IPCop Backup


IPCop Backup Well, there is a lot of traffic on the 'net about IPCop having backups that don't work. The encryption and file naming all seem to cause problems, and it is especially not suited to swapping physical machines.

I went into the source code of ipcopbackup.c (Yet Another Good Thing about Open Source), figured out what they were doing and created a procedure that is incredibly insecure, but allows you to move the configuration from one machine to another.

Basically, in this version of IPCop, (1.4.21) simply looks at four files in /var/ipcop/backup named include.* and exclude.* which, wait for it, lists the files to be included and excluded in a backup. Very sweet. Note that this works on IPCop v2, which is in beta, up to the one I'm currently using on 3 Aug 2010.

The .dat file appears to be an encryted tar.gzip file, and since I really don't want the hassles of the encryption for this case, I simply steal the command from ipcopbackup.c which is the tar statement below.

Create this bash script, then run it (or, you could manually run it if you like). This creates a file backup.tgz in the /tmp directory. The standard backup program for IPCop does a lot of checking to make sure we have plenty of disk space and all that . . . you'll need to do it by hand by issuing the df -h command or something to make sure you have enough space.

Backup

Create the following file in /root, naming it backup. Be sure to change it's mode to 700 (executeable by root)

#! /bin/bash
# script written by Rod to allow cli backup of system without all the encryption
# that causes problems on the other backup.
# suitable for replicating a system
# creates a file in /tmp of the form ipcop_backup_hostname_datetimestamp.tgz
# NOTE: this is only backing up configuration. Does not back up any binaries
# Can be used to replicate on an identical installation with 
# tar -xzvf -C / filename.tgz
# make the output file in the specific form
OUTFILE=ipcop_backup_´hostname´_´date +"%Y%m%d%H%M%S"´.tgz
# These are files IPCop specifically wants to be included
cat /var/ipcop/backup/include.system /var/ipcop/backup/include.user > /tmp/allIncludes
# I make this verbose so I can see what files are backed up
/bin/tar -T /tmp/allIncludes -X /var/ipcop/backup/exclude.system -X /var/ipcop/backup/exclude.user -C / -czvf /tmp/$OUTFILE
# clean up after ourselves
rm /tmp/allIncludes
# let the user know where to find the backup
echo Configuration backed up to /tmp/$OUTFILE

Now, edit /var/ipcop/backup/include.user and add the following two lines:

/var/log/rrd/
/root/

Do not leave a blank line at the end of this file

The first line backs up all of the data collected for the graphs, and the second backs up /root, where I normally install all of my installs stuff

Execute the following command:

/root/backup

This will create a file in /tmp whose name is of the form ipcop_backup_devicename_YYYYMMDDHHMMSS.tgz, where YYYYMMDDHHMMSS is the backup date and devicename is the name taken from the hostname command.

Recovery

You must meet the following criteria:

  1. Same version of IPCop, including all updates (but no updates beyond what the original machine has)
  2. Add-ons must be installed prior to recovery, and at the same version

From a remote machine, I generally just use scp to copy the file over to my desktop:

scp -P 222 root@router.name:/tmp/backupname .

to copy the file to your local directory on your machine. Then:

scp -P 222 backupname root@new.router.name:/tmp/

to copy the file to the new server. Log in on the new router via ssh:

ssh -p 222 root@new.router.name

And issue the following two commands. This will destroy the configuration on the new router:

cd /
tar -xzvf /root/backupfilename

Reboot the router from a console (not via ssh, keyboard and monitor). Expect Errors. On my first test run, I got a lot of error messages as the machine was trying to make a pppoe connection out of a non-existent NIC (different hardware between the machines), so I started the setup program and, fortunately, made it down to the network setup and pressed enter before the next message came up. This takes the network down.

Execute setup and set the following:

  • You will continue to get error message on your screen until you get to network setup, which takes down the network.
  • Assign all networks to an existing NIC
  • Change the hostname

IPCop Backup

Last update:
2012-10-10 01:50
Author:
Rod
Revision:
1.1
Average rating:0 (0 Votes)

You cannot comment on this entry

Chuck Norris has counted to infinity. Twice.