Cacti (home)ForumsDocumentation
Cacti: offical forums and support
It is currently Thu Apr 25, 2019 7:14 pm

All times are UTC - 5 hours




Post new topic Reply to topic  [ 47 posts ]  Go to page 1, 2, 3, 4  Next
Author Message
 Post subject: Config Backup plugin help
PostPosted: Fri Apr 20, 2018 11:01 am 
Offline

Joined: Thu Apr 19, 2018 1:08 pm
Posts: 29
So I'm trying to load this
https://docs.cacti.net/plugin:routerconfigs

But I've hit an issue and question (could be a 2nd issue)

1. it says to run "chkconfig xinetd on" but that gives the error "error reading information on service xinetd: No such file or directory"
And yes I've already installed TFTP via "yum install tftp-server)

I also tried the newer "systemctl start xinetd" and would have then run "systemctl enable xinetd"

2. (ATM it's more of a question but might be an issue later.) What should the permissions and context be for the router config backup location? The page only said "and give the apache server and the tftp server permissions to access it."

For the moment I've set it to 777 and usr_t with updates to the fcontext db, but I want to be sure I have it right.
IMO it'd be awesome if the plugin was made into an RPM, and then hosted in a repo.


Top
 Profile  
 
 Post subject: Re: Config Backup plugin help
PostPosted: Fri Apr 20, 2018 1:19 pm 
Offline
Cacti Guru User

Joined: Sun Aug 27, 2017 12:05 am
Posts: 2414
The Cacti Group doesn't handle any of the repo packages. Those are handled by people who normally maintain packages for the various distributions.

On the RouterConfigs front, if you are using the latest development version from GitHub, it now uses two directories. The first is the location of the TFTP server's folder where files are uploaded. RouterConfigs needs read/write access to that folder normally when it is running as the poller.

The second location is defaulted to 'backups' beneath the plugin folder and again, that should be read/write to the poller user. It should also be read/write to the website user as you may want to be able to delete/compare the configurations.

_________________
Official Cacti Developer

Cacti Resources:
Cacti Website (including releases)
Cacti Issues
Cacti Development Releases
Cacti Development Documentation

My resources:
How to submit Pull Requests
Development Wiki and How To's
Updated NetSNMP Memory template for Cacti 1.x
Cisco SFP template for Cacti 0.8.8


Top
 Profile  
 
 Post subject: Re: Config Backup plugin help
PostPosted: Fri Apr 20, 2018 3:21 pm 
Offline

Joined: Thu Apr 19, 2018 1:08 pm
Posts: 29
For read/write to the poller/website user, since this is RHEL 7 and Apache which users would those be?

After some digging I found the directory for the plugin to be added it was /usr/share/cacti/plugins

And now I'm having issues with tftp, it's not backing up any configs, and I even tested and a Cisco switch is unable to "copy run tftp" to it.
I get the error of "error opening tftp.... no such file."

I made a mount point lets call it /u01 with the directories /u01/Config-Backups and /u01/Archive and set the permissions to 766 on them recursively.
in the /etc/xinetd.d/tftp I set "server_args = -c -s /u01/Config-Backups"

So is there something I'm missing?

I also opened firewalld for tftp.
As a test I did "setenforce 0" but that didn't change anything.


Top
 Profile  
 
 Post subject: Re: Config Backup plugin help
PostPosted: Fri Apr 20, 2018 4:11 pm 
Offline
Cacti Guru User

Joined: Sun Aug 27, 2017 12:05 am
Posts: 2414
You can run a manual backup from within RouterConfigs, you can also increase the level at which it records it's logging, even capturing the input/output buffer to the devices. I would suggest doing this to give you an idea of what is occurring. But before you do a backup, you need to make sure that you have TFTP installed and working, then edit the RouterConfig settings to make sure the TFTP folder is set.

_________________
Official Cacti Developer

Cacti Resources:
Cacti Website (including releases)
Cacti Issues
Cacti Development Releases
Cacti Development Documentation

My resources:
How to submit Pull Requests
Development Wiki and How To's
Updated NetSNMP Memory template for Cacti 1.x
Cisco SFP template for Cacti 0.8.8


Top
 Profile  
 
 Post subject: Re: Config Backup plugin help
PostPosted: Mon Apr 23, 2018 8:58 am 
Offline

Joined: Thu Apr 19, 2018 1:08 pm
Posts: 29
I think something is missing in the TFTP setup, I installed both Tftp-server and xinetd via "yum install tftp-server xinetd"

But ATM I tried SSH'ing to a cisco switch and doing "copy run tftp" and it fails to connect to the tftp server.


Top
 Profile  
 
 Post subject: Re: Config Backup plugin help
PostPosted: Tue Apr 24, 2018 12:13 pm 
Offline
Cacti Guru User

Joined: Sun Aug 27, 2017 12:05 am
Posts: 2414
Firstly, make sure that TFTP is actually running and listening on it's correct port.

If you find that has been done, then make sure that either iptables or firewall-cmd is allowed the connection through if you are using either of those.

_________________
Official Cacti Developer

Cacti Resources:
Cacti Website (including releases)
Cacti Issues
Cacti Development Releases
Cacti Development Documentation

My resources:
How to submit Pull Requests
Development Wiki and How To's
Updated NetSNMP Memory template for Cacti 1.x
Cisco SFP template for Cacti 0.8.8


Top
 Profile  
 
 Post subject: Re: Config Backup plugin help
PostPosted: Fri Apr 27, 2018 1:32 pm 
Offline

Joined: Thu Apr 19, 2018 1:08 pm
Posts: 29
"systemctl status tftp" and "systemctl status xinetd" both show running.
For the firewall I did "firewall-cmd --permanent --zone=public --add-service=tftp" so the port is open on the OS firewall.

And oddly netstat shows TFTP is only listening on IPv6, though in the "/etc/xinetd.d/tftp" config file the only ref I see to 4 vs 6 is flags, and it's flags=ipv4.


Attachments:
Netstat-TFTP.png
Netstat-TFTP.png [ 15.64 KiB | Viewed 820 times ]
Top
 Profile  
 
 Post subject: Re: Config Backup plugin help
PostPosted: Fri Apr 27, 2018 1:40 pm 
Offline

Joined: Thu Apr 19, 2018 1:08 pm
Posts: 29
Ok I missed the "disable=" line in the "/etc/xinetd.d/tftp" file, but after chaning that from yes to now and then restarting via systemctl both tftp and xinetd and then even stoping firewalld (just to be sure) the copy still failed.

Also just incase I did a "setenforce 0" to test if SeLinux was at fault, no change.

After the config file edit netstat though does show xinetd listening on port 69, though the state is blank.


Top
 Profile  
 
 Post subject: Re: Config Backup plugin help
PostPosted: Sat Apr 28, 2018 5:37 am 
Offline
Cacti Guru User

Joined: Sun Aug 27, 2017 12:05 am
Posts: 2414
I'd just remove the disable line by putting a comment in front of it. See whether that changes anything.

_________________
Official Cacti Developer

Cacti Resources:
Cacti Website (including releases)
Cacti Issues
Cacti Development Releases
Cacti Development Documentation

My resources:
How to submit Pull Requests
Development Wiki and How To's
Updated NetSNMP Memory template for Cacti 1.x
Cisco SFP template for Cacti 0.8.8


Top
 Profile  
 
 Post subject: Re: Config Backup plugin help
PostPosted: Tue May 01, 2018 4:05 pm 
Offline

Joined: Thu Apr 19, 2018 1:08 pm
Posts: 29
I just tried that and no change.

Sorry I didn't see this sooner, I though I had the notify me checked and was expecting an e-mail when there was a reply.

I tried putting the hash tag there and then "systemctl restart xinetd" it didn't make any difference.

Currently on the cisco device trying to copy the config it says "%Error opening tftp://(IP)/config (Undefined error)"


Top
 Profile  
 
 Post subject: Re: Config Backup plugin help
PostPosted: Wed May 02, 2018 3:35 am 
Offline
Cacti Guru User

Joined: Sun Aug 27, 2017 12:05 am
Posts: 2414
Is there a firewall between the devices? (This includes locally on the TFTP server)

_________________
Official Cacti Developer

Cacti Resources:
Cacti Website (including releases)
Cacti Issues
Cacti Development Releases
Cacti Development Documentation

My resources:
How to submit Pull Requests
Development Wiki and How To's
Updated NetSNMP Memory template for Cacti 1.x
Cisco SFP template for Cacti 0.8.8


Top
 Profile  
 
 Post subject: Re: Config Backup plugin help
PostPosted: Wed May 02, 2018 3:52 am 
Offline

Joined: Thu Apr 19, 2018 1:08 pm
Posts: 29
The Cisco device I'm testing with is the one the vm host is directly connected to, so the only firewall is firewalld which I've stopped during testing with no change.


Top
 Profile  
 
 Post subject: Re: Config Backup plugin help
PostPosted: Wed May 02, 2018 6:58 am 
Offline
Cacti Guru User

Joined: Sun Aug 27, 2017 12:05 am
Posts: 2414
Rather than stopping the firewall (some firewalls have a thing where their filter is a separate entity that decides if no rules are present assume block everything).

Try adding the service to the firewall rules.

http://www.bo-yang.net/2015/08/31/cento ... ftp-server

_________________
Official Cacti Developer

Cacti Resources:
Cacti Website (including releases)
Cacti Issues
Cacti Development Releases
Cacti Development Documentation

My resources:
How to submit Pull Requests
Development Wiki and How To's
Updated NetSNMP Memory template for Cacti 1.x
Cisco SFP template for Cacti 0.8.8


Top
 Profile  
 
 Post subject: Re: Config Backup plugin help
PostPosted: Wed May 02, 2018 7:53 am 
Offline

Joined: Thu Apr 19, 2018 1:08 pm
Posts: 29
I already added the service TFTP to the firewall, in my experience if FirewallD is stopped it's wide open.


Top
 Profile  
 
 Post subject: Re: Config Backup plugin help
PostPosted: Wed May 02, 2018 9:04 am 
Offline
Cacti Guru User

Joined: Sun Aug 27, 2017 12:05 am
Posts: 2414
I'm not sure what else to say, it's defintely a TFTP or Firewall setup issue if you can't connect from the network device to the server.

_________________
Official Cacti Developer

Cacti Resources:
Cacti Website (including releases)
Cacti Issues
Cacti Development Releases
Cacti Development Documentation

My resources:
How to submit Pull Requests
Development Wiki and How To's
Updated NetSNMP Memory template for Cacti 1.x
Cisco SFP template for Cacti 0.8.8


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 47 posts ]  Go to page 1, 2, 3, 4  Next

All times are UTC - 5 hours


Who is online

Users browsing this forum: No registered users and 1 guest


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
cron

Protected by Anti-Spam ACP Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group