This script saves the configuration of a pfSense firewall, by retrieving the XML file remotely via HTTP(S).

You will need to create a file and within it provide the username and password of the pfsense user that will perform the automated backups. For the config file, format it like this:

pfsense_username=usernamehere

pfsense_password=passwordhere

I recommend limiting access to that file, with something like chmod 0400 filename , replacing 'filename' with the actual filename of the file that contains the username and password

I recommend that you create a dedicated user (System > User Manager) with at least the "WebCfg - Diagnostics: Backup & Restore" privilege. For security reasons, the "admin" account is not recommended (password in clear text in the script).

You must edit the script (nano, vim, etc.) to enter at least:

• IP or FQDN name (without trailing slash)
• path to a file with the username and password to pfsense
• path to the backup location

Need

• shell or bash
• wget or cURL

In theory works on any Linux distribution. Tested on Debian, CentOS, pfSense.

Note: modification of the BACKUP_RRD, BACKUP_PKGINFO, BACKUP_PASSWORD variables is currently not supported._

This script is compatible with pfSense:

• 2.5.x
• 2.4.x
• 2.3.x
• 2.2.x

Not tested on lower versions.

Validated with the versions:

• 2.5.2
• 2.4.3
• 2.4.0
• 2.3.4-RELEASE-p1
• 2.3.3
• 2.3.2
• 2.3.1
• 2.2.5

It is recommended to create a dedicated directory to store the script there. XML configurations are stored in a dedicated subdirectory.

Version cURL:

chmod +x pfmotion_curl.sh
./pfmotion_curl.sh

The backup file contains the name of the firewall:

/tmp/conf_backup/config-<host-name>_<domain>-<YYYYmmDDHHMMSS>.xml

Example :

/tmp/conf_backup/config-pf_blogmotion.fr-20171007002812.xml