routeros-scripts/collect-wireless-mac.template

#!rsc
# RouterOS script: collect-wireless-mac%TEMPL%
# Copyright (c) 2013-2019 Christian Hesse <mail@eworm.de>
#
# collect wireless mac adresses in access list
#
# !! This is just a template! Replace '%PATH%' with 'caps-man'
# !! or 'interface wireless'!

:global Identity;

:global GetMacVendor;
:global SendNotification;
:global ScriptLock;

$ScriptLock "collect-wireless-mac%TEMPL%";

:local PlaceBefore [ / %PATH% access-list find where comment="--- collected above ---" disabled ];
:if ([ :len $PlaceBefore ] = 0) do={
  :log error "Missing disabled access-list entry with comment '--- collected above ---'";
  :error "Error: See log for details.";
}

:foreach RegTbl in=[ / %PATH% registration-table find ] do={
  :local Mac [ / %PATH% registration-table get $RegTbl mac-address ];
  :local AccessList ([ / %PATH% access-list find where mac-address=$Mac ]->0);
  :if ([ :len $AccessList ] = 0) do={
    :local Address "no dhcp lease";
    :local HostName "no dhcp lease";
    :local Lease [ / ip dhcp-server lease find where mac-address=$Mac ];
    :if ([ :len $Lease ] > 0) do={
      :set Address [ / ip dhcp-server lease get $Lease address ];
      :set HostName [ / ip dhcp-server lease get $Lease host-name ];
      :if ([ :len $HostName ] = 0) do={
        :set HostName "no hostname";
      }
    }
    :local RegEntry [ / %PATH% registration-table find where mac-address=$Mac ];
    :local Interface [ / %PATH% registration-table get $RegEntry interface ];
    :local Ssid [ / caps-man registration-table get $RegEntry ssid ];
    :local Ssid [ / interface wireless get [ find where name=$Interface ] ssid ];
    :local DateTime ([ / system clock get date ] . " " . [ / system clock get time ]);
    :local Vendor [ $GetMacVendor $Mac ];
    :local Message ("unknown MAC address " . $Mac . " (" . $Vendor . ", " . $HostName . ") " . \
      "first seen on " . $DateTime . " connected to SSID " . $Ssid . ", interface " . $Interface);
    / log info $Message;
    / %PATH% access-list add place-before=$PlaceBefore comment=$Message mac-address=$Mac disabled=yes;
    $SendNotification ($Mac . " connected to " . $Ssid) \
      ("A device with unknown MAC address connected to " . $Ssid . " on " . $Identity . ".\n\n" . \
        "Controller: " . $Identity . "\n" . \
        "Interface:  " . $Interface . "\n" . \
        "SSID:       " . $Ssid . "\n" . \
        "MAC:        " . $Mac . "\n" . \
        "Vendor:     " . $Vendor . "\n" . \
        "Hostname:   " . $HostName . "\n" . \
        "Address:    " . $Address . "\n" . \
        "Date:       " . $DateTime);
  } else={
    :local Comment [ / %PATH% access-list get $AccessList comment ];
    :log debug ("MAC address " . $Mac . " already known: " . $Comment);
  }
}
start scripts with a magic token / shebang 2018-09-27 00:18:43 +02:00			`#!rsc`
update template system 2018-07-10 14:01:41 +02:00			`# RouterOS script: collect-wireless-mac%TEMPL%`
update copyright for 2019 2019-01-01 21:19:19 +01:00			`# Copyright (c) 2013-2019 Christian Hesse <mail@eworm.de>`
add scripts 2018-07-05 15:29:26 +02:00			`#`
			`# collect wireless mac adresses in access list`
			`#`
update template system 2018-07-10 14:01:41 +02:00			`# !! This is just a template! Replace '%PATH%' with 'caps-man'`
introduce templates for scripts depending on capsman or local wireless 2018-07-09 16:44:44 +02:00			`# !! or 'interface wireless'!`
add scripts 2018-07-05 15:29:26 +02:00
global: variable names are CamelCase ___ _ ___ __ / _ )(_)__ _ / _/__ _/ /_ / _ / / _ `/ / _/ _ `/ __/ /____/_/\_, / /_/ \_,_/\__/ _ __ /___/ _ __ \| \| / /___ __________ (_)___ ____ _/ / \| \| /\| / / __ `/ ___/ __ \/ / __ \/ __ `/ / \| \|/ \|/ / /_/ / / / / / / / / / / /_/ /_/ \|__/\|__/\__,_/_/ /_/ /_/_/_/ /_/\__, (_) /____/ RouterOS has some odd behavior when it comes to variable names. Let's have a look at the interfaces: [admin@MikroTik] > / interface print where name=en1 Flags: D - dynamic, X - disabled, R - running, S - slave # NAME TYPE ACTUAL-MTU L2MTU 0 RS en1 ether 1500 1598 That looks ok. Now we use a script: { :local interface "en1"; / interface print where name=$interface; } And the result... [admin@MikroTik] > { :local interface "en1"; {... / interface print where name=$interface; } Flags: D - dynamic, X - disabled, R - running, S - slave # NAME TYPE ACTUAL-MTU L2MTU 0 RS en1 ether 1500 1598 ... still looks ok. We make a little modification to the script: { :local name "en1"; / interface print where name=$name; } And the result: [admin@MikroTik] > { :local name "en1"; {... / interface print where name=$name; } Flags: D - dynamic, X - disabled, R - running, S - slave # NAME TYPE ACTUAL-MTU L2MTU 0 RS en1 ether 1500 1598 1 S en2 ether 1500 1598 2 S en3 ether 1500 1598 3 S en4 ether 1500 1598 4 S en5 ether 1500 1598 5 R br-local bridge 1500 1598 Ups! The filter has no effect! That happens whenever the variable name ($name) matches the property name (name=). And another modification: { :local type "en1"; / interface print where name=$type; } And the result: [admin@MikroTik] > { :local type "en1"; {... / interface print where name=$type; } Flags: D - dynamic, X - disabled, R - running, S - slave # NAME TYPE ACTUAL-MTU L2MTU Ups! Nothing? Even if the variable name ($type) matches whatever property name (type=) things go wrong. The answer from MikroTik support (in Ticket#2019010222000454): > This is how scripting works in RouterOS and we will not fix it. To get around this we use variable names in CamelCase. Let's hope Mikrotik never ever introduces property names in CamelCase... fingers crossed 2019-01-03 17:45:43 +01:00			`:global Identity;`
add scripts 2018-07-05 15:29:26 +02:00
global-functions: add $GetMacVendor 2018-12-27 00:48:56 +01:00			`:global GetMacVendor;`
collect-wireless-mac: use function for notification 2018-10-09 15:50:37 +02:00			`:global SendNotification;`
collect-wireless-mac: use $ScriptLock 2019-02-21 18:37:19 +01:00			`:global ScriptLock;`

			`$ScriptLock "collect-wireless-mac%TEMPL%";`
collect-wireless-mac: use function for notification 2018-10-09 15:50:37 +02:00
global: variable names are CamelCase ___ _ ___ __ / _ )(_)__ _ / _/__ _/ /_ / _ / / _ `/ / _/ _ `/ __/ /____/_/\_, / /_/ \_,_/\__/ _ __ /___/ _ __ \| \| / /___ __________ (_)___ ____ _/ / \| \| /\| / / __ `/ ___/ __ \/ / __ \/ __ `/ / \| \|/ \|/ / /_/ / / / / / / / / / / /_/ /_/ \|__/\|__/\__,_/_/ /_/ /_/_/_/ /_/\__, (_) /____/ RouterOS has some odd behavior when it comes to variable names. Let's have a look at the interfaces: [admin@MikroTik] > / interface print where name=en1 Flags: D - dynamic, X - disabled, R - running, S - slave # NAME TYPE ACTUAL-MTU L2MTU 0 RS en1 ether 1500 1598 That looks ok. Now we use a script: { :local interface "en1"; / interface print where name=$interface; } And the result... [admin@MikroTik] > { :local interface "en1"; {... / interface print where name=$interface; } Flags: D - dynamic, X - disabled, R - running, S - slave # NAME TYPE ACTUAL-MTU L2MTU 0 RS en1 ether 1500 1598 ... still looks ok. We make a little modification to the script: { :local name "en1"; / interface print where name=$name; } And the result: [admin@MikroTik] > { :local name "en1"; {... / interface print where name=$name; } Flags: D - dynamic, X - disabled, R - running, S - slave # NAME TYPE ACTUAL-MTU L2MTU 0 RS en1 ether 1500 1598 1 S en2 ether 1500 1598 2 S en3 ether 1500 1598 3 S en4 ether 1500 1598 4 S en5 ether 1500 1598 5 R br-local bridge 1500 1598 Ups! The filter has no effect! That happens whenever the variable name ($name) matches the property name (name=). And another modification: { :local type "en1"; / interface print where name=$type; } And the result: [admin@MikroTik] > { :local type "en1"; {... / interface print where name=$type; } Flags: D - dynamic, X - disabled, R - running, S - slave # NAME TYPE ACTUAL-MTU L2MTU Ups! Nothing? Even if the variable name ($type) matches whatever property name (type=) things go wrong. The answer from MikroTik support (in Ticket#2019010222000454): > This is how scripting works in RouterOS and we will not fix it. To get around this we use variable names in CamelCase. Let's hope Mikrotik never ever introduces property names in CamelCase... fingers crossed 2019-01-03 17:45:43 +01:00			`:local PlaceBefore [ / %PATH% access-list find where comment="--- collected above ---" disabled ];`
			`:if ([ :len $PlaceBefore ] = 0) do={`
always write warnings and errors to log 2019-04-03 21:30:43 +02:00			`:log error "Missing disabled access-list entry with comment '--- collected above ---'";`
			`:error "Error: See log for details.";`
add scripts 2018-07-05 15:29:26 +02:00			`}`

global: variable names are CamelCase ___ _ ___ __ / _ )(_)__ _ / _/__ _/ /_ / _ / / _ `/ / _/ _ `/ __/ /____/_/\_, / /_/ \_,_/\__/ _ __ /___/ _ __ \| \| / /___ __________ (_)___ ____ _/ / \| \| /\| / / __ `/ ___/ __ \/ / __ \/ __ `/ / \| \|/ \|/ / /_/ / / / / / / / / / / /_/ /_/ \|__/\|__/\__,_/_/ /_/ /_/_/_/ /_/\__, (_) /____/ RouterOS has some odd behavior when it comes to variable names. Let's have a look at the interfaces: [admin@MikroTik] > / interface print where name=en1 Flags: D - dynamic, X - disabled, R - running, S - slave # NAME TYPE ACTUAL-MTU L2MTU 0 RS en1 ether 1500 1598 That looks ok. Now we use a script: { :local interface "en1"; / interface print where name=$interface; } And the result... [admin@MikroTik] > { :local interface "en1"; {... / interface print where name=$interface; } Flags: D - dynamic, X - disabled, R - running, S - slave # NAME TYPE ACTUAL-MTU L2MTU 0 RS en1 ether 1500 1598 ... still looks ok. We make a little modification to the script: { :local name "en1"; / interface print where name=$name; } And the result: [admin@MikroTik] > { :local name "en1"; {... / interface print where name=$name; } Flags: D - dynamic, X - disabled, R - running, S - slave # NAME TYPE ACTUAL-MTU L2MTU 0 RS en1 ether 1500 1598 1 S en2 ether 1500 1598 2 S en3 ether 1500 1598 3 S en4 ether 1500 1598 4 S en5 ether 1500 1598 5 R br-local bridge 1500 1598 Ups! The filter has no effect! That happens whenever the variable name ($name) matches the property name (name=). And another modification: { :local type "en1"; / interface print where name=$type; } And the result: [admin@MikroTik] > { :local type "en1"; {... / interface print where name=$type; } Flags: D - dynamic, X - disabled, R - running, S - slave # NAME TYPE ACTUAL-MTU L2MTU Ups! Nothing? Even if the variable name ($type) matches whatever property name (type=) things go wrong. The answer from MikroTik support (in Ticket#2019010222000454): > This is how scripting works in RouterOS and we will not fix it. To get around this we use variable names in CamelCase. Let's hope Mikrotik never ever introduces property names in CamelCase... fingers crossed 2019-01-03 17:45:43 +01:00			`:foreach RegTbl in=[ / %PATH% registration-table find ] do={`
			`:local Mac [ / %PATH% registration-table get $RegTbl mac-address ];`
collect-wireless-mac: simplify array access 2019-01-15 10:38:47 +01:00			`:local AccessList ([ / %PATH% access-list find where mac-address=$Mac ]->0);`
global: variable names are CamelCase ___ _ ___ __ / _ )(_)__ _ / _/__ _/ /_ / _ / / _ `/ / _/ _ `/ __/ /____/_/\_, / /_/ \_,_/\__/ _ __ /___/ _ __ \| \| / /___ __________ (_)___ ____ _/ / \| \| /\| / / __ `/ ___/ __ \/ / __ \/ __ `/ / \| \|/ \|/ / /_/ / / / / / / / / / / /_/ /_/ \|__/\|__/\__,_/_/ /_/ /_/_/_/ /_/\__, (_) /____/ RouterOS has some odd behavior when it comes to variable names. Let's have a look at the interfaces: [admin@MikroTik] > / interface print where name=en1 Flags: D - dynamic, X - disabled, R - running, S - slave # NAME TYPE ACTUAL-MTU L2MTU 0 RS en1 ether 1500 1598 That looks ok. Now we use a script: { :local interface "en1"; / interface print where name=$interface; } And the result... [admin@MikroTik] > { :local interface "en1"; {... / interface print where name=$interface; } Flags: D - dynamic, X - disabled, R - running, S - slave # NAME TYPE ACTUAL-MTU L2MTU 0 RS en1 ether 1500 1598 ... still looks ok. We make a little modification to the script: { :local name "en1"; / interface print where name=$name; } And the result: [admin@MikroTik] > { :local name "en1"; {... / interface print where name=$name; } Flags: D - dynamic, X - disabled, R - running, S - slave # NAME TYPE ACTUAL-MTU L2MTU 0 RS en1 ether 1500 1598 1 S en2 ether 1500 1598 2 S en3 ether 1500 1598 3 S en4 ether 1500 1598 4 S en5 ether 1500 1598 5 R br-local bridge 1500 1598 Ups! The filter has no effect! That happens whenever the variable name ($name) matches the property name (name=). And another modification: { :local type "en1"; / interface print where name=$type; } And the result: [admin@MikroTik] > { :local type "en1"; {... / interface print where name=$type; } Flags: D - dynamic, X - disabled, R - running, S - slave # NAME TYPE ACTUAL-MTU L2MTU Ups! Nothing? Even if the variable name ($type) matches whatever property name (type=) things go wrong. The answer from MikroTik support (in Ticket#2019010222000454): > This is how scripting works in RouterOS and we will not fix it. To get around this we use variable names in CamelCase. Let's hope Mikrotik never ever introduces property names in CamelCase... fingers crossed 2019-01-03 17:45:43 +01:00			`:if ([ :len $AccessList ] = 0) do={`
			`:local Address "no dhcp lease";`
collect-wireless-mac: lease without address should be impossible... ... we need the check for empty hostname, though. 2019-11-25 16:43:19 +01:00			`:local HostName "no dhcp lease";`
global: variable names are CamelCase ___ _ ___ __ / _ )(_)__ _ / _/__ _/ /_ / _ / / _ `/ / _/ _ `/ __/ /____/_/\_, / /_/ \_,_/\__/ _ __ /___/ _ __ \| \| / /___ __________ (_)___ ____ _/ / \| \| /\| / / __ `/ ___/ __ \/ / __ \/ __ `/ / \| \|/ \|/ / /_/ / / / / / / / / / / /_/ /_/ \|__/\|__/\__,_/_/ /_/ /_/_/_/ /_/\__, (_) /____/ RouterOS has some odd behavior when it comes to variable names. Let's have a look at the interfaces: [admin@MikroTik] > / interface print where name=en1 Flags: D - dynamic, X - disabled, R - running, S - slave # NAME TYPE ACTUAL-MTU L2MTU 0 RS en1 ether 1500 1598 That looks ok. Now we use a script: { :local interface "en1"; / interface print where name=$interface; } And the result... [admin@MikroTik] > { :local interface "en1"; {... / interface print where name=$interface; } Flags: D - dynamic, X - disabled, R - running, S - slave # NAME TYPE ACTUAL-MTU L2MTU 0 RS en1 ether 1500 1598 ... still looks ok. We make a little modification to the script: { :local name "en1"; / interface print where name=$name; } And the result: [admin@MikroTik] > { :local name "en1"; {... / interface print where name=$name; } Flags: D - dynamic, X - disabled, R - running, S - slave # NAME TYPE ACTUAL-MTU L2MTU 0 RS en1 ether 1500 1598 1 S en2 ether 1500 1598 2 S en3 ether 1500 1598 3 S en4 ether 1500 1598 4 S en5 ether 1500 1598 5 R br-local bridge 1500 1598 Ups! The filter has no effect! That happens whenever the variable name ($name) matches the property name (name=). And another modification: { :local type "en1"; / interface print where name=$type; } And the result: [admin@MikroTik] > { :local type "en1"; {... / interface print where name=$type; } Flags: D - dynamic, X - disabled, R - running, S - slave # NAME TYPE ACTUAL-MTU L2MTU Ups! Nothing? Even if the variable name ($type) matches whatever property name (type=) things go wrong. The answer from MikroTik support (in Ticket#2019010222000454): > This is how scripting works in RouterOS and we will not fix it. To get around this we use variable names in CamelCase. Let's hope Mikrotik never ever introduces property names in CamelCase... fingers crossed 2019-01-03 17:45:43 +01:00			`:local Lease [ / ip dhcp-server lease find where mac-address=$Mac ];`
			`:if ([ :len $Lease ] > 0) do={`
			`:set Address [ / ip dhcp-server lease get $Lease address ];`
collect-wireless-mac: lease without address should be impossible... ... we need the check for empty hostname, though. 2019-11-25 16:43:19 +01:00			`:set HostName [ / ip dhcp-server lease get $Lease host-name ];`
collect-wireless-mac: move code into condition 2019-11-25 16:39:23 +01:00			`:if ([ :len $HostName ] = 0) do={`
			`:set HostName "no hostname";`
			`}`
add scripts 2018-07-05 15:29:26 +02:00			`}`
global: variable names are CamelCase ___ _ ___ __ / _ )(_)__ _ / _/__ _/ /_ / _ / / _ `/ / _/ _ `/ __/ /____/_/\_, / /_/ \_,_/\__/ _ __ /___/ _ __ \| \| / /___ __________ (_)___ ____ _/ / \| \| /\| / / __ `/ ___/ __ \/ / __ \/ __ `/ / \| \|/ \|/ / /_/ / / / / / / / / / / /_/ /_/ \|__/\|__/\__,_/_/ /_/ /_/_/_/ /_/\__, (_) /____/ RouterOS has some odd behavior when it comes to variable names. Let's have a look at the interfaces: [admin@MikroTik] > / interface print where name=en1 Flags: D - dynamic, X - disabled, R - running, S - slave # NAME TYPE ACTUAL-MTU L2MTU 0 RS en1 ether 1500 1598 That looks ok. Now we use a script: { :local interface "en1"; / interface print where name=$interface; } And the result... [admin@MikroTik] > { :local interface "en1"; {... / interface print where name=$interface; } Flags: D - dynamic, X - disabled, R - running, S - slave # NAME TYPE ACTUAL-MTU L2MTU 0 RS en1 ether 1500 1598 ... still looks ok. We make a little modification to the script: { :local name "en1"; / interface print where name=$name; } And the result: [admin@MikroTik] > { :local name "en1"; {... / interface print where name=$name; } Flags: D - dynamic, X - disabled, R - running, S - slave # NAME TYPE ACTUAL-MTU L2MTU 0 RS en1 ether 1500 1598 1 S en2 ether 1500 1598 2 S en3 ether 1500 1598 3 S en4 ether 1500 1598 4 S en5 ether 1500 1598 5 R br-local bridge 1500 1598 Ups! The filter has no effect! That happens whenever the variable name ($name) matches the property name (name=). And another modification: { :local type "en1"; / interface print where name=$type; } And the result: [admin@MikroTik] > { :local type "en1"; {... / interface print where name=$type; } Flags: D - dynamic, X - disabled, R - running, S - slave # NAME TYPE ACTUAL-MTU L2MTU Ups! Nothing? Even if the variable name ($type) matches whatever property name (type=) things go wrong. The answer from MikroTik support (in Ticket#2019010222000454): > This is how scripting works in RouterOS and we will not fix it. To get around this we use variable names in CamelCase. Let's hope Mikrotik never ever introduces property names in CamelCase... fingers crossed 2019-01-03 17:45:43 +01:00			`:local RegEntry [ / %PATH% registration-table find where mac-address=$Mac ];`
			`:local Interface [ / %PATH% registration-table get $RegEntry interface ];`
			`:local Ssid [ / caps-man registration-table get $RegEntry ssid ];`
			`:local Ssid [ / interface wireless get [ find where name=$Interface ] ssid ];`
			`:local DateTime ([ / system clock get date ] . " " . [ / system clock get time ]);`
			`:local Vendor [ $GetMacVendor $Mac ];`
			`:local Message ("unknown MAC address " . $Mac . " (" . $Vendor . ", " . $HostName . ") " . \`
			`"first seen on " . $DateTime . " connected to SSID " . $Ssid . ", interface " . $Interface);`
			`/ log info $Message;`
			`/ %PATH% access-list add place-before=$PlaceBefore comment=$Message mac-address=$Mac disabled=yes;`
			`$SendNotification ($Mac . " connected to " . $Ssid) \`
			`("A device with unknown MAC address connected to " . $Ssid . " on " . $Identity . ".\n\n" . \`
			`"Controller: " . $Identity . "\n" . \`
			`"Interface: " . $Interface . "\n" . \`
			`"SSID: " . $Ssid . "\n" . \`
			`"MAC: " . $Mac . "\n" . \`
			`"Vendor: " . $Vendor . "\n" . \`
			`"Hostname: " . $HostName . "\n" . \`
			`"Address: " . $Address . "\n" . \`
			`"Date: " . $DateTime);`
add scripts 2018-07-05 15:29:26 +02:00			`} else={`
global: variable names are CamelCase ___ _ ___ __ / _ )(_)__ _ / _/__ _/ /_ / _ / / _ `/ / _/ _ `/ __/ /____/_/\_, / /_/ \_,_/\__/ _ __ /___/ _ __ \| \| / /___ __________ (_)___ ____ _/ / \| \| /\| / / __ `/ ___/ __ \/ / __ \/ __ `/ / \| \|/ \|/ / /_/ / / / / / / / / / / /_/ /_/ \|__/\|__/\__,_/_/ /_/ /_/_/_/ /_/\__, (_) /____/ RouterOS has some odd behavior when it comes to variable names. Let's have a look at the interfaces: [admin@MikroTik] > / interface print where name=en1 Flags: D - dynamic, X - disabled, R - running, S - slave # NAME TYPE ACTUAL-MTU L2MTU 0 RS en1 ether 1500 1598 That looks ok. Now we use a script: { :local interface "en1"; / interface print where name=$interface; } And the result... [admin@MikroTik] > { :local interface "en1"; {... / interface print where name=$interface; } Flags: D - dynamic, X - disabled, R - running, S - slave # NAME TYPE ACTUAL-MTU L2MTU 0 RS en1 ether 1500 1598 ... still looks ok. We make a little modification to the script: { :local name "en1"; / interface print where name=$name; } And the result: [admin@MikroTik] > { :local name "en1"; {... / interface print where name=$name; } Flags: D - dynamic, X - disabled, R - running, S - slave # NAME TYPE ACTUAL-MTU L2MTU 0 RS en1 ether 1500 1598 1 S en2 ether 1500 1598 2 S en3 ether 1500 1598 3 S en4 ether 1500 1598 4 S en5 ether 1500 1598 5 R br-local bridge 1500 1598 Ups! The filter has no effect! That happens whenever the variable name ($name) matches the property name (name=). And another modification: { :local type "en1"; / interface print where name=$type; } And the result: [admin@MikroTik] > { :local type "en1"; {... / interface print where name=$type; } Flags: D - dynamic, X - disabled, R - running, S - slave # NAME TYPE ACTUAL-MTU L2MTU Ups! Nothing? Even if the variable name ($type) matches whatever property name (type=) things go wrong. The answer from MikroTik support (in Ticket#2019010222000454): > This is how scripting works in RouterOS and we will not fix it. To get around this we use variable names in CamelCase. Let's hope Mikrotik never ever introduces property names in CamelCase... fingers crossed 2019-01-03 17:45:43 +01:00			`:local Comment [ / %PATH% access-list get $AccessList comment ];`
			`:log debug ("MAC address " . $Mac . " already known: " . $Comment);`
add scripts 2018-07-05 15:29:26 +02:00			`}`
			`}`