Cron job to run upgrade_export

[firewallfrank]

I have a script built that will automatically run upgrade_export and then scp it to another server. It runs fine if I manually kick it off but I cannot get it to run through cron. I am running SPLAT NGX R65 HFA_02. I have attempted to set a PATH statement and have also put in the fully path of each command that needs to run. None of that works. Here is a copy of the script:

# Creates an upgrade_export file that can be used to rebuild an
# NGX R65 SPLAT box by using the upgrade_import [filename] command
#
# set the variables we'll use:
export DATE=`date +%m%d%y`
export BAK1=`hostname`_upgrade_export_${DATE}
export BAK2=/opt/CPsuite-R65/fw1/bin/upgrade_tools

# start the backup and auto answer
echo "" | $BAK2/upgrade_export $BAK1

# copy the backup file
# The scp process uses public key authentication
/usr/bin/scp -q -i /home/testuser/.ssh/testuser $BAK1.tgz testuser@10.10.10.10:

# delete the local copy of the backup file

Anyone out there have upgrade_export or snapshot automated through cron? This is to create backups of our SmartCenter server that is running on a SPLAT box.

Thanks!

[cciesec2006]

Quote:

Originally Posted by firewallfrank

I have a script built that will automatically run upgrade_export and then scp it to another server. It runs fine if I manually kick it off but I cannot get it to run through cron. I am running SPLAT NGX R65 HFA_02. I have attempted to set a PATH statement and have also put in the fully path of each command that needs to run. None of that works. Here is a copy of the script:

# Creates an upgrade_export file that can be used to rebuild an
# NGX R65 SPLAT box by using the upgrade_import [filename] command
#
# set the variables we'll use:
export DATE=`date +%m%d%y`
export BAK1=`hostname`_upgrade_export_${DATE}
export BAK2=/opt/CPsuite-R65/fw1/bin/upgrade_tools

# start the backup and auto answer
echo "" | $BAK2/upgrade_export $BAK1

# copy the backup file
# The scp process uses public key authentication
/usr/bin/scp -q -i /home/testuser/.ssh/testuser $BAK1.tgz testuser@10.10.10.10:

# delete the local copy of the backup file

Anyone out there have upgrade_export or snapshot automated through cron? This is to create backups of our SmartCenter server that is running on a SPLAT box.

Thanks!

Include this line in your script and everything will work like magic :-)

. /etc/profile.d/CP.sh

What this does is telling the script to source all CP environment variables.

[firewallfrank]

That totally rocks! I knew an environment variable needed to be set, just didn't know where.

Thanks!!!!!!

[sachden]

Hi I have a CP SPLAT Box in cluster mode and i want to automate the backup as per above script 1)Please let me know as to how to configure above script in SPLAT Box . I have created a file named " Checkpoint " (and included the whole script mentioned in that file )and kept in the path /etc/profile.d and gave it all the permissions 2) Also please let me know what is this "testuser " ID and if 10.10.10.10 IP mentioned below is the SCP Server IP.

Regards Ankur

[sachden]

Dear cciesec2006

Please reply to my query , its urgent .Please help

Ankur

[cciesec2006]

Quote:

Originally Posted by sachden

Dear cciesec2006

Please reply to my query , its urgent .Please help

Ankur

This is the script that will grab everything such as firewalls interface,
host files, routing table and netconf.C file, in addition to running the upgrade
export as well. It includes everything you need in order to rebuild
your smartcenter/firewall in case it dies. It's working very well for me.

[Expert@CP-gw]# more /etc/scripts/backup
#!/bin/sh -x
. /etc/profile.d/CP.sh
PATH=$PATH:/bin:/sbin:/usr/bin:/usr/sbin:/opt/CPsuite-R65/fw1/
FILENAME="`uname -n`"_"`/bin/date +%m-%d-%Y_%H%M`"
### Enter /var/tmp directory
cd /var/tmp
### Remove the temp directory if exists
rm -rf $FILENAME
### Create upgrade_export directory
mkdir /var/tmp/$FILENAME
### Enter temporary upgrade export directory
cd /var/tmp/$FILENAME
### Gather system important information
###
/bin/set_host >> info.txt
/bin/echo ------------- >> info.txt
/bin/save_ifconfig -a >> info.txt
/bin/echo ------------- >> info.txt
/bin/netstat -rnv >> info.txt
/bin/echo ------------- >> info.txt
/bin/cat /etc/hosts >> info.txt
/bin/echo ------------- >> info.txt
/bin/cat /etc/sysconfig/netconf.C >> info.txt
###
### Start the upgrade_export process
echo Y | /opt/CPsuite-R65/fw1/bin/upgrade_tools/upgrade_export $FILENAME
###
### pack up files and zip them up
cd /var/tmp
tar -cf $FILENAME.tar $FILENAME
gzip $FILENAME.tar
### Remove temporary directory
rm -rf $FILENAME
###
### At this point what you may want is to transfer this $FILENAME.tar.gz file
### to a safe external system with Secure Copy Protocol or scp.
### Make sure to use the "admin" account when you get this file from the
### SCP server.
### Enjoy !!!!!!
[Expert@CP-gw]#

[sachden]

Hi cciesec2006

Please let me know if i have a desktop on which SCP Utility is installed (eg: WinSCP) , how will SPLAT auto backup those files to that desktop ? What i want to ask is that how you have set up SCP in your environmnet and have you assigned any credentials to the same ?

Ankur

[cciesec2006]

Quote:

Originally Posted by sachden

Hi cciesec2006

Please let me know if i have a desktop on which SCP Utility is installed (eg: WinSCP) , how will SPLAT auto backup those files to that desktop ? What i want to ask is that how you have set up SCP in your environmnet and have you assigned any credentials to the same ?

Ankur

Hi Ankur,

Sorry, I do NOT use windows. I only use Linux. After I backup the firewall,
I have another cron job on my Linux machine that will automatically connect
to the gateways and automatically download the backup from the gateways
using scp. I use public/private key authentication method. In other words,
I copy the public key of the linux server to the gateways authorized_keys
file.

The upgrade_export runs every 6 hours. My linux cron job runs an hour
later and retrieve the upgrade_export from the gateway. Very efficient
way of backing up gateways.

Good luck to you.