B.8. Automated config.xml backup solutions

The following offers two different ways to automatically back up your m0n0wall configuration. Keep in mind either one requires you saving your firewall password in clear text. This isn't the best idea from a security standpoint, and may not be a risk you are willing to take, depending on your environment. Keep this in mind. At a minimum, make sure you have strong permissions on the .sh file.

B.8.1. Backing up and committing to CVS

Jim Gifford posted the following shell script to the list on January 29, 2004 that automatically backs up the m0n0wall config.xml file and commits it into a CVS repository.

#!/bin/sh
# m0n0back -- backup up a m0n0wall config and puts it into cvs
# depends on: sh, curl, cvs, date, rm

CVSROOT=/cvs
export CVSROOT
CVSPROJ=backup
M0N0IP=192.168.1.1
PROTO=http
USER=admin
PASS=XXXXXX
TMPDIR=/tmp/$$

mkdir $TMPDIR
cd $TMPDIR

cvs -Q co $CVSPROJ
cd $CVSPROJ

curl -s -o config.xml -F Submit=download -u ${USER}:${PASS} ${PROTO}://$M0N0IP/diag_backup.php

NOW=`date +%Y-%m-%d@%H:%M:%S`
cvs -Q commit -m "backup of config.xml [$NOW]"

cd /tmp
rm -rf $TMPDIR

B.8.2. Backing up to the current directory

Chris Buechler wrote a shell script to just back up the file with the filename DATE-config.xml, without committing it into CVS.

#!/bin/sh
USER=admin
PASS=XXXXXX
PROTO=http
M0N0IP=192.168.1.1
NOW=`date +%Y-%m-%d@%H:%M`
curl -s -o ${NOW}-config.xml -F Submit=download -u ${USER}:${PASS} ${PROTO}://$M0N0IP/diag_backup.php