This page contains some notes on using the MySQL database server on a NST probe.

Listing The Databases

The following script fragment demonstrates how one can list all of the databases currently available on a NST probe:


# mysql_list
#   Lists all of the MySQL databases which currently exist.

mysql_list() {
  # Try to load MySQL access password from /etc/nst.conf
  [ -z "${NSTCTMYSQLPASSWD}" ] && [ -f /etc/nst.conf ] && . /etc/nst.conf;

  # Dump all databases
  echo "show databases;" | mysql \
      --host="" \
      --user="root" \
      "${PASSWD}" | grep -v '^Database$';

# Dump all databases

Assuming one saved the above example script to the file: "/root/bin/listdb" one should be able to list all of the MySQL databases in the following manner:

Script: "listdb" Usage
[root@taco ~]# /root/bin/listdb
[root@taco ~]#

Backing Up and Restoring A Database

NOTE: The following code fragments need to be run from the root user account so that the MySQL password can be read from the file: "/etc/nst.conf".

The following script fragment demonstrates how one can backup a single database kept at the server:


# mysql_backup DBNAME BACKUPDIR
#   Function to backup MySQL database to specified backup directory.

mysql_backup() {
  # Name of database and directory to save backup under.
  local PKGDB="${1}";
  local PKGSAVEDIR="${2}";

  local PKGSAVEFILE="${PKGSAVEDIR}/${PKGDB}.sql.gz";

  # Try to load MySQL access password from /etc/nst.conf
  [ -z "${NSTCTMYSQLPASSWD}" ] && [ -f /etc/nst.conf ] && . /etc/nst.conf;

  # Create save directory if it doesn't exist yet
  [ -d "${PKGSAVEDIR}" ] || mkdir -p "${PKGSAVEDIR}" || return 1;

  # Dump the database
  mysqldump \
    --host="" \
    --user="root" \
    "${PASSWD}" \
    --add-drop-database \
    --add-drop-table \
    --databases "${PKGDB}" \
    | gzip -c >| "${PKGSAVEFILE}";

# Backup database named "fruity" unless user specified different name on command line
mysql_backup "${1:-fruity}" "/var/nst/backup/db";

The following script fragment demonstrates how to restore the database (WARNING: THIS REPLACES ANY EXISTING DATABASE HAVING THE SAME NAME):


# mysql_restore DBNAME BACKUPDIR
#   Restores a MySQL database that was previously saved using the "mysql_backup" function.

mysql_restore() {
  # Name of database and directory where backup was saved
  local PKGDB="${1}";
  local PKGSAVEDIR="${2}";

  local PKGSAVEFILE="${PKGSAVEDIR}/${PKGDB}.sql.gz";

  # Verify backup exists
  [ -f "${PKGSAVEFILE}" ] || return 1;

  # Try to load MySQL access password from /etc/nst.conf
  [ -z "${NSTCTMYSQLPASSWD}" ] && [ -f /etc/nst.conf ] && . /etc/nst.conf;

  # Restore the database
  gzip -dc < "${PKGSAVEFILE}" | \
    mysql \
      --host="" \
      --user="root" \

# Restore database named "fruity" unless user specified different name on command line
mysql_restore "${1:-fruity}" "/var/nst/backup/db";

Assuming saved the backup script to the file: "/root/bin/backupdb" and the restore script shown above to the file: "/root/bin/restoredb", the following command line demonstrates how one could backup and then restore the snort database.

[root@taco ~]# /root/bin/backupdb snort
[root@taco ~]# ls -l /var/nst/backup/db
total 8
-rw-r--r-- 1 root root 5407 Feb 28 07:23 snort.sql.gz
[root@taco ~]# /root/bin/restoredb snort
[root@taco ~]#