This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
MarcoLuvisi
Participant
a week ago

Backup configuration script

Good morning,

I have find in our Customer fw this script configured on GAIA Scheduler, but I don't say if self-made or is CP made:

[Expert@server-fwman:0]# cat fwmgmt.sh

#!/bin/bash

HOMEDIR=/home/admin

CPPROFILE=/opt/CPshared/5.0/tmp/.CPprofile.sh

##. /home/fwadmin/CPprofile.sh

##. /opt/CPshrd-R75.40/tmp/.CPprofile.sh

$CPPROFILE

echo $FWDIR > /tmp/server-fwman.out

echo $CPDIR >> /tmp/server-fwman.out

echo "CP management backup" >> /tmp/fwmgmtbck.out

mkdir -p /var/log/bck

/bin/rm -f /var/log/bck/server-fwman.*.tgz

$FWDIR/bin/upgrade_tools/migrate export -n /var/log/bck/server-fwman.$(date +%F)

cd /var/log/bck

ftp -i -n -v 10.10.10.39 < $HOMEDIR/ftp.cmds

## clean up tmp files

/bin/rm -Rf $FWDIR/tmp/migrate/

 

We don't find in $HOMEDIR/ftp.cmds file, it's possible deleted from upgrade ?
Regards

Marco Luvisi | Support Engineer | CCSA CCSE R81
0 Kudos
11 Replies
simonemantovani
Contributor
a week ago

Hello

I think it's selfmade, the ftp.cmds it should be the file that contains the command to be executed when the script open FTP connection (probably cnage dir, get files, etc.).

0 Kudos
the_rock
MVP Diamond
MVP Diamond
a week ago

To me, logically, that looks self-made based on the content, specially considering ftp server shows private range IP address.

Best,
Andy
0 Kudos
S_E_
Advisor
a week ago

Hi,

hm, your script does a migrate export and not a backup.

If I'm not mistaken, 'migrate export' does a cpstop/cpstart.

A real backup/mds_backup/snapshot command has to my experience no impact.

Not sure if this is desired behavior for some customers.

Regards

the_rock
MVP Diamond
MVP Diamond
a week ago
In response to S_E_

It does cprestart, correct.

Best,
Andy
MarcoLuvisi
Participant
Monday
In response to S_E_

Thank you for a good things, I remove from Customer.

Marco Luvisi | Support Engineer | CCSA CCSE R81
the_rock
MVP Diamond
MVP Diamond
Monday
In response to MarcoLuvisi

So all good now?

Best,
Andy
0 Kudos
MarcoLuvisi
Participant
Monday
In response to the_rock

yess

Marco Luvisi | Support Engineer | CCSA CCSE R81
0 Kudos
Bob_Zimmerman
MVP Gold
MVP Gold
Monday
In response to S_E_

migrate export does not stop services. I have a few SmartCenters where I use a similar script to collect one nightly, and the management services have been running uninterrupted since they were last rebooted to update to jumbo 60.

MarcoLuvisi
Participant
Monday
In response to Bob_Zimmerman

Thanks for your side, then you think are good to still with this script ?

Marco Luvisi | Support Engineer | CCSA CCSE R81
0 Kudos
Bob_Zimmerman
MVP Gold
MVP Gold
Monday
In response to MarcoLuvisi

If you don't have the ftp.cmds file, then it won't actually work properly. Be sure to check /root and /home/admin for it.

0 Kudos
CheckPointerXL
Advisor
Advisor
Tuesday

pay attention to .tgz format from r82 and above https://community.checkpoint.com/t5/Firewall-and-Security-Management/R82-migrate-server-change/td-p/...

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events