# PaCkAgE DaTaStReAm
rancid 1 3239
# end of header
0707010009ea64000081a40000000000000000000000014fa8b74000000102000000b600010002ffffffffffffffff0000000f00000000rancid/pkginfo PKG=rancid
NAME=rancid 2.3.8 i86pc Solaris 11
VERSION=2.3.8
PSTAMP=8th May 2012
VENDOR=Shrubbery Networks
EMAIL=http://www.shrubbery.net/rancid/
DESC=Router config tracker
ARCH=i386
CATEGORY=utility
CLASSES=none
BASEDIR=/
ISTATES=S s 1 2 3
RSTATES=S s 1 2 3
0707010009ea63000081a40000000000000000000000014fa8b74000002e5e000000b600010002ffffffffffffffff0000000e00000000rancid/pkgmap : 1 3239
1 d none /usr ? ? ?
1 d none /usr/local ? ? ?
1 d none /usr/local/rancid 0755 root root
1 d none /usr/local/rancid/bin 0755 root root
1 f none /usr/local/rancid/bin/agmrancid 0755 root root 16290 17049 1336456993
1 f none /usr/local/rancid/bin/alogin 0755 root root 16231 56032 1336456993
1 f none /usr/local/rancid/bin/arancid 0755 root root 10498 36588 1336456993
1 f none /usr/local/rancid/bin/arrancid 0755 root root 23055 39175 1336456993
1 f none /usr/local/rancid/bin/avologin 0755 root root 21726 39724 1336456993
1 f none /usr/local/rancid/bin/avorancid 0755 root root 9821 53756 1336456993
1 f none /usr/local/rancid/bin/blogin 0755 root root 19300 50675 1336456993
1 f none /usr/local/rancid/bin/brancid 0755 root root 10087 7624 1336456993
1 f none /usr/local/rancid/bin/cat5rancid 0755 root root 37707 54860 1336456993
1 f none /usr/local/rancid/bin/clogin 0755 root root 27096 47032 1336456993
1 f none /usr/local/rancid/bin/control_rancid 0755 root root 14206 43513 1336456993
1 f none /usr/local/rancid/bin/cssrancid 0755 root root 23198 62514 1336456993
1 f none /usr/local/rancid/bin/elogin 0755 root root 14721 4267 1336456993
1 f none /usr/local/rancid/bin/erancid 0755 root root 10579 43442 1336456993
1 f none /usr/local/rancid/bin/f10rancid 0755 root root 21744 16318 1336456993
1 f none /usr/local/rancid/bin/f5rancid 0755 root root 18821 11825 1336456993
1 f none /usr/local/rancid/bin/flogin 0755 root root 20620 12670 1336456993
1 f none /usr/local/rancid/bin/fnlogin 0755 root root 17230 61634 1336456993
1 f none /usr/local/rancid/bin/fnrancid 0755 root root 10488 38270 1336456993
1 f none /usr/local/rancid/bin/francid 0755 root root 15737 36705 1336456993
1 f none /usr/local/rancid/bin/hlogin 0755 root root 22977 65431 1336456993
1 f none /usr/local/rancid/bin/hpuifilter 0755 root root 33560 30997 1336456993
1 f none /usr/local/rancid/bin/hrancid 0755 root root 19837 32126 1336456993
1 f none /usr/local/rancid/bin/htlogin 0755 root root 14653 64820 1336456993
1 f none /usr/local/rancid/bin/htrancid 0755 root root 9358 19678 1336456993
1 f none /usr/local/rancid/bin/jerancid 0755 root root 21360 46190 1336456993
1 f none /usr/local/rancid/bin/jlogin 0755 root root 16634 28324 1336456993
1 f none /usr/local/rancid/bin/jrancid 0755 root root 22842 7771 1336456993
1 f none /usr/local/rancid/bin/lg.cgi 0755 root root 24640 27572 1336456993
1 f none /usr/local/rancid/bin/lgform.cgi 0755 root root 7817 10534 1336456993
1 f none /usr/local/rancid/bin/mrancid 0755 root root 13772 16146 1336456993
1 f none /usr/local/rancid/bin/mrvlogin 0755 root root 22479 23237 1336456993
1 f none /usr/local/rancid/bin/mrvrancid 0755 root root 16399 21311 1336456993
1 f none /usr/local/rancid/bin/mtlogin 0755 root root 15548 859 1336456993
1 f none /usr/local/rancid/bin/mtrancid 0755 root root 8994 48932 1336456993
1 f none /usr/local/rancid/bin/nlogin 0755 root root 17012 58191 1336456993
1 f none /usr/local/rancid/bin/nrancid 0755 root root 11683 55160 1336456993
1 f none /usr/local/rancid/bin/nslogin 0755 root root 19508 49929 1336456993
1 f none /usr/local/rancid/bin/nsrancid 0755 root root 9714 49441 1336456993
1 f none /usr/local/rancid/bin/nxrancid 0755 root root 37705 8525 1336456993
1 f none /usr/local/rancid/bin/par 0755 root root 6044 11432 1336456993
1 f none /usr/local/rancid/bin/prancid 0755 root root 18858 9977 1336456993
1 f none /usr/local/rancid/bin/rancid 0755 root root 69905 237 1336456993
1 f none /usr/local/rancid/bin/rancid-cvs 0755 root root 4672 30394 1336456993
1 f none /usr/local/rancid/bin/rancid-fe 0755 root root 3699 23244 1336456993
1 f none /usr/local/rancid/bin/rancid-run 0755 root root 4880 37672 1336456993
1 f none /usr/local/rancid/bin/rivlogin 0755 root root 23930 27463 1336456993
1 f none /usr/local/rancid/bin/rivrancid 0755 root root 10999 14098 1336456993
1 f none /usr/local/rancid/bin/rrancid 0755 root root 13319 65297 1336456993
1 f none /usr/local/rancid/bin/srancid 0755 root root 13059 29058 1336456993
1 f none /usr/local/rancid/bin/tlogin 0755 root root 24724 9145 1336456993
1 f none /usr/local/rancid/bin/tntlogin 0755 root root 16056 51326 1336456993
1 f none /usr/local/rancid/bin/tntrancid 0755 root root 9996 2774 1336456993
1 f none /usr/local/rancid/bin/trancid 0755 root root 9971 1601 1336456993
1 f none /usr/local/rancid/bin/xrancid 0755 root root 17111 15465 1336456993
1 f none /usr/local/rancid/bin/xrrancid 0755 root root 44520 3380 1336456993
1 f none /usr/local/rancid/bin/zrancid 0755 root root 13908 32572 1336456993
1 d none /usr/local/rancid/etc 0755 root root
1 f none /usr/local/rancid/etc/lg.conf 0644 root root 6426 11552 1336438524
1 f none /usr/local/rancid/etc/rancid.conf 0644 root root 3792 58661 1336438524
1 d none /usr/local/rancid/share 0755 root root
1 d none /usr/local/rancid/share/man 0755 root root
1 d none /usr/local/rancid/share/man/man1 0755 root root
1 f none /usr/local/rancid/share/man/man1/agmrancid.1 0644 root root 18 1446 1336456993
1 f none /usr/local/rancid/share/man/man1/alogin.1 0644 root root 18 1457 1336456993
1 f none /usr/local/rancid/share/man/man1/arancid.1 0644 root root 18 1446 1336456993
1 f none /usr/local/rancid/share/man/man1/arrancid.1 0644 root root 18 1446 1336456993
1 f none /usr/local/rancid/share/man/man1/avologin.1 0644 root root 18 1457 1336456993
1 f none /usr/local/rancid/share/man/man1/avorancid.1 0644 root root 18 1446 1336456993
1 f none /usr/local/rancid/share/man/man1/blogin.1 0644 root root 18 1457 1336456993
1 f none /usr/local/rancid/share/man/man1/brancid.1 0644 root root 18 1446 1336456993
1 f none /usr/local/rancid/share/man/man1/cat5rancid.1 0644 root root 18 1446 1336456993
1 f none /usr/local/rancid/share/man/man1/clogin.1 0644 root root 7036 20869 1336456993
1 f none /usr/local/rancid/share/man/man1/control_rancid.1 0644 root root 1345 48501 1336456993
1 f none /usr/local/rancid/share/man/man1/cssrancid.1 0644 root root 18 1446 1336456993
1 f none /usr/local/rancid/share/man/man1/elogin.1 0644 root root 18 1457 1336456993
1 f none /usr/local/rancid/share/man/man1/erancid.1 0644 root root 18 1446 1336456993
1 f none /usr/local/rancid/share/man/man1/f10rancid.1 0644 root root 18 1446 1336456993
1 f none /usr/local/rancid/share/man/man1/f5rancid.1 0644 root root 18 1446 1336456993
1 f none /usr/local/rancid/share/man/man1/flogin.1 0644 root root 18 1457 1336456993
1 f none /usr/local/rancid/share/man/man1/fnlogin.1 0644 root root 18 1457 1336456993
1 f none /usr/local/rancid/share/man/man1/fnrancid.1 0644 root root 18 1446 1336456993
1 f none /usr/local/rancid/share/man/man1/francid.1 0644 root root 18 1446 1336456993
1 f none /usr/local/rancid/share/man/man1/hlogin.1 0644 root root 18 1457 1336456993
1 f none /usr/local/rancid/share/man/man1/hrancid.1 0644 root root 18 1446 1336456993
1 f none /usr/local/rancid/share/man/man1/htlogin.1 0644 root root 18 1457 1336456993
1 f none /usr/local/rancid/share/man/man1/htrancid.1 0644 root root 18 1446 1336456993
1 f none /usr/local/rancid/share/man/man1/jerancid.1 0644 root root 18 1446 1336456993
1 f none /usr/local/rancid/share/man/man1/jlogin.1 0644 root root 18 1457 1336456993
1 f none /usr/local/rancid/share/man/man1/jrancid.1 0644 root root 18 1446 1336456993
1 f none /usr/local/rancid/share/man/man1/lg_intro.1 0644 root root 2189 60519 1336456993
1 f none /usr/local/rancid/share/man/man1/mrancid.1 0644 root root 18 1446 1336456993
1 f none /usr/local/rancid/share/man/man1/mrvlogin.1 0644 root root 18 1457 1336456993
1 f none /usr/local/rancid/share/man/man1/mrvrancid.1 0644 root root 18 1446 1336456993
1 f none /usr/local/rancid/share/man/man1/mtlogin.1 0644 root root 18 1457 1336456993
1 f none /usr/local/rancid/share/man/man1/mtrancid.1 0644 root root 18 1446 1336456993
1 f none /usr/local/rancid/share/man/man1/nlogin.1 0644 root root 18 1457 1336456993
1 f none /usr/local/rancid/share/man/man1/nrancid.1 0644 root root 18 1446 1336456993
1 f none /usr/local/rancid/share/man/man1/nslogin.1 0644 root root 18 1457 1336456993
1 f none /usr/local/rancid/share/man/man1/nsrancid.1 0644 root root 18 1446 1336456993
1 f none /usr/local/rancid/share/man/man1/nxrancid.1 0644 root root 18 1446 1336456993
1 f none /usr/local/rancid/share/man/man1/par.1 0644 root root 2224 52776 1336456993
1 f none /usr/local/rancid/share/man/man1/prancid.1 0644 root root 18 1446 1336456993
1 f none /usr/local/rancid/share/man/man1/rancid-cvs.1 0644 root root 1415 54999 1336456993
1 f none /usr/local/rancid/share/man/man1/rancid-run.1 0644 root root 3211 10597 1336456993
1 f none /usr/local/rancid/share/man/man1/rancid.1 0644 root root 2980 56426 1336456993
1 f none /usr/local/rancid/share/man/man1/rancid_intro.1 0644 root root 4142 18913 1336456993
1 f none /usr/local/rancid/share/man/man1/rivlogin.1 0644 root root 18 1457 1336456993
1 f none /usr/local/rancid/share/man/man1/rivrancid.1 0644 root root 18 1446 1336456993
1 f none /usr/local/rancid/share/man/man1/rrancid.1 0644 root root 18 1446 1336456993
1 f none /usr/local/rancid/share/man/man1/srancid.1 0644 root root 18 1446 1336456993
1 f none /usr/local/rancid/share/man/man1/tlogin.1 0644 root root 18 1457 1336456993
1 f none /usr/local/rancid/share/man/man1/tntlogin.1 0644 root root 18 1457 1336456993
1 f none /usr/local/rancid/share/man/man1/tntrancid.1 0644 root root 18 1446 1336456993
1 f none /usr/local/rancid/share/man/man1/trancid.1 0644 root root 18 1446 1336456993
1 f none /usr/local/rancid/share/man/man1/xrancid.1 0644 root root 18 1446 1336456993
1 f none /usr/local/rancid/share/man/man1/xrrancid.1 0644 root root 18 1446 1336456993
1 f none /usr/local/rancid/share/man/man1/zrancid.1 0644 root root 18 1446 1336456993
1 d none /usr/local/rancid/share/man/man5 0755 root root
1 f none /usr/local/rancid/share/man/man5/cloginrc.5 0644 root root 9405 41356 1336456993
1 f none /usr/local/rancid/share/man/man5/lg.conf.5 0644 root root 4906 27348 1336456993
1 f none /usr/local/rancid/share/man/man5/rancid.conf.5 0644 root root 7346 45827 1336456993
1 f none /usr/local/rancid/share/man/man5/router.db.5 0644 root root 4455 40642 1336456993
1 d none /usr/local/rancid/share/rancid 0755 root root
1 f none /usr/local/rancid/share/rancid/CHANGES 0644 root root 39032 6023 1336456993
1 f none /usr/local/rancid/share/rancid/COPYING 0644 root root 2387 63441 1336456993
1 f none /usr/local/rancid/share/rancid/FAQ 0644 root root 17967 38297 1336456993
1 f none /usr/local/rancid/share/rancid/README 0644 root root 12738 7416 1336456993
1 f none /usr/local/rancid/share/rancid/README.lg 0644 root root 4096 27756 1336456993
1 f none /usr/local/rancid/share/rancid/README.misc 0644 root root 881 13254 1336456993
1 f none /usr/local/rancid/share/rancid/UPGRADING 0644 root root 3576 45754 1336456993
1 f none /usr/local/rancid/share/rancid/cisco-load.exp 0644 root root 11459 13505 1336456993
1 f none /usr/local/rancid/share/rancid/cisco-reload.exp 0644 root root 6101 35591 1336456993
1 f none /usr/local/rancid/share/rancid/cloginrc.sample 0644 root root 3772 3465 1336456993
1 f none /usr/local/rancid/share/rancid/downreport 0755 root root 3759 37245 1336456993
1 f none /usr/local/rancid/share/rancid/getipacctg 0755 root root 5178 1948 1336456993
1 f none /usr/local/rancid/share/rancid/index.html 0644 root root 490 42477 1336456993
1 f none /usr/local/rancid/share/rancid/lg.conf.sample 0644 root root 6426 11552 1336456993
1 f none /usr/local/rancid/share/rancid/lgnotes.html 0644 root root 2607 32574 1336456993
1 f none /usr/local/rancid/share/rancid/rancid-cvspurge 0755 root root 3245 59831 1336456993
1 f none /usr/local/rancid/share/rancid/rancid.conf.sample 0644 root root 3782 57698 1336456993
1 f none /usr/local/rancid/share/rancid/rtrfilter 0755 root root 5872 11282 1336456993
1 d none /var/rancid 0755 root root
1 i checkinstall 790 2505 1336457174
1 i pkginfo 258 20034 1336457024
07070100000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000b00000000TRAILER!!! 0707010009ea64000081a40000000000000000000000014fa8b74000000102000000b600010002ffffffffffffffff0000000800000000pkginfo PKG=rancid
NAME=rancid 2.3.8 i86pc Solaris 11
VERSION=2.3.8
PSTAMP=8th May 2012
VENDOR=Shrubbery Networks
EMAIL=http://www.shrubbery.net/rancid/
DESC=Router config tracker
ARCH=i386
CATEGORY=utility
CLASSES=none
BASEDIR=/
ISTATES=S s 1 2 3
RSTATES=S s 1 2 3
0707010009ea63000081a40000000000000000000000014fa8b74000002e5e000000b600010002ffffffffffffffff0000000700000000pkgmap : 1 3239
1 d none /usr ? ? ?
1 d none /usr/local ? ? ?
1 d none /usr/local/rancid 0755 root root
1 d none /usr/local/rancid/bin 0755 root root
1 f none /usr/local/rancid/bin/agmrancid 0755 root root 16290 17049 1336456993
1 f none /usr/local/rancid/bin/alogin 0755 root root 16231 56032 1336456993
1 f none /usr/local/rancid/bin/arancid 0755 root root 10498 36588 1336456993
1 f none /usr/local/rancid/bin/arrancid 0755 root root 23055 39175 1336456993
1 f none /usr/local/rancid/bin/avologin 0755 root root 21726 39724 1336456993
1 f none /usr/local/rancid/bin/avorancid 0755 root root 9821 53756 1336456993
1 f none /usr/local/rancid/bin/blogin 0755 root root 19300 50675 1336456993
1 f none /usr/local/rancid/bin/brancid 0755 root root 10087 7624 1336456993
1 f none /usr/local/rancid/bin/cat5rancid 0755 root root 37707 54860 1336456993
1 f none /usr/local/rancid/bin/clogin 0755 root root 27096 47032 1336456993
1 f none /usr/local/rancid/bin/control_rancid 0755 root root 14206 43513 1336456993
1 f none /usr/local/rancid/bin/cssrancid 0755 root root 23198 62514 1336456993
1 f none /usr/local/rancid/bin/elogin 0755 root root 14721 4267 1336456993
1 f none /usr/local/rancid/bin/erancid 0755 root root 10579 43442 1336456993
1 f none /usr/local/rancid/bin/f10rancid 0755 root root 21744 16318 1336456993
1 f none /usr/local/rancid/bin/f5rancid 0755 root root 18821 11825 1336456993
1 f none /usr/local/rancid/bin/flogin 0755 root root 20620 12670 1336456993
1 f none /usr/local/rancid/bin/fnlogin 0755 root root 17230 61634 1336456993
1 f none /usr/local/rancid/bin/fnrancid 0755 root root 10488 38270 1336456993
1 f none /usr/local/rancid/bin/francid 0755 root root 15737 36705 1336456993
1 f none /usr/local/rancid/bin/hlogin 0755 root root 22977 65431 1336456993
1 f none /usr/local/rancid/bin/hpuifilter 0755 root root 33560 30997 1336456993
1 f none /usr/local/rancid/bin/hrancid 0755 root root 19837 32126 1336456993
1 f none /usr/local/rancid/bin/htlogin 0755 root root 14653 64820 1336456993
1 f none /usr/local/rancid/bin/htrancid 0755 root root 9358 19678 1336456993
1 f none /usr/local/rancid/bin/jerancid 0755 root root 21360 46190 1336456993
1 f none /usr/local/rancid/bin/jlogin 0755 root root 16634 28324 1336456993
1 f none /usr/local/rancid/bin/jrancid 0755 root root 22842 7771 1336456993
1 f none /usr/local/rancid/bin/lg.cgi 0755 root root 24640 27572 1336456993
1 f none /usr/local/rancid/bin/lgform.cgi 0755 root root 7817 10534 1336456993
1 f none /usr/local/rancid/bin/mrancid 0755 root root 13772 16146 1336456993
1 f none /usr/local/rancid/bin/mrvlogin 0755 root root 22479 23237 1336456993
1 f none /usr/local/rancid/bin/mrvrancid 0755 root root 16399 21311 1336456993
1 f none /usr/local/rancid/bin/mtlogin 0755 root root 15548 859 1336456993
1 f none /usr/local/rancid/bin/mtrancid 0755 root root 8994 48932 1336456993
1 f none /usr/local/rancid/bin/nlogin 0755 root root 17012 58191 1336456993
1 f none /usr/local/rancid/bin/nrancid 0755 root root 11683 55160 1336456993
1 f none /usr/local/rancid/bin/nslogin 0755 root root 19508 49929 1336456993
1 f none /usr/local/rancid/bin/nsrancid 0755 root root 9714 49441 1336456993
1 f none /usr/local/rancid/bin/nxrancid 0755 root root 37705 8525 1336456993
1 f none /usr/local/rancid/bin/par 0755 root root 6044 11432 1336456993
1 f none /usr/local/rancid/bin/prancid 0755 root root 18858 9977 1336456993
1 f none /usr/local/rancid/bin/rancid 0755 root root 69905 237 1336456993
1 f none /usr/local/rancid/bin/rancid-cvs 0755 root root 4672 30394 1336456993
1 f none /usr/local/rancid/bin/rancid-fe 0755 root root 3699 23244 1336456993
1 f none /usr/local/rancid/bin/rancid-run 0755 root root 4880 37672 1336456993
1 f none /usr/local/rancid/bin/rivlogin 0755 root root 23930 27463 1336456993
1 f none /usr/local/rancid/bin/rivrancid 0755 root root 10999 14098 1336456993
1 f none /usr/local/rancid/bin/rrancid 0755 root root 13319 65297 1336456993
1 f none /usr/local/rancid/bin/srancid 0755 root root 13059 29058 1336456993
1 f none /usr/local/rancid/bin/tlogin 0755 root root 24724 9145 1336456993
1 f none /usr/local/rancid/bin/tntlogin 0755 root root 16056 51326 1336456993
1 f none /usr/local/rancid/bin/tntrancid 0755 root root 9996 2774 1336456993
1 f none /usr/local/rancid/bin/trancid 0755 root root 9971 1601 1336456993
1 f none /usr/local/rancid/bin/xrancid 0755 root root 17111 15465 1336456993
1 f none /usr/local/rancid/bin/xrrancid 0755 root root 44520 3380 1336456993
1 f none /usr/local/rancid/bin/zrancid 0755 root root 13908 32572 1336456993
1 d none /usr/local/rancid/etc 0755 root root
1 f none /usr/local/rancid/etc/lg.conf 0644 root root 6426 11552 1336438524
1 f none /usr/local/rancid/etc/rancid.conf 0644 root root 3792 58661 1336438524
1 d none /usr/local/rancid/share 0755 root root
1 d none /usr/local/rancid/share/man 0755 root root
1 d none /usr/local/rancid/share/man/man1 0755 root root
1 f none /usr/local/rancid/share/man/man1/agmrancid.1 0644 root root 18 1446 1336456993
1 f none /usr/local/rancid/share/man/man1/alogin.1 0644 root root 18 1457 1336456993
1 f none /usr/local/rancid/share/man/man1/arancid.1 0644 root root 18 1446 1336456993
1 f none /usr/local/rancid/share/man/man1/arrancid.1 0644 root root 18 1446 1336456993
1 f none /usr/local/rancid/share/man/man1/avologin.1 0644 root root 18 1457 1336456993
1 f none /usr/local/rancid/share/man/man1/avorancid.1 0644 root root 18 1446 1336456993
1 f none /usr/local/rancid/share/man/man1/blogin.1 0644 root root 18 1457 1336456993
1 f none /usr/local/rancid/share/man/man1/brancid.1 0644 root root 18 1446 1336456993
1 f none /usr/local/rancid/share/man/man1/cat5rancid.1 0644 root root 18 1446 1336456993
1 f none /usr/local/rancid/share/man/man1/clogin.1 0644 root root 7036 20869 1336456993
1 f none /usr/local/rancid/share/man/man1/control_rancid.1 0644 root root 1345 48501 1336456993
1 f none /usr/local/rancid/share/man/man1/cssrancid.1 0644 root root 18 1446 1336456993
1 f none /usr/local/rancid/share/man/man1/elogin.1 0644 root root 18 1457 1336456993
1 f none /usr/local/rancid/share/man/man1/erancid.1 0644 root root 18 1446 1336456993
1 f none /usr/local/rancid/share/man/man1/f10rancid.1 0644 root root 18 1446 1336456993
1 f none /usr/local/rancid/share/man/man1/f5rancid.1 0644 root root 18 1446 1336456993
1 f none /usr/local/rancid/share/man/man1/flogin.1 0644 root root 18 1457 1336456993
1 f none /usr/local/rancid/share/man/man1/fnlogin.1 0644 root root 18 1457 1336456993
1 f none /usr/local/rancid/share/man/man1/fnrancid.1 0644 root root 18 1446 1336456993
1 f none /usr/local/rancid/share/man/man1/francid.1 0644 root root 18 1446 1336456993
1 f none /usr/local/rancid/share/man/man1/hlogin.1 0644 root root 18 1457 1336456993
1 f none /usr/local/rancid/share/man/man1/hrancid.1 0644 root root 18 1446 1336456993
1 f none /usr/local/rancid/share/man/man1/htlogin.1 0644 root root 18 1457 1336456993
1 f none /usr/local/rancid/share/man/man1/htrancid.1 0644 root root 18 1446 1336456993
1 f none /usr/local/rancid/share/man/man1/jerancid.1 0644 root root 18 1446 1336456993
1 f none /usr/local/rancid/share/man/man1/jlogin.1 0644 root root 18 1457 1336456993
1 f none /usr/local/rancid/share/man/man1/jrancid.1 0644 root root 18 1446 1336456993
1 f none /usr/local/rancid/share/man/man1/lg_intro.1 0644 root root 2189 60519 1336456993
1 f none /usr/local/rancid/share/man/man1/mrancid.1 0644 root root 18 1446 1336456993
1 f none /usr/local/rancid/share/man/man1/mrvlogin.1 0644 root root 18 1457 1336456993
1 f none /usr/local/rancid/share/man/man1/mrvrancid.1 0644 root root 18 1446 1336456993
1 f none /usr/local/rancid/share/man/man1/mtlogin.1 0644 root root 18 1457 1336456993
1 f none /usr/local/rancid/share/man/man1/mtrancid.1 0644 root root 18 1446 1336456993
1 f none /usr/local/rancid/share/man/man1/nlogin.1 0644 root root 18 1457 1336456993
1 f none /usr/local/rancid/share/man/man1/nrancid.1 0644 root root 18 1446 1336456993
1 f none /usr/local/rancid/share/man/man1/nslogin.1 0644 root root 18 1457 1336456993
1 f none /usr/local/rancid/share/man/man1/nsrancid.1 0644 root root 18 1446 1336456993
1 f none /usr/local/rancid/share/man/man1/nxrancid.1 0644 root root 18 1446 1336456993
1 f none /usr/local/rancid/share/man/man1/par.1 0644 root root 2224 52776 1336456993
1 f none /usr/local/rancid/share/man/man1/prancid.1 0644 root root 18 1446 1336456993
1 f none /usr/local/rancid/share/man/man1/rancid-cvs.1 0644 root root 1415 54999 1336456993
1 f none /usr/local/rancid/share/man/man1/rancid-run.1 0644 root root 3211 10597 1336456993
1 f none /usr/local/rancid/share/man/man1/rancid.1 0644 root root 2980 56426 1336456993
1 f none /usr/local/rancid/share/man/man1/rancid_intro.1 0644 root root 4142 18913 1336456993
1 f none /usr/local/rancid/share/man/man1/rivlogin.1 0644 root root 18 1457 1336456993
1 f none /usr/local/rancid/share/man/man1/rivrancid.1 0644 root root 18 1446 1336456993
1 f none /usr/local/rancid/share/man/man1/rrancid.1 0644 root root 18 1446 1336456993
1 f none /usr/local/rancid/share/man/man1/srancid.1 0644 root root 18 1446 1336456993
1 f none /usr/local/rancid/share/man/man1/tlogin.1 0644 root root 18 1457 1336456993
1 f none /usr/local/rancid/share/man/man1/tntlogin.1 0644 root root 18 1457 1336456993
1 f none /usr/local/rancid/share/man/man1/tntrancid.1 0644 root root 18 1446 1336456993
1 f none /usr/local/rancid/share/man/man1/trancid.1 0644 root root 18 1446 1336456993
1 f none /usr/local/rancid/share/man/man1/xrancid.1 0644 root root 18 1446 1336456993
1 f none /usr/local/rancid/share/man/man1/xrrancid.1 0644 root root 18 1446 1336456993
1 f none /usr/local/rancid/share/man/man1/zrancid.1 0644 root root 18 1446 1336456993
1 d none /usr/local/rancid/share/man/man5 0755 root root
1 f none /usr/local/rancid/share/man/man5/cloginrc.5 0644 root root 9405 41356 1336456993
1 f none /usr/local/rancid/share/man/man5/lg.conf.5 0644 root root 4906 27348 1336456993
1 f none /usr/local/rancid/share/man/man5/rancid.conf.5 0644 root root 7346 45827 1336456993
1 f none /usr/local/rancid/share/man/man5/router.db.5 0644 root root 4455 40642 1336456993
1 d none /usr/local/rancid/share/rancid 0755 root root
1 f none /usr/local/rancid/share/rancid/CHANGES 0644 root root 39032 6023 1336456993
1 f none /usr/local/rancid/share/rancid/COPYING 0644 root root 2387 63441 1336456993
1 f none /usr/local/rancid/share/rancid/FAQ 0644 root root 17967 38297 1336456993
1 f none /usr/local/rancid/share/rancid/README 0644 root root 12738 7416 1336456993
1 f none /usr/local/rancid/share/rancid/README.lg 0644 root root 4096 27756 1336456993
1 f none /usr/local/rancid/share/rancid/README.misc 0644 root root 881 13254 1336456993
1 f none /usr/local/rancid/share/rancid/UPGRADING 0644 root root 3576 45754 1336456993
1 f none /usr/local/rancid/share/rancid/cisco-load.exp 0644 root root 11459 13505 1336456993
1 f none /usr/local/rancid/share/rancid/cisco-reload.exp 0644 root root 6101 35591 1336456993
1 f none /usr/local/rancid/share/rancid/cloginrc.sample 0644 root root 3772 3465 1336456993
1 f none /usr/local/rancid/share/rancid/downreport 0755 root root 3759 37245 1336456993
1 f none /usr/local/rancid/share/rancid/getipacctg 0755 root root 5178 1948 1336456993
1 f none /usr/local/rancid/share/rancid/index.html 0644 root root 490 42477 1336456993
1 f none /usr/local/rancid/share/rancid/lg.conf.sample 0644 root root 6426 11552 1336456993
1 f none /usr/local/rancid/share/rancid/lgnotes.html 0644 root root 2607 32574 1336456993
1 f none /usr/local/rancid/share/rancid/rancid-cvspurge 0755 root root 3245 59831 1336456993
1 f none /usr/local/rancid/share/rancid/rancid.conf.sample 0644 root root 3782 57698 1336456993
1 f none /usr/local/rancid/share/rancid/rtrfilter 0755 root root 5872 11282 1336456993
1 d none /var/rancid 0755 root root
1 i checkinstall 790 2505 1336457174
1 i pkginfo 258 20034 1336457024
0707010009eafa000041ed0000000000000000000000024fa8b74000000000000000b600010002ffffffffffffffff0000000800000000install 0707010009eafb000081ed0000000000000000000000014fa8b7d600000316000000b600010002ffffffffffffffff0000001500000000install/checkinstall #!/bin/sh
#
expected_bits="64"
expected_release="5.11"
expected_platform="i386"
#
release=`uname -r`
platform=`uname -p`
bits=`isainfo -b`
#
if [ ${platform} != ${expected_platform} ]; then
echo "\n\n\n\tThis package must be installed on a ${expected_platform} architecture\n"
echo "\tAborting installation.\n\n\n"
exit 1
fi
if [ ${release} != ${expected_release} ]; then
echo "\n\n\n\tThis package must be installed on a ${expected_release} machine\n"
echo "\tAborting installation.\n\n\n"
exit 1
fi
#if [ ${bits} != ${expected_bits} ]; then
# echo "\n\n\n\tThis package must be installed on a ${expected_bits} bit machine\n"
# echo "\tYour machine is running a ${bits} bit O.S. currently\n"
# echo "\tAborting installation.\n\n\n"
# exit 1
#fi
exit 0
0707010009ea65000041ed0000000000000000000000034fa8b74000000000000000b600010002ffffffffffffffff0000000500000000root 0707010009ea66000041ed0000000000000000000000034fa8b74000000000000000b600010002ffffffffffffffff0000000900000000root/usr 0707010009ea67000041ed0000000000000000000000034fa8b74000000000000000b600010002ffffffffffffffff0000000f00000000root/usr/local 0707010009ea68000041ed0000000000000000000000054fa8b74000000000000000b600010002ffffffffffffffff0000001600000000root/usr/local/rancid 0707010009eaa3000041ed0000000000000000000000024fa8b74000000000000000b600010002ffffffffffffffff0000001a00000000root/usr/local/rancid/etc 0707010009eaa5000081a40000000000000000000000014fa86efc00000ed0000000b600010002ffffffffffffffff0000002600000000root/usr/local/rancid/etc/rancid.conf # rancid 2.3.8
# This file sets up the environment used for rancid. see rancid.conf(5)
#
# This will be site specific
#
TERM=network;export TERM
#
# Collating locale
LC_COLLATE="POSIX"; export LC_COLLATE
#
# Create files w/o world read/write/exec permissions, but read/exec permissions
# for group.
umask 027
#
# Under BASEDIR (i.e.: --localstatedir), there will be a "logs" directory for
# the logs from rancid and a directory for each group of routers defined in
# LIST_OF_GROUPS (below). In addition to these, there will be a "CVS"
# directory which is the cvs (or Subversion) repository.
#
# Use a full path (no sym-links) for BASEDIR.
#
TMPDIR=/tmp; export TMPDIR
# Be careful changing this, it affects CVSROOT below. It should be a FQPN, not
# relative.
BASEDIR=/usr/local/rancid/var; export BASEDIR
PATH=/usr/local/rancid/bin:/usr/local/bin:/usr/sbin:/bin:/usr/bin; export PATH
# Location of the CVS/SVN repository. Be careful changing this.
# If RCSSYS is svn, this can be:
# - an (absolute) path (a subdirectory of BASEDIR by default).
# - any URL that subversion understands, but beware that:
# - no attempt will be made to create the repository when running rancid-cvs.
# - authentication credentials, if necessary, MUST be cached (see the SVN
# book, Ch. 3, Network Model, Caching credentials) before non-interactive
# commands can run, e.g. by running rancid-cvs after installation.
CVSROOT=$BASEDIR/CVS; export CVSROOT
# Location of log files produced by rancid-run(1).
LOGDIR=$BASEDIR/logs; export LOGDIR
#
# Select which RCS system to use, "cvs" (default) or "svn". Do not change
# this after CVSROOT has been created with rancid-cvs. Changing between these
# requires manual conversions.
RCSSYS=svn; export RCSSYS
#
# if ACLSORT is NO, access-lists will NOT be sorted.
#ACLSORT=YES; export ACLSORT
#
# if NOPIPE is set, temp files will be used instead of a cmd pipe during
# collection from the router(s).
#NOPIPE=YES; export NOPIPE
#
# FILTER_PWDS determines which passwords are filtered from configs by the
# value set (NO | YES | ALL). see rancid.conf(5).
#FILTER_PWDS=YES; export FILTER_PWDS
#
# if NOCOMMSTR is set, snmp community strings will be stripped from the configs
#NOCOMMSTR=YES; export NOCOMMSTR
#
# How many times failed collections are retried (for each run) before
# giving up. Minimum: 1
#MAX_ROUNDS=4; export MAX_ROUNDS
#
# How many hours should pass before complaining about routers that
# can not be reached. The value should be greater than the number
# of hours between your rancid-run cron job. Default: 24
#OLDTIME=4; export OLDTIME
#
# How many hours should pass before complaining that a group's collection
# (the age of it's lock file) is hung.
#LOCKTIME=4; export LOCKTIME
#
# The number of devices to collect simultaneously.
#PAR_COUNT=5; export PAR_COUNT
#
# list of rancid groups
#LIST_OF_GROUPS="sl joebobisp"
# more groups...
#LIST_OF_GROUPS="$LIST_OF_GROUPS noc billybobisp"
#
# For each group, define a list of people to receive the diffs.
# in sendmail's /etc/aliases.
# rancid-group: joe,moe@foo
# rancid-admin-group: hostmaster
# be sure to read ../README regarding aliases.
#
# If your MTA configuration is broken or you want mail to be forwarded to a
# domain not the same as the local one, define that domain here. "@" must be
# included, as this is simply appended to the usual recipients. It is NOT
# appended to recipients specified in rancid-run's -m option.
#MAILDOMAIN="@example.com"; export MAILDOMAIN
#
# By default, rancid mail is marked with precedence "bulk". This may be
# changed by setting the MAILHEADERS variable; for example no header by setting
# it to "" or adding X- style headers. Individual headers must be separated
# by a \n.
#MAILHEADERS="Precedence: bulk"; export MAILHEADERS
0707010009eaa4000081a40000000000000000000000014fa86efc0000191a000000b600010002ffffffffffffffff0000002200000000root/usr/local/rancid/etc/lg.conf # rancid 2.3.8
# configuration file for the looking glass
#
# note: these are perl statements! Mind the syntax. "perl -c lg.conf"
# should succeed.
#
# adjust the path to find [cfj]login, telnet, ssh, rsh, etc.
#
$ENV{PATH}="/usr/local/rancid/bin:/usr/local/bin:/usr/sbin:/bin:/usr/bin";
#
#
# LG_CACHE_DIR is the location of the cache directory. the LG uses this
# to hold lock files, the default log file (lg.log), and o/p from
# commands that can be very verbose. it defaults to "tmp",
# i.e.: relative to the directory where lg.cgi runs in your
# server's (httpd) DocumentRoot (e.g.:
# /usr/local/www/data/lg/tmp).
#
#$LG_CACHE_DIR="./tmp";
#
#
# LG_CACHE_TIME is the number of seconds the LG should cache o/p from certain
# commands; those that tend to produce a lot of o/p, such as
# 'show ip bgp dampened-paths'. it defaults to 600 seconds
# (10 minutes).
#
#$LG_CACHE_TIME=600;
#
#
# LG_CLOGINRC is the .cloginrc that the LG should use. it defaults to
# /.cloginrc. note that the .cloginrc must be readable
# by the user or group (UID / GID) that will be running the CGI
# and the clogin (and friends) will not allow a world readable
# .cloginrc. this is normally the user the server (httpd) runs
# under.
#
#$LG_CLOGINRC="$ENV(HOME)/.cloginrc";
#
#
# LG_IMAGE is the filename of an image you wish to appear at the top
# of the LG pages. it can also be other html goo, like
# the first example. this is just handed to print, so \n and
# the like will work and mind the character escapes (backslashes).
#
#$LG_IMAGE="\n FOO";
#$LG_IMAGE="\n";
#
#
# LG_INFO is info in html format to output at the bottom of main form.
# it might be local contact information, disclaimer, etc. this
# is just handed to print, so \n and the like will work and mind
# the character escapes (backslashes).
#
#$LG_INFO="For support, contact webmaster";
#
#
# LG_LOG is either a FQPN (fully qualified path name) or the syslog
# facility to use for logging. if not defined, the LG
# will log to LG_CACHE_DIR/lg.log. possible syslog facility
# values are from the facility codes in /usr/include/syslog.h
# minus the 'LOG_' and lower case.
#
#$LG_LOG="$LG_CACHE_DIR/lg.log";
#$LG_LOG="/tmp/lg.log";
#$LG_LOG="local0";
#
#
# LG_ROUTERDB is the router.db in rancid's router.db format, listing
# the routers and their platform that should be available to
# the looking glass. if defined, the LG will use this variable
# to find the router.db. if not defined, it will look for it
# at //router.db. if it does not exist, it
# will build the list from /*/router.db (i.e.: the
# router.db's from all your groups). note that if you choose
# this last option; the group directories and router.db files'
# modes may have to be changed, depending upon the UID/GID of
# the user your server (httpd) runs under, since rancid's default
# mask is 007 (see etc/rancid.conf). routers not marked 'up' are
# skipped.
#
#$LG_ROUTERDB="/usr/local/rancid/etc/router.db";
#
#
# LG_STYLE define a style sheet to be used for formatting HTML.
#
#$LG_STYLE="http://www.your.site/style/style.css";
#
#
# Options:
#
# LG_AS_REG *** not implemented.
#
#@LG_AS_REG=();
#
#
# LG_BGP_RT allows a few bgp commands which can produce long output (heavy
# router load), such as sh ip bgp neighbor advertised-routes
# would for a transit customer or sh ip b neigh
# received-routes would for a transit provider.
#
#$LG_BGP_RT=1;
#
#
# LG_SINGLE serializes and limits queries per-router to one at a time via
# per-router lock files.
#
#$LG_SINGLE=0;
#
# LG_STRIP strips login o/p from the looking glass results. Expect
# occassionally screws up disabling echo when passwords are
# entered (NOTE: SECURITY CONCERN). However, this o/p can be
# very useful for debugging clogin/flogin/jlogin problems.
#
$LG_STRIP=1;
#
#
# Commands/Queries:
# Un-comment/Comment the commands that are desired/not desired.
# The Commands are separated into a few categories. The value
# of each variable is the string which will appear in the
# (lgform.cgi) menu. Mind the ,'s within hash assignments.
#
# The double-commented (##) queries are not implemented or have
# not been tested.
#
$queries = {};
#
# Interface queries
$queries->{"interface"} = {
framerelay => "show frame-relay PVC [DLCI]",
interface => "show interface [interface]"
};
#
# Routing queries
$queries->{"routing"} = {
damp => "show ip bgp dampened-paths",
neighbor => "show ip bgp neighbor ",
prefix => "show ip bgp [netmask]",
prefixlist => "show ip prefix-list ",
regex => "show ip bgp regex ",
route => "show ip route [netmask]",
routemap => "show route-map ",
summary => "show ip bgp summary"
};
#
# Debug queries
$queries->{"debug"} = {
log => "Show Logs [ | ]",
ping => "ping ",
trace => "traceroute "
};
#
# Multicast queries
$queries->{"multicast"} = {
mbgp => "Show ip mbgp [netmask]",
mbgpsum => "Show ip mbgp summary",
# show ip pim interface/show pim interface
## pim_interface => "Show PIM Interfaces",
# ???/show pim join (extensive)
## pim_join => "Show PIM Join [group_address]",
# show ip mroute/show multicast route [active]
## mroute => "Show Multicast Forwarding Table [active]",
# show ip msdp summary/show msdp
## msdp => "Show MSDP Peering Status",
# show ip msdp sa cache/show msdp source-active
## msdpsa => "Show MSDP Source Active Table",
# show ip sdr|show multicast sessions
## msess => "Show Multicast SDR sessions [detail]",
# show ip pim neighbor/show pim neighbors
## pim_neighbor => "Show PIM Neighbors [detail]",
# show ip pim rp mapping/show pim rps
## pim_rp => "Show PIM Rendez-vous Points [detail]",
# show ip rpf [address] /show multicast rpf [address]
## rpf => "Test Multicast RPF "
};
#
# IPv6 commands
$queries->{"ipv6"} = {
# show bgp ipv6 / ???
## v6_bgp => "Show IPv6 BGP table";
# show ipv6 interface / show interface
## v6_interface => "Show IPv6 interface parameters [interface]";
# show bgp ipv6 summary / show bgp summary
## v6_summary => "Show IPv6 BGP Summary";
# show ipv6 route / show route table inet6.0
## v6_route => "Show IPv6 Routes ";
};
#
# %EOF%
0707010009eaa6000041ed0000000000000000000000044fa8b74000000000000000b600010002ffffffffffffffff0000001c00000000root/usr/local/rancid/share 0707010009eae6000041ed0000000000000000000000024fa8b74000000000000000b600010002ffffffffffffffff0000002300000000root/usr/local/rancid/share/rancid 0707010009eaf1000081ed0000000000000000000000014fa8b72100000eaf000000b600010002ffffffffffffffff0000002e00000000root/usr/local/rancid/share/rancid/downreport #! /bin/sh
##
## $Id: downreport.in 2096 2009-06-17 21:49:46Z heas $
##
## Copyright (c) 1997-2007 by Terrapin Communications, Inc.
## All rights reserved.
##
## This code is derived from software contributed to and maintained by
## Terrapin Communications, Inc. by Henry Kilmer, John Heasley, Andrew Partan,
## Pete Whiting, Austin Schutz, and Andrew Fort.
##
## Redistribution and use in source and binary forms, with or without
## modification, are permitted provided that the following conditions
## are met:
## 1. Redistributions of source code must retain the above copyright
## notice, this list of conditions and the following disclaimer.
## 2. Redistributions in binary form must reproduce the above copyright
## notice, this list of conditions and the following disclaimer in the
## documentation and/or other materials provided with the distribution.
## 3. All advertising materials mentioning features or use of this software
## must display the following acknowledgement:
## This product includes software developed by Terrapin Communications,
## Inc. and its contributors for RANCID.
## 4. Neither the name of Terrapin Communications, Inc. nor the names of its
## contributors may be used to endorse or promote products derived from
## this software without specific prior written permission.
## 5. It is requested that non-binding fixes and modifications be contributed
## back to Terrapin Communications, Inc.
##
## THIS SOFTWARE IS PROVIDED BY Terrapin Communications, INC. AND CONTRIBUTORS
## ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
## TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
## PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COMPANY OR CONTRIBUTORS
## BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
## CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
## SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
## INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
## CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
## ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
## POSSIBILITY OF SUCH DAMAGE.
#
# The expect login scripts were based on Erik Sherk's gwtn, by permission.
#
# The original looking glass software was written by Ed Kern, provided by
# permission and modified beyond recognition.
#
# Reports the list of routers not listed as 'up'.
# Put this in your crontab to run once a day:
# 0 0 * * * /usr/local/rancid/share/rancid/downreport
# It can optionally
# take a space list of groups on the command line
# It will use the list of groups defined in rancid.conf otherwise.
ENVFILE="/usr/local/rancid/etc/rancid.conf"
. $ENVFILE
if [ $# -ge 1 ] ; then
LIST_OF_GROUPS="$*"
elif [ "$LIST_OF_GROUPS" = "" ] ; then
echo "LIST_OF_GROUPS is empty in $ENVFILE"
exit 1
fi
# mail variables
set | grep MAILHEADERS= > /dev/null 2>&1
if [ $? -ne 0 ] ; then
MAILHEADERS="Precedence: bulk\n"; export MAILHEADERS
fi
for GROUP in $LIST_OF_GROUPS; do
(
echo "To: @MAILPLUS@admin-$GROUP"
echo "Subject: Down router report - $GROUP"
echo "$MAILHEADERS" | awk '{gsub(/\\n/,"\n");print;}'
echo ""
DIR=$BASEDIR/$GROUP
if [ -s $DIR/routers.down ]; then
(
cat << EOM
The following $GROUP routers are listed as other than up.
Routers listed as "up" in rancid's router.db are polled several
times daily. This is a list of routers that are not "up" and therefore
not polled.
EOM
cat $DIR/routers.down;
)
else
(
cat << EOM
No routers are down/ticketed for router group $GROUP (yay).
EOM
)
fi
) | sendmail -t
done
0707010009eaf7000081ed0000000000000000000000014fa8b72100000cad000000b600010002ffffffffffffffff0000003300000000root/usr/local/rancid/share/rancid/rancid-cvspurge #! /bin/sh
##
## $Id: downreport.in 2096 2009-06-17 21:49:46Z heas $
##
## Copyright (c) 1997-2007 by Terrapin Communications, Inc.
## All rights reserved.
##
## This code is derived from software contributed to and maintained by
## Terrapin Communications, Inc. by Henry Kilmer, John Heasley, Andrew Partan,
## Pete Whiting, Austin Schutz, and Andrew Fort.
##
## Redistribution and use in source and binary forms, with or without
## modification, are permitted provided that the following conditions
## are met:
## 1. Redistributions of source code must retain the above copyright
## notice, this list of conditions and the following disclaimer.
## 2. Redistributions in binary form must reproduce the above copyright
## notice, this list of conditions and the following disclaimer in the
## documentation and/or other materials provided with the distribution.
## 3. All advertising materials mentioning features or use of this software
## must display the following acknowledgement:
## This product includes software developed by Terrapin Communications,
## Inc. and its contributors for RANCID.
## 4. Neither the name of Terrapin Communications, Inc. nor the names of its
## contributors may be used to endorse or promote products derived from
## this software without specific prior written permission.
## 5. It is requested that non-binding fixes and modifications be contributed
## back to Terrapin Communications, Inc.
##
## THIS SOFTWARE IS PROVIDED BY Terrapin Communications, INC. AND CONTRIBUTORS
## ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
## TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
## PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COMPANY OR CONTRIBUTORS
## BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
## CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
## SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
## INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
## CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
## ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
## POSSIBILITY OF SUCH DAMAGE.
#
# The expect login scripts were based on Erik Sherk's gwtn, by permission.
#
# The original looking glass software was written by Ed Kern, provided by
# permission and modified beyond recognition.
#
# Purges old versions of configurations from the CVS repostiory.
#
# From Matthew J. Grossman
#
ENVFILE="/usr/local/rancid/etc/rancid.conf"
. $ENVFILE
if [ $RCSSYS != "cvs" ] ; then
echo "$0 is for CVS only. RCSSYS is not set to CVS in rancid.conf." >&2
exit 1
fi
if [ $# -ge 1 ] ; then
LIST_OF_GROUPS="$*"
elif [ "$LIST_OF_GROUPS" = "" ] ; then
echo "LIST_OF_GROUPS is empty in $ENVFILE" >&2
exit 1
fi
for GROUP in $LIST_OF_GROUPS; do
cd $BASEDIR/$GROUP/configs > /dev/null 2>&1
if [ $? -ne 0 ] ; then
echo "$BASEDIR/$GROUP/configs not found" >&2
continue;
fi
for ENTRY in `grep ^/ CVS/Entries | cut -d/ -f2,3`
do
ROUTER=`echo $ENTRY | cut -d/ -f1`
VERSION=`echo $ENTRY | cut -d/ -f2`
cvs admin -o ::$VERSION $ROUTER
done
done
0707010009eaee000081a40000000000000000000000014fa8b72100002cc3000000b600010002ffffffffffffffff0000003200000000root/usr/local/rancid/share/rancid/cisco-load.exp ##
## $Id: cisco-load.exp 2096 2009-06-17 21:49:46Z heas $
##
##
## Copyright (c) 1997-2007 by Terrapin Communications, Inc.
## All rights reserved.
##
## This code is derived from software contributed to and maintained by
## Terrapin Communications, Inc. by Henry Kilmer, John Heasley, Andrew Partan,
## Pete Whiting, Austin Schutz, and Andrew Fort.
##
## Redistribution and use in source and binary forms, with or without
## modification, are permitted provided that the following conditions
## are met:
## 1. Redistributions of source code must retain the above copyright
## notice, this list of conditions and the following disclaimer.
## 2. Redistributions in binary form must reproduce the above copyright
## notice, this list of conditions and the following disclaimer in the
## documentation and/or other materials provided with the distribution.
## 3. All advertising materials mentioning features or use of this software
## must display the following acknowledgement:
## This product includes software developed by Terrapin Communications,
## Inc. and its contributors for RANCID.
## 4. Neither the name of Terrapin Communications, Inc. nor the names of its
## contributors may be used to endorse or promote products derived from
## this software without specific prior written permission.
## 5. It is requested that non-binding fixes and modifications be contributed
## back to Terrapin Communications, Inc.
##
## THIS SOFTWARE IS PROVIDED BY Terrapin Communications, INC. AND CONTRIBUTORS
## ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
## TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
## PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COMPANY OR CONTRIBUTORS
## BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
## CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
## SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
## INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
## CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
## ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
## POSSIBILITY OF SUCH DAMAGE.
#
# The expect login scripts were based on Erik Sherk's gwtn, by permission.
#
# The original looking glass software was written by Ed Kern, provided by
# permission and modified beyond recognition.
#
# This expect snippet is sourced by clogin (-s option) to load a configuration
# file (named -confg into nvram from an rcp/tftp host. This is an
# _example_ as it not guaranteed to work for all applications. PLEASE test
# for your environment.
#
# It expects the following variables via the -E option:
# rcphost ='host to rcp from' such as 'foo.org' or '192.168.0.1'
# confgpath ='path under /tftpboot where configs are held'
#
# The config file is expected to be routername-confg, where routername is the
# name as grok'd from the router's cmd-line prompt
#
# example usage:
# % clogin -s ./cisco-load.exp -Ercphost=foo.shrubbery.net router
# router
# loading router config from foo.shrubbery.net
#
# exit is called at the end, so only one router can be handled per clogin.
#
# Keep in mind that it is important to NOT polute the global variable space.
# Particularly, do not use variables used within clogin. This may result in
# indeterministic results. An easy way to avoid this is to use a variable
# name prefix (like 'E' or '_').
#
# Useful variables from clogin global space:
# router router name as provided on the cmd-line
# prompt cmd-line prompt as determined by clogin
#
# note: the tcl/expect parser is extremely stoopid. Comment lines are NOT
# completely ignored!! so, a '{' or '}' in a comment might produce
# unexpected results.
##
# log_user 1
# exp_internal 1
# sometimes this is a bit slow. note: this overrides clogin -t
set timeout 90
# take rcp host from -Ercphost='foo'
if ([info exists Ercphost]) {
#puts "CONFGHOST == $Ercphost"
set confghost [string tolower $Ercphost]
} else {
send_error "ERROR: -Ercphost= was not set on the command-line.\n"
exit
}
#
# logout of the router
#
proc logout { ecode } {
global prompt
send "quit\r"
expect {
"$prompt" { logout $ecode }
timeout { send_error "Error: timeout waiting for EOF after quit\n"}
eof {
send_user "\n"
exit $ecode
}
}
}
#
# erase the nvram
#
proc erase { } {
global prompt
send "\r"
expect $prompt {}
send "write erase\r"
expect {
-re " Continue\[^\n\]\*confirm\]" {
send "\r"
exp_continue
}
"$prompt" { }
timeout {
send_error "Error: timeout waiting for write erase.\n"
logout 1
}
eof { logout 1 }
}
}
#
# load a config via rcp into nvram
#
proc doload { confghost routername config retry } {
global prompt
# send a return just to be sure we have a prompt.
send "\r"
expect "$prompt"
# start the copy and send the host to load from
# use tftp if retry == 1
if { $retry == 0 } {
send "copy tftp startup-config\r"
} else {
send "copy rcp startup-config\r"
}
expect {
timeout {
send_error "\nError: timeout exceeded waiting for rcp/tftp host prompt\r"
logout 1 }
"mbiguous command" {
if { $retry == 0 } {
send "copy tftp: startup-config\r"
} else {
send "copy rcp: startup-config\r"
}
exp_continue }
-re "Host or network .*\]\?" {
send "host\r"
exp_continue }
"\]\?" {
send "$confghost\r" }
}
#
# fill in the rest of the blanks. username (12.0), filename, dest, etc.
#
expect {
-re "Source username .\*\]\?" {
send "$routername\r";
exp_continue }
-re "Source filename .\*\]\?" {
send "$config\r";
exp_continue }
-re "Name of configur.\*\]\?" {
send "$config\r";
exp_continue }
-re "Destination filename .\*\]\?" {
send "startup-config\r";
exp_continue }
-re "Configure using .\*confirm\]" { send "\r" }
"proceed\? \\\[" { send "yes\r" }
-re "Do you want to over write.\*confirm\]" { send "\r" }
-re "Accessing (rcp|tftp):" { }
timeout {
send_error "\n\tError: timeout exceeded while matching load prompts\n";
send "" }
}
expect {
timeout {
send_error "Error: timeout exceeded while loading config\n"
logout 1 }
-re "\[^\n\]*Connection refused" {
send_error "Error: $expect_out(0,string)\n"
logout 1 }
-re "\[^\n\]*Destination unreachable" {
send_error "Error: $expect_out(0,string)\n"
logout 1 }
-re "\[^\n\]*Permission denied" {
send_error "Error: $expect_out(0,string)\n"
logout 1 }
-re "\[^\n]*No such file or directory" {
send_error "Error: $expect_out(0,string)\n"
logout 1 }
-re "\[^\n]*Error copying\[^\n]*Not enough space on device\[^\n]*\r" {
send_error "Error: $expect_out(0,string)\n"
if { $retry == 2 } {
# erase stomps ssh rsa key
# send_user "erasing nvram\n"
# erase
send_user "retrying load\n"
doload $confghost $routername $config 1
} elseif { $retry == 1 } {
# erase stomps ssh rsa key
# send_user "erasing nvram\n"
# erase
send_user "retrying load with tftp.\n"
doload $confghost $routername $config 0
} else {
send_error "Error: $expect_out(0,string)\n"
logout 1
} }
-re "\[^\n]*.*configuration is too large.*\n" {
send_error "Error: $expect_out(0,string)\n"
expect {
-re "\[^\n]*Truncate config.*:" { send "no\r" }
}
logout 1 }
-re "\[^\n]*Error (opening|copying).*\r" {
send_error "Error: $expect_out(0,string)\n"
logout 1 }
-nocase -re "\[^\n]* error\[^a-z\n]+\[^\n]*" {
send_error "$expect_out(0,string)\n"
logout 1
}
"\n" { exp_continue }
-re "^\[^ ]*\#" {
send_user "load successful.\n"
}
}
return 0;
}
send_user "loading $router config from $confghost\n";
# look for router hostname in prompt (i.e.: deal with fqdn)
send "\r"
expect {
timeout {
send_error "Error: did not receive prompt\n"
exit }
"\n" { exp_continue }
-re "^(\[^ ]*)\#" {
set routername $expect_out(1,string) }
}
# deal with config subdir? from Econfgpath
if ([info exists confgpath]) {
set config "$confgpath/$routername-confg"
} else {
set config "$routername-confg"
}
# load the config
if { [doload $confghost $routername $config 1] != 0 } {
logout 1
}
logout 0
# these were my original transcripts of performing loads. it is a useful
# example of info you may collect to get an idea of what needs to be handled
# in the expect{}s
#
# pdx-oob#
# pdx-oob#copy rcp start
# Address of remote host [255.255.255.255]? 205.238.52.35
# Name of configuration file [a]? pdx-oob-confg
# Configure using pdx-oob-confg from 205.238.52.35? [confirm]
#
# Connected to 205.238.52.35
# Loading 8131 byte file pdx-oob-confg: !!!! [OK]
# Compressing configuration from 8131 bytes to 3886 bytes
# [OK]
# pdx-oob#
#
# 12.0S-isms
# pao2#cop rcp sta
# Address or name of remote host []? eng0
# Translating "eng0"...domain server (205.238.52.46) [OK]
#
# Source username [pao2]?
# Source filename []? pao2-confg
# Destination filename [startup-config]?
# Warning: Copying this config directly into the nvram from a network server may
# cause damage the the startup config. It is advisable to copy the file
# into the running config first, and then save it using copy run start.
# Do you wish to proceed? [no]: yes
# Accessing rcp://pao2@eng0/pao2-confg...
# Connected to 205.238.52.35
# Loading 30138 byte file pao2-confg: !!!!!! [OK]
#
# 30138 bytes copied in 2.576 secs (15069 bytes/sec)
# pao2#
# OR IS IT
# sea0#cop rcp sta
# Address or name of remote host []? eng0
# Source username [sea0]?
# Source filename []? sea0-confg
# Destination filename [startup-config]?
# Accessing rcp://sea0@eng0/sea0-confg...!!!!!!!!!!!!!!!!!!
# 89794 bytes copied in 0.704 secs
# sea0#q
# Connection closed by foreign host.
# pdx-oob#copy rcp start
# Address of remote host [255.255.255.255]? 205.238.52.35
# Name of configuration file [a]? pdx-oob-confg
# Configure using pdx-oob-confg from 205.238.52.35? [confirm]
#
# Connected to 205.238.52.35
# Loading 8131 byte file pdx-oob-confg: !!!! [OK]
# Compressing configuration from 8131 bytes to 3886 bytes
# [OK]
# pdx-oob#copy rcp start
# Address of remote host [205.238.52.35]? 205.238.52.35
# Name of configuration file [pdx-oob-confg]? pdx-oob-confg
# Configure using pdx-oob-confg from 205.238.52.35? [confirm]
#
# Connected to 205.238.52.35
# %rcp: /tftpboot/pdx-oob-confg: No such file or directory
# pdx-oob#
#
# pdx-oob#copy rcp start
# Address of remote host [205.238.52.35]? 205.238.52.35
# Name of configuration file [pdx-oob-confg]? pdx-oob-confg
# Configure using pdx-oob-confg from 205.238.52.35? [confirm]
#
# Connected to 205.238.52.35
# %rcp: /tftpboot/pdx-oob-confg: Permission denied
# pdx-oob#
#
# *** response from filtered pkt
# pdx-oob#copy rcp sta
# Address of remote host [205.238.52.35]? 205.238.1.94
# Name of configuration file [pdx-oob-confg]?
# Configure using pdx-oob-confg from 205.238.1.94? [confirm]
# % Destination unreachable; gateway or host down
#
# pdx-oob#
#
# *** response from host w/o rcp daemon
# pdx-oob#cop rcp sta
# Address of remote host [205.238.52.35]? 205.238.1.66
# Name of configuration file [pdx-oob-confg]?
# Configure using pdx-oob-confg from 205.238.1.66? [confirm]
# % Connection refused by remote host
#
# pdx-oob#
#
0707010009eaf0000081a40000000000000000000000014fa8b72100000ebc000000b600010002ffffffffffffffff0000003300000000root/usr/local/rancid/share/rancid/cloginrc.sample # comments are cool, as is whitespace
# clogin supports a number of add directives:
# password
# user
# userprompt
# userpassword
# passprompt
# method
# noenable
# enauser
# enableprompt
# autoenable
# cyphertype
# identity
#
# Details on each of these follows. Also see cloginrc(5).
#
# add password
#
# add user
# The default user is $USER (i.e.: the user running clogin).
#
# add userprompt
# What the router prints to prompt for the username.
# Default: {"(Username|login|user name):"}
#
# add userpassword
# The password for user if different than the password set
# using 'add password'.
#
# add passprompt
# What the router prints to prompt for the password.
# Default: {"(\[Pp]assword|passwd):"}
#
# add method {ssh} [...]
# Defines, in order, which connection method(s) to use for a device
# from the set {ssh,telnet,rsh}. e.g.: add method * {ssh} {telnet} {rsh}
# will attempt ssh connection first. if ssh fails with connection
# refused (i.e.: not due to authentication failure), then try telnet,
# then rsh.
# Default: {telnet} {ssh}
#
# add noenable <1>
# equivalent of -noenable on the cmd line to not enable at login.
#
# add enableprompt
# What the router prints to prompt for the enable password.
# Default: {"\[Pp]assword:"}
#
# add enauser
# This is only needed if enable asks for a username and this
# username is different from what user is set to.
#
# add autoenable <1/0>
# This is used if you are automatically enabled by the login process.
#
# add cyphertype
# Default is 3des.
#
# add identity
# Default is your default ssh identity.
#
# include
# include a secondary .cloginrc file
#
#
# Note: The first match for a hostname takes precedence.
#add password sl-bb*-dc cow24
#add password sl-gw*-dc geeks
#add password sl* hank dog
#add password at* pete cow
#add password sdn* mujahid horse
#add password icm* peter
#add password * anything
#
#add user sl-gw*-dc twit
#add user sdn* sdn_auto
#add user sdn-bb* ops_eng
#add user * $env(USER)
# customer x
# these routers ask for a username and password. we automatically get
# enable access after successful authentication.
add user *.custx.net roger
add password *.custx.net {doger}
add autoenable *.custx.net 1
# customer y
# this is the normal cisco login. a password followed by and enable password.
# try ssh first, then rlogin.
add password *.custy.net {vector} {victor}
add method *.custy.net ssh rlogin
# customer z; they use ssh only.
add user *.custz.net shirley
add password *.custz.net {jive} {surely}
add method *.custz.net ssh
# the route-server's do not provide enable access. cmdline -noenable
# equivalent.
add noenable route-server* 1
# all our routers, i.e.: everything else
add password * {clearance} {clarence}
# set ssh encryption type, dflt: 3des
add cyphertype * {3des}
# set the username prompt to "router login:"
#add userprompt * {"router login:"}
# ssh identity for a juniper; used with jlogin
add identity my.juniper $env(HOME)/.ssh/juniper
# riverstone / enterasys / cabletron (rivlogin) example
# these boxes are 'back-to-front' from cisco (i.e., ask
# for vty password always, then tac+/radius if configured).
#
# vty password and last resort (enable) password for rivlogin
add password rs3000 {vtypass} {lastresort}
# if using tac+ or radius login, include these lines
add user rs3000 {monster}
add userpassword rs3000 {scary}
0707010009eaed000081a40000000000000000000000014fa8b72100000df8000000b600010002ffffffffffffffff0000002d00000000root/usr/local/rancid/share/rancid/UPGRADING Rancid 2.3 introduces a new directory layout. It has been changed to more
closely follow the standard path hierarchy, which is defined by the FHS
standard and autoconf, and/or make these locations more easily configurable
within rancid.
The obvious advantage of this is making rancid more easily packagable; i.e.:
NetBSD pkgsrc, FreeBSD port, Linux RPM, etc.
Make sure your rancid repository is quiet before upgrading; disable rancid
cron jobs, wait for running jobs to complete, etc.
Autoconf defines the following (see configure --help):
Installation directories:
--prefix=PREFIX install architecture-independent files in PREFIX
[/usr/local/rancid]
--exec-prefix=EPREFIX install architecture-dependent files in EPREFIX
[PREFIX]
Fine tuning of the installation directories:
--bindir=DIR user executables [EPREFIX/bin]
--sbindir=DIR system admin executables [EPREFIX/sbin]
--libexecdir=DIR program executables [EPREFIX/libexec]
--datadir=DIR read-only architecture-independent data [PREFIX/share]
--sysconfdir=DIR read-only single-machine data [PREFIX/etc]
--localstatedir=DIR modifiable single-machine data [PREFIX/var]
--mandir=DIR man documentation [PREFIX/man]
Also defined, though not mentioned above, is:
pkgdatadir same as datadir, but datadir/rancid
File and directory movement:
bin/env the rancid configuration file has moved to
sysconfdir/rancid.conf
util/lg/lg.conf the looking glass configuration has moved to
sysconfdir/lg.conf
util/lg/lg.cgi
util/lg/lgform.cgi the looking glass CGI scripts have moved to bindir
util/lg/* the remainder of looking glass html, README, etc
files have moved to pkgdatadir
util/* misc examples, scripts, etc have moved to pkgdatadir
cloginrc.sample moved to pkgdatadir
For those upgrading, there is one basic choice to make; to move your CVS
repository and logs or not. Prior to rancid 2.3, these were placed in
. They are now in "localstatedir". The user who runs rancid will
need write access to this directory.
To maintain the same location as was used prior to rancid 2.3, provide
the --localstatedir option to configure. e.g.:
./configure --localstatedir=/usr/local/rancid
/usr/local/rancid is, and has been, the default .
To move them elsewhere, accept the default (e.g.: /usr/local/rancid/var) or
specify your own and move the existing directories. e.g.:
./configure --localstatedir=/var/rancid
make install
edit /rancid.conf # merge with your old bin/env
# configuration file
mv /usr/local/rancid/logs /var/rancid
mv /usr/local/rancid/CVS /var/rancid
cd /var/rancid
su - rancid_user
/bin/sh
. /rancid.conf
for grp in $LIST_OF_GROUPS; do
cvs -d /var/rancid/CVS co $grp
done
Note that the first rancid-run will send messages about routers being added,
marked up or down, etc., because the routers.{all,down,up} will have been
lost. Afterward, it will be back to normal.
Note also that any non-rancid files that may have been placed in these CVS
trees will be lost. You have been warned.
*** We strongly suggest that if a DIR used as the install prefix, as in
--prefix=DIR, is not dedicated to rancid that "/rancid" should be
appended to the --localstatedir, as in the example above.
Note that not all operating systems have a mv command that will move
directories across file systems. It may be necessary to use 'cp -r' or
'tar cf - | (cd ; tar xpf -)'.
0707010009eae9000081a40000000000000000000000014fa8b7210000462f000000b600010002ffffffffffffffff0000002700000000root/usr/local/rancid/share/rancid/FAQ Frequently Asked Questions about rancid - last updated 20091111.
This FAQ contains information that may not apply directly to versions of
rancid prior to 2.3. It also contains paths containing tags such as
, which refer to paths that are site-specific and are determined
by how rancid was configured at installation time. These are explained
briefly in the configure --help output. Below are the defaults used in
rancid.
PREFIX configure --prefix= option. default: /usr/local/rancid
EPREFIX configure --exec-prefix= option. default:
BINDIR configure --bindir= option. default: /bin
The location of clogin, etc.
SYSCONFDIR configure --sysconfdir option. default: /etc
The location of rancid.conf, etc.
LOCALSTATEDIR configure --localstatedir option. default: /var
The location of the CVS repository, log files, etc.
The most recent FAQ can be found at http://www.shrubbery.net/rancid/FAQ
1) Platform specific
Q. I have a Cisco Catalyst 6500 series switch running the IOS (NOT catOS)
software, is the router.db device type cisco or cat5?
A. A catalyst running IOS is type "cisco". The 'show version' output will
have banner including a phrase similar to "Cisco Internetwork Operating
System Software". See the router.db(5) manual page.
Q. I have Hybrid Cisco switch, like a cat5k with an RSM. How do I collect
both the routing engine and switch configurations?
A. Recommended way is to use two entries in the router.db, one for each.
For example:
cat5k_rsm.domain.com:cisco:up
cat5k_sw.domain.com:cat5:up
Q. I have a Cisco ??? on which collection stopped working, but clogin works
as expected.
A. Check if 'write term' produces output. Some IOS combined with large
configs and low free memory produce zero 'write term' output, esp. combined
with a memory leak. The device will have to be rebooted and/or upgraded.
Q. I have a Cisco Catalyst switch. clogin connects, but after receiving the
prompt, it stalls until it times out. Why?
A. This may be due to your prompt. CatOS does not include an implicit '>' in
it's prompt, like IOS does. clogin looks for '>' during login, so specify
your prompt with a trailing '>'. Also see cat5rancid(1). For example:
cat5k>
cat5k> enable
Password:
cat5k> (enable)
Q. Polling a ZebOS box fails from cron, but is successful from the command-
line.
A. This is the tty/pty handling of either your O/S or ZebOS. Supposedly,
changing the TERM in /rancid.conf to the following seems to
fix it.
TERM=vt100;export TERM
COLUMNS=160; LINES=48; export COLUMNS LINES
2) CVS and filesystem permissions
WARNING: Be careful when mucking around with the repository!
Q. I am new to CVS, where can I find additional information?
A. The manual page for CVS is quite complete, but can be be overwhelming even
for someone familiar with RCS. There are some excellent resources on the
web. See http://en.wikipedia.org/wiki/Concurrent_Versions_System and
http://cvshome.org/.
Q. Errors are showing up in the logs like:
cvs [diff aborted]: there is no version here; run 'cvs checkout' first
A. The directory was not imported into CVS properly or was not properly checked
out afterward, so CVS control files or directories do not exist. rancid-cvs
should always be used to create the directories and perform the CVS work.
If it is just the directories that have been created manually, save a copy of
the router.db file, then remove the group's directory, use rancid-cvs, and
replace the router.db file. If the CVS import was also performed manually,
cd to and use 'cvs co ' to create all the CVS
control bits.
Q. I keep receiving the same diff for a (or set of) devices, but I know the
data is not changing repeatedly. Why?
A. This is probably a CVS or filesystem permissions problem. Check the log
file from the last run for that group for clues first; it may provide the
exact cause.
Note: It is very important the following be done as the user who normally
runs the rancid collection from cron.
Check the cvs status of the device's file. example:
guelah [2704] cvs status rtr.shrubbery.net
===================================================================
File: yogi.shrubbery.net Status: Up-to-date
Working revision: 1.197 Tue Jul 10 15:41:16 2001
Repository revision: 1.197 /usr/local/rancid/var/CVS/shrubbery/configs/rtr.shrubbery.net,v
Sticky Tag: (none)
Sticky Date: (none)
Sticky Options: (none)
The Status: should be Up-to-date. If the status is "Unknown", then somehow
the file has been created without being cvs add'ed. This should be
corrected by removing that device's entry from the group's router.db file,
run rancid-run, replace the entry in router.db, and run rancid-run again.
If the Status is anything else, someone has most likely been touching the
files manually. Sane state can be achieved by removing the file and running
cvs update to get a fresh copy from the repository.
Check the ownership and permissions of the file and directory and the
directory and file in the cvs repository (/CVS/). They
should be owned by the user who runs rancid-run from cron. At the very
least, the directory and files should be writable by the rancid user. Group
and world permissions will determined by the umask (default 027), which is
set in /rancid.conf. Likely the easiest way to fix the
ownership on the cvs repository is
chown -R /CVS /
Q. I am renaming a device but would like to retain the history in CVS. How
is this done?
A. CVS does not provide a way (AFAIK) to rename files or to rename or delete
directories. The best way is to copy the CVS repository file manually
like this (disclaimer: BE VERY CAREFUL mucking around with the repository):
% su - rancid_user
% cd
% echo "new_device_name:device_type:up" >> /router.db
% cp -p CVS//configs/old_device_name,v \
CVS//configs/new_device_name,v
% cd /configs
% cvs update
where GROUP is the name of the rancid group that the device is a member of.
Once the renaming is complete, remove the old name from the router.db file
and leave the CVS clean-up of the old filename to rancid.
If one wanted to move a device to a different group and maintain the
history, the same procedure would work, substituting the new group name
appropriately and editing the router.db of both old and new groups, of
course.
SVN provides a rename function; but we suggest that you use it's
copy function instead, and leave the clean-up of the old name
to rancid. So, you would use the copy function (proper
substitutions, of course) in place of the cp in the CVS example,
then commit the new file.
Q. I am new to svn. Where can I find more information?
A. The svn so-called "red book" is the definitive guide.
http://svnbook.red-bean.com/en/1.5/svn-book.html
Q. I am removing a group and would like to remove all traces of it from the
rancid directory and the CVS repository. How is this done?
A. As far as I know, CVS does not provide a way to remove directories. First,
remove the group from /rancid.conf. If rancid is running,
wait for it to complete. Then just recursively remove the
directory. For example, a group named "fubar":
% su - rancid_user
% cd
% rm -rf fubar CVS/fubar
Q. I would like to place my CVS repository on a remote machine. How do I do
that?
A. Assuming that you're starting fresh, its quite simple. Before running
rancid-cvs for the first time, adjust CVS_RSH & CVSROOT in rancid.conf
similar to the following:
CVS_RSH=ssh; export CVS_RSH
CVSROOT="myhost:/fqpn/CVS"; export CVSROOT
Note that CVS_RSH is not found in the sample rancid.conf that is distributed
with rancid.
Q. I need a web interface to the rancid CVS repository, for the CVS unsavvy.
A. cvsweb works with rancid. Other similar software may as well.
http://www.freebsd.org/projects/cvsweb.html
cvsweb.conf:
@CVSrepositories = (
'rancid' => ['RANCID CVS, '/full_path_to_the_RANCID_CVS'],
where the path will be /CVS.
3) General
Q. I have a (set of) device(s) on which collection fails. How can I debug
this?
A. Our usual diagnostic procedure for this is:
- Make sure that the appropriate *login (example: clogin for cisco) works.
This tests to make sure you don't have routing or firewall issues, DNS
or hostname errors, that your .cloginrc is correct, your banner does
not have some character that *login does not like, and that the *login
script doesn't have a bug of some sort. For example:
clogin cisco_router
Should login to cisco_router and produce a router prompt that you can
use normally, as if clogin were not used (i.e.: telnet cisco_router).
- See if commands can be executed on the router via clogin. This will
exercise the *login functionality needed for rancid. For example:
clogin -c 'show version; show diag' cisco_router
Should login to cisco_router, run show version and show diag, then
disconnect and exit. The output will be displayed on your terminal.
- Then see if the correct rancid commands work against the router. For
example:
rancid cisco_router
Should produce a cisco_router.new file (cooked to a golden rancid-style
colour) in the current directory. If it does not, try again with the
-d option, so that the cisco_router.new file will not be removed if
an error is detected. Note: if you have NOPIPE set in your environment,
a cisco_router.raw file will be produced that is the raw output of the
dialogue with the device.
If all of these work, make sure that the device's entry in the group's
router.db file is correct and check the group's last log file for errors.
Q. I am receiving persistent diffs for up/down/added/deleted devices in
router.db, but nothing has changed and the cvs repository is up to date.
A. Check that the configure process run during the installation of rancid
determined the proper options for diff(1); look for diff in the
control_rancid script.
If you also run rancid from the command-line, be sure that your locale
environment variables are consistent between your interactive and non-
interactive (ie: cron) environments. On some O/Ses, the locale will
affect the operation of sort(1).
Q. Are there any characters in the banner that rancid has problems with OR
I changed the device's command prompt and now collection is failing?
A. The trickiest part about clogin (et al) is recognizing the prompt
correctly. clogin looks for '>' and '#' to figure out if it is logged
in or in enable mode. So if you have a '>' or '#' in your login banner
(or other motd), then clogin gets confused and will not be able to log
in correctly, and thus rancid will fail.
Don't use '>' or '#', or whatever the termination character of the given
device's prompt is, in your prompt or in your banner or other motd.
Q. I use /*login -c to run commands on multiple boxes. Sometimes
these are commands that take secondary input, like a filename. How can I
enter the data for that secondary prompt?
A. Two methods will work. Write an expect script to be used with clogin's
-s option, for which a few examples come with rancid like cisco-load.exp.
OR provide all the input in one command with the -c option like so:
Router#clear counters
Clear "show interface" counters on all interfaces [confirm]
Router#
clogin -c 'clear counters\n'
The specific return (\n) will be entered after 'clear counters' followed
by the normal return after the command. Some devices apparently eat the
linefeed of the typical Unix \r\n sequence and require that a carriage-
return be used instead (\r).
Q. I would like to collect device configurations every hour, but only receive
diffs every Nth collection or every N hours. Is this possible?
A. Certainly, but rancid does not provide such a mechanism natively. Two
approaches are recommended:
1) Using your preferred mail-list software, add a list with a digest
and configure your MTA (example: sendmail) to send diffs to the
list. Configure the mail-list software to force the digest at the
interval desired. This allows folks to choose which type they
prefer, after each collection or every N hours.
This method also provides easy methods to archive the diff mail and
retrieve previous diffs.
2) Write a script to send diffs, which saves the time it last ran
and passes this to the -D option of CVS.
Obviously, the first option is the cleanest and most featureful, which is
why the script mentioned in the second option is not provided.
Q. I'd like to have RANCID automatically begin collection when someone
finishes configuring a router. How can I do this?
A. Using a syslog watcher script, one can trigger RANCID from the syslog
line emitted by, for example, an IOS router after configuration mode is
ended.
Here's a simple example using the Simple Event Correlator:
(http://simple-evcorr.sourceforge.net/)
If the syslog line in your logs looks like this (wrapped for readability):
Apr 5 09:56:52 acc1.geo269.example.com 72: 000069: *Mar 6 21:40:13.466 \
AEDT: %SYS-5-CONFIG_I: Configured from console by gwbush on vty0 (10.1.1.1)
You would use a SEC configuration stanza like this:
# example rancid trigger
#
type=SingleWithSuppress
ptype=RegExp
pattern=\s\S+:\S+\S+\s(\S+)\.example\.com.*SYS-5-CONFIG_I
action=shellcmd /opt/rancid/bin/do-diffs -r $1
window=1800
This will execute the command '/opt/rancid/bin/do-diffs -r acc1.geo269'
when it is fed a line like that syslog line. The command will be run at
most once every 1800 seconds. If you do not get hostnames in your
log lines that match your router.db entries, either fix your reverse
DNS or remove the '-r $1' part.
Q. I would like to limit the permissions of the rancid user on my devices. Is
this possible?
A. Strictly speaking, no. Rancid needs permission to read device configuration
and other data which is often not available to underprivileged users.
However, if you use TACACS+, you can limit the commands that are available
to a user.
For example, to allow ping and show, but not "show tcp", and nothing else:
user = rancid {
cmd = "ping" {
permit .*
}
cmd = "show" {
deny tcp.*
permit .*
}
# the default is to deny other commands
}
For RADIUS, Justin Grote suggested privilege levels:
http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122newft/122t/122t13/ftprienh.htm
Q. For approximately X hosts (configs) what size server should we be
considering - speed and data storage?
A. On modern machines it is unlikely you will have issues with disk space or
memory - A heavily laden access router with a complex config won't consume
more than a few megabytes of disk space for its configs over several
years time (roughly 3 times the sum of all the config or */configs/* over
2 years is a decent approximation).
Rancid is typically CPU bound if you have adequate network bandwidth.
Experience shows rancid takes around 50 Mhz * minutes / device of processing
power. This means that a 1Ghz machine can poll:
1000 Mhz * 60 (min/hour) / 50(Mhz min / device) = 1200 devices/hour
That's obviously a ball park estimate which varies with many different
factors such as the CPU type and the types of devices on your network.
Q. How can I run rancid to make the most efficient use of resources (i.e.
run in the shortest amount of time)?
A. You can adjust PAR_COUNT in rancid.conf to achieve maximum efficiency
during polling. You can watch the output of the standard unix command
vmstat command during polling to determine whether or not the cpu is being
wholly utilized - there should be little idle time and no process blocking
(see vmstat).
Another simpler method is to look at the time stamps on the rancid log
files, and adjust PAR_COUNT until the least amount of time is taken
during polling. Make sure all devices are being polled by rancid before
using this method - failing devices can extend the amount of time rancid
takes to finish by a *LONG* period and throw your times way off.
It may help to run rancid niced (man nice) if it will be sharing
resources with other processes, as it may eat whatever is available if
PAR_COUNT is set high. This is done by changing the crontab to be
something like:
5 * * * * nice -19 /usr/local/rancid/bin/rancid-run
If you _do_ share resources with other processes but want rancid to
run efficiently, probably the vmstat method above will work better -
rancid may take a little longer to run but you won't be stepping on
other people's toes.
Q. I'm still stuck on this problem. Where can I get more help?
A. A discussion list is available, rancid-discuss@shrubbery.net. You must
be a subscriber to post. Subscribe like this:
shell% echo "subscribe" | mail rancid-discuss-request@shrubbery.net
Q. What else can I do with rancid?
A. The possibilities are endless...rancid is non-toxic when applied properly.
see Joe Abley and Stephen Stuart's NANOG presentation:
http://www.nanog.org/mtg-0210/abley.html
or our NANOG presentation:
http://www.shrubbery.net/rancid/NANOG29/
4) License
Q. Please explain the RANCID license.
A. Quite simple; read it. It is a slightly modified BSD license; it has an
additional clause.
0707010009eaf9000081ed0000000000000000000000014fa8b721000016f0000000b600010002ffffffffffffffff0000002d00000000root/usr/local/rancid/share/rancid/rtrfilter #! /usr/local/bin/perl
##
## $Id: rtrfilter.in 2096 2009-06-17 21:49:46Z heas $
##
## Copyright (c) 1997-2007 by Terrapin Communications, Inc.
## All rights reserved.
##
## This code is derived from software contributed to and maintained by
## Terrapin Communications, Inc. by Henry Kilmer, John Heasley, Andrew Partan,
## Pete Whiting, Austin Schutz, and Andrew Fort.
##
## Redistribution and use in source and binary forms, with or without
## modification, are permitted provided that the following conditions
## are met:
## 1. Redistributions of source code must retain the above copyright
## notice, this list of conditions and the following disclaimer.
## 2. Redistributions in binary form must reproduce the above copyright
## notice, this list of conditions and the following disclaimer in the
## documentation and/or other materials provided with the distribution.
## 3. All advertising materials mentioning features or use of this software
## must display the following acknowledgement:
## This product includes software developed by Terrapin Communications,
## Inc. and its contributors for RANCID.
## 4. Neither the name of Terrapin Communications, Inc. nor the names of its
## contributors may be used to endorse or promote products derived from
## this software without specific prior written permission.
## 5. It is requested that non-binding fixes and modifications be contributed
## back to Terrapin Communications, Inc.
##
## THIS SOFTWARE IS PROVIDED BY Terrapin Communications, INC. AND CONTRIBUTORS
## ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
## TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
## PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COMPANY OR CONTRIBUTORS
## BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
## CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
## SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
## INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
## CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
## ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
## POSSIBILITY OF SUCH DAMAGE.
#
# The expect login scripts were based on Erik Sherk's gwtn, by permission.
#
# The original looking glass software was written by Ed Kern, provided by
# permission and modified beyond recognition.
#
# rtrtfilter - "| rtrfilter -x -i -f \
# -u -s "
# expects to read an email message on stdin containing a diff from
# rancid and emails a filtered copy to with the subject of the
# original msg or the contents of -s . the perl regex(es) specified
# via -x or -i (exclusive and inclusive, respectively) are applied to the
# router names (i.e.: files) from the "Index:" of the diff o/p. alternatively,
# the regex's may be specified in -f in the form:
# # comment
# x
# # comment
# i
# do not include /'s in the regex's.
# e.g.:
# #i inc1
# i a0[12]\.
# i a0[34]\.
# # comment
# x router\.db
# x ^r0[0-9]
# #i foo
#
# exclusion takes precedence and defaults to nothing. inclusion defaults to
# everything.
#
# this program requires the Mail::Mailer module which can be found on CPAN.
##
BEGIN {
$me = $0;
$me =~ s/.*\/(\S+)$/$1/;
}
require 'newgetopt.pl';
use Mail::Mailer;
# process command line options
$newgetopt'ignorecase=0;
$newgetopt'autoabbrev=1;
$result = &NGetOpt('h','x=s@','i=s@','f=s','s=s');
&usage($result) if (defined($opt_h) || $result == 0);
if ($#ARGV < 0) {
usage;
}
my($rcpts) = join(',', @ARGV);
# if specified, read the regex file and append to @opt_i / @opt_x
if (defined($opt_f)) {
open(FILE, "< $opt_f") || die "Cant open the regex file $opt_f: $!";
while () {
next if (! /^(i|x)\s+(.*$)/);
#/(i|x)\s+(.*)$/;
if ($1 eq "i" ) {
push(@opt_i, $2);
} else {
push(@opt_x, $2);
}
}
close(FILE);
}
# read the header, grok the subject line
my($subject, $from);
while () {
last if (/^$/);
if (s/^from: //i) {
chomp;
$from = $_;
}
if (s/^subject: //i) {
chomp;
$subject = $_;
}
}
if (defined($opt_s)) { $subject = $opt_s;}
if (defined($opt_u)) { $from = $opt_u;}
# filter the remainder of the mail. save mail in memory to avoid empty msgs
my(@mail);
my($skip) = 1;
while () {
# look for /^Index: ", the filtering key
if (/^Index: (.*)$/) {
# strip the directory before passing to filter()
my($line) = ($1 =~ /.*\/([^\/\s]*)$/);
$skip = filter($line);
}
next if ($skip);
push(@mail, $_);
}
# send mail, if any
if ($#mail < 0) { exit; }
$mailer = new Mail::Mailer 'sendmail', ('-t');
$headers{From} = $from;
$headers{"Reply-To"} = $from;
$headers{"Errors-To"} = $from;
$headers{Subject} = $subject;
$headers{To} = $rcpts;
$headers{Precedence} = "bulk";
$mailer->open(\%headers);
print $mailer @mail;
$mailer->close;
exit;
# filter $line inclusive/exclusive (0 / 1)
sub filter {
my($line) = shift;
# exclusion
if (defined(@opt_x)) {
foreach $regex (@opt_x) {
if ($line =~ /$regex/) { return(1); }
}
}
# inclusion / default inclusion
if (! @opt_i) { return(0); }
foreach $regex (@opt_i) {
if ($line =~ /$regex/) { return(0); }
}
# inclusion regex specified, but fall through
return(1);
}
sub usage {
print STDERR <] [-x ] [-f ] [-u ] [-s ] [ ...]
-h prints this message
-f file containing perl regex matching router names (mind the cwd())
-i perl regex matching router names (inclusive)
-u From: address
-s mail subject
-x perl regex matching router names (exclusive)
USAGE
exit $_;
}
0707010009eaf4000081a40000000000000000000000014fa8b7210000191a000000b600010002ffffffffffffffff0000003200000000root/usr/local/rancid/share/rancid/lg.conf.sample # rancid 2.3.8
# configuration file for the looking glass
#
# note: these are perl statements! Mind the syntax. "perl -c lg.conf"
# should succeed.
#
# adjust the path to find [cfj]login, telnet, ssh, rsh, etc.
#
$ENV{PATH}="/usr/local/rancid/bin:/usr/local/bin:/usr/sbin:/bin:/usr/bin";
#
#
# LG_CACHE_DIR is the location of the cache directory. the LG uses this
# to hold lock files, the default log file (lg.log), and o/p from
# commands that can be very verbose. it defaults to "tmp",
# i.e.: relative to the directory where lg.cgi runs in your
# server's (httpd) DocumentRoot (e.g.:
# /usr/local/www/data/lg/tmp).
#
#$LG_CACHE_DIR="./tmp";
#
#
# LG_CACHE_TIME is the number of seconds the LG should cache o/p from certain
# commands; those that tend to produce a lot of o/p, such as
# 'show ip bgp dampened-paths'. it defaults to 600 seconds
# (10 minutes).
#
#$LG_CACHE_TIME=600;
#
#
# LG_CLOGINRC is the .cloginrc that the LG should use. it defaults to
# /.cloginrc. note that the .cloginrc must be readable
# by the user or group (UID / GID) that will be running the CGI
# and the clogin (and friends) will not allow a world readable
# .cloginrc. this is normally the user the server (httpd) runs
# under.
#
#$LG_CLOGINRC="$ENV(HOME)/.cloginrc";
#
#
# LG_IMAGE is the filename of an image you wish to appear at the top
# of the LG pages. it can also be other html goo, like
# the first example. this is just handed to print, so \n and
# the like will work and mind the character escapes (backslashes).
#
#$LG_IMAGE="\n FOO";
#$LG_IMAGE="\n";
#
#
# LG_INFO is info in html format to output at the bottom of main form.
# it might be local contact information, disclaimer, etc. this
# is just handed to print, so \n and the like will work and mind
# the character escapes (backslashes).
#
#$LG_INFO="For support, contact webmaster";
#
#
# LG_LOG is either a FQPN (fully qualified path name) or the syslog
# facility to use for logging. if not defined, the LG
# will log to LG_CACHE_DIR/lg.log. possible syslog facility
# values are from the facility codes in /usr/include/syslog.h
# minus the 'LOG_' and lower case.
#
#$LG_LOG="$LG_CACHE_DIR/lg.log";
#$LG_LOG="/tmp/lg.log";
#$LG_LOG="local0";
#
#
# LG_ROUTERDB is the router.db in rancid's router.db format, listing
# the routers and their platform that should be available to
# the looking glass. if defined, the LG will use this variable
# to find the router.db. if not defined, it will look for it
# at //router.db. if it does not exist, it
# will build the list from /*/router.db (i.e.: the
# router.db's from all your groups). note that if you choose
# this last option; the group directories and router.db files'
# modes may have to be changed, depending upon the UID/GID of
# the user your server (httpd) runs under, since rancid's default
# mask is 007 (see etc/rancid.conf). routers not marked 'up' are
# skipped.
#
#$LG_ROUTERDB="/usr/local/rancid/etc/router.db";
#
#
# LG_STYLE define a style sheet to be used for formatting HTML.
#
#$LG_STYLE="http://www.your.site/style/style.css";
#
#
# Options:
#
# LG_AS_REG *** not implemented.
#
#@LG_AS_REG=();
#
#
# LG_BGP_RT allows a few bgp commands which can produce long output (heavy
# router load), such as sh ip bgp neighbor advertised-routes
# would for a transit customer or sh ip b neigh
# received-routes would for a transit provider.
#
#$LG_BGP_RT=1;
#
#
# LG_SINGLE serializes and limits queries per-router to one at a time via
# per-router lock files.
#
#$LG_SINGLE=0;
#
# LG_STRIP strips login o/p from the looking glass results. Expect
# occassionally screws up disabling echo when passwords are
# entered (NOTE: SECURITY CONCERN). However, this o/p can be
# very useful for debugging clogin/flogin/jlogin problems.
#
$LG_STRIP=1;
#
#
# Commands/Queries:
# Un-comment/Comment the commands that are desired/not desired.
# The Commands are separated into a few categories. The value
# of each variable is the string which will appear in the
# (lgform.cgi) menu. Mind the ,'s within hash assignments.
#
# The double-commented (##) queries are not implemented or have
# not been tested.
#
$queries = {};
#
# Interface queries
$queries->{"interface"} = {
framerelay => "show frame-relay PVC [DLCI]",
interface => "show interface [interface]"
};
#
# Routing queries
$queries->{"routing"} = {
damp => "show ip bgp dampened-paths",
neighbor => "show ip bgp neighbor ",
prefix => "show ip bgp [netmask]",
prefixlist => "show ip prefix-list ",
regex => "show ip bgp regex ",
route => "show ip route [netmask]",
routemap => "show route-map ",
summary => "show ip bgp summary"
};
#
# Debug queries
$queries->{"debug"} = {
log => "Show Logs [ | ]",
ping => "ping ",
trace => "traceroute "
};
#
# Multicast queries
$queries->{"multicast"} = {
mbgp => "Show ip mbgp [netmask]",
mbgpsum => "Show ip mbgp summary",
# show ip pim interface/show pim interface
## pim_interface => "Show PIM Interfaces",
# ???/show pim join (extensive)
## pim_join => "Show PIM Join [group_address]",
# show ip mroute/show multicast route [active]
## mroute => "Show Multicast Forwarding Table [active]",
# show ip msdp summary/show msdp
## msdp => "Show MSDP Peering Status",
# show ip msdp sa cache/show msdp source-active
## msdpsa => "Show MSDP Source Active Table",
# show ip sdr|show multicast sessions
## msess => "Show Multicast SDR sessions [detail]",
# show ip pim neighbor/show pim neighbors
## pim_neighbor => "Show PIM Neighbors [detail]",
# show ip pim rp mapping/show pim rps
## pim_rp => "Show PIM Rendez-vous Points [detail]",
# show ip rpf [address] /show multicast rpf [address]
## rpf => "Test Multicast RPF "
};
#
# IPv6 commands
$queries->{"ipv6"} = {
# show bgp ipv6 / ???
## v6_bgp => "Show IPv6 BGP table";
# show ipv6 interface / show interface
## v6_interface => "Show IPv6 interface parameters [interface]";
# show bgp ipv6 summary / show bgp summary
## v6_summary => "Show IPv6 BGP Summary";
# show ipv6 route / show route table inet6.0
## v6_route => "Show IPv6 Routes ";
};
#
# %EOF%
0707010009eaea000081a40000000000000000000000014fa8b721000031c2000000b600010002ffffffffffffffff0000002a00000000root/usr/local/rancid/share/rancid/README Rancid is a "Really Awesome New Cisco confIg Differ" developed to
maintain CVS controlled copies of router configs.
*** The Following Information is Very Important ****
Rancid 2.3 introduces a new directory layout. It has been changed to more
closely follow the standard path hierarchy, which is defined by the FHS
standard and autoconf, and/or make these locations more easily configurable
within rancid.
The obvious advantage of this is making rancid more easily packagable; i.e.:
NetBSD pkgsrc, FreeBSD port, Linux RPM, etc.
Please please please please read the UPGRADING file for more information.
**********
The following is the packing list for Rancid, excluding files supporting
configure (autoconf) and make. .in is stripped from the files below by
configure as substitutions are completed:
README This file.
README.lg Information about the Looking Glass.
BUGS Bug list.
CHANGES List of changes to Rancid.
COPYING RANCID license.
FAQ Frequently Asked Questions
Todo Partial list of what needs to be done.
UPGRADING Notes on upgrading rancid to a new version.
cloginrc.sample TCL commands to set passwords, usernames etc. used by clogin
and jlogin. See cloginrc(5)
etc/
lg.conf.sample Sample Looking Glass configuration
rancid.conf.sample Sample RANCID configuration
bin/
clogin.in Expect script that logs into routers and either presents
an interactive shell, runs a set of commands, or runs
another expect script. It handles Cisco, Extreme,
Force10, Juniper E-series, Procket, Redback, Zebra/MRT.
control_rancid.in
Builds router list, calls rancid on each router and
handles cvs routines.
hpuifilter.c HP procurve login filter - see hlogin(1).
par.in Parallel processing of commands - any commands.
rancid-cvs.in Creates all of the CVS and config directories.
rancid-run.in Script designed to be run from cron.
rancid-fe.in Chooses between rancid/[abefhjrx]rancid/cat5rancid.
rancid.in Runs commands on cisco routers and processes the output.
agmrancid.in Version of rancid.in for Cisco Anomaly Guard Module (AGM)
arancid.in Version of rancid.in for Alteon switches.
brancid.in Version of rancid.in for baynet/nortel routers.
cat5rancid.in Version of rancid.in for Cisco Catalyst switches.
cssrancid.in Version of rancid.in for Cisco CSS switches.
erancid.in Version of rancid.in for ADC EZ-T3 muxes.
f10rancid.in Version of rancid.in for Force10 routers.
f5rancid.in Version of rancid.in for F5 BigIPs.
fnrancid.in Version of rancid.in for Fortinet Firewalls.
francid.in Version of rancid.in for Foundry switches.
hrancid.in Version of rancid.in for HP Procurve switches.
htrancid.in Version of rancid.in for Hitatchi routers.
jerancid.in Version of rancid.in for Juniper E-series routers.
jrancid.in Version of rancid.in for Juniper routers.
mrancid.in Version of rancid.in for MRT daemons.
nrancid.in Version of rancid.in for Netscreen firewalls.
nsrancid.in Version of rancid.in for Netscalars.
prancid.in Version of rancid.in for Procket routers.
rivancid.in Version of rancid.in for Riverstone routers.
rrancid.in Version of rancid.in for Redback routers.
srancid.in Version of rancid.in for SMC switches.
tntrancid.in Version of rancid.in for TNT access servers.
xrancid.in Version of rancid.in for Extreme switches.
zrancid.in Version of rancid.in for Zebra routers.
alogin.in Version of clogin.in for Alteon switches.
blogin.in Version of clogin.in for baynet/Nortel routers.
elogin.in Version of clogin.in for ADC EZ-T3 muxes.
flogin.in Version of clogin.in for Foundry switches. If foundry
cleaned-up their bloody UI, clogin should do the job.
hlogin.in Version of clogin.in for HP procurve switches.
htlogin.in Version of clogin.in for Hitatchi routers.
jlogin.in Version of clogin.in for Juniper routers.
nlogin.in Version of clogin.in for Netscreen firewalls.
nslogin.in Version of clogin.in for Netscalars.
rivlogin.in Version of clogin.in for Riverstone routers.
tntlogin.in Version of clogin.in for TNT access servers.
man/ man pages
share/ Readmes, samples, utilities, contribs, etc
include/ Include files and rancid version.h
Also see rancid_intro(1), rancid(1), and clogin(1).
The following (non-exhaustive list) are included as part of the installation
and configuration tools:
Makefile.am processed by automake to produce Makefile.in
Makefile.in processed by configure to produce Makefile
acinclude.m4 sets some GNU autoconf options
aclocal.m4 Output of GNU autoconf script
configure GNU autoconf script
configure.in Input file for autoconf to procide configure
depcomp part of GNU autoconf
install-sh GNU autoconf shell script to simulate BSD style install
missing part of GNU autoconf
mkinstalldirs GNU autoconf shell script to make installation directories
rancid will also need to have the following packages:
cvs Code revision system available from prep.ai.mit.edu:/pub/gnu
gnudiff gnudiff provides the uni-diff (-u) option. If you do not have
a diff that supports -u, configure will set-up rancid to use
'diff -c' or 'diff -C'.
perl5 perl version 5 or greater available from www.cpan.org
expect http://expect.nist.gov/ We highly suggest that you stick to
expect 5.24.1 (or so). This seems to work best. Note that
you need to have the accompanying tcl &/ tk.
svn Code revision system, an alternative to cvs. Available from
http://subversion.tigris.org/tarballs/. Use the configure
option --with-svn to configure for Subversion.
tcl Required by expect.
Bill Fenner (now maintained by others) has a cgi script for interacting
with CVS repositories via a web interface. This provides a great way to
view rancid diffs and full configs, especially for those unfamiliar with
cvs. The package is not included, but can be found here:
http://www.freebsd.org/projects/cvsweb.html
Quick Installation Guide (an example):
1) ./configure [--prefix=]
By default, rancid will be installed under /usr/local/rancid (the default
"prefix"). This can be overridden with the --prefix option. E.g.:
./configure --prefix=/home/rancid
Rancid uses autoconf's "localstatedir" as the location of it's logs,
CVS or Subversion respository, and directories where it's groups are
placed. The user who will run rancid (from cron, etc) will need write
access to these directories. By default, this is /var, or
/home/rancid/var following the example above.
We realize that this is not optimal, but it follows the standards. We
suggest that this be altered to include the package name, like so:
./configure --prefix=/home/rancid \
--localstatedir=/home/rancid/var/rancid
The user who will run rancid must have write permission in "localstatedir".
See ./configure --help for other configure options.
2) make install
3) Modify /rancid.conf (e.g.: /etc/rancid.conf). The
variable LIST_OF_GROUPS is a space delimited list of router "groups".
E.g.:
LIST_OF_GROUPS="backbone aggregation switches"
4) Put .cloginrc in the home directory of the user who will run rancid.
.cloginrc must be not be readable/writable/executable by "others",
i.e.: .cloginrc must be mode 0600 or 0640.
5) Modify .cloginrc.
Test to make sure that you can log into every router.
Note: the juniper user you use *must* log into a cli shell (which
is the default on a juniper).
See the file cloginrc.sample, located in (/share/rancid),
for examples and good starting point. Also take a look at the cloginrc
manual page, 'man -M /man cloginrc'.
6) Modify /etc/aliases
Rancid sends the diffs and other administrative emails to rancid-
and problems to rancid-admin-, where is the "GROUP" of
routers. This way you can separate your backbone routers from your
access routers or separate based upon network etc... Different router
uses forced different people being interested in router "groups" -
thus this setup. Make sure email to rancid- works. /etc/aliases
can be maintainable by Majordomo stuff, but make sure the user that
runs rancid can post to the list.
The Precedence header set to bulk or junk *hopefully* avoids replies from
auto-responders and vacation type mail filters.
The --enable-mail-plus option to configure will set each of the "rancid-"
addresses mentioned above to "rancid+". See sendmail's operation manual
for more information on handling of '+'.
The --enable-adminmail-plus configure option will set each of the
"rancid-admin-" addresses mentioned above to "rancid-admin+". If this
option is not used, the value of --enable-mail-plus is assumed. That is,
the addresses will be "rancid+", if it is specified.
7) Run rancid-cvs.
This creates all of the necessary directories and config files for
each of the groups in LIST_OF_GROUPS and imports them into CVS (or
Subversion). This will also be run each time a new group is added. Do
not create the directories or CVS repository manually, allow rancid-cvs
do it. Also see 'man -M /man rancid-cvs'.
8) For each "group", modify the router.db file in the group directory.
The file is of the form "router:mfg:state" where "router" is
the name (we use FQDN) of the router, mfg is the manufacturer
from the set of (cat5|cisco|juniper) (see router.db.5 for a complete
list and description), and "state" is either up or down. Each router
listed as "up" will have the configuration grabbed. Note: manufacturer
cat5 is intended only for cisco catalyst switches running catalyst (not
IOS) code.
e.g.: //router.db:
cisco-router.domain.com:cisco:up
adc-mux.domain.com:ezt3:up
foundry-switch-router.domain.com:foundry:up
juniper-router.domain.com:juniper:up
redback-dsl-router.domain.com:redback:down
extreme-switch.domain.com:extreme:down
9) For first-time users or new installations, run bin/rancid-run (with no
arguments) and check the resulting log file(s) (in logs/*) for errors.
Repeat until there are no errors.
10) Put rancid-run in cron to be called however often you want it to
run for each group (rancid-run []). If you run it less
often than once/hour, check the setting of OLDTIME in etc/rancid.conf.
E.g.:
# run config differ hourly
1 * * * * /bin/rancid-run
# clean out config differ logs
50 23 * * * /usr/bin/find /logs -type f -mtime +2 -exec rm {} \;
11) Note: If you are using any of these programs (other than
rancid-run) out of cron, make sure that you set your $PATH
correctly so that they work. E.g.: if you are using clogin,
it can call id, telnet, ssh, and/or rsh.
configure already makes sure that $PATH is set correctly in
etc/rancid.conf for rancid-run, so you could use the $PATH from there. e.g.:
50 23 * * * . /rancid.conf; clogin -c 'sh vers' router
12) Send any bugs, suggestions or updates to rancid@shrubbery.net.
See the web page at http://www.shrubbery.net/rancid. We have
created the standard mailing lists for those interested;
rancid-announce@shrubbery.net and rancid-discuss@shrubbery.net.
Subscribe by sending an email whose body contains "subscribe
rancid-" to majordomo@shrubbery.net.
If you are reporting problems, please include the version of rancid,
expect, and your OS in the email.
Problem with clogin/telnet hanging within rancid or scripts?
If you have experienced rancid (or more precisely, telnet) hanging on a
solaris 2.6 box; check to be sure you have the following two o/s patches
installed (see showrev -p). There may be more recent versions of these
patches and they are likely included with 2.7 and 2.8:
Patch-ID# 105529-08
Keywords: security tcp rlogin TCP ACK FIN packet listen
Synopsis: SunOS 5.6: /kernel/drv/tcp patch
Patch-ID# 105786-11
Keywords: security ip tcp_priv_stream routing ip_enable_group_ifs ndd
Synopsis: SunOS 5.6: /kernel/drv/ip patch
Another contributor to rancid "hanging", with or without the o/s patches
mentioned above, is a bug in expect/tcl. We've noticed that expect (from
5.24.1 forward), and whatever tcl happens to compile with it, exhibits a
problem on Linux and Solaris where rancid's scripts hang waiting for input
from the device. Patches to expect are available on the rancid web page.
Also, for rancid 2.3 and later, changes were made to the login scripts
which use some more elaborate regexes that have failed with expect versions
prior to 5.40. While 5.40 works, it still seems to need the patch offered
on the rancid web page for Linux and Solaris.
See www.shrubbery.net/rancid for additional notes on this.
0707010009eaf2000081ed0000000000000000000000014fa8b7210000143a000000b600010002ffffffffffffffff0000002e00000000root/usr/local/rancid/share/rancid/getipacctg #! /bin/sh
##
## $Id: getipacctg 2096 2009-06-17 21:49:46Z heas $
##
## Copyright (c) 1997-2007 by Terrapin Communications, Inc.
## All rights reserved.
##
## This code is derived from software contributed to and maintained by
## Terrapin Communications, Inc. by Henry Kilmer, John Heasley, Andrew Partan,
## Pete Whiting, Austin Schutz, and Andrew Fort.
##
## Redistribution and use in source and binary forms, with or without
## modification, are permitted provided that the following conditions
## are met:
## 1. Redistributions of source code must retain the above copyright
## notice, this list of conditions and the following disclaimer.
## 2. Redistributions in binary form must reproduce the above copyright
## notice, this list of conditions and the following disclaimer in the
## documentation and/or other materials provided with the distribution.
## 3. All advertising materials mentioning features or use of this software
## must display the following acknowledgement:
## This product includes software developed by Terrapin Communications,
## Inc. and its contributors for RANCID.
## 4. Neither the name of Terrapin Communications, Inc. nor the names of its
## contributors may be used to endorse or promote products derived from
## this software without specific prior written permission.
## 5. It is requested that non-binding fixes and modifications be contributed
## back to Terrapin Communications, Inc.
##
## THIS SOFTWARE IS PROVIDED BY Terrapin Communications, INC. AND CONTRIBUTORS
## ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
## TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
## PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COMPANY OR CONTRIBUTORS
## BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
## CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
## SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
## INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
## CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
## ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
## POSSIBILITY OF SUCH DAMAGE.
#
# The expect login scripts were based on Erik Sherk's gwtn, by permission.
#
# The original looking glass software was written by Ed Kern, provided by
# permission and modified beyond recognition.
#
# getipacctg uses clogin to login to a cisco router, collect the o/p of
# show ip accounting, and sort by the greatest number of bytes. If a
# second argument is supplied, it is a number indicating the top N producers.
# a third (3 to N) argument(s) specify a prefix(es) to match/select src/dst
# IPs, while others will be filtered.
#
# usage: getipacctg [] \
# [ [...]]
# example:
# getipacctg router 25 192.168.0.0/24
# will display the top 25 for src or dst ip's within prefix
# 192.168.0.0/24
#
# Contributed to rancid by Steve Neighorn of SCN Reasearch.
TMP="/tmp/ipacct.$$.prefixes"
TMP2="/tmp/ipacct.$$.sorted"
TMP3="/tmp/ipacct.$$.pl"
if [ $# -eq 0 ] ; then
echo "usage: getipacctg router_name [] [ [...]]" >&2
exit 1;
fi
trap 'rm -fr /tmp/ipacct.$$ $TMP $TMP2 $TMP3;' 1 2 15
clogin -c 'show ip accounting' $1 > /tmp/ipacct.$$
if [ $? -ne 0 ] ; then
echo "clogin failed." >&2
exit 1
fi
# rest of the command-line options
exec 6>$TMP
HEAD="cat"
shift
while [ $# -ne 0 ] ; do
echo $1 | grep '/' > /dev/null
if [ $? -eq 1 ] ; then
HEAD="head -$1"
else
echo $1 1>&6
fi
shift
done
6>&-
egrep '[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+ +[0-9]+\.[0-9]+\.' /tmp/ipacct.$$ | \
sed -e 's/^ *//' -e 's/ */ /g' -e 's/.$//' | \
awk '{print $4":"$0;}' | sort -nr | \
sed -e 's/^[^:]*://' > $TMP2
if [ -s $TMP ] ; then
cat > $TMP3 <) {
chomp;
s/\s*//g;
/(.*)\/(.*)\$/;
my(\$ip) = \$1; my(\$mask) = \$2;
\$ip = ip_to_int(\$ip);
\$mask = (~0) << (32 - \$mask);
\$ip = \$ip & (\$mask);
\$prefs[\$nprefs++] = \$ip;
\$prefs[\$nprefs++] = \$mask;
}
close(PREFS);
open(DATA, "< \$ARGV[1]") || die "could not open \$ARGV[1]\n";
while () {
chomp;
@A = split(/ /);
\$A[0] = ip_to_int(\$A[0]);
\$A[1] = ip_to_int(\$A[1]);
for (\$f = 0; \$f < \$nprefs; \$f += 2) {
if ((\$A[0] & \$prefs[\$f + 1]) == \$prefs[\$f] ||
(\$A[1] & \$prefs[\$f + 1]) == \$prefs[\$f]) {
print "\$_\n";
break;
}
}
}
PERL
perl $TMP3 $TMP $TMP2 | $HEAD
else
$HEAD $TMP2
fi
rm -fr /tmp/ipacct.$$ $TMP $TMP2 $TMP3
trap ';' 1 2 15
exit 0
0707010009eaef000081a40000000000000000000000014fa8b721000017d5000000b600010002ffffffffffffffff0000003400000000root/usr/local/rancid/share/rancid/cisco-reload.exp ##
## $Id: cisco-reload.exp 2096 2009-06-17 21:49:46Z heas $
##
## Copyright (c) 1997-2007 by Terrapin Communications, Inc.
## All rights reserved.
##
## This code is derived from software contributed to and maintained by
## Terrapin Communications, Inc. by Henry Kilmer, John Heasley, Andrew Partan,
## Pete Whiting, Austin Schutz, and Andrew Fort.
##
## Redistribution and use in source and binary forms, with or without
## modification, are permitted provided that the following conditions
## are met:
## 1. Redistributions of source code must retain the above copyright
## notice, this list of conditions and the following disclaimer.
## 2. Redistributions in binary form must reproduce the above copyright
## notice, this list of conditions and the following disclaimer in the
## documentation and/or other materials provided with the distribution.
## 3. All advertising materials mentioning features or use of this software
## must display the following acknowledgement:
## This product includes software developed by Terrapin Communications,
## Inc. and its contributors for RANCID.
## 4. Neither the name of Terrapin Communications, Inc. nor the names of its
## contributors may be used to endorse or promote products derived from
## this software without specific prior written permission.
## 5. It is requested that non-binding fixes and modifications be contributed
## back to Terrapin Communications, Inc.
##
## THIS SOFTWARE IS PROVIDED BY Terrapin Communications, INC. AND CONTRIBUTORS
## ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
## TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
## PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COMPANY OR CONTRIBUTORS
## BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
## CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
## SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
## INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
## CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
## ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
## POSSIBILITY OF SUCH DAMAGE.
#
# The expect login scripts were based on Erik Sherk's gwtn, by permission.
#
# The original looking glass software was written by Ed Kern, provided by
# permission and modified beyond recognition.
#
# This expect snippet is sourced by clogin (-s option) to issue a reload
# command on a cisco router. It DOES NOT save the config if it has been
# modified. This is an _example_ as it not guaranteed to work for all
# applications. PLEASE test for your environment.
#
# It expects the following variables via the -E option:
# reload_arg ='command argument' such as 'at 05:00' or 'cancel
#
# e.g. usage:
# % clogin -s cisco-reload.exp -Ereload_arg='at 01:00' router
# router
# Reload scheduled for 01:00:00 UTC Sat Jun 23 2001 (in 7 hours and 16 minutes)
# % clogin -s cisco-reload.exp -Ereload_arg='at cancel' router
# router
# % Ambiguous command: "reload at cancel"
#
# % clogin -s cisco-reload.exp -Ereload_arg='cancel' router
# router
# SHUTDOWN ABORTED
#
# exit is called at the end, so only one router can be handled per clogin.
#
# Keep in mind that it is important to NOT polute the global variable space.
# Particularly, do not use variables used within clogin. This may result in
# indeterministic results. An easy way to avoid this is to use a variable
# name prefix (like 'E' or '_').
#
# Useful variables from clogin global space:
# router router name as provided on the cmd-line
# prompt cmd-line prompt as determined by clogin
#
# note: the tcl/expect parser is extremely stoopid. Comment lines are NOT
# completely ignored!! So, a '{' or '}' in a comment might produce
# unexpected results.
##
# exp_internal 1
# log_user 1
# take reload command from -Ereload_arg='at 05:00'
if ([info exists Ereload_arg]) {
#puts "reload_arg == $Ereload_arg"
set reloadcmd "reload $Ereload_arg"
} else {
send_error "ERROR: -Ereload_arg= was not set on the command-line.\n"
exit
}
#send_user "$router\n"
send "\r"
expect {
timeout { send_error "Error: did not receive prompt\n"
exit }
-re "^.*$prompt" { send "$reloadcmd\r"
expect * {} }
}
# look for response
expect {
-re "configuration has been modified.*no.:" { send "no\r";
exp_continue }
-re "Reload scheduled .*\r" { set sched $expect_out(0,string)
exp_continue }
-re "SHUTDOWN ABORTED" { set sched $expect_out(0,string) }
-re "Proceed with .*confirm\]" { send "\r" }
-re "\n.*No reload " { set sched "no reload scheduled"
send "\r" }
-re "% Ambig\[^\n\r]*" { set sched $expect_out(0,string) }
}
send "\r"
expect "$prompt"
if ([info exists sched]) {
send_user "\t$sched\n"
}
send "quit\r"
expect {
timeout { send_error "Error: timeout waiting for EOF after quit\n"}
eof { exit 0 }
}
## dennis#reload in ?
## Delay before reload (mmm or hhh:mm)
##
## dennis#reload in 100:10
##
## System configuration has been modified. Save? [yes/no]: no
## Reload scheduled in 100 hours and 9 minutes
## Proceed with reload? [confirm]
## dennis#reload ca
## dennis#reload cancel
## dennis#
##
##
## ***
## *** --- SHUTDOWN ABORTED ---
## ***
##
## dennis#wr
## Building configuration...
## [OK]
## dennis#reload in 100:10
## Reload scheduled in 100 hours and 10 minutes
## Proceed with reload? [confirm]
## dennis#rel
## dennis#reload can
## dennis#reload cancel
## dennis#
##
##
## ***
## *** --- SHUTDOWN ABORTED ---
## ***
## System configuration has been modified. Save? [yes/no]: no
## Reload scheduled for 11:51:48 PST Thu Dec 10 1998 (in 299 hours and 59 minutes)
## Proceed with reload? [confirm]
## ultra#reload can
## ultra#
##
##
## ***
## *** --- SHUTDOWN ABORTED ---
## ***
## ultra# reload at 8:10 10 dec
##
## System configuration has been modified. Save? [yes/no]: no
## Reload scheduled for 08:10:00 PST Thu Dec 10 1998 (in 296 hours and 17 minutes)
## Proceed with reload? [confirm]
## ultra#
##
0707010009eae7000081a40000000000000000000000014fa8b72100009878000000b600010002ffffffffffffffff0000002b00000000root/usr/local/rancid/share/rancid/CHANGES 2.3.8
rancid: filter sup-bootflash if sup-bootdisk worked
*login: fix match of (yes/no) prompts from ssh
rancid: carry-over additional inventory filtering from XR
2.3.7
xrrancid: change some "admin show" sorting to reflect previous code
xrrancid: filter useless junk from show inventory
mrvrancid: update ShowChassis() for temp filtering in new s/w
nrancid: installed memory on Juniper SSG series - Steven Bertsch
rancid: missing CR after s/n
xrrancid: admin show variables boot clean-up - Per Carlson
xrrancid: add admin show install summary, license - Per Carlson
xrrancid: fix access-list formatting & sorting
rancid: collect show capture & shun for ASA - Josh Ward
xrancid: misc patches for XOS - Zenon Mousmoulas
rancid-cvs: svn repository handling improvement - Zenon Mousmoulas
rancid: filter WPA passwd - Pavel Korovin
rancid: add 'show running-config view full' for role cli - Pavel Korovin
rancid: filter ppp hostnames (aka usernames) - Pavel Korovin
*login: update host key change match for newer ssh
clogin: disable pager for XOS-12.3 - Zenon Mousmoulas
rancid.conf & control_rancid: support arbitrary subversion URLs as
(pre-provisioned) repositories and do not overwrite an existing local
repository - Zenon Mousmoulas
rancid.conf: add LC_COLLATE - Daniel Schmidt
nlogin: add identfile support - Garry Shtern
hrancid: match 'logout' in new procurve versions for end of run
hrancid: include comment line for procurve parser - Per-Olof Olsson
hrancid: collect show config status - mostly from Per-Olof Olsson
nxrancid: add show environment fex all fan cmd - Deny IP Any Any
*login: dont split $sshcmd
nxrancid: Nexus 4000s don't support 'show environment power' - Lee
xrrancid: add admin show running - Troy Boudreau
arancid: /info/sys -> /info/sys/dump - Tim Frost
rancid: correct isakmp key filter - Pan Affa
clogin; set terminal width to 132 for both -s and -c
clogin: respond to ASA's pager in long login banners - Lee
clogin: set terminal width to 132
rancid: match flash memory on likes of Cisco 2811 and 2621XM - Pan Affa
import share/rancid-cvspurge - Matthew Grossman
rancid: add 'dir /all sup-bootdisk:' for 6500 sup32 - Lee
rancid: adjust regex for tacacs key match - Pavel Korovin
*login: join sshcmd clogin directive to handle spaces properly
mt{login,rancid}: import Microtik module from Chris Boot
rancid: ppp password missed on dialer interfaces - noted by Hirofumi
Katou
arancid: filter "esecret" lines which change with each config display -
Ton
hlogin: logout from enabled mode instead of exit for -S - Thorsten Hahn
hrancid: collect show config files and show tech transceivers - Thorsten
Hahn
rancid: filter config timestamp on MDS/NX-OS
avorancid: collect power management file - from Darius Jan Seroka
fnrancid: correct comment character - noted by Gavin McCullagh
fnrancid: update system time and conf_file_ver filters - Gavin McCullagh
nxrancid: do not require 'show system redundancy status', apparently
unsupported on some nexus models.
clogin: set terminal width for -c and -s
hlogin: stacks prompt for switch number or CR at login, send CR -
Per-Olof Olsson
2.3.6
rancid.spec: updated for 2.3.6 - from Florian Koch
rancid: fail on error opening nvram:
rancid: skip ASA 5520 configuration author line
control_rancid: for svn stupidity, run update (yes update) and commit
after setting svn:ignore, else . is out of date.
rancid: filter auto "rogue ap" configuration - Kevin Nesbitt
alogin: adjust match of active alarms msg at login
jrancid: patch for master/backup matching on EX series - Sven Engelhardt
rancid: update cisco WAE identity string match - from Jim Hock
{xr}rancid: summarize DirSlotN() bytes free as GB, else MB.
rancid: filter sflog from DirSlotN() for IOS on cisco 10k
fnrancid: update recent fortinet software - Diego Ercolani
rancid: ignore show flash on IOS XE - Marcus Stoegbauer
rancid: copy the dhcp database filter to ShowFlash() - From Lee
clogin: Fix pasto in IOS terminal width command.
hlogin: -r missing from usage o/p - Per-Olof Olsson
clogin: add -r and passphrase/identfile from cloginrc - Per-Olof Olsson
francid: remove system uptime line on CER 3000 - Simon Leinen
2.3.5
alogin: respond to active alarms msg at login - Vincent Tamet
*rancid: update for grammar deprecated in perl 5.12
*login: handle noenable value consistently, '1' to turn it on
configure: look for -n option to ping, for Windows ping (over
cygwin) - From Lee
rancid: missed case fpr accepting '>' prompt, rather than just '#'
xrrancid: filter sequences from ipv4/6 access-lists
zrancid: force terminal type vt100 so as not to confuse Linux
francid: filter system uptime on new Brocades - Matthias Cramer
rancid: filter ASA time-based license noise - Christopher DeRemer
rancid: filter command in WriteTerm if echoed - Arjan Oosting
configure: specifically look for ping in /sbin & /usr/sbin & fix typo
in test operator
rancid: handle a few IOS serial number formatting variants - Aaron Rees
hpuifilter: change filtering to avoid use of string functions due to a
Debian bug. Should be faster too.
rancid: adjust show inventory matches for variables WS - Aaron Rees
nxrancid: show environment clock and show core vdc-all are not valid
commands on all platforms - Ryan West
2.3.4
nrancid: fix serial number matching - Nathan Wallwork
nrancid: fix pager prompt filtering - Nathan Wallwork
rancid: remove sequences from IPv6 prefix-lists
clogin: adjust default ssh password prompt for ExtremeOS 12.3.3.6 -
from Sylvain 74
rancid: Accept '>' prompt, rather than just '#'
avologin: fix ssh command substitution - Ben O'Hara
fnrancid: filter application signature, System Time & conf_file_ver=
from GetSystem/GetConf
mrvrancid: filter other oscillating info from show version - Ben O'Hara
xrrancid: disable timestamps - from Per Carlson
hlogin: implement -autoenable for newer hp procurve releases
cat5rancid: snmp community may have multiple spaces b/t community name
and permissions - from David Adam
cat5rancid: filter local user password - from David Adam
f5rancid: filter Failover time stamps - from Ben O'Hara
hlogin: Add support for ssh identity file & passphrase for newer boxes
rancid: split IOS-XR into its own device type: cisco-xr
clogin: set term width for catos like for ios.
rancid: parse admin show diag for XR better with a separate function
hlogin: hpuifilter got omitted from the ssh spawn; replace it.
nxrancid: match unknown command errors appropriately & GC some junk
carried-over from IOS-rancid.
2.3.3
rancid: check for device busy when opening flash fails, which seems to
occur on 6500s when some other command is run.
*login: support :port method syntax for ssh and adjust to allow spaces
in sshcmd
jrancid: fix return values of formatting functions
clogin: set terminal width so that o/p is consistent
rancid: filter some crud resulting from the change in handling non-empty
comment lines
rancid: fail if the configuration buffer fills
rancid: filter dhcp_[^[:space:].].txt from flash directories, so it
does not create constant changes resulting from the ip dhcp database
saves.
rancid: filter ldap host password on PIX
rancid: when compressing consecutive comment lines, only consider
empty lines.
arancid: handle password filter for HP 1:10Gb Ethernet Blade Switch
5.0.4-Base, running AOS - Tore Anderson
*login: add cloginrc timeout directive
nrancid: fix control number match - Guillaume RISCHARD
rancid: remove ASA coredump* filter - Cisco Bug CSCsz85597, fixed in
8.2(1.2), 8.3(0.0), 100.3(0.3)M
f5rancid: adjust fan rpm and config sync time filters for new f5
code - Ben O'Hara
rancid: ACE/SANOS report invalid input differently - Michael Stefaniuc
rancid: skip leading blank lines in config - Michael Stefaniuc
rancid: remove ASA keys such as tacacs and radius - Michael Stefaniuc
rancid: match non-space for usernames in "Written by" line - James Davis
*rancid: quote meta characters - from Jeremy Singletary
rancid: Fail on error msg "% Configuration buffer full" seen on 6500
rancid: Dont filter 'show vlan' on Catalyst 3550/4500s - Jon Lewis
import Arista script - from Bill Fenner
jerancid: fix for 'show environment all' for filtering with auto-sync
on BRASes - from Christophe Fonteyne
francid,flogin: edgeiron can not disable the pager and does not offer
some commands found on the bigirons
rancid: filter coredumpinfo/coredump.cfg found on ASA - rancid-discuss@
f5rancid: fileter HA peer status - from David Stipp
WTI scripts from Geert Jan de Groot with a few tweaks
jerancid: include standby slots in showversion o/p
lg: add code for LG_SINGLE config knob
clogin: run_commands() needs do_saveconfig
f10rancid: change fan status parsing to handle c300
nxrancid: collect license info; fix 'show env temp' & 'show
env power' parsing; drop unused code.
change zero-config check to avoid broken awks - from jim buchele
2.3.2
clogin: fix for Extreme prompt handling
nxrancid: delete Command: and Time: output
f5rancid: install the script and use the device type 'f5'
*login: accept -S for "save configuration if prompted"
*login: remove uppercase versions of lowercase options
tlogin: replace -debug with -d
nlogin: cloginrc method handling and login error path fixes
clogin: change "(enable)" and/or regex meta-char exscaping so that
catalyst logins work properly.
hlogin: run_commands exp_continueing when it shouldnt have
jerancid: summarize DirSlotN bytes to reduce diffs
rancid: catch aborted 'show diag' output on some 7300s.
Bug found by Paul Vlaar.
rancid: correct/add some filtering for ASA's more system:running-config
srancid: filter temperature sensor info for Dell 6428 stacks
hpuifilter: Filter \x07 (bell) from output, which the Cisco AGM suddenly
started inserting *sometimes*.
nxrancid: add "show version build-info". sort snmp-server user.
rancid: filter filesize and date of tracelogs dir on IOS-XE
rancid: summarize bytes free for IOS-XE like XR
nsrancid/nslogin: updates for netscalar version 8 - Marco Schirrmeister
f10rancid: updated support for all devices running FTOS: E-Series,
C-Series and S-Series - Greg Hankins
clogin: force10/SFTOS fixes for username & logout prompts - Doug Hughes
f10rancid: SFTOS config end marker has trailing space - Marcus
Stoegbauer
mrvrancid: support for the MRV fiber switch
rancid: collect GSR linecard route memory - Kritian Larsson
clogin: new CSS configuration change prompt syntax - Kritian Larsson
*login: add -- to other sends that take input from the user
*login: terminate send options with -- to avoid interpretation of -'s
in arguments - partly from Ric Anderson
nxrancid: add support for cisco Nexus boxes; use type cisco-nx
rancid: Skip "Cryptochecksum:" line on ASA, PIX, et al
hrancid: K.13 s/w changed cmd 'show system information' - Richard Golier
rancid: Spot yet another flash disk in show version output.
rancid: Some support for Cisco Nexus.
rancid: corrupted flash is not a rancid failure - from John Payne
rancid.spec: Linux spec file - blame Steve Snodgrass
rancid: changes for cisco SAN - from Mark Favas
clogin: escape regex grouping atom '()' in the catalyst prompt - From
Casey Deccio
flogin: handle strange characters like space in prompt w/ the method
from clogin for handling regex characters
francid: filter SSL secret - From Jethro Binks
francid: privlvl 5 does not allow write term, also run show
running-config - from Jethro Binks
*login: Return/exit non-zero if there are failures for any of the
devices on the cmd-line.
nslogin: password prompt change in newer code - from Derek Andree
hlogin: reformat the prompt matching in run_commands() like cisco, which
fixes -x and -c usage in configure mode.
avorancid: Avocent (Cyclades) module - from Stephen Griffin
f10rancid: updated support for all devices running FTOS: E-Series,
C-Series and S-Series - from Greg Hankins
jrancid: don't look for passwords in
system login class XX permissions []
jrancid: additional filter for M320
rancid: ignore author failure for some data that are collected by
different commands and succeeded the first time - from David Luyer
*login: add -d to enable expect's debugging
configure: make svn fs-type configurable with --with-svn=fstype
xrancid: Correct the $prompt regex mangling for XOS - from Tore Anderson
f10rancid: E-series support updated - loaner & clues from Greg Hankins
rancid: Convert disk/flash free space to MB (from bytes) for IOX/IOS XR
accept NO & YES for NOCOMMSTR in rancid.conf
Add ACLSORT configuration knob - mostly from Michael Stefaniuc
cat5rancid: permit missing CRLF on exit - Michael Stefaniuc
cat5rancid: skip show inventory for those without - Michael Stefaniuc
agmrancid: show diag can fail shortly after boot
rancid: radius/tacacs key filtering on old IOS - from Michael Stefaniuc
rancid: Add AS5xxx support from Andre van der Merwe.
Changes so the RANCID-CONTENT-TYPE is the same as the
documented entry in router.db.5 and the same as the call
in rancid-fe. These RANCID-CONTENT-TYPEs changed:
brancid from bay to baynet
cat5rancid from cisco-cat to cat5
cssrancid from cisco-css to css
erancid from adc-ezt3 to ezt3
fnrancid from Fortigate to fortigate
hrancid from hp-procurve to hp
jerancid from Juniper_ERX to erx
srancid from dell to smc
f5rancid: F5 BigIPs
srancid: SMC/Dell switch support - loaner from Randy Bush
*login: Set variables for do_login when both -e and -p/-v are specified
- reported by A Dudek
*login: recognize the environment variable CLOGINRC, see clogin(1)
agmrancid: Cisco AGM/Anomaly Guard Module
francid: drop fan speed o/p from show chassis - John Adams
clogin: match Cisco CSS's "save config?" prompt - Lance Vermilion
jrancid: include show system core-dumps - Michael Lyngbol
rancid: filter empty 'show inventory' fields - from Michael Stefaniuc
*login: If we timeout while trying to quit in run_commands(), close the
connection (ie: file descriptor/tty) gracefully. - from Ed
Ravin, adjusted to catch the close.
jrancid: Adapt M160 PCG freq rounding to new format - noted by Mark
Davis
rancid: collect flash size on the FWSM - from Aaron Gee-clough
francid: Fix temperature/show chassis filtering for newer Foundry boxes
- noted and tested by Gary Roberts
rancid: fix Cisco 3825,3845 show version parsing - Michael Stefaniuc
clogin/hlogin: use send -h for exit command - Michael Stefaniuc
clogin: Answer F10's "unsaved changes" logout prompt - Colin Corbett
f10rancid: "Current Conf" begins with ! in recent code - Colin Corbett
francid: sort intf "secure" MACs, order fluctuates - noted by Brad Volz
francid: filter temperature o/p on the SuperX - Brad Volz
convert rancid-fe vendor list to a hash - suggested by Ed Ravin.
rancid: new format for PIX 7.0 license string - Aaron Gee-clough
rancid: check for 7300 type of routers
clogin: older CatOS for 1900s has a CR after the pager prompt
clogin & xrancid: Extreme XOS prompt format changed - Tore Anderson
User a .cvsignore file to prevent non-cvs'd control files from appearing
in cvs update output.
rancid: include _ in IOS version strings
clogin: reduce the number of leading prompt characters used in
run_commands to accomodate change seen in cat6500
12.1(13)E14 - Charles Aresenault
hlogin: fix ssh hanging on press any key prompt - Ryan Mooney
rancid: more support for HFRs
nlogin: fix missing -re option for password matching - Jee Kay
lg: fix quoting of juniper command arguments - Richard Doty
rancid: also match _ in software image names - Stafford A. Rau
nrancid: fix config comment character & more filtering - Stoned Elipot
hlogin: look for the 'press any key' prompt after ssh authentication,
unlike telnet, where it appears before authentication.
hpuifilter: allocate a pty to interact with ssh/telnet, so that we
interact with ssh for the password exchange.
WARNING: repeated ssh login failures to HP Procurves cause the switch's
management interface to lock-up (this includes snmp, ping) and sometimes
it will crash. This is with the latest firmware; 5.33 at the time of
this writing.
*rancid: check hostname, or filename, before opening the output file.
rancid: better filtering of {tacacs,radius}-server - Patrick Adlam
rancid: better filtering of PIX pager prompt - Aaron Gee-clough
rancid: collect show debug - Ed Ravin
add subversion support - mostly from Justin Grote
clogin: support rsh method - partly from James Stahr
collect show inventory raw on rancid and cat5rancid
add -ko to cvs diff commands - Michael Shields
Add a MAILHEADERS configuration variable for user-defined mail headers
rancid: match HSRP group numbers greater than 1 char wide - Ed Ravin
nrancid: filter radius secrest - Jee Kay
*rancid: collapse the two command list definitions to an array of
hashrefs and build the lists from it - Ed Ravin
*login: ignore rsh on platforms that do not support it and on those
that do (eg: cisco), skip rsh for interactive and script (-s) logins.
add MAX_ROUNDS rancid.conf knob - Mardechai Abzug
control_rancid: fix adminmailrcpt default - Danny Thomas
rancid: correct handling of SNMPv3 host configs - Patrick Adlam
rancid: filter nv_hdr file seen on sup720 - Bill Ouchark
etc/Makefile.am: support DESTDIR - from Michael Shields
rancid: add IOX/CRS support.
hrancid: show stack does not apply to all procurves - Eugene Zagrebelny
flogin: older foundry o/s has misc spaces preceeding : in username
prompt - from mike ethridge
A better nlogin & nrancid for NetScreens - help from Stephen Gill
jerancid: case fluctuates in "active/standby" - from David Gethings
jerancid: filter "please wait" from config - from David Gethings
jerancid: filter consecutive periods at top of write term - mark cooper
jerancid: fix check for slave RE sync in DirSlotN - from Mark Lovely
rancid: collect 6500's sub-module info from show modules
jrancid: collect license info & RE Model. Don't collect
the license keys as this is only supported on the jseries
and running 'show system license keys' on other junipers
produces output from *two* commands - 'show system license'
AND 'show system licensekeys'.
rancid: erroneous space in shared-secret match - from Blaz Zupan
nrancid: fix missing brace - from David King
lgform: need strftime from POSIX - from Joao Frade
rancid: filter multiple-fs file - from Yuval Ben-Ari
cssrancid: make this parse the collected output properly
rancid: filter & sort IOS AP username passwords - noted by Stafford Rau
rancid: parse more variants of 'show diag' output.
2.3.1
jerancid: fail/retry if the RP is syncing to the backup - Dave Mack
clogin: cat 19k lacks a space in front of pager prompt - darren @ adam
nlogin: correct find(sshcmd) argument - from Samuele Giovanni Tonon
lg.cgi: allow :s in arguments for sub-interface from Richard Doty
jrancid: filter some more secrets
rancid: filter some more secrets
francid: bits for Mucho Grande - from Niels Bakker
add -- before (telnet|ssh) in call to hpuifilter so that any options
for telnet/ssh are not interpretted by hpuifilter
look for diff -U if diff -u fails in configure.
fix typo in nlogin that made cloginrc password lookups fail.
2.3
The following files have been moved to make rancid more
install/pkg/port/rpm friendly.
*** bin/env has been moved to etc/rancid.conf ***
*** bin/hpfilter has been renamed hpuifilter ***
*** util/lg/lg.conf has been moved to etc/lg.conf ***
*** util/lg/lg*.cgi have been moved to bin/lg*cgi ***
*** bin/create_cvs has been renamed rancid-cvs ***
*** bin/do-diffs has been renamed rancid-run ***
Note: existing configuration files are *NOT* copied/moved for you
bin/rename is no longer shipped with rancid
rancid.conf: add MAILDOMAIN knob - from David C.
clogin: allow the port to be specified for method ssh
jlogin: add cloginrc passphrase directive and order of precedence is
cmd-line -r value -> passphrase -> password
xrancid: do 'show diag' instead of 'show diagnostics' as the
longer version has sometimes timed out.
rancid: filter file vlan.dat from show flash on IOS switches
rancid: parse cisco 1760's DSP slot show diag output
francid: reorder listing of ports in a vlans - from Niels Bakker and
Steven Bakker
clogin: disable session logging w/ -c on catos - from Jason Ornstein
rancid: add Processor ID to save output
*login: handle TCL meta-characters in cloginrc directive values
francid: correctly parse modules in slots >= 10. from Niels Bakker
run cvs delete code even when router.db is empty.
Riverstone/Enterasys updates from Andrew Fort
rancid.conf: add LOGDIR variable - see rancid.conf(5)
rancid: add show spe version and parse FRU show diag output
- from Yuval Ben-Ari.
add option --enable-adminmail-plus to configure
jrancid: collect show chassis alarms
rancid: skip show vlan for (3550|4500|7600) - from Andrew Fort
rancid: collect 6500 slave sup bootflash - from Andrew Fort
rancid: show diag updates for 1700, 3700, etc - help from Michael Haba
The Extreme does not have an 'enable' level, so make sure
you have 'set autoenable' for it in your .cloginrc so clogin
will work.
add Cisco CSS support - from Wedge Martin
*login: add cloginrc sshcmd directive - idea from steve neighorn
rancid: IOS show version changes w/ 12.3 - from Yuval Ben-Ari
support for hitachi routers - from Mohacsi Janos
strip WS around router.db fields - from Alastair Galloway
add goveling of 2600 mainboard port adapter info
*login: also check LOGNAME for default username - from Fredrik Thulin
jerancid: add matches for "Please wait" to all functions -
reported by Dave Mack
fnrancid: Fortigate support - from D. Pfleger
nlogin: Fix prompt groveling when running a cluster - from D. Pfleger
nrancid: filter "set admin user" - from D. Pfleger
rancid: do both 'write term' and 'show running-config' and
keep the output from the first one that works. As cisco
phases out 'write term', this will keep things working.
jerancid: filter host ... ftp, encrypted passwords oscillate - reported
by Dave Mack.
rivlogin: add "User:" as a possible username prompt (u_prompt) for
some platforms - from Adam Rothschild
cat 3500 s/n and pix failover license - from Rob Evans
recognize cisco ContentEngine - from Rob Evans
Juniper ERX (jerancid) support, based on 5.0 - thanks to Dan Pfleger,
Richard Russman, Zaid, Mike Baker, and Mark Nguyen
rancid: drop the "suggested action" portion of GSR LC/RP ROM upgrade
warnings. Cisco keeps changing the format; it just is not worth the
aggrevation.
study causes missed command somehow in redhat9 - from David King
filter port security mac entries, from Arnold Nipper
add Procket Networks support, "prancid"
filter ipsec keys in rancid & jrancid.
rancid: collect show idprom backplane (6500 cmd); this could collect
more - request from jared mauch
rancid: order all 'ip host' commands.
rancid: collect show rsp chassis-info
rancid: filter HSRP auth and SSA key-string reversable passwords
lg: set query/command list in lg.conf, thus allowing individual cmds
to {dis,en}abled, and add some multicast and ipv6 queries all of which
are disabled by default (for lack of testing) - from Janos Mohacsi
cat5rancid: collect 'write term all' for cats that support it - tested
by terry kennedy and joe rizzo
cat5rancid: regularize escaping of regex operators in switch prompt
nsrancid: include "get log setting", as suggested by gael canal.
add manpage note about log_user with -s, from mail list discussion
xrancid: Handle end of ssh connection a bit better.
jrancid: skip master/backup re msgs
*rancid: escape regex chars found in prompt
xrancid: also collect 'show configuration detail'
hlogin: allow the port to be specified for method ssh and
add path to hlogin to env(PATH) for locating hpfilter
hpfilter: allow >2 arguments so that telnet port number can be passed.
rancid: gsr RP slot warning is only 1 line - Russell Heilling
add zrancid to handle zebra routing s/w
add riverstone support - from Jim Meehan. thanks to Hong Luo for
access to a riverstone to test. Kevin Chan reports that this works
for Cabletron routers with more recent s/w (~v9.0.3).
jrancid: fix handling of reversible keys such that trailing text is
not removed
rancid: slave/redundancy stuff - from stephen griffin
rancid: show version bootstrap format changed in 12.0(23)S
rancid: make sure we filter PIX pager prompts
xrancid: make xrancid work when the extreme has pending changes.
netscaler support - from Anshuman Kanwar.
netscreen firewall support - from Stephen Gill
rancid: include additional cpu info from show version in !CPU: line.
lucent tnt support - from Richard Vander Reyden
rancid: skip consecutive comment lines. on some access servers the
number of comment lines oscillate.
lg.conf: add LG_STYLE variable for style sheet - from Janos Mohacsi
also install the FAQ - good idea from Janos Mohacsi's freshport
rancid: filter 'cable shared-secret'
2.2.2
*login: fix handling of userprompt et al so that {}'s are used in
.cloginrc as they are with every other .cloginrc directive.
f10rancid: Fix to pick up new info in show version output.
jrancid: Ignore Timecounter "TSC" in show system boot-messages output.
rancid: filter tty line speed when configured for auto-configure
flogin: bring login() and do_enable() in-line with [cj]login. also
match "telnet server disabled" - from brad volz.
control_rancid: report devices added to router.db - from Fredrik Thulin
also eliminate empty up/down lists.
rancid/jrancid: filter isis passwords - partial from Janos Mohacsi
lg: make o/p from the lg stream (unbuffered), so one doesnt have
to wait for entire o/p from the router in a failing traceroute, for
example. suggestion and clues from alexander koch. while here, fix
cache handling so 1) it doesnt cache cmds that resulted in an error or
otherwise failed and 2) log and run the cmd as normal if there are
problems opening a cache file.
lg: make logging more consistent. log as defined by LG_LOG if
possible and stderr as last resort. it was logging largely to stderr.
and make exit-code small (instead of 255); some wait()s only look at
the first 3 bits
lg: add check in lg.cgi that router name appears in the router.db
and is thus accessible. from richard doty. also fix-up a few
comments and such.
rancid: GSR LC PCA h/w revision now called "design release" on
some platforms. CSCdw13295
add util/getipacctg example script - contrib from steve neighorn
2.2.1
rancid: npe400 cpu eeprom info o/p format changed in 12.0.21S1 -
spotted by tom campbell
fix problem in *login where if there was a login failure we would try
to disconnect gracefully (albeit incorrectly). writing to the
half-closed socket would not return an error (at least on some
platform/expect combinations or even consistently) and expect would
hang.
add device name to diff mail subject when -r is specified
add -m option to do-diffs and control_rancid to allow
specific mail recipient. intended for use with -r to trigger diffs
off specific events.
router.db(5): note that PIX is a 'cisco' - thank kris gulka
*login: match openssh prompt for host key to ip key mismatch
rancid: add disk/slot2
rancid: 12.2 show c7200 o/p for midplane changed
lg: use table inet.0 terse for sh ip route on juniper instead of
forwarding-table destination
rancid: 12.0S(21) added "FRU" field in show diagbus output.
Also look for a couple more things in some show diag output
and sort the output a bit better. Also look for 'controler'
(cisco can't always spell - thanks to Terry Kennedy for
spotting the misspelling).
lg: filter ["`'] from args
rancid: fix username secret filtering
alogin: misplaced brace caused improper return from proc login
relax the check ping and traceroute check of hostname arguments such
that non-fqdn hosts are allowed. i.e.: just check that arg chars are
valid dns chars and leave the resolve errors to the router.
Add initial support for Force10.
2.2
rancid: filter vpdn passwords on PIX - from eric greenwood
*rancid: handle variable amounts of spaces in front of
' password' correctly.
rancid: remove key from "crypto isakmp key".
*login: cleanup login() to be more generic and handle openssh password
reprompting
clogin: fix clogin -x for config mode by adjusting the prompt regex
lg.conf: add LG_INFO to append local information to the main form
{cat5}rancid: add dir of sup-{bootflash,microcode} for 6500
*rancid: print $host before "missed cmds", "unexpected command",
and "End of run" messages.
cat5 module type match failed when user module name contained spaces
add FILTER_PWDS switch to env(5)
add merit MRTd support
add -r option to do-diffs and control_rancid
brancid: handle []'s in bay prompts and drop lock-address from config
- from mark cooper
extreme: strip password if config|configure. Strip ^M
right after ssh key.
Look for BOOTLDR: on ciscos.
add par.1 manpage
allow a TCP port suffix to telnet in .cloginrc - from Alex Bochannek
Fixed RANCID-CONTENT-TYPE to be more consistant. Changes are
brancid bay
cat5rancid cisco-cat
erancid adc-ezt3
jlogin should not look for username@router in .cloginrc
filter foundry ssh private key
filter '#Time" from catalyst 4 write term
display platform specific command in lookingglass results - patch
from Janos Mohacsi
add support for HP procurve switches, in particular 2524M and 4108gl.
thanks to hp for the loaners.
filter encrypted passwords on alteon as the change for each display
More support for Redbacks.
rancid now looks for "[kK] bytes" and "slot|disk".
clogin now looks for "login:" as well as "Login:" and
escapes "[]" in $prompt.
2.2b8
add PAR_COUNT variable to bin/env for adjusting the number of
simultaneous collections. see bin/env (or bin/env.new for those with
previous installation) and the env(5) manpage.
more work on extreme switch bits + fixes from Alex Bochannek.
jlogin: add 1s sleeps to avoid passwords being echo'd before tty noecho
is set. richard doty
few looking glass fixes
brancid: filter uptime and add -all option to config for bayrs version
14. from mordechai abzug
jrancid: m160 measured chassis clock MHz fluctuates, trim the
decimal places. from Mark A Gebert.
par: -x fix for log file monitoring killing xterms. from rdrake.
2.2b7
brancid: patch to filter community strings from Mark Cooper
do-diffs: trap'ing SEGV (11) causes error on solaris.
2.2b6
baynetworks/nortel support from Mark Cooper. thanks mark!
jlogin was overloading -p's variable causing proc login to fail on 2nd
router on cmd-line
2.2b5
fix regex error in clogin affecting catalysts
clogin attempts to grope entire prompt after login
*login need to catch{} -x cmd file open so expect doesnt puke if
there is an error opening the file
2.2b4
add extreme switch bits
cisco changed the o/p fmt of h/w info on the 65xx in 12.1.8e
PIX520 supplies different more(1) prompt than others. from William R
Thomas.
fix typo in jlogin. from richard doty.
add 2 example expect script for clogin -s
handle foundrys and more juniper bits in the lookingglass
add LG_STRIP knob to strip login o/p in the lookingglass
add LG_BGP_RT knob to {dis}allow heavy o/p sh ip bgp neighbor LG cmds
bin/clogin shouldnt insist upon an enable password with -noenable option
2.2b3
bin/rancid changes for cisco 124xx
some serial controllers (PAs) have predefined cable-type in show
controllers. M8T-V.35 was being missed.
modify jlogin to grope the full prompt after login such that -x
can be used within configuration mode. note: this turns $prompt into
a regexp, WRT -s scripts and -re option for expect's.
add -Evar=x option to pass variables to scripts. e.g.:
clogin -Evariable=something router...
clogin -Evariable=a,b,c [i.e.: an array/list which user splits]
2.2b2
fix jlogin's password/userpassword functionality which broke when
cmd-line options were made consistent.
add check for config/* files missing from the cvs repository.
add 2 juniper config checks to avoid truncation. 1) config should
have at least 1 "section" amounting to at least 3 lines and 2) if
a mgd version mismatch exists, there may be inaccuracies.
convert usage of Mail to sendmail for portability. local .mailrc
aliases can no longer be used.
bin/alogin and changes (of beta quality) for Alteon WebOS switch
from andrew fort.
Check for more types of cisco 12000s. Also check for 2600s.
jrancid's show chassis hardware needs detail arg in junos 4.4
make *login print \n before errors, so rancid can use an anchored
match to find login errors and avoid such matches in router o/p.
make *login automatically add host keys with openssh's prompting
All routers not listed as 'up' in router.db are considered down.
This allows values other than down to mean 'not up'. for use
by util/downreport.
2.1
Change default umask to 027 (it was 007) mainly as an
attempt to stop people from changing stuff in rancid's CVS
store. Only rancid should be updating its CVS store.
control_rancid cvs updates router.db before starting a
group's collection.
configure now has a --enable-mail-plus option to have rancid
send mail to rancid+$GROUP instead of to rancd-$GROUP.
Patch from davidw@certaintysolutions.com.
configure should figure out diff options on it's own.
try to get default user from env() and catch exec on id in *login
make clean/distclean was missing some files
make sure do-diffs cleans up after itself if it exits prematurely
ignore case when cvs delete'g removed routers
francid/rrancid (foundry/redback) now strip snmp communities like
the others, via NOCOMMSTR var in bin/env.
add man pages
collect 'sh vlan' on cat 6000 - afort@choqolat.org
Add 'show vtp status' for the 3500XLs as well.
Escape regex meta-chars found in device prompts in *rancid
Add "include" directive to include other pwd files via .cloginrc
Add "show port ifindex" for the cat5s.
Try to detect flash being busy on a cat5.
Tag each config file with its 'type'. E.g.:
!RANCID-CONTENT-TYPE: cisco
fix from afort@staff.webcentral.com.au to lg.cgi to allow prefix-list
with numerals.
fix lg form's formatting (on some browsers/conditions). Thanks to
rrashid@verio.net for the html help.
2.1b
add looking glass utility based on Ed Kern's original source. Thanks
to Ed for permission to include it with rancid. this is only partially
tested.
fixed expect foo in *login when .cloginrc is unreadable.
Don't sort 'ip name-server' - order matters.
2.0
Better formatting for cisco catalyst [non-ios] switches.
Better support the cisco 3500 switches.
Get some info out of "show version" for the cat5ks.
cat5k "show boot" does variables, not bootflash.
Skip more goo from 'write term' on some cat5ks.
Collect 'show module' for 6500-ios.
Revamp *login's use of .cloginrc's method directive. see
cloginrc.sample.
Add bits for Cisco PIX. Thanks to joe rizzo@EA for access to a PIX.
Sort usernames on ciscos.
Get more info out of "show diag" on the GSR.
Add "show chassis sfm detail" for the M160.
Leave router type in place when telling about changes to
router.db.
Add autoconf (configure) and makefile bits to automate install
and perl/expect replacement
1.6
Add "dir nvram:" to rancid.
Add support for ADC EZ T3 mux. adapted from tkenndedy@verio.net's
contrib.
strip (try to) snmp community strings from cisco and juniper configs
if environment variable NOCOMMSTR is set.
merge tkennedy@verio.net's support for cisco 2900xl into rancid
Ignore "fan spinning at" noise on junipers.
1.5
sync command-line option between clogin / jlogin. jlogin modified:
-x passphrase -> -r passphrase
-> -x command-file
-e encrypt type -> -y ssh_chyper_type
add .cloginrc noenable directive to set the cmd-line -noenable
option.
add .cloginrc userprompt, passprompt, and enableprompt directives
to adjust expected cisco router prompts in clogin.
see README for info on web interface to rancid CVS repository.
Try to detect hung rancid jobs & send email.
Add (partial) support for the cat5s. Still need more work
on the show output, but it does grab the config.
Skip the juniper's kernel version, memory, and fsck output
of "show system boot-messages" - fsck output changes every
time you boot and the version & memory is better found
elsewhere.
Delete the cisco ospf authentication and ftp passwords.
Get both (juniper) show chassis ssb and scb but only process
them once.
Get info from show diag for 2600s as well.
Catch juniper "command is not valid on the olive" errors.
Catch juniper config mismatch between versions of JUNOS.
Catch close on EOF in clogin/jlogin/flogin.
Don't expand RCS keywords in config files.
Catch the case were rancid gets and error and leaves an
empty new config file.
Make the time to elapse before complaining about unreachable
routers be configurable instead of fixed at 24 hrs. The
default is now 4 hours.
Add -x passphrase to jlogin.
You can now set a ssh identity file in .cloginrc for use
with jlogin.
Handle more errors in jrancid. Also handle changes for
JUNOS 4.0 and collect "show system boot-messages" output.
rancid now recognizes cisco 12016s and more types of 7200s.
It also looks for WARNING messages in show version.
And sort ip explicit-paths.
1.4
sort cisco route-maps
added (crude) foundry switch bits
reworked code to reduce jumps. improvement in speed/cpu util.
add bits to cvs delete configs which have been removed from
a group's router.db.
add support for redback. modified from contrib by scao@verio.net.
add support for ssh in clogin
modify format of the admin up/down/delete'd msgs.
add NOPIPE bin/env var
order ARP lists in cisco configs
1.3
update comments re: mail aliases in bin/env
add more info/clarification to README for install.
1.2
add more info/clarification to README for install.
rename .cloginrc.sample -> cloginrc.sample.
clogin patch (courtesy stephen stuart); does two things:
- adds a "-x" switch that takes lines from a file and does the same
thing as if you'd specified ;-separated commands with -c (newline
separates commands). thanks to stephen stuart.
- does a subst on commands in run_commands so that expansion of
escapes is performed; e.g. you can say "copy rcp://blah slot0:\r" to
answer the question that comes after the copy command.
0707010009eaf6000081a40000000000000000000000014fa8b72100000a2f000000b600010002ffffffffffffffff0000003000000000root/usr/local/rancid/share/rancid/lgnotes.html
Looking Glass Notes
Looking Glass Notes
Just a few straight forward notes on our implementation of
Ed Kern's looking glass (which was http://nitrous.digex.net).
- Some items are not implemented for the junipers/foundrys yet (so, as i get
to it) or no equivalent command exists.
- If there is something which you feel is missing, feel free to ask
and/or send comments to
rancid@shrubbery.net. No guarantees.
- Only one query per router allowed at any given time. This is to avoid
resource deprivation on the looking glass host or the router. The
looking glass will attempt to serialize queries.
- The looking glass will ping a router prior to querying it to avoid
trying to query routers which are down or otherwise inaccessible.
- Login failures can be intermittent or permanent, either due to the
router being inaccessible from the looking glass machine,
or authorization failure(s). Contact your local network engineering
folks to resolve login failures.
- Queries followed by <something> require an argument(s) in the text
window below the query list. Some queries take optional arguments
denoted by [something]. Multiple arguments should be separated by a
space.
- Note that output from certain queries is cached by the server and may
be slightly out of date. These queries will be noted as such in the
output. This is limited to queries which could produce lots of output,
such as 'sh ip bgp dampened-paths'.
- Note that some queries have potential to produce great load on the router
and produce lots of output, such as 'sh ip bgp' or 'sh ip bgp reg '^3561'.
The looking glass attempts to deny such commands.
Some useful hints:
- Show interfaces can take arguments other than an interface name, assuming
the router is running an O/S version with the capability. For example; a
cisco can take 'descriptions' or 'brief' and 'terse' for the juniper.
- Show ip bgp neighbor can take additional arguments (if configured to allow
it), such as 'advertised routes', 'flap-statistics', 'received-routes',
and 'routes'. The argument will be converted for the platform.