• About

blog.alam.rocks

blog.alam.rocks

Tag Archives: RANCID

RANCID/WebSVN CentOS Howto

20 Wednesday Nov 2013

Posted by Fakrul Alam in My Work

≈ Leave a comment

Tags

centos, network management, RANCID, websvn

Note:
1. Commands preceded with “$” imply that you should execute the command as a general user – not as root.
2. Commands preceded with “#” imply that you should be working as the root user.

Install Rancid

# yum install rancid

Configuration

1. Edit /etc/rancid/rancid.conf

# vi /etc/rancid/rancid.conf

2. Find this line in rancid.conf:

#LIST_OF_GROUPS=”sl joebobisp”

And, underneath it add the following line:

LIST_OF_GROUPS=”bdnog”

We want to use Subversion for our Version Control System, and not CVS, so find the line with the parameter RCSSYS:

RCSSYS=cvs; export RCSSYS

And, change it to:

RCSSYS=svn; export RCSSYS

and the line with CVSROOT:

CVSROOT=$BASEDIR/CVS; export CVSROOT

And, change it to:

CVSROOT=$BASEDIR/svn; export CVSROOT

Note the lowercase “svn”. Now exit and save the file.

3. Change to the rancid user:

# su -s /bin/bash rancid

Check that you ARE the rancid user:

$ id

4. Create /var/rancid/.cloginrc

$ vi /var/rancid/.cloginrc
add user *.bdnog.org ssh_username
add password *.bdnog.org ssh_user_pass enable_pass
add method *.bdnog.org ssh

Note: You can also add IP address if you like to backup specific router/switch

add password 10.156.1.1 {user_password} {enable_password}

$ chown rancid:rancid /var/rancid/.cloginrc
$ chmod 600 /var/rancid/.cloginrc

5. Test login to the router of your group:

$ /usr/libexec/rancid/clogin rtrX.bdnog.org

[After successful execution, you will be login to router enable mode]

6. Initialize the SVN repository for rancid:

$ /usr/libexec/rancid/rancid-cvs

7. Create the router.db file:

$ vi /var/rancid/bdnog/router.db

Add this line. Replace X with your group no.

rtrX.bdnog.org:cisco:up

8. Run rancid!

$ /usr/libexec/rancid/rancid-run

9. Look at the configs. The backed up configs will be saved in /var/rancid/<GROUP_NAME>/configs. In our cases group name is “bdnog”:

$ cd /var/rancid/bdnog/configs
$ less rtrX.bdnog.org

10. Check the rancid log files:

$ cd /var/log/rancid
$ ls -ll

Email Alert Configuration

1. Edit /etc/rancid/rancid.conf

Add this to the /etc/aliases file: (group names have to be named rancid-admin-<group listed in rancid.conf file) and rancid-<group listed in rancid.conf file>)

# Groups for rancid
rancid-admin-all: noc@bdnog.org
rancid-all: noc@bdnog.org

Save the file and run

#newaliases

CRON Schedule

1. For automated backup, you can setup CRON schedule. Please note that cron need to configured under user RANCID.

# su -s /bin/bash rancid
# crontab -e
# m h dom mon dow command
0 0 * * * /usr/libexec/rancid/rancid-run g

Install WEBSVN

# yum install websvn

Configuration

1. Fix permissions. The web server must be able to read the SVN (Subversion) folder

# chgrp -R apache /var/rancid/svn
# chmod g+w -R /var/rancid/svn

2. Change ownership of web files:

# chown apache:apache /usr/share/websvn

3. Add the following virtual host entry to your apache configuration file /etc/httpd/conf.d/websvn.conf:

Alias /websvn /usr/share/websvn
<Directory /usr/share/websvn/>
DirectoryIndex index.php
Options FollowSymLinks
Options FollowSymLinks MultiViews
Order allow,deny
Allow from all
<IfModule mod_php4.c>
php_flag magic_quotes_gpc Off
php_flag track_vars On
</IfModule>
</Directory>

5. Reload apache and try to browse the websvn: http://<ip_address>/websvn.

Check you can access the WebSVN.

6. Now we add RANCID repository sites. Edit websvn configuration file.

# vi /usr/share/websvn/include/config.php

// Local repositories (without and with optional group):
//
$config->addRepository(‘BDNOG’, ‘file:///var/rancid/svn/’);

Access RANCID backup with webSVN

19 Tuesday Mar 2013

Posted by Fakrul Alam in Uncategorized

≈ Leave a comment

Tags

RANCID, ubuntu, websvn

1. Install WebSVN:

# apt-get install websvn

When asked for the “svn parent repositories” change the path to be: /var/lib/rancid/svn. Do the same when asked about “svn repositories”

2. Fix permissions. The web server must be able to read the SVN (Subversion) folder

# chgrp -R www-data /var/lib/rancid/svn
# chmod g+w -R /var/lib/rancid/svn

3. Change ownership of web files

# chown www-data:www-data /usr/local/websvn

4. Edit websvn configuration file:

# vi /usr/share/websvn/include/config.php
$config->addRepository(‘Routers’, ‘file:///var/lib/rancid/svn/’);

5. Add the following virtual host entry to your apache configuration file /etc/apache2/sites-enabled/000-default

# vi /etc/apache2/sites-enabled/000-default

Alias /websvn /usr/share/websvn
DirectoryIndex index.php
Options FollowSymLinks
deny from all
AllowOverride AuthConfig
Order deny,allow

php_flag magic_quotes_gpc Off
php_flag track_vars On

6. Reload apache and try to browse the websvn: http://hostname/websvn

Bellow is the screenshot how webSVN look like:

image

If you get error ““/var/lib/rancid/CVS/db/uuid’: Permission denied” the CVS directory is owned by the user rancid:rancid” try the following:

# usermod -a -G rancid www-data

Rancid for backup CISCO Configuration

14 Thursday Mar 2013

Posted by Fakrul Alam in Uncategorized

≈ Leave a comment

Tags

cisco, RANCID, ubuntu

1. Install Rancid

# apt-get install rancid

– It will prompt with a warning – Select and press ENTER to continue.
– It will give you another warning about making a backup copy of your rancid data. We have no data, so select and press ENTER to continue.

2. Edit /etc/rancid/rancid.conf

# vi /etc/rancid/rancid.conf

Find this line in rancid.conf:

#LIST_OF_GROUPS=”sl joebobisp”

And, underneath it add the following line:

LIST_OF_GROUPS=”all”

We want to use Subversion for our Version Control System, and not CVS, so find the line with the parameter RCSSYS:

RCSSYS=cvs; export RCSSYS

And, change it to:

RCSSYS=svn; export RCSSYS

and the line with CVSROOT:

CVSROOT=$BASEDIR/CVS; export CVSROOT

And, change it to:

CVSROOT=$BASEDIR/svn; export CVSROOT

Note the lowercase “svn”. Now exit and save the file.

3. Change to the rancid user

# su -s /bin/bash rancid

Check that you ARE the rancid user:

$ id

4. Create /var/lib/rancid/.cloginrc

# vi /var/lib/rancid/.cloginrc

Add the following two lines to the file:

add user *.domain.com ssh_username
add password *.domain.com ssh_user_pass enable_pass

$ chmod 600 /var/lib/rancid/.cloginrc

5. Test login to the router of your group

$ /var/lib/rancid/bin/clogin rtrX.domain.com

6. Initialize the SVN repository for rancid:

$ /usr/lib/rancid/bin/rancid-cvs

7. Create the router.db file

$ vi /var/lib/rancid/all/router.db

Add this line:

rtrX.domain.com:cisco:up
rtrY.domain.com:cisco:up

8. Run rancid!

$ /usr/lib/rancid/bin/rancid-run

9. Check the rancid log files

$ cd /var/lib/rancid/logs
$ ls -l

10. Look at the configs

$ cd /var/lib/rancid/all/configs
$ less rtrX.domain.com

Social

  • View rapappu’s profile on Twitter
  • View fakrulalam’s profile on LinkedIn
  • View fakrul’s profile on GitHub
  • View FakrulAlamPappu’s profile on Google+
  • View fakrulalam’s profile on Flickr

Twitter Updates

  • #sydeny #summer https://t.co/4FhMTbgG1g 1 week ago
  • RT @protocoljournal: The August 2022 issue of IPJ is ready. Head over to protocoljournal.org for your copy! https://t.co/c0dfwBQAuu 3 weeks ago
  • RT @teamcymru: Take The first step toward clarity, visibility, and reducing external asset related risks With our free Attack Surface Asses… 3 weeks ago
  • RT @akanygren: Have you been working with tech for years and want an overview of #IPv6? I've been working on an open source "Inessential I… 1 month ago
  • blog.lastpass.com/2022/11/notice… 2 months ago
  • #bdnog15 CfP is now open bdnog.org/bdnog15/cfp.php #bdnog #bangladesh #nog #networkoperatorsgroup 2 months ago
  • RT @Cloudflare: Today we’re introducing Cloudflare Radar’s route leak data and API so that anyone can get information about route leaks acr… 2 months ago
  • Battling Zimbabwe fall short as Bangladesh win in chaotic final-over finish espncricinfo.com/series/icc-men… #t20 #worldcup #bangladeh 3 months ago
  • RT @vince2_: With the team @Free_1337, we have developed a Netflow/IPFIX collector and visualizer. It is available at https://t.co/6XtpOtm9… 6 months ago
  • RT @openbsdnow: Effective Shell effective-shell.com 7 months ago
  • RT @nocontextfooty: https://t.co/PU0JeRSrbD 7 months ago
  • smallstep.com/blog/if-openss… 7 months ago
  • github.com/tldr-pages/tldr 9 months ago
  • How to properly interpret a traceroute or MTR | APNIC Blog blog.apnic.net/2022/03/28/how… 9 months ago
  • #dayandnight #Newcastle #beachlife https://t.co/LaKATcEsFY 10 months ago
Follow @rapappu

Tags

antismap antivirus automation Azure bangladesh BASH BASH Script BDCERT bgp bind ccsp centos CentOS mirror CERT CISA cisco Cyber Security ddos dhaka dhakacom DNS DNSSEC GSM intrusion detectoin system Intrusion prevention system ips IPv6 ISACA junos linux Looking Glass lxc lxc profile lxd mailqueue mailscanner Mail Server mailwatch Meraki mikrotik monitor mpls MPLS L3 VPN mysql My Work network network management nginx NSD observium OpenVPN perl PHP ping postfix Proxy PTA python RANCID Reading RPKI Shell Script sms sms server SNMP SSH Tutorial ubuntu Ubuntu Mirror Server Virtual Box vispan vmware websvn Youtube hack খামাখা

Blog at WordPress.com.

  • Follow Following
    • blog.alam.rocks
    • Join 27 other followers
    • Already have a WordPress.com account? Log in now.
    • blog.alam.rocks
    • Customize
    • Follow Following
    • Sign up
    • Log in
    • Report this content
    • View site in Reader
    • Manage subscriptions
    • Collapse this bar