Based on Article from
( )

My router has http access (Port 80), if your router uses https, change the lines from http:// into https://.

<Password> = your admin password = the ip from your pfsense router


The script get the config.xml file from the pfsense router. Compress the file as .tar.gz and stores it in the backup_pfsense directory from my fileserver. (adds date and time to the filename)
example: backup-20160410-0230-pfsense-settings.tar.gz




# Get configfile from pfsense 2.3 Router #

cd /tmp

# — get the config file —

wget -qO- –keep-session-cookies –save-cookies cookies.txt –no-check-certificate \
| grep “name=’__csrf_magic'” | sed ‘s/.*value=”\(.*\)”.*/\1/’ > csrf.txt

wget -qO- –keep-session-cookies –load-cookies cookies.txt –save-cookies cookies.txt –no-check-certificate \
–post-data “login=Login&usernamefld=admin&passwordfld=<Password>&__csrf_magic=$(cat csrf.txt)” \ | grep “name=’__csrf_magic'” \
| sed ‘s/.*value=”\(.*\)”.*/\1/’ > csrf2.txt

wget –keep-session-cookies –load-cookies cookies.txt –no-check-certificate –post-data “Submit=download&donotbackuprrd=yes&__csrf_magic=$(head -n 1 csrf2.txt)” \ -O config-pfsense-`date +%Y%m%d%H%M%S`.xml

# ——————-

# — compress the file, add date and time to the filename —

tar czf backup-`date +%Y%m%d-%H%M`-pfsense-settings.tar.gz config-pfsense*

# change owner

chown worker.worker backup-`date +%Y%m%d-%H%M`-pfsense-settings.tar.gz

# move file to backup directory

mv backup-`date +%Y%m%d-%H%M`-pfsense-settings.tar.gz /data/backup_pfsense

# remove temp files

rm cookies.txt
rm config-pfsense-*.xml
rm csrf.txt
rm csrf2.txt


#———— <eof> —————

The script runs as a custom cron job on my Centos Fileserver. Very sunday at 02:30 am

30 02 * * 0 /etc/cron.custom/ # Backup firewall config

pfsense 2.3 Backup as cron job
Markiert in:         

Schreibe einen Kommentar

Deine E-Mail-Adresse wird nicht veröffentlicht. Erforderliche Felder sind mit * markiert.