Script: automated backup and retrieval of safelist/blocklist

Unanswered Question
Feb 13th, 2009
User Badges:

I've made a perl script to automate the backup the SL/BL off our appliance.
It "works for me" so I'm releasing the script because others might make good use of it. :D

http://web.acd.ccac.edu/~bpoyner/ironport/backup-ironport-slbl

It requires perl and a handful of perl modules, an administrator account on the appliance (I suggest you make one specifically for this kind of automated task), and for FTP to be enabled on the appliance.

I've only run this against AsyncOS 6.5.0, but I think it should work for other versions. It works by behaving like a web browser to tell the appliance to back up the SLBL, and then fetches the .csv files from the appliance through FTP . Unfortunately this wasn't as easy to do as, say, backing up the configuration. :roll:

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
steven_geerts Wed, 02/18/2009 - 06:57
User Badges:

Hi bpoyner,

Thanks por posting this!
it's always nice to see tools others are using for their day2day maintanance stuff.

Steven

bpoyner_ironport Wed, 02/18/2009 - 19:25
User Badges:

Thanks Steven.

I'm now experimenting with a combination of https and ssh for grabbing the SL/BL. I wasn't too thrilled about using FTP but I didn't see an immediate way to determine the SL/BL filename chosen by the appliance. (Using a FireFox plugin called Tamper Data I got it figured out)

Too bad this isn't as easy as using saveconfig from the CLI. Feature enhancement request #1391 was made to manage the SL/BL through the CLI but it seems to be low on the priority list.

bpoyner_ironport Tue, 03/03/2009 - 14:58
User Badges:


I'm now experimenting with a combination of https and ssh for grabbing the SL/BL.


I've uploaded the updated script with SCP retrieval support at the same location as before. The SCP retrieval option requires public key authentication. The upshot here is that everything is done over encrypted communications (https/ssh).

The old version of the script with FTP only retrieval is still available as well.
Eisenhafen Thu, 03/19/2009 - 13:52
User Badges:

Hi, has anyone ever made a script able to backup a cluster config? Meaning remove one machine from the cluster and backup that config and join the cluster again - automated.

I would be be very thankful for such information. We just had the case, that both cluster members died at the same time and we were left with nothing to restore quickly.

Actions

This Discussion