Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/bin/bash
- #
- # Author: Grayson Peddie
- # Twitter handle: @graysonpeddie
- #
- # I've been working tirelessly throughout the night trying to come up with the
- # script so that other Linux professionals and enthusiasts can implement an
- # automatic backup plan. This script is based in the following website from
- # Netgate:
- #
- # https://docs.netgate.com/pfsense/en/latest/backup/remote-config-backup.html
- #
- # This is useful in combination with crontab. Once you open up "crontab -e",
- # you can add the following:
- #
- # 0 0 * * * /usr/local/scripts/backup_pfsense.sh
- #
- # Be sure you execute "chmod +x /usr/local/scripts/backup_pfsense.sh"
- # so that you and cron can execute the script. "chmod +x" adds executable
- # permissions to a script. "r" is for read permissions and "w" is for write
- # permissions, but a beginnner tutorial in Linux is beyond the scope of this
- # script.
- #
- # Specify the hostname or IP address.
- IPHOST="192.168.1.1"
- # If you don't have a valid certificate, or your certificate does not contain
- # a valid IP or hostname/fully-qualified domain name, then leave
- # "--no-check-certificate" as it is. If you do have a valid certificate, then
- # omit the "--no-check-certificate" but leave NOVALIDCERT="" as it is.
- # Or you can remove $NOVALIDCERT from the $WGETSESSION variable.
- NOVALIDCERT="--no-check-certificate"
- # Specify the administrator username and password when you log into pfSense
- # as an administrator.
- USERNAME="admin"
- PASSWORD="pfsense"
- # The rest can be left as it is. The OUTFILE specifies the output file with
- # the date and time when the backup occurred.
- OUTFILE="config-router-`date +%Y%m%d%H%M%S`.xml"
- # This next variable eliminates repetition.
- WGETSESSION="wget -qO- $NOVALIDCERT --keep-session-cookies"
- # pfSense will leave a cookie file for the cross-site request forgery token.
- COOKIEFILE="cookie.txt"
- # This is the URL that is used to login to pfSense for performing a backup.
- URL="https://$IPHOST/diag_backup.php"
- #
- # This combines two commands into one with a pipe but grep will complain
- # that "sed" and everything else after the pipe is not found if quoted next
- # to a variable.
- #
- # This statement below when declared as a variable...
- # CSRFMAGIC="\"name='__csrf_magic'\" | sed 's/.*value=\"\(.*\)\".*/\1/'"
- # ...generates a "sed: ... command not found `''" message. Sed will chock
- # either in single quote or double quote. A BASH function is used instead.
- #
- CSRFMAGIC() {
- grep "name='__csrf_magic'" | sed 's/.*value="\(.*\)".*/\1/';
- }
- # The next couple of lines generates a CSRF token.
- CSRF1=$($WGETSESSION --save-cookies $COOKIEFILE $URL | CSRFMAGIC)
- # Debugging purposes only
- #echo $CSRF1
- # Having a LOGIN variable helps break up long string of text into smaller
- # version for making code easy to read.
- LOGIN="login=Login&usernamefld=$USERNAME&passwordfld=$PASSWORD"
- CSRF2=$($WGETSESSION --load-cookies $COOKIEFILE --save-cookies $COOKIEFILE \
- --post-data "$LOGIN&__csrf_magic=$CSRF1" $URL | CSRFMAGIC)
- CSRF2=$(echo $CSRF2 | grep -o '^\S*')
- # Debugging purposes only
- #echo $CSRF2
- # If successful, this will output the configuration settings to an output file
- # specified earlier in this script.
- $($WGETSESSION --load-cookies $COOKIEFILE --post-data \
- "download=download&donotbackuprrd=yes&__csrf_magic=$(echo $CSRF2)" $URL \
- -O $OUTFILE)
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement