Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. RANCID>
  3. Users
Fortigate Cluster uptime
merlin_rbs at hotmail
Jul 30, 2017, 2:26 AM
Post #1 of 7 (1218 views)
Permalink
Hi All,


Sorry to mail this out but I have searched through a number of groups and cant find anything that actually works. I recently upgraded my Fortinet FW cluster and, unfortunately, the config status displays a new line, "Cluster uptime", from the "get system ha status" cli. e.g.


!Virtual domains status: 1 in NAT mode, 0 in TP mode

!Virtual domain configuration: disable

!FIPS-CC mode: disable

!Current HA mode: a-p, master

- !Cluster uptime: 35 days, 19 hours, 40 minutes, 13 seconds

+ !Cluster uptime: 35 days, 20 hours, 40 minutes, 13 seconds

!Branch point: 1449

!Release Version Information: GA


The "Cluster uptime" means that I get an updated FW version mailed to me every hour of the day. I have tried a number of things to resolve this including:


1. I updated the fnrancid file with the below but both attempts failed:


sub GetConf {
print STDERR " In GetConf: $_" if ($debug);

while (<INPUT>) {
tr/\015//d;
next if /^\s*$/;
last if (/$prompt/);

# System time is fortigate extraction time
next if (/^\s*!System time:/);
# remove occurrances of conf_file_ver
next if (/^#?conf_file_ver=/);


# First think I tried

#remove occurances of Cluster Uptime
next if (/^\s*!Cluster uptime:/);


# next thing I tried.

#if (/^\s*!Cluster uptime:/) {
# ProcessHistory("","","","","","#$_");
# next;
#}


2. I tried other options e.g. writing something similar to the cycling password but I am afraid I reached the end of my skillset.

3. Finally I thought my Rancid server is pretty old 2.3.6 so I built a new rancid server (3.3.0) using Ubuntu 16.04 and updated the fnrancid again without success.


Two questions if I may:

1. Anyone know how I can ignore the Cluster uptime line?
2. If I move to using the new server is there a way to export the CVS history on the old server and import it on the new?


Thanks in advance! Your help is appreciated!


Cheers,
Re: Fortigate Cluster uptime [ In reply to ]
heas at shrubbery
Jul 31, 2017, 2:47 PM
Post #2 of 7 (1215 views)
Permalink
Sun, Jul 30, 2017 at 09:26:18AM +0000, Ryan:
> Hi All,
>
>
> Sorry to mail this out but I have searched through a number of groups and cant find anything that actually works. I recently upgraded my Fortinet FW cluster and, unfortunately, the config status displays a new line, "Cluster uptime", from the "get system ha status" cli. e.g.
>

rancid does not use that command. it uses only get system status. is that
command including this output now or have you changed your distribution?

> !Virtual domains status: 1 in NAT mode, 0 in TP mode
>
> !Virtual domain configuration: disable
>
> !FIPS-CC mode: disable
>
> !Current HA mode: a-p, master
>
> - !Cluster uptime: 35 days, 19 hours, 40 minutes, 13 seconds
>
> + !Cluster uptime: 35 days, 20 hours, 40 minutes, 13 seconds
>
> !Branch point: 1449
>
> !Release Version Information: GA
>
>
> The "Cluster uptime" means that I get an updated FW version mailed to me every hour of the day. I have tried a number of things to resolve this including:
>
>
> 1. I updated the fnrancid file with the below but both attempts failed:
>
>
> sub GetConf {
> print STDERR " In GetConf: $_" if ($debug);
>
> while (<INPUT>) {
> tr/\015//d;
> next if /^\s*$/;
> last if (/$prompt/);
>
> # System time is fortigate extraction time
> next if (/^\s*!System time:/);
> # remove occurrances of conf_file_ver
> next if (/^#?conf_file_ver=/);
>
>
> # First think I tried
>
> #remove occurances of Cluster Uptime
> next if (/^\s*!Cluster uptime:/);

no !.

>
> # next thing I tried.
>
> #if (/^\s*!Cluster uptime:/) {
> # ProcessHistory("","","","","","#$_");
> # next;
> #}
>
>
> 2. I tried other options e.g. writing something similar to the cycling password but I am afraid I reached the end of my skillset.
>
> 3. Finally I thought my Rancid server is pretty old 2.3.6 so I built a new rancid server (3.3.0) using Ubuntu 16.04 and updated the fnrancid again without success.
>
>
> Two questions if I may:
>
> 1. Anyone know how I can ignore the Cluster uptime line?
> 2. If I move to using the new server is there a way to export the CVS history on the old server and import it on the new?
>
>
> Thanks in advance! Your help is appreciated!
>
>
> Cheers,
>

> _______________________________________________
> Rancid-discuss mailing list
> Rancid-discuss@shrubbery.net
> http://www.shrubbery.net/mailman/listinfo/rancid-discuss

_______________________________________________
Rancid-discuss mailing list
Rancid-discuss@shrubbery.net
http://www.shrubbery.net/mailman/listinfo/rancid-discuss
Re: Fortigate Cluster uptime [ In reply to ]
merlin_rbs at hotmail
Jul 31, 2017, 3:39 PM
Post #3 of 7 (1215 views)
Permalink
Hi,


Thanks for the help. "get system status" also produces the line:

DCPGFW1 # get system status
<some other lines here>
Current HA mode: a-p, master
Cluster uptime: 37 days, 10 hours, 14 minutes, 55 seconds
System time: Tue Aug 1 10:35:45 2017

FYI I removed the ! from the line (next if (/^\s*Cluster uptime:/);) but I get a mail with the following:


#FIPS-CC mode: disable

#Current HA mode: a-p, master

- #Cluster uptime: 35 days, 20 hours, 37 minutes, 22 seconds

+ #Cluster uptime: 37 days, 10 hours, 16 minutes, 50 seconds


Thanks again.



________________________________
From: heasley <heas@shrubbery.net>
Sent: 31 July 2017 21:47:43
To: Ryan
Cc: rancid-discuss@shrubbery.net
Subject: Re: [rancid] Fortigate Cluster uptime

Sun, Jul 30, 2017 at 09:26:18AM +0000, Ryan:
> Hi All,
>
>
> Sorry to mail this out but I have searched through a number of groups and cant find anything that actually works. I recently upgraded my Fortinet FW cluster and, unfortunately, the config status displays a new line, "Cluster uptime", from the "get system ha status" cli. e.g.
>

rancid does not use that command. it uses only get system status. is that
command including this output now or have you changed your distribution?

> !Virtual domains status: 1 in NAT mode, 0 in TP mode
>
> !Virtual domain configuration: disable
>
> !FIPS-CC mode: disable
>
> !Current HA mode: a-p, master
>
> - !Cluster uptime: 35 days, 19 hours, 40 minutes, 13 seconds
>
> + !Cluster uptime: 35 days, 20 hours, 40 minutes, 13 seconds
>
> !Branch point: 1449
>
> !Release Version Information: GA
>
>
> The "Cluster uptime" means that I get an updated FW version mailed to me every hour of the day. I have tried a number of things to resolve this including:
>
>
> 1. I updated the fnrancid file with the below but both attempts failed:
>
>
> sub GetConf {
> print STDERR " In GetConf: $_" if ($debug);
>
> while (<INPUT>) {
> tr/\015//d;
> next if /^\s*$/;
> last if (/$prompt/);
>
> # System time is fortigate extraction time
> next if (/^\s*!System time:/);
> # remove occurrances of conf_file_ver
> next if (/^#?conf_file_ver=/);
>
>
> # First think I tried
>
> #remove occurances of Cluster Uptime
> next if (/^\s*!Cluster uptime:/);

no !.

>
> # next thing I tried.
>
> #if (/^\s*!Cluster uptime:/) {
> # ProcessHistory("","","","","","#$_");
> # next;
> #}
>
>
> 2. I tried other options e.g. writing something similar to the cycling password but I am afraid I reached the end of my skillset.
>
> 3. Finally I thought my Rancid server is pretty old 2.3.6 so I built a new rancid server (3.3.0) using Ubuntu 16.04 and updated the fnrancid again without success.
>
>
> Two questions if I may:
>
> 1. Anyone know how I can ignore the Cluster uptime line?
> 2. If I move to using the new server is there a way to export the CVS history on the old server and import it on the new?
>
>
> Thanks in advance! Your help is appreciated!
>
>
> Cheers,
>

> _______________________________________________
> Rancid-discuss mailing list
> Rancid-discuss@shrubbery.net
> http://www.shrubbery.net/mailman/listinfo/rancid-discuss
Re: Fortigate Cluster uptime [ In reply to ]
heas at shrubbery
Aug 1, 2017, 10:58 AM
Post #4 of 7 (1211 views)
Permalink
Mon, Jul 31, 2017 at 10:39:40PM +0000, Ryan:
> Hi,
>
>
> Thanks for the help. "get system status" also produces the line:

Index: bin/fnrancid.in
===================================================================
--- bin/fnrancid.in (revision 3719)
+++ bin/fnrancid.in (working copy)
@@ -188,6 +188,8 @@
next if (/^\s*Extended DB: .*/);
next if (/^\s*IPS-DB: .*/);
next if (/^FortiClient application signature package:/);
+ # Cluster uptime
+ next if (/^\s*Cluster uptime:/);

ProcessHistory("","","","#$_");
}

> DCPGFW1 # get system status
> <some other lines here>
> Current HA mode: a-p, master
> Cluster uptime: 37 days, 10 hours, 14 minutes, 55 seconds
> System time: Tue Aug 1 10:35:45 2017
>
> FYI I removed the ! from the line (next if (/^\s*Cluster uptime:/);) but I get a mail with the following:
>
>
> #FIPS-CC mode: disable
>
> #Current HA mode: a-p, master
>
> - #Cluster uptime: 35 days, 20 hours, 37 minutes, 22 seconds
>
> + #Cluster uptime: 37 days, 10 hours, 16 minutes, 50 seconds
>
>
> Thanks again.
>
>
>
> ________________________________
> From: heasley <heas@shrubbery.net>
> Sent: 31 July 2017 21:47:43
> To: Ryan
> Cc: rancid-discuss@shrubbery.net
> Subject: Re: [rancid] Fortigate Cluster uptime
>
> Sun, Jul 30, 2017 at 09:26:18AM +0000, Ryan:
> > Hi All,
> >
> >
> > Sorry to mail this out but I have searched through a number of groups and cant find anything that actually works. I recently upgraded my Fortinet FW cluster and, unfortunately, the config status displays a new line, "Cluster uptime", from the "get system ha status" cli. e.g.
> >
>
> rancid does not use that command. it uses only get system status. is that
> command including this output now or have you changed your distribution?
>
> > !Virtual domains status: 1 in NAT mode, 0 in TP mode
> >
> > !Virtual domain configuration: disable
> >
> > !FIPS-CC mode: disable
> >
> > !Current HA mode: a-p, master
> >
> > - !Cluster uptime: 35 days, 19 hours, 40 minutes, 13 seconds
> >
> > + !Cluster uptime: 35 days, 20 hours, 40 minutes, 13 seconds
> >
> > !Branch point: 1449
> >
> > !Release Version Information: GA
> >
> >
> > The "Cluster uptime" means that I get an updated FW version mailed to me every hour of the day. I have tried a number of things to resolve this including:
> >
> >
> > 1. I updated the fnrancid file with the below but both attempts failed:
> >
> >
> > sub GetConf {
> > print STDERR " In GetConf: $_" if ($debug);
> >
> > while (<INPUT>) {
> > tr/\015//d;
> > next if /^\s*$/;
> > last if (/$prompt/);
> >
> > # System time is fortigate extraction time
> > next if (/^\s*!System time:/);
> > # remove occurrances of conf_file_ver
> > next if (/^#?conf_file_ver=/);
> >
> >
> > # First think I tried
> >
> > #remove occurances of Cluster Uptime
> > next if (/^\s*!Cluster uptime:/);
>
> no !.
>
> >
> > # next thing I tried.
> >
> > #if (/^\s*!Cluster uptime:/) {
> > # ProcessHistory("","","","","","#$_");
> > # next;
> > #}
> >
> >
> > 2. I tried other options e.g. writing something similar to the cycling password but I am afraid I reached the end of my skillset.
> >
> > 3. Finally I thought my Rancid server is pretty old 2.3.6 so I built a new rancid server (3.3.0) using Ubuntu 16.04 and updated the fnrancid again without success.
> >
> >
> > Two questions if I may:
> >
> > 1. Anyone know how I can ignore the Cluster uptime line?
> > 2. If I move to using the new server is there a way to export the CVS history on the old server and import it on the new?
> >
> >
> > Thanks in advance! Your help is appreciated!
> >
> >
> > Cheers,
> >
>
> > _______________________________________________
> > Rancid-discuss mailing list
> > Rancid-discuss@shrubbery.net
> > http://www.shrubbery.net/mailman/listinfo/rancid-discuss
>

_______________________________________________
Rancid-discuss mailing list
Rancid-discuss@shrubbery.net
http://www.shrubbery.net/mailman/listinfo/rancid-discuss
Re: Fortigate Cluster uptime [ In reply to ]
merlin_rbs at hotmail
Aug 1, 2017, 2:07 PM
Post #5 of 7 (1211 views)
Permalink
Thanks! That worked. I had the "cluster uptime" line located in the wrong place. moving it to the location you showed (Line 184 in the script) sorted it out.

next if (/^FortiClient application signature package:/);
+ # Cluster uptime
+ next if (/^\s*Cluster uptime:/);

ProcessHistory("","","","#$_");
}


Cheers!

________________________________
From: heasley <heas@shrubbery.net>
Sent: 01 August 2017 17:58:21
To: Ryan
Cc: heasley; rancid-discuss@shrubbery.net
Subject: Re: [rancid] Fortigate Cluster uptime

Mon, Jul 31, 2017 at 10:39:40PM +0000, Ryan:
> Hi,
>
>
> Thanks for the help. "get system status" also produces the line:

Index: bin/fnrancid.in
===================================================================
--- bin/fnrancid.in (revision 3719)
+++ bin/fnrancid.in (working copy)
@@ -188,6 +188,8 @@
next if (/^\s*Extended DB: .*/);
next if (/^\s*IPS-DB: .*/);
next if (/^FortiClient application signature package:/);
+ # Cluster uptime
+ next if (/^\s*Cluster uptime:/);

ProcessHistory("","","","#$_");
}

> DCPGFW1 # get system status
> <some other lines here>
> Current HA mode: a-p, master
> Cluster uptime: 37 days, 10 hours, 14 minutes, 55 seconds
> System time: Tue Aug 1 10:35:45 2017
>
> FYI I removed the ! from the line (next if (/^\s*Cluster uptime:/);) but I get a mail with the following:
>
>
> #FIPS-CC mode: disable
>
> #Current HA mode: a-p, master
>
> - #Cluster uptime: 35 days, 20 hours, 37 minutes, 22 seconds
>
> + #Cluster uptime: 37 days, 10 hours, 16 minutes, 50 seconds
>
>
> Thanks again.
>
>
>
> ________________________________
> From: heasley <heas@shrubbery.net>
> Sent: 31 July 2017 21:47:43
> To: Ryan
> Cc: rancid-discuss@shrubbery.net
> Subject: Re: [rancid] Fortigate Cluster uptime
>
> Sun, Jul 30, 2017 at 09:26:18AM +0000, Ryan:
> > Hi All,
> >
> >
> > Sorry to mail this out but I have searched through a number of groups and cant find anything that actually works. I recently upgraded my Fortinet FW cluster and, unfortunately, the config status displays a new line, "Cluster uptime", from the "get system ha status" cli. e.g.
> >
>
> rancid does not use that command. it uses only get system status. is that
> command including this output now or have you changed your distribution?
>
> > !Virtual domains status: 1 in NAT mode, 0 in TP mode
> >
> > !Virtual domain configuration: disable
> >
> > !FIPS-CC mode: disable
> >
> > !Current HA mode: a-p, master
> >
> > - !Cluster uptime: 35 days, 19 hours, 40 minutes, 13 seconds
> >
> > + !Cluster uptime: 35 days, 20 hours, 40 minutes, 13 seconds
> >
> > !Branch point: 1449
> >
> > !Release Version Information: GA
> >
> >
> > The "Cluster uptime" means that I get an updated FW version mailed to me every hour of the day. I have tried a number of things to resolve this including:
> >
> >
> > 1. I updated the fnrancid file with the below but both attempts failed:
> >
> >
> > sub GetConf {
> > print STDERR " In GetConf: $_" if ($debug);
> >
> > while (<INPUT>) {
> > tr/\015//d;
> > next if /^\s*$/;
> > last if (/$prompt/);
> >
> > # System time is fortigate extraction time
> > next if (/^\s*!System time:/);
> > # remove occurrances of conf_file_ver
> > next if (/^#?conf_file_ver=/);
> >
> >
> > # First think I tried
> >
> > #remove occurances of Cluster Uptime
> > next if (/^\s*!Cluster uptime:/);
>
> no !.
>
> >
> > # next thing I tried.
> >
> > #if (/^\s*!Cluster uptime:/) {
> > # ProcessHistory("","","","","","#$_");
> > # next;
> > #}
> >
> >
> > 2. I tried other options e.g. writing something similar to the cycling password but I am afraid I reached the end of my skillset.
> >
> > 3. Finally I thought my Rancid server is pretty old 2.3.6 so I built a new rancid server (3.3.0) using Ubuntu 16.04 and updated the fnrancid again without success.
> >
> >
> > Two questions if I may:
> >
> > 1. Anyone know how I can ignore the Cluster uptime line?
> > 2. If I move to using the new server is there a way to export the CVS history on the old server and import it on the new?
> >
> >
> > Thanks in advance! Your help is appreciated!
> >
> >
> > Cheers,
> >
>
> > _______________________________________________
> > Rancid-discuss mailing list
> > Rancid-discuss@shrubbery.net
> > http://www.shrubbery.net/mailman/listinfo/rancid-discuss
>
Re: Fortigate Cluster uptime [ In reply to ]
Chris.Davis at principia
Mar 28, 2018, 7:51 AM
Post #6 of 7 (1074 views)
Permalink
Just ran into this as well when I upgraded my clusters. I was wondering if this change has been added to the distribution. Probably be a good time for me to upgrade Rancid if it has been.

Thanks.
Chris

From: Rancid-discuss <rancid-discuss-bounces@shrubbery.net> on behalf of Ryan <merlin_rbs@hotmail.com>
Date: Wednesday, August 2, 2017 at 5:45 AM
To: heasley <heas@shrubbery.net>
Cc: "rancid-discuss@shrubbery.net" <rancid-discuss@shrubbery.net>
Subject: Re: [rancid] Fortigate Cluster uptime


Thanks! That worked. I had the "cluster uptime" line located in the wrong place. moving it to the location you showed (Line 184 in the script) sorted it out.

next if (/^FortiClient application signature package:/);
+ # Cluster uptime
+ next if (/^\s*Cluster uptime:/);

ProcessHistory("","","","#$_");
}



Cheers!

________________________________
From: heasley <heas@shrubbery.net>
Sent: 01 August 2017 17:58:21
To: Ryan
Cc: heasley; rancid-discuss@shrubbery.net
Subject: Re: [rancid] Fortigate Cluster uptime

Mon, Jul 31, 2017 at 10:39:40PM +0000, Ryan:
> Hi,
>
>
> Thanks for the help. "get system status" also produces the line:

Index: bin/fnrancid.in
===================================================================
--- bin/fnrancid.in (revision 3719)
+++ bin/fnrancid.in (working copy)
@@ -188,6 +188,8 @@
next if (/^\s*Extended DB: .*/);
next if (/^\s*IPS-DB: .*/);
next if (/^FortiClient application signature package:/);
+ # Cluster uptime
+ next if (/^\s*Cluster uptime:/);

ProcessHistory("","","","#$_");
}

> DCPGFW1 # get system status
> <some other lines here>
> Current HA mode: a-p, master
> Cluster uptime: 37 days, 10 hours, 14 minutes, 55 seconds
> System time: Tue Aug 1 10:35:45 2017
>
> FYI I removed the ! from the line (next if (/^\s*Cluster uptime:/);) but I get a mail with the following:
>
>
> #FIPS-CC mode: disable
>
> #Current HA mode: a-p, master
>
> - #Cluster uptime: 35 days, 20 hours, 37 minutes, 22 seconds
>
> + #Cluster uptime: 37 days, 10 hours, 16 minutes, 50 seconds
>
>
> Thanks again.
>
>
>
> ________________________________
> From: heasley <heas@shrubbery.net>
> Sent: 31 July 2017 21:47:43
> To: Ryan
> Cc: rancid-discuss@shrubbery.net
> Subject: Re: [rancid] Fortigate Cluster uptime
>
> Sun, Jul 30, 2017 at 09:26:18AM +0000, Ryan:
> > Hi All,
> >
> >
> > Sorry to mail this out but I have searched through a number of groups and cant find anything that actually works. I recently upgraded my Fortinet FW cluster and, unfortunately, the config status displays a new line, "Cluster uptime", from the "get system ha status" cli. e.g.
> >
>
> rancid does not use that command. it uses only get system status. is that
> command including this output now or have you changed your distribution?
>
> > !Virtual domains status: 1 in NAT mode, 0 in TP mode
> >
> > !Virtual domain configuration: disable
> >
> > !FIPS-CC mode: disable
> >
> > !Current HA mode: a-p, master
> >
> > - !Cluster uptime: 35 days, 19 hours, 40 minutes, 13 seconds
> >
> > + !Cluster uptime: 35 days, 20 hours, 40 minutes, 13 seconds
> >
> > !Branch point: 1449
> >
> > !Release Version Information: GA
> >
> >
> > The "Cluster uptime" means that I get an updated FW version mailed to me every hour of the day. I have tried a number of things to resolve this including:
> >
> >
> > 1. I updated the fnrancid file with the below but both attempts failed:
> >
> >
> > sub GetConf {
> > print STDERR " In GetConf: $_" if ($debug);
> >
> > while (<INPUT>) {
> > tr/\015//d;
> > next if /^\s*$/;
> > last if (/$prompt/);
> >
> > # System time is fortigate extraction time
> > next if (/^\s*!System time:/);
> > # remove occurrances of conf_file_ver
> > next if (/^#?conf_file_ver=/);
> >
> >
> > # First think I tried
> >
> > #remove occurances of Cluster Uptime
> > next if (/^\s*!Cluster uptime:/);
>
> no !.
>
> >
> > # next thing I tried.
> >
> > #if (/^\s*!Cluster uptime:/) {
> > # ProcessHistory("","","","","","#$_");
> > # next;
> > #}
> >
> >
> > 2. I tried other options e.g. writing something similar to the cycling password but I am afraid I reached the end of my skillset.
> >
> > 3. Finally I thought my Rancid server is pretty old 2.3.6 so I built a new rancid server (3.3.0) using Ubuntu 16.04 and updated the fnrancid again without success.
> >
> >
> > Two questions if I may:
> >
> > 1. Anyone know how I can ignore the Cluster uptime line?
> > 2. If I move to using the new server is there a way to export the CVS history on the old server and import it on the new?
> >
> >
> > Thanks in advance! Your help is appreciated!
> >
> >
> > Cheers,
> >
>
> > _______________________________________________
> > Rancid-discuss mailing list
> > Rancid-discuss@shrubbery.net
> > http://www.shrubbery.net/mailman/listinfo/rancid-discuss
>
Re: Fortigate Cluster uptime [ In reply to ]
heas at shrubbery
Mar 29, 2018, 12:58 PM
Post #7 of 7 (1073 views)
Permalink
Wed, Mar 28, 2018 at 02:51:38PM +0000, Chris Davis:
> Just ran into this as well when I upgraded my clusters. I was wondering if this change has been added to the distribution. Probably be a good time for me to upgrade Rancid if it has been.
>

it is in 3.7.

_______________________________________________
Rancid-discuss mailing list
Rancid-discuss@shrubbery.net
http://www.shrubbery.net/mailman/listinfo/rancid-discuss

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal