Mailing List Archive: Fortigate updates Antivirus db IPS db hogging rancid

Fortigate updates Antivirus db IPS db hogging rancid

Mar 29, 2019, 4:45 AM

Post #1 of 3 (520 views)

Hi Rancid Community,

I am backing up Fortigate devices with the new Debian Rancid ver. 3.9.1,

but the updates for antivirus IPS are hogging rancid, I have commented out
"get system status" as below however I am still getting system statuses

help would be apprenticed greatly

extract /etc/rancid/rancid.types.base

#
fortigate-full;script;rancid -t fortigate
fortigate-full;login;fnlogin
fortigate-full;timeout;90
fortigate-full;module;fortigate
fortigate-full;inloop;fortigate::inloop
#fortigate-full;command;fortigate::GetSystem;get system status
fortigate-full;command;fortigate::GetConf;show full-configuration

eg: output in rancid update

retrieving revision 1.176
diff -u -4 -r1.176 fortigate-fw
@@ -1,9 +1,9 @@
#RANCID-CONTENT-TYPE: fortigate
#
#Version: FortiGate-100E v6.0.3,build0200,181009 (GA)
- #Virus-DB: 67.00399(2019-03-29 23:15)
- #Extended DB: 67.00399(2019-03-29 23:15)
+ #Virus-DB: 67.00401(2019-03-29 01:15)
+ #Extended DB: 67.00401(2019-03-29 01:15)
#IPS-DB: 14.00582(2019-03-28 00:00)
#IPS-ETDB: 0.00000(2001-01-01 00:00)
#APP-DB: 14.00582(2019-03-28 00:00)
#INDUSTRIAL-DB: 6.00741(2015-12-01 02:30)

Regards

Juan

Re: Fortigate updates Antivirus db IPS db hogging rancid [ In reply to ]

heas at shrubbery

Mar 29, 2019, 9:24 AM

Post #2 of 3 (519 views)

Permalink

Fri, Mar 29, 2019 at 01:45:26PM +0200, Linux Threads:
> Hi Rancid Community,
>
> I am backing up Fortigate devices with the new Debian Rancid ver. 3.9.1,
>
> but the updates for antivirus IPS are hogging rancid, I have commented out
> "get system status" as below however I am still getting system statuses
>
> help would be apprenticed greatly
>
> extract /etc/rancid/rancid.types.base
>
> #
> fortigate-full;script;rancid -t fortigate
> fortigate-full;login;fnlogin
> fortigate-full;timeout;90
> fortigate-full;module;fortigate
> fortigate-full;inloop;fortigate::inloop
> #fortigate-full;command;fortigate::GetSystem;get system status
> fortigate-full;command;fortigate::GetConf;show full-configuration
>
> eg: output in rancid update
>
> retrieving revision 1.176
> diff -u -4 -r1.176 fortigate-fw
> @@ -1,9 +1,9 @@
> #RANCID-CONTENT-TYPE: fortigate
> #
> #Version: FortiGate-100E v6.0.3,build0200,181009 (GA)
> - #Virus-DB: 67.00399(2019-03-29 23:15)
> - #Extended DB: 67.00399(2019-03-29 23:15)
> + #Virus-DB: 67.00401(2019-03-29 01:15)
> + #Extended DB: 67.00401(2019-03-29 01:15)

these will be filtered with rancid.conf:FILTER_OSC=ALL

> #IPS-DB: 14.00582(2019-03-28 00:00)
> #IPS-ETDB: 0.00000(2001-01-01 00:00)
> #APP-DB: 14.00582(2019-03-28 00:00)
> #INDUSTRIAL-DB: 6.00741(2015-12-01 02:30)
>
> Regards
>
> Juan

> _______________________________________________
> Rancid-discuss mailing list
> Rancid-discuss@shrubbery.net
> http://www.shrubbery.net/mailman/listinfo/rancid-discuss

_______________________________________________
Rancid-discuss mailing list
Rancid-discuss@shrubbery.net
http://www.shrubbery.net/mailman/listinfo/rancid-discuss

Re: Fortigate updates Antivirus db IPS db hogging rancid [ In reply to ]

linuxthreads at gmail

Apr 2, 2019, 12:42 AM

Post #3 of 3 (515 views)

Permalink

HI Rancid Community,

Thank you Heasley, that seem to have done the trick,
rancid.conf:FILTER_OSC=ALL

Regards

Juan

On Fri, 29 Mar 2019 at 18:24, heasley <heas@shrubbery.net> wrote:

> Fri, Mar 29, 2019 at 01:45:26PM +0200, Linux Threads:
> > Hi Rancid Community,
> >
> > I am backing up Fortigate devices with the new Debian Rancid ver. 3.9.1,
> >
> > but the updates for antivirus IPS are hogging rancid, I have commented
> out
> > "get system status" as below however I am still getting system statuses
> >
> > help would be apprenticed greatly
> >
> > extract /etc/rancid/rancid.types.base
> >
> > #
> > fortigate-full;script;rancid -t fortigate
> > fortigate-full;login;fnlogin
> > fortigate-full;timeout;90
> > fortigate-full;module;fortigate
> > fortigate-full;inloop;fortigate::inloop
> > #fortigate-full;command;fortigate::GetSystem;get system status
> > fortigate-full;command;fortigate::GetConf;show full-configuration
> >
> > eg: output in rancid update
> >
> > retrieving revision 1.176
> > diff -u -4 -r1.176 fortigate-fw
> > @@ -1,9 +1,9 @@
> > #RANCID-CONTENT-TYPE: fortigate
> > #
> > #Version: FortiGate-100E v6.0.3,build0200,181009 (GA)
> > - #Virus-DB: 67.00399(2019-03-29 23:15)
> > - #Extended DB: 67.00399(2019-03-29 23:15)
> > + #Virus-DB: 67.00401(2019-03-29 01:15)
> > + #Extended DB: 67.00401(2019-03-29 01:15)
>
> these will be filtered with rancid.conf:FILTER_OSC=ALL
>
> > #IPS-DB: 14.00582(2019-03-28 00:00)
> > #IPS-ETDB: 0.00000(2001-01-01 00:00)
> > #APP-DB: 14.00582(2019-03-28 00:00)
> > #INDUSTRIAL-DB: 6.00741(2015-12-01 02:30)
> >
> > Regards
> >
> > Juan
>
> > _______________________________________________
> > Rancid-discuss mailing list
> > Rancid-discuss@shrubbery.net
> > http://www.shrubbery.net/mailman/listinfo/rancid-discuss
>
>