James E. Shride
2013-06-24 21:32:19 UTC
Yes,
The spam is config changes. It's the same few config changes we made days ago but it's still being promptly sent out hourly.
-----Original Message-----
From: rancid-discuss-***@shrubbery.net [mailto:rancid-discuss-***@shrubbery.net] On Behalf Of rancid-discuss-***@shrubbery.net
Sent: Monday, June 24, 2013 5:26 PM
To: rancid-***@shrubbery.net
Subject: Rancid-discuss Digest, Vol 32, Issue 4
Send Rancid-discuss mailing list submissions to
rancid-***@shrubbery.net
To subscribe or unsubscribe via the World Wide Web, visit
http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
or, via email, send a message with subject or body 'help' to
rancid-discuss-***@shrubbery.net
You can reach the person managing the list at
rancid-discuss-***@shrubbery.net
When replying, please edit your Subject line so it is more specific
than "Re: Contents of Rancid-discuss digest..."
Today's Topics:
1. Re: Checking for root (heasley)
2. Re: End of run not found on telnet (Paul Gear)
3. Re: End of run not found on telnet (Polanski, Gregory)
4. Support for the Cisco SF300 (Remy van Elst)
5. Re: Support for the Cisco SF300 (Alan McKinnon)
6. Limit commands run for GSR (Alan McKinnon)
7. Re: Limit commands run for GSR (Peter Jackson)
8. Re: Support for the Cisco SF300 (Nicolas DEFFAYET)
9. Rancid CVS Problem (Harshal Patil)
10. ignoring flash memory changes (Saulo Zimbaro)
11. Re: ignoring flash memory changes (Alan McKinnon)
12. Re: Limit commands run for GSR (Alan McKinnon)
13. Re: Limit commands run for GSR (Peter Jackson)
14. Help for total Rancid Newb / Linux Newb? (James Shride)
15. Re: Help for total Rancid Newb / Linux Newb? (Ryan West)
16. Allied Telesyn and Rancid (Wiethoff, Helge)
17. cpu info missing from sup-2t (Per-Olof Olsson)
18. Re: Help for total Rancid Newb / Linux Newb? (Alan McKinnon)
19. Error handler for Cisco switches in rancid. (Per-Olof Olsson)
20. proper way to delete or remove a group using a subversion
repository (Hinote, Scotty (MSFC-IS40)[NICS])
----------------------------------------------------------------------
Message: 1
Date: Tue, 11 Jun 2013 00:23:32 +0000
From: heasley <***@shrubbery.net>
To: Aaron Dudek <***@gmail.com>
Cc: "rancid-***@shrubbery.net" <rancid-***@shrubbery.net>
Subject: Re: [rancid] Checking for root
Message-ID: <***@shrubbery.net>
Content-Type: text/plain; charset=us-ascii
but existing installations would not otherwise.
forward-thinking admin [or package maintainer] thinks to enable it; it
won't help noobs setting RANCID working on their own.
so, ./configure --noobpid ?
how about just adding the check to rancid.conf? that affects everything
that
reads it, the check can be customized (like adding a timer), or completely
disabled w/o an arg/etc.
Rancid-discuss mailing list
http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
------------------------------
Message: 2
Date: Thu, 13 Jun 2013 08:43:57 +1000
From: Paul Gear <***@gear.dyndns.org>
To: rancid-***@shrubbery.net
Subject: Re: [rancid] End of run not found on telnet
Message-ID: <kpatjb$k33$***@ger.gmane.org>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
I've seen similar things when autoenable was set to the wrong value.
Regards,
Paul
------------------------------
Message: 3
Date: Wed, 12 Jun 2013 23:19:03 +0000
From: "Polanski, Gregory" <***@Virteva.com>
To: "rancid-***@shrubbery.net" <rancid-***@shrubbery.net>
Subject: Re: [rancid] End of run not found on telnet
Message-ID:
<***@VRTW8EXC01.corp.int>
Content-Type: text/plain; charset="us-ascii"
Folks
Check the login and motd banner. If there is a '#' in the banner, it will suppress the enable commands and the produce the errors that you are seeing.
This debug sequence has been helpful to me
sudo login -f rancid
As user rancid
source /etc/rancid/rancid.conf
NOPIPE=yes;export NOPIPE
rancid -d switchname
Look for *.new and *.raw in the directory
Regards
Greg
-----Original Message-----
From: rancid-discuss-***@shrubbery.net [mailto:rancid-discuss-***@shrubbery.net] On Behalf Of Paul Gear
Sent: Wednesday, June 12, 2013 5:44 PM
To: rancid-***@shrubbery.net
Subject: Re: [rancid] End of run not found on telnet
I've seen similar things when autoenable was set to the wrong value.
Regards,
Paul
_______________________________________________
Rancid-discuss mailing list
Rancid-***@shrubbery.net
http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
------------------------------
Message: 4
Date: Mon, 17 Jun 2013 07:10:20 +0200
From: Remy van Elst <***@relst.nl>
To: <rancid-***@shrubbery.net>
Subject: [rancid] Support for the Cisco SF300
Message-ID: <CDE466DC.378CA%***@relst.nl>
Content-Type: text/plain; charset="US-ASCII"
Howdy,
Does RANCID supports the Cisco SF300 SMB switches? The regular 'cisco' and
the 'cisco-sb' (from
http://chrpinedo.blogspot.nl/2012/03/cisco-small-business-sg300-backup-with
.html) give me an empty file in the cvs, while direct logging in on the
switch and doing a sho ru (after enable) works just fine.
Any tips or help?
------------------------------
Message: 5
Date: Mon, 17 Jun 2013 16:38:50 +0200
From: Alan McKinnon <***@gmail.com>
To: rancid-***@shrubbery.net
Subject: Re: [rancid] Support for the Cisco SF300
Message-ID: <***@gmail.com>
Content-Type: text/plain; charset=ISO-8859-1
- password, username and method correct in ~/.cloginrc
- No ">" and "#" chars in banner
- prompt is sane (ends in # when enabled)
- does clogin <hostname> work and enable the user?
- what's in the logs?
- "rancid -d <hostname>" leaves a .new file in . that often contains clues
--
Alan McKinnon
***@gmail.com
------------------------------
Message: 6
Date: Mon, 17 Jun 2013 21:21:55 +0200
From: Alan McKinnon <***@gmail.com>
To: rancid-***@shrubbery.net
Subject: [rancid] Limit commands run for GSR
Message-ID: <***@gmail.com>
Content-Type: text/plain; charset=ISO-8859-1
Hi,
Our provider edge runs on GSR 12's and they carry a hefty config. NetOps
complain that rancid noticeably spikes the cpu load [1] when it runs
these 4 (essentially the same) commands.
{'more system:running-config' => 'WriteTerm'}, # ASA/PIX
{ running-config view full'=> 'WriteTerm'}, # workaround for
{'show running-config' => 'WriteTerm'},
{'write term' => 'WriteTerm'},
I got it under control easily by forking rancid to a gsrrancid script
and removing the bits I don't want from @commandtable.
I'd rather not do it this way, I'd like to have this in the rancid
parser. But I can't figure a way to modify @commandtable at runtime
based on chassis/OS type.
Ideas?
[1] It's a legit complaint, not a fiction of a NetOps engineer's
imagination. On every other chassis I can ignore the effects rancid
causes, but not these ones. We do things with the 12k most folks think
should not be possible :-)
--
Alan McKinnon
***@gmail.com
------------------------------
Message: 7
Date: Mon, 17 Jun 2013 21:42:59 -0400
From: Peter Jackson <***@gmail.com>
To: Alan McKinnon <***@gmail.com>
Cc: "rancid-***@shrubbery.net" <rancid-***@shrubbery.net>
Subject: Re: [rancid] Limit commands run for GSR
Message-ID:
<CAN9M5uYudOMJwqbAKaHHkKTMhyjDKXAQ=***@mail.gmail.com>
Content-Type: text/plain; charset="iso-8859-1"
Check out some of the other command sections that are skipped for certain
'types'. Figure out the type that rancid sets for the GSRs and use the
line below (formatted for the correct type) in the command sections you
don't want to run for them.
I assume the following would skip 12006, 12010, 12404, 12410, etc.:
return(1) if ($type !~ /^12[40]/);
An HTML attachment was scrubbed...
URL: <http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20130617/3060a937/attachment-0001.html>
------------------------------
Message: 8
Date: Tue, 18 Jun 2013 22:22:13 +0200
From: Nicolas DEFFAYET <nicolas-***@deffayet.com>
To: Remy van Elst <***@relst.nl>
Cc: rancid-***@shrubbery.net
Subject: Re: [rancid] Support for the Cisco SF300
Message-ID: <***@fr-wks3.corp.novso.com>
Content-Type: text/plain; charset="utf-8"
On Mon, 2013-06-17 at 07:10 +0200, Remy van Elst wrote:
Hello,
Business switch in Rancid:
- Rancid 2.3.8 support
- End of run fix (important for be sure to get the full configuration
dump)
Updated files can be found in attachment.
--
Nicolas DEFFAYET
-------------- next part --------------
#! /usr/bin/expect --
##
## $Id: csblogin.in 1 2012-06-01 17:05:00Z n $
##
## rancid 2.3.8
## Copyright (c) 1997-2011 by Terrapin Communications, Inc.
## All rights reserved.
##
## This code is derived from software contributed to and maintained by
## Terrapin Communications, Inc. by Henry Kilmer, John Heasley, Andrew Partan,
## Pete Whiting, Austin Schutz, and Andrew Fort.
##
## Redistribution and use in source and binary forms, with or without
## modification, are permitted provided that the following conditions
## are met:
## 1. Redistributions of source code must retain the above copyright
## notice, this list of conditions and the following disclaimer.
## 2. Redistributions in binary form must reproduce the above copyright
## notice, this list of conditions and the following disclaimer in the
## documentation and/or other materials provided with the distribution.
## 3. All advertising materials mentioning features or use of this software
## must display the following acknowledgement:
## This product includes software developed by Terrapin Communications,
## Inc. and its contributors for RANCID.
## 4. Neither the name of Terrapin Communications, Inc. nor the names of its
## contributors may be used to endorse or promote products derived from
## this software without specific prior written permission.
## 5. It is requested that non-binding fixes and modifications be contributed
## back to Terrapin Communications, Inc.
##
## THIS SOFTWARE IS PROVIDED BY Terrapin Communications, INC. AND CONTRIBUTORS
## ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
## TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
## PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COMPANY OR CONTRIBUTORS
## BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
## CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
## SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
## INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
## CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
## ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
## POSSIBILITY OF SUCH DAMAGE.
#
# The expect login scripts were based on Erik Sherk's gwtn, by permission.
#
# csblogin - Cisco Small Business switch login
#
# Most options are intuitive for logging into a Cisco Small Business switch.
# The default username password is the same as the vty password.
#
# Usage line
set usage "Usage: $argv0 \[-dV\] \[-c command\] \[-Evar=x\] \
\[-f cloginrc-file\] \[-p user-password\] \[-r passphrase\] \[-s script-file\] \
\[-u username\] \[-t timeout\] \[-x command-file\] \[-y ssh_cypher_type\] \
router \[router...\]\n"
# env(CLOGIN) may contain:
# x == do not set xterm banner or name
# Password file
set password_file $env(HOME)/.cloginrc
# Default is to login to the router
set do_command 0
set do_script 0
# The default is to look in the password file to find the passwords. This
# tracks if we receive them on the command line.
set do_passwd 1
# Sometimes routers take awhile to answer (the default is 10 sec)
set timeoutdflt 120
#
# new option to provide "login" command capabilities
set loginonly 0
# Find the user in the ENV, or use the unix userid.
if {[info exists env(CISCO_USER)]} {
set default_user $env(CISCO_USER)
} elseif {[info exists env(USER)]} {
set default_user $env(USER)
} elseif {[info exists env(LOGNAME)]} {
set default_user $env(LOGNAME)
} else {
# This uses "id" which I think is portable. At least it has existed
# (without options) on all machines/OSes I've been on recently -
# unlike whoami or id -nu.
if [catch {exec id} reason] {
send_error "\nError: could not exec id: $reason\n"
exit 1
}
regexp {\(([^)]*)} "$reason" junk default_user
}
if {[info exists env(CLOGINRC)]} {
set password_file $env(CLOGINRC)
}
# Process the command line
for {set i 0} {$i < $argc} {incr i} {
set arg [lindex $argv $i]
switch -glob -- $arg {
# Command to run.
-c* -
-C* {
if {! [regexp .\[cC\](.+) $arg ignore command]} {
incr i
set command [lindex $argv $i]
}
set do_command 1
# Expect debug mode
} -d* {
exp_internal 1
# Environment variable to pass to -s scripts
} -E*
{
if {[regexp .\[E\](.+)=(.+) $arg ignore varname varvalue]} {
set E$varname $varvalue
} else {
send_user "\nError: invalid format for -E in $arg\n"
exit 1
}
# alternate cloginrc file
} -f* -
-F* {
if {! [regexp .\[fF\](.+) $arg ignore password_file]} {
incr i
set password_file [lindex $argv $i]
}
# user Password
} -p* {
if {! [regexp .\[pP\](.+) $arg ignore userpasswd]} {
incr i
set userpasswd [lindex $argv $i]
}
set do_passwd 0
# ssh passphrase
} -r* {
if {! [regexp .\[rR\](.+) $arg ignore passphrase]} {
incr i
set vapassphrase [lindex $argv $i]
}
# Version string
} -V* {
send_user "rancid 2.3.8\n"
exit 0
# Passphrase
} -r* -
-R* {
if {! [regexp .\[rR\](.+) $arg ignore passphrase]} {
incr i
set avpassphrase [lindex $argv $i]
}
# Expect script to run.
} -s* {
if {! [regexp .\[sS\](.+) $arg ignore sfile]} {
incr i
set sfile [lindex $argv $i]
}
if { ! [file readable $sfile] } {
send_user "\nError: Can't read $sfile\n"
exit 1
}
set do_script 1
# Timeout
} -t* {
if {! [regexp .\[tT\](.+) $arg ignore timeout]} {
incr i
set timeoutdflt [lindex $argv $i]
}
# Username
} -u* -
-U* {
if {! [regexp .\[uU\](.+) $arg ignore user]} {
incr i
set username [lindex $argv $i]
}
# Command file
} -x* {
if {! [regexp .\[xX\](.+) $arg ignore cmd_file]} {
incr i
set cmd_file [lindex $argv $i]
}
if [ catch {set cmd_fd [open $cmd_file r]} reason ] {
send_user "\nError: $reason\n"
exit 1
}
set cmd_text [read $cmd_fd]
close $cmd_fd
set command [join [split $cmd_text \n] \;]
set do_command 1
# 'ssh -c' cypher type
} -y* -
-Y* {
if {! [regexp .\[yY\](.+) $arg ignore cypher]} {
incr i
set cypher [lindex $argv $i]
}
} -* {
send_user "\nError: Unknown argument! $arg\n"
send_user $usage
exit 1
} default {
break
}
}
}
# Process routers...no routers listed is an error.
if { $i == $argc } {
send_user "\nError: $usage"
}
# Only be quiet if we are running a script (it can log its output
# on its own)
if { $do_script } {
log_user 0
} else {
log_user 1
}
#
# Done configuration/variable setting. Now run with it...
#
# Sets Xterm title if interactive...if its an xterm and the user cares
proc label { host } {
global env
# if CLOGIN has an 'x' in it, don't set the xterm name/banner
if [info exists env(CLOGIN)] {
if {[string first "x" $env(CLOGIN)] != -1} { return }
}
# take host from ENV(TERM)
if [info exists env(TERM)] {
if [regexp \^(xterm|vs) $env(TERM) ignore] {
send_user "\033]1;[lindex [split $host "."] 0]\a"
send_user "\033]2;$host\a"
}
}
}
# This is a helper function to make the password file easier to
# maintain. Using this the password file has the form:
# add password sl* pete cow
# add password at* steve
# add password * hanky-pie
proc add {var args} { global int_$var ; lappend int_$var $args}
proc include {args} {
global env
regsub -all "(^{|}$)" $args {} args
if { [regexp "^/" $args ignore ] == 0 } {
set args $env(HOME)/$args
}
source_password_file $args
}
proc find {var router} {
upvar int_$var list
if { [info exists list] } {
foreach line $list {
if { [string match [lindex $line 0] $router] } {
return [lrange $line 1 end]
}
}
}
return {}
}
# Loads the password file. Note that as this file is tcl, and that
# it is sourced, the user better know what to put in there, as it
# could install more than just password info... I will assume however,
# that a "bad guy" could just as easy put such code in the clogin
# script, so I will leave .cloginrc as just an extention of that script
proc source_password_file { password_file } {
global env
if { ! [file exists $password_file] } {
send_user "\nError: password file ($password_file) does not exist\n"
exit 1
}
file stat $password_file fileinfo
if { [expr ($fileinfo(mode) & 007)] != 0000 } {
send_user "\nError: $password_file must not be world readable/writable\n"
exit 1
}
if [catch {source $password_file} reason ] {
send_user "\nError: $reason\n"
exit 1
}
}
# Log into the router.
# returns: 0 on success, 1 on failure, -1 if rsh was used successfully
proc login { router user passwd cmethod cyphertype identfile } {
global spawn_id in_proc do_command do_script passphrase
global prompt sshcmd
set in_proc 1
# try each of the connection methods in $cmethod until one is successful
set progs [llength $cmethod]
foreach prog [lrange $cmethod 0 end] {
incr progs -1
if [string match "telnet*" $prog] {
regexp {telnet(:([^[:space:]]+))*} $prog command suffix port
if {"$port" == ""} {
set retval [catch {spawn telnet $router} reason]
} else {
set retval [catch {spawn telnet $router $port} reason]
}
if { $retval } {
send_user "\nError: telnet failed: $reason\n"
return 1
}
} elseif ![string compare $prog "ssh"] {
# ssh to the router & try to login with or without an identfile.
# We use two calls to spawn since spawn does not seem to parse
# spaces correctly.
if {$identfile != ""} {
if [catch {spawn $sshcmd -c $cyphertype -x -l $user -i $identfile $router} reason] {
send_user "\nError: failed to $sshcmd: $reason\n"
return 1
}
} else {
if [catch {spawn $sshcmd -c $cyphertype -x -l $user $router} reason] {
send_user "\nError: failed to $sshcmd: $reason\n"
return 1
}
}
} elseif ![string compare $prog "rsh"] {
send_error "\nError: unsupported method: rsh\n"
if { $progs == 0 } {
return 1
}
continue
} else {
send_user "\nError: unknown connection method: $prog\n"
return 1
}
sleep 0.3
# This helps cleanup each expect clause.
expect_after {
timeout {
send_user "\nError: TIMEOUT reached\n"
catch {close}; catch {wait};
if { $in_proc} {
return 1
} else {
continue
}
} eof {
send_user "\nError: EOF received\n"
catch {close}; catch {wait};
if { $in_proc} {
return 1
} else {
continue
}
}
}
# Here we get a little tricky. There are several possibilities:
# the router can ask for a username and passwd and then
# talk to the TACACS server to authenticate you, or if the
# TACACS server is not working, then it will use the enable
# passwd. Or, the router might not have TACACS turned on,
# then it will just send the passwd.
# if telnet fails with connection refused, try ssh
expect {
-re "(Connection refused|Secure connection \[^\n\r]+ refused)" {
catch {close}; catch {wait};
if !$progs {
send_user "\nError: Connection Refused ($prog): $router\n"
return 1
}
}
-re "(Connection closed by|Connection to \[^\n\r]+ closed)" {
catch {close}; catch {wait};
if !$progs {
send_user "\nError: Connection closed ($prog): $router\n"
return 1
}
}
eof { send_user "\nError: Couldn't login: $router\n"; wait; return 1 }
-nocase "unknown host\r" {
send_user "\nError: Unknown host $router\n";
catch {close}; catch {wait};
return 1
}
"Host is unreachable" {
send_user "\nError: Host Unreachable: $router\n";
catch {close}; catch {wait};
return 1
}
"No address associated with name" {
send_user "\nError: Unknown host $router\n";
catch {close}; catch {wait};
return 1
}
-re "(Host key not found |The authenticity of host .* be established).* \\(yes/no\\)\\?" {
send "yes\r"
send_user "\nHost $router added to the list of known hosts.\n"
exp_continue
}
-re "HOST IDENTIFICATION HAS CHANGED.* \\(yes/no\\)\\?" {
send "no\r"
send_user "\nError: The host key for $router has changed. Update the SSH known_hosts file accordingly.\n"
catch {close}; catch {wait};
return 1
}
-re "HOST IDENTIFICATION HAS CHANGED\[^\n\r]+" {
send_user "\nError: The host key for $router has changed. Update the SSH known_hosts file accordingly.\n"
return 1
}
-re "Offending key for .* \\(yes/no\\)\\?" {
send "no\r"
send_user "\nError: host key mismatch for $router. Update the SSH known_hosts file accordingly.\n"
catch {close}; catch {wait};
return 1
}
"Login Screen" {
send "$user\t$passwd\r"
exp_continue
}
"Switch Main Menu" {
# send Ctrl+Z
sleep 1; send "send \032"
exp_continue
}
">" {
send "lcli\r"
exp_continue
}
-re "User Name:$" {
send "$user\r"
exp_continue
}
-re "Password:$" {
send "$passwd\r"
exp_continue
}
-re "$prompt" {
break;
}
denied {
send_user "\nError: Check your passwd for $router\n"
catch {close}; catch {wait}; return 1
}
}
}
set in_proc 0
return 0
}
# Run commands given on the command line.
proc run_commands { prompt command } {
global in_proc
set in_proc 1
send "terminal datadump\r"
expect -re $prompt {}
set commands [split $command \;]
set num_commands [llength $commands]
for {set i 0} {$i < $num_commands} { incr i} {
send -- "[lindex $commands $i]\r"
expect {
-re "^\[^\n\r *]*$prompt *$" {}
-re "^\[^\n\r]*$prompt." { exp_continue }
-re "(\r\n|\n)" { exp_continue }
}
}
send "exit\r\n"
expect {
"\n" { exp_continue }
timeout { catch {close}; catch {wait};
return 0
}
eof { return 0 }
}
set in_proc 0
}
#
# For each router... (this is main loop)
#
source_password_file $password_file
set in_proc 0
set exitval 0
foreach router [lrange $argv $i end] {
set router [string tolower $router]
send_user "$router\n"
# device timeout
set timeout [find timeout $router]
if { [llength $timeout] == 0 } {
set timeout $timeoutdflt
}
# Default prompt.
set prompt "#"
# Figure out username
if {[info exists username]} {
# command line username
set loginname $username
} else {
set loginname [join [find user $router] ""]
if { "$loginname" == "" } { set loginname $default_user }
}
# Figure out loginname's password (if different from the vty password)
if {[info exists userpasswd]} {
# command line passwd
set passwd $userpasswd
} else {
set passwd [join [lindex [find userpassword $router] 0] ""]
if { "$passwd" == "" } {
set passwd [join [lindex [find password $router] 0] ""]
if { "$passwd" == "" } {
send_user "\nError: no password for $router in $password_file.\n"
continue
}
}
}
# Figure out identity file to use
set identfile [join [lindex [find identity $router] 0] ""]
# Figure out passphrase to use
if {[info exists avpassphrase]} {
set passphrase $avpassphrase
} else {
set passphrase [join [lindex [find passphrase $router] 0] ""]
}
if { ! [string length "$passphrase"]} {
set passphrase $passwd
}
# Figure out cypher type
if {[info exists cypher]} {
# command line cypher type
set cyphertype $cypher
} else {
set cyphertype [find cyphertype $router]
if { "$cyphertype" == "" } { set cyphertype "3des" }
}
# Figure out connection method
set cmethod [find method $router]
if { "$cmethod" == "" } { set cmethod {{telnet} {ssh}} }
# Figure out the SSH executable name
set sshcmd [join [lindex [find sshcmd $router] 0] ""]
if { "$sshcmd" == "" } { set sshcmd {ssh} }
# Login to the router
if {[login $router $loginname $passwd $cmethod $cyphertype $identfile]} {
incr exitval
continue
}
if { $do_command } {
if {[run_commands $prompt $command]} {
incr exitval
continue
}
} elseif { $do_script } {
send "terminal datadump\r"
expect -re $prompt {}
source $sfile
catch {close};
} else {
label $router
log_user 1
interact
}
# End of for each router
catch {wait};
sleep 0.3
}
exit $exitval
-------------- next part --------------
A non-text attachment was scrubbed...
Name: csbrancid
Type: application/x-perl
Size: 12617 bytes
Desc: not available
URL: <http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20130618/87b138d4/attachment-0001.bin>
------------------------------
Message: 9
Date: Wed, 19 Jun 2013 02:43:30 -0400
From: Harshal Patil <***@securview.com>
To: "rancid-***@shrubbery.net" <rancid-***@shrubbery.net>
Subject: [rancid] Rancid CVS Problem
Message-ID: <***@USNJ01EXC001>
Content-Type: text/plain; charset="iso-8859-1"
Hi All,
I am reciving following errors in logs file while working on Rancid
cvs commit: cannot open CVS/Entries for reading: No such file or directory
cvs commit: nothing known about `router.db'
cvs [commit aborted]: correct above errors first!
ending: Wed Jun 19 11:56:26 IST 2013
Please let me know which file need to edit or any other way to correct this error
Thanks
Harshal
________________________________
Confidentiality: This e-mail and any attachments may be confidential and may also be privileged. If you are not an intended named recipient, please notify the sender immediately and do not disclose the contents to another person use it for any purpose, or store or copy the information in any medium.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20130619/abf53eb8/attachment-0001.html>
------------------------------
Message: 10
Date: Wed, 19 Jun 2013 15:04:34 -0300
From: Saulo Zimbaro <***@gmail.com>
To: rancid-***@shrubbery.net
Subject: [rancid] ignoring flash memory changes
Message-ID:
<CA+uei9VL+BAKCamgY_u62U8kfyg+f5JXocNL4xfvK7e_=***@mail.gmail.com>
Content-Type: text/plain; charset="iso-8859-1"
It?s possible to ignoring memory changes in rancid backups?
Index: configs/csfw-asa-office01
===================================================================
retrieving revision 1.239
diff -U 4 -r1.239 csfw-asa-office01
@@ -30,9 +30,9 @@
!Flash: 123 11348300 Feb 21 2011 16:17:54 asdm-621.bin
!Flash: 3 4096 Dec 31 2002 22:03:48 log
!Flash: 10 4096 Dec 31 2002 22:03:58 crypto_archive
!Flash: 11 4096 Dec 31 2002 22:04:32 coredumpinfo
- !Flash: 12 43 Jun 19 2013 09:00:27 coredumpinfo/coredump.cfg
+ !Flash: 12 43 Jun 19 2013 12:00:33 coredumpinfo/coredump.cfg
!Flash: 125 12105313 Feb 21 2011 16:15:12 csd_3.5.841-k9.pkg
!Flash: 126 4096 Feb 21 2011 16:15:14 sdesktop
!Flash: 133 1462 Feb 21 2011 16:15:14 sdesktop/data.xml
!Flash: 127 2857568 Feb 21 2011 16:15:16
anyconnect-wince-ARMv4I-2.4.1012-k9.pkg
--
*Saulo Zimbaro*
Mobile ) (+55) 21 9800-0100
****@gmail.com
****@zimbaro.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20130619/2a5da533/attachment-0001.html>
------------------------------
Message: 11
Date: Wed, 19 Jun 2013 23:39:31 +0200
From: Alan McKinnon <***@gmail.com>
To: rancid-***@shrubbery.net
Subject: Re: [rancid] ignoring flash memory changes
Message-ID: <***@gmail.com>
Content-Type: text/plain; charset=ISO-8859-1
I've always held the view that some things are just not generic enough
or detectable enough to be shipped out to everyone, so you get to
maintain a few forks with your own customization. And there are nowadays
so many IOSes with different behaviours....
You probably want to add something like this to ShowFlash:
next if (/coredumpinfo\/coredump.cfg\$/);
Untested of course so double check my regexes :-)
Rancid could really benefit from some kind of call-out mechanism where
we can add our own local tweaks and keep them out of the main code, but
unfortunately 2.3.x doesn't have this.
Perhaps a worthy addition to the 3.0 series!
--
Alan McKinnon
***@gmail.com
------------------------------
Message: 12
Date: Thu, 20 Jun 2013 09:28:20 +0200
From: Alan McKinnon <***@gmail.com>
To: "rancid-***@shrubbery.net" <rancid-***@shrubbery.net>
Subject: Re: [rancid] Limit commands run for GSR
Message-ID: <***@gmail.com>
Content-Type: text/plain; charset=ISO-8859-1
I don't think that approach will work for me - I don't need to prevent
rancid parsing the output, I need some commands to not be run on the
device at all.
That means I'd have to modify @commandtable based on chassis type so
that clogin doesn't issue certain commands. But I don't know the chassis
type until clogin has already run and minimally ShowVersion has already
been parsed. By then it's too late.
3.0alpha looks like it might be moving in a direction that solves my
problem quite nicely
Alan McKinnon
***@gmail.com
------------------------------
Message: 13
Date: Thu, 20 Jun 2013 10:36:02 -0400
From: Peter Jackson <***@gmail.com>
To: Alan McKinnon <***@gmail.com>
Cc: "rancid-***@shrubbery.net" <rancid-***@shrubbery.net>
Subject: Re: [rancid] Limit commands run for GSR
Message-ID:
<CAN9M5ubkUOZ_v8mkx9_cwmrHgQV7t==w-***@mail.gmail.com>
Content-Type: text/plain; charset="iso-8859-1"
Yeah, sorry Alan I wasn't thinking.
I like the looks of 3.0 also but here is workaround for 2.3 that should
work for you if the hostnames of your GSRs are unique - able to be matched
by a regular expression. I think the only way to do this is with the
hostname since no other information is passed to rancid. If you can't
match your GSR hostnames by regexp, you could enter them all together.
--- rancid.20130620 2013-06-20 09:53:03.344845839 -0400
+++ rancid 2013-06-20 10:00:50.874896393 -0400
@@ -2333,6 +2333,18 @@
{'write term' => 'WriteTerm'},
);
+my @commandtable2;
+if ( $host =~ /gsr/ ){ #replace 'gsr' with GSR hostname regexp
+ foreach my $command ( @commandtable ) {
+ foreach my $key ( keys %$command ) {
+ unless ( $key =~ /running-config/ ){ #replace 'running-config'
with a pipe-separated list of commands/command regexps to NOT run
+ push ( @commandtable2 ,( { $key => $command->{$key} } ));
+ }
+ }
+ }
+ @commandtable = @commandtable2;
+}
+
# Use an array to preserve the order of the commands and a hash for mapping
# commands to the subroutine and track commands that have been completed.
@commands = map(keys(%$_), @commandtable);
I don't think that approach will work for me - I don't need to prevent
rancid parsing the output, I need some commands to not be run on the
device at all.
that clogin doesn't issue certain commands. But I don't know the chassis
type until clogin has already run and minimally ShowVersion has already
been parsed. By then it's too late.
3.0alpha looks like it might be moving in a direction that solves my
problem quite nicely
Alan McKinnon
_______________________________________________
Rancid-discuss mailing list
http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20130620/451b0702/attachment-0001.html>
------------------------------
Message: 14
Date: Thu, 20 Jun 2013 07:41:24 -0700 (PDT)
From: James Shride <***@yahoo.com>
To: "rancid-***@shrubbery.net" <rancid-***@shrubbery.net>
Subject: [rancid] Help for total Rancid Newb / Linux Newb?
Message-ID:
<***@web124505.mail.ne1.yahoo.com>
Content-Type: text/plain; charset="iso-8859-1"
Hi!
1. Linux Newb
2. Rancid Newb
Here is the problem:
??? We have had a working rancid build in place for a while. However we no longer have the person who admin'd it. After a recent config change to a switch, its spamming the notification. I never noticed this behavior before. Is this indicative of an error in the switch config, or do I have to acknowledge this rancid alert or something?
??? I am grateful for any guidance or advice.
Thanks!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20130620/231aeaef/attachment-0001.html>
------------------------------
Message: 15
Date: Thu, 20 Jun 2013 16:33:52 +0000
From: Ryan West <***@zyedge.com>
To: James Shride <***@yahoo.com>
Cc: "rancid-***@shrubbery.net" <rancid-***@shrubbery.net>
Subject: Re: [rancid] Help for total Rancid Newb / Linux Newb?
Message-ID: <EFD2D092-C947-4708-BB8D-***@zyedge.com>
Content-Type: text/plain; charset="us-ascii"
What are you being spammed with? Do you have access to the shell as the rancid user?
Sent from handheld.
On Jun 20, 2013, at 12:19 PM, "James Shride" <***@yahoo.com<mailto:***@yahoo.com>> wrote:
Hi!
1. Linux Newb
2. Rancid Newb
Here is the problem:
We have had a working rancid build in place for a while. However we no longer have the person who admin'd it. After a recent config change to a switch, its spamming the notification. I never noticed this behavior before. Is this indicative of an error in the switch config, or do I have to acknowledge this rancid alert or something?
I am grateful for any guidance or advice.
Thanks!
_______________________________________________
Rancid-discuss mailing list
Rancid-***@shrubbery.net<mailto:Rancid-***@shrubbery.net>
http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20130620/ed79bc9c/attachment-0001.html>
------------------------------
Message: 16
Date: Fri, 21 Jun 2013 09:23:35 +0000
From: "Wiethoff, Helge" <***@tfh-bochum.de>
To: "rancid-***@shrubbery.net" <rancid-***@shrubbery.net>
Subject: [rancid] Allied Telesyn and Rancid
Message-ID:
<***@BOHEMSX2010.rbbk.de>
Content-Type: text/plain; charset="utf-8"
Hi all,
i am new to Rancid and it took me a few hours to understand it ;-) But finally i think i got it mostly...
Because i found no (for me) sufficient script for Allied Telesis-devices, i edited the cisco-stuff a bit.
The files are attached, if anyone wants to use...
Does anyone of you uses Switches from Microsens and build a Rancid-Script?
Regards,
Helge
________________________________
Helge Wiethoff
Medienzentrum
Telefon: +49 (234) 968 8717
Fax: +49 (234) 968 3453
E-Mail: ***@tfh-bochum.de
Technische Fachhochschule Georg Agricola
f?r Rohstoff, Energie und Umwelt zu Bochum
Staatlich anerkannte Fachhochschule der
DMT-Gesellschaft f?r Lehre und Bildung mbH
Herner Stra?e 45
44787 Bochum
http://www.tfh-bochum.de
________________________________
Tr?ger: DMT-Gesellschaft f?r Lehre und Bildung mbH
Sitz der Gesellschaft: Bochum
Registergericht: Amtsgericht Bochum
Handelsregister: B 4052
Gesch?ftsf?hrung:
Prof. Dr. J?rgen Kretschmann (Vorsitzender)
Manfred Freitag
-------------- next part --------------
A non-text attachment was scrubbed...
Name: atlogin
Type: application/octet-stream
Size: 23699 bytes
Desc: atlogin
URL: <http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20130621/118e4f5d/attachment-0002.obj>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: atrancid
Type: application/octet-stream
Size: 10661 bytes
Desc: atrancid
URL: <http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20130621/118e4f5d/attachment-0003.obj>
------------------------------
Message: 17
Date: Fri, 21 Jun 2013 11:53:07 +0200
From: Per-Olof Olsson <***@chalmers.se>
To: "rancid-***@shrubbery.net" <rancid-***@shrubbery.net>
Subject: [rancid] cpu info missing from sup-2t
Message-ID: <***@chalmers.se>
Content-Type: text/plain; charset="ISO-8859-1"; format=flowed
The spam is config changes. It's the same few config changes we made days ago but it's still being promptly sent out hourly.
-----Original Message-----
From: rancid-discuss-***@shrubbery.net [mailto:rancid-discuss-***@shrubbery.net] On Behalf Of rancid-discuss-***@shrubbery.net
Sent: Monday, June 24, 2013 5:26 PM
To: rancid-***@shrubbery.net
Subject: Rancid-discuss Digest, Vol 32, Issue 4
Send Rancid-discuss mailing list submissions to
rancid-***@shrubbery.net
To subscribe or unsubscribe via the World Wide Web, visit
http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
or, via email, send a message with subject or body 'help' to
rancid-discuss-***@shrubbery.net
You can reach the person managing the list at
rancid-discuss-***@shrubbery.net
When replying, please edit your Subject line so it is more specific
than "Re: Contents of Rancid-discuss digest..."
Today's Topics:
1. Re: Checking for root (heasley)
2. Re: End of run not found on telnet (Paul Gear)
3. Re: End of run not found on telnet (Polanski, Gregory)
4. Support for the Cisco SF300 (Remy van Elst)
5. Re: Support for the Cisco SF300 (Alan McKinnon)
6. Limit commands run for GSR (Alan McKinnon)
7. Re: Limit commands run for GSR (Peter Jackson)
8. Re: Support for the Cisco SF300 (Nicolas DEFFAYET)
9. Rancid CVS Problem (Harshal Patil)
10. ignoring flash memory changes (Saulo Zimbaro)
11. Re: ignoring flash memory changes (Alan McKinnon)
12. Re: Limit commands run for GSR (Alan McKinnon)
13. Re: Limit commands run for GSR (Peter Jackson)
14. Help for total Rancid Newb / Linux Newb? (James Shride)
15. Re: Help for total Rancid Newb / Linux Newb? (Ryan West)
16. Allied Telesyn and Rancid (Wiethoff, Helge)
17. cpu info missing from sup-2t (Per-Olof Olsson)
18. Re: Help for total Rancid Newb / Linux Newb? (Alan McKinnon)
19. Error handler for Cisco switches in rancid. (Per-Olof Olsson)
20. proper way to delete or remove a group using a subversion
repository (Hinote, Scotty (MSFC-IS40)[NICS])
----------------------------------------------------------------------
Message: 1
Date: Tue, 11 Jun 2013 00:23:32 +0000
From: heasley <***@shrubbery.net>
To: Aaron Dudek <***@gmail.com>
Cc: "rancid-***@shrubbery.net" <rancid-***@shrubbery.net>
Subject: Re: [rancid] Checking for root
Message-ID: <***@shrubbery.net>
Content-Type: text/plain; charset=us-ascii
Seems like a good compromise. Assuming the person installing knows to add
it.
new installations would get it be default, others might merge it when updating,it.
but existing installations would not otherwise.
i'd be willing to add a check that is enabled by a rancid.conf
option,
which i believe would be sufficient, right?
If it's not the default, then it will catch instances where aoption,
which i believe would be sufficient, right?
forward-thinking admin [or package maintainer] thinks to enable it; it
won't help noobs setting RANCID working on their own.
how about just adding the check to rancid.conf? that affects everything
that
reads it, the check can be customized (like adding a timer), or completely
disabled w/o an arg/etc.
alexd
_______________________________________________
Rancid-discuss mailing list
http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
______________________________________________________________________________________________
Rancid-discuss mailing list
http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
Rancid-discuss mailing list
http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
Message: 2
Date: Thu, 13 Jun 2013 08:43:57 +1000
From: Paul Gear <***@gear.dyndns.org>
To: rancid-***@shrubbery.net
Subject: Re: [rancid] End of run not found on telnet
Message-ID: <kpatjb$k33$***@ger.gmane.org>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
I have rancid 2.3.6 up an running on Ubuntu server. All devices are
Cisco. SSH is working fine. When I try run rancid on switches that only
support telnet, I get the following error.
switch: missed cmd(s): write term,show running-config
switch: End of run not found
clogin works great to these switches. I though it might be the expect
problem. I downloaded and installed expect-5.43.0_hack.tar.bz2 and
tcl8.4.18-src.tar.gz from the ftp site. This did not resolve the problem.
Any ideas on what or where I need to look.
Hi Gary,Cisco. SSH is working fine. When I try run rancid on switches that only
support telnet, I get the following error.
switch: missed cmd(s): write term,show running-config
switch: End of run not found
clogin works great to these switches. I though it might be the expect
problem. I downloaded and installed expect-5.43.0_hack.tar.bz2 and
tcl8.4.18-src.tar.gz from the ftp site. This did not resolve the problem.
Any ideas on what or where I need to look.
I've seen similar things when autoenable was set to the wrong value.
Regards,
Paul
------------------------------
Message: 3
Date: Wed, 12 Jun 2013 23:19:03 +0000
From: "Polanski, Gregory" <***@Virteva.com>
To: "rancid-***@shrubbery.net" <rancid-***@shrubbery.net>
Subject: Re: [rancid] End of run not found on telnet
Message-ID:
<***@VRTW8EXC01.corp.int>
Content-Type: text/plain; charset="us-ascii"
Folks
Check the login and motd banner. If there is a '#' in the banner, it will suppress the enable commands and the produce the errors that you are seeing.
This debug sequence has been helpful to me
sudo login -f rancid
As user rancid
source /etc/rancid/rancid.conf
NOPIPE=yes;export NOPIPE
rancid -d switchname
Look for *.new and *.raw in the directory
Regards
Greg
-----Original Message-----
From: rancid-discuss-***@shrubbery.net [mailto:rancid-discuss-***@shrubbery.net] On Behalf Of Paul Gear
Sent: Wednesday, June 12, 2013 5:44 PM
To: rancid-***@shrubbery.net
Subject: Re: [rancid] End of run not found on telnet
I have rancid 2.3.6 up an running on Ubuntu server. All devices are
Cisco. SSH is working fine. When I try run rancid on switches that only
support telnet, I get the following error.
switch: missed cmd(s): write term,show running-config
switch: End of run not found
clogin works great to these switches. I though it might be the expect
problem. I downloaded and installed expect-5.43.0_hack.tar.bz2 and
tcl8.4.18-src.tar.gz from the ftp site. This did not resolve the problem.
Any ideas on what or where I need to look.
Hi Gary,Cisco. SSH is working fine. When I try run rancid on switches that only
support telnet, I get the following error.
switch: missed cmd(s): write term,show running-config
switch: End of run not found
clogin works great to these switches. I though it might be the expect
problem. I downloaded and installed expect-5.43.0_hack.tar.bz2 and
tcl8.4.18-src.tar.gz from the ftp site. This did not resolve the problem.
Any ideas on what or where I need to look.
I've seen similar things when autoenable was set to the wrong value.
Regards,
Paul
_______________________________________________
Rancid-discuss mailing list
Rancid-***@shrubbery.net
http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
------------------------------
Message: 4
Date: Mon, 17 Jun 2013 07:10:20 +0200
From: Remy van Elst <***@relst.nl>
To: <rancid-***@shrubbery.net>
Subject: [rancid] Support for the Cisco SF300
Message-ID: <CDE466DC.378CA%***@relst.nl>
Content-Type: text/plain; charset="US-ASCII"
Howdy,
Does RANCID supports the Cisco SF300 SMB switches? The regular 'cisco' and
the 'cisco-sb' (from
http://chrpinedo.blogspot.nl/2012/03/cisco-small-business-sg300-backup-with
.html) give me an empty file in the cvs, while direct logging in on the
switch and doing a sho ru (after enable) works just fine.
Any tips or help?
------------------------------
Message: 5
Date: Mon, 17 Jun 2013 16:38:50 +0200
From: Alan McKinnon <***@gmail.com>
To: rancid-***@shrubbery.net
Subject: Re: [rancid] Support for the Cisco SF300
Message-ID: <***@gmail.com>
Content-Type: text/plain; charset=ISO-8859-1
Howdy,
Does RANCID supports the Cisco SF300 SMB switches? The regular 'cisco' and
the 'cisco-sb' (from
http://chrpinedo.blogspot.nl/2012/03/cisco-small-business-sg300-backup-with
.html) give me an empty file in the cvs, while direct logging in on the
switch and doing a sho ru (after enable) works just fine.
Any tips or help?
Have you checked the usual:Does RANCID supports the Cisco SF300 SMB switches? The regular 'cisco' and
the 'cisco-sb' (from
http://chrpinedo.blogspot.nl/2012/03/cisco-small-business-sg300-backup-with
.html) give me an empty file in the cvs, while direct logging in on the
switch and doing a sho ru (after enable) works just fine.
Any tips or help?
- password, username and method correct in ~/.cloginrc
- No ">" and "#" chars in banner
- prompt is sane (ends in # when enabled)
- does clogin <hostname> work and enable the user?
- what's in the logs?
- "rancid -d <hostname>" leaves a .new file in . that often contains clues
--
Alan McKinnon
***@gmail.com
------------------------------
Message: 6
Date: Mon, 17 Jun 2013 21:21:55 +0200
From: Alan McKinnon <***@gmail.com>
To: rancid-***@shrubbery.net
Subject: [rancid] Limit commands run for GSR
Message-ID: <***@gmail.com>
Content-Type: text/plain; charset=ISO-8859-1
Hi,
Our provider edge runs on GSR 12's and they carry a hefty config. NetOps
complain that rancid noticeably spikes the cpu load [1] when it runs
these 4 (essentially the same) commands.
{'more system:running-config' => 'WriteTerm'}, # ASA/PIX
{ running-config view full'=> 'WriteTerm'}, # workaround for
{'show running-config' => 'WriteTerm'},
{'write term' => 'WriteTerm'},
I got it under control easily by forking rancid to a gsrrancid script
and removing the bits I don't want from @commandtable.
I'd rather not do it this way, I'd like to have this in the rancid
parser. But I can't figure a way to modify @commandtable at runtime
based on chassis/OS type.
Ideas?
[1] It's a legit complaint, not a fiction of a NetOps engineer's
imagination. On every other chassis I can ignore the effects rancid
causes, but not these ones. We do things with the 12k most folks think
should not be possible :-)
--
Alan McKinnon
***@gmail.com
------------------------------
Message: 7
Date: Mon, 17 Jun 2013 21:42:59 -0400
From: Peter Jackson <***@gmail.com>
To: Alan McKinnon <***@gmail.com>
Cc: "rancid-***@shrubbery.net" <rancid-***@shrubbery.net>
Subject: Re: [rancid] Limit commands run for GSR
Message-ID:
<CAN9M5uYudOMJwqbAKaHHkKTMhyjDKXAQ=***@mail.gmail.com>
Content-Type: text/plain; charset="iso-8859-1"
Check out some of the other command sections that are skipped for certain
'types'. Figure out the type that rancid sets for the GSRs and use the
line below (formatted for the correct type) in the command sections you
don't want to run for them.
I assume the following would skip 12006, 12010, 12404, 12410, etc.:
return(1) if ($type !~ /^12[40]/);
Hi,
Our provider edge runs on GSR 12's and they carry a hefty config. NetOps
complain that rancid noticeably spikes the cpu load [1] when it runs
these 4 (essentially the same) commands.
{'more system:running-config' => 'WriteTerm'}, # ASA/PIX
{ running-config view full'=> 'WriteTerm'}, # workaround for
{'show running-config' => 'WriteTerm'},
{'write term' => 'WriteTerm'},
I got it under control easily by forking rancid to a gsrrancid script
I'd rather not do it this way, I'd like to have this in the rancid
based on chassis/OS type.
Ideas?
[1] It's a legit complaint, not a fiction of a NetOps engineer's
imagination. On every other chassis I can ignore the effects rancid
causes, but not these ones. We do things with the 12k most folks think
should not be possible :-)
--
Alan McKinnon
_______________________________________________
Rancid-discuss mailing list
http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
-------------- next part --------------Our provider edge runs on GSR 12's and they carry a hefty config. NetOps
complain that rancid noticeably spikes the cpu load [1] when it runs
these 4 (essentially the same) commands.
{'more system:running-config' => 'WriteTerm'}, # ASA/PIX
{ running-config view full'=> 'WriteTerm'}, # workaround for
{'show running-config' => 'WriteTerm'},
{'write term' => 'WriteTerm'},
I got it under control easily by forking rancid to a gsrrancid script
I'd rather not do it this way, I'd like to have this in the rancid
based on chassis/OS type.
Ideas?
[1] It's a legit complaint, not a fiction of a NetOps engineer's
imagination. On every other chassis I can ignore the effects rancid
causes, but not these ones. We do things with the 12k most folks think
should not be possible :-)
--
Alan McKinnon
_______________________________________________
Rancid-discuss mailing list
http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
An HTML attachment was scrubbed...
URL: <http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20130617/3060a937/attachment-0001.html>
------------------------------
Message: 8
Date: Tue, 18 Jun 2013 22:22:13 +0200
From: Nicolas DEFFAYET <nicolas-***@deffayet.com>
To: Remy van Elst <***@relst.nl>
Cc: rancid-***@shrubbery.net
Subject: Re: [rancid] Support for the Cisco SF300
Message-ID: <***@fr-wks3.corp.novso.com>
Content-Type: text/plain; charset="utf-8"
On Mon, 2013-06-17 at 07:10 +0200, Remy van Elst wrote:
Hello,
Does RANCID supports the Cisco SF300 SMB switches? The regular 'cisco' and
the 'cisco-sb' (from
http://chrpinedo.blogspot.nl/2012/03/cisco-small-business-sg300-backup-with
.html) give me an empty file in the cvs, while direct logging in on the
switch and doing a sho ru (after enable) works just fine.
Any tips or help?
I have updated original Christian Pinedo's work for support Cisco Smallthe 'cisco-sb' (from
http://chrpinedo.blogspot.nl/2012/03/cisco-small-business-sg300-backup-with
.html) give me an empty file in the cvs, while direct logging in on the
switch and doing a sho ru (after enable) works just fine.
Any tips or help?
Business switch in Rancid:
- Rancid 2.3.8 support
- End of run fix (important for be sure to get the full configuration
dump)
Updated files can be found in attachment.
--
Nicolas DEFFAYET
-------------- next part --------------
#! /usr/bin/expect --
##
## $Id: csblogin.in 1 2012-06-01 17:05:00Z n $
##
## rancid 2.3.8
## Copyright (c) 1997-2011 by Terrapin Communications, Inc.
## All rights reserved.
##
## This code is derived from software contributed to and maintained by
## Terrapin Communications, Inc. by Henry Kilmer, John Heasley, Andrew Partan,
## Pete Whiting, Austin Schutz, and Andrew Fort.
##
## Redistribution and use in source and binary forms, with or without
## modification, are permitted provided that the following conditions
## are met:
## 1. Redistributions of source code must retain the above copyright
## notice, this list of conditions and the following disclaimer.
## 2. Redistributions in binary form must reproduce the above copyright
## notice, this list of conditions and the following disclaimer in the
## documentation and/or other materials provided with the distribution.
## 3. All advertising materials mentioning features or use of this software
## must display the following acknowledgement:
## This product includes software developed by Terrapin Communications,
## Inc. and its contributors for RANCID.
## 4. Neither the name of Terrapin Communications, Inc. nor the names of its
## contributors may be used to endorse or promote products derived from
## this software without specific prior written permission.
## 5. It is requested that non-binding fixes and modifications be contributed
## back to Terrapin Communications, Inc.
##
## THIS SOFTWARE IS PROVIDED BY Terrapin Communications, INC. AND CONTRIBUTORS
## ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
## TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
## PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COMPANY OR CONTRIBUTORS
## BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
## CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
## SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
## INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
## CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
## ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
## POSSIBILITY OF SUCH DAMAGE.
#
# The expect login scripts were based on Erik Sherk's gwtn, by permission.
#
# csblogin - Cisco Small Business switch login
#
# Most options are intuitive for logging into a Cisco Small Business switch.
# The default username password is the same as the vty password.
#
# Usage line
set usage "Usage: $argv0 \[-dV\] \[-c command\] \[-Evar=x\] \
\[-f cloginrc-file\] \[-p user-password\] \[-r passphrase\] \[-s script-file\] \
\[-u username\] \[-t timeout\] \[-x command-file\] \[-y ssh_cypher_type\] \
router \[router...\]\n"
# env(CLOGIN) may contain:
# x == do not set xterm banner or name
# Password file
set password_file $env(HOME)/.cloginrc
# Default is to login to the router
set do_command 0
set do_script 0
# The default is to look in the password file to find the passwords. This
# tracks if we receive them on the command line.
set do_passwd 1
# Sometimes routers take awhile to answer (the default is 10 sec)
set timeoutdflt 120
#
# new option to provide "login" command capabilities
set loginonly 0
# Find the user in the ENV, or use the unix userid.
if {[info exists env(CISCO_USER)]} {
set default_user $env(CISCO_USER)
} elseif {[info exists env(USER)]} {
set default_user $env(USER)
} elseif {[info exists env(LOGNAME)]} {
set default_user $env(LOGNAME)
} else {
# This uses "id" which I think is portable. At least it has existed
# (without options) on all machines/OSes I've been on recently -
# unlike whoami or id -nu.
if [catch {exec id} reason] {
send_error "\nError: could not exec id: $reason\n"
exit 1
}
regexp {\(([^)]*)} "$reason" junk default_user
}
if {[info exists env(CLOGINRC)]} {
set password_file $env(CLOGINRC)
}
# Process the command line
for {set i 0} {$i < $argc} {incr i} {
set arg [lindex $argv $i]
switch -glob -- $arg {
# Command to run.
-c* -
-C* {
if {! [regexp .\[cC\](.+) $arg ignore command]} {
incr i
set command [lindex $argv $i]
}
set do_command 1
# Expect debug mode
} -d* {
exp_internal 1
# Environment variable to pass to -s scripts
} -E*
{
if {[regexp .\[E\](.+)=(.+) $arg ignore varname varvalue]} {
set E$varname $varvalue
} else {
send_user "\nError: invalid format for -E in $arg\n"
exit 1
}
# alternate cloginrc file
} -f* -
-F* {
if {! [regexp .\[fF\](.+) $arg ignore password_file]} {
incr i
set password_file [lindex $argv $i]
}
# user Password
} -p* {
if {! [regexp .\[pP\](.+) $arg ignore userpasswd]} {
incr i
set userpasswd [lindex $argv $i]
}
set do_passwd 0
# ssh passphrase
} -r* {
if {! [regexp .\[rR\](.+) $arg ignore passphrase]} {
incr i
set vapassphrase [lindex $argv $i]
}
# Version string
} -V* {
send_user "rancid 2.3.8\n"
exit 0
# Passphrase
} -r* -
-R* {
if {! [regexp .\[rR\](.+) $arg ignore passphrase]} {
incr i
set avpassphrase [lindex $argv $i]
}
# Expect script to run.
} -s* {
if {! [regexp .\[sS\](.+) $arg ignore sfile]} {
incr i
set sfile [lindex $argv $i]
}
if { ! [file readable $sfile] } {
send_user "\nError: Can't read $sfile\n"
exit 1
}
set do_script 1
# Timeout
} -t* {
if {! [regexp .\[tT\](.+) $arg ignore timeout]} {
incr i
set timeoutdflt [lindex $argv $i]
}
# Username
} -u* -
-U* {
if {! [regexp .\[uU\](.+) $arg ignore user]} {
incr i
set username [lindex $argv $i]
}
# Command file
} -x* {
if {! [regexp .\[xX\](.+) $arg ignore cmd_file]} {
incr i
set cmd_file [lindex $argv $i]
}
if [ catch {set cmd_fd [open $cmd_file r]} reason ] {
send_user "\nError: $reason\n"
exit 1
}
set cmd_text [read $cmd_fd]
close $cmd_fd
set command [join [split $cmd_text \n] \;]
set do_command 1
# 'ssh -c' cypher type
} -y* -
-Y* {
if {! [regexp .\[yY\](.+) $arg ignore cypher]} {
incr i
set cypher [lindex $argv $i]
}
} -* {
send_user "\nError: Unknown argument! $arg\n"
send_user $usage
exit 1
} default {
break
}
}
}
# Process routers...no routers listed is an error.
if { $i == $argc } {
send_user "\nError: $usage"
}
# Only be quiet if we are running a script (it can log its output
# on its own)
if { $do_script } {
log_user 0
} else {
log_user 1
}
#
# Done configuration/variable setting. Now run with it...
#
# Sets Xterm title if interactive...if its an xterm and the user cares
proc label { host } {
global env
# if CLOGIN has an 'x' in it, don't set the xterm name/banner
if [info exists env(CLOGIN)] {
if {[string first "x" $env(CLOGIN)] != -1} { return }
}
# take host from ENV(TERM)
if [info exists env(TERM)] {
if [regexp \^(xterm|vs) $env(TERM) ignore] {
send_user "\033]1;[lindex [split $host "."] 0]\a"
send_user "\033]2;$host\a"
}
}
}
# This is a helper function to make the password file easier to
# maintain. Using this the password file has the form:
# add password sl* pete cow
# add password at* steve
# add password * hanky-pie
proc add {var args} { global int_$var ; lappend int_$var $args}
proc include {args} {
global env
regsub -all "(^{|}$)" $args {} args
if { [regexp "^/" $args ignore ] == 0 } {
set args $env(HOME)/$args
}
source_password_file $args
}
proc find {var router} {
upvar int_$var list
if { [info exists list] } {
foreach line $list {
if { [string match [lindex $line 0] $router] } {
return [lrange $line 1 end]
}
}
}
return {}
}
# Loads the password file. Note that as this file is tcl, and that
# it is sourced, the user better know what to put in there, as it
# could install more than just password info... I will assume however,
# that a "bad guy" could just as easy put such code in the clogin
# script, so I will leave .cloginrc as just an extention of that script
proc source_password_file { password_file } {
global env
if { ! [file exists $password_file] } {
send_user "\nError: password file ($password_file) does not exist\n"
exit 1
}
file stat $password_file fileinfo
if { [expr ($fileinfo(mode) & 007)] != 0000 } {
send_user "\nError: $password_file must not be world readable/writable\n"
exit 1
}
if [catch {source $password_file} reason ] {
send_user "\nError: $reason\n"
exit 1
}
}
# Log into the router.
# returns: 0 on success, 1 on failure, -1 if rsh was used successfully
proc login { router user passwd cmethod cyphertype identfile } {
global spawn_id in_proc do_command do_script passphrase
global prompt sshcmd
set in_proc 1
# try each of the connection methods in $cmethod until one is successful
set progs [llength $cmethod]
foreach prog [lrange $cmethod 0 end] {
incr progs -1
if [string match "telnet*" $prog] {
regexp {telnet(:([^[:space:]]+))*} $prog command suffix port
if {"$port" == ""} {
set retval [catch {spawn telnet $router} reason]
} else {
set retval [catch {spawn telnet $router $port} reason]
}
if { $retval } {
send_user "\nError: telnet failed: $reason\n"
return 1
}
} elseif ![string compare $prog "ssh"] {
# ssh to the router & try to login with or without an identfile.
# We use two calls to spawn since spawn does not seem to parse
# spaces correctly.
if {$identfile != ""} {
if [catch {spawn $sshcmd -c $cyphertype -x -l $user -i $identfile $router} reason] {
send_user "\nError: failed to $sshcmd: $reason\n"
return 1
}
} else {
if [catch {spawn $sshcmd -c $cyphertype -x -l $user $router} reason] {
send_user "\nError: failed to $sshcmd: $reason\n"
return 1
}
}
} elseif ![string compare $prog "rsh"] {
send_error "\nError: unsupported method: rsh\n"
if { $progs == 0 } {
return 1
}
continue
} else {
send_user "\nError: unknown connection method: $prog\n"
return 1
}
sleep 0.3
# This helps cleanup each expect clause.
expect_after {
timeout {
send_user "\nError: TIMEOUT reached\n"
catch {close}; catch {wait};
if { $in_proc} {
return 1
} else {
continue
}
} eof {
send_user "\nError: EOF received\n"
catch {close}; catch {wait};
if { $in_proc} {
return 1
} else {
continue
}
}
}
# Here we get a little tricky. There are several possibilities:
# the router can ask for a username and passwd and then
# talk to the TACACS server to authenticate you, or if the
# TACACS server is not working, then it will use the enable
# passwd. Or, the router might not have TACACS turned on,
# then it will just send the passwd.
# if telnet fails with connection refused, try ssh
expect {
-re "(Connection refused|Secure connection \[^\n\r]+ refused)" {
catch {close}; catch {wait};
if !$progs {
send_user "\nError: Connection Refused ($prog): $router\n"
return 1
}
}
-re "(Connection closed by|Connection to \[^\n\r]+ closed)" {
catch {close}; catch {wait};
if !$progs {
send_user "\nError: Connection closed ($prog): $router\n"
return 1
}
}
eof { send_user "\nError: Couldn't login: $router\n"; wait; return 1 }
-nocase "unknown host\r" {
send_user "\nError: Unknown host $router\n";
catch {close}; catch {wait};
return 1
}
"Host is unreachable" {
send_user "\nError: Host Unreachable: $router\n";
catch {close}; catch {wait};
return 1
}
"No address associated with name" {
send_user "\nError: Unknown host $router\n";
catch {close}; catch {wait};
return 1
}
-re "(Host key not found |The authenticity of host .* be established).* \\(yes/no\\)\\?" {
send "yes\r"
send_user "\nHost $router added to the list of known hosts.\n"
exp_continue
}
-re "HOST IDENTIFICATION HAS CHANGED.* \\(yes/no\\)\\?" {
send "no\r"
send_user "\nError: The host key for $router has changed. Update the SSH known_hosts file accordingly.\n"
catch {close}; catch {wait};
return 1
}
-re "HOST IDENTIFICATION HAS CHANGED\[^\n\r]+" {
send_user "\nError: The host key for $router has changed. Update the SSH known_hosts file accordingly.\n"
return 1
}
-re "Offending key for .* \\(yes/no\\)\\?" {
send "no\r"
send_user "\nError: host key mismatch for $router. Update the SSH known_hosts file accordingly.\n"
catch {close}; catch {wait};
return 1
}
"Login Screen" {
send "$user\t$passwd\r"
exp_continue
}
"Switch Main Menu" {
# send Ctrl+Z
sleep 1; send "send \032"
exp_continue
}
">" {
send "lcli\r"
exp_continue
}
-re "User Name:$" {
send "$user\r"
exp_continue
}
-re "Password:$" {
send "$passwd\r"
exp_continue
}
-re "$prompt" {
break;
}
denied {
send_user "\nError: Check your passwd for $router\n"
catch {close}; catch {wait}; return 1
}
}
}
set in_proc 0
return 0
}
# Run commands given on the command line.
proc run_commands { prompt command } {
global in_proc
set in_proc 1
send "terminal datadump\r"
expect -re $prompt {}
set commands [split $command \;]
set num_commands [llength $commands]
for {set i 0} {$i < $num_commands} { incr i} {
send -- "[lindex $commands $i]\r"
expect {
-re "^\[^\n\r *]*$prompt *$" {}
-re "^\[^\n\r]*$prompt." { exp_continue }
-re "(\r\n|\n)" { exp_continue }
}
}
send "exit\r\n"
expect {
"\n" { exp_continue }
timeout { catch {close}; catch {wait};
return 0
}
eof { return 0 }
}
set in_proc 0
}
#
# For each router... (this is main loop)
#
source_password_file $password_file
set in_proc 0
set exitval 0
foreach router [lrange $argv $i end] {
set router [string tolower $router]
send_user "$router\n"
# device timeout
set timeout [find timeout $router]
if { [llength $timeout] == 0 } {
set timeout $timeoutdflt
}
# Default prompt.
set prompt "#"
# Figure out username
if {[info exists username]} {
# command line username
set loginname $username
} else {
set loginname [join [find user $router] ""]
if { "$loginname" == "" } { set loginname $default_user }
}
# Figure out loginname's password (if different from the vty password)
if {[info exists userpasswd]} {
# command line passwd
set passwd $userpasswd
} else {
set passwd [join [lindex [find userpassword $router] 0] ""]
if { "$passwd" == "" } {
set passwd [join [lindex [find password $router] 0] ""]
if { "$passwd" == "" } {
send_user "\nError: no password for $router in $password_file.\n"
continue
}
}
}
# Figure out identity file to use
set identfile [join [lindex [find identity $router] 0] ""]
# Figure out passphrase to use
if {[info exists avpassphrase]} {
set passphrase $avpassphrase
} else {
set passphrase [join [lindex [find passphrase $router] 0] ""]
}
if { ! [string length "$passphrase"]} {
set passphrase $passwd
}
# Figure out cypher type
if {[info exists cypher]} {
# command line cypher type
set cyphertype $cypher
} else {
set cyphertype [find cyphertype $router]
if { "$cyphertype" == "" } { set cyphertype "3des" }
}
# Figure out connection method
set cmethod [find method $router]
if { "$cmethod" == "" } { set cmethod {{telnet} {ssh}} }
# Figure out the SSH executable name
set sshcmd [join [lindex [find sshcmd $router] 0] ""]
if { "$sshcmd" == "" } { set sshcmd {ssh} }
# Login to the router
if {[login $router $loginname $passwd $cmethod $cyphertype $identfile]} {
incr exitval
continue
}
if { $do_command } {
if {[run_commands $prompt $command]} {
incr exitval
continue
}
} elseif { $do_script } {
send "terminal datadump\r"
expect -re $prompt {}
source $sfile
catch {close};
} else {
label $router
log_user 1
interact
}
# End of for each router
catch {wait};
sleep 0.3
}
exit $exitval
-------------- next part --------------
A non-text attachment was scrubbed...
Name: csbrancid
Type: application/x-perl
Size: 12617 bytes
Desc: not available
URL: <http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20130618/87b138d4/attachment-0001.bin>
------------------------------
Message: 9
Date: Wed, 19 Jun 2013 02:43:30 -0400
From: Harshal Patil <***@securview.com>
To: "rancid-***@shrubbery.net" <rancid-***@shrubbery.net>
Subject: [rancid] Rancid CVS Problem
Message-ID: <***@USNJ01EXC001>
Content-Type: text/plain; charset="iso-8859-1"
Hi All,
I am reciving following errors in logs file while working on Rancid
cvs commit: cannot open CVS/Entries for reading: No such file or directory
cvs commit: nothing known about `router.db'
cvs [commit aborted]: correct above errors first!
ending: Wed Jun 19 11:56:26 IST 2013
Please let me know which file need to edit or any other way to correct this error
Thanks
Harshal
________________________________
Confidentiality: This e-mail and any attachments may be confidential and may also be privileged. If you are not an intended named recipient, please notify the sender immediately and do not disclose the contents to another person use it for any purpose, or store or copy the information in any medium.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20130619/abf53eb8/attachment-0001.html>
------------------------------
Message: 10
Date: Wed, 19 Jun 2013 15:04:34 -0300
From: Saulo Zimbaro <***@gmail.com>
To: rancid-***@shrubbery.net
Subject: [rancid] ignoring flash memory changes
Message-ID:
<CA+uei9VL+BAKCamgY_u62U8kfyg+f5JXocNL4xfvK7e_=***@mail.gmail.com>
Content-Type: text/plain; charset="iso-8859-1"
It?s possible to ignoring memory changes in rancid backups?
Index: configs/csfw-asa-office01
===================================================================
retrieving revision 1.239
diff -U 4 -r1.239 csfw-asa-office01
@@ -30,9 +30,9 @@
!Flash: 123 11348300 Feb 21 2011 16:17:54 asdm-621.bin
!Flash: 3 4096 Dec 31 2002 22:03:48 log
!Flash: 10 4096 Dec 31 2002 22:03:58 crypto_archive
!Flash: 11 4096 Dec 31 2002 22:04:32 coredumpinfo
- !Flash: 12 43 Jun 19 2013 09:00:27 coredumpinfo/coredump.cfg
+ !Flash: 12 43 Jun 19 2013 12:00:33 coredumpinfo/coredump.cfg
!Flash: 125 12105313 Feb 21 2011 16:15:12 csd_3.5.841-k9.pkg
!Flash: 126 4096 Feb 21 2011 16:15:14 sdesktop
!Flash: 133 1462 Feb 21 2011 16:15:14 sdesktop/data.xml
!Flash: 127 2857568 Feb 21 2011 16:15:16
anyconnect-wince-ARMv4I-2.4.1012-k9.pkg
--
*Saulo Zimbaro*
Mobile ) (+55) 21 9800-0100
****@gmail.com
****@zimbaro.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20130619/2a5da533/attachment-0001.html>
------------------------------
Message: 11
Date: Wed, 19 Jun 2013 23:39:31 +0200
From: Alan McKinnon <***@gmail.com>
To: rancid-***@shrubbery.net
Subject: Re: [rancid] ignoring flash memory changes
Message-ID: <***@gmail.com>
Content-Type: text/plain; charset=ISO-8859-1
It?s possible to ignoring memory changes in rancid backups?
Index: configs/csfw-asa-office01
===================================================================
retrieving revision 1.239
diff -U 4 -r1.239 csfw-asa-office01
@@ -30,9 +30,9 @@
!Flash: 123 11348300 Feb 21 2011 16:17:54 asdm-621.bin
!Flash: 3 4096 Dec 31 2002 22:03:48 log
!Flash: 10 4096 Dec 31 2002 22:03:58 crypto_archive
!Flash: 11 4096 Dec 31 2002 22:04:32 coredumpinfo
- !Flash: 12 43 Jun 19 2013 09:00:27 coredumpinfo/coredump.cfg
+ !Flash: 12 43 Jun 19 2013 12:00:33 coredumpinfo/coredump.cfg
!Flash: 125 12105313 Feb 21 2011 16:15:12 csd_3.5.841-k9.pkg
!Flash: 126 4096 Feb 21 2011 16:15:14 sdesktop
!Flash: 133 1462 Feb 21 2011 16:15:14 sdesktop/data.xml
!Flash: 127 2857568 Feb 21 2011 16:15:16
anyconnect-wince-ARMv4I-2.4.1012-k9.pkg
I don't know of a way to do this that is already built into shipped rancid.Index: configs/csfw-asa-office01
===================================================================
retrieving revision 1.239
diff -U 4 -r1.239 csfw-asa-office01
@@ -30,9 +30,9 @@
!Flash: 123 11348300 Feb 21 2011 16:17:54 asdm-621.bin
!Flash: 3 4096 Dec 31 2002 22:03:48 log
!Flash: 10 4096 Dec 31 2002 22:03:58 crypto_archive
!Flash: 11 4096 Dec 31 2002 22:04:32 coredumpinfo
- !Flash: 12 43 Jun 19 2013 09:00:27 coredumpinfo/coredump.cfg
+ !Flash: 12 43 Jun 19 2013 12:00:33 coredumpinfo/coredump.cfg
!Flash: 125 12105313 Feb 21 2011 16:15:12 csd_3.5.841-k9.pkg
!Flash: 126 4096 Feb 21 2011 16:15:14 sdesktop
!Flash: 133 1462 Feb 21 2011 16:15:14 sdesktop/data.xml
!Flash: 127 2857568 Feb 21 2011 16:15:16
anyconnect-wince-ARMv4I-2.4.1012-k9.pkg
I've always held the view that some things are just not generic enough
or detectable enough to be shipped out to everyone, so you get to
maintain a few forks with your own customization. And there are nowadays
so many IOSes with different behaviours....
You probably want to add something like this to ShowFlash:
next if (/coredumpinfo\/coredump.cfg\$/);
Untested of course so double check my regexes :-)
Rancid could really benefit from some kind of call-out mechanism where
we can add our own local tweaks and keep them out of the main code, but
unfortunately 2.3.x doesn't have this.
Perhaps a worthy addition to the 3.0 series!
--
Alan McKinnon
***@gmail.com
------------------------------
Message: 12
Date: Thu, 20 Jun 2013 09:28:20 +0200
From: Alan McKinnon <***@gmail.com>
To: "rancid-***@shrubbery.net" <rancid-***@shrubbery.net>
Subject: Re: [rancid] Limit commands run for GSR
Message-ID: <***@gmail.com>
Content-Type: text/plain; charset=ISO-8859-1
Check out some of the other command sections that are skipped for
certain 'types'. Figure out the type that rancid sets for the GSRs and
use the line below (formatted for the correct type) in the command
sections you don't want to run for them.
return(1) if ($type !~ /^12[40]/);
I think I missed replying to this one, sorry about that.certain 'types'. Figure out the type that rancid sets for the GSRs and
use the line below (formatted for the correct type) in the command
sections you don't want to run for them.
return(1) if ($type !~ /^12[40]/);
I don't think that approach will work for me - I don't need to prevent
rancid parsing the output, I need some commands to not be run on the
device at all.
That means I'd have to modify @commandtable based on chassis type so
that clogin doesn't issue certain commands. But I don't know the chassis
type until clogin has already run and minimally ShowVersion has already
been parsed. By then it's too late.
3.0alpha looks like it might be moving in a direction that solves my
problem quite nicely
Hi,
Our provider edge runs on GSR 12's and they carry a hefty config. NetOps
complain that rancid noticeably spikes the cpu load [1] when it runs
these 4 (essentially the same) commands.
{'more system:running-config' => 'WriteTerm'}, # ASA/PIX
{ running-config view full'=> 'WriteTerm'}, # workaround for
{'show running-config' => 'WriteTerm'},
{'write term' => 'WriteTerm'},
I got it under control easily by forking rancid to a gsrrancid script
I'd rather not do it this way, I'd like to have this in the rancid
based on chassis/OS type.
Ideas?
[1] It's a legit complaint, not a fiction of a NetOps engineer's
imagination. On every other chassis I can ignore the effects rancid
causes, but not these ones. We do things with the 12k most folks think
should not be possible :-)
--
Alan McKinnon
_______________________________________________
Rancid-discuss mailing list
http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
--Our provider edge runs on GSR 12's and they carry a hefty config. NetOps
complain that rancid noticeably spikes the cpu load [1] when it runs
these 4 (essentially the same) commands.
{'more system:running-config' => 'WriteTerm'}, # ASA/PIX
{ running-config view full'=> 'WriteTerm'}, # workaround for
{'show running-config' => 'WriteTerm'},
{'write term' => 'WriteTerm'},
I got it under control easily by forking rancid to a gsrrancid script
I'd rather not do it this way, I'd like to have this in the rancid
based on chassis/OS type.
Ideas?
[1] It's a legit complaint, not a fiction of a NetOps engineer's
imagination. On every other chassis I can ignore the effects rancid
causes, but not these ones. We do things with the 12k most folks think
should not be possible :-)
--
Alan McKinnon
_______________________________________________
Rancid-discuss mailing list
http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
Alan McKinnon
***@gmail.com
------------------------------
Message: 13
Date: Thu, 20 Jun 2013 10:36:02 -0400
From: Peter Jackson <***@gmail.com>
To: Alan McKinnon <***@gmail.com>
Cc: "rancid-***@shrubbery.net" <rancid-***@shrubbery.net>
Subject: Re: [rancid] Limit commands run for GSR
Message-ID:
<CAN9M5ubkUOZ_v8mkx9_cwmrHgQV7t==w-***@mail.gmail.com>
Content-Type: text/plain; charset="iso-8859-1"
Yeah, sorry Alan I wasn't thinking.
I like the looks of 3.0 also but here is workaround for 2.3 that should
work for you if the hostnames of your GSRs are unique - able to be matched
by a regular expression. I think the only way to do this is with the
hostname since no other information is passed to rancid. If you can't
match your GSR hostnames by regexp, you could enter them all together.
--- rancid.20130620 2013-06-20 09:53:03.344845839 -0400
+++ rancid 2013-06-20 10:00:50.874896393 -0400
@@ -2333,6 +2333,18 @@
{'write term' => 'WriteTerm'},
);
+my @commandtable2;
+if ( $host =~ /gsr/ ){ #replace 'gsr' with GSR hostname regexp
+ foreach my $command ( @commandtable ) {
+ foreach my $key ( keys %$command ) {
+ unless ( $key =~ /running-config/ ){ #replace 'running-config'
with a pipe-separated list of commands/command regexps to NOT run
+ push ( @commandtable2 ,( { $key => $command->{$key} } ));
+ }
+ }
+ }
+ @commandtable = @commandtable2;
+}
+
# Use an array to preserve the order of the commands and a hash for mapping
# commands to the subroutine and track commands that have been completed.
@commands = map(keys(%$_), @commandtable);
Check out some of the other command sections that are skipped for
certain 'types'. Figure out the type that rancid sets for the GSRs and
use the line below (formatted for the correct type) in the command
sections you don't want to run for them.
return(1) if ($type !~ /^12[40]/);
I think I missed replying to this one, sorry about that.certain 'types'. Figure out the type that rancid sets for the GSRs and
use the line below (formatted for the correct type) in the command
sections you don't want to run for them.
return(1) if ($type !~ /^12[40]/);
I don't think that approach will work for me - I don't need to prevent
rancid parsing the output, I need some commands to not be run on the
device at all.
that clogin doesn't issue certain commands. But I don't know the chassis
type until clogin has already run and minimally ShowVersion has already
been parsed. By then it's too late.
3.0alpha looks like it might be moving in a direction that solves my
problem quite nicely
Hi,
Our provider edge runs on GSR 12's and they carry a hefty config.
NetOpsOur provider edge runs on GSR 12's and they carry a hefty config.
complain that rancid noticeably spikes the cpu load [1] when it runs
these 4 (essentially the same) commands.
{'more system:running-config' => 'WriteTerm'}, # ASA/PIX
{ running-config view full'=> 'WriteTerm'}, # workaround for
{'show running-config' => 'WriteTerm'},
{'write term' => 'WriteTerm'},
I got it under control easily by forking rancid to a gsrrancid script
I'd rather not do it this way, I'd like to have this in the rancid
based on chassis/OS type.
Ideas?
[1] It's a legit complaint, not a fiction of a NetOps engineer's
imagination. On every other chassis I can ignore the effects rancid
causes, but not these ones. We do things with the 12k most folks
thinkthese 4 (essentially the same) commands.
{'more system:running-config' => 'WriteTerm'}, # ASA/PIX
{ running-config view full'=> 'WriteTerm'}, # workaround for
{'show running-config' => 'WriteTerm'},
{'write term' => 'WriteTerm'},
I got it under control easily by forking rancid to a gsrrancid script
I'd rather not do it this way, I'd like to have this in the rancid
based on chassis/OS type.
Ideas?
[1] It's a legit complaint, not a fiction of a NetOps engineer's
imagination. On every other chassis I can ignore the effects rancid
causes, but not these ones. We do things with the 12k most folks
should not be possible :-)
--
Alan McKinnon
_______________________________________________
Rancid-discuss mailing list
http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
----
Alan McKinnon
_______________________________________________
Rancid-discuss mailing list
http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
Alan McKinnon
_______________________________________________
Rancid-discuss mailing list
http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
An HTML attachment was scrubbed...
URL: <http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20130620/451b0702/attachment-0001.html>
------------------------------
Message: 14
Date: Thu, 20 Jun 2013 07:41:24 -0700 (PDT)
From: James Shride <***@yahoo.com>
To: "rancid-***@shrubbery.net" <rancid-***@shrubbery.net>
Subject: [rancid] Help for total Rancid Newb / Linux Newb?
Message-ID:
<***@web124505.mail.ne1.yahoo.com>
Content-Type: text/plain; charset="iso-8859-1"
Hi!
1. Linux Newb
2. Rancid Newb
Here is the problem:
??? We have had a working rancid build in place for a while. However we no longer have the person who admin'd it. After a recent config change to a switch, its spamming the notification. I never noticed this behavior before. Is this indicative of an error in the switch config, or do I have to acknowledge this rancid alert or something?
??? I am grateful for any guidance or advice.
Thanks!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20130620/231aeaef/attachment-0001.html>
------------------------------
Message: 15
Date: Thu, 20 Jun 2013 16:33:52 +0000
From: Ryan West <***@zyedge.com>
To: James Shride <***@yahoo.com>
Cc: "rancid-***@shrubbery.net" <rancid-***@shrubbery.net>
Subject: Re: [rancid] Help for total Rancid Newb / Linux Newb?
Message-ID: <EFD2D092-C947-4708-BB8D-***@zyedge.com>
Content-Type: text/plain; charset="us-ascii"
What are you being spammed with? Do you have access to the shell as the rancid user?
Sent from handheld.
On Jun 20, 2013, at 12:19 PM, "James Shride" <***@yahoo.com<mailto:***@yahoo.com>> wrote:
Hi!
1. Linux Newb
2. Rancid Newb
Here is the problem:
We have had a working rancid build in place for a while. However we no longer have the person who admin'd it. After a recent config change to a switch, its spamming the notification. I never noticed this behavior before. Is this indicative of an error in the switch config, or do I have to acknowledge this rancid alert or something?
I am grateful for any guidance or advice.
Thanks!
_______________________________________________
Rancid-discuss mailing list
Rancid-***@shrubbery.net<mailto:Rancid-***@shrubbery.net>
http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20130620/ed79bc9c/attachment-0001.html>
------------------------------
Message: 16
Date: Fri, 21 Jun 2013 09:23:35 +0000
From: "Wiethoff, Helge" <***@tfh-bochum.de>
To: "rancid-***@shrubbery.net" <rancid-***@shrubbery.net>
Subject: [rancid] Allied Telesyn and Rancid
Message-ID:
<***@BOHEMSX2010.rbbk.de>
Content-Type: text/plain; charset="utf-8"
Hi all,
i am new to Rancid and it took me a few hours to understand it ;-) But finally i think i got it mostly...
Because i found no (for me) sufficient script for Allied Telesis-devices, i edited the cisco-stuff a bit.
The files are attached, if anyone wants to use...
Does anyone of you uses Switches from Microsens and build a Rancid-Script?
Regards,
Helge
________________________________
Helge Wiethoff
Medienzentrum
Telefon: +49 (234) 968 8717
Fax: +49 (234) 968 3453
E-Mail: ***@tfh-bochum.de
Technische Fachhochschule Georg Agricola
f?r Rohstoff, Energie und Umwelt zu Bochum
Staatlich anerkannte Fachhochschule der
DMT-Gesellschaft f?r Lehre und Bildung mbH
Herner Stra?e 45
44787 Bochum
http://www.tfh-bochum.de
________________________________
Tr?ger: DMT-Gesellschaft f?r Lehre und Bildung mbH
Sitz der Gesellschaft: Bochum
Registergericht: Amtsgericht Bochum
Handelsregister: B 4052
Gesch?ftsf?hrung:
Prof. Dr. J?rgen Kretschmann (Vorsitzender)
Manfred Freitag
-------------- next part --------------
A non-text attachment was scrubbed...
Name: atlogin
Type: application/octet-stream
Size: 23699 bytes
Desc: atlogin
URL: <http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20130621/118e4f5d/attachment-0002.obj>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: atrancid
Type: application/octet-stream
Size: 10661 bytes
Desc: atrancid
URL: <http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20130621/118e4f5d/attachment-0003.obj>
------------------------------
Message: 17
Date: Fri, 21 Jun 2013 11:53:07 +0200
From: Per-Olof Olsson <***@chalmers.se>
To: "rancid-***@shrubbery.net" <rancid-***@shrubbery.net>
Subject: [rancid] cpu info missing from sup-2t
Message-ID: <***@chalmers.se>
Content-Type: text/plain; charset="ISO-8859-1"; format=flowed