Use CRON to auto backup config of pfSense box?

luke240778

Just wondering if it is possible to setup cron to auto backup complete config of pfsense to a network share drive on my network?

If this is possible, would like some kinda "how-to" please.. Thanks in advance

slu

Copy the config via scp:
scp ip-pfsense:/conf/config.xml /home/[…]

luke240778

@slu:

Copy the config via scp:
scp ip-pfsense:/conf/config.xml /home/[…]

SO is that what needs to be run from the other machine?

How do i install/setup this scp?

And i would like it to go hourly so can this be done with this scp?

stephenw10

See: http://doc.pfsense.org/index.php/Remote_Config_Backup for various options.

Steve

luke240778

@stephenw10:

See: http://doc.pfsense.org/index.php/Remote_Config_Backup for various options.

Steve

Thanks for your reply Steve, but yeah i already read that and couldn't make sense of it, so that's why i posted here asking for some instructions

slu

@luke240778:

SO is that what needs to be run from the other machine?

Yes.
@luke240778:

How do i install/setup this scp?

You need a working ssh connection from the other machine to the pfsense.
@luke240778:

And i would like it to go hourly so can this be done with this scp?

Yes why not? Create a cronjob for the backup.

luke240778

@slu:

@luke240778:

SO is that what needs to be run from the other machine?

Yes.
@luke240778:

How do i install/setup this scp?

You need a working ssh connection from the other machine to the pfsense.
@luke240778:

And i would like it to go hourly so can this be done with this scp?

Yes why not? Create a cronjob for the backup.

Thanks for your reply slu.. but i was hoping from my question you may notice that i have no idea how to do any of this..  :)

1. How do i see that i have a working SSH connection between them?
2. Can i somehow confiure CRON on the pfsense box to send the config to the other machine?  I ask cause at least there i have a GUI so its easier for me to setup.
3. Also, when i do a backup from the pfsense gui it saves to my pc with the current date and time that it was created, will this also be the case using your method? or will it always just copy config .xml to the other machine?

stephenw10

In order to move files between the two machines you need to be able to connect without having to login or things get a lot more complex. To do this you need to setup ssh using keys rather than usernames and passwords.

Alternatively use the script on the wiki page to get the config file via http.

Steve

luke240778

Hey Stephen, i saw that script on the Wiki, but that looks to me like i have to run wget to get it.. i want something that will automatically do it every hour.

I ran the wget as it says on the wiki and it worked.  How am i able to create a script with those wget commands in them and then tell the other server to run it every hour or 30m or whatever i want?

stephenw10

Just put those commands in a file, call it getconfig.sh, or whatever, then add a cron entry that calls the script every hour. Remember to set the permissions on the script so it can be executed.
This would be on the backup server.

Steve

luke240778

Thanks, i have created pfsensebackup.sh and have made it executable.  I can run this and it works(./pfsensebackup.sh)

I have created a cron entry (i think) but it didn't work…  i am not sure how to use cron so just followed a howto i found online which said to run:

crontab -e

Then in Nano i added:

0 17 * * * /home/mutiadmin/pfsensebackup.sh    (was trying to run it at 5pm as it was 4:50 when i created it to test)

Saved but nothing ran.. also tried it without the .sh but also didn't run

Anything i am doing wrong?

stephenw10

It probably doesn't know what to interpret the script with.
Try putting this at the top of the script:

#!/bin/sh

Steve

luke240778

Sorry, should have added that i do have that at the start of the script.

I have been playing with this for the last hour or so and have finally got it to work.  I just wander if it actually copies the whole config or not? RRD and everything is basically what i would like.

stephenw10

What was the problem?

I would think that this line:```
Submit=download&donotbackuprrd=yes

means it doesn't backup the rrd data.

Try:```
Submit=download

Steve

luke240778

Strange.. i just changed that in the script and the file siz of the backup is alot smaller than the way it originally was..  doesn't make sense does it?

Here are the firs 2 i did, and the last one is after changed script:

-rw-rw-r– 1 mutiadmin mutiadmin 202366 2012-04-22 18:15 config-router-20120422181501.xml
-rw-rw-r-- 1 mutiadmin mutiadmin 202366 2012-04-22 19:15 config-router-20120422191502.xml
-rw-rw-r-- 1 mutiadmin mutiadmin    5938 2012-04-22 20:00 config-router-20120422200002.xml