burp-2.x

最後更新: 2019-08-01

目錄

  • Install From Source
  • Static Build
  • V2.2.X Server Setting
  • V2.2.X Client Setting
  • restore_client / super_client
  • Signals
  • backup_tool_script
  • working_dir
  • Monitor

Install From Source

 

# Download Source

https://sourceforge.net/projects/burp/files/burp-2.2.18/

# Debian 準備

apt-get install librsync-dev libz-dev libssl-dev \
                     uthash-dev libncurses5-dev \
                     libacl1-dev libattr1-dev libwrap0-dev

apt-get install gcc g++ make pkg-config check autoconf automake libtool

# Centos 7 準備

yum groupinstall "Development Tools" -y

yum install autoconf automake libtool \
librsync-devel libzip-devel uthash-devel \
openssl-devel ncurses-devel libacl-devel \
libattr-devel tcp_wrappers-devel

# Update generated "configure" files

# (-v, --verbose   &   -i, --install   &   -f, --force)

autoreconf -vif

# check version

./configure -V

Burp configure 2.2.18

# Config

build_burp.sh

#!/bin/bash

cd burp-2.2.18

./configure --prefix=/opt/burp \
        --enable-xattr \
        --enable-acl

make clean; make -j 2; make install

 


Static Build

 

 * 失敗了.

./configure \
  --prefix=/opt/burp \
  --enable-static

make -j 2

 


V2.2.X Server Setting

 

ssl_compression

ssl_compression=zlib0

# The default is 5
# Choose the level of zlib compression over SSL.
# zlib0 turns SSL compression off.

ssl_ciphers

Server

ssl_ciphers = RC4-SHA:AES128-SHA

Client

ssl_ciphers = RC4-MD5

應用: 改用較不吃 CPU 的資源的加密

在 Backup 時會見到 log

...
2019-08-01 13:18:07 +0800: burp[8627] SSL is using cipher: 
  DHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=DH       Au=RSA  Enc=AESGCM(256) Mac=AEAD

# 找出系統支的的 ciphers

openssl ciphers -s -v RC4

...
RC4-SHA                 SSLv3 Kx=RSA      Au=RSA  Enc=RC4(128)  Mac=SHA1
RC4-MD5                 SSLv3 Kx=RSA      Au=RSA  Enc=RC4(128)  Mac=MD5
...

# 在 burp.conf 設定 ciphers

ssl_ciphers = RC4-MD5

再次 Backup 時的 log

...
Aug  1 14:51:49 burp burp[8752]: SSL is using cipher: 
RC4-MD5                 SSLv3 Kx=RSA      Au=RSA  Enc=RC4(128)  Mac=MD5

參考

monitor_browse_cache

Whether or not the server should cache the directory tree when a  monitor client is browsing.

Advantage: browsing is faster.

Dis‐advantage: more memory is used.

atime

atime=[0|1]

The default is 0, which enables O_NOATIME.

This allows you to control whether the client uses O_NOATIME when opening files and directories.

This means that the client can read files and directories without updating the access times.

However, this is only possible if you are running as root, or are the owner of the file or directory.

If this is not the case (perhaps you only have group or world access to the files), you will get errors until you set atime=1.

With atime=1, the access times will be updated on the files and directories that get backed up.

 


V2.2.X Client Setting

 

restoreprefix

# This option is prefixed to the path of all restores, and is overridden by
# '-d' on the command line.

restoreprefix = /root/restore/data

 


restore_client / super_client

 

SERVER OPTIONS

restore_client=[client]

A client that is permitted to list, verify, restore, delete, and diff files belonging to any other client

According to the client_can permissions (eg,  'client_can_list') on both the restore_client and the original client

 - restore_clients 才可以 monitor 到所有 client

 - can specify multiple restore_clients

 - restore_client for individual original clients (clientconfdir files)

CLIENT OPTIONS

-C [client]

Allows  you  to specify an alternative client to list or restore from.

(See the 'restore_client' and 'super_client' options.)

Usage

burp -a l -C win7-admin

Backup: 0000004 2018-01-12 19:15:37 (deletable)
Backup: 0000010 2018-01-18 19:15:27 (deletable)
Backup: 0000011 2019-03-27 11:42:47 +0800 (deletable)
Backup: 0000012 2019-03-27 12:20:52 +0800 (deletable)
Backup: 0000013 2019-03-27 13:09:44 +0800 (deletable)
Backup: 0000014 2019-03-27 16:34:23 +0800 (deletable)
Backup: 0000015 2019-03-27 16:37:13 +0800 (deletable)
Backup: 0000016 2019-03-28 19:18:49 +0800 (deletable)

burp -a r -C win7-admin -d /home/restore

--------------------------------------------------------------------------------
Start time: 2019-03-29 11:04:40
  End time: 2019-03-29 11:04:41
Time taken: 00:01
                             Attempted | Expected
                   ------------------------------
             Files:                  6 |        6
       Grand total:                  6 |        6
                   ------------------------------

             Messages:             0
             Warnings:             0

      Bytes estimated:         19119 (18.67 KB)
      Bytes attempted:             0
       Bytes received:         20377 (19.90 KB)
           Bytes sent:           627
--------------------------------------------------------------------------------
2019-03-29 11:04:41 +0800: burp[10124] restore finished

 


Signals

 

signal    1  (HUP) 

to the main server process will cause it to reload.

For the vast majority of configuration changes, a  reload  is unnecessary as the server will pick up changes "on-the-fly".

signal 12 (USR2)

to the main server process will cause it to wait until there are no longer any child processes, and then exit.

The intention is to help with upgrades without interrupting current backups.

if you are running upstart, a new burp server process will start up when the old one exits.

 

 


backup_tool_script

 

It is a script to check backup sanity on the server.

It can verify a given number of backups for each client.

It can run verify operations in parallel ( interleaving different client )

 

# Check that the burp service is running

# 依賴 /opt/burp/sbin/burp -a S

backup_tool_script -j burp

# Check for clients that don't have backups newer than 3 days:

backup_tool_script -d /path/to/clients/backups/dir -o 3

# Launch backup verification for last 7 backups for each client:

backup_tool_script -d /path/to/clients/backups/dir -v 3

# Check for exceeded quotas in most recent backups:

backup_tool_script -d /path/to/clients/backups/dir -q

 


working_dir

 

working_dir 它一共有 4 個 Phases (1 ~ 4)

Symbolic link

  • working
  • finishing
  • current

Start Backup

/var/spool/burp/<client>/0000027 2015-04-12 01:24:29
/var/spool/burp/<client>/working -> 0000027 2015-04-12 01:24:29

phases 1 (file system scan)

phases 2 (send actual data)

/var/spool/burp/<client>/finishing -> 0000027 2015-04-12 01:24:29

phases 3 (manifest generation)

phases 4 (shuffling)

/var/spool/burp/<client>/current -> 0000027 2015-04-12 01:24:29

Interruption

If the interruption

[1] left a 'finishing' symlink

the server will attempt to carry on and complete the backup.

Part of phase 4 may involve operations that alter the immediately previous backup

(it may need to convert its files into reverse deltas),

so once it is 'finishing', burp can only try to move forwards.

Note that when the backup is 'finishing', no more data is required from the client.

[2] left a 'working' symlink

If the interruption left a 'working' symlink behind, the server will check the

'working_dir_recovery_method' server-side option to decide what to do next.

 


Monitor

 

In burp 2

  • The status port connection is secured via SSL.
  • able to see its own details
  • details of any other client that you are a 'super_client' or 'restore_client' of.

Action section

"backup", "list", "restore", "verify", "delete", or "diff".

Phase section

"scanning", "backup", "merging", "shuffling", "listing", "restoring", "verifying", "deleting", or "diffing"

Opts

-a s                # Run this to connect to a running server to get a live monitor of the status

-a S               # Similar to '-a s', 但只會輸出一次 status

-a m               # Raw connection(JSON output)

Example

burp -a s

    burp monitor 2.2.18                               2020-04-28 12:22:08 +0800

 * burpServer              idle  last backup: 0000011 2019-08-02 13:16:06 +0800
   vm.admin                idle  last backup: 0000273 2020-04-23 23:15:00 +0800
   vm.apps01               idle  last backup: 0000265 2020-04-23 23:17:31 +0800
   vm.apps02               idle  last backup: 0000266 2020-04-23 23:01:34 +0800
   vm.file01               idle  last backup: 0000263 2020-04-23 23:19:00 +0800