Copy Files to a USB Drive¶
On occasion it may be necessary to copy files to or from the firewall using a USB flash drive.
This procedure assumes the drive is formatted with FAT or FAT32 (Also known as “DOS”) partitions.
At this time it is not possible to use drives formatted as exFAT or NTFS.
This procedure assumes the user is connected to the firewall console or using SSH and connected using an SSH client.
Locate Drive and Partition Name¶
Mounting the drive requires knowing the device name of the USB flash drive and the name of the FAT partition.
There are a couple different methods to determine these values.
Using Device Labels¶
The most convenient way to mount a drive is by its device label, if it is known. This is the name given by the user in Windows when formatting the drive or by altering the drive properties.
With the drive connected, look at the list of available device labels for DOS partitions:
: ls -l /dev/msdosfs/ crw-r----- 1 root operator 0x93 Jul 8 13:56 MYDRIVE crw-r----- 1 root operator 0x65 Jul 8 11:30 EFISYS
In this example, the drive is named
MYDRIVE and when mounting the full name
/dev/msdosfs/MYDRIVE is valid for use by
On UEFI systems the
EFISYS label is the system EFI boot partition, do
not mount or alter the content of that partition!
The most definitive way to locate the correct drive and partition is to use
gpart and look for a
This example system has two multiple disks, but only one of them is a USB thumb drive with a FAT32 partition:
: gpart list | egrep 'Name:| type:' 1. Name: mmcsd0p1 type: efi 2. Name: mmcsd0p2 type: freebsd-boot 3. Name: mmcsd0p3 type: freebsd-swap 4. Name: mmcsd0p4 type: freebsd-zfs 1. Name: mmcsd0 1. Name: da0s1 type: fat32 1. Name: da0
In this example the target partition is
da0s1 as it’s the name corresponding
fat32 type entry.
This next example system has a USB drive containing multiple partitions, but only one of them is FAT32:
: gpart list | egrep 'Name:| type:' 1. Name: da0s1 type: efi 2. Name: da0s2 type: fat32 3. Name: da0s3 type: freebsd 1. Name: da0 1. Name: da0s3a type: freebsd-zfs 1. Name: da0s3
Based on the above output the target partition is
System Log and Device List¶
This method is not as accurate but may be good enough for the majority of use cases.
Monitor the console or watch the system log when inserting the USB drive
tail -F /var/log/system.log). This will contain output similar to the
ugen0.2: <USB Flash Disk> at usbus0 umass0 on uhub0 umass0: <USB Flash Disk, class 0/0, rev 2.00/11.00, addr 1> on usbus0 da0 at umass-sim0 bus 0 scbus0 target 0 lun 0 da0: <USB Flash Disk 1100> Removable Direct Access SPC-2 SCSI device da0: Serial Number FBG1204030507369 da0: 40.000MB/s transfers da0: 1912MB (3915776 512 byte sectors) da0: quirks=0x2<NO_6_BYTE>
This output indicates the correct drive is
da0 but it does not help
determine the correct partition on that drive.
Next, look at the list of devices in
/dev/ to see which partitions are
present on the drive:
: ls -l /dev/da0* crw-r----- 1 root operator 0x91 Jul 8 13:56 /dev/da0 crw-r----- 1 root operator 0x92 Jul 8 13:56 /dev/da0s1
For a USB drive containing only a single FAT32 partition,
da0s1 is likely
the correct partition.
Mount the Partition¶
Before mounting, create a directory to use as the mountpoint. The directory
/mnt can be used for this purpose but a safer practice is to create a custom
: mkdir -p /root/usb
The next step is to mount the drive using the full path to the label or partition and the mount point:
: mount -t msdosfs /dev/msdosfs/MYDRIVE /root/usb
Partition device example:
: mount -t msdosfs /dev/da0s1 /root/usb
Remember to unmount the drive before removing it from USB!
Copy the Files¶
With the drive mounted, files can be copied to or from the drive using the
/root/usb in this example.
Copy/Move files from the firewall to the USB drive:
: cp /conf/config.xml /root/usb/config-backup.xml : mv /tmp/status_output.tgz /root/usb/
Copy files from the USB drive to the firewall:
: cp /root/usb/myscript.sh /root/bin/
Unmount and Clean Up¶
After copying files, the drive must be unmounted:
: umount /root/usb/
With the drive unmounted it is now safe to remove the USB device from the firewall.
Failing to unmount the drive before removing the USB device can result in a kernel panic and reboot!
Next, remove the mountpoint directory if it is no longer necessary:
: rmdir /root/usb/
This is optional. The mountpoint directory may be left in place for future use.
Do not use
rm -rf or similar on the mountpoint! If the device was still
mounted, this would destroy files on the device. Using
rmdir ensures the
operation will only have an effect if the directory is empty.
# Insert the USB drive # Find the label : ls -l /dev/msdosfs/ crw-r----- 1 root operator 0x93 Jul 8 13:56 MYDRIVE # Create the mountpoint : mkdir /root/usb # Mount the drive : mount -t msdosfs /dev/msdosfs/MYDRIVE /root/usb # Copy files : cp /conf/config.xml /root/usb/config-backup.xml # Unmount the drive : umount /root/usb/ # Remove the mountpoint : rmdir /root/usb/ # Remove the USB drive