D-Link Forums
The Graveyard - Products No Longer Supported => D-Link NetDefend Firewalls => Topic started by: abildgaard on June 24, 2010, 03:11:19 AM
-
I would like to make an unattended configuration backup of our DFL-1600 and the DFLs of our support service customers.
I'm about to try to write a bash shell script that pulls the config based on a schedule (cron job).
However, the web authentication part might be tricky to get working, so a SFTP og TFTP solution could really come in handy. ;)
Any suggestions?
-
Both ways are very simple.
1. SSH/SCP - you will have text script-backup
1) By SSH, create and store script file
script -create -name=script.txt
2) By SCP (ex, from PuTTY) get script file to PC
scp.exe <user>@<dfl address>:script.txt <your local file>
2. HTTP - you will have backup
Very simple script on PHP using cURL. Variables $user, $pass, $host and $cookiefile should be filled
<?php
$ch=curl_init();
curl_setopt($ch,CURLOPT_FAILONERROR,false);
curl_setopt($ch,CURLOPT_FOLLOWLOCATION,true);
curl_setopt($ch,CURLOPT_RETURNTRANSFER,true);
curl_setopt($ch,CURLOPT_TIMEOUT,3);
curl_setopt($ch,CURLOPT_COOKIESESSION,true);
curl_setopt($ch,CURLOPT_COOKIEFILE,$cookie_file);
curl_setopt($ch,CURLOPT_COOKIEJAR,$cookie_file);
curl_setopt($ch,CURLOPT_USERAGENT,'Mozilla/5.0 (Windows; U; Windows NT 5.1; ru; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 GTB6');
curl_setopt($ch,CURLOPT_URL,$host);
curl_setopt($ch,CURLOPT_POST,true);
curl_setopt($ch,CURLOPT_POSTFIELDS,"UserName=$user&UserPass=$pass&UserLang=en");
if($s=curl_exec($ch)){
if(preg_match($s,'Authentication Required')) throw new Exception('Authentication failed');
curl_setopt($ch,CURLOPT_URL,$host.'?Page=BackupAction&Action=DownloadConfiguration');
curl_setopt($ch,CURLOPT_POST,false);
if($s=curl_exec($ch)){
// $s contains backup contents
}
}
?>
-
2.26 and SCP FTW!!!
That said, I have never understood the desire for daily config backups, seems like a good way to create superfluous sensitive data that you now have to secure.
-
2.26 and SCP FTW!!!
I can't believe I never did a simple ls when logged in via SSH.
The majority of the customers are already running 2.26 (as are we, of course) so this is easy as pie.
Thanks to both of you!
That said, I have never understood the desire for daily config backups, seems like a good way to create superfluous sensitive data that you now have to secure.
Come on, it's not that hard to understand ;) Being able to restore a configuration on the current or a replacement unit is not necessarily bad. Not on a daily basis but on a schedule that corresponds to the configuration change rate.
Actually I would still prefer the external backup even if the Netdefend OS/DFLs came with a version control solution. What if a unit goes bananas, is stolen or is burnt?
-
An existing version control system can be applied now that 2.26 is out.
I guess what I reject is that there should be a rate of change, changes should be made as sparingly as possible and securely off-site'ing a backup should be part of making that change.
-
I want scheduled backup of the config file as well, but i cant figure out how to do it.
Using the PHP-script just returns an empty value (echo $s;).
And the script -create -name=script.txt scp-thing i dont understand at all.
What happens when i type "script -create -name=script.txt"? With my logic it would create an empty file called script.txt ?
Also i get access denied when i try to scp that file back to my workstation.
can anyone give me a more detailed example of this?