topic Re: Manually modified files in Firewall and Security Management

Manually modified files

Danilo_Molini — Tue, 04 Dec 2018 08:53:47 GMT

Hi all,

If I remember correctly, there was a SK with all the files that should be manually backup in case of upgrades as they would have been overwritten during the upgrade or export / import procedura on a new management, but I'm not able to find it anymore.

For example I mean crypt.def, user.def, implied_rule.def, table.def etc etc.

Someone remember this sk or some link with the information above?

Danilo

Re: Manually modified files

PhoneBoy — Fri, 07 Dec 2018 23:43:19 GMT

What I'd do is look at the output of ls -lrt $FWDIR/lib/*.def.

A whole bunch of the files will have similar date/timestamps.

The ones at the bottom of that list may have been modified and may be worth backing up.

If you manage gateways of an earlier version, you may have modified .def files in various backward compatibility packages also.

On gateways, a commonly modified file is $FWDIR/boot/modules/fwkern.conf

In general, anytime you manually modify one of these files, you should document it for future use.

Re: Manually modified files

Norbert_Bohusch — Sat, 08 Dec 2018 18:06:04 GMT

I always save original file as copy with some ending like .orig or .bak and by looking for those files I know I have altered the original one and can even do a diff to see my changes.

Re: Manually modified files

RickHoppe — Sat, 08 Dec 2018 18:47:08 GMT

To be totally in control you should document every change you’ve manually made to files, just like Dameon Welch-Abernathy already said. But unfortunatly you probably are not the only one working on that firewall.

I was working on a script that allows you to copy a lot of known files that could have been changed. Afterwards you run it again to see if there are differences between the original files and the new ones.

I might post it to Check Mates sometime. But best practice will be to just document it and “friendly” remind your colleagues that don’t .

Re: Manually modified files

xman03 — Thu, 30 May 2019 16:22:35 GMT

@RickHoppe any chance you have this script? I just realized in a migration that I'm doing someone has customized several of the different table.def files residing on MDS, and I'll need to move/inspect all 56 instances of them.

Re: Manually modified files

RickHoppe — Fri, 31 May 2019 05:01:22 GMT

Unfortunately I haven’t been able to work on that script for a long time. I wasn’t expecting that when I posted a reply on this topic. The script is not ready for publishing and at this time it is merely focussed on Security Gateways.

Please take sk98339 in mind when migrating MDS to a new version as the location of your table.def files might change.

Also have a look at sk98239 for the naming convention of user.def when migrating MDS to a new version as this might change too.

In case you are migrating to R80.30 both SK’s are not updated for R80.30 yet. I’ve submitted feedback on those SK’s for updating them to include R80.30 instructions.

Re: Manually modified files

xman03 — Fri, 31 May 2019 20:40:55 GMT

Gotcha, figured it was worth asking 😊 For my instance I ended up using a find command and piping it to tar to keep the structure intact, so I'll be able to simply untar on the new box after the migrate export/import. Thanks anyways!