SHARE
TWEET

Untitled

a guest Sep 21st, 2019 245 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. #!/bin/bash
  2. #
  3. # Author: Grayson Peddie
  4. # Twitter handle: @graysonpeddie
  5. #
  6. # I've been working tirelessly throughout the night trying to come up with the
  7. # script so that other Linux professionals and enthusiasts can implement an
  8. # automatic backup plan. This script is based in the following website from
  9. # Netgate:
  10. #
  11. # https://docs.netgate.com/pfsense/en/latest/backup/remote-config-backup.html
  12. #
  13. # This is useful in combination with crontab. Once you open up "crontab -e",
  14. # you can add the following:
  15. #
  16. # 0 0 * * * /usr/local/scripts/backup_pfsense.sh
  17. #
  18. # Be sure you execute "chmod +x /usr/local/scripts/backup_pfsense.sh"
  19. # so that you and cron can execute the script. "chmod +x" adds executable
  20. # permissions to a script. "r" is for read permissions and "w" is for write
  21. # permissions, but a beginnner tutorial in Linux is beyond the scope of this
  22. # script.
  23. #
  24.  
  25. # Specify the hostname or IP address.
  26. IPHOST="192.168.1.1"
  27. # If you don't have a valid certificate, or your certificate does not contain
  28. # a valid IP or hostname/fully-qualified domain name, then leave
  29. # "--no-check-certificate" as it is. If you do have a valid certificate, then
  30. # omit the "--no-check-certificate" but leave NOVALIDCERT="" as it is.
  31. # Or you can remove $NOVALIDCERT from the $WGETSESSION variable.
  32. NOVALIDCERT="--no-check-certificate"
  33. # Specify the administrator username and password when you log into pfSense
  34. # as an administrator.
  35. USERNAME="admin"
  36. PASSWORD="pfsense"
  37.  
  38. # The rest can be left as it is. The OUTFILE specifies the output file with
  39. # the date and time when the backup occurred.
  40. OUTFILE="config-router-`date +%Y%m%d%H%M%S`.xml"
  41. # This next variable eliminates repetition.
  42. WGETSESSION="wget -qO- $NOVALIDCERT --keep-session-cookies"
  43. # pfSense will leave a cookie file for the cross-site request forgery token.
  44. COOKIEFILE="cookie.txt"
  45. # This is the URL that is used to login to pfSense for performing a backup.
  46. URL="https://$IPHOST/diag_backup.php"
  47.  
  48. #
  49. # This combines two commands into one with a pipe but grep will complain
  50. # that "sed" and everything else after the pipe is not found if quoted next
  51. # to a variable.
  52. #
  53. # This statement below when declared as a variable...
  54. # CSRFMAGIC="\"name='__csrf_magic'\" | sed 's/.*value=\"\(.*\)\".*/\1/'"
  55. # ...generates a "sed: ... command not found `''" message. Sed will chock
  56. # either in single quote or double quote. A BASH function is used instead.
  57. #
  58. CSRFMAGIC() {
  59.     grep "name='__csrf_magic'" | sed 's/.*value="\(.*\)".*/\1/';
  60. }
  61.  
  62. # The next couple of lines generates a CSRF token.
  63. CSRF1=$($WGETSESSION --save-cookies $COOKIEFILE $URL | CSRFMAGIC)
  64. # Debugging purposes only
  65. #echo $CSRF1
  66. # Having a LOGIN variable helps break up long string of text into smaller
  67. # version for making code easy to read.
  68. LOGIN="login=Login&usernamefld=$USERNAME&passwordfld=$PASSWORD"
  69. CSRF2=$($WGETSESSION --load-cookies $COOKIEFILE --save-cookies $COOKIEFILE \
  70.         --post-data "$LOGIN&__csrf_magic=$CSRF1" $URL | CSRFMAGIC)
  71. CSRF2=$(echo $CSRF2 | grep -o '^\S*')
  72. # Debugging purposes only
  73. #echo $CSRF2
  74. # If successful, this will output the configuration settings to an output file
  75. # specified earlier in this script.
  76. $($WGETSESSION --load-cookies $COOKIEFILE --post-data \
  77.     "download=download&donotbackuprrd=yes&__csrf_magic=$(echo $CSRF2)" $URL \
  78.     -O $OUTFILE)
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top