Re: [rancid] Fortiweb 400C 5.82

2018-02-20 Thread heasley 
Tue, Feb 20, 2018 at 06:16:52PM -0500, Gerhard Mourani:
> Connection to the FortiWeb doesn’t complete and make a timeout. In the past, 
> It was related to password prompt that has been changed by Fortinet on this 
> model. Here past discussion on the subject -> 
> https://lists.gt.net/rancid/users/9793 
> 
> 
> Regards,

The output appears to present a successful login.

expect: does "Fortiweb01 $ " (spawn_id exp3) match regular expression "[\r\n]+"?
 (No Gate, RE only) gate=yes re=no
"^(.+[#\$] )"? Gate "* "? gate=yes re=yes
expect: set expect_out(0,string) "Fortiweb01 $ "
expect: set expect_out(1,string) "Fortiweb01 $ "
expect: set expect_out(spawn_id) "exp3"
expect: set expect_out(buffer) "Fortiweb01 $ "

so, what is timing-out?

> > On Feb 20, 2018, at 5:30 PM, heasley  wrote:
> > 
> > Fri, Feb 16, 2018 at 09:19:10AM -0500, Gerhard Mourani:
> >> Hello,
> >> 
> >> I've a problem again backing up Fortiweb configuration.
> >> Rancid 3.7
> >> FortiWeb-400C 5.82,build1375,170622
> > 
> > and the problem is?
> > 
> 

___
Rancid-discuss mailing list
Rancid-discuss@shrubbery.net
http://www.shrubbery.net/mailman/listinfo/rancid-discuss

Re: [rancid] Fortiweb 400C 5.82

2018-02-20 Thread Gerhard Mourani 
Connection to the FortiWeb doesn’t complete and make a timeout. In the past, It 
was related to password prompt that has been changed by Fortinet on this model. 
Here past discussion on the subject -> https://lists.gt.net/rancid/users/9793 


Regards,

> On Feb 20, 2018, at 5:30 PM, heasley  wrote:
> 
> Fri, Feb 16, 2018 at 09:19:10AM -0500, Gerhard Mourani:
>> Hello,
>> 
>> I've a problem again backing up Fortiweb configuration.
>> Rancid 3.7
>> FortiWeb-400C 5.82,build1375,170622
> 
> and the problem is?
> 

___
Rancid-discuss mailing list
Rancid-discuss@shrubbery.net
http://www.shrubbery.net/mailman/listinfo/rancid-discuss

Re: [rancid] OTP/2-factor authentication

2018-02-20 Thread heasley 
Tue, Feb 20, 2018 at 09:34:32PM +, Wayne Eisenberg:
> I did some searching, and I'm pretty sure I already know the answer, but has 
> anyone had any success with rancid and 2-factor authentication such as OKTA 
> (time-based OTP)?
> 
> Any workarounds?

how would it work?  I'm probably being dense on the subject, but it seems
like an obstacle to automation.  Happy to receive a cluebyfour.

it seems that such security goals can be achieved by aaa authorization
(ie: read-only) and password expiration in aaa authentication.

___
Rancid-discuss mailing list
Rancid-discuss@shrubbery.net
http://www.shrubbery.net/mailman/listinfo/rancid-discuss

[rancid] OTP/2-factor authentication

2018-02-20 Thread Wayne Eisenberg 
I did some searching, and I'm pretty sure I already know the answer, but has 
anyone had any success with rancid and 2-factor authentication such as OKTA 
(time-based OTP)?

Any workarounds?

Thanks,
Wayne



The information in this Internet e-mail (and any attachments) is confidential, 
may be legally privileged and is intended solely for the Addressee(s) named 
above. If you are not the intended recipient, or the employee or agent 
responsible for delivering it to the intended recipient, then any dissemination 
or copying of this e-mail (and any attachments) is prohibited and may be 
unlawful. If you received this e-mail in error, please immediately notify us by 
e-mail or telephone, then delete the message. Thank you.
___
Rancid-discuss mailing list
Rancid-discuss@shrubbery.net
http://www.shrubbery.net/mailman/listinfo/rancid-discuss

[rancid] Making variant of cisco ios

2018-02-20 Thread Charles T. Brooks 
I have some old cisco ACE devices and have been backing them up with rancid 
using the normal "cisco" module.

I want to add some commands like "show ft group summary" for example, and have 
the output of those commands show up in rancid diffs, prefixed with exclamation 
points in the same way that normal "show version" output is.

I've done this before by copying a device type definition from 
/etc/rancid.types.base to /etc/rancid.types.conf and editing it, but in the 
past I was always removing troublesome commands, not adding new ones.

Is there an existing module that I can reference in /etc/rancid.types.conf that 
simply takes the output from a command and prefixes exclamation points, no 
fancy special processing?  Or do I need to write one?

Thanks!
--Charlie

--  CONFIDENTIALITY NOTICE  ---

  This message, including any attachments, is for the sole use of the
intended recipient(s) and may contain privileged confidential information
protected by law. Any unauthorized review, use, disclosure or distribution
of this message is prohibited. If you are not the intended recipient, please
contact the sender by reply e-mail and destroy all copies of this message.
 
 --  CONFIDENTIALITY NOTICE  ---

___
Rancid-discuss mailing list
Rancid-discuss@shrubbery.net
http://www.shrubbery.net/mailman/listinfo/rancid-discuss

Re: [rancid] Show tech on latest Procurve software

2018-02-20 Thread Vacheslav 
Thank you for sharing!

Sincerely,

Vacheslav

 

From: Rancid-discuss [mailto:rancid-discuss-boun...@shrubbery.net] On Behalf Of 
Aleksander Vines
Sent: Tuesday, February 20, 2018 11:46 AM
To: rancid-discuss@shrubbery.net
Subject: Re: [rancid] Show tech on latest Procurve software

 

>That worked perfectly. Thanks for the fast reply.

 

>For reference, if anyone else have issues with new procurve software, this is 
>what I added:

 

># This routine parses "show tech transceivers"

) {

...

# These next two lines are new

next if (/[A-Z][a-z][a-z] [A-Z][a-z][a-z] [0-9]+ 
[0-2][0-9]:[0-5][0-9]:[0-5][0-9] 20[0-9][0-9]/);

next if (/show time/);

next if (/^(\s*|\s*$cmd\s*)$/);

...

}

 

>Thanks,

Aleksander Vines




From: Doug Hughes  > 
To:  > 
Sent: 2018-02-19 18:06 
Subject: Re: [rancid] Show tech on latest Procurve software 

Yes, it's fairly easy to filter out individual lines by editing the filter 
inside the perl scripts to make them go away. I have done this many, many 
times. The only trick is that when you upgrade you might lose your change, so 
save a copy or diff that you can re-apply later.

In this case, the place where you'd put the filter is in ~rancid/bin/hrancid in 
the routine "ShowTechTransceivers"

Right at the top where it has 'next if (...)'

either above or below that you can add a line that says something like next if 
(/thing I want to match here/) which will skip that line.

 

On 2/19/2018 9:12 AM, Aleksander Vines wrote:

Hi all, 

 

Is there a way of altering the output of rancid, or which commands it runs, or 
how the 'diff'ing' works?

 

We seem to have a problem with the latest hp software, where 'show tech 
transceivers' seems to include a call to 'show time'. Hence it notices a diff 
in the output timestamp and and it's fairly annoying if you actually want to 
keep track of changes. 

 

Ref. 
https://community.hpe.com/t5/ProCurve-ProVision-Based/Command-behavior-change-in-KB-16-05-0003-5406R-firmware/td-p/6992013

 

Regards,

Aleksander Vines





___
Rancid-discuss mailing list
Rancid-discuss@shrubbery.net  
http://www.shrubbery.net/mailman/listinfo/rancid-discuss

 

-- 


Doug Hughes
Keystone NAP
Fairless Hills, PA
1.844.KEYBLOCK (539.2562)





___ 
Rancid-discuss mailing list 
Rancid-discuss@shrubbery.net   
http://www.shrubbery.net/mailman/listinfo/rancid-discuss

___
Rancid-discuss mailing list
Rancid-discuss@shrubbery.net
http://www.shrubbery.net/mailman/listinfo/rancid-discuss

Re: [rancid] Show tech on latest Procurve software

2018-02-20 Thread Aleksander Vines 
That worked perfectly. Thanks for the fast reply.


For reference, if anyone else have issues with new procurve software, this is 
what I added:



# This routine parses "show tech transceivers"
sub ShowTechTransceivers {
    ...
    while () {
        ...
        # These next two lines are new
        next if (/[A-Z][a-z][a-z] [A-Z][a-z][a-z] [0-9]+ 
[0-2][0-9]:[0-5][0-9]:[0-5][0-9] 20[0-9][0-9]/);
        next if (/show time/);
        next if (/^(\s*|\s*$cmd\s*)$/);
        ...
}


Thanks,
Aleksander Vines




 From:   Doug Hughes  
 To:    
 Sent:   2018-02-19 18:06 
 Subject:   Re: [rancid] Show tech on latest Procurve software 


 
Yes, it's fairly easy to filter out individual lines by editing   the 
filter inside the perl scripts to make them go away. I have   done this 
many, many times. The only trick is that when you   upgrade you might lose 
your change, so save a copy or diff that   you can re-apply later. 
In this case, the place where you'd put the filter is in   
~rancid/bin/hrancid in the routine "ShowTechTransceivers" 
Right at the top where it has 'next if (...)' 
either above or below that you can add a line that says something   like 
next if (/thing I want to match here/) which will skip that   line. 

  
On 2/19/2018 9:12 AM, Aleksander Vines   wrote:
  Hi   all,   

  
Is there a way of altering the output of rancid, or which commands it 
runs, or how the 'diff'ing' works?   

  
We seem to have a problem with the latest hp software, where 'show tech 
transceivers' seems to include a call to 'show time'. Hence it notices 
a diff in the output timestamp and and it's fairly annoying if you 
actually want to keep track of changes.    

  
Ref. 
https://community.hpe.com/t5/ProCurve-ProVision-Based/Command-behavior-change-in-KB-16-05-0003-5406R-firmware/td-p/6992013
   

  
Regards,   
Aleksander Vines   
  
   ___
Rancid-discuss mailing list
Rancid-discuss@shrubbery.net
http://www.shrubbery.net/mailman/listinfo/rancid-discuss  
 
-- 
   
Doug Hughes
   Keystone NAP
   Fairless Hills, PA
   1.844.KEYBLOCK (539.2562)
 

___ 
Rancid-discuss mailing list 
Rancid-discuss@shrubbery.net 
http://www.shrubbery.net/mailman/listinfo/rancid-discuss___
Rancid-discuss mailing list
Rancid-discuss@shrubbery.net
http://www.shrubbery.net/mailman/listinfo/rancid-discuss