Les deux révisions précédentes
Révision précédente
Prochaine révision
|
Révision précédente
|
tuto:sauvegardes:sauvegarde_pfsense_2 [25/04/2016 11:40] dani [Sur BackupPC] |
tuto:sauvegardes:sauvegarde_pfsense_2 [13/03/2017 17:27] dani |
| |
# Save cookie and CSRF for the login form | # Save cookie and CSRF for the login form |
/usr/bin/wget -qO- --keep-session-cookies --save-cookies $TMP/cookies.txt --no-check-certificate $URL/diag_backup.php \ | CSRF1=$(/usr/bin/wget -qO- --keep-session-cookies --save-cookies $TMP/cookies.txt --no-check-certificate $URL/diag_backup.php \ |
| grep "name='__csrf_magic'" \ | | grep "name='__csrf_magic'" \ |
| /usr/bin/perl -pe 's/.*value="(sid:[\da-z]+,[\d,a-z]+).*/$1/' > $TMP/csrf.txt | | /usr/bin/perl -pe 's/.*value="(sid:[\da-z]+,[\d,a-z]+).*/$1/') |
| |
# Submit the login form with the previous values, and save a new CSRF token | # Submit the login form with the previous values, and save a new CSRF token |
/usr/bin/wget -qO- --keep-session-cookies --load-cookies $TMP/cookies.txt --save-cookies $TMP/cookies.txt --no-check-certificate \ | CSRF2=$(/usr/bin/wget -qO- --keep-session-cookies --load-cookies $TMP/cookies.txt --save-cookies $TMP/cookies.txt --no-check-certificate \ |
--post-data "login=Login&usernamefld=$LOGIN&passwordfld=$PASS&__csrf_magic=$(cat $TMP/csrf.txt)" $URL/diag_backup.php \ | --post-data "login=Login&usernamefld=$LOGIN&passwordfld=$PASS&__csrf_magic=$CSRF1" $URL/diag_backup.php \ |
| grep "csrfMagicToken" \ | | grep "csrfMagicToken" \ |
| /usr/bin/perl -pe 's/.*var\scsrfMagicToken\s=\s"(sid:[\da-z]+,[\d,a-z]+).*/$1/' > $TMP/csrf2.txt | | /usr/bin/perl -pe 's/.*var\scsrfMagicToken\s=\s"(sid:[\da-z]+,[\d,a-z]+).*/$1/') |
| |
# Save only the config, and retrieve a 3rd CSRF token | # Save only the config, and retrieve a 3rd CSRF token |
/usr/bin/wget -q --keep-session-cookies --load-cookies $TMP/cookies.txt --save-cookies $TMP/cookies.txt --no-check-certificate \ | /usr/bin/wget -q --keep-session-cookies --load-cookies $TMP/cookies.txt --save-cookies $TMP/cookies.txt --no-check-certificate \ |
--post-data "Submit=download&donotbackuprrd=yes&__csrf_magic=$(cat $TMP/csrf2.txt)" $URL/diag_backup.php -O $OUT/config-pfsense.xml \ | --post-data "download=Download%20configuration%20as%20XML&donotbackuprrd=yes&__csrf_magic=$CSRF2" $URL/diag_backup.php -O $OUT/config-pfsense.xml \ |
| |
rm -f $TMP/*.txt | rm -f $TMP/*.txt |
$Conf{XferLogLevel} = 6; | $Conf{XferLogLevel} = 6; |
</code> | </code> |
| |
| <note tip>Pour un serveur OPNSense, le principe est le même, mais le script est légèrement différent: |
| |
| <code bash> |
| #!/bin/bash -e |
| |
| OUT='/var/lib/BackupPC/pfsense' |
| TMP=$(mktemp -d) |
| URL='https://pfsense.domain.tld' |
| LOGIN='backuppc' |
| PASS='p@ssw0rd' |
| |
| # Submit the login form with the previous values, and save a new CSRF token |
| /usr/bin/wget -q -O /dev/null --keep-session-cookies --save-cookies $TMP/cookies.txt --no-check-certificate \ |
| --post-data "login=Login&usernamefld=$LOGIN&passwordfld=$PASS" $URL/diag_backup.php |
| |
| # Save only the config |
| /usr/bin/wget -q --keep-session-cookies --load-cookies $TMP/cookies.txt --save-cookies $TMP/cookies.txt --no-check-certificate \ |
| --post-data "download=Download%20Configuration&donotbackuprrd=yes" $URL/diag_backup.php -O $OUT/config-pfsense.xml \ |
| |
| rm -f $TMP/*.txt |
| rmdir $TMP |
| </code> |
| </note> |