Re: Backup configuration script

MarcoLuvisi · ‎2026-02-18

Good morning,

I have find in our Customer fw this script configured on GAIA Scheduler, but I don't say if self-made or is CP made:

[Expert@server-fwman:0]# cat fwmgmt.sh

#!/bin/bash

HOMEDIR=/home/admin

CPPROFILE=/opt/CPshared/5.0/tmp/.CPprofile.sh

##. /home/fwadmin/CPprofile.sh

##. /opt/CPshrd-R75.40/tmp/.CPprofile.sh

$CPPROFILE

echo $FWDIR > /tmp/server-fwman.out

echo $CPDIR >> /tmp/server-fwman.out

echo "CP management backup" >> /tmp/fwmgmtbck.out

mkdir -p /var/log/bck

/bin/rm -f /var/log/bck/server-fwman.*.tgz

$FWDIR/bin/upgrade_tools/migrate export -n /var/log/bck/server-fwman.$(date +%F)

cd /var/log/bck

ftp -i -n -v 10.10.10.39 < $HOMEDIR/ftp.cmds

## clean up tmp files

/bin/rm -Rf $FWDIR/tmp/migrate/

We don't find in $HOMEDIR/ftp.cmds file, it's possible deleted from upgrade ?
Regards

Marco Luvisi | Support Engineer | CCSA CCSE R81

simonemantovani · ‎2026-02-18

Hello

I think it's selfmade, the ftp.cmds it should be the file that contains the command to be executed when the script open FTP connection (probably cnage dir, get files, etc.).

the_rock · ‎2026-02-18

To me, logically, that looks self-made based on the content, specially considering ftp server shows private range IP address.

Best,
Andy
"Have a great day and if its not, change it"

S_E_ · ‎2026-02-18

Hi,

hm, your script does a migrate export and not a backup.

If I'm not mistaken, 'migrate export' does a cpstop/cpstart.

A real backup/mds_backup/snapshot command has to my experience no impact.

Not sure if this is desired behavior for some customers.

Regards

the_rock · ‎2026-02-18

It does cprestart, correct.

Best,
Andy
"Have a great day and if its not, change it"

MarcoLuvisi · ‎2026-02-23

Thank you for a good things, I remove from Customer.

Marco Luvisi | Support Engineer | CCSA CCSE R81

the_rock · ‎2026-02-23

So all good now?

Best,
Andy
"Have a great day and if its not, change it"

MarcoLuvisi · ‎2026-02-23

yess

Marco Luvisi | Support Engineer | CCSA CCSE R81

Bob_Zimmerman · ‎2026-02-23

migrate export does not stop services. I have a few SmartCenters where I use a similar script to collect one nightly, and the management services have been running uninterrupted since they were last rebooted to update to jumbo 60.

MarcoLuvisi · ‎2026-02-23

Thanks for your side, then you think are good to still with this script ?

Marco Luvisi | Support Engineer | CCSA CCSE R81

Bob_Zimmerman · ‎2026-02-23

If you don't have the ftp.cmds file, then it won't actually work properly. Be sure to check /root and /home/admin for it.

CheckPointerXL · ‎2026-02-24

pay attention to .tgz format from r82 and above https://community.checkpoint.com/t5/Firewall-and-Security-Management/R82-migrate-server-change/td-p/...

Are you a member of CheckMates?

Backup configuration script