Welcome, Guest. Please login or register.

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - ntmark

Pages: [1] 2 3 ... 9
1
Discovery / Re: NeDi Discovery/Graphing Has Stopped
« on: Today at 12:49:08 AM »
hmm I'm not sure what a "stop" means.
Maybe someone else can answer that.

What happens if you run it from command line manually? does it do the same thing?

2
Discovery / Re: NeDi Discovery/Graphing Has Stopped
« on: April 26, 2017, 10:26:11 PM »
I'm assuming the cron jobs pipe the nedi output to a log file.
What do the nedi logs say is wrong?

*/30 1-23 * * * root /nedi/nedi.pl -Smvjedw -A"device regexp '^[a-f]'" > /nedi/log/nedi-a-f.log 2>&1

cat /nedi/log/nedi-a-f.log

3
Discovery / dot1x and node tracking with dynamic vlans
« on: November 10, 2016, 11:52:07 PM »
We have dot1x enabled on wired network with dynamic vlan assignment but the ports are configured with a default vlan.
What I'm having problems with are node tracking/discovery as the nodes will at some point get an IP on the default vlan, but when they boot up and are authenticated they get assigned a new vlan and get a new IP address.
When looking at a switch in nedi and finding nodes in Node List it is matching the nodes with the default vlan and showing that IP address, and not the one they currently have on their new assigned vlan.

Default vlan 10, IP 10.10.10.10
Dynamic vlan 15, IP 10.10.15.40
Nodes List shows 10.10.10.10 but the node has IP 10.10.15.40

Is there anyway to get the correct IP to show up?

Also when looking at the device -> status  it shows the configured vlanid on the switch port and not what it currently is forwarding as.
I'm not to fussed about this bit, but maybe there could be an option to show either the configured vlans on a port or the in use ones, and possibly include voice vlans/native vlans in the future?

Thanks
Mark.

4
You can try finding them under Devices -> Modules, filter by Class = 3.
You may need to add other Class values depending on your platform.
Also by filtering additionally by Device Name you can get all chassis SN for a single host (stack).

Mark

5
Discovery / Re: Looking for Extreme X440-24p def file
« on: September 13, 2016, 11:22:24 PM »
Righto, thanks for reply.

Mark.

6
Discovery / Looking for Extreme X440-24p def file
« on: September 05, 2016, 05:29:50 AM »
If anyone has a working def file for an Extreme X440-24p or something similar I'll update and re-upload.

EDIT: To clarify this is to detect the config changes on an Extreme, the defs that come with Nedi do not have these values. (1o6)
Apologies for a hasty and non-informative post.

Thanks
Mark.

7
Discovery / Re: Fortigate config Backup 1.6
« on: August 08, 2016, 10:11:54 AM »
Man, I'm sorry I should of read the head of libcli.pm for the variable descriptions. (my bad)

Code: [Select]
[\w+()-]+\s\#\s$This is the regex I'm going to try out, it looks like this matches with all our prompts so far + these below:
test #
test-123 #
-_12 #
12345 #
1-2 #
12----56___ #

I've left the () in there but I don't think they are needed along with the literal +

Regarding the hostname requirements this is from their website "The hostname can be up to 35 characters in length. It can include US-ASCII letters, numbers, hyphens, and underscores, but not spaces and special characters."
\w = a-zA-Z0-9_ so only need to have - in that group.

Login prompts seem to always end with a \s#\s at the end (at least for ssh connection), I haven't personally seen an actual dollar $ prompt so removed that.
Would be nice if someone else can confirm if $ is used?

So I've essentially reverted back to your original settings and only changed the {ropr} regex. lol.
oh well.

Now looks like this:
Code: [Select]
$cmd{'FortiOS'}{'ropr'} = 'GitsDoNid';
$cmd{'FortiOS'}{'enpr'} = '[\w+()-]+\s\#\s$';
$cmd{'FortiOS'}{'more'} = '--More-- ';
$cmd{'FortiOS'}{'shcf'} = 'show full-configuration';
$cmd{'FortiOS'}{'cfst'} = '^config';

Seems to work ok.
I'll update if I find any issues.
Thanks for your help. :)

Mark.

8
Discovery / Re: Fortigate config Backup 1.6
« on: July 22, 2016, 10:17:28 AM »
Haha, yeah version compatibility... always gets me too.

I'll have to look into it more, I think what I'm missing was a # at the prompt.
Hostname needed to match this:'HOSTNAME #' or 'HOST-NAME #'
Maybe I'll find out from their site what characters they support for this.

I was unsure if I needed; enab, strt, more
Will try it without enab and page as it only requires [space] pressed

And what strt does which thinking about it is the output character during a config backup with debug on? (aka progress meter)

Also in the regex for the ropr I'll try to restrict it more, something like this.
Typing  from memory on the regex but would add a second group to match prompt types.
Code: [Select]
$cmd{'FortiOS'}{'ropr'} = 'GitsDoNid';
$cmd{'FortiOS'}{'enpr'} = '[\w+().-]+\s[\$\#]$';
$cmd{'FortiOS'}{'shcf'} = 'show full-configuration';
$cmd{'FortiOS'}{'strt'} = '.';
$cmd{'FortiOS'}{'cfst'} = '^config';
$cmd{'FortiOS'}{'more'} = '--More-- ';

Thanks again Remo
Mark.

9
Discovery / Re: DBD:mysql error during nightly backup 1.6p1
« on: June 16, 2016, 02:08:26 AM »
Thanks,
 I've added the max_allowed_packet = 128 to mariaDB my.cnf
All is now working!

This is now showing with 1696 interfaces.
Takes about 4 minutes to complete a Discovery.
changes came to 11689.

currently has 30 configured FEX's and soon will have another 6 or so.

Backup config is 739K in size

Restart with  systemd controls:
Code: [Select]
systemctl restart mariadb
Thank you for the help.
Mark. ;D

10
Discovery / Re: DBD:mysql error during nightly backup 1.6p1
« on: June 14, 2016, 02:44:21 AM »
Small addition.
I've also tried to run this from the GUI to force backup with these options: -v -B0 -SAFGgsjmvpadobewitu -a
but same result.

I've tied it down to about line 912 in inc/libdb.pm where this following line is run:
Code: [Select]
$sth->execute ($dv,$cfg,$chg,$main::now);
I think this started to happen after the 1.6p1 patch was applied, but I'm not entirely sure about this.

Printing out some output before that $sth->execute was run the values supplied to it are:
HOSTNAME: ~10 characters
CONFIG: 26427 lines
CHANGES: 20715 lines
UNIXTIMESTAMP: todays date.

Unable to get any output after the execute as it crashes.




11
Discovery / DBD:mysql error during nightly backup 1.6p1
« on: June 13, 2016, 01:57:30 AM »
I've been doing backups with options -sS -p -B360 and getting an error in the log when I get to a 6800X with VSS and 25 FEX switches.
It always happens on this switch with the error below
Code: [Select]
10.20.10.1     SWITCH1      v97 i1694    j75   DiDpp1 b23 m173    a4     f1214 c26428DBD::mysql::st execute failed: MySQL server has gone away at /usr/local/nedi/inc/libdb.pm line 913.
DBD::mysql::st execute failed: MySQL server has gone away at /usr/local/nedi/inc/libdb.pm line 913.

Looking this up I found that the connection may be timing out? and that enabling mysql_auto_reconnect or checking connection before performing execute may help.
I'm not sure if this is enabled already, but to enable the option the below was given on the cpan.org doc of DBD-mysql.
Code: [Select]
$dbh->{mysql_auto_reconnect} = 1;OR
Code: [Select]
my $dbh = DBI->connect($dsn, $user, $password, {
 mysql_auto_reconnect => 1,
});

I've already tried with this added to line 37 in libdb.pm where $dbh = DBI->connect(..... is defined like so:
Code: [Select]
$dbh = DBI->connect("DBI:$misc::backend:dbname=$dbname;host=$dbhost", $dbuser, $dbpass, { RaiseError => 1, AutoCommit => $ac, mysql_auto_reconnect=> 1} ) or die $DBI::errstr;
But the same error occurred.
Any tips on what I need to do to fix this error and it looks like backups aren't working correctly.

Thanks in advance.
Apologies for the choppy post.
Mark.

12
Discovery / Fortigate config Backup 1.6 [SOLVED]
« on: May 17, 2016, 01:50:01 AM »
Hi,
 I'm having some problems getting fortigate to do config backups in 1.6
We haven't been doing this in previous versions, so I've been searching through the forums for any config references.
I have finally got the login prompt to work via ssh by changing libcli.pm 'FortiOS' section to this, but there is probably some useless lines in here.
Code: [Select]
$cmd{'FortiOS'}{'ropr'} = '(.+)\s?#$';
$cmd{'FortiOS'}{'enpr'} = '.\s#\s$';
$cmd{'FortiOS'}{'enab'} = 'enable';
$cmd{'FortiOS'}{'shcf'} = 'show full-configuration';
$cmd{'FortiOS'}{'strt'} = '.';
$cmd{'FortiOS'}{'page'} = 'disable clipaging???';
$cmd{'FortiOS'}{'cfst'} = '^config';
$cmd{'FortiOS'}{'more'} = '--More-- ';

This has let me run ./nedi.pl -v -B0 -SAFGgsjmvpadobewitu -a <host IP>
but now I'm getting this error when it's running through the CONF: lines
Code: [Select]
...
CONF:30230 lines read

Configbackup ------------------------------------------------------------------
DBD::mysql::st execute failed: MySQL server has gone away at ./inc/libdb.pm line 900.
DBD::mysql::st execute failed: MySQL server has gone away at ./inc/libdb.pm line 900.

Line 900 of libdb.pm: middle line:
Code: [Select]
$sth = $dbh->prepare("INSERT INTO configs(device,config,changes,time) VALUES ( ?,?,?,? )");
$sth->execute ($dv,$cfg,$chg,$main::now);
misc::WriteCfg($dv) if defined $main::opt{'B'};


Now I'm stuck again.
Does anyone have config backup working in 1.6 with fortigates?

Cheers
Mark.

Edit: removed double post.

13
GUI / Re: Guestpage to See Switchport / VLAN Configuration
« on: May 17, 2016, 12:04:17 AM »
Nice work, looks quite useful for me too.
Thanks titanium

Mark.

14
GUI / Re: Feature Request: ability to change vlan
« on: February 03, 2016, 04:14:41 AM »
While we're on about changing vlans, you could also add check box to enable interface as trunk and also select/type vlanIDs for it.
I don't personally need this but it may come in handy for some or a feature some kind soul pays this great man for.

Probably less needed that the ability to change access vlans.

Mark.

15
Discovery / Re: nedi 1.4 patch 6 - libsnmp errors on discovery
« on: December 18, 2015, 02:43:57 AM »
I've found it's usually missing fields in def files, find one that's causing the message, edit it, update and write changes from gui, then try again.
The GUI adds any missing keywords to the def file when written.

If that doesn't fix it probably something else is missing in def file.

Pages: [1] 2 3 ... 9