Fri, Jul 27, 2018 at 08:02:28AM -0500, Chris Wopat: > Hi Heasley and folks, > > Sept 2017 i sent a note in with some proposed tweaks to a Fortigate. to > filter out some additional chattiness, see: > > http://www.shrubbery.net/pipermail/rancid-discuss/2017-September/009871.html > http://www.shrubbery.net/pipermail/rancid-discuss/2017-June/009643.html > > A few people chimed in seeming to be OK with the propsed changes, which are > to filter these things: > > next if (/^\s*IPS-ETDB: .*/); > next if (/^\s*APP-DB: .*/); > next if (/^\s*IPS Malicious URL Database: .*/); > next if (/^\s*Botnet DB: .*/); > > Mentioning this as 3.8 came out and i didn't notice any of these included. > > We have an additional fortigate tweak we make every time we update too, > which to change from 'show full-configuration' to just 'show' in > @commandtable. 'full-configuration' shows default config, just like the > cisco 'full' command. It's really not necessary IMO.
This is from: r2258 | heas | 2010-10-11 20:49:05 +0000 (Mon, 11 Oct 2010) | 3 lines fnrancid: update recent fortinet software - Diego Ercolani Cleaned-up a little by me. afaict, the justification for full-configuration was so that VDOMs would be included in the output. perhaps this behavior has changed since this change?? I have none of these devices. _______________________________________________ Rancid-discuss mailing list [email protected] http://www.shrubbery.net/mailman/listinfo/rancid-discuss
