FVS318N netgear firewall config file checksum error

You will get Failed to update configuration (checksum error) if you manually edit the configuration file from a Netgear FVS318N firewall and try to upload it.  My colleague and I discovered that the checksum was generated from the config file, but with the checksum line removed.  To get around this problem you can do the following:

Checksum Error Workaround

  1. Load the configuration file in a text editor and make any necessary changes
  2. Search for the word “checksum” in the file, there should be only one which looks like this:
    • systemConfig[1][“checksum”] = “19cb09cf3123abc30b318a3b2a77c890”
    • The bit in quotes is a md5 checksum of the config file, but without this line in it.
  3. Copy this line to a new file, make a note of the line number and delete it from the existing config.  Then save your config.
  4. Now generate an md5 checksum of your configuration.  You can use a program such as md5 checker
  5. Now replace the old checksum in the line you copied (in step 3) with this new chesksum.
  6. Open up your config file and paste this new checksum line into the same place in the config file.
  7. Save the config and upload it.


I had to change 9 of these and although the above process works fine, scripting it was quicker.  So below is a python script that deletes the line, generates a hash and inserts the new checksum into the file.

Checksum Error Python Script

#!/usr/bin/env python
import hashlib
import fileinput
import shutil
def deletehash(fname):
infile = open(fname, "rb")
lines = infile.readlines()
infile.close()
outfile = open(fname, "wb")
for line in lines:
if not line.startswith('systemConfig[1]["checksum"]'):
outfile.write(line)
outfile.close()
return

def windowsfix(fname):
outfile = open(fname, "rb")
data = outfile.read()
newdata = data.replace(b"\r\n", b"\n")
outfile = open(fname, "wb")
outfile.write(newdata)
outfile.close()
return

def writehash(fname):
fobject = open(fname)
filehash = hashlib.md5(fobject.read()).hexdigest()
newline = 'systemConfig[1]["checksum"] = "' + filehash + '"'
fobject.close()
for line in fileinput.input(fname, inplace=1):
print line,
if line.startswith("systemConfig[1] = {}"):
print newline
return

def main(cfgfile):
fsub = "path to config file"
fname = fsub + cfgfile
shutil.copy2(fname, fname + ".bak")
deletehash(fname)
writehash(fname)
windowsfix(fname)
return

if __name__ == '__main__':
main("FVS318N.cfg")


If you’re on unix, you will not need the windows fix function.  It compensates for windows putting a CR and LF at the end of each line where UNIX has just LF (in python 2.7 at least).  Undoubtedly there is a better way to do this.  When I get a moment I may investigate this.