From: Brian on
Does anyone know how to perform a backup on a netscreen 25 firewall?
I have some old backups of this firewall, so I know somehow someone
backed it up, but that person is not with this company any longer and
I do not know how to make a backup of the firewall.

I have some big changes to make soon and I would like to backup the
firewall first. Please let me know if you are familiar with this
device.

Thank you,

B
From: Burkhard Ott on
On Mon, 26 Jul 2010 09:48:06 -0700, Brian wrote:

> Does anyone know how to perform a backup on a netscreen 25 firewall? I
> have some old backups of this firewall, so I know somehow someone backed
> it up, but that person is not with this company any longer and I do not
> know how to make a backup of the firewall.
>
> I have some big changes to make soon and I would like to backup the
> firewall first. Please let me know if you are familiar with this
> device.
>
> Thank you,
>
> B

Yep, create a readonly backupuser who is able to login via ssh-key (i
describe my automatic version I use).

Now you can scp:$IP:ns_sys_config $TARGET, I've wrote me a script who
does it every hour, if you interested I'm happy to share it.

cheers
From: Brian on
On Jul 26, 6:38 pm, Burkhard Ott <news2...(a)derith.de> wrote:
> On Mon, 26 Jul 2010 09:48:06 -0700, Brian wrote:
> > Does anyone know how to perform a backup on a netscreen 25 firewall? I
> > have some old backups of this firewall, so I know somehow someone backed
> > it up, but that person is not with this company any longer and I do not
> > know how to make a backup of the firewall.
>
> > I have some big changes to make soon and I would like to backup the
> > firewall first.  Please let me know if you are familiar with this
> > device.
>
> > Thank you,
>
> > B
>
> Yep, create a readonly backupuser who is able to login via ssh-key (i
> describe my automatic version I use).
>
> Now you can scp:$IP:ns_sys_config $TARGET, I've wrote me a script who
> does it every hour, if you interested I'm happy to share it.
>
> cheers

Yes that would be great, thank you.
From: Burkhard Ott on
On Wed, 04 Aug 2010 17:33:42 -0700, Brian wrote:


> Yes that would be great, thank you.

NP here we go:


#!/bin/bash

DATE=`date +%Y%m%d-%H%M%S`
KEY=<place the key here e.g. path/id_pub.das>
DST=/mnt/backup/netscreen
DEBUG=0

getconfig()
{
if [ $DEBUG -eq 1 ];
then echo scp -i $KEY backup@"$1":ns_sys_config $DST/
netscreen"-"$DATE.conf;
scp -i $KEY backup@"$1":ns_sys_config $DST/
netscreen"-"$DATE.conf;
else scp -q -i $KEY backup@"$1":ns_sys_config $DST/
netscreen"-"$DATE.conf;
fi
find $DST -type f -mtime +1 -name "*.conf" -exec bzip2 {} \;
find $DST -type f -mtime +60 -name "*.bz2"| xargs rm -rf
}

if [ "$1" == "" ];
then echo "usage $0 <IP-adddess>";
exit 1;
else getconfig $1;
fi
exit 0;


the call is $SCRIPTNAME $IPADDRESS (I have to backup more than one), 60
days it automatically bzips the files, I use it to archive it to tape.

If you have problems just let me know.

cheers