Backup/Restore Zenarmor (Sensei) Configuration and Policies
A software or hardware failure, a human-caused event, or even physical disasters like floods, fires, earthquakes, or tornados may result in a complete wipeout of all of your system. And occasionally bad things happen in our lives when we least expect them or are least prepared for them. The backup of your data makes it accessible in case of data deletion or corruption. You can only recover data from an earlier time if you have backed it up.
You can manually backup Zenarmor configuration and policy files at any time on OPNsense web GUI. After your backup is completed, it can be downloaded to a separate medium easily with just one click for reducing the future data loss risk.
It is recommended that you should make your backup copies on a regular and consistent basis. The more time that passes between your backup copies, the more potential for data loss you face when recovering from a failure. Regular backups both protect your data and enable your system to recover and get running again quickly.
Zenarmor Backup Panel
Backup Panel allows you to perform the following tasks:
- Backup Zenarmor Configuration
- Check & Fix Zenarmor Settings
Backup Zenarmor Configuration
You can easily backup the Zenarmor configuration and policy files by following these 3 steps:
- Navigate to the
Backupon your OPNsense GUI.
Figure 1: Navigating to Zenarmor→Configuration→Backup.
- You can encrypt the backup file by switching on the toggle button in the
Zenarmor Backuppanel. If encryption is enabled, you must enter and confirm a password.
Figure 2: Backup File Without Encryption
Figure 3: Backup file encryption is enabled
Run Backupbutton to start the backup operation. After the backup is completed, the below popup message notifies you. By default, backups are stored on the firewall itself. It is very important that you should download the backup file to your local disk by clicking the
Downloadbutton in the dialog. Otherwise, a fresh install will erase your backup files on the Zenarmor GUI. You should keep it in an external storage medium like your pc or another safe media.
Figure 4: Popup Message indicating that backup is completed and backup file can be downloaded.
Check & Fix Zenarmor Settings
Zenarmor Settings Database option is available in Zenarmor Backup Panel. This option checks the Zenarmor settings file,
settings.db, and correct the errors if any exists. Somehow this configuration file may have some missing columns that causes an error mostly in configuration screen. When you click on the Check & Fix button, it makes the
settings.db compatible with the current release.
Zenarmor Backup Configuration page,
Restore Pane contains the existing backup files in the system and the file operation buttons. You can view the detailed file information (date of the backup and whether the file is encrypted or not) in this panel. Also, you can execute the following backup file operations:
Figure 5: Restore Panel
You can easily restore your Zenarmor configuration and policy files by following the next steps:
Navigate to the
Backupon your OPNsense GUI.
You can either upload a backup file or select one of the backup files stored in your OPNsense system to restore the Zenarmor configuration and policy files.
To start the restore operation, you can upload a backup file by clicking on the
Upload Backup File and Restorebutton or you can select a file listed in Restore pane by clicking on the
Restorebutton in the
- This will display a window asking for Restore Parameters given below.
Figure 6. Selecting Restore Parameters
- If the backup file is encrypted, an encryption password is asked in the Restore Parameters window too.
Figure 7. Selecting Restore Parameters For Encrypted Backup File
- Select the proper option under the Restore Area drop-down list. You can either restore all configuration files or only policy and rule files from the backup file.
Figure 8. Selecting Files to Restore
By default, license data is excluded from the restore operation. To restore it, switch off the toggle button in the window.
Figure 9. License data is not restored.
Figure 10. License data is restored.
Click on the
Restorebutton in the
Restore Parameterswindow. If all goes well, a dialog box is displayed. Then, click the
OKbutton to close Success dialog.
Figure 11: A message indicating that the restore operation was completed successfully.
Refreshto refresh the browser window.
Figure 12: A message notifies the user to refresh the browser window.
Downloading A Backup File
You can download the backup files stored in your OPNsense system to your local disc by clicking on the
Download button in the same row with the file to be downloaded in the
CLI Backup Restore
With 1.9.2 release you will be able to restore your backup file via Command Line Interface
The followings should be provided in a sequence for the restore script.
- Locate the CLI.php file
- Call CLI.PHP file
- Locate the backup file
- Type Password for restoring
- Provide restore option (all | rule). Type “rule” if you only restore Firewall Rules
- Provide License Exclusion option (true | false)
[CLI.php][restore] [ Backup FILE path][pass 'a*1',''] [option 'all','rule'][license Exclude true,false]
Sample usage for non-encrypted files;
/usr/local/opnsense/mvc/app/models/OPNsense/Sensei/CLI.php restore /root/sensei-backup-OPNsense.localdomain-1625074552.tar.gz false '' all true
Sample usage for an encrypted files;
/usr/local/opnsense/mvc/app/models/OPNsense/Sensei/CLI.php restore /root/sensei-backup-OPNsense.localdomain-1625086767.tar.gz.enc true '123456' all true
Deleting A Backup File
You can delete the backup files stored in your OPNsense system by clicking on the
- Delete button in the same row with the file to be deleted in the