summaryrefslogtreecommitdiffstats
path: root/CHANGES
blob: 45a0ee37f6c8094c74227e1b807981140039152d (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
2.3.1
	jerancid: fail/retry if the RP is syncing to the backup - Dave Mack

	clogin:	cat 19k lacks a space in front of pager prompt - darren @ adam

	nlogin: correct find(sshcmd) argument - from Samuele Giovanni Tonon

	lg.cgi: allow :s in arguments for sub-interface from Richard Doty

	jrancid: filter some more secrets

	rancid: filter some more secrets

	francid: bits for Mucho Grande - from Niels Bakker

	add -- before (telnet|ssh) in call to hpuifilter so that any options
	for telnet/ssh are not interpretted by hpuifilter

	look for diff -U if diff -u fails in configure.

	fix typo in nlogin that made cloginrc password lookups fail.

2.3
	The following files have been moved to make rancid more
	install/pkg/port/rpm friendly.
		*** bin/env has been moved to etc/rancid.conf ***
		*** bin/hpfilter has been renamed hpuifilter ***
		*** util/lg/lg.conf has been moved to etc/lg.conf ***
		*** util/lg/lg*.cgi have been moved to bin/lg*cgi ***
		*** bin/create_cvs has been renamed rancid-cvs ***
		*** bin/do-diffs has been renamed rancid-run ***
	Note: existing configuration files are *NOT* copied/moved for you

	bin/rename is no longer shipped with rancid

	rancid.conf: add MAILDOMAIN knob - from David C.

	clogin: allow the port to be specified for method ssh

	jlogin: add cloginrc passphrase directive and order of precedence is
	cmd-line -r value -> passphrase -> password

	xrancid: do 'show diag' instead of 'show diagnostics' as the
	longer version has sometimes timed out.

	rancid: filter file vlan.dat from show flash on IOS switches

	rancid: parse cisco 1760's DSP slot show diag output

	francid: reorder listing of ports in a vlans - from Niels Bakker and
	Steven Bakker

	clogin: disable session logging w/ -c on catos - from Jason Ornstein

	rancid: add Processor ID to save output

	*login: handle TCL meta-characters in cloginrc directive values

	francid: correctly parse modules in slots >= 10.  from Niels Bakker

	run cvs delete code even when router.db is empty.

	Riverstone/Enterasys updates from Andrew Fort

	rancid.conf: add LOGDIR variable - see rancid.conf(5)

	rancid: add show spe version and parse FRU show diag output
	- from Yuval Ben-Ari.

	add option --enable-adminmail-plus to configure

	jrancid: collect show chassis alarms

	rancid: skip show vlan for (3550|4500|7600) - from Andrew Fort

	rancid: collect 6500 slave sup bootflash - from Andrew Fort

	rancid: show diag updates for 1700, 3700, etc - help from Michael Haba

	The Extreme does not have an 'enable' level, so make sure
	you have 'set autoenable' for it in your .cloginrc so clogin
	will work.

	add Cisco CSS support - from Wedge Martin

	*login: add cloginrc sshcmd directive - idea from steve neighorn

	rancid: IOS show version changes w/ 12.3 - from Yuval Ben-Ari

	support for hitachi routers - from Mohacsi Janos

	strip WS around router.db fields - from Alastair Galloway

	add goveling of 2600 mainboard port adapter info

	*login: also check LOGNAME for default username - from Fredrik Thulin

	jerancid: add matches for "Please wait" to all functions -
	reported by Dave Mack

	fnrancid: Fortigate support - from D. Pfleger

	nlogin: Fix prompt groveling when running a cluster - from D. Pfleger

	nrancid: filter "set admin user" - from D. Pfleger

	rancid: do both 'write term' and 'show running-config' and
	keep the output from the first one that works.  As cisco
	phases out 'write term', this will keep things working.

	jerancid: filter host ... ftp, encrypted passwords oscillate - reported
	by Dave Mack.

	rivlogin: add "User:" as a possible username prompt (u_prompt) for
	some platforms - from Adam Rothschild

	cat 3500 s/n and pix failover license - from Rob Evans

	recognize cisco ContentEngine - from Rob Evans

	Juniper ERX (jerancid) support, based on 5.0 - thanks to Dan Pfleger,
	Richard Russman, Zaid, Mike Baker, and Mark Nguyen

	rancid: drop the "suggested action" portion of GSR LC/RP ROM upgrade
	warnings.  Cisco keeps changing the format; it just is not worth the
	aggrevation.

	study causes missed command somehow in redhat9 - from David King

	filter port security mac entries, from Arnold Nipper

	add Procket Networks support, "prancid"

	filter ipsec keys in rancid & jrancid.

	rancid: collect show idprom backplane (6500 cmd); this could collect
	more - request from jared mauch

	rancid: order all 'ip host' commands.

	rancid: collect show rsp chassis-info

	rancid: filter HSRP auth and SSA key-string reversable passwords

	lg: set query/command list in lg.conf, thus allowing individual cmds
	to {dis,en}abled, and add some multicast and ipv6 queries all of which
	are disabled by default (for lack of testing) - from Janos Mohacsi

	cat5rancid: collect 'write term all' for cats that support it - tested
	by terry kennedy and joe rizzo

	cat5rancid: regularize escaping of regex operators in switch prompt

	nsrancid: include "get log setting", as suggested by gael canal.

	add manpage note about log_user with -s, from mail list discussion

	xrancid: Handle end of ssh connection a bit better.

	jrancid: skip master/backup re msgs

	*rancid: escape regex chars found in prompt

	xrancid: also collect 'show configuration detail'

	hlogin: allow the port to be specified for method ssh and
	add path to hlogin to env(PATH) for locating hpfilter

	hpfilter: allow >2 arguments so that telnet port number can be passed.

	rancid: gsr RP slot warning is only 1 line - Russell Heilling

	add zrancid to handle zebra routing s/w

	add riverstone support - from Jim Meehan.  thanks to Hong Luo for
	access to a riverstone to test.  Kevin Chan reports that this works
	for Cabletron routers with more recent s/w (~v9.0.3).

	jrancid: fix handling of reversible keys such that trailing text is
	not removed

	rancid: slave/redundancy stuff - from stephen griffin

	rancid: show version bootstrap format changed in 12.0(23)S

	rancid: make sure we filter PIX pager prompts

	xrancid: make xrancid work when the extreme has pending changes.

	netscaler support - from Anshuman Kanwar.

	netscreen firewall support - from Stephen Gill

	rancid: include additional cpu info from show version in !CPU: line.

	lucent tnt support - from Richard Vander Reyden

	rancid: skip consecutive comment lines.  on some access servers the
	number of comment lines oscillate.

	lg.conf: add LG_STYLE variable for style sheet - from Janos Mohacsi

	also install the FAQ - good idea from Janos Mohacsi's freshport

	rancid: filter 'cable shared-secret'

2.2.2
	*login: fix handling of userprompt et al so that {}'s are used in
	.cloginrc as they are with every other .cloginrc directive.

	f10rancid: Fix to pick up new info in show version output.

	jrancid: Ignore Timecounter "TSC" in show system boot-messages output.

	rancid: filter tty line speed when configured for auto-configure

	flogin: bring login() and do_enable() in-line with [cj]login.  also
	match "telnet server disabled" - from brad volz.

	control_rancid: report devices added to router.db - from Fredrik Thulin
	also eliminate empty up/down lists.

	rancid/jrancid: filter isis passwords - partial from Janos Mohacsi

	lg: make o/p from the lg stream (unbuffered), so one doesnt have
	to wait for entire o/p from the router in a failing traceroute, for
	example.  suggestion and clues from alexander koch.  while here, fix
	cache handling so 1) it doesnt cache cmds that resulted in an error or
	otherwise failed and 2) log and run the cmd as normal if there are
	problems opening a cache file.

	lg: make logging more consistent.  log as defined by LG_LOG if
	possible and stderr as last resort.  it was logging largely to stderr.
	and make exit-code small (instead of 255); some wait()s only look at
	the first 3 bits

	lg: add check in lg.cgi that router name appears in the router.db
	and is thus accessible.  from richard doty.  also fix-up a few
	comments and such.

	rancid: GSR LC PCA h/w revision now called "design release" on
	some platforms.  CSCdw13295

	add util/getipacctg example script - contrib from steve neighorn

2.2.1
	rancid: npe400 cpu eeprom info o/p format changed in 12.0.21S1 -
	spotted by tom campbell

	fix problem in *login where if there was a login failure we would try
	to disconnect gracefully (albeit incorrectly).  writing to the
	half-closed socket would not return an error (at least on some
	platform/expect combinations or even consistently) and expect would
	hang.

	add device name to diff mail subject when -r is specified

	add -m <mail rcpt> option to do-diffs and control_rancid to allow
	specific mail recipient.  intended for use with -r to trigger diffs
	off specific events.

	router.db(5): note that PIX is a 'cisco' - thank kris gulka

	*login: match openssh prompt for host key to ip key mismatch

	rancid: add disk/slot2

	rancid: 12.2 show c7200 o/p for midplane changed

	lg: use table inet.0 terse for sh ip route on juniper instead of
	forwarding-table destination

	rancid: 12.0S(21) added "FRU" field in show diagbus output.
	Also look for a couple more things in some show diag output
	and sort the output a bit better.  Also look for 'controler'
	(cisco can't always spell - thanks to Terry Kennedy for
	spotting the misspelling).

	lg: filter ["`'] from args

	rancid: fix username secret filtering

	alogin: misplaced brace caused improper return from proc login

	relax the check ping and traceroute check of hostname arguments such
	that non-fqdn hosts are allowed.  i.e.: just check that arg chars are
	valid dns chars and leave the resolve errors to the router.

	Add initial support for Force10.

2.2
	rancid: filter vpdn passwords on PIX - from eric greenwood

	*rancid: handle variable amounts of spaces in front of
	' password' correctly.

	rancid: remove key from "crypto isakmp key".

	*login: cleanup login() to be more generic and handle openssh password
	reprompting

	clogin: fix clogin -x for config mode by adjusting the prompt regex

	lg.conf: add LG_INFO to append local information to the main form

	{cat5}rancid: add dir of sup-{bootflash,microcode} for 6500

	*rancid: print $host before "missed cmds", "unexpected command",
	and "End of run" messages.

	cat5 module type match failed when user module name contained spaces

	add FILTER_PWDS switch to env(5)

	add merit MRTd support

	add -r <device> option to do-diffs and control_rancid

	brancid: handle []'s in bay prompts and drop lock-address from config
	- from mark cooper

	extreme: strip password if config|configure.  Strip ^M
	right after ssh key.

	Look for BOOTLDR: on ciscos.

	add par.1 manpage

	allow a TCP port suffix to telnet in .cloginrc - from Alex Bochannek

	Fixed RANCID-CONTENT-TYPE to be more consistant.  Changes are
		brancid		bay
		cat5rancid	cisco-cat
		erancid		adc-ezt3

	jlogin should not look for username@router in .cloginrc

	filter foundry ssh private key

	filter '#Time" from catalyst 4 write term

	display platform specific command in lookingglass results - patch
	from Janos Mohacsi

	add support for HP procurve switches, in particular 2524M and 4108gl.
	thanks to hp for the loaners.

	filter encrypted passwords on alteon as the change for each display

	More support for Redbacks.

	rancid now looks for "[kK] bytes" and "slot|disk".

	clogin now looks for "login:" as well as "Login:" and
	escapes "[]" in $prompt.

2.2b8
	add PAR_COUNT variable to bin/env for adjusting the number of
	simultaneous collections.  see bin/env (or bin/env.new for those with
	previous installation) and the env(5) manpage.

	more work on extreme switch bits + fixes from Alex Bochannek.

	jlogin: add 1s sleeps to avoid passwords being echo'd before tty noecho
	is set.  richard doty

	few looking glass fixes

	brancid: filter uptime and add -all option to config for bayrs version
	14.  from mordechai abzug

	jrancid: m160 measured chassis clock MHz fluctuates, trim the
	decimal places.  from Mark A Gebert.

	par: -x fix for log file monitoring killing xterms.  from rdrake.

2.2b7
	brancid: patch to filter community strings from Mark Cooper

	do-diffs: trap'ing SEGV (11) causes error on solaris.

2.2b6
	baynetworks/nortel support from Mark Cooper.  thanks mark!

	jlogin was overloading -p's variable causing proc login to fail on 2nd
	router on cmd-line

2.2b5
	fix regex error in clogin affecting catalysts

	clogin attempts to grope entire prompt after login

	*login need to catch{} -x cmd file open so expect doesnt puke if
	there is an error opening the file

2.2b4
	add extreme switch bits

	cisco changed the o/p fmt of h/w info on the 65xx in 12.1.8e

	PIX520 supplies different more(1) prompt than others.  from William R
	Thomas.

	fix typo in jlogin.  from richard doty.

	add 2 example expect script for clogin -s

	handle foundrys and more juniper bits in the lookingglass

	add LG_STRIP knob to strip login o/p in the lookingglass

	add LG_BGP_RT knob to {dis}allow heavy o/p sh ip bgp neighbor LG cmds

	bin/clogin shouldnt insist upon an enable password with -noenable option

2.2b3
	bin/rancid changes for cisco 124xx

	some serial controllers (PAs) have predefined cable-type in show
	controllers.  M8T-V.35 was being missed.

	modify jlogin to grope the full prompt after login such that -x
	can be used within configuration mode.  note: this turns $prompt into
	a regexp, WRT -s scripts and -re option for expect's.

	add -Evar=x option to pass variables to scripts.  e.g.:
		clogin -Evariable=something router...
		clogin -Evariable=a,b,c [i.e.: an array/list which user splits]

2.2b2
	fix jlogin's password/userpassword functionality which broke when
	cmd-line options were made consistent.

	add check for config/* files missing from the cvs repository.

	add 2 juniper config checks to avoid truncation. 1) config should
	have at least 1 "section" amounting to at least 3 lines and 2) if
	a mgd version mismatch exists, there may be inaccuracies.

	convert usage of Mail to sendmail for portability.  local .mailrc
	aliases can no longer be used.

	bin/alogin and changes (of beta quality) for Alteon WebOS switch
	from andrew fort.

	Check for more types of cisco 12000s.  Also check for 2600s.

	jrancid's show chassis hardware needs detail arg in junos 4.4

	make *login print \n before errors, so rancid can use an anchored
	match to find login errors and avoid such matches in router o/p.

	make *login automatically add host keys with openssh's prompting

	All routers not listed as 'up' in router.db are considered down.
	This allows values other than down to mean 'not up'.  for use
	by util/downreport.

2.1
	Change default umask to 027 (it was 007) mainly as an
	attempt to stop people from changing stuff in rancid's CVS
	store.  Only rancid should be updating its CVS store.

	control_rancid cvs updates router.db before starting a
	group's collection.

	configure now has a --enable-mail-plus option to have rancid
	send mail to rancid+$GROUP instead of to rancd-$GROUP.
	Patch from davidw@certaintysolutions.com.

	configure should figure out diff options on it's own.

	try to get default user from env() and catch exec on id in *login

	make clean/distclean was missing some files

	make sure do-diffs cleans up after itself if it exits prematurely

	ignore case when cvs delete'g removed routers

	francid/rrancid (foundry/redback) now strip snmp communities like
	the others, via NOCOMMSTR var in bin/env.

	add man pages

	collect 'sh vlan' on cat 6000 - afort@choqolat.org

	Add 'show vtp status' for the 3500XLs as well.

	Escape regex meta-chars found in device prompts in *rancid

	Add "include" directive to include other pwd files via .cloginrc

	Add "show port ifindex" for the cat5s.

	Try to detect flash being busy on a cat5.

	Tag each config file with its 'type'.  E.g.:
		!RANCID-CONTENT-TYPE: cisco

	fix from afort@staff.webcentral.com.au to lg.cgi to allow prefix-list
	with numerals.

	fix lg form's formatting (on some browsers/conditions).  Thanks to
	rrashid@verio.net for the html help.

2.1b
	add looking glass utility based on Ed Kern's original source.  Thanks
	to Ed for permission to include it with rancid.  this is only partially
	tested.

	fixed expect foo in *login when .cloginrc is unreadable.

	Don't sort 'ip name-server' - order matters.

2.0
	Better formatting for cisco catalyst [non-ios] switches.

	Better support the cisco 3500 switches.

	Get some info out of "show version" for the cat5ks.
	cat5k "show boot" does variables, not bootflash.
	Skip more goo from 'write term' on some cat5ks.

	Collect 'show module' for 6500-ios.

	Revamp *login's use of .cloginrc's method directive. see
	cloginrc.sample.

	Add bits for Cisco PIX.  Thanks to joe rizzo@EA for access to a PIX.

	Sort usernames on ciscos.
	Get more info out of "show diag" on the GSR.

	Add "show chassis sfm detail" for the M160.

	Leave router type in place when telling about changes to
	router.db.

	Add autoconf (configure) and makefile bits to automate install
	and perl/expect replacement

1.6
	Add "dir nvram:" to rancid.

	Add support for ADC EZ T3 mux.  adapted from tkenndedy@verio.net's
	contrib.

	strip (try to) snmp community strings from cisco and juniper configs
	if environment variable NOCOMMSTR is set.

	merge tkennedy@verio.net's support for cisco 2900xl into rancid

	Ignore "fan spinning at" noise on junipers.

1.5
	sync command-line option between clogin / jlogin.  jlogin modified:
		-x passphrase   ->	-r passphrase
				->	-x command-file
		-e encrypt type ->	-y ssh_chyper_type

	add .cloginrc noenable directive to set the cmd-line -noenable
	option.

	add .cloginrc userprompt, passprompt, and enableprompt directives
	to adjust expected cisco router prompts in clogin.

	see README for info on web interface to rancid CVS repository.

	Try to detect hung rancid jobs & send email.

	Add (partial) support for the cat5s.  Still need more work
	on the show output, but it does grab the config.

	Skip the juniper's kernel version, memory, and fsck output
	of "show system boot-messages" - fsck output changes every
	time you boot and the version & memory is better found
	elsewhere.

	Delete the cisco ospf authentication and ftp passwords.

	Get both (juniper) show chassis ssb and scb but only process
	them once.

	Get info from show diag for 2600s as well.

	Catch juniper "command is not valid on the olive" errors.

	Catch juniper config mismatch between versions of JUNOS.

	Catch close on EOF in clogin/jlogin/flogin.

	Don't expand RCS keywords in config files.

	Catch the case were rancid gets and error and leaves an
	empty new config file.

	Make the time to elapse before complaining about unreachable
	routers be configurable instead of fixed at 24 hrs.  The
	default is now 4 hours.

	Add -x passphrase to jlogin.

	You can now set a ssh identity file in .cloginrc for use
	with jlogin.

	Handle more errors in jrancid.  Also handle changes for
	JUNOS 4.0 and collect "show system boot-messages" output.

	rancid now recognizes cisco 12016s and more types of 7200s.
	It also looks for WARNING messages in show version.
	And sort ip explicit-paths.

1.4
	sort cisco route-maps

	added (crude) foundry switch bits

	reworked code to reduce jumps. improvement in speed/cpu util.

	add bits to cvs delete configs which have been removed from
	a group's router.db.

	add support for redback.  modified from contrib by scao@verio.net.

	add support for ssh in clogin

	modify format of the admin up/down/delete'd msgs.

	add NOPIPE bin/env var

	order ARP lists in cisco configs

1.3
	update comments re: mail aliases in bin/env

	add more info/clarification to README for install.

1.2
	add more info/clarification to README for install.

	rename .cloginrc.sample -> cloginrc.sample.

	clogin patch (courtesy stephen stuart); does two things:

	- adds a "-x" switch that takes lines from a file and does the same
	thing as if you'd specified ;-separated commands with -c (newline
	separates commands).  thanks to stephen stuart.

	- does a subst on commands in run_commands so that expansion of
	escapes is performed; e.g. you can say "copy rcp://blah slot0:\r" to
	answer the question that comes after the copy command.