routeros-scripts/update-tunnelbroker

#!rsc
# RouterOS script: update-tunnelbroker
# Copyright (c) 2013-2019 Christian Hesse <mail@eworm.de>
#                         Michael Gisbers <michael@gisbers.de>

:global tunnelurl;
:global tunneluser;
:global tunnelpass;
:global tunnelid;
:global tunnelint;

:global CertificateAvailable;

:if ([ / ip cloud get ddns-enabled ] != true) do={
  :error "IP cloud DDNS is not enabled.";
}

# get the last ip address from tunnel interface
:local tunnellastip [ / interface 6to4 get [ / interface 6to4 find where name=$tunnelint ] local-address ];

# Get the current ip address from cloud
/ ip cloud force-update;
while ([ / ip cloud get status ] != "updated" ) do={
  :delay 1s;
}
:local tunnelip [ / ip cloud get public-address ];

:if ($tunnelip != $tunnellastip) do={
  $CertificateAvailable "Starfield Secure Certificate Authority - G2" "starfield";
  :log info ("Local address changed, sending UPDATE to tunnelbroker! New address: " . $tunnelip);
  / tool fetch mode=https check-certificate=yes-without-crl \
      ("https://" . $tunnelurl . "/nic/update\?hostname=" . $tunnelid) \
      user=$tunneluser password=$tunnelpass keep-result=no;
  / interface 6to4 set [ / interface 6to4 find where name=$tunnelint ] local-address=$tunnelip;
} else={
  :log debug "All tunnelbroker configuration is up to date.";
}
start scripts with a magic token / shebang 2018-09-26 22:18:43 +00:00			`#!rsc`
add scripts 2018-07-05 13:29:26 +00:00			`# RouterOS script: update-tunnelbroker`
update copyright for 2019 2019-01-01 20:19:19 +00:00			`# Copyright (c) 2013-2019 Christian Hesse <mail@eworm.de>`
update-tunnelbroker: move configuration to global-config... ... and get the external ip address from cloud. Signed-off-by: Michael Gisbers <michael@gisbers.de> Signed-off-by: Christian Hesse <mail@eworm.de> 2019-01-02 10:25:45 +00:00			`# Michael Gisbers <michael@gisbers.de>`
add scripts 2018-07-05 13:29:26 +00:00
update-tunnelbroker: move configuration to global-config... ... and get the external ip address from cloud. Signed-off-by: Michael Gisbers <michael@gisbers.de> Signed-off-by: Christian Hesse <mail@eworm.de> 2019-01-02 10:25:45 +00:00			`:global tunnelurl;`
			`:global tunneluser;`
			`:global tunnelpass;`
			`:global tunnelid;`
			`:global tunnelint;`
add scripts 2018-07-05 13:29:26 +00:00
update-tunnelbroker: verify certificate 2019-01-02 12:16:23 +00:00			`:global CertificateAvailable;`

update-tunnelbroker: move configuration to global-config... ... and get the external ip address from cloud. Signed-off-by: Michael Gisbers <michael@gisbers.de> Signed-off-by: Christian Hesse <mail@eworm.de> 2019-01-02 10:25:45 +00:00			`:if ([ / ip cloud get ddns-enabled ] != true) do={`
			`:error "IP cloud DDNS is not enabled.";`
			`}`
add scripts 2018-07-05 13:29:26 +00:00
			`# get the last ip address from tunnel interface`
			`:local tunnellastip [ / interface 6to4 get [ / interface 6to4 find where name=$tunnelint ] local-address ];`

update-tunnelbroker: move configuration to global-config... ... and get the external ip address from cloud. Signed-off-by: Michael Gisbers <michael@gisbers.de> Signed-off-by: Christian Hesse <mail@eworm.de> 2019-01-02 10:25:45 +00:00			`# Get the current ip address from cloud`
			`/ ip cloud force-update;`
			`while ([ / ip cloud get status ] != "updated" ) do={`
			`:delay 1s;`
			`}`
			`:local tunnelip [ / ip cloud get public-address ];`
add scripts 2018-07-05 13:29:26 +00:00
update-tunnelbroker: move configuration to global-config... ... and get the external ip address from cloud. Signed-off-by: Michael Gisbers <michael@gisbers.de> Signed-off-by: Christian Hesse <mail@eworm.de> 2019-01-02 10:25:45 +00:00			`:if ($tunnelip != $tunnellastip) do={`
update-tunnelbroker: verify certificate 2019-01-02 12:16:23 +00:00			`$CertificateAvailable "Starfield Secure Certificate Authority - G2" "starfield";`
update-tunnelbroker: move configuration to global-config... ... and get the external ip address from cloud. Signed-off-by: Michael Gisbers <michael@gisbers.de> Signed-off-by: Christian Hesse <mail@eworm.de> 2019-01-02 10:25:45 +00:00			`:log info ("Local address changed, sending UPDATE to tunnelbroker! New address: " . $tunnelip);`
update-tunnelbroker: verify certificate 2019-01-02 12:16:23 +00:00			`/ tool fetch mode=https check-certificate=yes-without-crl \`
			`("https://" . $tunnelurl . "/nic/update\?hostname=" . $tunnelid) \`
			`user=$tunneluser password=$tunnelpass keep-result=no;`
update-tunnelbroker: move configuration to global-config... ... and get the external ip address from cloud. Signed-off-by: Michael Gisbers <michael@gisbers.de> Signed-off-by: Christian Hesse <mail@eworm.de> 2019-01-02 10:25:45 +00:00			`/ interface 6to4 set [ / interface 6to4 find where name=$tunnelint ] local-address=$tunnelip;`
			`} else={`
			`:log debug "All tunnelbroker configuration is up to date.";`
add scripts 2018-07-05 13:29:26 +00:00			`}`