Mailing List Archive

Interesting! I have yet to upgrade our installations to 8.1.4. Thanks for the heads up!

?
Chris Gauthier Senior Network Engineer | comScore, Inc.
t +1 (503) 331-2704 |
cgauthier@comscore.com
317 SW Alder Street, Suite 700 | Portland, OR 97204 United States
comscore.com
???This e-mail (including any attachments) may contain information that is private, confidential, or protected by attorney-client or other privilege. If you received this e-mail in error, please delete it from your system and notify sender.
-----Original Message-----
From: Rancid-discuss <rancid-discuss-bounces@shrubbery.net> on behalf of Erik Muller <erikm@buh.org>
Date: Friday, October 26, 2018 at 3:25 PM
To: heasley <heas@shrubbery.net>
Cc: rancid list <rancid-discuss@shrubbery.net>
Subject: [rancid] paloalto feedback in current alpha [was: Re: clogin commenting script commands following multiple blanks lines]

On 10/24/18 18:32 , heasley wrote:
> Wed, Oct 24, 2018 at 09:19:31PM +0000, heasley:
> ok; committed. Either the alpha tarball or the svn repo. Welcome testers,
> esp for palo alto, of which I have none.

At least on 8.1.4 on my 3250s, the cli is a little bit busted until you get out of interactive mode - for every space you enter between words in the command, it redraws the current line, which was messing up the prompt matching as below. Fix for that attached at end of message.
-e

rancid@status:~$ rancid -t paloalto -d fw1.ams
loadtype: device type paloalto
loadtype: found device type paloalto in /home/erikm/rancidtest/etc/rancid.types.base
executing panlogin -t 90 -c"set cli scripting-mode on;set cli pager off;show system info;show config running" fw1.ams
line: fw1.ams
line: spawn ssh -c aes256-ctr,aes192-ctr -x -l rancid fw1.ams
line: Password:
line: Last login: Fri Oct 26 20:04:51 2018 from 10.x.x.x
line: No entry for terminal type "network";
line: using dumb terminal settings.
line:
line: Number of failed attempts since last successful login: 0
line:
line:
line: rancid@fw1.ams(active)>
line: rancid@fw1.ams(active)>
line: rancid@fw1.ams(active)> set
line: rancid@fw1.ams(active)> set cli
line: rancid@fw1.ams(active)> set cli scripting-mode
line: rancid@fw1.ams(active)> set cli scripting-mode on
PROMPT MATCH: rancid@fw1.ams\(active\)[#>]
HIT COMMAND:rancid@fw1.ams(active)> set cli scripting-mode on

COMMAND is: set cli scripting-mode on|rancid::RunCommand
In RunCommand: rancid@fw1.ams(active)> set cli scripting-mode on
line: srancid@fw1.ams(active)> how system info
line: s
line: hostname: fw1.ams
line: ip-address: 10.x.x.x
...
line: family: 3200
line: model: PA-3250
line: sw-version: 8.1.4-h2
...
line: multi-vsys: off
line: operational-mode: normal
line:
line: rancid@fw1.ams(active)> how config running
line: exit
line:
line: config {
line: mgt-config {
line: users {
...
line: rancid@fw1.ams(active)> Connection to fw1.ams closed.
fw1.ams: missed cmd(s): set cli pager off, show system info
fw1.ams: End of run not found
fw1.ams: clean_run is false
fw1.ams: found_end is false
!



erikm@status:~/src$ diff -ur rancid-3.99.99 rancid-3.99.99-em/
diff -ur rancid-3.99.99/bin/https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fpanlogin.in&c=E,1,6ITCpn7S8etHwRGxye4nnY-WXsOspZJKTHaSxUMwn7CUVVRDtL9N4eULfbpZKMnS2fE-49UrdfNQg0zd5F8rE7gq5t_QzpoQwMmdI9v87bdIynxj_kNZYaM,&typo=1 rancid-3.99.99-em/bin/https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fpanlogin.in&c=E,1,AFuvKrybC8GB6DG7swV-DVjqoacwb3bN-9HbNrwIHSu3eQM0RtFFTm_43KfETWr8-Uz_SJGx3N-3-OaDDhdxtdoNE4ZVfLEnq_ly_T8O8XSbFZ9ZEA,,&typo=1
--- rancid-3.99.99/bin/https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fpanlogin.in&c=E,1,PaBCXESaFYWjzoqImlahNbNlLrsy_b2vXybrRIrH36LE0245jqMqk6zO7RNZojKH5MycizqdsA_XLMSlWFTJWC55BdQ4EZyVefR65_EuhGMq766dEcz4ZHHC&typo=1 2018-10-24 18:26:50.000000000 -0400
+++ rancid-3.99.99-em/bin/https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fpanlogin.in&c=E,1,EMioRKDRQlsHo46MUuAFylZdiNznL5XtoxGxMWzoJ-zE-yjczHpChxK9eUwVOkVfFMmWgFqx3n44hw-w1Ry9jmPUH43kK_du2ctguUJdL-p0-eIk&typo=1 2018-10-26 17:24:55.945967567 -0400
@@ -455,14 +455,22 @@
}
}

+ # PAN-OS in interactive mode will send a newline and then redraw the
+ # whole prompt-and-command if you send a space.
+ if { $do_command || $do_script } {
+ set cmd "set cli scripting-mode on\r"
+ send $cmd
+ # ensure we eat the partial commands redrawn while entering the command
+ expect -re "$cmd.*$prompt" {}
+ send "set cli pager off\r"
+ expect -re $prompt {}
+ }
+
if { $do_command } {
if {[run_commands $prompt $command]} {
continue
}
} elseif { $do_script } {
-# send "set cli scripting-mode on\r"
-# send "set cli pager off\r"
- expect -re $prompt {}
source $sfile
close
} else {
diff -ur rancid-3.99.99/etc/rancid.types.base rancid-3.99.99-em/etc/rancid.types.base
--- rancid-3.99.99/etc/rancid.types.base 2018-10-24 11:13:49.000000000 -0400
+++ rancid-3.99.99-em/etc/rancid.types.base 2018-10-26 17:16:53.950868707 -0400
@@ -607,9 +607,8 @@
paloalto;login;panlogin
paloalto;module;panos
paloalto;inloop;panos::inloop
-paloalto;command;rancid::RunCommand;set cli scripting-mode on
-paloalto;command;rancid::RunCommand;set cli pager off
paloalto;command;panos::ShowInfo;show system info
+paloalto;command;panos::ShowInventory;show chassis inventory
paloalto;command;panos::ShowConfig;show config running
#
procket;script;prancid
diff -ur rancid-3.99.99/lib/https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fnxos.pm.in&c=E,1,tqRFL7QBqp5N9_vWuTMWwfLR3zhD5Z-aWd8zb4ymx8UXKMyN4UAsbleguZppsQZxEyybiih1kmjUe3xh14kBFX99sF7DlgjDCb_Dqhs0KvfdQyw7gcgAUw,,&typo=1 rancid-3.99.99-em/lib/https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fnxos.pm.in&c=E,1,JACD8ijcXFc2KdkXkmtL6QSeGU_NOOPVmovZiHGdVPL85CLgHDDILs-KqaEsZu-Kns8_DELxKloc1Bt5GQTRNK7SrBuQaac2T00J7L_MXtfumXfO77s,&typo=1
--- rancid-3.99.99/lib/https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fnxos.pm.in&c=E,1,NGNes7dJXeV8s2Sqt0gQmCAXeJfUQi1YJcx4CsmImWwi4axvCK2eDslTWStHiRGGW1syuxjnoCXxk2ss4RlSrQ5CxLytEWhqgMCHDyIfHpiAwF6dh1U,&typo=1 2018-09-19 18:02:44.000000000 -0400
+++ rancid-3.99.99-em/lib/https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fnxos.pm.in&c=E,1,Gsr8TiBW7YqcDWKivbh5ZgN_vVlB7lZod_5hLaW8lxrqDhBKsSchvI7ctiyw7Iniv2TGTTSPOCleizxfWjFMxYNZhNrysDxx7AnHpRWp3JM42XJrztV5ClK96Q,,&typo=1 2018-10-26 17:58:51.611639817 -0400
@@ -494,9 +494,12 @@
# Drop vtp_debug.log and vtp_debug_old.log CDETS bug CSCuy87611
/\s+vtp_debug(_old)?\.log$/ && next;

+ # Drop bcm_mem_locl_trace.log
+ /\s+bcm_mem_lock_trace\.log$/ && next;
+
next if (/BufferMonitor-1HourData/);

- if (/( debug_logs| log)\/$/) {
+ if (/( debug_logs| log| vdc_\d+)\/$/) {
# change
# 8192 Jan 08 14:05:05 2015 log/
# to
diff -ur rancid-3.99.99/lib/https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fpanos.pm.in&c=E,1,wybM--nn0b3GZezeXwnIASz16ohSfuG3iIF0YSZF-tJFQEmGCjoPfdvn2RkyDIOedhV3QbLekcjMJVR9w-1zOzONAQNqp64Rq9HpvMh86ubh3CJxgQ,,&typo=1 rancid-3.99.99-em/lib/https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fpanos.pm.in&c=E,1,znAoj5aoZ94EWlULAGnVz3BQyYPOB9RhC6dl1kZnj9hjMYHJXRLtzaa7hRQj57fWGgbmrcZsHQQcPZA0dttaCKLwj2DzN1xiulF-1bxqz84IK2RSttw3j86tkOTf&typo=1
--- rancid-3.99.99/lib/https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fpanos.pm.in&c=E,1,w5a1nRpygvqdqCmQHt0uHGLjgyPiJ98Vh8Hta2vTPcDOG3K6Dm94ovl7YeWSvgXQuHGL9gVrJKuzPUVB8SwzHwZBP2tNAh7xnrw4QNq_kAbC3jo,&typo=1 2016-02-16 07:28:46.000000000 -0500
+++ rancid-3.99.99-em/lib/https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fpanos.pm.in&c=E,1,uHSi8I1UcPVkwxOQRitK7GrRCXWOBpiFZ0PePIt2xZ-v24ryFpOozglEeqOnuUyGaAXn-mZZQ1q2vX5Kq-mPkDdUtIYX4wQMv--AEZgftElzvmHHZEjqGA,,&typo=1 2018-10-26 17:19:11.552895792 -0400
@@ -119,6 +119,23 @@
return(0);
}

+# This routine parses "show chassis inventory"
+sub ShowInventory {
+ my($INPUT, $OUTPUT, $cmd) = @_;
+ my($slot);
+
+ print STDERR " In ShowInventory:: $_" if ($debug);
+
+ while (<$INPUT>) {
+ tr/\015//d;
+ last if (/^$prompt/);
+
+ ProcessHistory("INV","","","#$_");
+ }
+ ProcessHistory("INV","","","#\n");
+ return(0);
+}
+

# This routine parses "show config running"
sub ShowConfig {

_______________________________________________
Rancid-discuss mailing list
Rancid-discuss@shrubbery.net
https://linkprotect.cudasvc.com/url?a=http%3a%2f%2fwww.shrubbery.net%2fmailman%2flistinfo%2francid-discuss&c=E,1,aTwBxlJBb2A79a84ZvNFSyGs9kKZthxrSkYDt2m12f_KQgm6lVqOehmfnuc1GF8ELKLva2F6-xMYm8hzWNkhRAU3zKscC9lpA6sWt7qDJSDS5N8k8fA,&typo=1

Fri, Oct 26, 2018 at 06:24:10PM -0400, Erik Muller:
> On 10/24/18 18:32 , heasley wrote:
> > Wed, Oct 24, 2018 at 09:19:31PM +0000, heasley:
> > ok; committed. Either the alpha tarball or the svn repo. Welcome testers,
> > esp for palo alto, of which I have none.
>
> At least on 8.1.4 on my 3250s, the cli is a little bit busted until you get out of interactive mode - for every space you enter between words in the command, it redraws the current line, which was messing up the prompt matching as below. Fix for that attached at end of message.
> -e

super; committed. thanks.

> diff -ur rancid-3.99.99/etc/rancid.types.base rancid-3.99.99-em/etc/rancid.types.base
> --- rancid-3.99.99/etc/rancid.types.base 2018-10-24 11:13:49.000000000 -0400
> +++ rancid-3.99.99-em/etc/rancid.types.base 2018-10-26 17:16:53.950868707 -0400
> @@ -607,9 +607,8 @@
> paloalto;login;panlogin
> paloalto;module;panos
> paloalto;inloop;panos::inloop
> -paloalto;command;rancid::RunCommand;set cli scripting-mode on
> -paloalto;command;rancid::RunCommand;set cli pager off
> paloalto;command;panos::ShowInfo;show system info
> +paloalto;command;panos::ShowInventory;show chassis inventory
> paloalto;command;panos::ShowConfig;show config running
> #
> procket;script;prancid
> diff -ur rancid-3.99.99/lib/panos.pm.in rancid-3.99.99-em/lib/panos.pm.in
> --- rancid-3.99.99/lib/panos.pm.in 2016-02-16 07:28:46.000000000 -0500
> +++ rancid-3.99.99-em/lib/panos.pm.in 2018-10-26 17:19:11.552895792 -0400
> @@ -119,6 +119,23 @@
> return(0);
> }
>
> +# This routine parses "show chassis inventory"
> +sub ShowInventory {
> + my($INPUT, $OUTPUT, $cmd) = @_;
> + my($slot);
> +
> + print STDERR " In ShowInventory:: $_" if ($debug);
> +
> + while (<$INPUT>) {
> + tr/\015//d;
> + last if (/^$prompt/);
> +
> + ProcessHistory("INV","","","#$_");
> + }
> + ProcessHistory("INV","","","#\n");
> + return(0);
> +}
> +
>
> # This routine parses "show config running"
> sub ShowConfig {

Is this a new command or specific to larger platforms? What is the error
if the command is unknown?

> diff -ur rancid-3.99.99/lib/nxos.pm.in rancid-3.99.99-em/lib/nxos.pm.in
> --- rancid-3.99.99/lib/nxos.pm.in 2018-09-19 18:02:44.000000000 -0400
> +++ rancid-3.99.99-em/lib/nxos.pm.in 2018-10-26 17:58:51.611639817 -0400
> @@ -494,9 +494,12 @@
> # Drop vtp_debug.log and vtp_debug_old.log CDETS bug CSCuy87611
> /\s+vtp_debug(_old)?\.log$/ && next;
>
> + # Drop bcm_mem_locl_trace.log
> + /\s+bcm_mem_lock_trace\.log$/ && next;
> +
> next if (/BufferMonitor-1HourData/);
>
> - if (/( debug_logs| log)\/$/) {
> + if (/( debug_logs| log| vdc_\d+)\/$/) {
> # change
> # 8192 Jan 08 14:05:05 2015 log/
> # to

did I miss an explaination of this patch? I see what it does, but ...

_______________________________________________
Rancid-discuss mailing list
Rancid-discuss@shrubbery.net
http://www.shrubbery.net/mailman/listinfo/rancid-discuss

On 11/5/18 14:29 , heasley wrote:
> Fri, Oct 26, 2018 at 06:24:10PM -0400, Erik Muller:
>>
>> +# This routine parses "show chassis inventory"
>> +sub ShowInventory {
...
>
> Is this a new command or specific to larger platforms? What is the error
> if the command is unknown?

I assume it's universal across all PA (looks like it was introduced to the
CLI reference docs in panos 6.0), but I only have one model to test
against, on which it does:
admin@fw1.ams(active)> show chassis inventory

Slot Component Serial Number Ports Revision
PA-3250 0xxxxxxxxxx1 20 1.1

FANTRAY1 PA-3200-FANTRAY 0xxxxxxxxxx9 1.0

PS1 (left) D1U54P-W-650-12-HB4C-PAN Mxxxxxxxxxx7 RB
PS2 (right) D1U54P-W-650-12-HB4C-PAN Mxxxxxxxxxx1 RB

Presumably on a box that doesn't support it, you'd get:
admin@fw1.ams(active)> show badcommand

Invalid syntax.
admin@fw1.ams(active)>


>> diff -ur rancid-3.99.99/lib/nxos.pm.in rancid-3.99.99-em/lib/nxos.pm.in
>> --- rancid-3.99.99/lib/nxos.pm.in 2018-09-19 18:02:44.000000000 -0400
>> +++ rancid-3.99.99-em/lib/nxos.pm.in 2018-10-26 17:58:51.611639817 -0400
>> + # Drop bcm_mem_locl_trace.log
>> + /\s+bcm_mem_lock_trace\.log$/ && next;
>> +
>> - if (/( debug_logs| log)\/$/) {
>> + if (/( debug_logs| log| vdc_\d+)\/$/) {
>
> did I miss an explaination of this patch? I see what it does, but ...

Whoops, meant to break that out as a separate patch. Nexus 9300s on
7.0.3.I7.5 seem to fairly regularly append to debug:/bcm_mem_lock_trace.log
resulting in a lot of noisy diffs.
The vdc_1 bit I was testing, but may not be necessary - I think that may
only update when a config change is saved, but doesn't seem to generate any
spurious changes in normal operation.

_______________________________________________
Rancid-discuss mailing list
Rancid-discuss@shrubbery.net
http://www.shrubbery.net/mailman/listinfo/rancid-discuss