[Fixed in 1.9.0] Noifications on config change: exclude lines

Unimus support forum
yoda-ict
Posts: 11
Joined: Wed Oct 03, 2018 8:34 am

Wed Oct 03, 2018 8:43 am

Hello,

First of all congrats for providing this nice piece of software. It just works!

We have some Fortigate firewals which are backupped daily. We use change notificatiuons for all devices, but every day we get notifications about config changes for the fortigate devices. This is due to some encrypted strings which constantly change, even if the stored values aren't changed. Is it possible to exclude lines in the new backup from being checked for differences? For instance, in our fortigate backupfiles i would like to exclude lines starting with:

#conf_file_ver
set passwd ENC
set psksecret ENC

Thanks!

Frans
User avatar
Tomas
Posts: 1206
Joined: Sat Jun 25, 2016 12:33 pm

Wed Oct 03, 2018 9:08 am

Hi Frans,

Unimus already ignores changes in the following lines for FortiOS:

Code: Select all

set passwd ENC
set password ENC
set psksecret ENC
...
About 8 other hashes like this are ignored.
('#conf_file_ver' is also ignored)

Could you please send a screenshot of a diff in a PM - so I can check if there is any additional hash formats that your system does that we do not ignore yet?

Thanks!
yoda-ict
Posts: 11
Joined: Wed Oct 03, 2018 8:34 am

Wed Oct 03, 2018 10:43 am

Hello Tomas,

Sent you a link with screenshot by PM.

Frans
yoda-ict
Posts: 11
Joined: Wed Oct 03, 2018 8:34 am

Wed Oct 03, 2018 8:58 pm

Tomas,

Found another:

set secret ENC

It's the password when radius is configured. That will be the problem then.

Regards,

Frans
User avatar
Tomas
Posts: 1206
Joined: Sat Jun 25, 2016 12:33 pm

Wed Oct 03, 2018 10:45 pm

Thank you for the help finding this.

Build with a fix now available here:
https://goo.gl/o7h7XU
yoda-ict
Posts: 11
Joined: Wed Oct 03, 2018 8:34 am

Thu Oct 04, 2018 8:51 am

Tnx Tomas, ran a new backup and now it detects the config as identical.

Keep up the good work! Looking forward to the FTP push support so i can backup my PulseSecure VPN appliances.

Frans
mkruyswijk
Posts: 2
Joined: Wed Nov 07, 2018 7:43 am

Wed Nov 07, 2018 7:44 am

Hi Tomas,

I just installed unimus. Can it be that the changes are not yet in the general download?
I just ran into this problem.

Kind regards,
Maarten
User avatar
Tomas
Posts: 1206
Joined: Sat Jun 25, 2016 12:33 pm

Fri Nov 09, 2018 8:20 am

mkruyswijk wrote:
Wed Nov 07, 2018 7:44 am
Hi Tomas,

I just installed unimus. Can it be that the changes are not yet in the general download?
I just ran into this problem.

Kind regards,
Maarten
Hi Maarten,

Indeed, these fixes are not yet in the stable release branch.
They are available in the 1.9.0 Beta.

You can download the 1.9.0 Beta here:
viewtopic.php?p=1705#p1705
mkruyswijk
Posts: 2
Joined: Wed Nov 07, 2018 7:43 am

Mon Nov 12, 2018 2:31 pm

Tried to install that version. but that comes back with "could not upgrade the database".
i know this is beta, but just wanted to let you know. i'll try to do a clean install later this week.
User avatar
Tomas
Posts: 1206
Joined: Sat Jun 25, 2016 12:33 pm

Mon Nov 12, 2018 2:41 pm

mkruyswijk wrote:
Mon Nov 12, 2018 2:31 pm
Tried to install that version. but that comes back with "could not upgrade the database".
i know this is beta, but just wanted to let you know. i'll try to do a clean install later this week.
We would love to take a look at this if possible.
We had one other report of this - but we were not able to replicate this issue at all.

Any chance we could organize a Webex session to debug this?

Thanks!
Post Reply