Looking for free automated pfsense backups? Recently I was looking into automating my backups of my pfSense box at home. I always manually make a backup of the config before I make any changes to it. I have VPN connectivity and web filtering, NAT rules, plugins ect. Needless to say, it would take me quite a bit of time to re-configure it.
I looked into a plugin that would automate these backups however what I discovered is that for that kind of functionality you are required to pay a $600 per year premium support subscriptions as you can see when you try to install the plugin.
My solution for free automated pfsense backups works great and gets me around paying the fee. I can’t take full credit though. I found an executable that allows for the authentication and backup of the config.xml file. I then wrote a script that places it in my dropbox account and then made it to where it would delete the old backups after a period of time so that my dropbox account does not fill up with outdated config files. I set up this script (a .bat file) to run on a scheduled task every day. Thus I now have reliable and free automated pfsense backups that I don’t have to manage.
***Note: You don’t have to back up to your dropbox. That’s just what I chose to do. You can edit the script below and change the”backupfldr” path to anything you want. Also this was setup and tested on a Server running Windows home server 2011. This should work with Server 2008 or windows vista/7/8.
Now on to the free automated pfsense backups…
I found the “pfsenseBackup.exe” at http://knowledge.zomers.eu/pfSense/Pages/How-to-automate-pfSense-backup.aspx.
EDIT: The developer moved the more current versions to GitHub. They can be found at https://github.com/KoenZomers/pfSenseBackup
Next I downloaded it, unzipped it and placed it in the root of my C:/ drive in a directory called “pfSenseBackups”. You can place this anywhere I just chose this path.
Once unzipped, you can run the exe. A simple help file is displayed to help you with the appropriate switches.
Next you need to download the command line version of 7zip and place it in the same directory as your .exe that was just downloaded. This can be found here http://downloads.sourceforge.net/sevenzip/7za920.zip. Once downloaded extract to C:/pfsensebackups/zip
Next I opened up notepad. If you don’t know how to do this then this tutorial may not be for you 😛
Here is the script that I made to set to the scheduled task. Modified to fit your needs.
rem This utility copies the pfSense configuration from home-firewall and copies it to
rem a DropBox account, zips and compresses it.
rem Filename: [runpfsensebackup.bat]
rem Authors: [Jesse Vaughn] Date: [12/12/2012]
IF %day% LSS 10 SET day=0%day:~1,1%
IF %mnt% LSS 10 SET mnt=0%mnt:~1,1%
IF %hr% LSS 10 SET hr=0%hr:~1,1%
IF %min% LSS 10 SET min=0%min:~1,1%
:: SETTINGS AND PATHS
:: Note: Do not put spaces before the equal signs or variables will fail
:: Backup path
:: Path to zip executable
:: Number of days to retain .zip backup files
:: GO FORTH AND BACKUP EVERYTHING!
pfSenseBackup.exe -v [you current pfsense version] -u [your pfsense username] -p [your pfsesnse password] -s [your pfsense IP address] -o “C:\Users\Administrator\Dropbox\Backups\pfSense_Config\Home-firewallBackup%backuptime%.xml”
:: .zip option clean but not as compressed
echo “Zipping all files ending in .xml in the folder”
%zipper% a -tzip “%backupfldr%home-firewallBackup.%backuptime%.zip” “%backupfldr%*.xml”
:: Cleaning up
echo “Deleting all the files ending in .xml only”
:: CLEAN UP OLD BACKUPS
Forfiles -p %backupfldr% -m *.zip -d -%retaindays% -c “cmd /c del /q @path”
Save the file as runpfsensebackup.bat in C:\pfSenseBackups\
You should now have the following files…
Now we are ready to schedule the task. Click start->all programs->Accessories->System Tools->Task Scheduler. Once launched click “Task scheduler Library”. Right click the upper center pain and select “Create New Task”
Under the General Tab, Name the task something like “Backup pfSense”. Type a description and make sure that “Run whether user is logged in or not” is checked. I opted to run the task with highest privileges.
On the “triggers” tab, click “new” then the following.
On the “Actions” tab, click “New” then the following.
That should be it. Once prompted put in your administrator username and password.
Now test it. Right click on the job you just created and click “run”
The job should complete saying “The operation completed successfully”
Now you have automated backups of your pfSense config going to your dropbox and cleaning up after it’s self. Enjoy!