[nsp] Suggestions on Versioning Control

Theo P. Zourzouvillys theo at crazygreek.co.uk
Tue Nov 18 11:29:31 EST 2003

Hash: SHA1

On Tuesday 18 November 2003 3:56 pm, Kenny Stoltz wrote:
> Does anyone have any good suggestions on a system for versioning for
> config files? I don't particularly see anything that cisco can do to
> make it work, but i think maybe some custom perl scripts + cvs might
> work pretty well, but I wish I could have it track every change rather
> than daily changes. Any ideas?


I knocked up a quick script that handles an snmp trap for a user loging out, 
that then tells the router/switch to tftp it's config to my tftp server, upon 
which the script diffs it against an old copy and mails me the changes.

the script is at <http://zozo.org.uk/downloads/cisco-logout.txt>, useful if 
you are prepeaed to hack it around, but you'd probably be better off writting 
your own.

of course, normal security issues apply.

it would be better if ios raised a trap whenever the config was changed.  you 
could probablt do this by mointoring syslog for SYS-5-CONFIG_I), but hey...

ohh, and i've not used the script in a live enviroment, it was merely as a 
proof of concept for somethign i was doign a while ago, so, really no blame 
on me for thigns it does, please ;)

 ~ Theo

- -- 
Theo Zourzouvillys
<theo at crazygreek.co.uk>
Version: GnuPG v1.2.2 (GNU/Linux)


More information about the cisco-nsp mailing list