cancel
Showing results for 
Search instead for 
Did you mean: 
infosecjeff
Level 7

How to configure a cronjob to backup the Web Gateway config daily?

Does anyone have a cronjob configured for backing up the Web Gateway config on a daily basis?

0 Kudos
3 Replies
asabban
Level 17

Re: How to configure a cronjob to backup the Web Gateway config daily?

Hi Jeff,

which version? For MWG6 yes, for MWG7 no.

Best,

Andre

0 Kudos
McAfee Employee

Re: How to configure a cronjob to backup the Web Gateway config daily?

Hello,

here is the theory fro MWG 7. The Coordinator allows you to backup config!

[root@mwgappl18 ~]# /opt/mwg/bin/mwg-coordinator -h
Usage: mwg-coordinator [-h] [-K check|kill|restart|rotate|shutdown] [-l cfgstr] [-L cfgstr] [-n] [-S cluster|nodepathmatrix|paths|system|threads] [-v] [-D usecounts] [-u user:group] [-t] [-T on|off] [-B cfgstr] [-R cfgstr] [-F cfgstr] [-M] [-c password]
       -h       Print usage information
       -K check|kill|restart|rotate|shutdown
                Send signal to RUNNING Coordinator process and exit.
       -l cfgstr
                Set debug log options [cfgstr] for THIS Coordinator process. [HINT: try -l usage]
       -L cfgstr
                Send debug log options [cfgstr] to RUNNING Coordinator process and exit. [HINT: try -L usage]
       -n       Start Coordinator as application. Do not daemonize process.
       -S cluster|nodepathmatrix|paths|system|threads
                Send status query to RUNNING Coordinator process and exit.
       -v       Print version info of Coordinator process and exit.
       -D usecounts
                Print special debug info from RUNNING Coordinator process and exit.
                Please note that only a debug version of a Coordinator process may report these kinds of informations.
       -u user:group
                Set User and Group for Coordinator.
       -t       Trace messages verbosely for THIS Coordinator process.
       -T on|off
                Enable or disable message tracing on the RUNNING Coordinator process and exit.
       -B cfgstr
                'Backup Storage' functionality, handled by RUNNING Coordinator instance. [HINT: try -B usage]
       -R cfgstr
                Restore Storage functionality, handled by RUNNING Coordinator instance. [HINT: try -R usage]
       -F cfgstr
                Force to use Storage functionality, handled by RUNNING or THIS Coordinator instance. [HINT: try -F usage]
       -M       Start the migration procedure on the active Storage.
       -c password
                Generate a new certificate. [HINT: pass the password within double quotes]

[root@mwgappl18 ~]# /opt/mwg/bin/mwg-coordinator -B usage
general format for backup configure strings:
      file:in=<ACTIVE|path_to_config>[,out=filename][;options:recreate=yes]
          file:in is a required value.
              ACTIVE references the currently active configuration on this node.
              alternativly an absolute path or a relative path to the storage folder can be given.
          fileSmiley Surprisedut is an optional value.
              if given the generated backup will be copied to filename, whereas
              file name can be either an absolute path or reletive to your current working directory.
              if not given the generated backup will stay in backup-cache (inside storage).
          options:recreate=yes is an optional value.
              if given recreates the backup even if an existing file is in backup-cache.
HINT: pass the configure string within quotes to not confuse the shell.

for creating the backup in /tmp/wwbackup, the syntax would be

[root@mwgappl18 tmp]# mkdir /tmp/wwbackup

[root@mwgappl18 tmp]# chown mwgc /tmp/wwbackup/

[root@mwgappl18 tmp]# export timestamp=`/bin/date +%y-%m-%d_%H-%M-%S_%Z`

[root@mwgappl18 tmp]# export myname=`/bin/hostname`
[root@mwgappl18 tmp]# /opt/mwg/bin/mwg-coordinator -B file:in=ACTIVE,out=/tmp/wwbackup/$myname-$timestamp
successfully sent backup request "file:in=ACTIVE,out=/tmp/wwbackup/mwgappl18-10-09-28_07-50-15_UTC" to running Coordinator process.
Job queued with id: 7523
Job progress: .
Job finished.
Coordinator responded:
OK - file copied to '/tmp/wwbackup/mwgappl18-10-09-28_07-50-15_UTC.backup'.

with this informatio, it should be easy to create a backup script.

To reimport such a config, the syntax on the shell looks like:

[root@mwgappl18 ~]# /opt/mwg/bin/mwg-coordinator -R file:in=/tmp/wwbackup/mwgappl18-10-09-28_07-50-15_UTC.backup;global=no
successfully sent restore request "file:in=/tmp/wwbackup/mwgappl18-10-09-28_07-50-15_UTC.backup" to running Coordinator process.
Job queued with id: 7533
Job progress: ...................
Job finished.
Coordinator responded:
OK
[root@mwgappl18 ~]#

General infromation on the restore options:

[root@mwgappl18 ~]# /opt/mwg/bin/mwg-coordinator -R usage                                                     
general format for restore configure strings:
    file:in=<path_to_backup_file>[;options:[info=yes]|[uuid=UUIDSTRING][,cluster=standalone]|[global=no][apply=no]
        file:in is a required value.
            path_to_backup_file may reference a folder that is still in the storage
            either already backuped or not.
        options:info=yes is an optional value that can not be used together with an other option:xyz.
            if given e.g. lists the UUIDs present in the backup file (and does NOT restore the backup).
        options:uuid is an optional value.
            if given sets an UUID to use for the local machine.
            (USE ON YOUR OWN RISK): a configuration containes machine specific parts and restoring
                                    a backup from an other machine may have unwanted side effects.
        options:cluster=standalone is an optional value.
             if given it will make this machine a standalone machine.
        options:global=no is an optional value that can not be used together with an other option:xyz.
             if given it will cause that current global configurations stay untouched.
        options:apply=no is an optional value.
             if given it will cause that the configurations in the backup file are not applied.
             files will be extracted into a newly created folder in storage.
NOTE: The restored backup will become active after successfull extraction.
HINT: pass the configure string within quotes to not confuse the shell.

best

Michael

Message was edited by: Michael Schneider on 28/09/2010 10:48:35 CEST
0 Kudos
infosecjeff
Level 7

Re: How to configure a cronjob to backup the Web Gateway config daily?

Michael thanks for answering my question, and yes this is for MWG 7.

0 Kudos