></u></span></p></div><div><p class="MsoNormal" style="line-height:13.5pt;background:rgb(30,30,30)"><span style="font-size:9pt;font-family:"Courier New";color:rgb(212,212,212)"> rancid-firewalls-admin: <a href="mailto:infra-alerts@your-domain.com" target="_blank">infra-alerts@your-domain.com</a> <u></u><u></u></span></p></div><p class="MsoNormal" style="line-height:13.5pt;background:rgb(30,30,30)"><span style="font-size:9pt;font-family:"Courier New";color:rgb(212,212,212)"><u></u> <u></u></span></p><div><p class="MsoNormal" style="line-height:13.5pt;background:rgb(30,30,30)"><span style="font-size:9pt;font-family:"Courier New";color:rgb(212,212,212)"> </span><b><span style="font-size:9pt;font-family:"Courier New";color:rgb(86,156,214)"># Run below command to take into effect</span></b><span style="font-size:9pt;font-family:"Courier New";color:rgb(212,212,212)"><u></u><u></u></span></p></div><div><p class="MsoNormal" style="line-height:13.5pt;background:rgb(30,30,30)"><span style="font-size:9pt;font-family:"Courier New";color:rgb(212,212,212)"> newaliases<u></u><u></u></span></p></div><p class="MsoNormal" style="line-height:13.5pt;background:rgb(30,30,30)"><span style="font-size:9pt;font-family:"Courier New";color:rgb(212,212,212)"><u></u> <u></u></span></p><div><p class="MsoNormal" style="line-height:13.5pt;background:rgb(30,30,30)"><b><span style="font-size:9pt;font-family:"Courier New";color:rgb(86,156,214)"># You Must have panos, panrancid & plogin files present under /var/lib/rancid/bin</span></b><span style="font-size:9pt;font-family:"Courier New";color:rgb(212,212,212)"><u></u><u></u></span></p></div></div></div></div><p class="MsoNormal"><u></u> <u></u></p><div><div><p class="MsoNormal">On Thu, 6 Apr 2023 at 03:49, Chris <<a href="mailto:chris.weakland@gmail.com" target="_blank">chris.weakland@gmail.com</a>> wrote:</p></div><blockquote style="border-top:none;border-right:none;border-bottom:none;border-left:1pt solid rgb(204,204,204);padding:0in 0in 0in 6pt;margin-left:4.8pt;margin-right:0in"><div><div><div><p class="MsoNormal">Just wanted to add for the benefit of all, I like to edit my etc/rancid.types.conf and add a new “type”. Here is what the additional lines look like:</p><p class="MsoNormal"> </p><p class="MsoNormal">paloaltofw;script;rancid -t paloaltofw</p><p class="MsoNormal">paloaltofw;login;panlogin</p><p class="MsoNormal">paloaltofw;module;panos</p><p class="MsoNormal">paloaltofw;inloop;panos::inloop</p><p class="MsoNormal">paloaltofw;command;panos::ShowInfo;show system info</p><p class="MsoNormal">paloaltofw;command;panos::ShowInventory;show chassis inventory</p><p class="MsoNormal">paloaltofw;command;rancid::RunCommand;set cli config-output-format set</p><p class="MsoNormal">paloaltofw;command;rancid::RunCommand;configure</p><p class="MsoNormal">paloaltofw;command;panos::ShowConfig;show</p><p class="MsoNormal"> </p><p class="MsoNormal">This gives you a more human readable configuration.</p><p class="MsoNormal"> </p><p class="MsoNormal">In your router.db you would need to add:</p><p class="MsoNormal"> </p><p class="MsoNormal"><a href="http://Firewall1.yourdomain.com" target="_blank">Firewall1.yourdomain.com</a>;paloaltofw;up</p><p class="MsoNormal"> </p><p class="MsoNormal">Chris</p><p class="MsoNormal"> </p><div style="border-right:none;border-bottom:none;border-left:none;border-top:1pt solid rgb(225,225,225);padding:3pt 0in 0in"><p class="MsoNormal"><b>From: </b><a href="mailto:heas@shrubbery.net" target="_blank">heasley</a><br><b>Sent: </b>Wednesday, April 5, 2023 4:03 PM<br><b>To: </b><a href="mailto:chris.weakland@gmail.com" target="_blank">Chris Weakland</a><br><b>Cc: </b><a href="mailto:durrani.anwar@gmail.com" target="_blank">Anwar Durrani</a>; <a href="mailto:rancid-discuss@www.shrubbery.net" target="_blank">rancid-discuss@www.shrubbery.net</a><br><b>Subject: </b>Re: [rancid] login script for PaloAlto PA850</p></div><p class="MsoNormal"> </p><p class="MsoNormal">Wed, Apr 05, 2023 at 07:21:17AM -0400, Chris Weakland:</p><p class="MsoNormal">> Palo Alto support has bee. built into Rancid for some time, no need for any</p><p class="MsoNormal">additional scripts. The device type is: paloalto</p><p class="MsoNormal"> </p><p class="MsoNormal">indeed; there is also device type paloaltoxml for the xml config.</p><p class="MsoNormal"> </p><p class="MsoNormal">> Your router.db looks incorrect, it should be:</p><p class="MsoNormal">> </p><p class="MsoNormal">> <a href="http://Firewall1.yourdomain.com" target="_blank">Firewall1.yourdomain.com</a>;paloalto;up</p><p class="MsoNormal"> </p><p class="MsoNormal">to be pedantic, additional fields are simply ignored.</p><p class="MsoNormal"> </p></div></div></div></blockquote></div><p class="MsoNormal"><br clear="all"></p><div><p class="MsoNormal"><u></u> <u></u></p></div><p class="MsoNormal"><span class="m_-5860109305518466744gmailsignatureprefix">-- </span></p><div><div><div><div><p class="MsoNormal">Thanks & regards,<br>Anwar M. Durrani</p><div><p class="MsoNormal">+91-9923205011<a name="m_-5860109305518466744_SignatureSanitizer_SafeHtmlFilter_UNIQUE"></a></p></div></div></div></div></div><p class="MsoNormal"><u></u> <u></u></p><p class="MsoNormal"><u></u> <u></u></p></div></div>
</div></blockquote></div><br clear="all"><div><br></div><span class="gmail_signature_prefix">-- </span><br><div dir="ltr" class="gmail_signature"><div dir="ltr"><div><div dir="ltr">Thanks & regards,<br>Anwar M. Durrani<div>+91-9923205011<br><a href="http://in.linkedin.com/pub/anwar-durrani/20/b55/60b" title="View public profile" name="SignatureSanitizer_SafeHtmlFilter_UNIQUE_ID_SafeHtmlFilter_SafeHtmlFilter_webProfileURL" target="_blank"></a><dl><dd><p>
</p>
</dd></dl><br></div></div></div></div></div>