oxidized 0.34.3 → 0.36.0

data/lib/oxidized/input/ssh.rb

@@ -1,21 +1,17 @@
 module Oxidized
-  require 'net/ssh'
-  require 'net/ssh/proxy/command'
   require 'timeout'
-  require 'oxidized/input/cli'
-  class SSH < Input
+  require_relative 'sshbase'
+
+  class SSH < SSHBase
+    class NoShell < OxidizedError; end
+
     RESCUE_FAIL = {
-      debug: [
-        Net::SSH::Disconnect
-      ],
-      warn:  [
-        RuntimeError,
-        Net::SSH::AuthenticationFailed
-      ]
+      RuntimeError => :warn
     }.freeze
-    include Input::CLI
 
-    class NoShell < OxidizedError; end
+    def self.rescue_fail
+      super.merge(RESCUE_FAIL)
+    end
 
     def connect(node) # rubocop:disable Naming/PredicateMethod
       @node        = node
@@ -41,10 +37,6 @@ module Oxidized
       connected?
     end
 
-    def connected?
-      @ssh && (not @ssh.closed?)
-    end
-
     def cmd(cmd, expect = node.prompt)
       logger.debug "Sending '#{cmd.dump}' @ #{node.name} with expect: #{expect.inspect}"
       if Oxidized.config.input.debug?
@@ -76,10 +68,11 @@ module Oxidized
 
     private
 
+    # We need a specific disconnect for SSH in shell mode, see issue #3725
     def disconnect
       disconnect_cli
       # if disconnect does not disconnect us, give up after timeout
-      Timeout.timeout(Oxidized.config.timeout) { @ssh.loop }
+      Timeout.timeout(@node.timeout) { @ssh.loop }
     rescue Errno::ECONNRESET, Net::SSH::Disconnect, IOError => e
       logger.debug 'The other side closed the connection while ' \
                    "disconnecting, raising #{e.class} with #{e.message}"
@@ -127,7 +120,7 @@ module Oxidized
     def expect(*regexps)
       regexps = [regexps].flatten
       logger.debug "Expecting #{regexps.inspect} at #{node.name}"
-      Timeout.timeout(Oxidized.config.timeout) do
+      Timeout.timeout(@node.timeout) do
         @ssh.loop(0.1) do
           sleep 0.1
           match = regexps.find { |regexp| @output.match regexp }
@@ -137,48 +130,5 @@ module Oxidized
         end
       end
     end
-
-    def make_ssh_opts
-      secure = Oxidized.config.input.ssh.secure?
-      ssh_opts = {
-        number_of_password_prompts:      0,
-        keepalive:                       vars(:ssh_no_keepalive) ? false : true,
-        verify_host_key:                 secure ? :always : :never,
-        append_all_supported_algorithms: true,
-        password:                        @node.auth[:password],
-        timeout:                         Oxidized.config.timeout,
-        port:                            (vars(:ssh_port) || 22).to_i,
-        forward_agent:                   false
-      }
-
-      auth_methods = vars(:auth_methods) || %w[none publickey password]
-      ssh_opts[:auth_methods] = auth_methods
-      logger.debug "AUTH METHODS::#{auth_methods}"
-
-      ssh_opts[:proxy] = make_ssh_proxy_command(vars(:ssh_proxy), vars(:ssh_proxy_port), secure) if vars(:ssh_proxy)
-
-      ssh_opts[:keys]       = [vars(:ssh_keys)].flatten           if vars(:ssh_keys)
-      ssh_opts[:kex]        = vars(:ssh_kex).split(/,\s*/)        if vars(:ssh_kex)
-      ssh_opts[:encryption] = vars(:ssh_encryption).split(/,\s*/) if vars(:ssh_encryption)
-      ssh_opts[:host_key]   = vars(:ssh_host_key).split(/,\s*/)   if vars(:ssh_host_key)
-      ssh_opts[:hmac]       = vars(:ssh_hmac).split(/,\s*/)       if vars(:ssh_hmac)
-
-      # Use our logger for Net::SSH
-      ssh_logger = SemanticLogger[Net::SSH]
-      ssh_logger.level = Oxidized.config.input.debug? ? :debug : :fatal
-      ssh_opts[:logger] = ssh_logger
-
-      ssh_opts
-    end
-
-    def make_ssh_proxy_command(proxy_host, proxy_port, secure)
-      return nil unless !proxy_host.nil? && !proxy_host.empty?
-
-      proxy_command =  "ssh "
-      proxy_command += "-o StrictHostKeyChecking=no " unless secure
-      proxy_command += "-p #{proxy_port} "            if proxy_port
-      proxy_command += "#{proxy_host} -W [%h]:%p"
-      Net::SSH::Proxy::Command.new(proxy_command)
-    end
   end
 end

data/lib/oxidized/input/sshbase.rb

@@ -0,0 +1,107 @@
+module Oxidized
+  require 'net/ssh'
+  require 'net/ssh/proxy/command'
+  require 'timeout'
+
+  class SSHBase < Input
+    RESCUE_FAIL = {
+      Net::SSH::Disconnect           => :debug,
+      Net::SSH::ConnectionTimeout    => :debug,
+      Net::SSH::AuthenticationFailed => :warn,
+      Net::SSH::HostKeyUnknown       => :warn
+    }.freeze
+
+    def self.rescue_fail
+      super.merge(RESCUE_FAIL)
+    end
+
+    def connect(node) # rubocop:disable Naming/PredicateMethod
+      @node = node
+      @node.model.cfg[config_name].each { |cb| instance_exec(&cb) }
+      setup_debug_logging
+      logger.debug "Connecting to #{@node.name}"
+      @ssh = Net::SSH.start(@node.ip, @node.auth[:username], make_ssh_opts)
+      connected?
+    end
+
+    def connected?
+      @ssh && (not @ssh.closed?)
+    end
+
+    def setup_debug_logging
+      return unless Oxidized.config.input.debug?
+
+      logfile = Oxidized::Config::LOG + "/#{@node.ip}-#{config_name}"
+      @log = File.open(logfile, 'w')
+      logger.debug "I/O Debugging to #{logfile}"
+    end
+
+    def make_ssh_opts
+      ssh_opts = {
+        number_of_password_prompts:      0,
+        keepalive:                       vars(:ssh_no_keepalive) ? false : true,
+        verify_host_key:                 must_secure? ? :always : :never,
+        append_all_supported_algorithms: true,
+        password:                        @node.auth[:password],
+        timeout:                         @node.timeout,
+        port:                            (vars(:ssh_port) || 22).to_i,
+        forward_agent:                   false
+      }
+
+      auth_methods = vars(:auth_methods) || %w[none publickey password]
+      ssh_opts[:auth_methods] = auth_methods
+      logger.debug "AUTH METHODS::#{auth_methods}"
+
+      if vars(:ssh_proxy)
+        ssh_opts[:proxy] = make_ssh_proxy_command(
+          vars(:ssh_proxy), vars(:ssh_proxy_port), must_secure?
+        )
+      end
+      ssh_opts[:keys]       = [vars(:ssh_keys)].flatten           if vars(:ssh_keys)
+      ssh_opts[:kex]        = vars(:ssh_kex).split(/,\s*/)        if vars(:ssh_kex)
+      ssh_opts[:encryption] = vars(:ssh_encryption).split(/,\s*/) if vars(:ssh_encryption)
+      ssh_opts[:host_key]   = vars(:ssh_host_key).split(/,\s*/)   if vars(:ssh_host_key)
+      ssh_opts[:hmac]       = vars(:ssh_hmac).split(/,\s*/)       if vars(:ssh_hmac)
+
+      # Use our logger for Net::SSH
+      ssh_logger = SemanticLogger[Net::SSH]
+      ssh_logger.level = Oxidized.config.input.debug? ? :debug : :fatal
+      ssh_opts[:logger] = ssh_logger
+
+      ssh_opts
+    end
+
+    def must_secure?
+      Oxidized.config.input[config_name].secure? == true
+    end
+
+    def make_ssh_proxy_command(proxy_host, proxy_port, secure)
+      return nil unless !proxy_host.nil? && !proxy_host.empty?
+
+      proxy_command =  "ssh "
+      proxy_command += "-o StrictHostKeyChecking=no " unless secure
+      proxy_command += "-p #{proxy_port} "            if proxy_port
+      proxy_command += "#{proxy_host} -W [%h]:%p"
+      Net::SSH::Proxy::Command.new(proxy_command)
+    end
+
+    def disconnect
+      disconnect_cli
+      Timeout.timeout(@node.timeout) do
+        @ssh.close
+      end
+    rescue Errno::ECONNRESET, Net::SSH::Disconnect, IOError => e
+      logger.debug 'The other side closed the connection while ' \
+                   "disconnecting, raising #{e.class} with #{e.message}"
+    rescue Timeout::Error
+      logger.debug "#{@node.name} timed out while disconnecting"
+    ensure
+      @log.close if Oxidized.config.input.debug?
+    end
+
+    # Methods to implement in subclasses
+    def cmd(**_args)
+      raise NotImplementedError, "Subclasses must implement cmd"
+    end
+  end
+end

data/lib/oxidized/input/telnet.rb

@@ -1,15 +1,11 @@
 module Oxidized
   require 'net/telnet'
-  require 'oxidized/input/cli'
   class Telnet < Input
-    RESCUE_FAIL = {}.freeze
-    include Input::CLI
-
     attr_reader :telnet
 
     def connect(node) # rubocop:disable Naming/PredicateMethod
       @node    = node
-      @timeout = Oxidized.config.timeout
+      @timeout = @node.timeout
       @node.model.cfg['telnet'].each { |cb| instance_exec(&cb) }
       @log = File.open(Oxidized::Config::LOG + "/#{@node.ip}-telnet", 'w') if Oxidized.config.input.debug?
       port = vars(:telnet_port) || 23
@@ -84,7 +80,7 @@ module Net
       @log     = @options["Log"]
 
       expects  = [options[:expect]].flatten
-      time_out = options[:timeout] || @options["Timeout"] || Oxidized.config.timeout?
+      time_out = options[:timeout] || @options["Timeout"]
 
       Timeout.timeout(time_out) do
         line = ""

data/lib/oxidized/input/tftp.rb

@@ -1,7 +1,5 @@
 module Oxidized
   require 'stringio'
-  require_relative 'cli'
-
   begin
     require 'net/tftp'
   rescue LoadError
@@ -9,7 +7,13 @@ module Oxidized
   end
 
   class TFTP < Input
-    include Input::CLI
+    RESCUE_FAIL = {
+      Net::TFTPTimeout => :warn
+    }.freeze
+
+    def self.rescue_fail
+      super.merge(RESCUE_FAIL)
+    end
 
     # TFTP utilizes UDP, there is not a connection. We simply specify an IP and send/receive data.
     def connect(node)

data/lib/oxidized/model/adva.rb

@@ -44,7 +44,7 @@ class ADVA < Oxidized::Model
 
     cmd 'show ports' do |cfg|
       cfg.each_line do |line|
-        port = line.match(/\|((access|network)[^\|]+)\|/)
+        port = line.match(/\|((access|network)[^|]+)\|/)
         ports << port if port
       end
     end

data/lib/oxidized/model/airfiber.rb

@@ -3,7 +3,7 @@ class Airfiber < Oxidized::Model
 
   # Ubiquiti Airfiber (tested with Airfiber 11FX)
 
-  prompt /^AF[\w\.-]+#/i
+  prompt /^AF[\w.-]+#/i
 
   cmd :all do |cfg|
     cfg.cut_both

data/lib/oxidized/model/aoscx.rb

@@ -1,25 +1,13 @@
 class Aoscx < Oxidized::Model
   using Refinements
+  # HPE Aruba Networking - ArubaOS-CX models
 
-  # previous command is repeated followed by "\eE", which sometimes ends up on last line
-  # ssh switches prompt may start with \r, followed by the prompt itself, regex ([\w\s.-]+[#>] ), which ends the line
-  # telnet switchs may start with various vt100 control characters, regex (\e\[24;[0-9][hH]), follwed by the prompt, followed
-  # by at least 3 other vt100 characters
-  prompt /(^\r|\e\[24;[0-9][hH])?([\w\s.-]+[#>] )($|(\e\[24;[0-9][0-9]?[hH]){3})/
+  prompt /^[\w\s.-]+[#>] $/
+  clean :escape_codes
 
   comment '! '
 
-  # replace next line control sequence with a new line
-  expect /(\e\[1M\e\[\??\d+(;\d+)*[A-Za-z]\e\[1L)|(\eE)/ do |data, re|
-    data.gsub re, "\n"
-  end
-
-  # replace all used vt100 control sequences
-  expect /\e\[\??\d+(;\d+)*[A-Za-z]/ do |data, re|
-    data.gsub re, ''
-  end
-
-  expect /Press any key to continue(\e\[\??\d+(;\d+)*[A-Za-z])*$/ do
+  expect /Press any key to continue$/ do
     send ' '
     ""
   end
@@ -30,19 +18,15 @@ class Aoscx < Oxidized::Model
   end
 
   cmd :all do |cfg|
-    cfg = cfg.cut_both
-    cfg = cfg.gsub /^\r/, ''
-    # Additional filtering for elder switches sending vt100 control chars via telnet
-    cfg.gsub! /\e\[\??\d+(;\d+)*[A-Za-z]/, ''
-    # Additional filtering for power usage reporting which obviously changes over time
-    cfg.gsub! /^(.*AC [0-9]{3}V\/?([0-9]{3}V)?) *([0-9]{1,3}) (.*)/, '\\1 <removed> \\4'
-    cfg
+    cfg.cut_both
   end
 
   cmd :secret do |cfg|
+    cfg.gsub! /^(user .* group .*(?: ciphertext)?) \S+/, '\\1 <secret hidden>'
     cfg.gsub! /^(snmp-server community) \S+(.*)/, '\\1 <secret hidden> \\2'
     cfg.gsub! /^(snmp-server host \S+) \S+(.*)/, '\\1 <secret hidden> \\2'
-    cfg.gsub! /^(radius-server host \S+ key) \S+(.*)/, '\\1 <secret hidden> \\2'
+    cfg.gsub! /^(snmpv3 user).*?(auth (?:md5|sha(?:\d{1,3})?) auth-pass ciphertext).*?(priv (?:des|aes(?:\d{1,3})?) priv-pass ciphertext).*/, '\\1 <user> \\2 <auth-pass> \\3 <priv-pass>'
+    cfg.gsub! /^(radius-server host \S+ key(?: ciphertext)?) \S+ (.*)/, '\\1 <secret hidden> \\2'
     cfg.gsub! /^(radius-server key).*/, '\\1 <configuration removed>'
     cfg.gsub! /^(tacacs-server host \S+ key) \S+(.*)/, '\\1 <secret hidden> \\2'
     cfg.gsub! /^(tacacs-server key).*/, '\\1 <secret hidden>'
@@ -54,27 +38,30 @@ class Aoscx < Oxidized::Model
   end
 
   cmd 'show environment' do |cfg|
-    cfg.gsub! /^(LC.*\s+)\d+\s+$/, '\\1<hidden>'
-    cfg.gsub! /^(\d\/\d\/\d.*\s+)\d+\s+$/, '\\1<hidden>'
-    cfg.gsub! /^(\d+\/?\S+\s+\S+\s+)\d+\.\d+\s+C\s+(.*)/, '\\1<hidden>   \\2'
-    cfg.gsub! /^(LC.*\s+)\d+\.\d+\s+(C.*)$/, '\\1 <hidden> \\2'
-    # match show environment No speed shown for switches CX83xx, e.g. "PSU-1/1/1      N/A      N/A            N/A     front-to-back  ok      7360"
-    cfg.gsub! /^PSU(\S+\s+\S+\s+\s+\S+\s+)(slow|normal|medium|fast|max|N\/A)\s+(\S+\s+\S+\s+)\d+[[:blank:]]+/, '\\1<speed> \\3<rpm>'
-    cfg.gsub! /^(\S+\s+\S+\s+\s+\S+\s+)(slow|normal|medium|fast|max)\s+(\S+\s+\S+\s+)\d+[[:blank:]]+/, '\\1<speed> \\3<rpm>'
-    # match show environment power-consumption on VSF or standadlone, non-chassis and non-6400 switch, e.g. "2    6300M 48G 4SFP56 Swch                 156.00      155.94"
-    cfg.gsub! /^(\d+\s+.+\s+)(\s{2}\d{2}\.\d{2}|\s{1}\d{3}\.\d{2}|\d{4}\.\d{2})(\s+)(\s{2}\d{2}\.\d{2}|\s{1}\d{3}\.\d{2}|\d{4}\.\d{2})$/, '\\1<power>\\3<power>'
-    # match show environment power-consumption on 6400 or chassis switches, e.g. "1/4    line-card-module    R0X39A 6400 48p 1GbE CL4 PoE 4SFP56 Mod     54 W"
-    cfg.gsub! /^(\d+\/?\d*\s+.+\s+)(\s{1,4}\d{1,3})\sW\s*$/, '\\1<power>'
-    # match show environment power-consumption on 6400 or chassis switches, e.g. "Module Total Power Usage      13000 W", match up to a 5-digit number and keep table formatting.
-    cfg.gsub! /^(Module|Chassis)\s(Total\sPower\sUsage)(\s+)\s(\s{4}\d{1}|\s{3}\d{2}|\s{2}\d{3}|\s{1}\d{4}|\d{5})\sW\s*$/, '\\1 <power>'
-    # match show environment power-consumption on 6400 or chassis switches, e.g. "Chassis Total Power Usage     13000 W", match up to a 5-digit number and keep table formatting.
-    cfg.gsub! /^(Chassis\sTotal\sPower\sUsage)(\s+)(\s{4}\d{1}|\s{3}\d{2}|\s{2}\d{3}|\s{1}\d{4}|\d{5})\sW\s*$/, '\\1\\2<power>'
-    # match show environment power-consumption on 8400 or chassis switches, up to a 5-digit number, example matches:
-    # e.g. "Chassis Total Power Allocated (total of all max wattages)               4130 W"
-    # e.g. "Chassis Total Power Unallocated                                        15860 W"
-    cfg.gsub! /^(Chassis\sTotal\sPower\s)(Allocated|Unallocated)(\s|\s\(total of all max wattages\))(\s+)(\s{4}\d{1}|\s{3}\d{2}|\s{2}\d{3}|\s{1}\d{4}|\d{5})\sW\s*$/, '\\1\\2\\3\\4<power>'
-    # match Total Power Consumption:
-    cfg.gsub! /^([t|T]otal\s[p|P]ower\s[c|C]onsumption\s+)(\d+\.\d\d)$/, '\\1<power>'
+    def with_section(cfg, section, &block)
+      cfg.sub!(/(show environment #{section}.*?-{10,}\n)(.*?)(?=\nshow environment|\z)/m) do
+        header = ::Regexp.last_match(1)
+        content = ::Regexp.last_match(2)
+        block.call(content) if block_given?
+        header + content
+      end
+    end
+
+    with_section(cfg, 'fan') do |content|
+      content.gsub!(/^((?:\S+ +){3})(slow  |normal|medium|fast  |max   |N\/A   ) (.*?)\d+ +$/, '\\1<speed> \\3<rpm>')
+    end
+
+    with_section(cfg, 'power-consumption') do |content|
+      content.gsub!(/^(.*?) (?:\d+\.\d+ +)+\d+\.\d+$/, '\\1 <power hidden>')
+    end
+
+    with_section(cfg, 'power-allocation') do |content|
+      content.gsub!(/^(.*) \d+ W$/, '\\1 <power>')
+    end
+
+    with_section(cfg, 'temperature') do |content|
+      content.gsub!(/^(.*) -?\d+\.\d+ C (.*)$/, '\\1 <hidden>\\2')
+    end
     comment cfg
   end
 

data/lib/oxidized/model/aosw.rb

@@ -13,7 +13,7 @@ class AOSW < Oxidized::Model
 
   comment '# '
   # see /spec/model/aosw_spec.rb for prompt examples
-  prompt /^\(?[\w\:.@-]+\)? ?[*^]?(\[[\w\/]+\] ?)?[#>] ?$/
+  prompt /^\(?[\w:.@-]+\)? ?[*^]?(\[[\w\/]+\] ?)?[#>] ?$/
 
   # Ignore cariage returns - also for the prompt
   expect "\r" do |data, re|
@@ -48,8 +48,11 @@ class AOSW < Oxidized::Model
   end
 
   cmd 'show version' do |cfg|
-    cfg = cfg.each_line.reject { |line| line.match(/(Switch|AP) uptime/i) || line.match(/Reboot Time and Cause/i) }
-    rstrip_cfg comment cfg.join
+    cfg = cfg.reject_lines [
+      /(Switch|AP) uptime/i,
+      /Reboot Time and Cause/i
+    ]
+    rstrip_cfg comment cfg
   end
 
   cmd 'show inventory' do |cfg|
@@ -77,15 +80,11 @@ class AOSW < Oxidized::Model
   end
 
   cmd 'show running-config' do |cfg|
-    out = []
-    cfg.each_line do |line|
-      next if line =~ /^controller config \d+$/
-      next if line =~ /^Building Configuration/
-
-      out << line.strip
-    end
-    out = out.join "\n"
-    out << "\n"
+    cfg = cfg.reject_lines [
+      /^controller config \d+$/,
+      /^Building Configuration/
+    ]
+    rstrip_cfg cfg
   end
 
   cfg :telnet do

data/lib/oxidized/model/apc_aos.rb

@@ -1,7 +1,11 @@
 class Apc_aos < Oxidized::Model # rubocop:disable Naming/ClassAndModuleCamelCase
   using Refinements
 
+  comment '; '
+
   cmd 'config.ini' do |cfg|
+    logger.warn "Apc_aos is deprecated, use ApcAos instead."
+
     cfg.gsub!(/^; Configuration file, generated on.*\n/, '')
     cfg
   end

data/lib/oxidized/model/apcaos.rb

@@ -0,0 +1,39 @@
+class ApcAos < Oxidized::Model
+  using Refinements
+
+  # Prompt can be short (apc>) or long (username@apc>)
+  prompt /^(:?\S+@)?apc>/
+  comment '; '
+
+  def clean(cfg)
+    cfg = cfg.cut_both(2, 1)
+    cfg.gsub("\r", "")
+  end
+
+  cmd 'about', input: :ssh do |cfg|
+    cfg = clean(cfg)
+    cfg = cfg.reject_lines [/^Management Uptime: /, /^Date: /, /^Time: /]
+    comment cfg
+  end
+
+  cmd 'upsabout', input: :ssh do |cfg|
+    cfg = clean(cfg)
+    comment cfg
+  end
+
+  cmd 'detstatus -ss', input: :ssh do |cfg|
+    cfg = clean(cfg)
+    comment cfg
+  end
+
+  cmd 'config.ini', input: %i[scp ftp] do |cfg|
+    cfg = cfg.reject_lines [/^; Configuration file, generated on /]
+    "; ========== config.ini ==========\n" + cfg
+  end
+
+  inputs [:ssh, %i[scp ftp]]
+
+  cfg :ssh do
+    pre_logout 'exit'
+  end
+end

data/lib/oxidized/model/arubainstant.rb

@@ -4,7 +4,7 @@ class ArubaInstant < Oxidized::Model
   # Aruba IAP, Instant Controller
 
   comment '# '
-  prompt(/^ ?[\w\:.@-]+[#>] $/)
+  prompt(/^ ?[\w:.@-]+[#>] $/)
 
   cmd :all do |cfg|
     # Remove command echo and prompt
@@ -31,41 +31,44 @@ class ArubaInstant < Oxidized::Model
 
   # get software version
   cmd 'show version' do |cfg|
-    out = ''
-    cfg.each_line do |line|
-      next if line =~ /^(Switch|AP) uptime is /
-
-      next if line =~ /^Reboot Time and Cause/
-
-      out += line
-    end
-    comment out
+    cfg = cfg.reject_lines [
+      /^(Switch|AP) uptime is /,
+      /^Reboot Time and Cause/
+    ]
+    comment cfg
   end
 
   # Get serial number
   cmd 'show activate status' do |cfg|
-    out = ''
-    cfg.each_line do |line|
-      next if line =~ /^Activate /
-
-      next if line =~ /^Provision interval/
-
-      next if line =~ /^Cloud Activation Key/
-
-      out += line
-    end
-    comment out + "\n"
+    cfg = cfg.reject_lines [
+      /^Activate /,
+      /^Provision interval/,
+      /^Cloud Activation Key/
+    ]
+    comment cfg + "\n"
   end
 
   # Get controlled WLAN-AP
   cmd 'show aps' do |cfg|
     out = ''
     cfg.each_line do |line|
-      out += if line.match?(/^Name/)
-               line.sub(/^(Name +IP Address +).*(Type +IPv6 Address +).*(Serial #).*$/, '\1\2\3')
-             else
-               line.sub(/^(\S+ +\S+ +)(?:\S+ +){3}(\S+ +\S+ +)(?:\S+ +){2}(\S+) +.*$/, '\1\2\3')
-             end
+      out += line.sub(
+        /^(?'Name'(?:.+?|-{2,})\s{2,})  # \s{2,} = separator between columns
+          (?'IPv4'(?:
+            IP\ Address|-{2,}|          # Header
+            (?:\d+\.){3}\S+             # Match an IPv4 to catch AP-Names with two spaces
+          )\s{2,})
+          (?:(?:.+?|-{2,})\s{2,}){3}    # Ignore Mode, Spectrum, Clients
+          (?'Type'(?:.+?|-{2,})\s{2,})
+          (?'IPv6'(?:.+?|-{2,})\s{2,})
+          (?:(?:.+?|-{2,})\s{2,})       # Ignore Mesh Role
+          (?'Zone'(?:.+?|-{2,})\s{2,})
+          (?'Serial'(?:.+?|-{2,}))
+          \s{2,}                        # Last separator
+          .*$                           # Ignore the rest
+          /x,
+        '\k<Name>\k<IPv4>\k<Type>\k<IPv6>\k<Zone>\k<Serial>'
+      )
     end
     comment out + "\n"
   end

data/lib/oxidized/model/asa.rb

@@ -32,13 +32,13 @@ class ASA < Oxidized::Model
   end
 
   cmd 'show version' do |cfg|
-    # avoid commits due to uptime / ixo-router01 up 2 mins 28 secs / ixo-router01 up 1 days 2 hours
-    cfg = cfg.each_line.reject { |line| line.match /(\s+up\s+\d+\s+)|(.*days.*)/ }
-    cfg = cfg.join
-    cfg.gsub! /^Configuration has not been modified since last system restart.*\n/, ''
-    cfg.gsub! /^Configuration last modified by.*\n/, ''
-    cfg.gsub! /^Start-up time.*\n/, ''
-    comment cfg
+    comment cfg.reject_lines [
+      # avoid commits due to uptime / ixo-router01 up 2 mins 28 secs / ixo-router01 up 1 days 2 hours
+      /(\s+up\s+\d+\s+)|(.*days.*)/,
+      /^Configuration has not been modified since last system restart.*/,
+      /^Configuration last modified by.*/,
+      /^Start-up time.*/
+    ]
   end
 
   cmd 'show inventory' do |cfg|

data/lib/oxidized/model/asternos.rb

@@ -1,7 +1,7 @@
 class AsterNOS < Oxidized::Model
   using Refinements
 
-  prompt /^[^\$]+\$/
+  prompt /^[^$]+\$/
   comment '# '
 
   cmd :all do |cfg|

data/lib/oxidized/model/axos.rb

@@ -1,7 +1,7 @@
 class AxOS < Oxidized::Model
   using Refinements
 
-  prompt /(\x1b\[\?7h)?([\w.@()-]+[#]\s?)$/
+  prompt /(\x1b\[\?7h)?([\w.@()-]+\#\s?)$/
   comment '! '
 
   cmd 'show running-config | nomore' do |cfg|

data/lib/oxidized/model/comtrol.rb

@@ -35,7 +35,7 @@ class Comtrol < Oxidized::Model
           expect /[pP]assword:\s?$/
           send vars(:enable) + "\n"
         end
-        expect /^.+[#]\s?$/
+        expect /^.+\#\s?$/
       end
     end
     pre_logout 'exit'

data/lib/oxidized/model/comware.rb

@@ -21,8 +21,10 @@ class Comware < Oxidized::Model
 
   cmd :secret do |cfg|
     cfg.gsub! /^( snmp-agent community).*/, '\\1 <configuration removed>'
-    cfg.gsub! /^( password hash).*/, '\\1 <configuration removed>'
+    cfg.gsub! /(password hash).*/, '\\1 <configuration removed>'
     cfg.gsub! /^( password cipher).*/, '\\1 <configuration removed>'
+    cfg.gsub! /(key (authentication )?cipher) \S+/, '\\1 <configuration removed>'
+    cfg.gsub! /(cipher authentication-mode (md5|sha)).\S+ (privacy-mode (des56|3des|aes\d{0,3})) .\S+/, '\\1 <auth-pass> \\3 <priv-pass>'
     cfg
   end
 

data/lib/oxidized/model/cumulus.rb

@@ -1,19 +1,14 @@
 class Cumulus < Oxidized::Model
   using Refinements
 
-  # Remove ANSI escape codes
-  expect /\e\[[0-?]*[ -\/]*[@-~]\r?/ do |data, re|
-    data.gsub re, ''
-  end
-
-  # The prompt contains ANSI escape codes, which have already been removed
-  # from the expect call above
+  # Regular expression explanation:
   # ^                 : match begin of line, to have the most specific prompt
   # [\w.-]+@[\w.-]+   : user@hostname
   # (:mgmt)?          : optional when logged in out of band
   # :~[#$] $          : end of prompt, containing the linux path,
   #                     which is always "~" in our context
   prompt /^[\w.-]+@[\w.-]+(:mgmt)?:~[#$] $/
+  clean :escape_codes
   comment '# '
 
   # add a comment in the final conf