[rancid] clogin commenting script commands following multiple blanks lines

Post by Erik Muller
So here's an odd thing I just ran across. Running clogin with a script with multiple blank lines has some very unexpected behaviour. It looks like it's turning \n\n into \n;, with the net effect of commenting out any command that follows two blank lines. Reproducible on ubuntu 12.04 and OSX 10.13 with stock 3.8 source. Works as expected in 2.3.8 ubuntu packages.
The culprit is definitely in the "# handle escaped ;s in commands, and ;; and ^;" section of clogin (rolling that block back to what was in 2.3.8 fixes it), but trying to grok that in expect language to provide a real fix makes my head hurt, so I'll leave this as a bug report. Examples below.
thanks,
-e

I believe that patch addresses this bug.

Index: bin/clogin.in
===================================================================
--- bin/clogin.in (revision 3909)
+++ bin/clogin.in (working copy)
@@ -76,12 +76,12 @@
}

# handle escaped ;s in commands, and ;; and ^;
- regsub -all {([^\\]);;} $command "\\1;\u002;" esccommand
- regsub {^;} $esccommand "\u002;" command
- set sep "\\1\u001"
- regsub -all {([^\\])\;} $command "$sep" esccommand
- set sep "\u001"
- set commands [split $esccommand $sep]
+ regsub -all {([^\\]);} $command "\\1\u002;" esccommand
+ regsub -all {([^\\]);;} $esccommand "\\1;\u002;" command
+ regsub {^;} $command "\u002;" esccommand
+ regsub -all {[\\];} $esccommand ";" command
+ set sep "\u002;"
+ set commands [split $command $sep]
set num_commands [llength $commands]
set rshfail 0
for {set i 0} {$i < $num_commands && !$rshfail} { incr i} {
@@ -373,12 +373,12 @@
log_user 0

# handle escaped ;s in commands, and ;; and ^;
- regsub -all {([^\\]);;} $command "\\1;\u002;" esccommand
- regsub {^;} $esccommand "\u002;" command
- set sep "\\1\u001"
- regsub -all {([^\\])\;} $command "$sep" esccommand
- set sep "\u001"
- set commands [split $esccommand $sep]
+ regsub -all {([^\\]);} $command "\\1\u002;" esccommand
+ regsub -all {([^\\]);;} $esccommand "\\1;\u002;" command
+ regsub {^;} $command "\u002;" esccommand
+ regsub -all {[\\];} $esccommand ";" command
+ set sep "\u002;"
+ set commands [split $command $sep]
set num_commands [llength $commands]
# the pager can not be turned off on the PIX, so we have to look
# for the "More" prompt. the extreme is equally obnoxious in pre-12.3 XOS,

Erik Muller

2018-10-24 20:43:41 UTC

I believe that patch addresses this bug.

That definitely fixes the blanks-may-comment-the-next-line issue, though it looks like it also breaks handling of escaped ;s as well.

before:
$ clogin-3.8 -c 'sh ip bgp nei | inc 1\; ; show ver | inc ^Model Num' fl1-as01
...
fl1-as01#sh ip bgp nei | inc 1;
Route to peer address reachability Up: 1; Down: 0
Connections established 1; dropped 0

with patch:
$ clogin -c 'sh ip bgp nei | inc 1\; ; show ver | inc ^Model Num' fl1-as01
...
fl1-as01#sh ip bgp nei | inc 1
BGP neighbor is x.x.x.x, remote AS 4200000000, external link

And it seems to eat leading semicolon comments as well:

$ cat ~/clogin-blanks-test2
show bridge
; just a comment
$ clogin -x ~/clogin-blanks-test2 fl1-as01.polaris.corp
...
fl1-as01#show bridge
fl1-as01#
fl1-as01#
fl1-as01#
fl1-as01# just a comment
^
% Invalid input detected at '^' marker.

heasley

2018-10-24 21:19:31 UTC

I believe that patch addresses this bug.

That definitely fixes the blanks-may-comment-the-next-line issue, though it looks like it also breaks handling of escaped ;s as well.
$ clogin-3.8 -c 'sh ip bgp nei | inc 1\; ; show ver | inc ^Model Num' fl1-as01
...
fl1-as01#sh ip bgp nei | inc 1;
Route to peer address reachability Up: 1; Down: 0
Connections established 1; dropped 0
$ clogin -c 'sh ip bgp nei | inc 1\; ; show ver | inc ^Model Num' fl1-as01
...
fl1-as01#sh ip bgp nei | inc 1
BGP neighbor is x.x.x.x, remote AS 4200000000, external link
$ cat ~/clogin-blanks-test2
show bridge
; just a comment
$ clogin -x ~/clogin-blanks-test2 fl1-as01.polaris.corp
...
fl1-as01#show bridge
fl1-as01#
fl1-as01#
fl1-as01#
fl1-as01# just a comment
^
% Invalid input detected at '^' marker.

I missed that in your example, but noticed it in testing...after I sent that
patch. This is my final patch, i think. I havent committed it yet, as I
want to review it once more.

Index: bin/clogin.in
===================================================================
--- bin/clogin.in (revision 3909)
+++ bin/clogin.in (working copy)
@@ -76,11 +76,12 @@
}

# handle escaped ;s in commands, and ;; and ^;
- regsub -all {([^\\]);;} $command "\\1;\u002;" esccommand
- regsub {^;} $esccommand "\u002;" command
- set sep "\\1\u001"
- regsub -all {([^\\])\;} $command "$sep" esccommand
- set sep "\u001"
+ regsub -all {([^\\]);} $command "\\1\u002;" esccommand
+ regsub -all {([^\\]);;} $esccommand "\\1;\u002;" command
+ regsub {^;} $command "\u002;" esccommand
+ regsub -all {[\\];} $esccommand ";" command
+ regsub -all {\u002;} $command "\u002" esccommand
+ set sep "\u002;"
set commands [split $esccommand $sep]
set num_commands [llength $commands]
set rshfail 0
@@ -373,11 +374,12 @@
log_user 0

# handle escaped ;s in commands, and ;; and ^;
- regsub -all {([^\\]);;} $command "\\1;\u002;" esccommand
- regsub {^;} $esccommand "\u002;" command
- set sep "\\1\u001"
- regsub -all {([^\\])\;} $command "$sep" esccommand
- set sep "\u001"
+ regsub -all {([^\\]);} $command "\\1\u002;" esccommand
+ regsub -all {([^\\]);;} $esccommand "\\1;\u002;" command
+ regsub {^;} $command "\u002;" esccommand
+ regsub -all {[\\];} $esccommand ";" command
+ regsub -all {\u002;} $command "\u002" esccommand
+ set sep "\u002"
set commands [split $esccommand $sep]
set num_commands [llength $commands]
# the pager can not be turned off on the PIX, so we have to look
@@ -384,11 +386,7 @@
# for the "More" prompt. the extreme is equally obnoxious in pre-12.3 XOS,
# with a global switch in the config.
for {set i 0} {$i < $num_commands} { incr i} {
- if { [lindex $commands $i] == "\u002" } {
- send -- "\r"
- } else {
- send -- "[subst -nocommands [lindex $commands $i]]\r"
- }
+ send -h -- "[subst -nocommands [lindex $commands $i]]\r"
expect {
-re "^\b+" { exp_continue }
-re "^\[^\n\r *]*$reprompt" { send_user -- "$expect_out(buffer)"

heasley

2018-10-24 22:32:10 UTC

Post by heasley
I missed that in your example, but noticed it in testing...after I sent that
patch. This is my final patch, i think. I havent committed it yet, as I
want to review it once more.

ok; committed. Either the alpha tarball or the svn repo. Welcome testers,
esp for palo alto, of which I have none.

Erik Muller

2018-10-25 19:53:41 UTC

Post by heasley
I missed that in your example, but noticed it in testing...after I sent that
patch. This is my final patch, i think. I havent committed it yet, as I
want to review it once more.

ok; committed. Either the alpha tarball or the svn repo. Welcome testers,
esp for palo alto, of which I have none.

That one was really close, but still didn't pass through ^; from command files properly.
After a bit more tweaking, the following change seems to get it to handle all my test cases correctly.

***@vpn41:~/ports-dev [15:21 - 1497]$ diff -Naur /opt/local/libexec/rancid/clogin-3.99.99.bak /opt/local/libexec/rancid/clogin-3.99.99
--- /opt/local/libexec/rancid/clogin-3.99.99.bak 2018-10-24 19:46:30.000000000 -0400
+++ /opt/local/libexec/rancid/clogin-3.99.99 2018-10-25 15:21:18.000000000 -0400
@@ -253,7 +253,8 @@
}
set cmd_text [read $cmd_fd]
close $cmd_fd
- set command [join [split $cmd_text \n] \;]
+ regsub -all {;} $cmd_text "\\;" cmd_text
+ set command [join [split $cmd_text \n] \u002;]
set do_command 1
# 'ssh -c' cypher type
} -y* {
@@ -444,13 +445,8 @@
continue;
}

- # handle escaped ;s in commands, and ;; and ^;
- regsub -all {([^\\]);} $command "\\1\u002;" esccommand
- regsub -all {([^\\]);;} $esccommand "\\1;\u002;" command
- regsub {^;} $command "\u002;" esccommand
- regsub -all {[\\];} $esccommand ";" command
- regsub -all {\u002;} $command "\u002" esccommand
- set sep "\u002;"
+ set esccommand [escapecommandlist $command]
+ set sep "\u002"
set commands [split $esccommand $sep]
set num_commands [llength $commands]
set rshfail 0
@@ -724,6 +720,21 @@
return 0
}

+# handle escaped ;s in commands, and ;; and ^;
+proc escapecommandlist {command} {
+ # \; should be passed through as a ;
+ # ^; should be treated as a comment (when coming from a command file)
+ # ;; represents a literal ; before a subsequent command (?)
+ # other ;s are separators between items in a sequence of commands
+ # note this is processed as one big multiline text blob, so ^ anchors may
+ # not work as expected
+ regsub -all {([^\\\u002]);} $command "\\1\u002;" esccommand
+ regsub -all {([^\\\u00a\u00d\u002]);;} $esccommand "\\1;\u002;" command
+ regsub -all {\u002;} $command "\u002" esccommand
+ regsub -all {[\\];} $esccommand ";" command
+ return $command
+}
+
# Run commands given on the command line.
proc run_commands { prompt command } {
global do_interact do_saveconfig in_proc platform
@@ -742,12 +753,7 @@
# this is the only way i see to get rid of more prompts in o/p..grrrrr
log_user 0

- # handle escaped ;s in commands, and ;; and ^;
- regsub -all {([^\\]);} $command "\\1\u002;" esccommand
- regsub -all {([^\\]);;} $esccommand "\\1;\u002;" command
- regsub {^;} $command "\u002;" esccommand
- regsub -all {[\\];} $esccommand ";" command
- regsub -all {\u002;} $command "\u002" esccommand
+ set esccommand [escapecommandlist $command]
set sep "\u002"
set commands [split $esccommand $sep]
set num_commands [llength $commands]

Heasley

2018-10-25 20:02:58 UTC

Post by heasley
I missed that in your example, but noticed it in testing...after I sent that
patch. This is my final patch, i think. I havent committed it yet, as I
want to review it once more.

ok; committed. Either the alpha tarball or the svn repo. Welcome testers,
esp for palo alto, of which I have none.

That one was really close, but still didn't pass through ^; from command files properly.
After a bit more tweaking, the following change seems to get it to handle all my test cases correctly.

You have to escape the ; in the file (\;). The An argument could be made either way, i leN toward not altering the behavior of -x.

Post by Erik Muller
--- /opt/local/libexec/rancid/clogin-3.99.99.bak 2018-10-24 19:46:30.000000000 -0400
+++ /opt/local/libexec/rancid/clogin-3.99.99 2018-10-25 15:21:18.000000000 -0400
@@ -253,7 +253,8 @@
}
set cmd_text [read $cmd_fd]
close $cmd_fd
- set command [join [split $cmd_text \n] \;]
+ regsub -all {;} $cmd_text "\\;" cmd_text
+ set command [join [split $cmd_text \n] \u002;]
set do_command 1
# 'ssh -c' cypher type
} -y* {
@@ -444,13 +445,8 @@
continue;
}
- # handle escaped ;s in commands, and ;; and ^;
- regsub -all {([^\\]);} $command "\\1\u002;" esccommand
- regsub -all {([^\\]);;} $esccommand "\\1;\u002;" command
- regsub {^;} $command "\u002;" esccommand
- regsub -all {[\\];} $esccommand ";" command
- regsub -all {\u002;} $command "\u002" esccommand
- set sep "\u002;"
+ set esccommand [escapecommandlist $command]
+ set sep "\u002"
set commands [split $esccommand $sep]
set num_commands [llength $commands]
set rshfail 0
@@ -724,6 +720,21 @@
return 0
}
+# handle escaped ;s in commands, and ;; and ^;
+proc escapecommandlist {command} {
+ # \; should be passed through as a ;
+ # ^; should be treated as a comment (when coming from a command file)
+ # ;; represents a literal ; before a subsequent command (?)
+ # other ;s are separators between items in a sequence of commands
+ # note this is processed as one big multiline text blob, so ^ anchors may
+ # not work as expected
+ regsub -all {([^\\\u002]);} $command "\\1\u002;" esccommand
+ regsub -all {([^\\\u00a\u00d\u002]);;} $esccommand "\\1;\u002;" command
+ regsub -all {\u002;} $command "\u002" esccommand
+ regsub -all {[\\];} $esccommand ";" command
+ return $command
+}
+
# Run commands given on the command line.
proc run_commands { prompt command } {
global do_interact do_saveconfig in_proc platform
@@ -742,12 +753,7 @@
# this is the only way i see to get rid of more prompts in o/p..grrrrr
log_user 0
- # handle escaped ;s in commands, and ;; and ^;
- regsub -all {([^\\]);} $command "\\1\u002;" esccommand
- regsub -all {([^\\]);;} $esccommand "\\1;\u002;" command
- regsub {^;} $command "\u002;" esccommand
- regsub -all {[\\];} $esccommand ";" command
- regsub -all {\u002;} $command "\u002" esccommand
+ set esccommand [escapecommandlist $command]
set sep "\u002"
set commands [split $esccommand $sep]
set num_commands [llength $commands]

Erik Muller

2018-10-25 21:08:34 UTC

Post by Heasley

Post by heasley
I missed that in your example, but noticed it in testing...after I sent that
patch. This is my final patch, i think. I havent committed it yet, as I
want to review it once more.

ok; committed. Either the alpha tarball or the svn repo. Welcome testers,
esp for palo alto, of which I have none.

That one was really close, but still didn't pass through ^; from command files properly.
After a bit more tweaking, the following change seems to get it to handle all my test cases correctly.

You have to escape the ; in the file (\;). The An argument could be made either way, i leN toward not altering the behavior of -x.

I can live with that. Looks like ^; was equally broken in 2.x as well, and
really it should be !comments instead since ~ios 10 anyway ;)

Erik Muller

2018-10-26 22:24:10 UTC

Post by heasley
ok; committed. Either the alpha tarball or the svn repo. Welcome testers,
esp for palo alto, of which I have none.

Gauthier, Chris

2018-10-30 15:51:52 UTC

Interesting! I have yet to upgrade our installations to 8.1.4. Thanks for the heads up!

ï»¿
Chris Gauthier Senior Network Engineer | comScore, Inc.
t +1 (503) 331-2704 |
***@comscore.com
317 SW Alder Street, Suite 700 | Portland, OR 97204 United States
comscore.com
âââThis e-mail (including any attachments) may contain information that is private, confidential, or protected by attorney-client or other privilege. If you received this e-mail in error, please delete it from your system and notify sender.
-----Original Message-----
From: Rancid-discuss <rancid-discuss-***@shrubbery.net> on behalf of Erik Muller <***@buh.org>
Date: Friday, October 26, 2018 at 3:25 PM
To: heasley <***@shrubbery.net>
Cc: rancid list <rancid-***@shrubbery.net>
Subject: [rancid] paloalto feedback in current alpha [was: Re: clogin commenting script commands following multiple blanks lines]

Post by heasley
ok; committed. Either the alpha tarball or the svn repo. Welcome testers,
esp for palo alto, of which I have none.

At least on 8.1.4 on my 3250s, the cli is a little bit busted until you get out of interactive mode - for every space you enter between words in the command, it redraws the current line, which was messing up the prompt matching as below. Fix for that attached at end of message.
-e

***@status:~$ rancid -t paloalto -d fw1.ams
loadtype: device type paloalto
loadtype: found device type paloalto in /home/erikm/rancidtest/etc/rancid.types.base
executing panlogin -t 90 -c"set cli scripting-mode on;set cli pager off;show system info;show config running" fw1.ams
line: fw1.ams
line: spawn ssh -c aes256-ctr,aes192-ctr -x -l rancid fw1.ams
line: Password:
line: Last login: Fri Oct 26 20:04:51 2018 from 10.x.x.x
line: No entry for terminal type "network";
line: using dumb terminal settings.
line:
line: Number of failed attempts since last successful login: 0
line:
line:
line: ***@fw1.ams(active)>
line: ***@fw1.ams(active)>
line: ***@fw1.ams(active)> set
line: ***@fw1.ams(active)> set cli
line: ***@fw1.ams(active)> set cli scripting-mode
line: ***@fw1.ams(active)> set cli scripting-mode on
PROMPT MATCH: ***@fw1.ams$active$[#>]
HIT COMMAND:***@fw1.ams(active)> set cli scripting-mode on

COMMAND is: set cli scripting-mode on|rancid::RunCommand
In RunCommand: ***@fw1.ams(active)> set cli scripting-mode on
line: ***@fw1.ams(active)> how system info
line: s
line: hostname: fw1.ams
line: ip-address: 10.x.x.x
...
line: family: 3200
line: model: PA-3250
line: sw-version: 8.1.4-h2
...
line: multi-vsys: off
line: operational-mode: normal
line:
line: ***@fw1.ams(active)> how config running
line: exit
line:
line: config {
line: mgt-config {
line: users {
...
line: ***@fw1.ams(active)> Connection to fw1.ams closed.
fw1.ams: missed cmd(s): set cli pager off, show system info
fw1.ams: End of run not found
fw1.ams: clean_run is false
fw1.ams: found_end is false
!

***@status:~/src$ diff -ur rancid-3.99.99 rancid-3.99.99-em/
diff -ur rancid-3.99.99/bin/https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fpanlogin.in&c=E,1,6ITCpn7S8etHwRGxye4nnY-WXsOspZJKTHaSxUMwn7CUVVRDtL9N4eULfbpZKMnS2fE-49UrdfNQg0zd5F8rE7gq5t_QzpoQwMmdI9v87bdIynxj_kNZYaM,&typo=1 rancid-3.99.99-em/bin/https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fpanlogin.in&c=E,1,AFuvKrybC8GB6DG7swV-DVjqoacwb3bN-9HbNrwIHSu3eQM0RtFFTm_43KfETWr8-Uz_SJGx3N-3-OaDDhdxtdoNE4ZVfLEnq_ly_T8O8XSbFZ9ZEA,,&typo=1
--- rancid-3.99.99/bin/https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fpanlogin.in&c=E,1,PaBCXESaFYWjzoqImlahNbNlLrsy_b2vXybrRIrH36LE0245jqMqk6zO7RNZojKH5MycizqdsA_XLMSlWFTJWC55BdQ4EZyVefR65_EuhGMq766dEcz4ZHHC&typo=1 2018-10-24 18:26:50.000000000 -0400
+++ rancid-3.99.99-em/bin/https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fpanlogin.in&c=E,1,EMioRKDRQlsHo46MUuAFylZdiNznL5XtoxGxMWzoJ-zE-yjczHpChxK9eUwVOkVfFMmWgFqx3n44hw-w1Ry9jmPUH43kK_du2ctguUJdL-p0-eIk&typo=1 2018-10-26 17:24:55.945967567 -0400
@@ -455,14 +455,22 @@
}
}

+ # PAN-OS in interactive mode will send a newline and then redraw the
+ # whole prompt-and-command if you send a space.
+ if { $do_command || $do_script } {
+ set cmd "set cli scripting-mode on\r"
+ send $cmd
+ # ensure we eat the partial commands redrawn while entering the command
+ expect -re "$cmd.*$prompt" {}
+ send "set cli pager off\r"
+ expect -re $prompt {}
+ }
+
if { $do_command } {
if {[run_commands $prompt $command]} {
continue
}
} elseif { $do_script } {
-# send "set cli scripting-mode on\r"
-# send "set cli pager off\r"
- expect -re $prompt {}
source $sfile
close
} else {
diff -ur rancid-3.99.99/etc/rancid.types.base rancid-3.99.99-em/etc/rancid.types.base
--- rancid-3.99.99/etc/rancid.types.base 2018-10-24 11:13:49.000000000 -0400
+++ rancid-3.99.99-em/etc/rancid.types.base 2018-10-26 17:16:53.950868707 -0400
@@ -607,9 +607,8 @@
paloalto;login;panlogin
paloalto;module;panos
paloalto;inloop;panos::inloop
-paloalto;command;rancid::RunCommand;set cli scripting-mode on
-paloalto;command;rancid::RunCommand;set cli pager off
paloalto;command;panos::ShowInfo;show system info
+paloalto;command;panos::ShowInventory;show chassis inventory
paloalto;command;panos::ShowConfig;show config running
#
procket;script;prancid
diff -ur rancid-3.99.99/lib/https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fnxos.pm.in&c=E,1,tqRFL7QBqp5N9_vWuTMWwfLR3zhD5Z-aWd8zb4ymx8UXKMyN4UAsbleguZppsQZxEyybiih1kmjUe3xh14kBFX99sF7DlgjDCb_Dqhs0KvfdQyw7gcgAUw,,&typo=1 rancid-3.99.99-em/lib/https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fnxos.pm.in&c=E,1,JACD8ijcXFc2KdkXkmtL6QSeGU_NOOPVmovZiHGdVPL85CLgHDDILs-KqaEsZu-Kns8_DELxKloc1Bt5GQTRNK7SrBuQaac2T00J7L_MXtfumXfO77s,&typo=1
--- rancid-3.99.99/lib/https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fnxos.pm.in&c=E,1,NGNes7dJXeV8s2Sqt0gQmCAXeJfUQi1YJcx4CsmImWwi4axvCK2eDslTWStHiRGGW1syuxjnoCXxk2ss4RlSrQ5CxLytEWhqgMCHDyIfHpiAwF6dh1U,&typo=1 2018-09-19 18:02:44.000000000 -0400
+++ rancid-3.99.99-em/lib/https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fnxos.pm.in&c=E,1,Gsr8TiBW7YqcDWKivbh5ZgN_vVlB7lZod_5hLaW8lxrqDhBKsSchvI7ctiyw7Iniv2TGTTSPOCleizxfWjFMxYNZhNrysDxx7AnHpRWp3JM42XJrztV5ClK96Q,,&typo=1 2018-10-26 17:58:51.611639817 -0400
@@ -494,9 +494,12 @@
# Drop vtp_debug.log and vtp_debug_old.log CDETS bug CSCuy87611
/\s+vtp_debug(_old)?\.log$/ && next;

+ # Drop bcm_mem_locl_trace.log
+ /\s+bcm_mem_lock_trace\.log$/ && next;
+
next if (/BufferMonitor-1HourData/);

- if (/( debug_logs| log)\/$/) {
+ if (/( debug_logs| log| vdc_\d+)\/$/) {
# change
# 8192 Jan 08 14:05:05 2015 log/
# to
diff -ur rancid-3.99.99/lib/https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fpanos.pm.in&c=E,1,wybM--nn0b3GZezeXwnIASz16ohSfuG3iIF0YSZF-tJFQEmGCjoPfdvn2RkyDIOedhV3QbLekcjMJVR9w-1zOzONAQNqp64Rq9HpvMh86ubh3CJxgQ,,&typo=1 rancid-3.99.99-em/lib/https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fpanos.pm.in&c=E,1,znAoj5aoZ94EWlULAGnVz3BQyYPOB9RhC6dl1kZnj9hjMYHJXRLtzaa7hRQj57fWGgbmrcZsHQQcPZA0dttaCKLwj2DzN1xiulF-1bxqz84IK2RSttw3j86tkOTf&typo=1
--- rancid-3.99.99/lib/https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fpanos.pm.in&c=E,1,w5a1nRpygvqdqCmQHt0uHGLjgyPiJ98Vh8Hta2vTPcDOG3K6Dm94ovl7YeWSvgXQuHGL9gVrJKuzPUVB8SwzHwZBP2tNAh7xnrw4QNq_kAbC3jo,&typo=1 2016-02-16 07:28:46.000000000 -0500
+++ rancid-3.99.99-em/lib/https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fpanos.pm.in&c=E,1,uHSi8I1UcPVkwxOQRitK7GrRCXWOBpiFZ0PePIt2xZ-v24ryFpOozglEeqOnuUyGaAXn-mZZQ1q2vX5Kq-mPkDdUtIYX4wQMv--AEZgftElzvmHHZEjqGA,,&typo=1 2018-10-26 17:19:11.552895792 -0400
@@ -119,6 +119,23 @@
return(0);
}

+# This routine parses "show chassis inventory"
+sub ShowInventory {
+ my($INPUT, $OUTPUT, $cmd) = @_;
+ my($slot);
+
+ print STDERR " In ShowInventory:: $_" if ($debug);
+
+ while (<$INPUT>) {
+ tr/\015//d;
+ last if (/^$prompt/);
+
+ ProcessHistory("INV","","","#$_");
+ }
+ ProcessHistory("INV","","","#\n");
+ return(0);
+}
+

# This routine parses "show config running"
sub ShowConfig {

heasley

2018-11-05 19:29:07 UTC

Post by heasley
ok; committed. Either the alpha tarball or the svn repo. Welcome testers,
esp for palo alto, of which I have none.

super; committed. thanks.

Post by Erik Muller
diff -ur rancid-3.99.99/etc/rancid.types.base rancid-3.99.99-em/etc/rancid.types.base
--- rancid-3.99.99/etc/rancid.types.base 2018-10-24 11:13:49.000000000 -0400
+++ rancid-3.99.99-em/etc/rancid.types.base 2018-10-26 17:16:53.950868707 -0400
@@ -607,9 +607,8 @@
paloalto;login;panlogin
paloalto;module;panos
paloalto;inloop;panos::inloop
-paloalto;command;rancid::RunCommand;set cli scripting-mode on
-paloalto;command;rancid::RunCommand;set cli pager off
paloalto;command;panos::ShowInfo;show system info
+paloalto;command;panos::ShowInventory;show chassis inventory
paloalto;command;panos::ShowConfig;show config running
#
procket;script;prancid
diff -ur rancid-3.99.99/lib/panos.pm.in rancid-3.99.99-em/lib/panos.pm.in
--- rancid-3.99.99/lib/panos.pm.in 2016-02-16 07:28:46.000000000 -0500
+++ rancid-3.99.99-em/lib/panos.pm.in 2018-10-26 17:19:11.552895792 -0400
@@ -119,6 +119,23 @@
return(0);
}
+# This routine parses "show chassis inventory"
+sub ShowInventory {
+ my($slot);
+
+ print STDERR " In ShowInventory:: $_" if ($debug);
+
+ while (<$INPUT>) {
+ tr/\015//d;
+ last if (/^$prompt/);
+
+ ProcessHistory("INV","","","#$_");
+ }
+ ProcessHistory("INV","","","#\n");
+ return(0);
+}
+
# This routine parses "show config running"
sub ShowConfig {

Is this a new command or specific to larger platforms? What is the error
if the command is unknown?

Post by Erik Muller
diff -ur rancid-3.99.99/lib/nxos.pm.in rancid-3.99.99-em/lib/nxos.pm.in
--- rancid-3.99.99/lib/nxos.pm.in 2018-09-19 18:02:44.000000000 -0400
+++ rancid-3.99.99-em/lib/nxos.pm.in 2018-10-26 17:58:51.611639817 -0400
@@ -494,9 +494,12 @@
# Drop vtp_debug.log and vtp_debug_old.log CDETS bug CSCuy87611
/\s+vtp_debug(_old)?\.log$/ && next;
+ # Drop bcm_mem_locl_trace.log
+ /\s+bcm_mem_lock_trace\.log$/ && next;
+
next if (/BufferMonitor-1HourData/);
- if (/( debug_logs| log)\/$/) {
+ if (/( debug_logs| log| vdc_\d+)\/$/) {
# change
# 8192 Jan 08 14:05:05 2015 log/
# to

did I miss an explaination of this patch? I see what it does, but ...

Erik Muller

2018-11-06 12:53:42 UTC

Post by Erik Muller
+# This routine parses "show chassis inventory"
+sub ShowInventory {

...

Post by heasley
Is this a new command or specific to larger platforms? What is the error
if the command is unknown?

I assume it's universal across all PA (looks like it was introduced to the
CLI reference docs in panos 6.0), but I only have one model to test
against, on which it does:
***@fw1.ams(active)> show chassis inventory

Slot Component Serial Number Ports Revision
PA-3250 0xxxxxxxxxx1 20 1.1

FANTRAY1 PA-3200-FANTRAY 0xxxxxxxxxx9 1.0

PS1 (left) D1U54P-W-650-12-HB4C-PAN Mxxxxxxxxxx7 RB
PS2 (right) D1U54P-W-650-12-HB4C-PAN Mxxxxxxxxxx1 RB

Presumably on a box that doesn't support it, you'd get:
***@fw1.ams(active)> show badcommand

Invalid syntax.