Re: [leaf-user] Upgrading Many Firewalls
On 10/23/2014 1:45 PM, Andrew wrote: something like this: for i in `ls /mnt`; do wget ftp://.../$i; done mv init* linux modules.* /moddb /mnt apkg -u *.lrp # this update configs mv * /mnt Andrew, I'll have to trace the logic, I'm not sure exactly what that is doing. I was thinking of targeting the configuration files I know that I change, and using scp as all the firewalls I need to upgrade are available over SSH. I'll look this over. Thanks! - Bop -- leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/
Re: [leaf-user] Upgrading Many Firewalls
Hi Bob on 24.10.2014 14:39, Robert K Coffman Jr. -Info From Data Corp. wrote: On 10/23/2014 1:45 PM, Andrew wrote: something like this: for i in `ls /mnt`; do wget ftp://.../$i; done mv init* linux modules.* /moddb /mnt apkg -u *.lrp # this update configs mv * /mnt Andrew, I'll have to trace the logic, I'm not sure exactly what that is doing. I was thinking of targeting the configuration files I know that I change, and using scp as all the firewalls I need to upgrade are available over SSH. That will work. I am in the process of writing an update procedure for myself, because I feel this is an area where we could still improve. Upgrading fron 4.x should not be much of a problem, as the format of configdb has not changed, so you can probably use your existing configdb. All it needs is the current kernel and modules along with the new package versions. If you are short of memory, the hardware detection might not work. I tried Victor's trick on my wrap and it failed for me. If you have sufficient space on the CF I would suggest to modify your boot program to support multiboot and either install the new release on a new partition or first clone the packages and settings to a new partition so you always have a fallback. cheers Erich smime.p7s Description: S/MIME Cryptographic Signature -- leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/
Re: [leaf-user] Upgrading Many Firewalls
24.10.2014 15:39, Robert K Coffman Jr. -Info From Data Corp. пишет: On 10/23/2014 1:45 PM, Andrew wrote: something like this: for i in `ls /mnt`; do wget ftp://.../$i; done mv init* linux modules.* /moddb /mnt apkg -u *.lrp # this update configs mv * /mnt Andrew, I'll have to trace the logic, I'm not sure exactly what that is doing. I was thinking of targeting the configuration files I know that I change, and using scp as all the firewalls I need to upgrade are available over SSH. I'll look this over. Thanks! - Bop At 1st line it grabs all required files from FTP (for v4-v5 upgrade you should also grab here initmod.lrp - in v4 boot-time modules are into intrd, in v5 modules are splitted out). 2nd line - move initrd/initmod, kernel, moddb.lrp and modules.tgz to CF 3rd line - mostly configs update (apkg -u - updates package and, if default config is changed and config is edited, asks for merge, in other case - replace default config by updated one). Then - move all packages to CF, update syslinux.cfg (to add initmod.lrp) and run lrcfg save config. Try on some test box with cloned copy. -- leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/
[leaf-user] Upgrading Many Firewalls
I have a number of 4.x Leaf boxes that it is probably past time to upgrade. I was considering creating a script that I would run on a generically installed, current Leaf box that would copy over the configuration files from the old firewall, so that most of the work in upgrading would be in imaging the new box and physically installing it. Does this have any chance of working well? I know some packages may no longer be supported, and I'm willing to manually upgrade/replace those, but I'd like to automate whatever I can. - Bob Coffman -- leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/
Re: [leaf-user] Upgrading Many Firewalls
something like this: for i in `ls /mnt`; do wget ftp://.../$i; done mv init* linux modules.* /moddb /mnt apkg -u *.lrp # this update configs mv * /mnt and don't forget to update syslinux.cfg (add initmod.lrp) 23.10.2014 20:38, Robert K Coffman Jr. -Info From Data Corp. пишет: I have a number of 4.x Leaf boxes that it is probably past time to upgrade. I was considering creating a script that I would run on a generically installed, current Leaf box that would copy over the configuration files from the old firewall, so that most of the work in upgrading would be in imaging the new box and physically installing it. Does this have any chance of working well? I know some packages may no longer be supported, and I'm willing to manually upgrade/replace those, but I'd like to automate whatever I can. - Bob Coffman -- leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/ -- leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/