routeros-scripts/ipv6-update

63 lines
2.8 KiB
Text
Raw Normal View History

#!rsc by RouterOS
2018-07-05 13:29:26 +00:00
# RouterOS script: ipv6-update
2023-01-02 22:33:49 +00:00
# Copyright (c) 2013-2023 Christian Hesse <mail@eworm.de>
# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md
2018-07-05 13:29:26 +00:00
#
# update firewall and dns settings on IPv6 prefix change
2020-03-27 20:47:13 +00:00
# https://git.eworm.de/cgit/routeros-scripts/about/doc/ipv6-update.md
2018-07-05 13:29:26 +00:00
:local 0 "ipv6-update";
:global GlobalFunctionsReady;
:while ($GlobalFunctionsReady != true) do={ :delay 500ms; }
global: variable names are CamelCase ___ _ ___ __ / _ )(_)__ _ / _/__ _/ /_ / _ / / _ `/ / _/ _ `/ __/ /____/_/\_, / /_/ \_,_/\__/ _ __ /___/ _ __ | | / /___ __________ (_)___ ____ _/ / | | /| / / __ `/ ___/ __ \/ / __ \/ __ `/ / | |/ |/ / /_/ / / / / / / / / / / /_/ /_/ |__/|__/\__,_/_/ /_/ /_/_/_/ /_/\__, (_) /____/ RouterOS has some odd behavior when it comes to variable names. Let's have a look at the interfaces: [admin@MikroTik] > / interface print where name=en1 Flags: D - dynamic, X - disabled, R - running, S - slave # NAME TYPE ACTUAL-MTU L2MTU 0 RS en1 ether 1500 1598 That looks ok. Now we use a script: { :local interface "en1"; / interface print where name=$interface; } And the result... [admin@MikroTik] > { :local interface "en1"; {... / interface print where name=$interface; } Flags: D - dynamic, X - disabled, R - running, S - slave # NAME TYPE ACTUAL-MTU L2MTU 0 RS en1 ether 1500 1598 ... still looks ok. We make a little modification to the script: { :local name "en1"; / interface print where name=$name; } And the result: [admin@MikroTik] > { :local name "en1"; {... / interface print where name=$name; } Flags: D - dynamic, X - disabled, R - running, S - slave # NAME TYPE ACTUAL-MTU L2MTU 0 RS en1 ether 1500 1598 1 S en2 ether 1500 1598 2 S en3 ether 1500 1598 3 S en4 ether 1500 1598 4 S en5 ether 1500 1598 5 R br-local bridge 1500 1598 Ups! The filter has no effect! That happens whenever the variable name ($name) matches the property name (name=). And another modification: { :local type "en1"; / interface print where name=$type; } And the result: [admin@MikroTik] > { :local type "en1"; {... / interface print where name=$type; } Flags: D - dynamic, X - disabled, R - running, S - slave # NAME TYPE ACTUAL-MTU L2MTU Ups! Nothing? Even if the variable name ($type) matches whatever property name (type=) things go wrong. The answer from MikroTik support (in Ticket#2019010222000454): > This is how scripting works in RouterOS and we will not fix it. To get around this we use variable names in CamelCase. Let's hope Mikrotik never ever introduces property names in CamelCase... *fingers crossed*
2019-01-03 16:45:43 +00:00
:local PdPrefix $"pd-prefix";
:global LogPrintExit2;
2020-02-28 14:26:26 +00:00
:global ParseKeyValueStore;
2019-07-17 14:28:10 +00:00
2019-07-05 14:09:49 +00:00
:if ([ :typeof $PdPrefix ] = "nothing") do={
$LogPrintExit2 error $0 ("This script is supposed to run from ipv6 dhcp-client.") true;
2019-07-05 14:09:49 +00:00
}
2022-05-10 13:02:43 +00:00
:local Pool [ /ipv6/pool/get [ find where prefix=$PdPrefix ] name ];
:if ([ :len [ /ipv6/firewall/address-list/find where comment=("ipv6-pool-" . $Pool) ] ] = 0) do={
/ipv6/firewall/address-list/add list=("ipv6-pool-" . $Pool) address=:: comment=("ipv6-pool-" . $Pool);
$LogPrintExit2 warning $0 ("Added ipv6 address list entry for ipv6-pool-" . $Pool) false;
}
2022-05-10 13:02:43 +00:00
:local AddrList [ /ipv6/firewall/address-list/find where comment=("ipv6-pool-" . $Pool) ];
:local OldPrefix [ /ipv6/firewall/address-list/get ($AddrList->0) address ];
2018-07-05 13:29:26 +00:00
2020-12-17 23:02:56 +00:00
:if ($OldPrefix != $PdPrefix) do={
$LogPrintExit2 info $0 ("Updating IPv6 address list with new IPv6 prefix " . $PdPrefix) false;
2022-05-10 13:02:43 +00:00
/ipv6/firewall/address-list/set address=$PdPrefix $AddrList;
2018-07-05 13:29:26 +00:00
# give the interfaces a moment to receive their addresses
:delay 2s;
2022-05-10 13:02:43 +00:00
:foreach ListEntry in=[ /ipv6/firewall/address-list/find where comment~("^ipv6-pool-" . $Pool . ",") ] do={
:local ListEntryVal [ /ipv6/firewall/address-list/get $ListEntry ];
:local Comment [ $ParseKeyValueStore ($ListEntryVal->"comment") ];
2022-05-10 13:02:43 +00:00
:local Address [ /ipv6/address/find where from-pool=$Pool interface=($Comment->"interface") ];
:if ([ :len $Address ] = 1) do={
2022-05-10 13:02:43 +00:00
:set Address [ /ipv6/address/get $Address address ];
$LogPrintExit2 info $0 ("Updating IPv6 address list with new IPv6 prefix " . $Address . \
" from interface " . ($Comment->"interface")) false;
2022-05-10 13:02:43 +00:00
/ipv6/firewall/address-list/set address=$Address $ListEntry;
}
}
2022-05-10 13:02:43 +00:00
:foreach Record in=[ /ip/dns/static/find where comment~("^ipv6-pool-" . $Pool . ",") ] do={
:local RecordVal [ /ip/dns/static/get $Record ];
:local Comment [ $ParseKeyValueStore ($RecordVal->"comment") ];
2018-07-05 13:29:26 +00:00
2022-05-10 13:02:43 +00:00
:local Prefix [ /ipv6/address/get [ find where interface=($Comment->"interface") from-pool=$Pool global ] address ];
:set Prefix ([ :toip6 [ :pick $Prefix 0 [ :find $Prefix "/64" ] ] ] & ffff:ffff:ffff:ffff::);
:local Address ($Prefix | ([ :toip6 ($RecordVal->"address") ] & ::ffff:ffff:ffff:ffff));
$LogPrintExit2 info $0 ("Updating DNS record for " . ($RecordVal->"name") . \
($RecordVal->"regexp") . " to " . $Address) false;
2022-05-10 13:02:43 +00:00
/ip/dns/static/set address=$Address $Record;
2018-07-05 13:29:26 +00:00
}
}