[people/pmueller/ipfire-2.x.git] / config / backup / backup.pl

#!/bin/bash
###############################################################################
#                                                                             #
# IPFire.org - A linux based firewall                                         #
# Copyright (C) 2007-2014  IPFire Team  <info@ipfire.org>                     #
#                                                                             #
# This program is free software: you can redistribute it and/or modify        #
# it under the terms of the GNU General Public License as published by        #
# the Free Software Foundation, either version 3 of the License, or           #
# (at your option) any later version.                                         #
#                                                                             #
# This program is distributed in the hope that it will be useful,             #
# but WITHOUT ANY WARRANTY; without even the implied warranty of              #
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the               #
# GNU General Public License for more details.                                #
#                                                                             #
# You should have received a copy of the GNU General Public License           #
# along with this program.  If not, see <http://www.gnu.org/licenses/>.       #
#                                                                             #
###############################################################################

NOW="$(date "+%Y-%m-%d-%H:%M")"

list_addons() {
	local file
	for file in /var/ipfire/backup/addons/includes/*; do
		if [ -f "${file}" ]; then
			basename "${file}"
		fi
	done

	return 0
}

process_includes() {
	local include

	for include in $@; do
		local file
		while read -r file; do
			for file in ${file}; do
				if [ -e "${file}" ]; then
					echo "${file}"
				fi
			done
		done < "${include}"
	done | sort -u
}

make_backup() {
	local filename="${1}"
	shift

	# Backup all addons first
	local addon
	for addon in $(list_addons); do
		make_addon_backup "${addon}"
	done

	tar cvzf "${filename}" \
		--exclude-from="/var/ipfire/backup/exclude" \
		--exclude-from="/var/ipfire/backup/exclude.user" \
		$(process_includes "/var/ipfire/backup/include" "/var/ipfire/backup/include.user") \
		"$@"

	return 0
}

restore_backup() {
	local filename="${1}"

	tar xvzpf "${filename}" -C /

	# Restart syslogd, httpd and suricata in case we've just loaded old logs
	apachectl -k graceful
	/bin/kill -HUP `cat /var/run/suricata.pid 2> /dev/null` 2> /dev/null
	/bin/kill -HUP `cat /var/run/syslogd.pid 2> /dev/null` 2> /dev/null

	# remove wrong vnstat tag file
	rm -f /var/log/vnstat/tag

	# Run converters

	# Outgoing Firewall
	if [ -d "/var/ipfire/outgoing" ]; then
		# Reset files
		local file
		for file in /var/ipfire/firewall/{config,outgoing} \
				/var/ipfire/fwhosts/custom{hosts,groups,networks}; do
			: > "${file}"
			chown nobody:nobody "${file}"
		done

		# Run converter
		convert-outgoingfw

		# Remove old configuration
		rm -rf "/var/ipfire/outgoing"
	fi

	# External Access
	if [ -d "/var/ipfire/xtaccess" ]; then
		: > /var/ipfire/firewall/config
		chown nobody:nobody "/var/ipfire/firewall/config"

		# Run converter
		convert-xtaccess

		# Remove old configuration
		rm -rf "/var/ipfire/xtaccess"
	fi

	# DMZ Holes
	if [ -d "/var/ipfire/dmzholes" ] || [ -d "/var/ipfire/portfw" ]; then
		: > /var/ipfire/firewall/config
		chown nobody:nobody "/var/ipfire/firewall/config"

		# Run converter
		convert-dmz

		# Remove old configuration
		rm -rf "/var/ipfire/dmzholes"
	fi

	# Port Forwardings
	if [ -d "/var/ipfire/portfw" ]; then
		# Run converter
		convert-portfw

		# Remove old configuration
		rm -rf "/var/ipfire/portfw"
	fi

	# Reload firewall
	firewallctrl

	# Convert old OpenVPN CCD files (CN change, Core Update 75)
	convert-ovpn

	# Snort to suricata converter.
	if [ -d "/var/ipfire/snort" ]; then
		# Run converter
		convert-snort

		# Remove old configuration directory.
		rm -rf "/var/ipfire/snort"
	fi

	# Convert DNS settings
	convert-dns-settings

	# move nobeeps if exist
	[ -e "/var/ipfire/ppp/nobeeps" ] && mv /var/ipfire/ppp/nobeeps /var/ipfire/red/nobeeps

	return 0
}

find_logfiles() {
	local filelist=( /var/log/messages* /var/log/*.log /var/log/**/*.log )

	echo "${filelist[@]}"
}

make_addon_backup() {
	local name="${1}"
	shift

	if [ ! -f "/var/ipfire/backup/addons/includes/${name}" ]; then
		echo "${name} does not have any backup includes" >&2
		return 1
	fi

	local filename="/var/ipfire/backup/addons/backup/${name}.ipf"

	tar cvzf "${filename}" \
		$(process_includes "/var/ipfire/backup/addons/includes/${name}")
}

restore_addon_backup() {
	local name="${1}"

	if [ -d "/tmp/${name}.ipf" ]; then
		mv "/tmp/${name}.ipf" "/var/ipfire/backup/addons/backup/${name}.ipf"
	fi

	tar xvzpf "/var/ipfire/backup/addons/backup/${name}.ipf" -C /
}

main() {
	local command="${1}"
	shift

	case "${command}" in
		include)
			local filename="${1}"

			if [ -z "${filename}" ]; then
				filename="/var/ipfire/backup/${NOW}.ipf"
			fi

			make_backup "${filename}" $(find_logfiles)
			;;

		exclude)
			local filename="${1}"

			if [ -z "${filename}" ]; then
				filename="/var/ipfire/backup/${NOW}.ipf"
			fi

			make_backup "${filename}"
			;;

		restore)
			local filename="${1}"

			if [ -z "${filename}" ]; then
				filename="/tmp/restore.ipf"
			fi

			restore_backup "/tmp/restore.ipf"
			;;

		addonbackup)
			make_addon_backup "$@"
			;;

		restoreaddon)
			restore_addon_backup "${1/.ipf/}"
			;;

		iso)
			# Desired backup filename
			local filename="/var/ipfire/backup/${NOW}.ipf"

			if make_backup "${filename}"; then
				/usr/local/bin/backupiso "${NOW}" &
			fi
			;;

		makedirs)
			mkdir -p /var/ipfire/backup/addons/{backup,includes}
			;;

		list)
			process_includes "/var/ipfire/backup/include" "/var/ipfire/backup/include.user"
			;;

		/var/ipfire/backup/*.ipf|/var/ipfire/backup/addons/backup/*.ipf|/var/tmp/backupiso/*.iso)
			unlink "${command}"
			;;

		*)
			echo "${0}: [include|exclude|restore|addonbackup <addon>|restoreaddon <addon>|iso]" >&2
			return 2
			;;
	esac

	return $?
}

main "$@" || exit $?
Commit	Line	Data
c7b7a70d	1	#!/bin/bash
70df8302 MT	2	###############################################################################
	3	# #
	4	# IPFire.org - A linux based firewall #
2b4593b2	5	# Copyright (C) 2007-2014 IPFire Team <info@ipfire.org> #
70df8302 MT	6	# #
	7	# This program is free software: you can redistribute it and/or modify #
	8	# it under the terms of the GNU General Public License as published by #
	9	# the Free Software Foundation, either version 3 of the License, or #
	10	# (at your option) any later version. #
	11	# #
	12	# This program is distributed in the hope that it will be useful, #
	13	# but WITHOUT ANY WARRANTY; without even the implied warranty of #
	14	# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
	15	# GNU General Public License for more details. #
	16	# #
	17	# You should have received a copy of the GNU General Public License #
	18	# along with this program. If not, see <http://www.gnu.org/licenses/>. #
	19	# #
	20	###############################################################################
cf29614f	21
c7b7a70d MT	22	NOW="$(date "+%Y-%m-%d-%H:%M")"
	23
	24	list_addons() {
	25	local file
	26	for file in /var/ipfire/backup/addons/includes/*; do
	27	if [ -f "${file}" ]; then
	28	basename "${file}"
	29	fi
	30	done
	31
	32	return 0
8e8bbd9d	33	}
c7b7a70d MT	34
	35	process_includes() {
	36	local include
	37
	38	for include in $@; do
	39	local file
	40	while read -r file; do
4f10c0b3	41	for file in ${file}; do
c7b7a70d MT	42	if [ -e "${file}" ]; then
	43	echo "${file}"
	44	fi
4f10c0b3	45	done
c7b7a70d MT	46	done < "${include}"
c7b7a70d MT	47	done \| sort -u
5ad5a6bc	48	}
c7b7a70d MT	49
	50	make_backup() {
	51	local filename="${1}"
	52	shift
	53
	54	# Backup all addons first
	55	local addon
	56	for addon in $(list_addons); do
	57	make_addon_backup "${addon}"
	58	done
	59
	60	tar cvzf "${filename}" \
	61	--exclude-from="/var/ipfire/backup/exclude" \
	62	--exclude-from="/var/ipfire/backup/exclude.user" \
	63	$(process_includes "/var/ipfire/backup/include" "/var/ipfire/backup/include.user") \
	64	"$@"
	65
	66	return 0
cf29614f	67	}
c7b7a70d MT	68
	69	restore_backup() {
	70	local filename="${1}"
	71
	72	tar xvzpf "${filename}" -C /
	73
28797d48 TF	74	# Restart syslogd, httpd and suricata in case we've just loaded old logs
	75	apachectl -k graceful
	76	/bin/kill -HUP `cat /var/run/suricata.pid 2> /dev/null` 2> /dev/null
	77	/bin/kill -HUP `cat /var/run/syslogd.pid 2> /dev/null` 2> /dev/null
	78
5562f26f AF	79	# remove wrong vnstat tag file
	80	rm -f /var/log/vnstat/tag
	81
c7b7a70d MT	82	# Run converters
	83
	84	# Outgoing Firewall
	85	if [ -d "/var/ipfire/outgoing" ]; then
	86	# Reset files
	87	local file
	88	for file in /var/ipfire/firewall/{config,outgoing} \
	89	/var/ipfire/fwhosts/custom{hosts,groups,networks}; do
	90	: > "${file}"
	91	chown nobody:nobody "${file}"
	92	done
	93
	94	# Run converter
	95	convert-outgoingfw
	96
	97	# Remove old configuration
	98	rm -rf "/var/ipfire/outgoing"
	99	fi
	100
	101	# External Access
	102	if [ -d "/var/ipfire/xtaccess" ]; then
	103	: > /var/ipfire/firewall/config
	104	chown nobody:nobody "/var/ipfire/firewall/config"
	105
	106	# Run converter
	107	convert-xtaccess
	108
	109	# Remove old configuration
	110	rm -rf "/var/ipfire/xtaccess"
	111	fi
	112
	113	# DMZ Holes
	114	if [ -d "/var/ipfire/dmzholes" ] \|\| [ -d "/var/ipfire/portfw" ]; then
	115	: > /var/ipfire/firewall/config
	116	chown nobody:nobody "/var/ipfire/firewall/config"
	117
	118	# Run converter
	119	convert-dmz
	120
	121	# Remove old configuration
	122	rm -rf "/var/ipfire/dmzholes"
	123	fi
	124
	125	# Port Forwardings
	126	if [ -d "/var/ipfire/portfw" ]; then
	127	# Run converter
	128	convert-portfw
	129
	130	# Remove old configuration
	131	rm -rf "/var/ipfire/portfw"
	132	fi
	133
	134	# Reload firewall
	135	firewallctrl
	136
	137	# Convert old OpenVPN CCD files (CN change, Core Update 75)
	138	convert-ovpn
	139
8c273724 SS	140	# Snort to suricata converter.
	141	if [ -d "/var/ipfire/snort" ]; then
	142	# Run converter
	143	convert-snort
	144
	145	# Remove old configuration directory.
	146	rm -rf "/var/ipfire/snort"
	147	fi
	148
ecbf6676 MT	149	# Convert DNS settings
	150	convert-dns-settings
	151
6df8a22b AF	152	# move nobeeps if exist
	153	[ -e "/var/ipfire/ppp/nobeeps" ] && mv /var/ipfire/ppp/nobeeps /var/ipfire/red/nobeeps
	154
c7b7a70d	155	return 0
901a50cf	156	}
c7b7a70d MT	157
	158	find_logfiles() {
	159	local filelist=( /var/log/messages* /var/log/.log /var/log//.log )
	160
	161	echo "${filelist[@]}"
b90a7e56	162	}
c7b7a70d MT	163
	164	make_addon_backup() {
	165	local name="${1}"
	166	shift
	167
	168	if [ ! -f "/var/ipfire/backup/addons/includes/${name}" ]; then
	169	echo "${name} does not have any backup includes" >&2
	170	return 1
	171	fi
	172
	173	local filename="/var/ipfire/backup/addons/backup/${name}.ipf"
	174
	175	tar cvzf "${filename}" \
	176	$(process_includes "/var/ipfire/backup/addons/includes/${name}")
8e8bbd9d	177	}
c7b7a70d MT	178
	179	restore_addon_backup() {
	180	local name="${1}"
	181
	182	if [ -d "/tmp/${name}.ipf" ]; then
	183	mv "/tmp/${name}.ipf" "/var/ipfire/backup/addons/backup/${name}.ipf"
	184	fi
	185
	186	tar xvzpf "/var/ipfire/backup/addons/backup/${name}.ipf" -C /
a609bfb0	187	}
8e8bbd9d	188
c7b7a70d MT	189	main() {
	190	local command="${1}"
	191	shift
	192
c7b7a70d MT	193	case "${command}" in
c7b7a70d MT	194	include)
175f5c06 MT	195	local filename="${1}"
	196
	197	if [ -z "${filename}" ]; then
	198	filename="/var/ipfire/backup/${NOW}.ipf"
	199	fi
	200
c7b7a70d MT	201	make_backup "${filename}" $(find_logfiles)
	202	;;
	203
	204	exclude)
175f5c06 MT	205	local filename="${1}"
	206
	207	if [ -z "${filename}" ]; then
	208	filename="/var/ipfire/backup/${NOW}.ipf"
	209	fi
	210
c7b7a70d MT	211	make_backup "${filename}"
	212	;;
	213
	214	restore)
175f5c06 MT	215	local filename="${1}"
	216
	217	if [ -z "${filename}" ]; then
	218	filename="/tmp/restore.ipf"
	219	fi
	220
c7b7a70d MT	221	restore_backup "/tmp/restore.ipf"
	222	;;
	223
	224	addonbackup)
	225	make_addon_backup "$@"
	226	;;
cf29614f	227
c7b7a70d MT	228	restoreaddon)
	229	restore_addon_backup "${1/.ipf/}"
	230	;;
84578512	231
c7b7a70d	232	iso)
175f5c06 MT	233	# Desired backup filename
	234	local filename="/var/ipfire/backup/${NOW}.ipf"
	235
c7b7a70d MT	236	if make_backup "${filename}"; then
	237	/usr/local/bin/backupiso "${NOW}" &
	238	fi
	239	;;
	240
	241	makedirs)
	242	mkdir -p /var/ipfire/backup/addons/{backup,includes}
	243	;;
	244
4f10c0b3 MT	245	list)
	246	process_includes "/var/ipfire/backup/include" "/var/ipfire/backup/include.user"
	247	;;
	248
c7b7a70d MT	249	/var/ipfire/backup/.ipf\|/var/ipfire/backup/addons/backup/.ipf\|/var/tmp/backupiso/*.iso)
	250	unlink "${command}"
	251	;;
	252
	253	*)
	254	echo "${0}: [include\|exclude\|restore\|addonbackup <addon>\|restoreaddon <addon>\|iso]" >&2
	255	return 2
	256	;;
	257	esac
	258
	259	return $?
cf29614f	260	}
c7b7a70d MT	261
c7b7a70d MT	262	main "$@" \|\| exit $?