Discussion:
[rancid] ASA line indentation
David Croft
2007-08-13 14:19:26 UTC
Permalink
I have a weird problem with the Cisco ASA 5540. For some reason, the
indentation of various lines of the config keeps changing. This only
seems to happen when I actually change the config - I change one line
in the config, and then a load of extra bogus diffs appear that are
just indentation changes.

For example, in the config below, the only genuine change I made was
to add dns-guard, but lots of extra diffs appear.

It doesn't cause any extra mails to be sent, since it does only happen
when I do change something, but it does show a load of spurious diffs.

Has anyone else found this and is there a way to work around this in
rancid - for example by removing all leading spaces from every line
before storing it in CVS?

Regards,

David


Index: configs/fw01-active.x.x.net.uk
===================================================================
retrieving revision 1.87
diff -u -4 -r1.87 fw01-active.x.x.net.uk
@@ -67,8 +67,9 @@
hostname fw01
domain-name x.x.net.uk
enable password x encrypted
names
+ dns-guard
!
interface GigabitEthernet0/0
description to core routers via vlan 5 on distribution switches
speed 1000
@@ -82,10 +83,10 @@
description to distribution switches via vlan 6
speed 1000
duplex full
nameif inside
- security-level 50
- ip address x 255.255.255.248 standby x
+ security-level 50
+ ip address x 255.255.255.248 standby x
ospf cost 10
!
interface GigabitEthernet0/2
speed 1000
@@ -105,10 +106,10 @@
!
interface Management0/0
speed 100
duplex full
- nameif management
- security-level 100
+ nameif management
+ security-level 100
ip address 192.168.0.1 255.255.255.0 standby 192.168.0.199
ospf cost 10
ospf network point-to-point non-broadcast
management-only
@@ -128,10 +129,10 @@
description to noc 3560
speed 1000
duplex full
nameif inside-noc
- security-level 100
- no ip address
+ security-level 100
+ no ip address
!
interface GigabitEthernet1/3
shutdown
no nameif
@@ -221,9 +222,9 @@
area 0
log-adj-changes
!
router eigrp 1
- no auto-summary
+ no auto-summary
neighbor x interface inside
neighbor x interface inside
network x 255.255.255.248
!
@@ -266,10 +267,10 @@
sysopt noproxyarp inside-noc
sla monitor 1
type echo protocol ipIcmpEcho x interface outside
timeout 2000
- threshold 4000
- frequency 5
+ threshold 4000
+ frequency 5
sla monitor schedule 1 life forever start-time now
sla monitor 2
type echo protocol ipIcmpEcho x interface outside
timeout 2000
@@ -357,6 +358,6 @@
tunnel-group Remote-Staff ipsec-attributes
pre-shared-key *
smtp-server x x
prompt hostname context
- Cryptochecksum:9ada600f57fb6994832ba5bcef07562b
+ Cryptochecksum:db711fa252d3a044ca708fc6099a8af2
: end
Lance
2007-08-13 17:39:34 UTC
Permalink
David,

Funky I have no such issue here. try doing a cat -vet on your file and
then look back 1 revision and pipe it to cat -vet too.

If you use CVS, you can get the previous revision like so. Assuming you
are using the defaults the CVS would be in the RANCID home dir and under
var/CVS. :)

cvs diff -r $previous-revision -r $current-revision $router-switch

-Lance
-------- Original Message --------
Subject: [rancid] ASA line indentation
Date: Mon, August 13, 2007 7:19 am
I have a weird problem with the Cisco ASA 5540. For some reason, the
indentation of various lines of the config keeps changing. This only
seems to happen when I actually change the config - I change one line
in the config, and then a load of extra bogus diffs appear that are
just indentation changes.
For example, in the config below, the only genuine change I made was
to add dns-guard, but lots of extra diffs appear.
It doesn't cause any extra mails to be sent, since it does only happen
when I do change something, but it does show a load of spurious diffs.
Has anyone else found this and is there a way to work around this in
rancid - for example by removing all leading spaces from every line
before storing it in CVS?
Regards,
David
Index: configs/fw01-active.x.x.net.uk
===================================================================
retrieving revision 1.87
diff -u -4 -r1.87 fw01-active.x.x.net.uk
@@ -67,8 +67,9 @@
hostname fw01
domain-name x.x.net.uk
enable password x encrypted
names
+ dns-guard
!
interface GigabitEthernet0/0
description to core routers via vlan 5 on distribution switches
speed 1000
@@ -82,10 +83,10 @@
description to distribution switches via vlan 6
speed 1000
duplex full
nameif inside
- security-level 50
- ip address x 255.255.255.248 standby x
+ security-level 50
+ ip address x 255.255.255.248 standby x
ospf cost 10
!
interface GigabitEthernet0/2
speed 1000
@@ -105,10 +106,10 @@
!
interface Management0/0
speed 100
duplex full
- nameif management
- security-level 100
+ nameif management
+ security-level 100
ip address 192.168.0.1 255.255.255.0 standby 192.168.0.199
ospf cost 10
ospf network point-to-point non-broadcast
management-only
@@ -128,10 +129,10 @@
description to noc 3560
speed 1000
duplex full
nameif inside-noc
- security-level 100
- no ip address
+ security-level 100
+ no ip address
!
interface GigabitEthernet1/3
shutdown
no nameif
@@ -221,9 +222,9 @@
area 0
log-adj-changes
!
router eigrp 1
- no auto-summary
+ no auto-summary
neighbor x interface inside
neighbor x interface inside
network x 255.255.255.248
!
@@ -266,10 +267,10 @@
sysopt noproxyarp inside-noc
sla monitor 1
type echo protocol ipIcmpEcho x interface outside
timeout 2000
- threshold 4000
- frequency 5
+ threshold 4000
+ frequency 5
sla monitor schedule 1 life forever start-time now
sla monitor 2
type echo protocol ipIcmpEcho x interface outside
timeout 2000
@@ -357,6 +358,6 @@
tunnel-group Remote-Staff ipsec-attributes
pre-shared-key *
smtp-server x x
prompt hostname context
- Cryptochecksum:9ada600f57fb6994832ba5bcef07562b
+ Cryptochecksum:db711fa252d3a044ca708fc6099a8af2
: end
_______________________________________________
Rancid-discuss mailing list
http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
john heasley
2007-08-13 17:57:16 UTC
Permalink
Post by Lance
David,
Funky I have no such issue here. try doing a cat -vet on your file and
then look back 1 revision and pipe it to cat -vet too.
agreed. either the box is doing this, or this screen manipulation junk
or some botch with handling the box's pager. does the pager get disabled
on this platform?
Post by Lance
If you use CVS, you can get the previous revision like so. Assuming you
are using the defaults the CVS would be in the RANCID home dir and under
var/CVS. :)
cvs diff -r $previous-revision -r $current-revision $router-switch
-Lance
-------- Original Message --------
Subject: [rancid] ASA line indentation
Date: Mon, August 13, 2007 7:19 am
I have a weird problem with the Cisco ASA 5540. For some reason, the
indentation of various lines of the config keeps changing. This only
seems to happen when I actually change the config - I change one line
in the config, and then a load of extra bogus diffs appear that are
just indentation changes.
For example, in the config below, the only genuine change I made was
to add dns-guard, but lots of extra diffs appear.
It doesn't cause any extra mails to be sent, since it does only happen
when I do change something, but it does show a load of spurious diffs.
Has anyone else found this and is there a way to work around this in
rancid - for example by removing all leading spaces from every line
before storing it in CVS?
Regards,
David
Index: configs/fw01-active.x.x.net.uk
===================================================================
retrieving revision 1.87
diff -u -4 -r1.87 fw01-active.x.x.net.uk
@@ -67,8 +67,9 @@
hostname fw01
domain-name x.x.net.uk
enable password x encrypted
names
+ dns-guard
!
interface GigabitEthernet0/0
description to core routers via vlan 5 on distribution switches
speed 1000
@@ -82,10 +83,10 @@
description to distribution switches via vlan 6
speed 1000
duplex full
nameif inside
- security-level 50
- ip address x 255.255.255.248 standby x
+ security-level 50
+ ip address x 255.255.255.248 standby x
ospf cost 10
!
interface GigabitEthernet0/2
speed 1000
@@ -105,10 +106,10 @@
!
interface Management0/0
speed 100
duplex full
- nameif management
- security-level 100
+ nameif management
+ security-level 100
ip address 192.168.0.1 255.255.255.0 standby 192.168.0.199
ospf cost 10
ospf network point-to-point non-broadcast
management-only
@@ -128,10 +129,10 @@
description to noc 3560
speed 1000
duplex full
nameif inside-noc
- security-level 100
- no ip address
+ security-level 100
+ no ip address
!
interface GigabitEthernet1/3
shutdown
no nameif
@@ -221,9 +222,9 @@
area 0
log-adj-changes
!
router eigrp 1
- no auto-summary
+ no auto-summary
neighbor x interface inside
neighbor x interface inside
network x 255.255.255.248
!
@@ -266,10 +267,10 @@
sysopt noproxyarp inside-noc
sla monitor 1
type echo protocol ipIcmpEcho x interface outside
timeout 2000
- threshold 4000
- frequency 5
+ threshold 4000
+ frequency 5
sla monitor schedule 1 life forever start-time now
sla monitor 2
type echo protocol ipIcmpEcho x interface outside
timeout 2000
@@ -357,6 +358,6 @@
tunnel-group Remote-Staff ipsec-attributes
pre-shared-key *
smtp-server x x
prompt hostname context
- Cryptochecksum:9ada600f57fb6994832ba5bcef07562b
+ Cryptochecksum:db711fa252d3a044ca708fc6099a8af2
: end
_______________________________________________
Rancid-discuss mailing list
http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
_______________________________________________
Rancid-discuss mailing list
http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
Loading...