Copy Files to a USB Drive¶
On occasion it may be necessary to copy files to or from the firewall using a USB flash drive.
Note
This procedure assumes the drive is formatted with FAT or FAT32 (Also known as “DOS”) partitions.
At this time it is not possible to use drives formatted as exFAT or NTFS.
This procedure assumes the user is connected to the firewall console or using SSH and connected using an SSH client.
Locate Drive and Partition Name¶
Mounting the drive requires knowing the device name of the USB flash drive and the name of the FAT partition.
There are a couple different methods to determine these values.
Using Device Labels¶
The most convenient way to mount a drive is by its device label, if it is known. This is the name given by the user in Windows when formatting the drive or by altering the drive properties.
With the drive connected, look at the list of available device labels for DOS partitions:
: ls -l /dev/msdosfs/
crw-r----- 1 root operator 0x93 Jul 8 13:56 MYDRIVE
crw-r----- 1 root operator 0x65 Jul 8 11:30 EFISYS
In this example, the drive is named MYDRIVE and when mounting the full name
of /dev/msdosfs/MYDRIVE is valid for use by mount.
Warning
On UEFI systems the EFISYS label is the system EFI boot partition, do
not mount or alter the content of that partition!
Using gpart¶
The most definitive way to locate the correct drive and partition is to use
gpart and look for a fat32 entry.
This example system has two multiple disks, but only one of them is a USB thumb drive with a FAT32 partition:
: gpart list | egrep 'Name:| type:'
1. Name: mmcsd0p1
type: efi
2. Name: mmcsd0p2
type: freebsd-boot
3. Name: mmcsd0p3
type: freebsd-swap
4. Name: mmcsd0p4
type: freebsd-zfs
1. Name: mmcsd0
1. Name: da0s1
type: fat32
1. Name: da0
In this example the target partition is da0s1 as it’s the name corresponding
to the fat32 type entry.
This next example system has a USB drive containing multiple partitions, but only one of them is FAT32:
: gpart list | egrep 'Name:| type:'
1. Name: da0s1
type: efi
2. Name: da0s2
type: fat32
3. Name: da0s3
type: freebsd
1. Name: da0
1. Name: da0s3a
type: freebsd-zfs
1. Name: da0s3
Based on the above output the target partition is da0s2.
System Log and Device List¶
This method is not as accurate but may be good enough for the majority of use cases.
Monitor the console or watch the system log when inserting the USB drive
(e.g. tail -F /var/log/system.log). This will contain output similar to the
following:
ugen0.2: <USB Flash Disk> at usbus0
umass0 on uhub0
umass0: <USB Flash Disk, class 0/0, rev 2.00/11.00, addr 1> on usbus0
da0 at umass-sim0 bus 0 scbus0 target 0 lun 0
da0: <USB Flash Disk 1100> Removable Direct Access SPC-2 SCSI device
da0: Serial Number FBG1204030507369
da0: 40.000MB/s transfers
da0: 1912MB (3915776 512 byte sectors)
da0: quirks=0x2<NO_6_BYTE>
This output indicates the correct drive is da0 but it does not help
determine the correct partition on that drive.
Next, look at the list of devices in /dev/ to see which partitions are
present on the drive:
: ls -l /dev/da0*
crw-r----- 1 root operator 0x91 Jul 8 13:56 /dev/da0
crw-r----- 1 root operator 0x92 Jul 8 13:56 /dev/da0s1
For a USB drive containing only a single FAT32 partition, da0s1 is likely
the correct partition.
Mount the Partition¶
Before mounting, create a directory to use as the mountpoint. The directory
/mnt can be used for this purpose but a safer practice is to create a custom
directory:
: mkdir -p /root/usb
The next step is to mount the drive using the full path to the label or partition and the mount point:
Label example:
: mount -t msdosfs /dev/msdosfs/MYDRIVE /root/usb
Partition device example:
: mount -t msdosfs /dev/da0s1 /root/usb
Warning
Remember to unmount the drive before removing it from USB!
Copy the Files¶
With the drive mounted, files can be copied to or from the drive using the
mountpoint directory, /root/usb in this example.
Copy/Move files from the firewall to the USB drive:
: cp /conf/config.xml /root/usb/config-backup.xml
: mv /tmp/status_output.tgz /root/usb/
Copy files from the USB drive to the firewall:
: cp /root/usb/myscript.sh /root/bin/
Unmount and Clean Up¶
After copying files, the drive must be unmounted:
: umount /root/usb/
With the drive unmounted it is now safe to remove the USB device from the firewall.
Warning
Failing to unmount the drive before removing the USB device can result in a kernel panic and reboot!
Next, remove the mountpoint directory if it is no longer necessary:
: rmdir /root/usb/
Note
This is optional. The mountpoint directory may be left in place for future use.
Warning
Do not use rm -rf or similar on the mountpoint! If the device was still
mounted, this would destroy files on the device. Using rmdir ensures the
operation will only have an effect if the directory is empty.
Full Example¶
# Insert the USB drive
# Find the label
: ls -l /dev/msdosfs/
crw-r----- 1 root operator 0x93 Jul 8 13:56 MYDRIVE
# Create the mountpoint
: mkdir /root/usb
# Mount the drive
: mount -t msdosfs /dev/msdosfs/MYDRIVE /root/usb
# Copy files
: cp /conf/config.xml /root/usb/config-backup.xml
# Unmount the drive
: umount /root/usb/
# Remove the mountpoint
: rmdir /root/usb/
# Remove the USB drive