tmiland/pf2OPN-config.sh

## pf2OPN-config.sh
#!/usr/bin/env bash

#    Copyright (C) 2019 Cloudfence - Julio Camargo
#    All rights reserved.
#
#    Redistribution and use in source and binary forms, with or without
#    modification, are permitted provided that the following conditions are met:
#
#    1. Redistributions of source code must retain the above copyright notice,
#     this list of conditions and the following disclaimer.
#    2. Redistributions in binary form must reproduce the above copyright
#    notice, this list of conditions and the following disclaimer in the
#     documentation and/or other materials provided with the distribution.
#    THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
#    INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
#    AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
#    AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
#    OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
#    SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
#    INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
#    CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
#    ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
#    POSSIBILITY OF SUCH DAMAGE.
#    --------------------------------------------------------------------------------------
#    https://github.com/cloudfence

# Convert XML from pfSense to OPNsense format
tput setaf 1
echo "
USE AT OWN OWN RISK!
TESTS IN LAB BEFORE USE IN PRODUCTION ENVIRONMENT IS HIGHLY RECOMMENDED!
YOU WERE WARNED!!
"
tput sgr0

XML="$1"

XMLLINT=$(which xmllint)
CHK=$( echo $? )

if [ "$CHK" -ne 0 ];then
  echo "xmllint is needed to run this script, you must install it and try again"
fi

DATE=$(date +%Y%m%d)
OPN_XML="./config-OPN-$DATE.xml"

IFACE_DRIVER=$(grep -E "<if>" "$XML" | grep -v vlan | cut -d"<" -f2 | cut -d">" -f2 | sed 's/[0-9]//g' | sort | uniq)

change_ifaces() {
  TMP_XML="./config.tmp"

  tput setaf 3
  echo
  echo "This script will change it sequentially e.g.: em1 -> igb1, em2 -> igb2..."
  echo
  tput sgr0
  echo
  echo "Network Interface Driver found:"
  tput setaf 6
  echo "$IFACE_DRIVER"
  tput sgr0
  echo "Type new Network Interface Driver:"
  tput setaf 6
  read -r NEW_IFACE_DRIVER
  tput sgr0

  if [ -z "$NEW_IFACE_DRIVER" ];then
    echo "You must type a valid network driver"
  else
    < "$XML" sed 's/\<if\>'"$IFACE_DRIVER"'/\<if\>'"$NEW_IFACE_DRIVER"'/g' > $TMP_XML
    IFACE_CHANGED="1"
    return
  fi

}

# Sections to import
# not using array to be compatible with all shells
SECTIONS="system interfaces staticroutes dhcpd dnsmasq snmpd syslog nat filter ipsec alias revision rrd widgets sysctl gateways openvpn cert ca virtualip vlans"

echo "The following Config sections will be imported:"
for SECTION in $SECTIONS;
do
  tput setaf 6
  echo "$SECTION" | tr '[:lower:]' '[:upper:]'
  tput sgr0
done

echo "Press ENTER to continue"
read -r


echo "Network interfaces are:"
tput setaf 6
echo "$IFACE_DRIVER"
tput sgr0
echo ""
echo "Do you want to change the interfaces?"
echo "Tip: If the destination system have another network chipset, you should answer Yes here:"


select OPT in "Yes" "No" "Not sure"
do
  case $OPT in
    "Yes")
      change_ifaces
      ;;
    "No")
      echo "OK! Lets continue"
      break
      ;;
    "Not sure")
      tput setaf 3
      echo "Let me try to help:"
      echo "Log in OPNsense WebGUI and go to:"
      echo "Interfaces: Assignments"
      echo "The list of your physical network interfaces should be listed there"
      echo "This script will change it sequentially e.g.: em1 -> igb1, em2 -> igb2..."
      tput sgr0
      ;;
    *)
      echo "invalid option "
      ;;
  esac
done


cat << EOF > "$OPN_XML"
<?xml version="1.0"?>
<opnsense>
EOF

for SECTION in $SECTIONS
do
  if [ -n "$IFACE_CHANGED" ];then
    $XMLLINT --nocdata --xpath "//$SECTION" "$TMP_XML" >> "$OPN_XML" 2> /dev/null
    echo >> "$OPN_XML"
  else
    $XMLLINT --nocdata --xpath "//$SECTION" "$XML" >> "$OPN_XML" 2> /dev/null
    echo >> "$OPN_XML"
  fi
done

echo "</opnsense>" >> "$OPN_XML"

echo "Saved new file: $OPN_XML"

rm -f "$TMP_XML"
	#!/usr/bin/env bash

	# Copyright (C) 2019 Cloudfence - Julio Camargo
	# All rights reserved.
	#
	# Redistribution and use in source and binary forms, with or without
	# modification, are permitted provided that the following conditions are met:
	#
	# 1. Redistributions of source code must retain the above copyright notice,
	# this list of conditions and the following disclaimer.
	# 2. Redistributions in binary form must reproduce the above copyright
	# notice, this list of conditions and the following disclaimer in the
	# documentation and/or other materials provided with the distribution.
	# THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
	# INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
	# AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
	# AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
	# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
	# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
	# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
	# CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
	# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
	# POSSIBILITY OF SUCH DAMAGE.
	# --------------------------------------------------------------------------------------
	# https://github.com/cloudfence

	# Convert XML from pfSense to OPNsense format
	tput setaf 1
	echo "
	USE AT OWN OWN RISK!
	TESTS IN LAB BEFORE USE IN PRODUCTION ENVIRONMENT IS HIGHLY RECOMMENDED!
	YOU WERE WARNED!!
	"
	tput sgr0

	XML="$1"

	XMLLINT=$(which xmllint)
	CHK=$( echo $? )

	if [ "$CHK" -ne 0 ];then
	echo "xmllint is needed to run this script, you must install it and try again"
	fi

	DATE=$(date +%Y%m%d)
	OPN_XML="./config-OPN-$DATE.xml"

	IFACE_DRIVER=$(grep -E "<if>" "$XML" \| grep -v vlan \| cut -d"<" -f2 \| cut -d">" -f2 \| sed 's/[0-9]//g' \| sort \| uniq)

	change_ifaces() {
	TMP_XML="./config.tmp"

	tput setaf 3
	echo
	echo "This script will change it sequentially e.g.: em1 -> igb1, em2 -> igb2..."
	echo
	tput sgr0
	echo
	echo "Network Interface Driver found:"
	tput setaf 6
	echo "$IFACE_DRIVER"
	tput sgr0
	echo "Type new Network Interface Driver:"
	tput setaf 6
	read -r NEW_IFACE_DRIVER
	tput sgr0

	if [ -z "$NEW_IFACE_DRIVER" ];then
	echo "You must type a valid network driver"
	else
	< "$XML" sed 's/\<if\>'"$IFACE_DRIVER"'/\<if\>'"$NEW_IFACE_DRIVER"'/g' > $TMP_XML
	IFACE_CHANGED="1"
	return
	fi

	}

	# Sections to import
	# not using array to be compatible with all shells
	SECTIONS="system interfaces staticroutes dhcpd dnsmasq snmpd syslog nat filter ipsec alias revision rrd widgets sysctl gateways openvpn cert ca virtualip vlans"

	echo "The following Config sections will be imported:"
	for SECTION in $SECTIONS;
	do
	tput setaf 6
	echo "$SECTION" \| tr '[:lower:]' '[:upper:]'
	tput sgr0
	done

	echo "Press ENTER to continue"
	read -r


	echo "Network interfaces are:"
	tput setaf 6
	echo "$IFACE_DRIVER"
	tput sgr0
	echo ""
	echo "Do you want to change the interfaces?"
	echo "Tip: If the destination system have another network chipset, you should answer Yes here:"


	select OPT in "Yes" "No" "Not sure"
	do
	case $OPT in
	"Yes")
	change_ifaces
	;;
	"No")
	echo "OK! Lets continue"
	break
	;;
	"Not sure")
	tput setaf 3
	echo "Let me try to help:"
	echo "Log in OPNsense WebGUI and go to:"
	echo "Interfaces: Assignments"
	echo "The list of your physical network interfaces should be listed there"
	echo "This script will change it sequentially e.g.: em1 -> igb1, em2 -> igb2..."
	tput sgr0
	;;
	*)
	echo "invalid option "
	;;
	esac
	done


	cat << EOF > "$OPN_XML"
	<?xml version="1.0"?>
	<opnsense>
	EOF

	for SECTION in $SECTIONS
	do
	if [ -n "$IFACE_CHANGED" ];then
	$XMLLINT --nocdata --xpath "//$SECTION" "$TMP_XML" >> "$OPN_XML" 2> /dev/null
	echo >> "$OPN_XML"
	else
	$XMLLINT --nocdata --xpath "//$SECTION" "$XML" >> "$OPN_XML" 2> /dev/null
	echo >> "$OPN_XML"
	fi
	done

	echo "</opnsense>" >> "$OPN_XML"

	echo "Saved new file: $OPN_XML"

	rm -f "$TMP_XML"