mirror of
https://github.com/eworm-de/routeros-scripts
synced 2024-05-14 08:04:19 +00:00
Merge branch 'scripts' into ros-v7-path-syntax
This commit is contained in:
commit
48f0a2d211
60 changed files with 519 additions and 532 deletions
4
Makefile
4
Makefile
|
@ -15,11 +15,11 @@ all: $(CAPSMAN) $(LOCAL) $(HTML)
|
|||
markdown $< | sed 's/href="\([-_\./[:alnum:]]*\)\.md"/href="\1.html"/g' > $@
|
||||
|
||||
%.local: %.template Makefile
|
||||
sed -e '/\/ caps-man/d' -e 's|%PATH%|interface wireless|' -e 's|%TEMPL%|$(suffix $@)|' \
|
||||
sed -e '/\/caps-man/d' -e 's|%PATH%|interface\/wireless|' -e 's|%TEMPL%|$(suffix $@)|' \
|
||||
-e '/^# !!/,/^# !!/c # !! Do not edit this file, it is generated from template!' \
|
||||
< $< > $@
|
||||
|
||||
%.capsman: %.template Makefile
|
||||
sed -e '/\/ interface wireless/d' -e 's/%PATH%/caps-man/' -e 's/%TEMPL%/$(suffix $@)/' \
|
||||
sed -e '/\/interface\/wireless/d' -e 's/%PATH%/caps-man/' -e 's/%TEMPL%/$(suffix $@)/' \
|
||||
-e '/^# !!/,/^# !!/c # !! Do not edit this file, it is generated from template!' \
|
||||
< $< > $@
|
||||
|
|
|
@ -17,8 +17,8 @@
|
|||
:local Seen [ :toarray "" ];
|
||||
:local Shown [ :toarray "" ];
|
||||
|
||||
:foreach AccList in=[ / caps-man access-list find where mac-address!="00:00:00:00:00:00" ] do={
|
||||
:local Mac [ / caps-man access-list get $AccList mac-address ];
|
||||
:foreach AccList in=[ /caps-man/access-list/find where mac-address!="00:00:00:00:00:00" ] do={
|
||||
:local Mac [ /caps-man/access-list/get $AccList mac-address ];
|
||||
:foreach SeenMac in=$Seen do={
|
||||
:if ($SeenMac = $Mac) do={
|
||||
:local Skip 0;
|
||||
|
@ -26,14 +26,14 @@
|
|||
:if ($ShownMac = $Mac) do={ :set Skip 1; }
|
||||
}
|
||||
:if ($Skip = 0) do={
|
||||
/ caps-man access-list print where mac-address=$Mac;
|
||||
/caps-man/access-list/print where mac-address=$Mac;
|
||||
:set Shown ($Shown, $Mac);
|
||||
|
||||
:put "\nNumeric id to remove, any key to skip!";
|
||||
:local Remove [ :tonum [ $Read ] ];
|
||||
:if ([ :typeof $Remove ] = "num") do={
|
||||
:put ("Removing numeric id " . $Remove . "...\n");
|
||||
/ caps-man access-list remove $Remove;
|
||||
/caps-man/access-list/remove $Remove;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -17,8 +17,8 @@
|
|||
:local Seen [ :toarray "" ];
|
||||
:local Shown [ :toarray "" ];
|
||||
|
||||
:foreach AccList in=[ / interface wireless access-list find where mac-address!="00:00:00:00:00:00" ] do={
|
||||
:local Mac [ / interface wireless access-list get $AccList mac-address ];
|
||||
:foreach AccList in=[ /interface/wireless/access-list/find where mac-address!="00:00:00:00:00:00" ] do={
|
||||
:local Mac [ /interface/wireless/access-list/get $AccList mac-address ];
|
||||
:foreach SeenMac in=$Seen do={
|
||||
:if ($SeenMac = $Mac) do={
|
||||
:local Skip 0;
|
||||
|
@ -26,14 +26,14 @@
|
|||
:if ($ShownMac = $Mac) do={ :set Skip 1; }
|
||||
}
|
||||
:if ($Skip = 0) do={
|
||||
/ interface wireless access-list print where mac-address=$Mac;
|
||||
/interface/wireless/access-list/print where mac-address=$Mac;
|
||||
:set Shown ($Shown, $Mac);
|
||||
|
||||
:put "\nNumeric id to remove, any key to skip!";
|
||||
:local Remove [ :tonum [ $Read ] ];
|
||||
:if ([ :typeof $Remove ] = "num") do={
|
||||
:put ("Removing numeric id " . $Remove . "...\n");
|
||||
/ interface wireless access-list remove $Remove;
|
||||
/interface/wireless/access-list/remove $Remove;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -18,8 +18,8 @@
|
|||
:local Seen [ :toarray "" ];
|
||||
:local Shown [ :toarray "" ];
|
||||
|
||||
:foreach AccList in=[ / %PATH% access-list find where mac-address!="00:00:00:00:00:00" ] do={
|
||||
:local Mac [ / %PATH% access-list get $AccList mac-address ];
|
||||
:foreach AccList in=[ /%PATH%/access-list/find where mac-address!="00:00:00:00:00:00" ] do={
|
||||
:local Mac [ /%PATH%/access-list/get $AccList mac-address ];
|
||||
:foreach SeenMac in=$Seen do={
|
||||
:if ($SeenMac = $Mac) do={
|
||||
:local Skip 0;
|
||||
|
@ -27,14 +27,14 @@
|
|||
:if ($ShownMac = $Mac) do={ :set Skip 1; }
|
||||
}
|
||||
:if ($Skip = 0) do={
|
||||
/ %PATH% access-list print where mac-address=$Mac;
|
||||
/%PATH%/access-list/print where mac-address=$Mac;
|
||||
:set Shown ($Shown, $Mac);
|
||||
|
||||
:put "\nNumeric id to remove, any key to skip!";
|
||||
:local Remove [ :tonum [ $Read ] ];
|
||||
:if ([ :typeof $Remove ] = "num") do={
|
||||
:put ("Removing numeric id " . $Remove . "...\n");
|
||||
/ %PATH% access-list remove $Remove;
|
||||
/%PATH%/access-list/remove $Remove;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
10
backup-cloud
10
backup-cloud
|
@ -33,15 +33,15 @@ $WaitFullyConnected;
|
|||
:do {
|
||||
# we are not interested in output, but print is
|
||||
# required to fetch information from cloud
|
||||
/ system backup cloud print as-value;
|
||||
:if ([ :len [ / system backup cloud find ] ] > 0) do={
|
||||
/ system backup cloud upload-file action=create-and-upload \
|
||||
/system/backup/cloud/print as-value;
|
||||
:if ([ :len [ /system/backup/cloud/find ] ] > 0) do={
|
||||
/system/backup/cloud/upload-file action=create-and-upload \
|
||||
password=$BackupPassword replace=[ get ([ find ]->0) name ];
|
||||
} else={
|
||||
/ system backup cloud upload-file action=create-and-upload \
|
||||
/system/backup/cloud/upload-file action=create-and-upload \
|
||||
password=$BackupPassword;
|
||||
}
|
||||
:local Cloud [ / system backup cloud get ([ find ]->0) ];
|
||||
:local Cloud [ /system/backup/cloud/get ([ find ]->0) ];
|
||||
|
||||
$SendNotification2 ({ origin=$0; \
|
||||
subject=([ $SymbolForNotification "floppy-disk,cloud" ] . "Cloud backup"); \
|
||||
|
|
|
@ -54,7 +54,7 @@ $WaitFullyConnected;
|
|||
|
||||
# binary backup
|
||||
:if ($BackupSendBinary = true) do={
|
||||
/ system backup save encryption=aes-sha256 name=$FilePath password=$BackupPassword;
|
||||
/system/backup/save encryption=aes-sha256 name=$FilePath password=$BackupPassword;
|
||||
$WaitForFile ($FilePath . ".backup");
|
||||
:set BackupFile ($FileName . ".backup");
|
||||
:set Attach ($Attach, ($FilePath . ".backup"));
|
||||
|
@ -62,7 +62,7 @@ $WaitFullyConnected;
|
|||
|
||||
# create configuration export
|
||||
:if ($BackupSendExport = true) do={
|
||||
/ export terse show-sensitive file=$FilePath;
|
||||
/export terse show-sensitive file=$FilePath;
|
||||
$WaitForFile ($FilePath . ".rsc");
|
||||
:set ConfigFile ($FileName . ".rsc");
|
||||
:set Attach ($Attach, ($FilePath . ".rsc"));
|
||||
|
|
|
@ -14,20 +14,20 @@
|
|||
|
||||
:global LogPrintExit2;
|
||||
|
||||
:if ([ :len [ / partitions find ] ] < 2) do={
|
||||
:if ([ :len [ /partitions/find ] ] < 2) do={
|
||||
$LogPrintExit2 error $0 ("Device does not have a fallback partition.") true;
|
||||
}
|
||||
|
||||
:local ActiveRunning [ / partitions find where active running ];
|
||||
:local ActiveRunning [ /partitions/find where active running ];
|
||||
|
||||
:if ([ :len $ActiveRunning ] < 1) do={
|
||||
$LogPrintExit2 error $0 ("Device is not running from active partition.") true;
|
||||
}
|
||||
|
||||
:local ActiveRunningVar [ / partitions get $ActiveRunning ];
|
||||
:local ActiveRunningVar [ /partitions/get $ActiveRunning ];
|
||||
|
||||
:do {
|
||||
/ partitions save-config-to ($ActiveRunningVar->"fallback-to");
|
||||
/partitions/save-config-to ($ActiveRunningVar->"fallback-to");
|
||||
$LogPrintExit2 info $0 ("Saved configuration to partition '" . \
|
||||
($ActiveRunningVar->"fallback-to") . "'.") false;
|
||||
} on-error={
|
||||
|
|
|
@ -58,11 +58,11 @@ $WaitFullyConnected;
|
|||
|
||||
# binary backup
|
||||
:if ($BackupSendBinary = true) do={
|
||||
/ system backup save encryption=aes-sha256 name=$FilePath password=$BackupPassword;
|
||||
/system/backup/save encryption=aes-sha256 name=$FilePath password=$BackupPassword;
|
||||
$WaitForFile ($FilePath . ".backup");
|
||||
|
||||
:do {
|
||||
/ tool fetch upload=yes url=($BackupUploadUrl . "/" . $FileName . ".backup") \
|
||||
/tool/fetch upload=yes url=($BackupUploadUrl . "/" . $FileName . ".backup") \
|
||||
user=$BackupUploadUser password=$BackupUploadPass src-path=($FilePath . ".backup");
|
||||
:set BackupFile ($FileName . ".backup");
|
||||
} on-error={
|
||||
|
@ -71,16 +71,16 @@ $WaitFullyConnected;
|
|||
:set Failed 1;
|
||||
}
|
||||
|
||||
/ file remove ($FilePath . ".backup");
|
||||
/file/remove ($FilePath . ".backup");
|
||||
}
|
||||
|
||||
# create configuration export
|
||||
:if ($BackupSendExport = true) do={
|
||||
/ export terse show-sensitive file=$FilePath;
|
||||
/export terse show-sensitive file=$FilePath;
|
||||
$WaitForFile ($FilePath . ".rsc");
|
||||
|
||||
:do {
|
||||
/ tool fetch upload=yes url=($BackupUploadUrl . "/" . $FileName . ".rsc") \
|
||||
/tool/fetch upload=yes url=($BackupUploadUrl . "/" . $FileName . ".rsc") \
|
||||
user=$BackupUploadUser password=$BackupUploadPass src-path=($FilePath . ".rsc");
|
||||
:set ConfigFile ($FileName . ".rsc");
|
||||
} on-error={
|
||||
|
@ -89,7 +89,7 @@ $WaitFullyConnected;
|
|||
:set Failed 1;
|
||||
}
|
||||
|
||||
/ file remove ($FilePath . ".rsc");
|
||||
/file/remove ($FilePath . ".rsc");
|
||||
}
|
||||
|
||||
$SendNotification2 ({ origin=$0; \
|
||||
|
|
|
@ -21,15 +21,15 @@
|
|||
$ScriptLock $0;
|
||||
$WaitFullyConnected;
|
||||
|
||||
:local PackagePath [ $CleanFilePath [ / caps-man manager get package-path ] ];
|
||||
:local InstalledVersion [ / system package update get installed-version ];
|
||||
:local PackagePath [ $CleanFilePath [ /caps-man/manager/get package-path ] ];
|
||||
:local InstalledVersion [ /system/package/update/get installed-version ];
|
||||
:local Updated false;
|
||||
|
||||
:if ([ :len $PackagePath ] = 0) do={
|
||||
$LogPrintExit2 warning $0 ("The CAPsMAN package path is not defined, can not download packages.") true;
|
||||
}
|
||||
|
||||
:if ([ :len [ / file find where name=$PackagePath type="directory" ] ] = 0) do={
|
||||
:if ([ :len [ /file/find where name=$PackagePath type="directory" ] ] = 0) do={
|
||||
:if ([ $MkDir $PackagePath ] = false) do={
|
||||
$LogPrintExit2 warning $0 ("Creating directory at CAPsMAN package path (" . \
|
||||
$PackagePath . ") failed!") true;
|
||||
|
@ -38,34 +38,34 @@ $WaitFullyConnected;
|
|||
"). Please place your packages!") false;
|
||||
}
|
||||
|
||||
:foreach Package in=[ / file find where type=package \
|
||||
:foreach Package in=[ /file/find where type=package \
|
||||
package-version!=$InstalledVersion name~("^" . $PackagePath) ] do={
|
||||
:local File [ / file get $Package ];
|
||||
:local File [ /file/get $Package ];
|
||||
:if ($File->"package-architecture" = "mips") do={
|
||||
:set ($File->"package-architecture") "mipsbe";
|
||||
}
|
||||
:if ([ $DownloadPackage ($File->"package-name") $InstalledVersion \
|
||||
($File->"package-architecture") $PackagePath ] = true) do={
|
||||
:set Updated true;
|
||||
/ file remove $Package;
|
||||
/file/remove $Package;
|
||||
}
|
||||
}
|
||||
|
||||
:if ([ :len [ / system logging find where topics~"error" !(topics~"!error") \
|
||||
:if ([ :len [ /system/logging/find where topics~"error" !(topics~"!error") \
|
||||
!(topics~"!caps") action=memory !disabled !invalid ] ] < 1) do={
|
||||
$LogPrintExit2 warning $0 ("Looks like error messages for 'caps' are not sent to memory. " . \
|
||||
"Probably can not download packages automatically.") false;
|
||||
} else={
|
||||
:if ($Updated = false && [ / system resource get uptime ] < 2m) do={
|
||||
:if ($Updated = false && [ /system/resource/get uptime ] < 2m) do={
|
||||
$LogPrintExit2 info $0 ("No packages downloaded, yet. Delaying for logs.") false;
|
||||
:delay 2m;
|
||||
}
|
||||
}
|
||||
|
||||
:foreach Log in=[ / log find where topics=({"caps", "error"}) \
|
||||
:foreach Log in=[ /log/find where topics=({"caps", "error"}) \
|
||||
message~("upgrade status: failed, failed to download file '.*-" . $InstalledVersion . \
|
||||
"-.*\\.npk', no such file") ] do={
|
||||
:local Message [ / log get $Log message ];
|
||||
:local Message [ /log/get $Log message ];
|
||||
:local Package [ :pick $Message \
|
||||
([ :find $Message "'" ] + 1) \
|
||||
[ :find $Message ("-" . $InstalledVersion . "-") ] ];
|
||||
|
@ -78,9 +78,9 @@ $WaitFullyConnected;
|
|||
}
|
||||
|
||||
:if ($Updated = true) do={
|
||||
:if ([ :len [ / system script find where name="capsman-rolling-upgrade" ] ] > 0) do={
|
||||
/ system script run capsman-rolling-upgrade;
|
||||
:if ([ :len [ /system/script/find where name="capsman-rolling-upgrade" ] ] > 0) do={
|
||||
/system/script/run capsman-rolling-upgrade;
|
||||
} else={
|
||||
/ caps-man remote-cap upgrade [ find where version!=$InstalledVersion ];
|
||||
/caps-man/remote-cap/upgrade [ find where version!=$InstalledVersion ];
|
||||
}
|
||||
}
|
||||
|
|
|
@ -16,18 +16,18 @@
|
|||
|
||||
$ScriptLock $0;
|
||||
|
||||
:local InstalledVersion [ / system package update get installed-version ];
|
||||
:local InstalledVersion [ /system/package/update/get installed-version ];
|
||||
|
||||
:local RemoteCapCount [ :len [ / caps-man remote-cap find ] ];
|
||||
:local RemoteCapCount [ :len [ /caps-man/remote-cap/find ] ];
|
||||
:if ($RemoteCapCount > 0) do={
|
||||
:local Delay (600 / $RemoteCapCount);
|
||||
:if ($Delay > 120) do={ :set Delay 120; }
|
||||
:foreach RemoteCap in=[ / caps-man remote-cap find where version!=$InstalledVersion ] do={
|
||||
:local RemoteCapVal [ / caps-man remote-cap get $RemoteCap ];
|
||||
:foreach RemoteCap in=[ /caps-man/remote-cap/find where version!=$InstalledVersion ] do={
|
||||
:local RemoteCapVal [ /caps-man/remote-cap/get $RemoteCap ];
|
||||
:if ([ :len $RemoteCapVal ] > 1) do={
|
||||
$LogPrintExit2 info $0 ("Starting upgrade for " . $RemoteCapVal->"name" . \
|
||||
" (" . $RemoteCapVal->"identity" . ")...") false;
|
||||
/ caps-man remote-cap upgrade $RemoteCap;
|
||||
/caps-man/remote-cap/upgrade $RemoteCap;
|
||||
} else={
|
||||
$LogPrintExit2 warning $0 ("Remote CAP vanished, skipping upgrade.") false;
|
||||
}
|
||||
|
|
|
@ -15,16 +15,16 @@
|
|||
:global LogPrintExit2;
|
||||
:global MkDir;
|
||||
|
||||
:foreach Cert in=[ / certificate find where issued expires-after<3w ] do={
|
||||
:local CertVal [ / certificate get $Cert ];
|
||||
/ certificate issued-revoke $Cert;
|
||||
/ certificate set name=($CertVal->"name" . "-revoked-" . [ / system clock get date ]) $Cert;
|
||||
/ certificate add name=($CertVal->"name") common-name=($CertVal->"common-name") \
|
||||
:foreach Cert in=[ /certificate/find where issued expires-after<3w ] do={
|
||||
:local CertVal [ /certificate/get $Cert ];
|
||||
/certificate/issued-revoke $Cert;
|
||||
/certificate/set name=($CertVal->"name" . "-revoked-" . [ /system/clock/get date ]) $Cert;
|
||||
/certificate/add name=($CertVal->"name") common-name=($CertVal->"common-name") \
|
||||
key-usage=($CertVal->"key-usage") subject-alt-name=($CertVal->"subject-alt-name");
|
||||
/ certificate sign ($CertVal->"name") ca=($CertVal->"ca");
|
||||
/certificate/sign ($CertVal->"name") ca=($CertVal->"ca");
|
||||
:if ([ :typeof ($CertIssuedExportPass->($CertVal->"common-name")) ] = "str") do={
|
||||
:if ([ $MkDir "cert-issued" ] = true) do={
|
||||
/ certificate export-certificate ($CertVal->"name") type=pkcs12 \
|
||||
/certificate/export-certificate ($CertVal->"name") type=pkcs12 \
|
||||
file-name=("cert-issued/" . $CertVal->"common-name") \
|
||||
export-passphrase=($CertIssuedExportPass->($CertVal->"common-name"));
|
||||
$LogPrintExit2 info $0 ("Issued a new certificate for \"" . $CertVal->"common-name" . \
|
||||
|
|
|
@ -33,8 +33,8 @@
|
|||
|
||||
$WaitFullyConnected;
|
||||
|
||||
:foreach Cert in=[ / certificate find where !revoked !ca !scep-url expires-after<$CertRenewTime ] do={
|
||||
:local CertVal [ / certificate get $Cert ];
|
||||
:foreach Cert in=[ /certificate/find where !revoked !ca !scep-url expires-after<$CertRenewTime ] do={
|
||||
:local CertVal [ /certificate/get $Cert ];
|
||||
|
||||
:do {
|
||||
:if ([ :len $CertRenewUrl ] = 0) do={
|
||||
|
@ -45,24 +45,24 @@ $WaitFullyConnected;
|
|||
:foreach Type in={ ".pem"; ".p12" } do={
|
||||
:local CertFileName ([ $UrlEncode ($CertVal->"common-name") ] . $Type);
|
||||
:do {
|
||||
/ tool fetch check-certificate=yes-without-crl \
|
||||
/tool/fetch check-certificate=yes-without-crl \
|
||||
($CertRenewUrl . $CertFileName) dst-path=$CertFileName as-value;
|
||||
$WaitForFile $CertFileName;
|
||||
:foreach PassPhrase in=$CertRenewPass do={
|
||||
/ certificate import file-name=$CertFileName passphrase=$PassPhrase as-value;
|
||||
/certificate/import file-name=$CertFileName passphrase=$PassPhrase as-value;
|
||||
}
|
||||
/ file remove [ find where name=$CertFileName ];
|
||||
/file/remove [ find where name=$CertFileName ];
|
||||
|
||||
:foreach CertInChain in=[ / certificate find where name~("^" . $CertFileName . "_[0-9]+\$") common-name!=($CertVal->"common-name") ] do={
|
||||
$CertificateNameByCN [ / certificate get $CertInChain common-name ];
|
||||
:foreach CertInChain in=[ /certificate/find where name~("^" . $CertFileName . "_[0-9]+\$") common-name!=($CertVal->"common-name") ] do={
|
||||
$CertificateNameByCN [ /certificate/get $CertInChain common-name ];
|
||||
}
|
||||
} on-error={
|
||||
$LogPrintExit2 debug $0 ("Could not download certificate file " . $CertFileName) false;
|
||||
}
|
||||
}
|
||||
|
||||
:local CertNew [ / certificate find where common-name=($CertVal->"common-name") fingerprint!=[ :tostr ($CertVal->"fingerprint") ] expires-after>$CertRenewTime ];
|
||||
:local CertNewVal [ / certificate get $CertNew ];
|
||||
:local CertNew [ /certificate/find where common-name=($CertVal->"common-name") fingerprint!=[ :tostr ($CertVal->"fingerprint") ] expires-after>$CertRenewTime ];
|
||||
:local CertNewVal [ /certificate/get $CertNew ];
|
||||
|
||||
:if ([ $CertificateAvailable ([ $ParseKeyValueStore ($CertNewVal->"issuer") ]->"CN") ] = false) do={
|
||||
$LogPrintExit2 warning $0 ("The certificate chain is not available!") false;
|
||||
|
@ -72,27 +72,19 @@ $WaitFullyConnected;
|
|||
$LogPrintExit2 debug $0 ("Certificate '" . $CertVal->"name" . "' was not updated, but replaced.") false;
|
||||
|
||||
:if (($CertVal->"private-key") = true && ($CertVal->"private-key") != ($CertNewVal->"private-key")) do={
|
||||
/ certificate remove $CertNew;
|
||||
/certificate/remove $CertNew;
|
||||
$LogPrintExit2 warning $0 ("Old certificate '" . ($CertVal->"name") . "' has a private key, new certificate does not. Aborting renew.") true;
|
||||
}
|
||||
|
||||
/ ip service set certificate=($CertNewVal->"name") [ find where certificate=($CertVal->"name") ];
|
||||
/ip/service/set certificate=($CertNewVal->"name") [ find where certificate=($CertVal->"name") ];
|
||||
|
||||
:do {
|
||||
/ ip ipsec identity set certificate=($CertNewVal->"name") [ / ip ipsec identity find where certificate=($CertVal->"name") ];
|
||||
/ ip ipsec identity set remote-certificate=($CertNewVal->"name") [ / ip ipsec identity find where remote-certificate=($CertVal->"name") ];
|
||||
} on-error={
|
||||
$LogPrintExit2 debug $0 ("Setting IPSEC certificates failed. Package 'security' not installed?") false;
|
||||
}
|
||||
/ip/ipsec/identity/set certificate=($CertNewVal->"name") [ find where certificate=($CertVal->"name") ];
|
||||
/ip/ipsec/identity/set remote-certificate=($CertNewVal->"name") [ find where remote-certificate=($CertVal->"name") ];
|
||||
|
||||
:do {
|
||||
/ ip hotspot profile set ssl-certificate=($CertNewVal->"name") [ / ip hotspot profile find where ssl-certificate=($CertVal->"name") ];
|
||||
} on-error={
|
||||
$LogPrintExit2 debug $0 ("Setting hotspot certificates failed. Package 'hotspot' not installed?") false;
|
||||
}
|
||||
/ip/hotspot/profile/set ssl-certificate=($CertNewVal->"name") [ find where ssl-certificate=($CertVal->"name") ];
|
||||
|
||||
/ certificate remove $Cert;
|
||||
/ certificate set $CertNew name=($CertVal->"name");
|
||||
/certificate/remove $Cert;
|
||||
/certificate/set $CertNew name=($CertVal->"name");
|
||||
}
|
||||
|
||||
$SendNotification2 ({ origin=$0; \
|
||||
|
@ -111,10 +103,10 @@ $WaitFullyConnected;
|
|||
}
|
||||
}
|
||||
|
||||
:foreach Cert in=[ / certificate find where !revoked !scep-url !(expires-after=[]) expires-after<2w !(fingerprint=[]) ] do={
|
||||
:local CertVal [ / certificate get $Cert ];
|
||||
:foreach Cert in=[ /certificate/find where !revoked !scep-url !(expires-after=[]) expires-after<2w !(fingerprint=[]) ] do={
|
||||
:local CertVal [ /certificate/get $Cert ];
|
||||
|
||||
:if ([ :len [ / certificate scep-server find where ca-cert=($CertVal->"ca") ] ] > 0) do={
|
||||
:if ([ :len [ /certificate/scep-server/find where ca-cert=($CertVal->"ca") ] ] > 0) do={
|
||||
$LogPrintExit2 debug $0 ("Certificate \"" . ($CertVal->"name") . "\" is handled by SCEP, skipping.") false;
|
||||
} else={
|
||||
:local State [ $IfThenElse (($CertVal->"expired") = true) "expired" "is about to expire" ];
|
||||
|
|
24
check-health
24
check-health
|
@ -30,7 +30,7 @@
|
|||
:return ($T->0 * 10 + $T->1);
|
||||
}
|
||||
|
||||
:if ([ :len [ / system health find ] ] = 0) do={
|
||||
:if ([ :len [ /system/health/find ] ] = 0) do={
|
||||
$LogPrintExit2 error $0 ("Your device does not provide any health values.") true;
|
||||
}
|
||||
|
||||
|
@ -43,9 +43,9 @@
|
|||
|
||||
$ScriptLock $0;
|
||||
|
||||
:foreach Voltage in=[ / system health find where type="V" ] do={
|
||||
:local Name [ / system health get $Voltage name ];
|
||||
:local Value [ / system health get $Voltage value ];
|
||||
:foreach Voltage in=[ /system/health/find where type="V" ] do={
|
||||
:local Name [ /system/health/get $Voltage name ];
|
||||
:local Value [ /system/health/get $Voltage value ];
|
||||
|
||||
:if ([ :typeof ($CheckHealthLast->$Name) ] != "nothing") do={
|
||||
:local NumCurr [ $TempToNum $Value ];
|
||||
|
@ -75,9 +75,9 @@ $ScriptLock $0;
|
|||
:set ($CheckHealthLast->$Name) $Value;
|
||||
}
|
||||
|
||||
:foreach PSU in=[ / system health find where name~"^psu.*-state\$" ] do={
|
||||
:local Name [ / system health get $PSU name ];
|
||||
:local Value [ / system health get $PSU value ];
|
||||
:foreach PSU in=[ /system/health/find where name~"^psu.*-state\$" ] do={
|
||||
:local Name [ /system/health/get $PSU name ];
|
||||
:local Value [ /system/health/get $PSU value ];
|
||||
|
||||
:if ([ :typeof ($CheckHealthLast->$Name) ] != "nothing") do={
|
||||
:if ($CheckHealthLast->$Name = "ok" && \
|
||||
|
@ -96,19 +96,19 @@ $ScriptLock $0;
|
|||
:set ($CheckHealthLast->$Name) $Value;
|
||||
}
|
||||
|
||||
:foreach Temperature in=[ / system health find where type="C" ] do={
|
||||
:local Name [ / system health get $Temperature name ];
|
||||
:local Value [ / system health get $Temperature value ];
|
||||
:foreach Temperature in=[ /system/health/find where type="C" ] do={
|
||||
:local Name [ /system/health/get $Temperature name ];
|
||||
:local Value [ /system/health/get $Temperature value ];
|
||||
|
||||
:if ([ :typeof ($CheckHealthLast->$Name) ] != "nothing") do={
|
||||
:if ([ :typeof ($CheckHealthTemperature->$Name) ] != "num" ) do={
|
||||
$LogPrintExit2 info $0 ("No threshold given for " . $Name . ", assuming 50C.") false;
|
||||
:set ($CheckHealthTemperature->$Name) 50;
|
||||
}
|
||||
:local Validate [ / system health get [ find where name=$Name ] value ];
|
||||
:local Validate [ /system/health/get [ find where name=$Name ] value ];
|
||||
:while ($Value != $Validate) do={
|
||||
:set Value $Validate;
|
||||
:set Validate [ / system health get [ find where name=$Name ] value ];
|
||||
:set Validate [ /system/health/get [ find where name=$Name ] value ];
|
||||
}
|
||||
:if ($Value > $CheckHealthTemperature->$Name && \
|
||||
$CheckHealthTemperatureNotified->$Name != true) do={
|
||||
|
|
|
@ -28,12 +28,12 @@
|
|||
:global SendNotification2;
|
||||
:global SymbolForNotification;
|
||||
|
||||
:local IntName [ / interface lte get $Interface name ];
|
||||
:local IntName [ /interface/lte/get $Interface name ];
|
||||
:local Firmware;
|
||||
:local Info;
|
||||
:do {
|
||||
:set Firmware [ / interface lte firmware-upgrade $Interface once as-value ];
|
||||
:set Info [ / interface lte monitor $Interface once as-value ];
|
||||
:set Firmware [ /interface/lte/firmware-upgrade $Interface once as-value ];
|
||||
:set Info [ /interface/lte/monitor $Interface once as-value ];
|
||||
} on-error={
|
||||
$LogPrintExit2 debug $0 ("Could not get latest LTE firmware version for interface " . \
|
||||
$IntName . ".") false;
|
||||
|
@ -48,10 +48,10 @@
|
|||
}
|
||||
|
||||
:if ([ $ScriptFromTerminal "check-lte-firmware-upgrade" ] = true && \
|
||||
[ :len [ / system script find where name="unattended-lte-firmware-upgrade" ] ] > 0) do={
|
||||
[ :len [ /system/script/find where name="unattended-lte-firmware-upgrade" ] ] > 0) do={
|
||||
:put ("Do you want to start unattended lte firmware upgrade for interface " . $IntName . "? [y/N]");
|
||||
:if (([ / terminal inkey timeout=60 ] % 32) = 25) do={
|
||||
/ system script run unattended-lte-firmware-upgrade;
|
||||
:if (([ /terminal/inkey timeout=60 ] % 32) = 25) do={
|
||||
/system/script/run unattended-lte-firmware-upgrade;
|
||||
$LogPrintExit2 info $0 ("Scheduled lte firmware upgrade for interface " . $IntName . "...") false;
|
||||
:return true;
|
||||
} else={
|
||||
|
@ -77,6 +77,6 @@
|
|||
:set ($SentLteFirmwareUpgradeNotification->$IntName) ($Firmware->"latest");
|
||||
}
|
||||
|
||||
:foreach Interface in=[ / interface lte find ] do={
|
||||
:foreach Interface in=[ /interface/lte/find ] do={
|
||||
$CheckInterface $Interface;
|
||||
}
|
||||
|
|
|
@ -27,10 +27,10 @@
|
|||
:global WaitFullyConnected;
|
||||
|
||||
:local DoUpdate do={
|
||||
:if ([ :len [ / system script find where name="packages-update" ] ] > 0) do={
|
||||
/ system script run packages-update;
|
||||
:if ([ :len [ /system/script/find where name="packages-update" ] ] > 0) do={
|
||||
/system/script/run packages-update;
|
||||
} else={
|
||||
/ system package update install without-paging;
|
||||
/system/package/update/install without-paging;
|
||||
}
|
||||
:error "Waiting for system to reboot.";
|
||||
}
|
||||
|
@ -39,21 +39,21 @@ $ScriptLock $0;
|
|||
|
||||
$WaitFullyConnected;
|
||||
|
||||
:if ([ :len [ / system package find where name="wireless" disabled=no ] ] > 0) do={
|
||||
:if ([ / interface wireless cap get enabled ] = true && \
|
||||
[ / caps-man manager get enabled ] = false && \
|
||||
:if ([ :len [ /system/package/find where name="wireless" disabled=no ] ] > 0) do={
|
||||
:if ([ /interface/wireless/cap/get enabled ] = true && \
|
||||
[ /caps-man/manager/get enabled ] = false && \
|
||||
$SafeUpdateOnCap != true) do={
|
||||
$LogPrintExit2 error $0 ("System is managed by CAPsMAN, not checking for RouterOS version.") true;
|
||||
}
|
||||
}
|
||||
|
||||
:if ([ :len [ / system scheduler find where name="reboot-for-update" ] ] > 0) do={
|
||||
:if ([ :len [ /system/scheduler/find where name="reboot-for-update" ] ] > 0) do={
|
||||
:error "A reboot for update is already scheduled.";
|
||||
}
|
||||
|
||||
$LogPrintExit2 debug $0 ("Checking for updates...") false;
|
||||
/ system package update check-for-updates without-paging as-value;
|
||||
:local Update [ / system package update get ];
|
||||
/system/package/update/check-for-updates without-paging as-value;
|
||||
:local Update [ /system/package/update/get ];
|
||||
|
||||
:if ([ :len ($Update->"latest-version") ] = 0) do={
|
||||
$LogPrintExit2 info $0 ("An empty string is not a valid version.") true;
|
||||
|
@ -77,7 +77,7 @@ $LogPrintExit2 debug $0 ("Checking for updates...") false;
|
|||
$DoUpdate;
|
||||
}
|
||||
|
||||
:if ($SafeUpdateNeighbor = true && [ :len [ / ip neighbor find where \
|
||||
:if ($SafeUpdateNeighbor = true && [ :len [ /ip/neighbor/find where \
|
||||
version=($Update->"latest-version" . " (" . $Update->"channel" . ")") ] ] > 0) do={
|
||||
$LogPrintExit2 info $0 ("Seen a neighbor running version " . $Update->"latest-version" . ", updating...") false;
|
||||
$SendNotification2 ({ origin=$0; \
|
||||
|
@ -90,7 +90,7 @@ $LogPrintExit2 debug $0 ("Checking for updates...") false;
|
|||
:if ([ :len $SafeUpdateUrl ] > 0) do={
|
||||
:local Result;
|
||||
:do {
|
||||
:set Result [ / tool fetch check-certificate=yes-without-crl \
|
||||
:set Result [ /tool/fetch check-certificate=yes-without-crl \
|
||||
($SafeUpdateUrl . $Update->"channel" . "?installed=" . $Update->"installed-version" . \
|
||||
"&latest=" . $Update->"latest-version") output=user as-value ];
|
||||
} on-error={
|
||||
|
@ -108,7 +108,7 @@ $LogPrintExit2 debug $0 ("Checking for updates...") false;
|
|||
|
||||
:if ([ $ScriptFromTerminal $0 ] = true) do={
|
||||
:put ("Do you want to install RouterOS version " . $Update->"latest-version" . "? [y/N]");
|
||||
:if (([ / terminal inkey timeout=60 ] % 32) = 25) do={
|
||||
:if (([ /terminal/inkey timeout=60 ] % 32) = 25) do={
|
||||
$DoUpdate;
|
||||
} else={
|
||||
:put "Canceled...";
|
||||
|
|
|
@ -25,47 +25,47 @@
|
|||
|
||||
$ScriptLock $0 false 10;
|
||||
|
||||
:if ([ :len [ / caps-man access-list find where comment="--- collected above ---" disabled ] ] = 0) do={
|
||||
/ caps-man access-list add comment="--- collected above ---" disabled=yes;
|
||||
:if ([ :len [ /caps-man/access-list/find where comment="--- collected above ---" disabled ] ] = 0) do={
|
||||
/caps-man/access-list/add comment="--- collected above ---" disabled=yes;
|
||||
$LogPrintExit2 warning $0 ("Added disabled access-list entry with comment '--- collected above ---'.") false;
|
||||
}
|
||||
:local PlaceBefore ([ / caps-man access-list find where comment="--- collected above ---" disabled ]->0);
|
||||
:local PlaceBefore ([ /caps-man/access-list/find where comment="--- collected above ---" disabled ]->0);
|
||||
|
||||
:foreach Reg in=[ / caps-man registration-table find ] do={
|
||||
:foreach Reg in=[ /caps-man/registration-table/find ] do={
|
||||
:local RegVal;
|
||||
:do {
|
||||
:set RegVal [ / caps-man registration-table get $Reg ];
|
||||
:set RegVal [ /caps-man/registration-table/get $Reg ];
|
||||
} on-error={
|
||||
$LogPrintExit2 debug $0 ("Device already gone... Ignoring.") false;
|
||||
}
|
||||
|
||||
:if ([ :len ($RegVal->"mac-address") ] > 0) do={
|
||||
:local AccessList ([ / caps-man access-list find where mac-address=($RegVal->"mac-address") ]->0);
|
||||
:local AccessList ([ /caps-man/access-list/find where mac-address=($RegVal->"mac-address") ]->0);
|
||||
:if ([ :len $AccessList ] > 0) do={
|
||||
$LogPrintExit2 debug $0 ("MAC address " . $RegVal->"mac-address" . " already known: " . \
|
||||
[ / caps-man access-list get $AccessList comment ]) false;
|
||||
[ /caps-man/access-list/get $AccessList comment ]) false;
|
||||
}
|
||||
|
||||
:if ([ :len $AccessList ] = 0) do={
|
||||
:local Address "no dhcp lease";
|
||||
:local DnsName "no dhcp lease";
|
||||
:local HostName "no dhcp lease";
|
||||
:local Lease ([ / ip dhcp-server lease find where mac-address=($RegVal->"mac-address") dynamic=yes status=bound ]->0);
|
||||
:local Lease ([ /ip/dhcp-server/lease/find where mac-address=($RegVal->"mac-address") dynamic=yes status=bound ]->0);
|
||||
:if ([ :len $Lease ] > 0) do={
|
||||
:set Address [ / ip dhcp-server lease get $Lease address ];
|
||||
:set HostName [ $EitherOr [ / ip dhcp-server lease get $Lease host-name ] "no hostname" ];
|
||||
:set Address [ /ip/dhcp-server/lease/get $Lease address ];
|
||||
:set HostName [ $EitherOr [ /ip/dhcp-server/lease/get $Lease host-name ] "no hostname" ];
|
||||
:set DnsName "no dns name";
|
||||
:local DnsRec ([ / ip dns static find where address=$Address ]->0);
|
||||
:local DnsRec ([ /ip/dns/static/find where address=$Address ]->0);
|
||||
:if ([ :len $DnsRec ] > 0) do={
|
||||
:set DnsName [ / ip dns static get $DnsRec name ];
|
||||
:set DnsName [ /ip/dns/static/get $DnsRec name ];
|
||||
}
|
||||
}
|
||||
:local DateTime ([ / system clock get date ] . " " . [ / system clock get time ]);
|
||||
:local DateTime ([ /system/clock/get date ] . " " . [ /system/clock/get time ]);
|
||||
:local Vendor [ $GetMacVendor ($RegVal->"mac-address") ];
|
||||
:local Message ("MAC address " . $RegVal->"mac-address" . " (" . $Vendor . ", " . $HostName . ") " . \
|
||||
"first seen on " . $DateTime . " connected to SSID " . $RegVal->"ssid" . ", interface " . $RegVal->"interface");
|
||||
$LogPrintExit2 info $0 $Message false;
|
||||
/ caps-man access-list add place-before=$PlaceBefore comment=$Message mac-address=($RegVal->"mac-address") disabled=yes;
|
||||
/caps-man/access-list/add place-before=$PlaceBefore comment=$Message mac-address=($RegVal->"mac-address") disabled=yes;
|
||||
$SendNotification2 ({ origin=$0; \
|
||||
subject=([ $SymbolForNotification "mobile-phone" ] . $RegVal->"mac-address" . " connected to " . $RegVal->"ssid"); \
|
||||
message=("A device with unknown MAC address connected to " . $RegVal->"ssid" . " on " . $Identity . ".\n\n" . \
|
||||
|
|
|
@ -25,48 +25,48 @@
|
|||
|
||||
$ScriptLock $0 false 10;
|
||||
|
||||
:if ([ :len [ / interface wireless access-list find where comment="--- collected above ---" disabled ] ] = 0) do={
|
||||
/ interface wireless access-list add comment="--- collected above ---" disabled=yes;
|
||||
:if ([ :len [ /interface/wireless/access-list/find where comment="--- collected above ---" disabled ] ] = 0) do={
|
||||
/interface/wireless/access-list/add comment="--- collected above ---" disabled=yes;
|
||||
$LogPrintExit2 warning $0 ("Added disabled access-list entry with comment '--- collected above ---'.") false;
|
||||
}
|
||||
:local PlaceBefore ([ / interface wireless access-list find where comment="--- collected above ---" disabled ]->0);
|
||||
:local PlaceBefore ([ /interface/wireless/access-list/find where comment="--- collected above ---" disabled ]->0);
|
||||
|
||||
:foreach Reg in=[ / interface wireless registration-table find ] do={
|
||||
:foreach Reg in=[ /interface/wireless/registration-table/find ] do={
|
||||
:local RegVal;
|
||||
:do {
|
||||
:set RegVal [ / interface wireless registration-table get $Reg ];
|
||||
:set RegVal [ /interface/wireless/registration-table/get $Reg ];
|
||||
} on-error={
|
||||
$LogPrintExit2 debug $0 ("Device already gone... Ignoring.") false;
|
||||
}
|
||||
|
||||
:if ([ :len ($RegVal->"mac-address") ] > 0) do={
|
||||
:local AccessList ([ / interface wireless access-list find where mac-address=($RegVal->"mac-address") ]->0);
|
||||
:local AccessList ([ /interface/wireless/access-list/find where mac-address=($RegVal->"mac-address") ]->0);
|
||||
:if ([ :len $AccessList ] > 0) do={
|
||||
$LogPrintExit2 debug $0 ("MAC address " . $RegVal->"mac-address" . " already known: " . \
|
||||
[ / interface wireless access-list get $AccessList comment ]) false;
|
||||
[ /interface/wireless/access-list/get $AccessList comment ]) false;
|
||||
}
|
||||
|
||||
:if ([ :len $AccessList ] = 0) do={
|
||||
:local Address "no dhcp lease";
|
||||
:local DnsName "no dhcp lease";
|
||||
:local HostName "no dhcp lease";
|
||||
:local Lease ([ / ip dhcp-server lease find where mac-address=($RegVal->"mac-address") dynamic=yes status=bound ]->0);
|
||||
:local Lease ([ /ip/dhcp-server/lease/find where mac-address=($RegVal->"mac-address") dynamic=yes status=bound ]->0);
|
||||
:if ([ :len $Lease ] > 0) do={
|
||||
:set Address [ / ip dhcp-server lease get $Lease address ];
|
||||
:set HostName [ $EitherOr [ / ip dhcp-server lease get $Lease host-name ] "no hostname" ];
|
||||
:set Address [ /ip/dhcp-server/lease/get $Lease address ];
|
||||
:set HostName [ $EitherOr [ /ip/dhcp-server/lease/get $Lease host-name ] "no hostname" ];
|
||||
:set DnsName "no dns name";
|
||||
:local DnsRec ([ / ip dns static find where address=$Address ]->0);
|
||||
:local DnsRec ([ /ip/dns/static/find where address=$Address ]->0);
|
||||
:if ([ :len $DnsRec ] > 0) do={
|
||||
:set DnsName [ / ip dns static get $DnsRec name ];
|
||||
:set DnsName [ /ip/dns/static/get $DnsRec name ];
|
||||
}
|
||||
}
|
||||
:set ($RegVal->"ssid") [ / interface wireless get [ find where name=($RegVal->"interface") ] ssid ];
|
||||
:local DateTime ([ / system clock get date ] . " " . [ / system clock get time ]);
|
||||
:set ($RegVal->"ssid") [ /interface/wireless/get [ find where name=($RegVal->"interface") ] ssid ];
|
||||
:local DateTime ([ /system/clock/get date ] . " " . [ /system/clock/get time ]);
|
||||
:local Vendor [ $GetMacVendor ($RegVal->"mac-address") ];
|
||||
:local Message ("MAC address " . $RegVal->"mac-address" . " (" . $Vendor . ", " . $HostName . ") " . \
|
||||
"first seen on " . $DateTime . " connected to SSID " . $RegVal->"ssid" . ", interface " . $RegVal->"interface");
|
||||
$LogPrintExit2 info $0 $Message false;
|
||||
/ interface wireless access-list add place-before=$PlaceBefore comment=$Message mac-address=($RegVal->"mac-address") disabled=yes;
|
||||
/interface/wireless/access-list/add place-before=$PlaceBefore comment=$Message mac-address=($RegVal->"mac-address") disabled=yes;
|
||||
$SendNotification2 ({ origin=$0; \
|
||||
subject=([ $SymbolForNotification "mobile-phone" ] . $RegVal->"mac-address" . " connected to " . $RegVal->"ssid"); \
|
||||
message=("A device with unknown MAC address connected to " . $RegVal->"ssid" . " on " . $Identity . ".\n\n" . \
|
||||
|
|
|
@ -26,48 +26,48 @@
|
|||
|
||||
$ScriptLock $0 false 10;
|
||||
|
||||
:if ([ :len [ / %PATH% access-list find where comment="--- collected above ---" disabled ] ] = 0) do={
|
||||
/ %PATH% access-list add comment="--- collected above ---" disabled=yes;
|
||||
:if ([ :len [ /%PATH%/access-list/find where comment="--- collected above ---" disabled ] ] = 0) do={
|
||||
/%PATH%/access-list/add comment="--- collected above ---" disabled=yes;
|
||||
$LogPrintExit2 warning $0 ("Added disabled access-list entry with comment '--- collected above ---'.") false;
|
||||
}
|
||||
:local PlaceBefore ([ / %PATH% access-list find where comment="--- collected above ---" disabled ]->0);
|
||||
:local PlaceBefore ([ /%PATH%/access-list/find where comment="--- collected above ---" disabled ]->0);
|
||||
|
||||
:foreach Reg in=[ / %PATH% registration-table find ] do={
|
||||
:foreach Reg in=[ /%PATH%/registration-table/find ] do={
|
||||
:local RegVal;
|
||||
:do {
|
||||
:set RegVal [ / %PATH% registration-table get $Reg ];
|
||||
:set RegVal [ /%PATH%/registration-table/get $Reg ];
|
||||
} on-error={
|
||||
$LogPrintExit2 debug $0 ("Device already gone... Ignoring.") false;
|
||||
}
|
||||
|
||||
:if ([ :len ($RegVal->"mac-address") ] > 0) do={
|
||||
:local AccessList ([ / %PATH% access-list find where mac-address=($RegVal->"mac-address") ]->0);
|
||||
:local AccessList ([ /%PATH%/access-list/find where mac-address=($RegVal->"mac-address") ]->0);
|
||||
:if ([ :len $AccessList ] > 0) do={
|
||||
$LogPrintExit2 debug $0 ("MAC address " . $RegVal->"mac-address" . " already known: " . \
|
||||
[ / %PATH% access-list get $AccessList comment ]) false;
|
||||
[ /%PATH%/access-list/get $AccessList comment ]) false;
|
||||
}
|
||||
|
||||
:if ([ :len $AccessList ] = 0) do={
|
||||
:local Address "no dhcp lease";
|
||||
:local DnsName "no dhcp lease";
|
||||
:local HostName "no dhcp lease";
|
||||
:local Lease ([ / ip dhcp-server lease find where mac-address=($RegVal->"mac-address") dynamic=yes status=bound ]->0);
|
||||
:local Lease ([ /ip/dhcp-server/lease/find where mac-address=($RegVal->"mac-address") dynamic=yes status=bound ]->0);
|
||||
:if ([ :len $Lease ] > 0) do={
|
||||
:set Address [ / ip dhcp-server lease get $Lease address ];
|
||||
:set HostName [ $EitherOr [ / ip dhcp-server lease get $Lease host-name ] "no hostname" ];
|
||||
:set Address [ /ip/dhcp-server/lease/get $Lease address ];
|
||||
:set HostName [ $EitherOr [ /ip/dhcp-server/lease/get $Lease host-name ] "no hostname" ];
|
||||
:set DnsName "no dns name";
|
||||
:local DnsRec ([ / ip dns static find where address=$Address ]->0);
|
||||
:local DnsRec ([ /ip/dns/static/find where address=$Address ]->0);
|
||||
:if ([ :len $DnsRec ] > 0) do={
|
||||
:set DnsName [ / ip dns static get $DnsRec name ];
|
||||
:set DnsName [ /ip/dns/static/get $DnsRec name ];
|
||||
}
|
||||
}
|
||||
:set ($RegVal->"ssid") [ / interface wireless get [ find where name=($RegVal->"interface") ] ssid ];
|
||||
:local DateTime ([ / system clock get date ] . " " . [ / system clock get time ]);
|
||||
:set ($RegVal->"ssid") [ /interface/wireless/get [ find where name=($RegVal->"interface") ] ssid ];
|
||||
:local DateTime ([ /system/clock/get date ] . " " . [ /system/clock/get time ]);
|
||||
:local Vendor [ $GetMacVendor ($RegVal->"mac-address") ];
|
||||
:local Message ("MAC address " . $RegVal->"mac-address" . " (" . $Vendor . ", " . $HostName . ") " . \
|
||||
"first seen on " . $DateTime . " connected to SSID " . $RegVal->"ssid" . ", interface " . $RegVal->"interface");
|
||||
$LogPrintExit2 info $0 $Message false;
|
||||
/ %PATH% access-list add place-before=$PlaceBefore comment=$Message mac-address=($RegVal->"mac-address") disabled=yes;
|
||||
/%PATH%/access-list/add place-before=$PlaceBefore comment=$Message mac-address=($RegVal->"mac-address") disabled=yes;
|
||||
$SendNotification2 ({ origin=$0; \
|
||||
subject=([ $SymbolForNotification "mobile-phone" ] . $RegVal->"mac-address" . " connected to " . $RegVal->"ssid"); \
|
||||
message=("A device with unknown MAC address connected to " . $RegVal->"ssid" . " on " . $Identity . ".\n\n" . \
|
||||
|
|
|
@ -56,20 +56,20 @@ $WaitFullyConnected;
|
|||
}
|
||||
|
||||
:local Seen [ :toarray "" ];
|
||||
:local Date [ / system clock get date ];
|
||||
:local Date [ /system/clock/get date ];
|
||||
:local NewPsk [ $GeneratePSK $Date ];
|
||||
|
||||
:foreach AccList in=[ / caps-man access-list find where comment~$DailyPskMatchComment ] do={
|
||||
:local Ssid [ / caps-man access-list get $AccList ssid-regexp ];
|
||||
:local Configuration [ / caps-man configuration get ([ find where ssid=$Ssid ]->0) name ];
|
||||
:local OldPsk [ / caps-man access-list get $AccList private-passphrase ];
|
||||
:foreach AccList in=[ /caps-man/access-list/find where comment~$DailyPskMatchComment ] do={
|
||||
:local Ssid [ /caps-man/access-list/get $AccList ssid-regexp ];
|
||||
:local Configuration [ /caps-man/configuration/get ([ find where ssid=$Ssid ]->0) name ];
|
||||
:local OldPsk [ /caps-man/access-list/get $AccList private-passphrase ];
|
||||
:local Skip 0;
|
||||
|
||||
:if ($NewPsk != $OldPsk) do={
|
||||
$LogPrintExit2 info $0 ("Updating daily PSK for " . $Ssid . " to " . $NewPsk . " (was " . $OldPsk . ")") false;
|
||||
/ caps-man access-list set $AccList private-passphrase=$NewPsk;
|
||||
/caps-man/access-list/set $AccList private-passphrase=$NewPsk;
|
||||
|
||||
:if ([ :len [ / caps-man interface find where configuration=$Configuration ] ] > 0) do={
|
||||
:if ([ :len [ /caps-man/interface/find where configuration=$Configuration ] ] > 0) do={
|
||||
:foreach SeenSsid in=$Seen do={
|
||||
:if ($SeenSsid = $Ssid) do={
|
||||
$LogPrintExit2 debug $0 ("Already sent a mail for SSID " . $Ssid . ", skipping.") false;
|
||||
|
|
|
@ -56,20 +56,20 @@ $WaitFullyConnected;
|
|||
}
|
||||
|
||||
:local Seen [ :toarray "" ];
|
||||
:local Date [ / system clock get date ];
|
||||
:local Date [ /system/clock/get date ];
|
||||
:local NewPsk [ $GeneratePSK $Date ];
|
||||
|
||||
:foreach AccList in=[ / interface wireless access-list find where comment~$DailyPskMatchComment ] do={
|
||||
:local IntName [ / interface wireless access-list get $AccList interface ];
|
||||
:local Ssid [ / interface wireless get $IntName ssid ];
|
||||
:local OldPsk [ / interface wireless access-list get $AccList private-pre-shared-key ];
|
||||
:foreach AccList in=[ /interface/wireless/access-list/find where comment~$DailyPskMatchComment ] do={
|
||||
:local IntName [ /interface/wireless/access-list/get $AccList interface ];
|
||||
:local Ssid [ /interface/wireless/get $IntName ssid ];
|
||||
:local OldPsk [ /interface/wireless/access-list/get $AccList private-pre-shared-key ];
|
||||
:local Skip 0;
|
||||
|
||||
:if ($NewPsk != $OldPsk) do={
|
||||
$LogPrintExit2 info $0 ("Updating daily PSK for " . $Ssid . " to " . $NewPsk . " (was " . $OldPsk . ")") false;
|
||||
/ interface wireless access-list set $AccList private-pre-shared-key=$NewPsk;
|
||||
/interface/wireless/access-list/set $AccList private-pre-shared-key=$NewPsk;
|
||||
|
||||
:if ([ :len [ / interface wireless find where name=$IntName disabled=no ] ] = 1) do={
|
||||
:if ([ :len [ /interface/wireless/find where name=$IntName disabled=no ] ] = 1) do={
|
||||
:foreach SeenSsid in=$Seen do={
|
||||
:if ($SeenSsid = $Ssid) do={
|
||||
$LogPrintExit2 debug $0 ("Already sent a mail for SSID " . $Ssid . ", skipping.") false;
|
||||
|
|
|
@ -57,25 +57,25 @@ $WaitFullyConnected;
|
|||
}
|
||||
|
||||
:local Seen [ :toarray "" ];
|
||||
:local Date [ / system clock get date ];
|
||||
:local Date [ /system/clock/get date ];
|
||||
:local NewPsk [ $GeneratePSK $Date ];
|
||||
|
||||
:foreach AccList in=[ / %PATH% access-list find where comment~$DailyPskMatchComment ] do={
|
||||
:local IntName [ / interface wireless access-list get $AccList interface ];
|
||||
:local Ssid [ / interface wireless get $IntName ssid ];
|
||||
:local Ssid [ / caps-man access-list get $AccList ssid-regexp ];
|
||||
:local Configuration [ / caps-man configuration get ([ find where ssid=$Ssid ]->0) name ];
|
||||
:local OldPsk [ / interface wireless access-list get $AccList private-pre-shared-key ];
|
||||
:local OldPsk [ / caps-man access-list get $AccList private-passphrase ];
|
||||
:foreach AccList in=[ /%PATH%/access-list/find where comment~$DailyPskMatchComment ] do={
|
||||
:local IntName [ /interface/wireless/access-list/get $AccList interface ];
|
||||
:local Ssid [ /interface/wireless/get $IntName ssid ];
|
||||
:local Ssid [ /caps-man/access-list/get $AccList ssid-regexp ];
|
||||
:local Configuration [ /caps-man/configuration/get ([ find where ssid=$Ssid ]->0) name ];
|
||||
:local OldPsk [ /interface/wireless/access-list/get $AccList private-pre-shared-key ];
|
||||
:local OldPsk [ /caps-man/access-list/get $AccList private-passphrase ];
|
||||
:local Skip 0;
|
||||
|
||||
:if ($NewPsk != $OldPsk) do={
|
||||
$LogPrintExit2 info $0 ("Updating daily PSK for " . $Ssid . " to " . $NewPsk . " (was " . $OldPsk . ")") false;
|
||||
/ interface wireless access-list set $AccList private-pre-shared-key=$NewPsk;
|
||||
/ caps-man access-list set $AccList private-passphrase=$NewPsk;
|
||||
/interface/wireless/access-list/set $AccList private-pre-shared-key=$NewPsk;
|
||||
/caps-man/access-list/set $AccList private-passphrase=$NewPsk;
|
||||
|
||||
:if ([ :len [ / interface wireless find where name=$IntName disabled=no ] ] = 1) do={
|
||||
:if ([ :len [ / caps-man interface find where configuration=$Configuration ] ] > 0) do={
|
||||
:if ([ :len [ /interface/wireless/find where name=$IntName disabled=no ] ] = 1) do={
|
||||
:if ([ :len [ /caps-man/interface/find where configuration=$Configuration ] ] > 0) do={
|
||||
:foreach SeenSsid in=$Seen do={
|
||||
:if ($SeenSsid = $Ssid) do={
|
||||
$LogPrintExit2 debug $0 ("Already sent a mail for SSID " . $Ssid . ", skipping.") false;
|
||||
|
|
|
@ -16,15 +16,15 @@
|
|||
|
||||
:global LogPrintExit2;
|
||||
|
||||
:foreach Lease in=[ / ip dhcp-server lease find where dynamic=yes status=bound ] do={
|
||||
:local LeaseVal [ / ip dhcp-server lease get $Lease ];
|
||||
:foreach Lease in=[ /ip/dhcp-server/lease/find where dynamic=yes status=bound ] do={
|
||||
:local LeaseVal [ /ip/dhcp-server/lease/get $Lease ];
|
||||
:local NewComment;
|
||||
:local AccessList ([ / caps-man access-list find where mac-address=($LeaseVal->"mac-address") ]->0);
|
||||
:local AccessList ([ /caps-man/access-list/find where mac-address=($LeaseVal->"mac-address") ]->0);
|
||||
:if ([ :len $AccessList ] > 0) do={
|
||||
:set NewComment [ / caps-man access-list get $AccessList comment ];
|
||||
:set NewComment [ /caps-man/access-list/get $AccessList comment ];
|
||||
}
|
||||
:if ([ :len $NewComment ] != 0 && $LeaseVal->"comment" != $NewComment) do={
|
||||
$LogPrintExit2 info $0 ("Updating comment for DHCP lease " . $LeaseVal->"mac-address" . ": " . $NewComment) false;
|
||||
/ ip dhcp-server lease set comment=$NewComment $Lease;
|
||||
/ip/dhcp-server/lease/set comment=$NewComment $Lease;
|
||||
}
|
||||
}
|
||||
|
|
|
@ -16,15 +16,15 @@
|
|||
|
||||
:global LogPrintExit2;
|
||||
|
||||
:foreach Lease in=[ / ip dhcp-server lease find where dynamic=yes status=bound ] do={
|
||||
:local LeaseVal [ / ip dhcp-server lease get $Lease ];
|
||||
:foreach Lease in=[ /ip/dhcp-server/lease/find where dynamic=yes status=bound ] do={
|
||||
:local LeaseVal [ /ip/dhcp-server/lease/get $Lease ];
|
||||
:local NewComment;
|
||||
:local AccessList ([ / interface wireless access-list find where mac-address=($LeaseVal->"mac-address") ]->0);
|
||||
:local AccessList ([ /interface/wireless/access-list/find where mac-address=($LeaseVal->"mac-address") ]->0);
|
||||
:if ([ :len $AccessList ] > 0) do={
|
||||
:set NewComment [ / interface wireless access-list get $AccessList comment ];
|
||||
:set NewComment [ /interface/wireless/access-list/get $AccessList comment ];
|
||||
}
|
||||
:if ([ :len $NewComment ] != 0 && $LeaseVal->"comment" != $NewComment) do={
|
||||
$LogPrintExit2 info $0 ("Updating comment for DHCP lease " . $LeaseVal->"mac-address" . ": " . $NewComment) false;
|
||||
/ ip dhcp-server lease set comment=$NewComment $Lease;
|
||||
/ip/dhcp-server/lease/set comment=$NewComment $Lease;
|
||||
}
|
||||
}
|
||||
|
|
|
@ -17,15 +17,15 @@
|
|||
|
||||
:global LogPrintExit2;
|
||||
|
||||
:foreach Lease in=[ / ip dhcp-server lease find where dynamic=yes status=bound ] do={
|
||||
:local LeaseVal [ / ip dhcp-server lease get $Lease ];
|
||||
:foreach Lease in=[ /ip/dhcp-server/lease/find where dynamic=yes status=bound ] do={
|
||||
:local LeaseVal [ /ip/dhcp-server/lease/get $Lease ];
|
||||
:local NewComment;
|
||||
:local AccessList ([ / %PATH% access-list find where mac-address=($LeaseVal->"mac-address") ]->0);
|
||||
:local AccessList ([ /%PATH%/access-list/find where mac-address=($LeaseVal->"mac-address") ]->0);
|
||||
:if ([ :len $AccessList ] > 0) do={
|
||||
:set NewComment [ / %PATH% access-list get $AccessList comment ];
|
||||
:set NewComment [ /%PATH%/access-list/get $AccessList comment ];
|
||||
}
|
||||
:if ([ :len $NewComment ] != 0 && $LeaseVal->"comment" != $NewComment) do={
|
||||
$LogPrintExit2 info $0 ("Updating comment for DHCP lease " . $LeaseVal->"mac-address" . ": " . $NewComment) false;
|
||||
/ ip dhcp-server lease set comment=$NewComment $Lease;
|
||||
/ip/dhcp-server/lease/set comment=$NewComment $Lease;
|
||||
}
|
||||
}
|
||||
|
|
34
dhcp-to-dns
34
dhcp-to-dns
|
@ -32,28 +32,28 @@ $ScriptLock $0 false 10;
|
|||
:local CommentPrefix ("managed by " . $0 . " for ");
|
||||
:local CommentString ("--- " . $0 . " above ---");
|
||||
|
||||
:if ([ :len [ / ip dns static find where comment=$CommentString name=- type=NXDOMAIN disabled ] ] = 0) do={
|
||||
/ ip dns static add comment=$CommentString name=- type=NXDOMAIN disabled=yes;
|
||||
:if ([ :len [ /ip/dns/static/find where comment=$CommentString name=- type=NXDOMAIN disabled ] ] = 0) do={
|
||||
/ip/dns/static/add comment=$CommentString name=- type=NXDOMAIN disabled=yes;
|
||||
$LogPrintExit2 warning $0 ("Added disabled static dns record with comment '" . $CommentString . "'.") false;
|
||||
}
|
||||
:local PlaceBefore ([ / ip dns static find where comment=$CommentString name=- type=NXDOMAIN disabled ]->0);
|
||||
:local PlaceBefore ([ /ip/dns/static/find where comment=$CommentString name=- type=NXDOMAIN disabled ]->0);
|
||||
|
||||
:foreach DnsRecord in=[ / ip dns static find where comment ~ $CommentPrefix ] do={
|
||||
:local DnsRecordVal [ / ip dns static get $DnsRecord ];
|
||||
:foreach DnsRecord in=[ /ip/dns/static/find where comment ~ $CommentPrefix ] do={
|
||||
:local DnsRecordVal [ /ip/dns/static/get $DnsRecord ];
|
||||
:local MacAddress [ $CharacterReplace ($DnsRecordVal->"comment") $CommentPrefix "" ];
|
||||
:if ([ :len [ / ip dhcp-server lease find where mac-address=$MacAddress address=($DnsRecordVal->"address") status=bound ] ] > 0) do={
|
||||
:if ([ :len [ /ip/dhcp-server/lease/find where mac-address=$MacAddress address=($DnsRecordVal->"address") status=bound ] ] > 0) do={
|
||||
$LogPrintExit2 debug $0 ("Lease for " . $MacAddress . " (" . $DnsRecordVal->"name" . ") still exists. Not deleting DNS entry.") false;
|
||||
} else={
|
||||
:local Found false;
|
||||
$LogPrintExit2 info $0 ("Lease expired for " . $MacAddress . " (" . $DnsRecordVal->"name" . "), deleting DNS entry.") false;
|
||||
/ ip dns static remove $DnsRecord;
|
||||
/ip/dns/static/remove $DnsRecord;
|
||||
}
|
||||
}
|
||||
|
||||
:foreach Lease in=[ / ip dhcp-server lease find where status=bound ] do={
|
||||
:foreach Lease in=[ /ip/dhcp-server/lease/find where status=bound ] do={
|
||||
:local LeaseVal;
|
||||
:do {
|
||||
:set LeaseVal [ / ip dhcp-server lease get $Lease ];
|
||||
:set LeaseVal [ /ip/dhcp-server/lease/get $Lease ];
|
||||
} on-error={
|
||||
$LogPrintExit2 debug $0 ("A lease just vanished, ignoring.") false;
|
||||
}
|
||||
|
@ -65,19 +65,19 @@ $ScriptLock $0 false 10;
|
|||
[ $CharacterReplace ($LeaseVal->"host-name") " " "" ] ];
|
||||
|
||||
:local Fqdn ($HostName . "." . [ $IfThenElse ($ServerNameInZone = true) ($LeaseVal->"server" . ".") ] . $Zone);
|
||||
:local DnsRecord [ / ip dns static find where name=$Fqdn ];
|
||||
:local DnsRecord [ /ip/dns/static/find where name=$Fqdn ];
|
||||
:if ([ :len $DnsRecord ] > 0) do={
|
||||
:local DnsIp [ / ip dns static get $DnsRecord address ];
|
||||
:local DnsIp [ /ip/dns/static/get $DnsRecord address ];
|
||||
|
||||
:local DupMacLeases [ / ip dhcp-server lease find where mac-address=($LeaseVal->"mac-address") status=bound ];
|
||||
:local DupMacLeases [ /ip/dhcp-server/lease/find where mac-address=($LeaseVal->"mac-address") status=bound ];
|
||||
:if ([ :len $DupMacLeases ] > 1) do={
|
||||
:set ($LeaseVal->"address") [ / ip dhcp-server lease get ($DupMacLeases->([ :len $DupMacLeases ] - 1)) address ];
|
||||
:set ($LeaseVal->"address") [ /ip/dhcp-server/lease/get ($DupMacLeases->([ :len $DupMacLeases ] - 1)) address ];
|
||||
}
|
||||
|
||||
:if ([ :len ($LeaseVal->"host-name") ] > 0) do={
|
||||
:local HostNameLeases [ / ip dhcp-server lease find where host-name=($LeaseVal->"host-name") status=bound ];
|
||||
:local HostNameLeases [ /ip/dhcp-server/lease/find where host-name=($LeaseVal->"host-name") status=bound ];
|
||||
:if ([ :len $HostNameLeases ] > 1) do={
|
||||
:set ($LeaseVal->"address") [ / ip dhcp-server lease get ($HostNameLeases->0) address ];
|
||||
:set ($LeaseVal->"address") [ /ip/dhcp-server/lease/get ($HostNameLeases->0) address ];
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -85,11 +85,11 @@ $ScriptLock $0 false 10;
|
|||
$LogPrintExit2 debug $0 ("DNS entry for " . $Fqdn . " does not need updating.") false;
|
||||
} else={
|
||||
$LogPrintExit2 info $0 ("Replacing DNS entry for " . $Fqdn . ", new address is " . $LeaseVal->"address" . ".") false;
|
||||
/ ip dns static set name=$Fqdn address=($LeaseVal->"address") ttl=$Ttl comment=$Comment $DnsRecord;
|
||||
/ip/dns/static/set name=$Fqdn address=($LeaseVal->"address") ttl=$Ttl comment=$Comment $DnsRecord;
|
||||
}
|
||||
} else={
|
||||
$LogPrintExit2 info $0 ("Adding new DNS entry for " . $Fqdn . ", address is " . $LeaseVal->"address" . ".") false;
|
||||
/ ip dns static add name=$Fqdn address=($LeaseVal->"address") ttl=$Ttl comment=$Comment place-before=$PlaceBefore;
|
||||
/ip/dns/static/add name=$Fqdn address=($LeaseVal->"address") ttl=$Ttl comment=$Comment place-before=$PlaceBefore;
|
||||
}
|
||||
} else={
|
||||
$LogPrintExit2 debug $0 ("No address available... Ignoring.") false;
|
||||
|
|
|
@ -13,7 +13,7 @@
|
|||
:global LogPrintExit2;
|
||||
:global VersionToNum;
|
||||
|
||||
:local RouterBoard [ / system routerboard get ];
|
||||
:local RouterBoard [ /system/routerboard/get ];
|
||||
:if ($RouterBoard->"current-firmware" = $RouterBoard->"upgrade-firmware") do={
|
||||
$LogPrintExit2 info $0 ("Firmware is already up to date.") true;
|
||||
}
|
||||
|
@ -21,21 +21,21 @@
|
|||
$LogPrintExit2 info $0 ("Different firmware version is available, but it is a downgrade. Ignoring.") true;
|
||||
}
|
||||
|
||||
:if ([ / system routerboard settings get auto-upgrade ] = false) do={
|
||||
:if ([ /system/routerboard/settings/get auto-upgrade ] = false) do={
|
||||
$LogPrintExit2 info $0 ("Firmware version " . $RouterBoard->"upgrade-firmware" . \
|
||||
" is available, upgrading.") false;
|
||||
/ system routerboard upgrade;
|
||||
/system/routerboard/upgrade;
|
||||
}
|
||||
|
||||
:while ([ :len [ / log find where topics=({"system";"info";"critical"}) \
|
||||
:while ([ :len [ /log/find where topics=({"system";"info";"critical"}) \
|
||||
message="Firmware upgraded successfully, please reboot for changes to take effect!" ] ] = 0) do={
|
||||
:delay 1s;
|
||||
}
|
||||
|
||||
:local Uptime [ / system resource get uptime ];
|
||||
:local Uptime [ /system/resource/get uptime ];
|
||||
:if ($Uptime < 1m) do={
|
||||
:delay $Uptime;
|
||||
}
|
||||
|
||||
$LogPrintExit2 info $0 ("Firmware upgrade successful, rebooting.") false;
|
||||
/ system reboot;
|
||||
/system/reboot;
|
||||
|
|
|
@ -128,10 +128,10 @@
|
|||
|
||||
# Run different commands with multiple mode-button presses.
|
||||
:global ModeButton {
|
||||
1="/ system script run leds-toggle-mode;";
|
||||
1="/system/script/run leds-toggle-mode;";
|
||||
2=":global SendNotification; :global Identity; \$SendNotification (\"Hello...\") (\"Hello world, \" . \$Identity . \" calling!\");";
|
||||
3="/ system shutdown;";
|
||||
4="/ system reboot;";
|
||||
3="/system/shutdown;";
|
||||
4="/system/reboot;";
|
||||
5=":global BridgePortVlan; \$BridgePortVlan alt;";
|
||||
# add more here...
|
||||
};
|
||||
|
@ -141,8 +141,8 @@
|
|||
# Run commands on SMS action.
|
||||
:global SmsAction {
|
||||
bridge-port-vlan-alt=":global BridgePortVlan; \$BridgePortVlan alt;";
|
||||
reboot="/ system reboot;";
|
||||
shutdown="/ system shutdown;";
|
||||
reboot="/system/reboot;";
|
||||
shutdown="/system/shutdown;";
|
||||
# add more here...
|
||||
};
|
||||
|
||||
|
@ -194,7 +194,7 @@
|
|||
# load custom settings from overlay
|
||||
# Warning: Do *NOT* copy this code to overlay!
|
||||
:do {
|
||||
/ system script run global-config-overlay;
|
||||
/system/script/run global-config-overlay;
|
||||
} on-error={
|
||||
:log error ("Loading configuration from overlay failed!");
|
||||
}
|
||||
|
|
|
@ -24,7 +24,7 @@
|
|||
15="New documentation is online! https://git.eworm.de/cgit/routeros-scripts/about/#available-scripts";
|
||||
16="Happy with RouterOS Scripts and have a GitHub and/or GitLab account? Please star!";
|
||||
17="Introduced script 'early-errors'";
|
||||
18=("Added a simple IP calculation function, try: \$IPCalc " . [ / ip address get ([ find ]->0) address ]);
|
||||
18=("Added a simple IP calculation function, try: \$IPCalc " . [ /ip/address/get ([ find ]->0) address ]);
|
||||
19="Commenting scripts with 'ignore', 'base-url=...' and 'url-suffix=...' is honored on update";
|
||||
20="Added support for hooks to 'netwatch-notify'";
|
||||
21="Added support for installing patch updates automatically by 'check-routeros-update'";
|
||||
|
@ -93,11 +93,11 @@
|
|||
# Migration steps to be applied on script updates
|
||||
:global GlobalConfigMigration {
|
||||
41=":global SendNotification; \$SendNotification (\"Migration mechanism\") (\"Congratulations!\nSuccessfully tested the new migration mechanism.\");";
|
||||
47="/ certificate remove [ find where fingerprint=\"731d3d9cfaa061487a1d71445a42f67df0afca2a6c2d2f98ff7b3ce112b1f568\" or fingerprint=\"25847d668eb4f04fdd40b12b6b0740c567da7d024308eb6c2c96fe41d9de218d\" ];";
|
||||
52=":global CertificateDownload; :if ([ :len [ / certificate find where fingerprint=\"67add1166b020ae61b8f5fc96813c04c2aa589960796865572a3c7e737613dfd\" or fingerprint=\"96bcec06264976f37460779acf28c5a7cfe8a3c0aae11a8ffcee05c0bddf08c6\" ] ] < 2) do={ \$CertificateDownload \"R3\"; }; / certificate remove [ find where fingerprint=\"0687260331a72403d909f105e69bcf0d32e1bd2493ffc6d9206d11bcd6770739\" ];";
|
||||
47="/certificate/remove [ find where fingerprint=\"731d3d9cfaa061487a1d71445a42f67df0afca2a6c2d2f98ff7b3ce112b1f568\" or fingerprint=\"25847d668eb4f04fdd40b12b6b0740c567da7d024308eb6c2c96fe41d9de218d\" ];";
|
||||
52=":global CertificateDownload; :if ([ :len [ /certificate/find where fingerprint=\"67add1166b020ae61b8f5fc96813c04c2aa589960796865572a3c7e737613dfd\" or fingerprint=\"96bcec06264976f37460779acf28c5a7cfe8a3c0aae11a8ffcee05c0bddf08c6\" ] ] < 2) do={ \$CertificateDownload \"R3\"; }; /certificate/remove [ find where fingerprint=\"0687260331a72403d909f105e69bcf0d32e1bd2493ffc6d9206d11bcd6770739\" ];";
|
||||
54=":global ScriptInstallUpdate; :global TelegramTokenId; :global TelegramChatId; :if ([ :len \$TelegramTokenId ] > 0 && [ :len \$TelegramChatId ] > 0) do={ \$ScriptInstallUpdate mod/notification-telegram; }";
|
||||
61="/ system script remove [ find where name~\"^(early-errors|mode-button-(event|scheduler)|script-updates)\\\$\" source~\"^#!rsc by RouterOS\\n\" ];";
|
||||
66=":global ScriptInstallUpdate; :if ([ :len [ / system script find where name=\"bridge-port-to-default\" ] ] > 0) do={ / system script remove [ find where name~\"^bridge-port-to(-default|ggle)\\\$\" ]; \$ScriptInstallUpdate mod/bridge-port-to; }";
|
||||
67=":global ScriptInstallUpdate; :global CharacterReplace; :foreach Script in=[ / system script find where name~\"^global-functions.d/\" ] do={ / system script set name=[ \$CharacterReplace [ / system script get \$Script name ] \"global-functions.d/\" \"mod/\" ] \$Script; }; \$ScriptInstallUpdate;";
|
||||
73=":global ScriptInstallUpdate; :global CharacterReplace; :foreach Old,New in={ \"cloud-backup\"=\"backup-cloud\"; \"email-backup\"=\"backup-email\"; \"upload-backup\"=\"backup-upload\" } do={ / system script set name=\$New [ find where name=\$Old ]; :foreach Scheduler in=[ / system scheduler find where on-event~\$Old ] do={ / system scheduler set \$Scheduler name=[ \$CharacterReplace [ get \$Scheduler name ] \$Old \$New ] on-event=[ \$CharacterReplace [ get \$Scheduler on-event ] \$Old \$New ]; }; }; \$ScriptInstallUpdate;";
|
||||
61="/system/script/remove [ find where name~\"^(early-errors|mode-button-(event|scheduler)|script-updates)\\\$\" source~\"^#!rsc by RouterOS\\n\" ];";
|
||||
66=":global ScriptInstallUpdate; :if ([ :len [ /system/script/find where name=\"bridge-port-to-default\" ] ] > 0) do={ /system/script/remove [ find where name~\"^bridge-port-to(-default|ggle)\\\$\" ]; \$ScriptInstallUpdate mod/bridge-port-to; }";
|
||||
67=":global ScriptInstallUpdate; :global CharacterReplace; :foreach Script in=[ /system/script/find where name~\"^global-functions.d/\" ] do={ /system/script/set name=[ \$CharacterReplace [ /system/script/get \$Script name ] \"global-functions.d/\" \"mod/\" ] \$Script; }; \$ScriptInstallUpdate;";
|
||||
73=":global ScriptInstallUpdate; :global CharacterReplace; :foreach Old,New in={ \"cloud-backup\"=\"backup-cloud\"; \"email-backup\"=\"backup-email\"; \"upload-backup\"=\"backup-upload\" } do={ /system/script/set name=\$New [ find where name=\$Old ]; :foreach Scheduler in=[ /system/scheduler/find where on-event~\$Old ] do={ /system/scheduler/set \$Scheduler name=[ \$CharacterReplace [ get \$Scheduler name ] \$Old \$New ] on-event=[ \$CharacterReplace [ get \$Scheduler on-event ] \$Old \$New ]; }; }; \$ScriptInstallUpdate;";
|
||||
};
|
||||
|
|
161
global-functions
161
global-functions
|
@ -14,7 +14,7 @@
|
|||
|
||||
# global variables not to be changed by user
|
||||
:global GlobalFunctionsReady false;
|
||||
:global Identity [ / system identity get name ];
|
||||
:global Identity [ /system/identity/get name ];
|
||||
|
||||
# global functions
|
||||
:global CertificateAvailable;
|
||||
|
@ -69,30 +69,30 @@
|
|||
:global LogPrintExit2;
|
||||
:global ParseKeyValueStore;
|
||||
|
||||
:if ([ / system resource get free-hdd-space ] < 8388608 && \
|
||||
[ / certificate settings get crl-download ] = true && \
|
||||
[ / certificate settings get crl-store ] = "system") do={
|
||||
:if ([ /system/resource/get free-hdd-space ] < 8388608 && \
|
||||
[ /certificate/settings/get crl-download ] = true && \
|
||||
[ /certificate/settings/get crl-store ] = "system") do={
|
||||
$LogPrintExit2 warning $0 ("This system has low free flash space but " . \
|
||||
"is configured to download certificate CRLs to system!") false;
|
||||
}
|
||||
|
||||
:if ([ :len [ / certificate find where common-name=$CommonName ] ] = 0) do={
|
||||
:if ([ :len [ /certificate/find where common-name=$CommonName ] ] = 0) do={
|
||||
$LogPrintExit2 info $0 ("Certificate with CommonName \"" . $CommonName . "\" not available.") false;
|
||||
:if ([ $CertificateDownload $CommonName ] = false) do={
|
||||
:return false;
|
||||
}
|
||||
}
|
||||
|
||||
:local CertVal [ / certificate get [ find where common-name=$CommonName ] ];
|
||||
:local CertVal [ /certificate/get [ find where common-name=$CommonName ] ];
|
||||
:while (($CertVal->"akid") != "" && ($CertVal->"akid") != ($CertVal->"skid")) do={
|
||||
:if ([ :len [ / certificate find where skid=($CertVal->"akid") ] ] = 0) do={
|
||||
:if ([ :len [ /certificate/find where skid=($CertVal->"akid") ] ] = 0) do={
|
||||
$LogPrintExit2 info $0 ("Certificate chain for \"" . $CommonName . \
|
||||
"\" is incomplete, missing \"" . ([ $ParseKeyValueStore ($CertVal->"issuer") ]->"CN") . "\".") false;
|
||||
:if ([ $CertificateDownload $CommonName ] = false) do={
|
||||
:return false;
|
||||
}
|
||||
}
|
||||
:set CertVal [ / certificate get [ find where skid=($CertVal->"akid") ] ];
|
||||
:set CertVal [ /certificate/get [ find where skid=($CertVal->"akid") ] ];
|
||||
}
|
||||
:return true;
|
||||
}
|
||||
|
@ -114,16 +114,16 @@
|
|||
:do {
|
||||
:local LocalFileName ($CommonName . ".pem");
|
||||
:local UrlFileName ([ $UrlEncode $CommonName ] . ".pem");
|
||||
/ tool fetch check-certificate=yes-without-crl \
|
||||
/tool/fetch check-certificate=yes-without-crl \
|
||||
($ScriptUpdatesBaseUrl . "certs/" . \
|
||||
$UrlFileName . $ScriptUpdatesUrlSuffix) \
|
||||
dst-path=$LocalFileName as-value;
|
||||
$WaitForFile $LocalFileName;
|
||||
/ certificate import file-name=$LocalFileName passphrase="" as-value;
|
||||
/ file remove $LocalFileName;
|
||||
/certificate/import file-name=$LocalFileName passphrase="" as-value;
|
||||
/file/remove $LocalFileName;
|
||||
|
||||
:foreach Cert in=[ / certificate find where name~("^" . $LocalFileName . "_[0-9]+\$") ] do={
|
||||
$CertificateNameByCN [ / certificate get $Cert common-name ];
|
||||
:foreach Cert in=[ /certificate/find where name~("^" . $LocalFileName . "_[0-9]+\$") ] do={
|
||||
$CertificateNameByCN [ /certificate/get $Cert common-name ];
|
||||
}
|
||||
} on-error={
|
||||
$LogPrintExit2 warning $0 ("Failed importing certificate with " . \
|
||||
|
@ -139,8 +139,8 @@
|
|||
|
||||
:global CharacterReplace;
|
||||
|
||||
:local Cert [ / certificate find where common-name=$CommonName ];
|
||||
/ certificate set $Cert \
|
||||
:local Cert [ /certificate/find where common-name=$CommonName ];
|
||||
/certificate/set $Cert \
|
||||
name=[ $CharacterReplace [ $CharacterReplace [ $CharacterReplace $CommonName "'" "-" ] " " "-" ] "---" "-" ];
|
||||
}
|
||||
|
||||
|
@ -185,7 +185,7 @@
|
|||
|
||||
# default route is reachable
|
||||
:set DefaultRouteIsReachable do={
|
||||
:if ([ :len [ / ip route find where dst-address=0.0.0.0/0 active routing-table=main ] ] > 0) do={
|
||||
:if ([ :len [ /ip/route/find where dst-address=0.0.0.0/0 active routing-table=main ] ] > 0) do={
|
||||
:return true;
|
||||
}
|
||||
:return false;
|
||||
|
@ -199,13 +199,13 @@
|
|||
|
||||
:global IfThenElse;
|
||||
|
||||
:local Resource [ / system resource get ];
|
||||
:local Resource [ /system/resource/get ];
|
||||
:local RouterBoard;
|
||||
:do {
|
||||
:set RouterBoard [ / system routerboard get ];
|
||||
:set RouterBoard [[ :parse "/system/routerboard/get" ]];
|
||||
} on-error={ }
|
||||
:local License [ / system license get ];
|
||||
:local Update [ / system package update get ];
|
||||
:local License [ /system/license/get ];
|
||||
:local Update [ /system/package/update/get ];
|
||||
|
||||
:return ( \
|
||||
"Hostname: " . $Identity . \
|
||||
|
@ -259,8 +259,8 @@
|
|||
:global WaitForFile;
|
||||
|
||||
:if ([ :len $PkgName ] = 0) do={ :return false; }
|
||||
:if ([ :len $PkgVer ] = 0) do={ :set PkgVer [ / system package update get installed-version ]; }
|
||||
:if ([ :len $PkgArch ] = 0) do={ :set PkgArch [ / system resource get architecture-name ]; }
|
||||
:if ([ :len $PkgVer ] = 0) do={ :set PkgVer [ /system/package/update/get installed-version ]; }
|
||||
:if ([ :len $PkgArch ] = 0) do={ :set PkgArch [ /system/resource/get architecture-name ]; }
|
||||
|
||||
:if ($PkgName = "system") do={ :set PkgName "routeros"; }
|
||||
|
||||
|
@ -273,7 +273,7 @@
|
|||
:return false;
|
||||
}
|
||||
|
||||
:if ([ :len [ / file find where name=$PkgDest type="package" ] ] > 0) do={
|
||||
:if ([ :len [ /file/find where name=$PkgDest type="package" ] ] > 0) do={
|
||||
$LogPrintExit2 info $0 ("Package file " . $PkgName . " already exists.") false;
|
||||
:return true;
|
||||
}
|
||||
|
@ -288,17 +288,17 @@
|
|||
:local Retry 3;
|
||||
:while ($Retry > 0) do={
|
||||
:do {
|
||||
/ tool fetch check-certificate=yes-without-crl $Url dst-path=$PkgDest;
|
||||
/tool/fetch check-certificate=yes-without-crl $Url dst-path=$PkgDest;
|
||||
$WaitForFile $PkgDest;
|
||||
|
||||
:if ([ / file get [ find where name=$PkgDest ] type ] = "package") do={
|
||||
:if ([ /file/get [ find where name=$PkgDest ] type ] = "package") do={
|
||||
:return true;
|
||||
}
|
||||
} on-error={
|
||||
$LogPrintExit2 debug $0 ("Downloading package file failed.") false;
|
||||
}
|
||||
|
||||
/ file remove [ find where name=$PkgDest ];
|
||||
/file/remove [ find where name=$PkgDest ];
|
||||
:set Retry ($Retry - 1);
|
||||
}
|
||||
|
||||
|
@ -348,28 +348,28 @@
|
|||
:local AllDone true;
|
||||
:local QueueLen [ :len $EmailQueue ];
|
||||
|
||||
:if ([ :len [ / system scheduler find where name="FlushEmailQueue" ] ] > 0 && $QueueLen = 0) do={
|
||||
:if ([ :len [ /system/scheduler/find where name="FlushEmailQueue" ] ] > 0 && $QueueLen = 0) do={
|
||||
$LogPrintExit2 warning $0 ("Flushing E-Mail messages from scheduler, but queue is empty.") false;
|
||||
}
|
||||
|
||||
/ system scheduler set interval=($QueueLen . "m") [ find where name="FlushEmailQueue" ];
|
||||
/system/scheduler/set interval=($QueueLen . "m") [ find where name="FlushEmailQueue" ];
|
||||
|
||||
:foreach Id,Message in=$EmailQueue do={
|
||||
:if ([ :typeof $Message ] = "array" ) do={
|
||||
:local Attach [ $EitherOr ($Message->"attach") "" ];
|
||||
:while ([ / tool e-mail get last-status ] = "in-progress") do={ :delay 1s; }
|
||||
/ tool e-mail send to=($Message->"to") cc=($Message->"cc") subject=($Message->"subject") \
|
||||
:while ([ /tool/e-mail/get last-status ] = "in-progress") do={ :delay 1s; }
|
||||
/tool/e-mail/send to=($Message->"to") cc=($Message->"cc") subject=($Message->"subject") \
|
||||
body=($Message->"body") file=$Attach;
|
||||
:local Wait true;
|
||||
:do {
|
||||
:delay 1s;
|
||||
:local Status [ / tool e-mail get last-status ];
|
||||
:local Status [ /tool/e-mail/get last-status ];
|
||||
:if ($Status = "succeeded") do={
|
||||
:set ($EmailQueue->$Id);
|
||||
:set Wait false;
|
||||
:if (($Message->"remove-attach") = true) do={
|
||||
:foreach File in=[ :toarray $Attach ] do={
|
||||
/ file remove $File;
|
||||
/file/remove $File;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
@ -382,10 +382,10 @@
|
|||
}
|
||||
|
||||
:if ($AllDone = true && $QueueLen = [ :len $EmailQueue ]) do={
|
||||
/ system scheduler remove [ find where name="FlushEmailQueue" ];
|
||||
/system/scheduler/remove [ find where name="FlushEmailQueue" ];
|
||||
:set EmailQueue;
|
||||
} else={
|
||||
/ system scheduler set interval=1m [ find where name="FlushEmailQueue" ];
|
||||
/system/scheduler/set interval=1m [ find where name="FlushEmailQueue" ];
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -400,12 +400,12 @@
|
|||
:if ([ $CertificateAvailable "Cloudflare Inc ECC CA-3" ] = false) do={
|
||||
$LogPrintExit2 warning $0 ("Downloading required certificate failed.") true;
|
||||
}
|
||||
:local Vendor ([ / tool fetch check-certificate=yes-without-crl \
|
||||
:local Vendor ([ /tool/fetch check-certificate=yes-without-crl \
|
||||
("https://api.macvendors.com/" . [ :pick $Mac 0 8 ]) output=user as-value ]->"data");
|
||||
:return $Vendor;
|
||||
} on-error={
|
||||
:do {
|
||||
/ tool fetch check-certificate=yes-without-crl ("https://api.macvendors.com/") \
|
||||
/tool/fetch check-certificate=yes-without-crl ("https://api.macvendors.com/") \
|
||||
output=none as-value;
|
||||
$LogPrintExit2 debug $0 ("The mac vendor is not known in database.") false;
|
||||
} on-error={
|
||||
|
@ -417,7 +417,7 @@
|
|||
|
||||
# generate random 20 chars hex (0-9 and a-f)
|
||||
:set GetRandom20CharHex do={
|
||||
:return ([ / certificate scep-server otp generate minutes-valid=0 as-value ]->"password");
|
||||
:return ([ /certificate/scep-server/otp/generate minutes-valid=0 as-value ]->"password");
|
||||
}
|
||||
|
||||
# generate random number
|
||||
|
@ -515,20 +515,20 @@
|
|||
:return true;
|
||||
}
|
||||
|
||||
:if ([ :len [ / file find where name=$Dir type="directory" ] ] = 1) do={
|
||||
:if ([ :len [ /file/find where name=$Dir type="directory" ] ] = 1) do={
|
||||
:return true;
|
||||
}
|
||||
|
||||
:local Return true;
|
||||
:local Name ($Dir . "-" . [ $GetRandom20CharHex ]);
|
||||
:do {
|
||||
/ ip smb share add disabled=yes directory=$Dir name=$Name;
|
||||
/ip/smb/share/add disabled=yes directory=$Dir name=$Name;
|
||||
$WaitForFile $Dir;
|
||||
} on-error={
|
||||
$LogPrintExit2 warning $0 ("Making directory '" . $Dir . "' failed!") false;
|
||||
:set Return false;
|
||||
}
|
||||
/ ip smb share remove [ find where name=$Name ];
|
||||
/ip/smb/share/remove [ find where name=$Name ];
|
||||
:return $Return;
|
||||
}
|
||||
|
||||
|
@ -555,7 +555,7 @@
|
|||
:local To [ $EitherOr ($EmailGeneralToOverride->($Notification->"origin")) $EmailGeneralTo ];
|
||||
:local Cc [ $EitherOr ($EmailGeneralCcOverride->($Notification->"origin")) $EmailGeneralCc ];
|
||||
|
||||
:local EMailSettings [ / tool e-mail get ];
|
||||
:local EMailSettings [ /tool/e-mail/get ];
|
||||
:if ([ :len $To ] = 0 || ($EMailSettings->"address") = "0.0.0.0" || ($EMailSettings->"from") = "<>") do={
|
||||
:return false;
|
||||
}
|
||||
|
@ -563,7 +563,7 @@
|
|||
:if ([ :typeof $EmailQueue ] = "nothing") do={
|
||||
:set EmailQueue [ :toarray "" ];
|
||||
}
|
||||
:local Signature [ / system note get note ];
|
||||
:local Signature [ /system/note/get note ];
|
||||
:set ($EmailQueue->[ :len $EmailQueue ]) {
|
||||
to=$To; cc=$Cc;
|
||||
subject=[ $QuotedPrintable ("[" . $Identity . "] " . ($Notification->"subject")) ];
|
||||
|
@ -571,8 +571,8 @@
|
|||
[ $IfThenElse ([ :len ($Notification->"link") ] > 0) ("\n\n" . ($Notification->"link")) "" ] . \
|
||||
[ $IfThenElse ([ :len $Signature ] > 0) ("\n-- \n" . $Signature) "" ]); \
|
||||
attach=($Notification->"attach"); remove-attach=($Notification->"remove-attach") };
|
||||
:if ([ :len [ / system scheduler find where name="FlushEmailQueue" ] ] = 0) do={
|
||||
/ system scheduler add name=FlushEmailQueue interval=1s start-time=startup \
|
||||
:if ([ :len [ /system/scheduler/find where name="FlushEmailQueue" ] ] = 0) do={
|
||||
/system/scheduler/add name=FlushEmailQueue interval=1s start-time=startup \
|
||||
on-event=(":global FlushEmailQueue; \$FlushEmailQueue;");
|
||||
}
|
||||
}
|
||||
|
@ -653,7 +653,7 @@
|
|||
:global IfThenElse;
|
||||
:global LogPrintExit2;
|
||||
:global VersionToNum;
|
||||
:if ([ $VersionToNum $Required ] > [ $VersionToNum [ / system package update get installed-version ] ]) do={
|
||||
:if ([ $VersionToNum $Required ] > [ $VersionToNum [ /system/package/update/get installed-version ] ]) do={
|
||||
:if ($Warn = "true") do={
|
||||
$LogPrintExit2 warning $0 ("This " . [ $IfThenElse ([ :pick $Caller 0 ] = ("\$")) "function" "script" ] . \
|
||||
" '" . $Caller . "' (at least specific functionality) requires RouterOS " . $Required . ". Please update!") false;
|
||||
|
@ -669,10 +669,10 @@
|
|||
|
||||
:global LogPrintExit2;
|
||||
|
||||
:foreach Job in=[ / system script job find where script=$Script ] do={
|
||||
:set Job [ / system script job get $Job ];
|
||||
:foreach Job in=[ /system/script/job/find where script=$Script ] do={
|
||||
:set Job [ /system/script/job/get $Job ];
|
||||
:while ([ :typeof ($Job->"parent") ] = "id") do={
|
||||
:set Job [ / system script job get [ find where .id=($Job->"parent") ] ];
|
||||
:set Job [ /system/script/job/get [ find where .id=($Job->"parent") ] ];
|
||||
}
|
||||
:if (($Job->"type") = "login") do={
|
||||
$LogPrintExit2 debug $0 ("Script " . $Script . " started from terminal.") false;
|
||||
|
@ -712,9 +712,9 @@
|
|||
}
|
||||
|
||||
:foreach Script in=$Scripts do={
|
||||
:if ([ :len [ / system script find where name=$Script ] ] = 0) do={
|
||||
:if ([ :len [ /system/script/find where name=$Script ] ] = 0) do={
|
||||
$LogPrintExit2 info $0 ("Adding new script: " . $Script) false;
|
||||
/ system script add name=$Script owner=$Script source="#!rsc by RouterOS\n" comment=$NewComment;
|
||||
/system/script/add name=$Script owner=$Script source="#!rsc by RouterOS\n" comment=$NewComment;
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -722,17 +722,17 @@
|
|||
:local ReloadGlobalFunctions false;
|
||||
:local ReloadGlobalConfig false;
|
||||
|
||||
:foreach Script in=[ / system script find where source~"^#!rsc by RouterOS\n" ] do={
|
||||
:local ScriptVal [ / system script get $Script ];
|
||||
:local ScriptFile [ / file find where name=("script-updates/" . $ScriptVal->"name") ];
|
||||
:foreach Script in=[ /system/script/find where source~"^#!rsc by RouterOS\n" ] do={
|
||||
:local ScriptVal [ /system/script/get $Script ];
|
||||
:local ScriptFile [ /file/find where name=("script-updates/" . $ScriptVal->"name") ];
|
||||
:local SourceNew;
|
||||
:if ([ :len $ScriptFile ] > 0) do={
|
||||
:set SourceNew [ / file get $ScriptFile content ];
|
||||
/ file remove $ScriptFile;
|
||||
:set SourceNew [ /file/get $ScriptFile content ];
|
||||
/file/remove $ScriptFile;
|
||||
}
|
||||
|
||||
:foreach Scheduler in=[ / system scheduler find where on-event~("\\b" . $ScriptVal->"name" . "\\b") ] do={
|
||||
:local SchedulerVal [ / system scheduler get $Scheduler ];
|
||||
:foreach Scheduler in=[ /system/scheduler/find where on-event~("\\b" . $ScriptVal->"name" . "\\b") ] do={
|
||||
:local SchedulerVal [ /system/scheduler/get $Scheduler ];
|
||||
:if ($ScriptVal->"policy" != $SchedulerVal->"policy") do={
|
||||
$LogPrintExit2 warning $0 ("Policies differ for script '" . $ScriptVal->"name" . \
|
||||
"' and its scheduler '" . $SchedulerVal->"name" . "'!") false;
|
||||
|
@ -750,7 +750,7 @@
|
|||
:local Url ($BaseUrl . $ScriptVal->"name" . $UrlSuffix);
|
||||
|
||||
$LogPrintExit2 debug $0 ("Fetching script '" . $ScriptVal->"name" . "' from url: " . $Url) false;
|
||||
:local Result [ / tool fetch check-certificate=yes-without-crl $Url output=user as-value ];
|
||||
:local Result [ /tool/fetch check-certificate=yes-without-crl $Url output=user as-value ];
|
||||
:if ($Result->"status" = "finished") do={
|
||||
:set SourceNew ($Result->"data");
|
||||
}
|
||||
|
@ -767,7 +767,7 @@
|
|||
:local DontRequirePermissions \
|
||||
($SourceNew~"\n# requires: dont-require-permissions=yes\n");
|
||||
$LogPrintExit2 info $0 ("Updating script: " . $ScriptVal->"name") false;
|
||||
/ system script set owner=($ScriptVal->"name") source=$SourceNew \
|
||||
/system/script/set owner=($ScriptVal->"name") source=$SourceNew \
|
||||
dont-require-permissions=$DontRequirePermissions $Script;
|
||||
:if ($ScriptVal->"name" = "global-config") do={
|
||||
:set ReloadGlobalConfig true;
|
||||
|
@ -794,7 +794,7 @@
|
|||
:if ($ReloadGlobalFunctions = true) do={
|
||||
$LogPrintExit2 info $0 ("Reloading global functions.") false;
|
||||
:do {
|
||||
/ system script run global-functions;
|
||||
/system/script/run global-functions;
|
||||
} on-error={
|
||||
$LogPrintExit2 error $0 ("Reloading global functions failed!") false;
|
||||
}
|
||||
|
@ -803,7 +803,7 @@
|
|||
:if ($ReloadGlobalConfig = true) do={
|
||||
$LogPrintExit2 info $0 ("Reloading global configuration.") false;
|
||||
:do {
|
||||
/ system script run global-config;
|
||||
/system/script/run global-config;
|
||||
} on-error={
|
||||
$LogPrintExit2 error $0 ("Reloading global configuration failed!" . \
|
||||
" Syntax error or missing overlay\?") false;
|
||||
|
@ -818,7 +818,7 @@
|
|||
:do {
|
||||
:local Url ($ScriptUpdatesBaseUrl . "global-config.changes" . $ScriptUpdatesUrlSuffix);
|
||||
$LogPrintExit2 debug $0 ("Fetching news, changes and migration: " . $Url) false;
|
||||
:local Result [ / tool fetch check-certificate=yes-without-crl $Url output=user as-value ];
|
||||
:local Result [ /tool/fetch check-certificate=yes-without-crl $Url output=user as-value ];
|
||||
:if ($Result->"status" = "finished") do={
|
||||
:set ChangeLogCode ($Result->"data");
|
||||
}
|
||||
|
@ -918,7 +918,7 @@
|
|||
:local JobCount do={
|
||||
:local Script [ :tostr $1 ];
|
||||
|
||||
:return [ :len [ / system script job find where script=$Script ] ];
|
||||
:return [ :len [ /system/script/job/find where script=$Script ] ];
|
||||
}
|
||||
|
||||
:local TicketCount do={
|
||||
|
@ -990,7 +990,7 @@
|
|||
:set ($ScriptLockOrder->$Script) [ :toarray "" ];
|
||||
}
|
||||
|
||||
:if ([ :len [ / system script find where name=$Script ] ] = 0) do={
|
||||
:if ([ :len [ /system/script/find where name=$Script ] ] = 0) do={
|
||||
$LogPrintExit2 error $0 ("A script named '" . $Script . "' does not exist!") true;
|
||||
}
|
||||
|
||||
|
@ -1001,7 +1001,7 @@
|
|||
:if ([ $TicketCount $Script ] >= [ $JobCount $Script ]) do={
|
||||
$LogPrintExit2 error $0 ("More tickets than running scripts '" . $Script . "', resetting!") false;
|
||||
:set ($ScriptLockOrder->$Script) [ :toarray "" ];
|
||||
/ system script job remove [ find where script=$Script ];
|
||||
/system/script/job/remove [ find where script=$Script ];
|
||||
}
|
||||
|
||||
:local MyTicket [ $GetRandom20CharHex ];
|
||||
|
@ -1107,21 +1107,21 @@
|
|||
:set TimeIsSync do={
|
||||
:global LogPrintExit2;
|
||||
|
||||
:if ([ / system ntp client get enabled ] = true) do={
|
||||
:if ([ /system/ntp/client/get enabled ] = true) do={
|
||||
:do {
|
||||
:if ([ / system ntp client get status ] = "synchronized") do={
|
||||
:if ([ /system/ntp/client/get status ] = "synchronized") do={
|
||||
:return true;
|
||||
}
|
||||
} on-error={
|
||||
:if ([ :typeof [ / system ntp client get last-adjustment ] ] = "time") do={
|
||||
:if ([ :typeof [ /system/ntp/client/get last-adjustment ] ] = "time") do={
|
||||
:return true;
|
||||
}
|
||||
}
|
||||
:return false;
|
||||
}
|
||||
|
||||
:if ([ / ip cloud get ddns-enabled ] = true && [ / ip cloud get update-time ] = true) do={
|
||||
:if ([ :typeof [ / ip cloud get public-address ] ] = "ip") do={
|
||||
:if ([ /ip/cloud/get ddns-enabled ] = true && [ /ip/cloud/get update-time ] = true) do={
|
||||
:if ([ :typeof [ /ip/cloud/get public-address ] ] = "ip") do={
|
||||
:return true;
|
||||
}
|
||||
:return false;
|
||||
|
@ -1226,7 +1226,7 @@
|
|||
:set FileName [ $CleanFilePath $FileName ];
|
||||
:local I 0;
|
||||
|
||||
:while ([ :len [ / file find where name=$FileName ] ] = 0) do={
|
||||
:while ([ :len [ /file/find where name=$FileName ] ] = 0) do={
|
||||
:if ($I > 20) do={
|
||||
:return false;
|
||||
}
|
||||
|
@ -1253,10 +1253,10 @@
|
|||
:global TimeIsSync;
|
||||
|
||||
:while ([ $TimeIsSync ] = false) do={
|
||||
:if ([ :len [ / system script find where name="rotate-ntp" ] ] > 0 && \
|
||||
([ / system resource get uptime ] % (180 * 1000000000)) = 0s) do={
|
||||
:if ([ :len [ /system/script/find where name="rotate-ntp" ] ] > 0 && \
|
||||
([ /system/resource/get uptime ] % (180 * 1000000000)) = 0s) do={
|
||||
:do {
|
||||
/ system script run rotate-ntp;
|
||||
/system/script/run rotate-ntp;
|
||||
} on-error={
|
||||
$LogPrintExit2 debug $0 ("Running rotate-ntp failed.") false;
|
||||
}
|
||||
|
@ -1266,11 +1266,11 @@
|
|||
}
|
||||
|
||||
# load modules
|
||||
:foreach Script in=[ / system script find where name ~ "^mod/." ] do={
|
||||
:local ScriptVal [ / system script get $Script ];
|
||||
:foreach Script in=[ /system/script/find where name ~ "^mod/." ] do={
|
||||
:local ScriptVal [ /system/script/get $Script ];
|
||||
:if ([ $ValidateSyntax ($ScriptVal->"source") ] = true) do={
|
||||
:do {
|
||||
/ system script run $Script;
|
||||
/system/script/run $Script;
|
||||
} on-error={
|
||||
$LogPrintExit2 error $0 ("Module '" . $ScriptVal->"name" . "' failed to run.") false;
|
||||
}
|
||||
|
@ -1280,12 +1280,7 @@
|
|||
}
|
||||
|
||||
# check for required RouterOS version
|
||||
:if ([ $RequiredRouterOS $0 "7.0" false ] = true) do={
|
||||
$RequiredRouterOS $0 "7.1" true;
|
||||
} else={
|
||||
$LogPrintExit2 warning $0 ("Still running RouterOS v6, please switch to branch " . \
|
||||
"'routeros-v6', see https://git.eworm.de/cgit/routeros-scripts/about/#changes-for-routeros-v6") false;
|
||||
}
|
||||
$RequiredRouterOS $0 "7.1" true;
|
||||
|
||||
# signal we are ready
|
||||
:set GlobalFunctionsReady true;
|
||||
|
|
|
@ -15,11 +15,11 @@
|
|||
|
||||
:global LogPrintExit2;
|
||||
|
||||
:local CoordinateFormat [ / system gps get coordinate-format ];
|
||||
:local Gps [ / system gps monitor once as-value ];
|
||||
:local CoordinateFormat [ /system/gps/get coordinate-format ];
|
||||
:local Gps [ /system/gps/monitor once as-value ];
|
||||
|
||||
:if ($Gps->"valid" = true) do={
|
||||
/ tool fetch check-certificate=yes-without-crl $GpsTrackUrl output=none \
|
||||
/tool/fetch check-certificate=yes-without-crl $GpsTrackUrl output=none \
|
||||
http-method=post http-header-field="Content-Type: application/json" \
|
||||
http-data=("{" . \
|
||||
"\"lat\":\"" . ($Gps->"latitude") . "\"," . \
|
||||
|
|
|
@ -16,23 +16,23 @@
|
|||
|
||||
:local MacAddress $"mac-address";
|
||||
:local UserName $username;
|
||||
:local Date [ / system clock get date ];
|
||||
:local UserVal [ / ip hotspot user get [ find where name=$UserName ] ];
|
||||
:local Date [ /system/clock/get date ];
|
||||
:local UserVal [ /ip/hotspot/user/get [ find where name=$UserName ] ];
|
||||
:local UserInfo [ $ParseKeyValueStore ($UserVal->"comment") ];
|
||||
:local Hotspot [ / ip hotspot host get [ find where mac-address=$MacAddress authorized ] server ];
|
||||
:local Hotspot [ /ip/hotspot/host/get [ find where mac-address=$MacAddress authorized ] server ];
|
||||
|
||||
:if ([ :len [ / caps-man access-list find where comment="--- hotspot-to-wpa above ---" disabled ] ] = 0) do={
|
||||
/ caps-man access-list add comment="--- hotspot-to-wpa above ---" disabled=yes;
|
||||
:if ([ :len [ /caps-man/access-list/find where comment="--- hotspot-to-wpa above ---" disabled ] ] = 0) do={
|
||||
/caps-man/access-list/add comment="--- hotspot-to-wpa above ---" disabled=yes;
|
||||
$LogPrintExit2 warning $0 ("Added disabled access-list entry with comment '--- hotspot-to-wpa above ---'.") false;
|
||||
}
|
||||
:local PlaceBefore ([ / caps-man access-list find where comment="--- hotspot-to-wpa above ---" disabled ]->0);
|
||||
:local PlaceBefore ([ /caps-man/access-list/find where comment="--- hotspot-to-wpa above ---" disabled ]->0);
|
||||
|
||||
:if ([ :len [ / caps-man access-list find where \
|
||||
:if ([ :len [ /caps-man/access-list/find where \
|
||||
comment=("hotspot-to-wpa template " . $Hotspot) disabled ] ] = 0) do={
|
||||
/ caps-man access-list add comment=("hotspot-to-wpa template " . $Hotspot) disabled=yes place-before=$PlaceBefore;
|
||||
/caps-man/access-list/add comment=("hotspot-to-wpa template " . $Hotspot) disabled=yes place-before=$PlaceBefore;
|
||||
$LogPrintExit2 warning $0 ("Added template in access-list for hotspot '" . $Hotspot . "'.") false;
|
||||
}
|
||||
:local Template [ / caps-man access-list get ([ find where \
|
||||
:local Template [ /caps-man/access-list/get ([ find where \
|
||||
comment=("hotspot-to-wpa template " . $Hotspot) disabled ]->0) ];
|
||||
|
||||
:if ($Template->"action" = "reject") do={
|
||||
|
@ -42,31 +42,31 @@
|
|||
# allow login page to load
|
||||
:delay 1s;
|
||||
|
||||
$LogPrintExit2 info $0 ("Adding/updating accesslist entry for mac address " . $MacAddress . \
|
||||
$LogPrintExit2 info $0 ("Adding/updating access-list entry for mac address " . $MacAddress . \
|
||||
" (user " . $UserName . ").") false;
|
||||
/ caps-man access-list remove [ find where mac-address=$MacAddress comment~"^hotspot-to-wpa: " ];
|
||||
/ caps-man access-list add comment=("hotspot-to-wpa: " . $UserName . ", " . $MacAddress . ", " . $Date) \
|
||||
/caps-man/access-list/remove [ find where mac-address=$MacAddress comment~"^hotspot-to-wpa: " ];
|
||||
/caps-man/access-list/add comment=("hotspot-to-wpa: " . $UserName . ", " . $MacAddress . ", " . $Date) \
|
||||
mac-address=$MacAddress private-passphrase=($UserVal->"password") ssid-regexp="-wpa\$" place-before=$PlaceBefore;
|
||||
|
||||
:local Entry [ / caps-man access-list find where mac-address=$MacAddress \
|
||||
:local Entry [ /caps-man/access-list/find where mac-address=$MacAddress \
|
||||
comment=("hotspot-to-wpa: " . $UserName . ", " . $MacAddress . ", " . $Date) ];
|
||||
:local PrivatePassphrase [ $EitherOr ($UserInfo->"private-passphrase") ($Template->"private-passphrase") ];
|
||||
:if ([ :len $PrivatePassphrase ] > 0) do={
|
||||
:if ($PrivatePassphrase = "ignore") do={
|
||||
/ caps-man access-list set $Entry !private-passphrase;
|
||||
/caps-man/access-list/set $Entry !private-passphrase;
|
||||
} else={
|
||||
/ caps-man access-list set $Entry private-passphrase=$PrivatePassphrase;
|
||||
/caps-man/access-list/set $Entry private-passphrase=$PrivatePassphrase;
|
||||
}
|
||||
}
|
||||
:local SsidRegexp [ $EitherOr ($UserInfo->"ssid-regexp") ($Template->"ssid-regexp") ];
|
||||
:if ([ :len $SsidRegexp ] > 0) do={
|
||||
/ caps-man access-list set $Entry ssid-regexp=$SsidRegexp;
|
||||
/caps-man/access-list/set $Entry ssid-regexp=$SsidRegexp;
|
||||
}
|
||||
:local VlanId [ $EitherOr ($UserInfo->"vlan-id") ($Template->"vlan-id") ];
|
||||
:if ([ :len $VlanId ] > 0) do={
|
||||
/ caps-man access-list set $Entry vlan-id=$VlanId;
|
||||
/caps-man/access-list/set $Entry vlan-id=$VlanId;
|
||||
}
|
||||
:local VlanMode [ $EitherOr ($UserInfo->"vlan-mode") ($Template->"vlan-mode") ];
|
||||
:if ([ :len $VlanMode] > 0) do={
|
||||
/ caps-man access-list set $Entry vlan-mode=$VlanMode;
|
||||
/caps-man/access-list/set $Entry vlan-mode=$VlanMode;
|
||||
}
|
||||
|
|
|
@ -17,35 +17,35 @@
|
|||
|
||||
$ScriptLock $0 false 10;
|
||||
|
||||
:foreach Client in=[ / caps-man registration-table find where comment~"^hotspot-to-wpa:" ] do={
|
||||
:local ClientVal [ / caps-man registration-table get $Client ];
|
||||
:local Lease [ / ip dhcp-server lease find where server~"wpa" dynamic \
|
||||
:foreach Client in=[ /caps-man/registration-table/find where comment~"^hotspot-to-wpa:" ] do={
|
||||
:local ClientVal [ /caps-man/registration-table/get $Client ];
|
||||
:local Lease [ /ip/dhcp-server/lease/find where server~"wpa" dynamic \
|
||||
mac-address=($ClientVal->"mac-address") ];
|
||||
:if ([ :len $Lease ] > 0) do={
|
||||
$LogPrintExit2 info $0 ("Client with mac address " . ($ClientVal->"mac-address") . \
|
||||
" connected to WPA, making lease static.") false;
|
||||
/ ip dhcp-server lease make-static $Lease;
|
||||
/ ip dhcp-server lease set comment=($ClientVal->"comment") $Lease;
|
||||
/ip/dhcp-server/lease/make-static $Lease;
|
||||
/ip/dhcp-server/lease/set comment=($ClientVal->"comment") $Lease;
|
||||
}
|
||||
}
|
||||
|
||||
:foreach Client in=[ / caps-man access-list find where comment~"^hotspot-to-wpa:" and \
|
||||
!(comment~[ / system clock get date ]) ] do={
|
||||
:local ClientVal [ / caps-man access-list get $Client ];
|
||||
:if ([ :len [ / ip dhcp-server lease find where server~"wpa" !dynamic \
|
||||
:foreach Client in=[ /caps-man/access-list/find where comment~"^hotspot-to-wpa:" and \
|
||||
!(comment~[ /system/clock/get date ]) ] do={
|
||||
:local ClientVal [ /caps-man/access-list/get $Client ];
|
||||
:if ([ :len [ /ip/dhcp-server/lease/find where server~"wpa" !dynamic \
|
||||
mac-address=($ClientVal->"mac-address") ] ] = 0) do={
|
||||
$LogPrintExit2 info $0 ("Client with mac address " . ($ClientVal->"mac-address") . \
|
||||
" did not connect to WPA, removing from access list.") false;
|
||||
/ caps-man access-list remove $Client;
|
||||
/caps-man/access-list/remove $Client;
|
||||
}
|
||||
}
|
||||
|
||||
:foreach Lease in=[ / ip dhcp-server lease find where !dynamic status=waiting \
|
||||
:foreach Lease in=[ /ip/dhcp-server/lease/find where !dynamic status=waiting \
|
||||
last-seen>4w comment~"^hotspot-to-wpa:" ] do={
|
||||
:local LeaseVal [ / ip dhcp-server lease get $Lease ];
|
||||
:local LeaseVal [ /ip/dhcp-server/lease/get $Lease ];
|
||||
$LogPrintExit2 info $0 ("Client with mac address " . ($LeaseVal->"mac-address") . \
|
||||
" was not seen for long time, removing.") false;
|
||||
/ caps-man access-list remove [ find where comment~"^hotspot-to-wpa:" \
|
||||
/caps-man/access-list/remove [ find where comment~"^hotspot-to-wpa:" \
|
||||
mac-address=($LeaseVal->"mac-address") ];
|
||||
/ ip dhcp-server lease remove $Lease;
|
||||
/ip/dhcp-server/lease/remove $Lease;
|
||||
}
|
||||
|
|
|
@ -6,13 +6,13 @@
|
|||
# enable or disable ip addresses based on bridge port state
|
||||
# https://git.eworm.de/cgit/routeros-scripts/about/doc/ip-addr-bridge.md
|
||||
|
||||
:foreach Bridge in=[ / interface bridge find ] do={
|
||||
:local BrName [ / interface bridge get $Bridge name ];
|
||||
:if ([ :len [ / interface bridge port find where bridge=$BrName ] ] > 0) do={
|
||||
:if ([ :len [ / interface bridge port find where bridge=$BrName and inactive=no ] ] = 0) do={
|
||||
/ ip address disable [ find where !dynamic interface=$BrName ];
|
||||
:foreach Bridge in=[ /interface/bridge/find ] do={
|
||||
:local BrName [ /interface/bridge/get $Bridge name ];
|
||||
:if ([ :len [ /interface/bridge/port/find where bridge=$BrName ] ] > 0) do={
|
||||
:if ([ :len [ /interface/bridge/port/find where bridge=$BrName and inactive=no ] ] = 0) do={
|
||||
/ip/address/disable [ find where !dynamic interface=$BrName ];
|
||||
} else={
|
||||
/ ip address enable [ find where !dynamic interface=$BrName ];
|
||||
/ip/address/enable [ find where !dynamic interface=$BrName ];
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
26
ipsec-to-dns
26
ipsec-to-dns
|
@ -26,43 +26,43 @@
|
|||
:local CommentPrefix ("managed by " . $0 . " for ");
|
||||
:local CommentString ("--- " . $0 . " above ---");
|
||||
|
||||
:if ([ :len [ / ip dns static find where comment=$CommentString name=- type=NXDOMAIN disabled ] ] = 0) do={
|
||||
/ ip dns static add comment=$CommentString name=- type=NXDOMAIN disabled=yes;
|
||||
:if ([ :len [ /ip/dns/static/find where comment=$CommentString name=- type=NXDOMAIN disabled ] ] = 0) do={
|
||||
/ip/dns/static/add comment=$CommentString name=- type=NXDOMAIN disabled=yes;
|
||||
$LogPrintExit2 warning $0 ("Added disabled static dns record with comment '" . $CommentString . "'.") false;
|
||||
}
|
||||
:local PlaceBefore ([ / ip dns static find where comment=$CommentString name=- type=NXDOMAIN disabled ]->0);
|
||||
:local PlaceBefore ([ /ip/dns/static/find where comment=$CommentString name=- type=NXDOMAIN disabled ]->0);
|
||||
|
||||
:foreach DnsRecord in=[ / ip dns static find where comment ~ $CommentPrefix ] do={
|
||||
:local DnsRecordVal [ / ip dns static get $DnsRecord ];
|
||||
:foreach DnsRecord in=[ /ip/dns/static/find where comment ~ $CommentPrefix ] do={
|
||||
:local DnsRecordVal [ /ip/dns/static/get $DnsRecord ];
|
||||
:local PeerId [ $CharacterReplace ($DnsRecordVal->"comment") $CommentPrefix "" ];
|
||||
:if ([ :len [ / ip ipsec active-peers find where id=$PeerId dynamic-address=($DnsRecordVal->"address") ] ] > 0) do={
|
||||
:if ([ :len [ /ip/ipsec/active-peers/find where id=$PeerId dynamic-address=($DnsRecordVal->"address") ] ] > 0) do={
|
||||
$LogPrintExit2 debug $0 ("Peer " . $PeerId . " (" . $DnsRecordVal->"name" . ") still exists. Not deleting DNS entry.") false;
|
||||
} else={
|
||||
:local Found false;
|
||||
$LogPrintExit2 info $0 ("Peer " . $PeerId . " (" . $DnsRecordVal->"name" . ") has gone, deleting DNS entry.") false;
|
||||
/ ip dns static remove $DnsRecord;
|
||||
/ip/dns/static/remove $DnsRecord;
|
||||
}
|
||||
}
|
||||
|
||||
:foreach Peer in=[ / ip ipsec active-peers find where !(dynamic-address=[]) ] do={
|
||||
:local PeerVal [ / ip ipsec active-peers get $Peer ];
|
||||
:foreach Peer in=[ /ip/ipsec/active-peers/find where !(dynamic-address=[]) ] do={
|
||||
:local PeerVal [ /ip/ipsec/active-peers/get $Peer ];
|
||||
:local Comment ($CommentPrefix . $PeerVal->"id");
|
||||
:put ($PeerVal->"id");
|
||||
:local HostName [ :pick ($PeerVal->"id") 0 [ :find ($PeerVal->"id" . ".") "." ] ];
|
||||
:put $HostName;
|
||||
|
||||
:local Fqdn ($HostName . "." . $Zone);
|
||||
:local DnsRecord [ / ip dns static find where name=$Fqdn ];
|
||||
:local DnsRecord [ /ip/dns/static/find where name=$Fqdn ];
|
||||
:if ([ :len $DnsRecord ] > 0) do={
|
||||
:local DnsIp [ / ip dns static get $DnsRecord address ];
|
||||
:local DnsIp [ /ip/dns/static/get $DnsRecord address ];
|
||||
:if ($DnsIp = $PeerVal->"dynamic-address") do={
|
||||
$LogPrintExit2 debug $0 ("DNS entry for " . $Fqdn . " does not need updating.") false;
|
||||
} else={
|
||||
$LogPrintExit2 info $0 ("Replacing DNS entry for " . $Fqdn . ", new address is " . $PeerVal->"dynamic-address" . ".") false;
|
||||
/ ip dns static set name=$Fqdn address=($PeerVal->"dynamic-address") ttl=$Ttl comment=$Comment $DnsRecord;
|
||||
/ip/dns/static/set name=$Fqdn address=($PeerVal->"dynamic-address") ttl=$Ttl comment=$Comment $DnsRecord;
|
||||
}
|
||||
} else={
|
||||
$LogPrintExit2 info $0 ("Adding new DNS entry for " . $Fqdn . ", address is " . $PeerVal->"dynamic-address" . ".") false;
|
||||
/ ip dns static add name=$Fqdn address=($PeerVal->"dynamic-address") ttl=$Ttl comment=$Comment place-before=$PlaceBefore;
|
||||
/ip/dns/static/add name=$Fqdn address=($PeerVal->"dynamic-address") ttl=$Ttl comment=$Comment place-before=$PlaceBefore;
|
||||
}
|
||||
}
|
||||
|
|
30
ipv6-update
30
ipv6-update
|
@ -19,44 +19,44 @@
|
|||
$LogPrintExit2 error $0 ("This script is supposed to run from ipv6 dhcp-client.") true;
|
||||
}
|
||||
|
||||
:local Pool [ / ipv6 pool get [ find where prefix=$PdPrefix ] name ];
|
||||
:if ([ :len [ / ipv6 firewall address-list find where comment=("ipv6-pool-" . $Pool) ] ] = 0) do={
|
||||
/ ipv6 firewall address-list add list=("ipv6-pool-" . $Pool) address=:: comment=("ipv6-pool-" . $Pool);
|
||||
:local Pool [ /ipv6/pool/get [ find where prefix=$PdPrefix ] name ];
|
||||
:if ([ :len [ /ipv6/firewall/address-list/find where comment=("ipv6-pool-" . $Pool) ] ] = 0) do={
|
||||
/ipv6/firewall/address-list/add list=("ipv6-pool-" . $Pool) address=:: comment=("ipv6-pool-" . $Pool);
|
||||
$LogPrintExit2 warning $0 ("Added ipv6 address list entry for ipv6-pool-" . $Pool) false;
|
||||
}
|
||||
:local AddrList [ / ipv6 firewall address-list find where comment=("ipv6-pool-" . $Pool) ];
|
||||
:local OldPrefix [ / ipv6 firewall address-list get ($AddrList->0) address ];
|
||||
:local AddrList [ /ipv6/firewall/address-list/find where comment=("ipv6-pool-" . $Pool) ];
|
||||
:local OldPrefix [ /ipv6/firewall/address-list/get ($AddrList->0) address ];
|
||||
|
||||
:if ($OldPrefix != $PdPrefix) do={
|
||||
$LogPrintExit2 info $0 ("Updating IPv6 address list with new IPv6 prefix " . $PdPrefix) false;
|
||||
/ ipv6 firewall address-list set address=$PdPrefix $AddrList;
|
||||
/ipv6/firewall/address-list/set address=$PdPrefix $AddrList;
|
||||
|
||||
# give the interfaces a moment to receive their addresses
|
||||
:delay 2s;
|
||||
|
||||
:foreach ListEntry in=[ / ipv6 firewall address-list find where comment~("^ipv6-pool-" . $Pool . ",") ] do={
|
||||
:local ListEntryVal [ / ipv6 firewall address-list get $ListEntry ];
|
||||
:foreach ListEntry in=[ /ipv6/firewall/address-list/find where comment~("^ipv6-pool-" . $Pool . ",") ] do={
|
||||
:local ListEntryVal [ /ipv6/firewall/address-list/get $ListEntry ];
|
||||
:local Comment [ $ParseKeyValueStore ($ListEntryVal->"comment") ];
|
||||
|
||||
:local Address [ / ipv6 address find where from-pool=$Pool interface=($Comment->"interface") ];
|
||||
:local Address [ /ipv6/address/find where from-pool=$Pool interface=($Comment->"interface") ];
|
||||
:if ([ :len $Address ] = 1) do={
|
||||
:set Address [ / ipv6 address get $Address address ];
|
||||
:set Address [ /ipv6/address/get $Address address ];
|
||||
$LogPrintExit2 info $0 ("Updating IPv6 address list with new IPv6 prefix " . $Address . \
|
||||
" from interface " . ($Comment->"interface")) false;
|
||||
/ ipv6 firewall address-list set address=$Address $ListEntry;
|
||||
/ipv6/firewall/address-list/set address=$Address $ListEntry;
|
||||
}
|
||||
}
|
||||
|
||||
:foreach Record in=[ / ip dns static find where comment~("^ipv6-pool-" . $Pool . ",") ] do={
|
||||
:local RecordVal [ / ip dns static get $Record ];
|
||||
:foreach Record in=[ /ip/dns/static/find where comment~("^ipv6-pool-" . $Pool . ",") ] do={
|
||||
:local RecordVal [ /ip/dns/static/get $Record ];
|
||||
:local Comment [ $ParseKeyValueStore ($RecordVal->"comment") ];
|
||||
|
||||
:local Prefix [ / ipv6 address get [ find where interface=($Comment->"interface") from-pool=$Pool global ] address ];
|
||||
:local Prefix [ /ipv6/address/get [ find where interface=($Comment->"interface") from-pool=$Pool global ] address ];
|
||||
:set Prefix ([ :toip6 [ :pick $Prefix 0 [ :find $Prefix "/64" ] ] ] & ffff:ffff:ffff:ffff::);
|
||||
:local Address ($Prefix | ([ :toip6 ($RecordVal->"address") ] & ::ffff:ffff:ffff:ffff));
|
||||
|
||||
$LogPrintExit2 info $0 ("Updating DNS record for " . ($RecordVal->"name") . \
|
||||
($RecordVal->"regexp") . " to " . $Address) false;
|
||||
/ ip dns static set address=$Address $Record;
|
||||
/ip/dns/static/set address=$Address $Record;
|
||||
}
|
||||
}
|
||||
|
|
|
@ -7,7 +7,7 @@
|
|||
|
||||
:local NewVlanId 33;
|
||||
|
||||
:if ([ :len [ / interface ethernet switch mac-based-vlan find where src-mac-address=$leaseActMAC ] ] = 0 ) do={
|
||||
:if ([ :len [ /interface/ethernet/switch/mac-based-vlan/find where src-mac-address=$leaseActMAC ] ] = 0 ) do={
|
||||
:log info ("MAC-based-VLAN: learning MAC address " . $leaseActMAC . " for VLAN " . $NewVlanId . ".");
|
||||
/ interface ethernet switch mac-based-vlan add src-mac-address=$leaseActMAC new-customer-vid=$NewVlanId;
|
||||
/interface/ethernet/switch/mac-based-vlan/add src-mac-address=$leaseActMAC new-customer-vid=$NewVlanId;
|
||||
}
|
||||
|
|
10
lease-script
10
lease-script
|
@ -27,15 +27,15 @@ $LogPrintExit2 debug $0 ("DHCP Server " . $leaseServerName . " " . [ $IfThenElse
|
|||
|
||||
$ScriptLock $0 false 10;
|
||||
|
||||
:if ([ :len [ / system script job find where script=$0 ] ] > 1) do={
|
||||
:if ([ :len [ /system/script/job/find where script=$0 ] ] > 1) do={
|
||||
$LogPrintExit2 debug $0 ("More invocations are waiting, exiting early.") true;
|
||||
}
|
||||
|
||||
:local RunOrder [ :toarray "" ];
|
||||
|
||||
:foreach Script in=[ / system script find where source~("\n# provides: lease-script, ") ] do={
|
||||
:local Name [ / system script get $Script name ];
|
||||
:local Store [ / system script get $Script source ];
|
||||
:foreach Script in=[ /system/script/find where source~("\n# provides: lease-script, ") ] do={
|
||||
:local Name [ /system/script/get $Script name ];
|
||||
:local Store [ /system/script/get $Script source ];
|
||||
|
||||
:set Store [ :pick $Store ([ :find $Store "\n# provides: lease-script, " ] + 27) [ :len $Store ] ];
|
||||
:set Store [ :pick $Store 0 [ :find $Store "\n" ] ];
|
||||
|
@ -47,7 +47,7 @@ $ScriptLock $0 false 10;
|
|||
:foreach Order,Script in=$RunOrder do={
|
||||
:do {
|
||||
$LogPrintExit2 debug $0 ("Running script with order " . $Order . ": " . $Script) false;
|
||||
/ system script run $Script;
|
||||
/system/script/run $Script;
|
||||
} on-error={
|
||||
$LogPrintExit2 warning $0 ("Running script '" . $Script . "' failed!") false;
|
||||
}
|
||||
|
|
|
@ -6,4 +6,4 @@
|
|||
# enable LEDs
|
||||
# https://git.eworm.de/cgit/routeros-scripts/about/doc/leds-mode.md
|
||||
|
||||
/ system leds settings set all-leds-off=never;
|
||||
/system/leds/settings/set all-leds-off=never;
|
||||
|
|
|
@ -6,4 +6,4 @@
|
|||
# disable LEDs
|
||||
# https://git.eworm.de/cgit/routeros-scripts/about/doc/leds-mode.md
|
||||
|
||||
/ system leds settings set all-leds-off=immediate;
|
||||
/system/leds/settings/set all-leds-off=immediate;
|
||||
|
|
|
@ -6,8 +6,8 @@
|
|||
# toggle LEDs mode
|
||||
# https://git.eworm.de/cgit/routeros-scripts/about/doc/leds-mode.md
|
||||
|
||||
:if ([ / system leds settings get all-leds-off ] = "never") do={
|
||||
/ system leds settings set all-leds-off=immediate;
|
||||
:if ([ /system/leds/settings/get all-leds-off ] = "never") do={
|
||||
/system/leds/settings/set all-leds-off=immediate;
|
||||
} else={
|
||||
/ system leds settings set all-leds-off=never;
|
||||
/system/leds/settings/set all-leds-off=never;
|
||||
}
|
||||
|
|
|
@ -52,10 +52,10 @@ $WaitFullyConnected;
|
|||
:local LogForwardFilterLogForwarding ("^" . [ $EscapeForRegEx ("Error sending e-mail <" . \
|
||||
[ $QuotedPrintable ("[" . $Identity . "] " . [ $SymbolForNotification "warning-sign" ] . \
|
||||
"Log Forwarding") ] . ">:") ]);
|
||||
:foreach Message in=[ / log find where (!(message="") and !(message~$LogForwardFilterLogForwarding) and \
|
||||
:foreach Message in=[ /log/find where (!(message="") and !(message~$LogForwardFilterLogForwarding) and \
|
||||
!(topics~$LogForwardFilter) and !(message~$LogForwardFilterMessage)) or \
|
||||
topics~$LogForwardInclude or message~$LogForwardIncludeMessage ] do={
|
||||
:set MessageVal [ / log get $Message ];
|
||||
:set MessageVal [ /log/get $Message ];
|
||||
|
||||
:if ($Last < [ $HexToNum ($MessageVal->".id") ]) do={
|
||||
:local DupCount ($MessageDups->($MessageVal->"message"));
|
||||
|
@ -75,7 +75,7 @@ $WaitFullyConnected;
|
|||
subject=([ $SymbolForNotification "warning-sign" ] . "Log Forwarding"); \
|
||||
message=("The log on " . $Identity . " contains " . [ $IfThenElse ($Count = 1) \
|
||||
"this message" ("these " . $Count . " messages") ] . " after " . \
|
||||
[ / system resource get uptime ] . " uptime." . [ $IfThenElse ($Duplicates = true) \
|
||||
[ /system/resource/get uptime ] . " uptime." . [ $IfThenElse ($Duplicates = true) \
|
||||
(" Multi-repeated messages have been skipped.") ] . "\n" . $Messages) });
|
||||
|
||||
:set LogForwardRateLimit ($LogForwardRateLimit + 10);
|
||||
|
|
12
manage-umts
12
manage-umts
|
@ -9,21 +9,21 @@
|
|||
:local WlanInt "wl-station";
|
||||
:local UmtsInt "t-mobile";
|
||||
|
||||
:local EtherStatus [ / interface ethernet get $EtherInt running ];
|
||||
:local WlanStatus [ / interface wireless get $WlanInt running ];
|
||||
:local EtherStatus [ /interface/ethernet/get $EtherInt running ];
|
||||
:local WlanStatus [ /interface/wireless/get $WlanInt running ];
|
||||
|
||||
:if ($EtherStatus = true || $WlanStatus = true) do={
|
||||
:if ([ / interface get $UmtsInt disabled ] = false) do={
|
||||
:if ([ /interface/get $UmtsInt disabled ] = false) do={
|
||||
:log info ("Ethernet (" . $EtherInt . " / " . $EtherStatus . ") or " . \
|
||||
"wireless (" . $WlanInt . " / " . $WlanStatus . ") is running, " . \
|
||||
"UMTS interface " . $UmtsInt . " is enabled. Disabling...");
|
||||
/ interface set disabled=yes $UmtsInt;
|
||||
/interface/set disabled=yes $UmtsInt;
|
||||
}
|
||||
} else={
|
||||
:if ([ / interface get $UmtsInt disabled ] = true) do={
|
||||
:if ([ /interface/get $UmtsInt disabled ] = true) do={
|
||||
:log info ("Neither ethernet (" . $EtherInt . ") nor wireless (" . \
|
||||
$WlanInt . ") interface is running, UMTS interface " . $UmtsInt . \
|
||||
" is disabled. Enabling...");
|
||||
/ interface set disabled=no $UmtsInt;
|
||||
/interface/set disabled=no $UmtsInt;
|
||||
}
|
||||
}
|
||||
|
|
|
@ -15,34 +15,34 @@
|
|||
:global LogPrintExit2;
|
||||
:global ParseKeyValueStore;
|
||||
|
||||
:foreach BridgePort in=[ / interface bridge port find where !(comment=[]) ] do={
|
||||
:local BridgePortVal [ / interface bridge port get $BridgePort ];
|
||||
:foreach BridgePort in=[ /interface/bridge/port/find where !(comment=[]) ] do={
|
||||
:local BridgePortVal [ /interface/bridge/port/get $BridgePort ];
|
||||
:foreach Config,BridgeDefault in=[ $ParseKeyValueStore ($BridgePortVal->"comment") ] do={
|
||||
:if ($Config = $BridgePortTo) do={
|
||||
:local DHCPClient [ / ip dhcp-client find where interface=$BridgePortVal->"interface" comment="toggle with bridge port" ];
|
||||
:local DHCPClient [ /ip/dhcp-client/find where interface=$BridgePortVal->"interface" comment="toggle with bridge port" ];
|
||||
|
||||
:if ($BridgeDefault = "dhcp-client") do={
|
||||
:if ([ :len $DHCPClient ] != 1) do={
|
||||
$LogPrintExit2 warning $0 ([ $IfThenElse ([ :len $DHCPClient ] = 0) "Missing" "Duplicate" ] . \
|
||||
" dhcp client configuration for interface " . $BridgePortVal->"interface" . "!") true;
|
||||
}
|
||||
:local DHCPClientDisabled [ / ip dhcp-client get $DHCPClient disabled ];
|
||||
:local DHCPClientDisabled [ /ip/dhcp-client/get $DHCPClient disabled ];
|
||||
|
||||
:if ($BridgePortVal->"disabled" = false || $DHCPClientDisabled = true) do={
|
||||
$LogPrintExit2 info $0 ("Disabling bridge port for interface " . $BridgePortVal->"interface" . ", enabling dhcp client.") false;
|
||||
/ interface bridge port disable $BridgePort;
|
||||
/interface/bridge/port/disable $BridgePort;
|
||||
:delay 200ms;
|
||||
/ ip dhcp-client enable $DHCPClient;
|
||||
/ip/dhcp-client/enable $DHCPClient;
|
||||
}
|
||||
} else={
|
||||
:if ($BridgePortVal->"disabled" = true || $BridgeDefault != $BridgePortVal->"bridge") do={
|
||||
$LogPrintExit2 info $0 ("Enabling bridge port for interface " . $BridgePortVal->"interface" . ", changing to " . $BridgePortTo . \
|
||||
" bridge " . $BridgeDefault . ", disabling dhcp client.") false;
|
||||
:if ([ :len $DHCPClient ] = 1) do={
|
||||
/ ip dhcp-client disable $DHCPClient;
|
||||
/ip/dhcp-client/disable $DHCPClient;
|
||||
:delay 200ms;
|
||||
}
|
||||
/ interface bridge port set disabled=no bridge=$BridgeDefault $BridgePort;
|
||||
/interface/bridge/port/set disabled=no bridge=$BridgeDefault $BridgePort;
|
||||
} else={
|
||||
$LogPrintExit2 debug $0 ("Interface " . $BridgePortVal->"interface" . " already connected to " . $BridgePortTo . \
|
||||
" bridge " . $BridgeDefault . ".") false;
|
||||
|
|
|
@ -16,29 +16,29 @@
|
|||
:global LogPrintExit2;
|
||||
:global ParseKeyValueStore;
|
||||
|
||||
:foreach BridgePort in=[ / interface bridge port find where !(comment=[]) ] do={
|
||||
:local BridgePortVal [ / interface bridge port get $BridgePort ];
|
||||
:foreach BridgePort in=[ /interface/bridge/port/find where !(comment=[]) ] do={
|
||||
:local BridgePortVal [ /interface/bridge/port/get $BridgePort ];
|
||||
:foreach Config,Vlan in=[ $ParseKeyValueStore ($BridgePortVal->"comment") ] do={
|
||||
:if ($Config = $ConfigTo) do={
|
||||
:local DHCPClient [ / ip dhcp-client find where interface=$BridgePortVal->"interface" comment="toggle with bridge port" ];
|
||||
:local DHCPClient [ /ip/dhcp-client/find where interface=$BridgePortVal->"interface" comment="toggle with bridge port" ];
|
||||
|
||||
:if ($Vlan = "dhcp-client") do={
|
||||
:if ([ :len $DHCPClient ] != 1) do={
|
||||
$LogPrintExit2 warning $0 ([ $IfThenElse ([ :len $DHCPClient ] = 0) "Missing" "Duplicate" ] . \
|
||||
" dhcp client configuration for interface " . $BridgePortVal->"interface" . "!") true;
|
||||
}
|
||||
:local DHCPClientDisabled [ / ip dhcp-client get $DHCPClient disabled ];
|
||||
:local DHCPClientDisabled [ /ip/dhcp-client/get $DHCPClient disabled ];
|
||||
|
||||
:if ($BridgePortVal->"disabled" = false || $DHCPClientDisabled = true) do={
|
||||
$LogPrintExit2 info $0 ("Disabling bridge port for interface " . $BridgePortVal->"interface" . ", enabling dhcp client.") false;
|
||||
/ interface bridge port disable $BridgePort;
|
||||
/interface/bridge/port/disable $BridgePort;
|
||||
:delay 200ms;
|
||||
/ ip dhcp-client enable $DHCPClient;
|
||||
/ip/dhcp-client/enable $DHCPClient;
|
||||
}
|
||||
} else={
|
||||
:if ($Vlan != [ :tostr [ :tonum $Vlan ] ]) do={
|
||||
:do {
|
||||
:set $Vlan ([ / interface bridge vlan get [ find where comment=$Vlan ] vlan-ids ]->0);
|
||||
:set $Vlan ([ /interface/bridge/vlan/get [ find where comment=$Vlan ] vlan-ids ]->0);
|
||||
} on-error={
|
||||
$LogPrintExit2 warning $0 ("Could not find VLAN '" . $Vlan . "' for interface " . $BridgePortVal->"interface" . "!") true;
|
||||
}
|
||||
|
@ -47,10 +47,10 @@
|
|||
$LogPrintExit2 info $0 ("Enabling bridge port for interface " . $BridgePortVal->"interface" . ", changing to " . $ConfigTo . \
|
||||
" vlan " . $Vlan . ", disabling dhcp client.") false;
|
||||
:if ([ :len $DHCPClient ] = 1) do={
|
||||
/ ip dhcp-client disable $DHCPClient;
|
||||
/ip/dhcp-client/disable $DHCPClient;
|
||||
:delay 200ms;
|
||||
}
|
||||
/ interface bridge port set disabled=no pvid=$Vlan $BridgePort;
|
||||
/interface/bridge/port/set disabled=no pvid=$Vlan $BridgePort;
|
||||
} else={
|
||||
$LogPrintExit2 debug $0 ("Interface " . $BridgePortVal->"interface" . " already connected to " . $ConfigTo . \
|
||||
" vlan " . $Vlan . ".") false;
|
||||
|
|
|
@ -18,14 +18,14 @@
|
|||
:local AllDone true;
|
||||
:local QueueLen [ :len $MatrixQueue ];
|
||||
|
||||
:if ([ :len [ / system scheduler find where name="FlushMatrixQueue" ] ] > 0 && $QueueLen = 0) do={
|
||||
:if ([ :len [ /system/scheduler/find where name="FlushMatrixQueue" ] ] > 0 && $QueueLen = 0) do={
|
||||
$LogPrintExit2 warning $0 ("Flushing Matrix messages from scheduler, but queue is empty.") false;
|
||||
}
|
||||
|
||||
:foreach Id,Message in=$MatrixQueue do={
|
||||
:if ([ :typeof $Message ] = "array" ) do={
|
||||
:do {
|
||||
/ tool fetch check-certificate=yes-without-crl output=none http-method=post \
|
||||
/tool/fetch check-certificate=yes-without-crl output=none http-method=post \
|
||||
("https://" . $Message->"homeserver" . "/_matrix/client/r0/rooms/" . $Message->"room" . \
|
||||
"/send/m.room.message?access_token=" . $Message->"accesstoken") \
|
||||
http-data=("{ \"msgtype\": \"m.text\", \"body\": \"" . $Message->"plain" . "\"," . \
|
||||
|
@ -40,7 +40,7 @@
|
|||
}
|
||||
|
||||
:if ($AllDone = true && $QueueLen = [ :len $MatrixQueue ]) do={
|
||||
/ system scheduler remove [ find where name="FlushMatrixQueue" ];
|
||||
/system/scheduler/remove [ find where name="FlushMatrixQueue" ];
|
||||
:set MatrixQueue;
|
||||
}
|
||||
}
|
||||
|
@ -113,7 +113,7 @@
|
|||
}
|
||||
|
||||
:do {
|
||||
/ tool fetch check-certificate=yes-without-crl output=none http-method=post \
|
||||
/tool/fetch check-certificate=yes-without-crl output=none http-method=post \
|
||||
("https://" . $HomeServer . "/_matrix/client/r0/rooms/" . $Room . \
|
||||
"/send/m.room.message?access_token=" . $AccessToken) \
|
||||
http-data=("{ \"msgtype\": \"m.text\", \"body\": \"" . $Plain . "\"," . \
|
||||
|
@ -126,15 +126,15 @@
|
|||
:set MatrixQueue [ :toarray "" ];
|
||||
}
|
||||
:local Text ([ $SymbolForNotification "alarm-clock" ] . \
|
||||
"This message was queued since " . [ / system clock get date ] . \
|
||||
" " . [ / system clock get time ] . " and may be obsolete.");
|
||||
"This message was queued since " . [ /system/clock/get date ] . \
|
||||
" " . [ /system/clock/get time ] . " and may be obsolete.");
|
||||
:set Plain ($Plain . "\\n" . $Text);
|
||||
:set Formatted ($Formatted . "<br/>" . $Text);
|
||||
:set ($MatrixQueue->[ :len $MatrixQueue ]) { room=$Room; \
|
||||
accesstoken=$AccessToken; homeserver=$HomeServer; \
|
||||
plain=$Plain; formatted=$Formatted };
|
||||
:if ([ :len [ / system scheduler find where name="FlushMatrixQueue" ] ] = 0) do={
|
||||
/ system scheduler add name=FlushMatrixQueue interval=1m start-time=startup \
|
||||
:if ([ :len [ /system/scheduler/find where name="FlushMatrixQueue" ] ] = 0) do={
|
||||
/system/scheduler/add name=FlushMatrixQueue interval=1m start-time=startup \
|
||||
on-event=(":global FlushMatrixQueue; \$FlushMatrixQueue;");
|
||||
}
|
||||
}
|
||||
|
|
|
@ -17,14 +17,14 @@
|
|||
:local AllDone true;
|
||||
:local QueueLen [ :len $TelegramQueue ];
|
||||
|
||||
:if ([ :len [ / system scheduler find where name="FlushTelegramQueue" ] ] > 0 && $QueueLen = 0) do={
|
||||
:if ([ :len [ /system/scheduler/find where name="FlushTelegramQueue" ] ] > 0 && $QueueLen = 0) do={
|
||||
$LogPrintExit2 warning $0 ("Flushing Telegram messages from scheduler, but queue is empty.") false;
|
||||
}
|
||||
|
||||
:foreach Id,Message in=$TelegramQueue do={
|
||||
:if ([ :typeof $Message ] = "array" ) do={
|
||||
:do {
|
||||
/ tool fetch check-certificate=yes-without-crl output=none http-method=post \
|
||||
/tool/fetch check-certificate=yes-without-crl output=none http-method=post \
|
||||
("https://api.telegram.org/bot" . ($Message->"tokenid") . "/sendMessage") \
|
||||
http-data=("chat_id=" . ($Message->"chatid") . \
|
||||
"&disable_notification=" . ($Message->"silent") . \
|
||||
|
@ -39,7 +39,7 @@
|
|||
}
|
||||
|
||||
:if ($AllDone = true && $QueueLen = [ :len $TelegramQueue ]) do={
|
||||
/ system scheduler remove [ find where name="FlushTelegramQueue" ];
|
||||
/system/scheduler/remove [ find where name="FlushTelegramQueue" ];
|
||||
:set TelegramQueue;
|
||||
}
|
||||
}
|
||||
|
@ -125,7 +125,7 @@
|
|||
:if ([ $CertificateAvailable "Go Daddy Secure Certificate Authority - G2" ] = false) do={
|
||||
$LogPrintExit2 warning $0 ("Downloading required certificate failed.") true;
|
||||
}
|
||||
/ tool fetch check-certificate=yes-without-crl output=none http-method=post \
|
||||
/tool/fetch check-certificate=yes-without-crl output=none http-method=post \
|
||||
("https://api.telegram.org/bot" . $TokenId . "/sendMessage") \
|
||||
http-data=("chat_id=" . $ChatId . "&disable_notification=" . ($Notification->"silent") . \
|
||||
"&disable_web_page_preview=true&parse_mode=" . $ParseMode . "&text=" . $Text) as-value;
|
||||
|
@ -136,12 +136,12 @@
|
|||
:set TelegramQueue [ :toarray "" ];
|
||||
}
|
||||
:set Text ($Text . [ $UrlEncode ("\n" . [ $SymbolForNotification "alarm-clock" ] . \
|
||||
[ $EscapeMD ("This message was queued since " . [ / system clock get date ] . \
|
||||
" " . [ / system clock get time ] . " and may be obsolete.") "plain" ]) ]);
|
||||
[ $EscapeMD ("This message was queued since " . [ /system/clock/get date ] . \
|
||||
" " . [ /system/clock/get time ] . " and may be obsolete.") "plain" ]) ]);
|
||||
:set ($TelegramQueue->[ :len $TelegramQueue ]) { chatid=$ChatId; tokenid=$TokenId;
|
||||
parsemode=$ParseMode; text=$Text; silent=($Notification->"silent") };
|
||||
:if ([ :len [ / system scheduler find where name="FlushTelegramQueue" ] ] = 0) do={
|
||||
/ system scheduler add name=FlushTelegramQueue interval=1m start-time=startup \
|
||||
:if ([ :len [ /system/scheduler/find where name="FlushTelegramQueue" ] ] = 0) do={
|
||||
/system/scheduler/add name=FlushTelegramQueue interval=1m start-time=startup \
|
||||
on-event=(":global FlushTelegramQueue; \$FlushTelegramQueue;");
|
||||
}
|
||||
}
|
||||
|
|
|
@ -25,7 +25,7 @@
|
|||
|
||||
:local Source;
|
||||
:do {
|
||||
:set Source ([ / tool fetch check-certificate=yes-without-crl $Script output=user as-value ]->"data");
|
||||
:set Source ([ /tool/fetch check-certificate=yes-without-crl $Script output=user as-value ]->"data");
|
||||
} on-error={
|
||||
$LogPrintExit2 warning $0 ("Failed fetching script '" . $Script . "'!") false;
|
||||
}
|
||||
|
|
14
mode-button
14
mode-button
|
@ -16,7 +16,7 @@
|
|||
|
||||
:set ($ModeButton->"count") ($ModeButton->"count" + 1);
|
||||
|
||||
:local Scheduler [ / system scheduler find where name="ModeButtonScheduler" ];
|
||||
:local Scheduler [ /system/scheduler/find where name="ModeButtonScheduler" ];
|
||||
|
||||
:if ([ :len $Scheduler ] = 0) do={
|
||||
$LogPrintExit2 info $0 ("Creating scheduler ModeButtonScheduler, counting presses...") false;
|
||||
|
@ -32,11 +32,11 @@
|
|||
|
||||
:global IfThenElse;
|
||||
|
||||
:local LED [ / system leds find where leds=$ModeButtonLED type~"^(on|off)\$" interface=[] ];
|
||||
:local LED [ /system/leds/find where leds=$ModeButtonLED type~"^(on|off)\$" interface=[] ];
|
||||
:if ([ :len $LED ] = 0) do={
|
||||
:return false;
|
||||
}
|
||||
/ system leds set type=[ $IfThenElse ([ get $LED type ] = "on") "off" "on" ] $LED;
|
||||
/system/leds/set type=[ $IfThenElse ([ get $LED type ] = "on") "off" "on" ] $LED;
|
||||
}
|
||||
|
||||
:local Count ($ModeButton->"count");
|
||||
|
@ -44,7 +44,7 @@
|
|||
|
||||
:set ($ModeButton->"count") 0;
|
||||
:set ModeButtonScheduler;
|
||||
/ system scheduler remove ModeButtonScheduler;
|
||||
/system/scheduler/remove ModeButtonScheduler;
|
||||
|
||||
:if ([ :len $Code ] > 0) do={
|
||||
:if ([ $ValidateSyntax $Code ] = true) do={
|
||||
|
@ -52,7 +52,7 @@
|
|||
|
||||
:for I from=1 to=$Count do={
|
||||
$LEDInvert;
|
||||
:if ([ / system routerboard settings get silent-boot ] = false) do={
|
||||
:if ([ /system/routerboard/settings/get silent-boot ] = false) do={
|
||||
:beep length=200ms;
|
||||
}
|
||||
:delay 200ms;
|
||||
|
@ -68,9 +68,9 @@
|
|||
$LogPrintExit2 info $0 ("No action defined for " . $Count . " mode-button presses.") false;
|
||||
}
|
||||
}
|
||||
/ system scheduler add name="ModeButtonScheduler" \
|
||||
/system/scheduler/add name="ModeButtonScheduler" \
|
||||
on-event=":global ModeButtonScheduler; \$ModeButtonScheduler;" interval=3s;
|
||||
} else={
|
||||
$LogPrintExit2 debug $0 ("Updating scheduler ModeButtonScheduler...") false;
|
||||
/ system scheduler set $Scheduler start-time=[ /system clock get time ];
|
||||
/system/scheduler/set $Scheduler start-time=[ /system/clock/get time ];
|
||||
}
|
||||
|
|
30
netwatch-dns
30
netwatch-dns
|
@ -17,16 +17,16 @@
|
|||
|
||||
$ScriptLock $0;
|
||||
|
||||
:if ([ / system resource get uptime ] < 5m) do={
|
||||
:if ([ /system/resource/get uptime ] < 5m) do={
|
||||
$LogPrintExit2 info $0 ("System just booted, giving netwatch some time to settle.") true;
|
||||
}
|
||||
|
||||
:local DnsServers [ :toarray "" ];
|
||||
:local DnsFallback [ :toarray "" ];
|
||||
:local DnsCurrent [ / ip dns get servers ];
|
||||
:local DnsCurrent [ /ip/dns/get servers ];
|
||||
|
||||
:foreach Host in=[ / tool netwatch find where comment~"dns" disabled=no ] do={
|
||||
:local HostVal [ / tool netwatch get $Host ];
|
||||
:foreach Host in=[ /tool/netwatch/find where comment~"dns" disabled=no ] do={
|
||||
:local HostVal [ /tool/netwatch/get $Host ];
|
||||
:local HostInfo [ $ParseKeyValueStore ($HostVal->"comment") ];
|
||||
|
||||
:if ($HostVal->"status" = "up" && $HostInfo->"disabled" != true) do={
|
||||
|
@ -42,24 +42,24 @@ $ScriptLock $0;
|
|||
:if ([ :len $DnsServers ] > 0) do={
|
||||
:if ($DnsServers != $DnsCurrent) do={
|
||||
$LogPrintExit2 info $0 ("Updating DNS servers: " . [ :tostr $DnsServers ]) false;
|
||||
/ ip dns set servers=$DnsServers;
|
||||
/ ip dns cache flush;
|
||||
/ip/dns/set servers=$DnsServers;
|
||||
/ip/dns/cache/flush;
|
||||
}
|
||||
} else={
|
||||
:if ([ :len $DnsFallback ] > 0) do={
|
||||
:if ($DnsFallback != $DnsCurrent) do={
|
||||
$LogPrintExit2 info $0 ("Updating DNS servers to fallback: " . [ :tostr $DnsFallback ]) false;
|
||||
/ ip dns set servers=$DnsFallback;
|
||||
/ ip dns cache flush;
|
||||
/ip/dns/set servers=$DnsFallback;
|
||||
/ip/dns/cache/flush;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
:local DohServer "";
|
||||
:local DohCurrent [ / ip dns get use-doh-server ];
|
||||
:local DohCurrent [ /ip/dns/get use-doh-server ];
|
||||
|
||||
:foreach Host in=[ / tool netwatch find where comment~"doh" disabled=no ] do={
|
||||
:local HostVal [ / tool netwatch get $Host ];
|
||||
:foreach Host in=[ /tool/netwatch/find where comment~"doh" disabled=no ] do={
|
||||
:local HostVal [ /tool/netwatch/get $Host ];
|
||||
:local HostInfo [ $ParseKeyValueStore ($HostVal->"comment") ];
|
||||
|
||||
:if ($HostVal->"status" = "up" && $HostInfo->"doh" = true && $HostInfo->"disabled" != true && $DohServer = "") do={
|
||||
|
@ -70,13 +70,13 @@ $ScriptLock $0;
|
|||
:if ($DohServer != "") do={
|
||||
:if ($DohServer != $DohCurrent) do={
|
||||
$LogPrintExit2 info $0 ("Updating DoH server: " . $DohServer) false;
|
||||
/ ip dns set use-doh-server=$DohServer;
|
||||
/ ip dns cache flush;
|
||||
/ip/dns/set use-doh-server=$DohServer;
|
||||
/ip/dns/cache/flush;
|
||||
}
|
||||
} else={
|
||||
:if ($DohCurrent != "") do={
|
||||
$LogPrintExit2 info $0 ("DoH server (" . $DohCurrent . ") is down, disabling.") false;
|
||||
/ ip dns set use-doh-server="";
|
||||
/ ip dns cache flush;
|
||||
/ip/dns/set use-doh-server="";
|
||||
/ip/dns/cache/flush;
|
||||
}
|
||||
}
|
||||
|
|
|
@ -46,7 +46,7 @@
|
|||
|
||||
$ScriptLock $0;
|
||||
|
||||
:if ([ / system resource get uptime ] < 5m) do={
|
||||
:if ([ /system/resource/get uptime ] < 5m) do={
|
||||
$LogPrintExit2 info $0 ("System just booted, giving netwatch some time to settle.") true;
|
||||
}
|
||||
|
||||
|
@ -54,8 +54,8 @@ $ScriptLock $0;
|
|||
:set NetwatchNotify [ :toarray "" ];
|
||||
}
|
||||
|
||||
:foreach Host in=[ / tool netwatch find where comment~"notify" disabled=no ] do={
|
||||
:local HostVal [ / tool netwatch get $Host ];
|
||||
:foreach Host in=[ /tool/netwatch/find where comment~"notify" disabled=no ] do={
|
||||
:local HostVal [ /tool/netwatch/get $Host ];
|
||||
:local HostInfo [ $ParseKeyValueStore ($HostVal->"comment") ];
|
||||
|
||||
:if ($HostInfo->"notify" = true && $HostInfo->"disabled" != true) do={
|
||||
|
@ -74,7 +74,7 @@ $ScriptLock $0;
|
|||
$LogPrintExit2 info $0 ("Name '" . $HostInfo->"resolve" . [ $IfThenElse ($HostInfo->"resolve" != \
|
||||
$HostInfo->"hostname") ("' for host '" . $HostInfo->"hostname") "" ] . \
|
||||
"' resolves to different address " . $Resolve . ", updating.") false;
|
||||
/ tool netwatch set host=$Resolve $Host;
|
||||
/tool/netwatch/set host=$Resolve $Host;
|
||||
:set ($Metric->"resolve-failed") false;
|
||||
}
|
||||
} on-error={
|
||||
|
|
|
@ -8,10 +8,10 @@
|
|||
# manage remote logging facilities
|
||||
# https://git.eworm.de/cgit/routeros-scripts/about/doc/netwatch-syslog.md
|
||||
|
||||
:local Remote [ /system logging action get ([ find where target=remote ]->0) remote ];
|
||||
:local Remote [ /system/logging/action/get ([ find where target=remote ]->0) remote ];
|
||||
|
||||
if ([ / tool netwatch get [ find where host=$Remote up-script="netwatch-syslog" down-script="netwatch-syslog" ] status ] = "up") do={
|
||||
/ system logging set disabled=no [ find where action=remote disabled=yes ];
|
||||
if ([ /tool/netwatch/get [ find where host=$Remote up-script="netwatch-syslog" down-script="netwatch-syslog" ] status ] = "up") do={
|
||||
/system/logging/set disabled=no [ find where action=remote disabled=yes ];
|
||||
} else={
|
||||
/ system logging set disabled=yes [ find where action=remote disabled=no ];
|
||||
/system/logging/set disabled=yes [ find where action=remote disabled=no ];
|
||||
}
|
||||
|
|
16
ospf-to-leds
16
ospf-to-leds
|
@ -13,23 +13,23 @@
|
|||
:global LogPrintExit2;
|
||||
:global ParseKeyValueStore;
|
||||
|
||||
:foreach Instance in=[ / routing ospf instance find where comment~"^ospf-to-leds," ] do={
|
||||
:local InstanceVal [ / routing ospf instance get $Instance ];
|
||||
:foreach Instance in=[ /routing/ospf/instance/find where comment~"^ospf-to-leds," ] do={
|
||||
:local InstanceVal [ /routing/ospf/instance/get $Instance ];
|
||||
:local LED ([ $ParseKeyValueStore ($InstanceVal->"comment") ]->"leds");
|
||||
:local LEDType [ / system leds get [ find where leds=$LED ] type ];
|
||||
:local LEDType [ /system/leds/get [ find where leds=$LED ] type ];
|
||||
|
||||
:local NeighborCount 0;
|
||||
:foreach Area in=[ / routing ospf area find where instance=($InstanceVal->"name") ] do={
|
||||
:local AreaName [ / routing ospf area get $Area name ];
|
||||
:set NeighborCount ($NeighborCount + [ :len [ / routing ospf neighbor find where area=$AreaName ] ]);
|
||||
:foreach Area in=[ /routing/ospf/area/find where instance=($InstanceVal->"name") ] do={
|
||||
:local AreaName [ /routing/ospf/area/get $Area name ];
|
||||
:set NeighborCount ($NeighborCount + [ :len [ /routing/ospf/neighbor/find where area=$AreaName ] ]);
|
||||
}
|
||||
|
||||
:if ($NeighborCount > 0 && $LEDType = "off") do={
|
||||
$LogPrintExit2 info $0 ("OSPF instance " . $InstanceVal->"name" . " has " . $NeighborCount . " neighbors, led on!") false;
|
||||
/ system leds set type=on [ find where leds=$LED ];
|
||||
/system/leds/set type=on [ find where leds=$LED ];
|
||||
}
|
||||
:if ($NeighborCount = 0 && $LEDType = "on") do={
|
||||
$LogPrintExit2 info $0 ("OSPF instance " . $InstanceVal->"name" . " has no neighbors, led off!") false;
|
||||
/ system leds set type=off [ find where leds=$LED ];
|
||||
/system/leds/set type=off [ find where leds=$LED ];
|
||||
}
|
||||
}
|
||||
|
|
|
@ -18,7 +18,7 @@
|
|||
|
||||
$ScriptLock $0;
|
||||
|
||||
:local Update [ / system package update get ];
|
||||
:local Update [ /system/package/update/get ];
|
||||
|
||||
:if ([ :typeof ($Update->"latest-version") ] = "nothing") do={
|
||||
$LogPrintExit2 warning $0 ("Latest version is not known.") true;
|
||||
|
@ -35,7 +35,7 @@ $ScriptLock $0;
|
|||
:if ($NumInstalled > $NumLatest) do={
|
||||
:if ([ $ScriptFromTerminal $0 ] = true) do={
|
||||
:put "Latest version is older than installed one. Want to downgrade? [y/N]";
|
||||
:if (([ / terminal inkey timeout=60 ] % 32) = 25) do={
|
||||
:if (([ /terminal/inkey timeout=60 ] % 32) = 25) do={
|
||||
:set DoDowngrade true;
|
||||
} else={
|
||||
:put "Canceled...";
|
||||
|
@ -45,23 +45,23 @@ $ScriptLock $0;
|
|||
}
|
||||
}
|
||||
|
||||
:foreach Package in=[ / system package find where !bundle ] do={
|
||||
:local PkgName [ / system package get $Package name ];
|
||||
:foreach Package in=[ /system/package/find where !bundle ] do={
|
||||
:local PkgName [ /system/package/get $Package name ];
|
||||
:if ([ $DownloadPackage $PkgName ($Update->"latest-version") ] = false) do={
|
||||
$LogPrintExit2 error $0 ("Download for package " . $PkgName . " failed, update aborted.") true;
|
||||
}
|
||||
}
|
||||
|
||||
:foreach Script in=[ / system script find where source~"\n# provides: backup-script\n" ] do={
|
||||
:local ScriptName [ / system script get $Script name ];
|
||||
:foreach Script in=[ /system/script/find where source~"\n# provides: backup-script\n" ] do={
|
||||
:local ScriptName [ /system/script/get $Script name ];
|
||||
:do {
|
||||
$LogPrintExit2 info $0 ("Running backup script " . $ScriptName . " before update.") false;
|
||||
/ system script run $Script;
|
||||
/system/script/run $Script;
|
||||
} on-error={
|
||||
$LogPrintExit2 warning $0 ("Running backup script " . $ScriptName . " before update failed!") false;
|
||||
:if ([ $ScriptFromTerminal $0 ] = true) do={
|
||||
:put "Do you want to continue anyway? [y/N]";
|
||||
:if (([ / terminal inkey timeout=60 ] % 32) = 25) do={
|
||||
:if (([ /terminal/inkey timeout=60 ] % 32) = 25) do={
|
||||
$LogPrintExit2 info $0 ("User requested to continue anyway.") false;
|
||||
} else={
|
||||
$LogPrintExit2 info $0 ("Canceled update...") true;
|
||||
|
@ -75,19 +75,19 @@ $ScriptLock $0;
|
|||
:if ($DoDowngrade = true) do={
|
||||
$LogPrintExit2 info $0 ("Rebooting for downgrade.") false;
|
||||
:delay 1s;
|
||||
/ system package downgrade;
|
||||
/system/package/downgrade;
|
||||
}
|
||||
|
||||
:if ([ $ScriptFromTerminal $0 ] = true) do={
|
||||
:put "Do you want to (s)chedule reboot or (r)eboot now? [s/R]";
|
||||
:if (([ / terminal inkey timeout=60 ] % 32) = 19) do={
|
||||
/ system scheduler add name="reboot-for-update" start-time=03:00:00 interval=1d \
|
||||
:if (([ /terminal/inkey timeout=60 ] % 32) = 19) do={
|
||||
/system/scheduler/add name="reboot-for-update" start-time=03:00:00 interval=1d \
|
||||
on-event=(":global RandomDelay; \$RandomDelay 3600; " . \
|
||||
"/ system scheduler remove reboot-for-update; / system reboot;");
|
||||
"/system/scheduler/remove reboot-for-update; /system/reboot;");
|
||||
$LogPrintExit2 info $0 ("Scheduled reboot for update between 03:00 and 04:00.") true;
|
||||
}
|
||||
}
|
||||
|
||||
$LogPrintExit2 info $0 ("Rebooting for update.") false;
|
||||
:delay 1s;
|
||||
/ system reboot;
|
||||
/system/reboot;
|
||||
|
|
10
ppp-on-up
10
ppp-on-up
|
@ -18,16 +18,16 @@
|
|||
$LogPrintExit2 error $0 ("This script is supposed to run from ppp on-up script hook.") true;
|
||||
}
|
||||
|
||||
:local IntName [ / interface get $Interface name ];
|
||||
:local IntName [ /interface/get $Interface name ];
|
||||
$LogPrintExit2 info $0 ("PPP interface " . $IntName . " is up.") false;
|
||||
|
||||
/ ipv6 dhcp-client release [ find where interface=$IntName !disabled ];
|
||||
/ipv6/dhcp-client/release [ find where interface=$IntName !disabled ];
|
||||
|
||||
:foreach Script in=[ / system script find where source~("\n# provides: ppp-on-up\n") ] do={
|
||||
:local ScriptName [ / system script get $Script name ];
|
||||
:foreach Script in=[ /system/script/find where source~("\n# provides: ppp-on-up\n") ] do={
|
||||
:local ScriptName [ /system/script/get $Script name ];
|
||||
:do {
|
||||
$LogPrintExit2 debug $0 ("Running script: " . $ScriptName) false;
|
||||
/ system script run $Script;
|
||||
/system/script/run $Script;
|
||||
} on-error={
|
||||
$LogPrintExit2 warning $0 ("Running script '" . $ScriptName . "' failed!") false;
|
||||
}
|
||||
|
|
|
@ -17,7 +17,7 @@
|
|||
:local Ntp1;
|
||||
:local Ntp2;
|
||||
|
||||
:if ([ / system ntp client get enabled ] != true) do={
|
||||
:if ([ /system/ntp/client/get enabled ] != true) do={
|
||||
$LogPrintExit2 warning $0 ("NTP client is not enabled!") true;
|
||||
}
|
||||
|
||||
|
@ -29,4 +29,4 @@
|
|||
}
|
||||
|
||||
$LogPrintExit2 info $0 ("Updating NTP servers to " . $Ntp1 . " and " . $Ntp2) false;
|
||||
/ system ntp client set servers=($Ntp1, $Ntp2);
|
||||
/system/ntp/client/set servers=($Ntp1, $Ntp2);
|
||||
|
|
16
sms-forward
16
sms-forward
|
@ -21,27 +21,27 @@
|
|||
|
||||
$ScriptLock $0;
|
||||
|
||||
:if ([ / tool sms get receive-enabled ] = false) do={
|
||||
:if ([ /tool/sms/get receive-enabled ] = false) do={
|
||||
$LogPrintExit2 warning $0 ("Receiving of SMS is not enabled.") true;
|
||||
}
|
||||
|
||||
$WaitFullyConnected;
|
||||
|
||||
:local Settings [ / tool sms get ];
|
||||
:local Settings [ /tool/sms/get ];
|
||||
|
||||
# forward SMS in a loop
|
||||
:while ([ :len [ / tool sms inbox find ] ] > 0) do={
|
||||
:local Phone [ / tool sms inbox get ([ find ]->0) phone ];
|
||||
:while ([ :len [ /tool/sms/inbox/find ] ] > 0) do={
|
||||
:local Phone [ /tool/sms/inbox/get ([ find ]->0) phone ];
|
||||
:local Messages "";
|
||||
:local Delete [ :toarray "" ];
|
||||
|
||||
:foreach Sms in=[ / tool sms inbox find where phone=$Phone ] do={
|
||||
:local SmsVal [ / tool sms inbox get $Sms ];
|
||||
:foreach Sms in=[ /tool/sms/inbox/find where phone=$Phone ] do={
|
||||
:local SmsVal [ /tool/sms/inbox/get $Sms ];
|
||||
|
||||
:if ($Phone = $Settings->"allowed-number" && \
|
||||
($SmsVal->"message")~("^:cmd " . $Settings->"secret" . " script ")) do={
|
||||
$LogPrintExit2 debug $0 ("Removing SMS, which started a script.") false;
|
||||
/ tool sms inbox remove $Sms;
|
||||
/tool/sms/inbox/remove $Sms;
|
||||
} else={
|
||||
:set Messages ($Messages . "\n\nOn " . $SmsVal->"timestamp" . \
|
||||
" type " . $SmsVal->"type" . ":\n" . $SmsVal->"message");
|
||||
|
@ -56,7 +56,7 @@ $WaitFullyConnected;
|
|||
message=("Received " . [ $IfThenElse ($Count = 1) "this message" ("these " . $Count . " messages") ] . \
|
||||
" by " . $Identity . " from " . $Phone . ":" . $Messages) });
|
||||
:foreach Sms in=$Delete do={
|
||||
/ tool sms inbox remove $Sms;
|
||||
/tool/sms/inbox/remove $Sms;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -6,6 +6,6 @@
|
|||
# import ssh keys from file
|
||||
# https://git.eworm.de/cgit/routeros-scripts/about/doc/ssh-keys-import.md
|
||||
|
||||
:foreach Key in=[ / file find where type="ssh key" ] do={
|
||||
/ user ssh-key import user=admin public-key-file=[ / file get $Key name ];
|
||||
:foreach Key in=[ /file/find where type="ssh key" ] do={
|
||||
/user/ssh-key/import user=admin public-key-file=[ /file/get $Key name ];
|
||||
}
|
||||
|
|
|
@ -6,11 +6,11 @@
|
|||
# schedule unattended lte firmware upgrade
|
||||
# https://git.eworm.de/cgit/routeros-scripts/about/doc/unattended-lte-firmware-upgrade.md
|
||||
|
||||
:foreach Interface in=[ / interface lte find where running ] do={
|
||||
:foreach Interface in=[ /interface/lte/find where running ] do={
|
||||
:local Firmware;
|
||||
:local IntName [ / interface lte get $Interface name ];
|
||||
:local IntName [ /interface/lte/get $Interface name ];
|
||||
:do {
|
||||
:set Firmware [ / interface lte firmware-upgrade $Interface once as-value ];
|
||||
:set Firmware [ /interface/lte/firmware-upgrade $Interface once as-value ];
|
||||
} on-error={
|
||||
:log debug ("Could not get latest LTE firmware version for interface " . $IntName . ".");
|
||||
}
|
||||
|
@ -21,14 +21,14 @@
|
|||
:global LTEFirmwareUpgrade do={
|
||||
:global LTEFirmwareUpgrade;
|
||||
:set LTEFirmwareUpgrade;
|
||||
/ system scheduler remove ($1 . "-firmware-upgrade");
|
||||
/ interface lte firmware-upgrade $1 upgrade=yes;
|
||||
/system/scheduler/remove ($1 . "-firmware-upgrade");
|
||||
/interface/lte/firmware-upgrade $1 upgrade=yes;
|
||||
:log info ("LTE firmware upgrade finished, waiting for installation before reset.");
|
||||
:delay 150s;
|
||||
/ interface lte at-chat $1 input="AT+RESET";
|
||||
/interface/lte/at-chat $1 input="AT+RESET";
|
||||
:log info ("Reset device, waiting to finish and reconnect.");
|
||||
}
|
||||
/ system scheduler add name=($IntName . "-firmware-upgrade") start-time=startup interval=2s \
|
||||
/system/scheduler/add name=($IntName . "-firmware-upgrade") start-time=startup interval=2s \
|
||||
on-event=(":global LTEFirmwareUpgrade; \$LTEFirmwareUpgrade \"" . $IntName . "\";");
|
||||
} else={
|
||||
:log info ("The LTE firmware is up to date on interface " . $IntName . ".");
|
||||
|
|
|
@ -13,19 +13,19 @@
|
|||
|
||||
:global LogPrintExit2;
|
||||
|
||||
/ interface gre set remote-address=0.0.0.0 disabled=yes [ find where !running !disabled ];
|
||||
/interface/gre/set remote-address=0.0.0.0 disabled=yes [ find where !running !disabled ];
|
||||
|
||||
:foreach Peer in=[ / ip ipsec active-peers find ] do={
|
||||
:local PeerVal [ / ip ipsec active-peers get $Peer ];
|
||||
:local GreInt [ / interface gre find where comment=$PeerVal->"id" ];
|
||||
:foreach Peer in=[ /ip/ipsec/active-peers/find ] do={
|
||||
:local PeerVal [ /ip/ipsec/active-peers/get $Peer ];
|
||||
:local GreInt [ /interface/gre/find where comment=$PeerVal->"id" ];
|
||||
:if ([ :len $GreInt ] > 0) do={
|
||||
:local GreIntVal [ / interface gre get $GreInt ];
|
||||
:local GreIntVal [ /interface/gre/get $GreInt ];
|
||||
:if ([ :typeof ($PeerVal->"dynamic-address") ] = "str" && \
|
||||
($PeerVal->"dynamic-address" != $GreIntVal->"remote-address" || \
|
||||
$GreIntVal->"disabled" = true)) do={
|
||||
$LogPrintExit2 info $0 ("Updating remote address for interface " . $GreIntVal->"name" . " to " . $PeerVal->"dynamic-address") false;
|
||||
/ interface gre set remote-address=0.0.0.0 disabled=yes [ find where remote-address=$PeerVal->"dynamic-address" name!=$GreIntVal->"name" ];
|
||||
/ interface gre set $GreInt remote-address=($PeerVal->"dynamic-address") disabled=no;
|
||||
/interface/gre/set remote-address=0.0.0.0 disabled=yes [ find where remote-address=$PeerVal->"dynamic-address" name!=$GreIntVal->"name" ];
|
||||
/interface/gre/set $GreInt remote-address=($PeerVal->"dynamic-address") disabled=no;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -17,19 +17,19 @@
|
|||
:global LogPrintExit2;
|
||||
:global ParseKeyValueStore;
|
||||
|
||||
:if ([ / ip cloud get ddns-enabled ] != true) do={
|
||||
:if ([ /ip/cloud/get ddns-enabled ] != true) do={
|
||||
$LogPrintExit2 error $0 ("IP cloud DDNS is not enabled.") true;
|
||||
}
|
||||
|
||||
# Get the current ip address from cloud
|
||||
/ ip cloud force-update;
|
||||
:while ([ / ip cloud get status ] != "updated") do={
|
||||
/ip/cloud/force-update;
|
||||
:while ([ /ip/cloud/get status ] != "updated") do={
|
||||
:delay 1s;
|
||||
}
|
||||
:local PublicAddress [ / ip cloud get public-address ];
|
||||
:local PublicAddress [ /ip/cloud/get public-address ];
|
||||
|
||||
:foreach Interface in=[ / interface 6to4 find where comment~"^tunnelbroker" !disabled ] do={
|
||||
:local InterfaceVal [ / interface 6to4 get $Interface ];
|
||||
:foreach Interface in=[ /interface/6to4/find where comment~"^tunnelbroker" !disabled ] do={
|
||||
:local InterfaceVal [ /interface/6to4/get $Interface ];
|
||||
|
||||
:if ($PublicAddress != $InterfaceVal->"local-address") do={
|
||||
:local Comment [ $ParseKeyValueStore ($InterfaceVal->"comment") ];
|
||||
|
@ -38,10 +38,10 @@
|
|||
$LogPrintExit2 error $0 ("Downloading required certificate failed.") true;
|
||||
}
|
||||
$LogPrintExit2 info $0 ("Local address changed, sending UPDATE to tunnelbroker! New address: " . $PublicAddress) false;
|
||||
/ tool fetch check-certificate=yes-without-crl \
|
||||
/tool/fetch check-certificate=yes-without-crl \
|
||||
("https://ipv4.tunnelbroker.net/nic/update\?hostname=" . $Comment->"id") \
|
||||
user=($Comment->"user") password=($Comment->"pass") output=none as-value;
|
||||
/ interface 6to4 set $Interface local-address=$PublicAddress;
|
||||
/interface/6to4/set $Interface local-address=$PublicAddress;
|
||||
} else={
|
||||
$LogPrintExit2 debug $0 ("All tunnelbroker configuration is up to date for interface " . $InterfaceVal->"name" . ".") false;
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue