CONFIG BACKUP

Level

maintenance

History

level maintenance Appears in Netasq 6 0 0
level other deprecated in Netasq 6 0 0
option global for list Appears in Netasq 6 0 0
option urlgroup for list Appears in 6 0 2
option pattern for list Appears in 6 0 2
usb Appears in Netasq 6 1 0
option secure for list Appears in Netasq 6 2 0
option autoupdate for list Appears in Netasq 6 2 0
option proxies for list Appears in Netasq 6 2 0
option services for list Appears in Netasq 6 2 0
format appears in Netasq 9 0 0
global_vpn appears in 2 5 0
global_cert appears in 3 0 0
tpmpassword appears in 3 10 0
usb disappears in 4 0 0
option secure for list disappears in 4 0 0 privkeys appears in 3 10 0
ondiskprotect appears in 3 10 0

Description

Backups full or partial configuration (complete list of available items is provided by SYSTEM BACKUP command)

Implementation notes

Used by SMC, so report to them whenever changes
Make an archive encrypted with generic key or given password
Add a plain header with date, model, version, serial, description, content and type (GENERIC or PASSWORD)
Sign the file included the header with the firewall private key

Usage

list=<all|network|global|object|global_object|filter|filterslotxx|global_filter|global_filterslotxx|vpn|global_vpn|ldap|urlfiltering|sslfiltering|urlgroup|global|pattern|autoupdate|services|mailfiltering|dhcp|ntp|dns|snmp|pvm|cert|global_cert|securityinspection|vpn-ssl|vpn-pptp|event-rules|qos|auth|webadmin|statusweight|log|route|sysevent|bird|antispam|mailgroup|communication|system|serverd|reports|access_tickets|monitor> [password=<string>] [comment=<string>] [tpmpassword=<string>] [privkeys=all|none] [ondiskprotect=0|1]
A TPM password is required if it protects some private keys
All private keys are included by default, but this can be avoided with option \"privkeys=none\"
Ondisk protected keys are backuped unprotected by default, but they can remain protected with option \"ondiskprotect=1\"

Format

raw

Returns

Error code

Example

CONFIG BACKUP list=all comment="sauvegarde tout" password=mypassword
CONFIG BACKUP list="pattern+network,global+network"