CP防火墙备份与还原

Step1:进入专家模式

======================================================

如果没有设置专家模式的密码,执行下面命令进行设置:

BJ-OFFICE-GW> set expert-password
Enter new expert password:
Enter new expert password (again):
BJ-OFFICE-GW>

Step2:进入备份工具目录

======================================================

[Expert@BJ-OFFICE-GW:0]# cd $FWDIR

[Expert@BJ-OFFICE-GW:0]# cd bin/

[Expert@BJ-OFFICE-GW:0]# cd upgrade_tools/

[Expert@BJ-OFFICE-GW:0]# ls -l
total 73204
-rwxrwx--- 1 admin bin 377032 Oct 10 2018 del_revision_files
-rwxrwx--- 1 admin bin 266484 Oct 10 2018 gtar
-rwxrwx--- 1 admin bin 74116 Oct 10 2018 gzip
-rwxrwx--- 1 admin bin 6937092 Oct 10 2018 ips_upgrade_tool
-rwxrwx--- 1 admin bin 11713680 Oct 10 2018 migrate
-rwxrwx--- 1 admin bin 59429 Oct 10 2018 migrate.conf
-rwxrwx--- 1 admin bin 107 Oct 10 2018 plugin_pack.conf
-rwxrwx--- 1 admin bin 6127476 Oct 10 2018 plugin_pack_compare
-rwxrwx--- 1 admin bin 6276408 Oct 10 2018 plugin_upgrade_matcher
-rwxrwx--- 1 admin bin 18065 Oct 10 2018 ppidb.conf
-rwxrwx--- 1 admin bin 19385024 Oct 10 2018 pre_upgrade_verifier
-rwxrwx--- 1 admin bin 135320 Oct 10 2018 puv_report_generator
-rwxrwx--- 1 admin bin 11713680 Oct 10 2018 upgrade_export
-rwxrwx--- 1 admin bin 11713680 Oct 10 2018 upgrade_import
[Expert@BJ-OFFICE-GW:0]#

Step3:备份

======================================================

[Expert@BJ-OFFICE-GW:0]# ./upgrade_export SMC_20190709.tgz


You are required to close all clients to Security Management Server
or execute 'cpstop' before the Export operation begins.

Do you want to continue? (y/n) [n]? y


Copying required files...

The operation completed successfully.

Location of archive with exported database: /opt/CPsuite-R80/fw1/bin/upgrade_tools/SMC_20190709.tgz

说明:从R80.20后改命令已经没有,由migrate替代,具体用法如下:

migrate  export 导出

migrate  import 还原

[Expert@BJ-ZHX-FW:0]# ./migrate export SMC_20190714.tgz

You are required to close all clients to Security Management Server
or execute 'cpstop' before the Export operation begins.

Do you want to continue? (y/n) [n]? y


Copying required files...
Compressing files...

The operation completed successfully.

Location of archive with exported database: /opt/CPsuite-R80.20/fw1/bin/upgrade_tools/SMC_20190714.tgz

Step4:使用WINSCP进行下载

======================================================

[Expert@BJ-OFFICE-GW:0]# chsh -s /bin/bash
Changing shell for admin.
Shell changed.
[Expert@BJ-OFFICE-GW:0]#

 使用winscp登录FW,下载/opt/CPsuite-R80/fw1/bin/upgrade_tools/SMC_20190709.tgz文件即可。

Step5:还原

======================================================

将备份文件上传到升级备份目录,如下:

[Expert@BJ-ZHX-FW:0]# ./migrate import SMC_20190714.tgz
The import operation will eventually stop all Check Point services (cpstop).
Do you want to continue? (y/n) [n]? y


Extracting the database...
Stopping all Check Point services (cpstop)...
cpwd_admin:
Process DASERVICE terminated
Mobile Access: Stopping MoveFileDemuxer service (if needed)
Mobile Access: MoveFileDemuxer is not running
Mobile Access: Mobile Access blade is disabled or already shut down
Mobile Access: Push notification is disabled or already shut down
Mobile Access: Reverse Proxy for HTTP traffic is disabled or already shut down.
Mobile Access: Reverse Proxy for HTTPS traffic is disabled or already shut down.
Mobile Access: Successfully stopped Mobile Access services
UEPM: Endpoint Security Management isn't activated
Stop Search Infrastructure...
Stopping RFL ...
cpwd_admin:
successful Detach operation
Stopping Solr ...
cpwd_admin:
Process SOLR isn't monitored by cpWatchDog. detach request aborted
Stop SmartView ...
Stopping SmartView ...
cpwd_admin:
successful Detach operation
Stop Log Indexer...
cpwd_admin:
Process INDEXER (pid=13703) stopped with command "kill 13703". Exit code 0.
Stop SmartLog Server...
cpwd_admin:
Process SMARTLOG_SERVER terminated
dbsync is not running
evstop: Stopping product - SmartEvent Server
evstop: Stopping product - SmartEvent Correlation Unit
Check Point SmartEvent Correlation Unit is not running
Stopping SmartView Monitor daemon ...
SmartView Monitor daemon is not running
Stopping SmartView Monitor kernel ...
SmartView Monitor kernel stopped
FloodGate-1 is already stopped.
Set operation succeeded
FireWall-1: cpm stopped
FireWall-1: fwm stopped
Stopping sessions database
FireWall-1: disabling IPv4 forwarding and bridge forwarding
FireWall-1: FW-1 IPv6 kernel module is not loaded
SecureXL device disabled.
Stopping Critical Alerts Sensor
SVN Foundation: cpd stopped
SVN Foundation: multiportal daemon stopped
Stopping cpviewd
cpwd_admin:
Process HISTORYD terminated
cpwd_admin:
Process SXL_STATD terminated
SVN Foundation: cpWatchDog stopped
SVN Foundation stopped
Importing files...
generating INSPECT code for GUI Clients
initial_management:
Compiled OK.
initial_management:
Compiled OK.

The import operation completed successfully.
Do you wish to start Check Point services? (y/n) [y]? y

posted on 2019-07-09 11:24  CyberSecurityBook  阅读(859)  评论(0编辑  收藏  举报

导航