■SSG5にUSBメモリを接続、flashにあるすべてをバックアップ 「imagekey.cer」は書式が異なるファイル単位になってしまうので基本的に一方通行。 ScreenOS Image Certification Key http://www.juniper.net/techpubs/hardware/netscreen-certifications.html BOOT LOADERと$NSBOOT$.BINは、flashに保存されていればちゃんとバックアップ出来る。 USBメモリの1GBの制限のオーバーフローしたマイナス表記で切り分けたところも書いておく。 ■結論だけ言うと、以下で隠しファイルも含めて1GBのUSBメモリに保存出来る。 「imagekey.cer」は別途ダウンロード。 ssg5-isdn-> debug filesys all ssg5-isdn-> get file ssg5-isdn-> get dbuf stream ssg5-isdn-> save file flash:/[隠しor通常ファイル] to usb [隠しor通常ファイル] ■まずは8GBのパーティションのままテスト。 $ sudo fdisk -lu /dev/sdb Disk /dev/sdb: 8086 MB, 8086617600 bytes 18 heads, 3 sectors/track, 292484 cylinders, total 15794175 sectors Units = sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes Disk identifier: 0x00078168 Device Boot Start End Blocks Id System /dev/sdb1 2048 15794174 7896063+ c W95 FAT32 (LBA) $ sudo mkfs.vfat -F 32 /dev/sdb1 mkfs.vfat 3.0.13 (30 Jun 2012) ■SSG5の背面に接続。 「save software」で空き容量不足と出る。 「get file info」の出力がマイナス表記。 PQI PQI USB Flash Drive, rev 2.00/1.00, addr 2, SCSI over Bulk-Only Mount usb device. Please wait... usb device ready. ssg5-isdn-> ssg5-isdn-> get chassis status USB: Inserted Total Size: 8,069,787,648 bytes Free Size: 8,069,783,552 bytes ssg5-isdn-> get file info There are 51007488 bytes free (62623744 total) on disk "flash:" There are -520151040 bytes free (-520146944 total) on disk "usb:" ssg5-isdn-> save software from flash to usb device.save save software from flash to usb Load image from 0x020d1f60 to usb in : device.save. there are not enough free spaces in usb device.save failed! Write error, please check usb flash. ssg5-isdn-> get file | include usb USB flash device : usb:/ssg5-isdn_log.txt 589 ssg5-isdn-> exec usb-device stop The "USB Mass Storage Device"can now be safely removed from system ssg5-isdn-> ■7GBあふれたというより、1GBあふれたすべてがオーバーフローした結果のようだ。 $ echo "$(((8086617600-520146944)/1024/1024/1024))" 7 $ echo "$(((8086617600-520146944)/7))" | awk '{print $1,$1/1024/1024/1024}' 1080924379 1.00669 ■オーバーフローしている状態だと、 「save config」やUSBログは問題無く保存されるが、「save software」が出来ない。 なんとなく1GB未満になるようなセクタを計算する。 $ echo "$(((15794175/8)-2048-1))" | awk '{print $1,$1-($1%100)}' 1972222 1972200 ■とりあえずパーティションは1つとした。他は未使用領域。 $ sudo fdisk -lu /dev/sdb Disk /dev/sdb: 8086 MB, 8086617600 bytes 1 heads, 1 sectors/track, 15794175 cylinders, total 15794175 sectors Units = sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes Disk identifier: 0x00078168 Device Boot Start End Blocks Id System /dev/sdb1 2048 1972200 985076+ 83 Linux $ sudo mkfs.vfat -F 32 /dev/sdb1 mkfs.vfat 3.0.13 (30 Jun 2012) ■SSG5に1GBフォーマットで再接続。正しく認識したようだ。 ssg5-isdn-> PQI PQI USB Flash Drive, rev 2.00/1.00, addr 2, SCSI over Bulk-Only Mount usb device. Please wait... usb device (usb) ready. ssg5-isdn-> get file info There are 35471360 bytes free (62623744 total) on disk "flash:" There are 1006723072 bytes free (1006727168 total) on disk "usb:" ssg5-isdn-> get chassis status USB: Inserted Total Size: 1,006,727,168 bytes Free Size: 1,006,723,072 bytes ■コンフィグをバックアップ flash -> usb ssg5-isdn-> save Save System Configuration ... Done ssg5-isdn-> save config from flash to usb usb.cfg System config (1303 bytes) loaded Done. Save config to usb :usb.cfg Save ....Done ■ScreenOSをバックアップ flash -> usb save software from flash to usb Load image from 0x029b28c0 to usb in : software.bin. platform = 25, cpu = 12, version = 18 offset = 20, address = 5800000, size = 13294941 date = 1b96, sw_version = 31808000, cksum = afe47a3e Save ............................................................................ ....................Done ssg5-isdn-> ssg5-isdn-> get file flash:/crashdump.dmp 32768 flash:/burnin_log1 20480 flash:/burnin_log0 20480 flash:/prngseed.bin 32 flash:/envar.rec 85 flash:/ns_sys_config 1303 flash:/dhcpservl.txt 0 flash:/cli-log 49952 flash:/dnstb.rec 83 flash:/pkidatabase.digest 20 flash:/ns_sys_cfg.sig 20 USB flash device : usb:/usb.cfg 3741 usb:/software.bin 13303808 ssg5-isdn-> ■「save image-key」は一方通行なので、flashからのバックアップは出来ない。 一方通行なのは以下の3種類。 ssg5-isdn-> save image-key ? tftp load image key from tftp server usb load image key from usb ssg5-isdn-> save attack-db from ? tftp load attack database from tftp server ssg5-isdn-> save patch from ? tftp load patch from tftp server ■他のメニューは以下。 ssg5-isdn-> save ? <return> attack-db save attack database config save configurations file save file image-key save image key patch save hot patch file software save software ■「file」として保存してあれば出来そう。 ssg5-isdn-> get file flash:/crashdump.dmp 32768 flash:/burnin_log1 20480 flash:/burnin_log0 20480 flash:/prngseed.bin 32 flash:/envar.rec 85 flash:/ns_sys_config 1302 flash:/dhcpservl.txt 0 flash:/cli-log 49952 flash:/dnstb.rec 83 flash:/pkidatabase.digest 20 flash:/ns_sys_cfg.sig 20 USB flash device : usb:/usb.cfg 3741 usb:/software.bin 13303808 ssg5-isdn-> save file flash:/crashdump.dmp to to save file to tftp server or usb ■コマンドを全部打つのは面倒なので。 $ echo ' flash:/crashdump.dmp 32768 flash:/burnin_log1 20480 flash:/burnin_log0 20480 flash:/prngseed.bin 32 flash:/envar.rec 85 flash:/ns_sys_config 1302 flash:/dhcpservl.txt 0 flash:/cli-log 49952 flash:/dnstb.rec 83 flash:/pkidatabase.digest 20 flash:/ns_sys_cfg.sig 20 ' | grep -v "^\$" | awk '{print $1}' | awk -F/ '{print "save file flash:/"$2 " to usb " $2}' save file flash:/crashdump.dmp to usb crashdump.dmp save file flash:/burnin_log1 to usb burnin_log1 save file flash:/burnin_log0 to usb burnin_log0 save file flash:/prngseed.bin to usb prngseed.bin save file flash:/envar.rec to usb envar.rec save file flash:/ns_sys_config to usb ns_sys_config save file flash:/dhcpservl.txt to usb dhcpservl.txt save file flash:/cli-log to usb cli-log save file flash:/dnstb.rec to usb dnstb.rec save file flash:/pkidatabase.digest to usb pkidatabase.digest save file flash:/ns_sys_cfg.sig to usb ns_sys_cfg.sig ■一気に流し込み。 flash -> usb ssg5-isdn-> save file flash:/crashdump.dmp to usb crashdump.dmp read file flash:/crashdump.dmp from flash,please wait... save file flash:/crashdump.dmp to usb (file: crashdump.dmp). Save .....Done ssg5-isdn-> save file flash:/burnin_log1 to usb burnin_log1 read file flash:/burnin_log1 from flash,please wait... save file flash:/burnin_log1 to usb (file: burnin_log1). Save .....Done ssg5-isdn-> save file flash:/burnin_log0 to usb burnin_log0 read file flash:/burnin_log0 from flash,please wait... save file flash:/burnin_log0 to usb (file: burnin_log0). Save .....Done ssg5-isdn-> save file flash:/prngseed.bin to usb prngseed.bin read file flash:/prngseed.bin from flash,please wait... save file flash:/prngseed.bin to usb (file: prngseed.bin). Save ....Done ssg5-isdn-> save file flash:/envar.rec to usb envar.rec read file flash:/envar.rec from flash,please wait... save file flash:/envar.rec to usb (file: envar.rec). Save ....Done ssg5-isdn-> save file flash:/ns_sys_config to usb ns_sys_config read file flash:/ns_sys_config from flash,please wait... save file flash:/ns_sys_config to usb (file: ns_sys_config). Save ....Done ssg5-isdn-> save file flash:/dhcpservl.txt to usb dhcpservl.txt Open flash:/dhcpservl.txt failed! ssg5-isdn-> save file flash:/cli-log to usb cli-log read file flash:/cli-log from flash,please wait... save file flash:/cli-log to usb (file: cli-log). Save .......Done ssg5-isdn-> save file flash:/dnstb.rec to usb dnstb.rec read file flash:/dnstb.rec from flash,please wait... save file flash:/dnstb.rec to usb (file: dnstb.rec). Save ....Done ssg5-isdn-> save file flash:/pkidatabase.digest to usb pkidatabase.digest read file flash:/pkidatabase.digest from flash,please wait... save file flash:/pkidatabase.digest to usb (file: pkidatabase.digest). Save ....Done ssg5-isdn-> save file flash:/ns_sys_cfg.sig to usb ns_sys_cfg.sig read file flash:/ns_sys_cfg.sig from flash,please wait... save file flash:/ns_sys_cfg.sig to usb (file: ns_sys_cfg.sig). Save ....Done ssg5-isdn-> ■確認。 ssg5-isdn-> get file flash:/crashdump.dmp 32768 flash:/burnin_log1 20480 flash:/burnin_log0 20480 flash:/prngseed.bin 32 flash:/envar.rec 85 flash:/ns_sys_config 1302 flash:/dhcpservl.txt 0 flash:/cli-log 49952 flash:/dnstb.rec 83 flash:/pkidatabase.digest 20 flash:/ns_sys_cfg.sig 20 USB flash device : usb:/usb.cfg 3741 usb:/software.bin 13303808 usb:/crashdump.dmp 32768 usb:/burnin_log1 20480 usb:/burnin_log0 20480 usb:/prngseed.bin 32 usb:/envar.rec 85 usb:/ns_sys_config 1302 usb:/cli-log 49952 usb:/dnstb.rec 83 usb:/pkidatabase.digest 20 usb:/ns_sys_cfg.sig 20 ssg5-isdn-> ■scriptログから「debug filesys all;get file;get dbuf stream」の結果を抜き出す。 $ sed s/".* name "//g dbuf.log | grep ^flash | awk '{print $1}' | sort -u flash:/$NSBOOT$.BIN flash:/LOADSSG5.D flash:/SSG5SSG2.0 flash:/burnin_log0 flash:/burnin_log1 flash:/certfile.cfg flash:/certfile.dsc flash:/cli-log flash:/crashdump.dmp flash:/dhcpservl.txt flash:/dnstb.rec flash:/envar.rec flash:/golerd.rec flash:/node_secret.ace flash:/ns_sys_cfg.sig flash:/ns_sys_config flash:/pkidatabase.digest flash:/prngseed.bin flash:/syscert.cfg ■もう一回。 $ echo ' flash:/$NSBOOT$.BIN flash:/LOADSSG5.D flash:/SSG5SSG2.0 flash:/burnin_log0 flash:/burnin_log1 flash:/certfile.cfg flash:/certfile.dsc flash:/cli-log flash:/crashdump.dmp flash:/dhcpservl.txt flash:/dnstb.rec flash:/envar.rec flash:/golerd.rec flash:/node_secret.ace flash:/ns_sys_cfg.sig flash:/ns_sys_config flash:/pkidatabase.digest flash:/prngseed.bin flash:/syscert.cfg ' | grep -v "^\$" | awk -F/ '{print "save file flash:/"$2 " to usb " $2}' save file flash:/$NSBOOT$.BIN to usb $NSBOOT$.BIN save file flash:/LOADSSG5.D to usb LOADSSG5.D save file flash:/SSG5SSG2.0 to usb SSG5SSG2.0 save file flash:/burnin_log0 to usb burnin_log0 save file flash:/burnin_log1 to usb burnin_log1 save file flash:/certfile.cfg to usb certfile.cfg save file flash:/certfile.dsc to usb certfile.dsc save file flash:/cli-log to usb cli-log save file flash:/crashdump.dmp to usb crashdump.dmp save file flash:/dhcpservl.txt to usb dhcpservl.txt save file flash:/dnstb.rec to usb dnstb.rec save file flash:/envar.rec to usb envar.rec save file flash:/golerd.rec to usb golerd.rec save file flash:/node_secret.ace to usb node_secret.ace save file flash:/ns_sys_cfg.sig to usb ns_sys_cfg.sig save file flash:/ns_sys_config to usb ns_sys_config save file flash:/pkidatabase.digest to usb pkidatabase.digest save file flash:/prngseed.bin to usb prngseed.bin save file flash:/syscert.cfg to usb syscert.cfg ■最終的な結果だけ。 これで3台目は安心して遊べますね。。。 ssg5-isdn-> get file flash:/crashdump.dmp 32768 flash:/burnin_log1 20480 flash:/burnin_log0 20480 flash:/prngseed.bin 32 flash:/envar.rec 85 flash:/ns_sys_config 1302 flash:/dhcpservl.txt 0 flash:/cli-log 49952 flash:/dnstb.rec 83 flash:/pkidatabase.digest 20 flash:/ns_sys_cfg.sig 20 USB flash device : usb:/usb.cfg 3741 usb:/software.bin 13303808 usb:/crashdump.dmp 32768 usb:/burnin_log1 20480 usb:/burnin_log0 20480 usb:/prngseed.bin 32 usb:/envar.rec 85 usb:/ns_sys_config 1302 usb:/cli-log 49952 usb:/dnstb.rec 83 usb:/pkidatabase.digest 20 usb:/ns_sys_cfg.sig 20 usb:/boot.bin 13303808 usb:/loadssg5.d 408395 usb:/$NSBOOT$.BIN 13303808 usb:/SSG5SSG2.0 13295019 usb:/certfile.cfg 3398 usb:/certfile.dsc 504 usb:/golerd.rec 1220 usb:/syscert.cfg 1166 ssg5-isdn->
