Let's say you'd like to schedule a backup done via a cron job. Assume you want that script initiated from, and stored on a safe location on a server on the network, (not on the router).

Further, you do not wish to install SFTP just for these backups.

The following script will download the script without needing to have SFTP enabled on the router.

One option would be to create the backup as a cron job on the router itself. However, let's assume you want to have it all done in just one run. For this reason, creation of the backup in an individual file with timestamp is included in the script.

Thus, just one run of the script on the backup server will create the backup and download it to to a safe location.

Action is based on using a here doc to execute commands on the router.

The backup is created by using the “nvram save” command. This is how the backups are created in the GUI. You may cross-check (what? at the command line?) by using “nvram convert”.

The script then archives the data in a tar file and sends it through netcat.

Prerequisites: netcat has to be installed on backup server, ssh key of executing user from backup server must installed on root user on router.

Script starts here:

 #!/bin/bash
 
 USER=root
 LOCAL_ID_FILE=/home/${LOGNAME}/.ssh/id_tomato_ecdsa
 PORT=5555
 BACKUP_DIR=/home/${LOGNAME}/Router_Backups
 SCRIPT_FILE=nvram_save_cfg.sh
 PREFIX=FreshTomato
 EXT=.cfg
 TRANSFER_FILENAME=config.tar
 
 ROUTER=`ip r | grep default | head -1 | cut -d " " -f 3`
 pushd ${BACKUP_DIR}
 
 (netcat -l -p ${PORT} > ${TRANSFER_FILENAME}) &
 #
 # Thinks like
 # VAR=`nvram get os_version`
 # seem not to work in bash via here doc, so write results into script file and source it
 # Further the individual filename is general not known, so tar it into temp file
 #
 ssh ${USER}@${ROUTER} -i ${LOCAL_ID_FILE}<<ENDSSH
         rm -f ${SCRIPT_FILE} ${TRANSFER_FILENAME} ${PREFIX}_*_20[234][0-9][01][0-9][0123][0-9]_[012][0-9][0-5][0-9]${EXT}
         echo "nvram save ${PREFIX}" >> ${SCRIPT_FILE}
         nvram get os_version | sed -e "s/ .*$//" >> ${SCRIPT_FILE}
         echo "on" >> ${SCRIPT_FILE}
         nvram get t_model_name | tr " " "_" >> ${SCRIPT_FILE}
         nvram get router_name >> ${SCRIPT_FILE}
         date +%Y%m%d_%H%M >> ${SCRIPT_FILE}
         sed -e "N;N;N;N;N;s/\n/_/g;s/$/${EXT}/" -i ${SCRIPT_FILE}
         cat ${SCRIPT_FILE}
         source ${SCRIPT_FILE}
         tar -cvf ${TRANSFER_FILENAME} *_20[234][0-9][01][0-9][0123][0-9]_[012][0-9][0-5][0-9]${EXT}
         cat ${TRANSFER_FILENAME} | nc caisfiles ${PORT}
         rm -f ${SCRIPT_FILE} ${TRANSFER_FILENAME} ${PREFIX}_*_20[234][0-9][01][0-9][0123][0-9]_[012][0-9][0-5][0-9]${EXT}
 ENDSSH
 
 tar -xvf ${TRANSFER_FILENAME}
 rm ${TRANSFER_FILENAME}
 popd