Crash_Override/routeros-scripts
1
0
Fork 0
mirror of https://github.com/eworm-de/routeros-scripts synced 2024-05-14 10:04:19 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'drop-wifiwave2' into next

Browse source
This commit is contained in:
Christian Hesse 2024-03-05 16:58:58 +01:00
parent 050ccd490e 83dbcfecd5
commit a7cd7d9500
26 changed files with 39 additions and 729 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

15
Makefile
View file

@ -5,39 +5,32 @@
CAPSMAN = $(wildcard *.capsman.rsc)
LOCAL = $(wildcard *.local.rsc)
WIFI = $(wildcard *.wifi.rsc)
WIFIWAVE2 = $(wildcard *.wifiwave2.rsc)
MARKDOWN = $(wildcard *.md doc/*.md doc/mod/*.md)
HTML = $(MARKDOWN:.md=.html)
all: $(CAPSMAN) $(LOCAL) $(WIFI) $(WIFIWAVE2) $(HTML)
all: $(CAPSMAN) $(LOCAL) $(WIFI) $(HTML)
%.html: %.md Makefile
markdown $< | sed 's/href="\([-_\./[:alnum:]]*\)\.md"/href="\1.html"/g' > $@
%.capsman.rsc: %.template.rsc Makefile
sed -e '/\/interface\/wifi\//d' -e '/\/interface\/wifiwave2\//d' -e '/\/interface\/wireless\//d' -e 's|%TEMPL%|.capsman|' \
sed -e '/\/interface\/wifi\//d' -e '/\/interface\/wireless\//d' -e 's|%TEMPL%|.capsman|' \
-e '/^# NOT \/caps-man\/ #$$/,/^# NOT \/caps-man\/ #$$/d' \
-e '/^# !!/,/^# !!/c # !! Do not edit this file, it is generated from template!' \
< $< > $@
%.local.rsc: %.template.rsc Makefile
sed -e '/\/caps-man\//d' -e '/\/interface\/wifi\//d' -e '/\/interface\/wifiwave2\//d' -e 's|%TEMPL%|.local|' \
sed -e '/\/caps-man\//d' -e '/\/interface\/wifi\//d' -e 's|%TEMPL%|.local|' \
-e '/^# NOT \/interface\/wireless\/ #$$/,/^# NOT \/interface\/wireless\/ #$$/d' \
-e '/^# !!/,/^# !!/c # !! Do not edit this file, it is generated from template!' \
< $< > $@
%.wifi.rsc: %.template.rsc Makefile
sed -e '/\/caps-man\//d' -e '/\/interface\/wifiwave2\//d' -e '/\/interface\/wireless\//d' -e 's|%TEMPL%|.wifi|' \
sed -e '/\/caps-man\//d' -e '/\/interface\/wireless\//d' -e 's|%TEMPL%|.wifi|' \
-e '/^# NOT \/interface\/wifi\/ #$$/,/^# NOT \/interface\/wifi\/ #$$/d' \
-e '/^# !!/,/^# !!/c # !! Do not edit this file, it is generated from template!' \
< $< > $@
%.wifiwave2.rsc: %.template.rsc Makefile
sed -e '/\/caps-man\//d' -e '/\/interface\/wifi\//d' -e '/\/interface\/wireless\//d' -e 's|%TEMPL%|.wifiwave2|' \
-e '/^# NOT \/interface\/wifiwave2\/ #$$/,/^# NOT \/interface\/wifiwave2\/ #$$/d' \
-e '/^# !!/,/^# !!/c # !! Do not edit this file, it is generated from template!' \
< $< > $@
clean:
rm -f $(HTML)

4
accesslist-duplicates.template.rsc
View file

@ -21,16 +21,13 @@
:foreach AccList in=[ /caps-man/access-list/find where mac-address!="00:00:00:00:00:00" ] do={
:foreach AccList in=[ /interface/wifi/access-list/find where mac-address!="00:00:00:00:00:00" ] do={
:foreach AccList in=[ /interface/wifiwave2/access-list/find where mac-address!="00:00:00:00:00:00" ] do={
:foreach AccList in=[ /interface/wireless/access-list/find where mac-address!="00:00:00:00:00:00" ] do={
:local Mac [ /caps-man/access-list/get $AccList mac-address ];
:local Mac [ /interface/wifi/access-list/get $AccList mac-address ];
:local Mac [ /interface/wifiwave2/access-list/get $AccList mac-address ];
:local Mac [ /interface/wireless/access-list/get $AccList mac-address ];
:if ($Seen->$Mac = 1) do={
/caps-man/access-list/print where mac-address=$Mac;
/interface/wifi/access-list/print where mac-address=$Mac;
/interface/wifiwave2/access-list/print where mac-address=$Mac;
/interface/wireless/access-list/print where mac-address=$Mac;
:local Remove [ :tonum [ /terminal/ask prompt="\nNumeric id to remove, any key to skip!" ] ];
@ -38,7 +35,6 @@
:put ("Removing numeric id " . $Remove . "...\n");
/caps-man/access-list/remove $Remove;
/interface/wifi/access-list/remove $Remove;
/interface/wifiwave2/access-list/remove $Remove;
/interface/wireless/access-list/remove $Remove;
}
}

36
accesslist-duplicates.wifiwave2.rsc
View file

@ -1,36 +0,0 @@
#!rsc by RouterOS
# RouterOS script: accesslist-duplicates.wifiwave2
# Copyright (c) 2018-2024 Christian Hesse <mail@eworm.de>
# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md
#
# requires RouterOS, version=7.12
#
# print duplicate antries in wireless access list
# https://git.eworm.de/cgit/routeros-scripts/about/doc/accesslist-duplicates.md
#
# !! Do not edit this file, it is generated from template!
:global GlobalFunctionsReady;
:while ($GlobalFunctionsReady != true) do={ :delay 500ms; }
:local Main do={
:local ScriptName [ :tostr $1 ];
:local Seen ({});
:foreach AccList in=[ /interface/wifiwave2/access-list/find where mac-address!="00:00:00:00:00:00" ] do={
:local Mac [ /interface/wifiwave2/access-list/get $AccList mac-address ];
:if ($Seen->$Mac = 1) do={
/interface/wifiwave2/access-list/print where mac-address=$Mac;
:local Remove [ :tonum [ /terminal/ask prompt="\nNumeric id to remove, any key to skip!" ] ];
:if ([ :typeof $Remove ] = "num") do={
:put ("Removing numeric id " . $Remove . "...\n");
/interface/wifiwave2/access-list/remove $Remove;
}
}
:set ($Seen->$Mac) 1;
}
}
$Main [ :jobname ];

9
capsman-download-packages.template.rsc
View file

@ -32,7 +32,6 @@
:local PackagePath [ $CleanFilePath [ /caps-man/manager/get package-path ] ];
:local PackagePath [ $CleanFilePath [ /interface/wifi/capsman/get package-path ] ];
:local PackagePath [ $CleanFilePath [ /interface/wifiwave2/capsman/get package-path ] ];
:local InstalledVersion [ /system/package/update/get installed-version ];
:local Updated false;
@ -65,21 +64,14 @@
:if ([ :len [ /file/find where type=package name~("^" . $PackagePath) ] ] = 0) do={
$LogPrintExit2 info $ScriptName ("No packages available, downloading default set.") false;
# NOT /interface/wifi/ #
# NOT /interface/wifiwave2/ #
:foreach Arch in={ "arm"; "mipsbe" } do={
:foreach Package in={ "routeros"; "wireless" } do={
# NOT /interface/wifi/ #
# NOT /interface/wifiwave2/ #
# NOT /caps-man/ #
:foreach Arch in={ "arm"; "arm64" } do={
# NOT /interface/wifi/ #
:foreach Package in={ "routeros"; "wifiwave2" } do={
# NOT /interface/wifi/ #
# NOT /interface/wifiwave2/ #
:local Packages { "arm"={ "routeros"; "wifi-qcom"; "wifi-qcom-ac" };
"arm64"={ "routeros"; "wifi-qcom" } };
:foreach Package in=($Packages->$Arch) do={
# NOT /interface/wifiwave2/ #
# NOT /caps-man/ #
:if ([ $DownloadPackage $Package $InstalledVersion $Arch $PackagePath ] = true) do={
:set Updated true;
@ -95,7 +87,6 @@
} else={
/caps-man/remote-cap/upgrade [ find where version!=$InstalledVersion ];
/interface/wifi/capsman/remote-cap/upgrade [ find where version!=$InstalledVersion ];
/interface/wifiwave2/capsman/remote-cap/upgrade [ find where version!=$InstalledVersion ];
}
}
}

83
capsman-download-packages.wifiwave2.rsc
View file

@ -1,83 +0,0 @@
#!rsc by RouterOS
# RouterOS script: capsman-download-packages.wifiwave2
# Copyright (c) 2018-2024 Christian Hesse <mail@eworm.de>
# Michael Gisbers <michael@gisbers.de>
# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md
#
# requires RouterOS, version=7.12
#
# download and cleanup packages for CAP installation from CAPsMAN
# https://git.eworm.de/cgit/routeros-scripts/about/doc/capsman-download-packages.md
#
# !! Do not edit this file, it is generated from template!
:global GlobalFunctionsReady;
:while ($GlobalFunctionsReady != true) do={ :delay 500ms; }
:local Main do={
:local ScriptName [ :tostr $1 ];
:global CleanFilePath;
:global DownloadPackage;
:global LogPrintExit2;
:global MkDir;
:global ScriptLock;
:global WaitFullyConnected;
:if ([ $ScriptLock $ScriptName ] = false) do={
:return false;
}
$WaitFullyConnected;
:local PackagePath [ $CleanFilePath [ /interface/wifiwave2/capsman/get package-path ] ];
:local InstalledVersion [ /system/package/update/get installed-version ];
:local Updated false;
:if ([ :len $PackagePath ] = 0) do={
$LogPrintExit2 warning $ScriptName ("The CAPsMAN package path is not defined, can not download packages.") true;
}
:if ([ :len [ /file/find where name=$PackagePath type="directory" ] ] = 0) do={
:if ([ $MkDir $PackagePath ] = false) do={
$LogPrintExit2 warning $ScriptName ("Creating directory at CAPsMAN package path (" . \
$PackagePath . ") failed!") true;
}
$LogPrintExit2 info $ScriptName ("Created directory at CAPsMAN package path (" . $PackagePath . \
"). Please place your packages!") false;
}
:foreach Package in=[ /file/find where type=package \
package-version!=$InstalledVersion name~("^" . $PackagePath) ] do={
:local File [ /file/get $Package ];
:if ($File->"package-architecture" = "mips") do={
:set ($File->"package-architecture") "mipsbe";
}
:if ([ $DownloadPackage ($File->"package-name") $InstalledVersion \
($File->"package-architecture") $PackagePath ] = true) do={
:set Updated true;
/file/remove $Package;
}
}
:if ([ :len [ /file/find where type=package name~("^" . $PackagePath) ] ] = 0) do={
$LogPrintExit2 info $ScriptName ("No packages available, downloading default set.") false;
:foreach Arch in={ "arm"; "arm64" } do={
:foreach Package in={ "routeros"; "wifiwave2" } do={
:if ([ $DownloadPackage $Package $InstalledVersion $Arch $PackagePath ] = true) do={
:set Updated true;
}
}
}
}
:if ($Updated = true) do={
:local Script ([ /system/script/find where source~"\n# provides: capsman-rolling-upgrade\n" ]->0);
:if ([ :len $Script ] > 0) do={
/system/script/run $Script;
} else={
/interface/wifiwave2/capsman/remote-cap/upgrade [ find where version!=$InstalledVersion ];
}
}
}
$Main [ :jobname ];

4
capsman-rolling-upgrade.template.rsc
View file

@ -30,16 +30,13 @@
:local RemoteCapCount [ :len [ /caps-man/remote-cap/find ] ];
:local RemoteCapCount [ :len [ /interface/wifi/capsman/remote-cap/find ] ];
:local RemoteCapCount [ :len [ /interface/wifiwave2/capsman/remote-cap/find ] ];
:if ($RemoteCapCount > 0) do={
:local Delay (600 / $RemoteCapCount);
:if ($Delay > 120) do={ :set Delay 120; }
:foreach RemoteCap in=[ /caps-man/remote-cap/find where version!=$InstalledVersion ] do={
:foreach RemoteCap in=[ /interface/wifi/capsman/remote-cap/find where version!=$InstalledVersion ] do={
:foreach RemoteCap in=[ /interface/wifiwave2/capsman/remote-cap/find where version!=$InstalledVersion ] do={
:local RemoteCapVal [ /caps-man/remote-cap/get $RemoteCap ];
:local RemoteCapVal [ /interface/wifi/capsman/remote-cap/get $RemoteCap ];
:local RemoteCapVal [ /interface/wifiwave2/capsman/remote-cap/get $RemoteCap ];
:if ([ :len $RemoteCapVal ] > 1) do={
# NOT /caps-man/ #
:set ($RemoteCapVal->"name") ($RemoteCapVal->"common-name");
@ -48,7 +45,6 @@
" (" . $RemoteCapVal->"identity" . ")...") false;
/caps-man/remote-cap/upgrade $RemoteCap;
/interface/wifi/capsman/remote-cap/upgrade $RemoteCap;
/interface/wifiwave2/capsman/remote-cap/upgrade $RemoteCap;
} else={
$LogPrintExit2 warning $ScriptName ("Remote CAP vanished, skipping upgrade.") false;
}

49
capsman-rolling-upgrade.wifiwave2.rsc
View file

@ -1,49 +0,0 @@
#!rsc by RouterOS
# RouterOS script: capsman-rolling-upgrade.wifiwave2
# Copyright (c) 2018-2024 Christian Hesse <mail@eworm.de>
# Michael Gisbers <michael@gisbers.de>
# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md
#
# provides: capsman-rolling-upgrade
# requires RouterOS, version=7.12
#
# upgrade CAPs one after another
# https://git.eworm.de/cgit/routeros-scripts/about/doc/capsman-rolling-upgrade.md
#
# !! Do not edit this file, it is generated from template!
:global GlobalFunctionsReady;
:while ($GlobalFunctionsReady != true) do={ :delay 500ms; }
:local Main do={
:local ScriptName [ :tostr $1 ];
:global LogPrintExit2;
:global ScriptLock;
:if ([ $ScriptLock $ScriptName ] = false) do={
:return false;
}
:local InstalledVersion [ /system/package/update/get installed-version ];
:local RemoteCapCount [ :len [ /interface/wifiwave2/capsman/remote-cap/find ] ];
:if ($RemoteCapCount > 0) do={
:local Delay (600 / $RemoteCapCount);
:if ($Delay > 120) do={ :set Delay 120; }
:foreach RemoteCap in=[ /interface/wifiwave2/capsman/remote-cap/find where version!=$InstalledVersion ] do={
:local RemoteCapVal [ /interface/wifiwave2/capsman/remote-cap/get $RemoteCap ];
:if ([ :len $RemoteCapVal ] > 1) do={
:set ($RemoteCapVal->"name") ($RemoteCapVal->"common-name");
$LogPrintExit2 info $ScriptName ("Starting upgrade for " . $RemoteCapVal->"name" . \
" (" . $RemoteCapVal->"identity" . ")...") false;
/interface/wifiwave2/capsman/remote-cap/upgrade $RemoteCap;
} else={
$LogPrintExit2 warning $ScriptName ("Remote CAP vanished, skipping upgrade.") false;
}
:delay ($Delay . "s");
}
}
}
$Main [ :jobname ];

8
collect-wireless-mac.template.rsc
View file

@ -35,28 +35,23 @@
:if ([ :len [ /caps-man/access-list/find where comment="--- collected above ---" disabled ] ] = 0) do={
:if ([ :len [ /interface/wifi/access-list/find where comment="--- collected above ---" disabled ] ] = 0) do={
:if ([ :len [ /interface/wifiwave2/access-list/find where comment="--- collected above ---" disabled ] ] = 0) do={
:if ([ :len [ /interface/wireless/access-list/find where comment="--- collected above ---" disabled ] ] = 0) do={
/caps-man/access-list/add comment="--- collected above ---" disabled=yes;
/interface/wifi/access-list/add comment="--- collected above ---" disabled=yes;
/interface/wifiwave2/access-list/add comment="--- collected above ---" disabled=yes;
/interface/wireless/access-list/add comment="--- collected above ---" disabled=yes;
$LogPrintExit2 warning $ScriptName ("Added disabled access-list entry with comment '--- collected above ---'.") false;
}
:local PlaceBefore ([ /caps-man/access-list/find where comment="--- collected above ---" disabled ]->0);
:local PlaceBefore ([ /interface/wifi/access-list/find where comment="--- collected above ---" disabled ]->0);
:local PlaceBefore ([ /interface/wifiwave2/access-list/find where comment="--- collected above ---" disabled ]->0);
:local PlaceBefore ([ /interface/wireless/access-list/find where comment="--- collected above ---" disabled ]->0);
:foreach Reg in=[ /caps-man/registration-table/find ] do={
:foreach Reg in=[ /interface/wifi/registration-table/find ] do={
:foreach Reg in=[ /interface/wifiwave2/registration-table/find ] do={
:foreach Reg in=[ /interface/wireless/registration-table/find where ap=no ] do={
:local RegVal;
:do {
:set RegVal [ /caps-man/registration-table/get $Reg ];
:set RegVal [ /interface/wifi/registration-table/get $Reg ];
:set RegVal [ /interface/wifiwave2/registration-table/get $Reg ];
:set RegVal [ /interface/wireless/registration-table/get $Reg ];
} on-error={
$LogPrintExit2 debug $ScriptName ("Device already gone... Ignoring.") false;
@ -65,13 +60,11 @@
:if ([ :len ($RegVal->"mac-address") ] > 0) do={
:local AccessList ([ /caps-man/access-list/find where mac-address=($RegVal->"mac-address") ]->0);
:local AccessList ([ /interface/wifi/access-list/find where mac-address=($RegVal->"mac-address") ]->0);
:local AccessList ([ /interface/wifiwave2/access-list/find where mac-address=($RegVal->"mac-address") ]->0);
:local AccessList ([ /interface/wireless/access-list/find where mac-address=($RegVal->"mac-address") ]->0);
:if ([ :len $AccessList ] > 0) do={
$LogPrintExit2 debug $ScriptName ("MAC address " . $RegVal->"mac-address" . " already known: " . \
[ /caps-man/access-list/get $AccessList comment ]) false;
[ /interface/wifi/access-list/get $AccessList comment ]) false;
[ /interface/wifiwave2/access-list/get $AccessList comment ]) false;
[ /interface/wireless/access-list/get $AccessList comment ]) false;
}
@ -100,7 +93,6 @@
$LogPrintExit2 info $ScriptName $Message false;
/caps-man/access-list/add place-before=$PlaceBefore comment=$Message mac-address=($RegVal->"mac-address") disabled=yes;
/interface/wifi/access-list/add place-before=$PlaceBefore comment=$Message mac-address=($RegVal->"mac-address") disabled=yes;
/interface/wifiwave2/access-list/add place-before=$PlaceBefore comment=$Message mac-address=($RegVal->"mac-address") disabled=yes;
/interface/wireless/access-list/add place-before=$PlaceBefore comment=$Message mac-address=($RegVal->"mac-address") disabled=yes;
$SendNotification2 ({ origin=$ScriptName; \
subject=([ $SymbolForNotification "mobile-phone" ] . $RegVal->"mac-address" . " connected to " . $RegVal->"ssid"); \

98
collect-wireless-mac.wifiwave2.rsc
View file

@ -1,98 +0,0 @@
#!rsc by RouterOS
# RouterOS script: collect-wireless-mac.wifiwave2
# Copyright (c) 2013-2024 Christian Hesse <mail@eworm.de>
# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md
#
# provides: lease-script, order=40
# requires RouterOS, version=7.12
#
# collect wireless mac adresses in access list
# https://git.eworm.de/cgit/routeros-scripts/about/doc/collect-wireless-mac.md
#
# !! Do not edit this file, it is generated from template!
:global GlobalFunctionsReady;
:while ($GlobalFunctionsReady != true) do={ :delay 500ms; }
:local Main do={
:local ScriptName [ :tostr $1 ];
:global Identity;
:global EitherOr;
:global FormatLine;
:global FormatMultiLines;
:global GetMacVendor;
:global LogPrintExit2;
:global ScriptLock;
:global SendNotification2;
:global SymbolForNotification;
:if ([ $ScriptLock $ScriptName 10 ] = false) do={
:return false;
}
:if ([ :len [ /interface/wifiwave2/access-list/find where comment="--- collected above ---" disabled ] ] = 0) do={
/interface/wifiwave2/access-list/add comment="--- collected above ---" disabled=yes;
$LogPrintExit2 warning $ScriptName ("Added disabled access-list entry with comment '--- collected above ---'.") false;
}
:local PlaceBefore ([ /interface/wifiwave2/access-list/find where comment="--- collected above ---" disabled ]->0);
:foreach Reg in=[ /interface/wifiwave2/registration-table/find ] do={
:local RegVal;
:do {
:set RegVal [ /interface/wifiwave2/registration-table/get $Reg ];
} on-error={
$LogPrintExit2 debug $ScriptName ("Device already gone... Ignoring.") false;
}
:if ([ :len ($RegVal->"mac-address") ] > 0) do={
:local AccessList ([ /interface/wifiwave2/access-list/find where mac-address=($RegVal->"mac-address") ]->0);
:if ([ :len $AccessList ] > 0) do={
$LogPrintExit2 debug $ScriptName ("MAC address " . $RegVal->"mac-address" . " already known: " . \
[ /interface/wifiwave2/access-list/get $AccessList comment ]) false;
}
:if ([ :len $AccessList ] = 0) do={
:local Address "no dhcp lease";
:local DnsName "no dhcp lease";
:local HostName "no dhcp lease";
:local Lease ([ /ip/dhcp-server/lease/find where active-mac-address=($RegVal->"mac-address") dynamic=yes status=bound ]->0);
:if ([ :len $Lease ] > 0) do={
:set Address [ /ip/dhcp-server/lease/get $Lease active-address ];
:set HostName [ $EitherOr [ /ip/dhcp-server/lease/get $Lease host-name ] "no hostname" ];
:set DnsName "no dns name";
:local DnsRec ([ /ip/dns/static/find where address=$Address ]->0);
:if ([ :len $DnsRec ] > 0) do={
:set DnsName ({ [ /ip/dns/static/get $DnsRec name ] });
:foreach CName in=[ /ip/dns/static/find where type=CNAME cname=($DnsName->0) ] do={
:set DnsName ($DnsName, [ /ip/dns/static/get $CName name ]);
}
}
}
:local DateTime ([ /system/clock/get date ] . " " . [ /system/clock/get time ]);
:local Vendor [ $GetMacVendor ($RegVal->"mac-address") ];
:local Message ("MAC address " . $RegVal->"mac-address" . " (" . $Vendor . ", " . $HostName . ") " . \
"first seen on " . $DateTime . " connected to SSID " . $RegVal->"ssid" . ", interface " . $RegVal->"interface");
$LogPrintExit2 info $ScriptName $Message false;
/interface/wifiwave2/access-list/add place-before=$PlaceBefore comment=$Message mac-address=($RegVal->"mac-address") disabled=yes;
$SendNotification2 ({ origin=$ScriptName; \
subject=([ $SymbolForNotification "mobile-phone" ] . $RegVal->"mac-address" . " connected to " . $RegVal->"ssid"); \
message=("A device with unknown MAC address connected to " . $RegVal->"ssid" . " on " . $Identity . ".\n\n" . \
[ $FormatLine "Controller" $Identity ] . "\n" . \
[ $FormatLine "Interface" ($RegVal->"interface") ] . "\n" . \
[ $FormatLine "SSID" ($RegVal->"ssid") ] . "\n" . \
[ $FormatLine "MAC" ($RegVal->"mac-address") ] . "\n" . \
[ $FormatLine "Vendor" $Vendor ] . "\n" . \
[ $FormatLine "Hostname" $HostName ] . "\n" . \
[ $FormatLine "Address" $Address ] . "\n" . \
[ $FormatMultiLines "DNS name" $DnsName ] . "\n" . \
[ $FormatLine "Date" $DateTime ]) });
}
} else={
$LogPrintExit2 debug $ScriptName ("No mac address available... Ignoring.") false;
}
}
}
$Main [ :jobname ];

9
daily-psk.template.rsc
View file

@ -63,21 +63,16 @@
:foreach AccList in=[ /caps-man/access-list/find where comment~$DailyPskMatchComment ] do={
:foreach AccList in=[ /interface/wifi/access-list/find where comment~$DailyPskMatchComment ] do={
:foreach AccList in=[ /interface/wifiwave2/access-list/find where comment~$DailyPskMatchComment ] do={
:foreach AccList in=[ /interface/wireless/access-list/find where comment~$DailyPskMatchComment ] do={
:local SsidRegExp [ /caps-man/access-list/get $AccList ssid-regexp ];
:local SsidRegExp [ /interface/wifi/access-list/get $AccList ssid-regexp ];
:local SsidRegExp [ /interface/wifiwave2/access-list/get $AccList ssid-regexp ];
:local Configuration ([ /caps-man/configuration/find where ssid~$SsidRegExp ]->0);
:local Configuration ([ /interface/wifi/configuration/find where ssid~$SsidRegExp ]->0);
:local Configuration ([ /interface/wifiwave2/configuration/find where ssid~$SsidRegExp ]->0);
:local Ssid [ /caps-man/configuration/get $Configuration ssid ];
:local Ssid [ /interface/wifi/configuration/get $Configuration ssid ];
:local Ssid [ /interface/wifiwave2/configuration/get $Configuration ssid ];
:local OldPsk [ /caps-man/access-list/get $AccList private-passphrase ];
:local OldPsk [ /interface/wifi/access-list/get $AccList passphrase ];
:local OldPsk [ /interface/wifiwave2/access-list/get $AccList passphrase ];
# /caps-man/ /interface/wifi/ /interface/wifiwave2/ above - /interface/wireless/ below
# /caps-man/ /interface/wifi/ above - /interface/wireless/ below
:local IntName [ /interface/wireless/access-list/get $AccList interface ];
:local Ssid [ /interface/wireless/get $IntName ssid ];
:local OldPsk [ /interface/wireless/access-list/get $AccList private-pre-shared-key ];
@ -87,12 +82,10 @@
$LogPrintExit2 info $ScriptName ("Updating daily PSK for " . $Ssid . " to " . $NewPsk . " (was " . $OldPsk . ")") false;
/caps-man/access-list/set $AccList private-passphrase=$NewPsk;
/interface/wifi/access-list/set $AccList passphrase=$NewPsk;
/interface/wifiwave2/access-list/set $AccList passphrase=$NewPsk;
/interface/wireless/access-list/set $AccList private-pre-shared-key=$NewPsk;
:if ([ :len [ /caps-man/actual-interface-configuration/find where configuration.ssid=$Ssid !disabled ] ] > 0) do={
:if ([ :len [ /interface/wifi/actual-configuration/find where configuration.ssid=$Ssid ] ] > 0) do={
:if ([ :len [ /interface/wifiwave2/actual-configuration/find where configuration.ssid=$Ssid ] ] > 0) do={
:if ([ :len [ /interface/wireless/find where name=$IntName !disabled ] ] = 1) do={
:if ($Seen->$Ssid = 1) do={
$LogPrintExit2 debug $ScriptName ("Already sent a mail for SSID " . $Ssid . ", skipping.") false;

94
daily-psk.wifiwave2.rsc
View file

@ -1,94 +0,0 @@
#!rsc by RouterOS
# RouterOS script: daily-psk.wifiwave2
# Copyright (c) 2013-2024 Christian Hesse <mail@eworm.de>
# Michael Gisbers <michael@gisbers.de>
# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md
#
# requires RouterOS, version=7.12
#
# update daily PSK (pre shared key)
# https://git.eworm.de/cgit/routeros-scripts/about/doc/daily-psk.md
#
# !! Do not edit this file, it is generated from template!
:global GlobalFunctionsReady;
:while ($GlobalFunctionsReady != true) do={ :delay 500ms; }
:local Main do={
:local ScriptName [ :tostr $1 ];
:global DailyPskMatchComment;
:global DailyPskQrCodeUrl;
:global Identity;
:global FormatLine;
:global LogPrintExit2;
:global ScriptLock;
:global SendNotification2;
:global SymbolForNotification;
:global UrlEncode;
:global WaitForFile;
:global WaitFullyConnected;
:if ([ $ScriptLock $ScriptName ] = false) do={
:return false;
}
$WaitFullyConnected;
# return pseudo-random string for PSK
:local GeneratePSK do={
:local Date [ :tostr $1 ];
:global DailyPskSecrets;
:global ParseDate;
:set Date [ $ParseDate $Date ];
:local A ((14 - ($Date->"month")) / 12);
:local B (($Date->"year") - $A);
:local C (($Date->"month") + 12 * $A - 2);
:local WeekDay (7000 + ($Date->"day") + $B + ($B / 4) - ($B / 100) + ($B / 400) + ((31 * $C) / 12));
:set WeekDay ($WeekDay - (($WeekDay / 7) * 7));
:return (($DailyPskSecrets->0->(($Date->"day") - 1)) . \
($DailyPskSecrets->1->(($Date->"month") - 1)) . \
($DailyPskSecrets->2->$WeekDay));
}
:local Seen ({});
:local Date [ /system/clock/get date ];
:local NewPsk [ $GeneratePSK $Date ];
:foreach AccList in=[ /interface/wifiwave2/access-list/find where comment~$DailyPskMatchComment ] do={
:local SsidRegExp [ /interface/wifiwave2/access-list/get $AccList ssid-regexp ];
:local Configuration ([ /interface/wifiwave2/configuration/find where ssid~$SsidRegExp ]->0);
:local Ssid [ /interface/wifiwave2/configuration/get $Configuration ssid ];
:local OldPsk [ /interface/wifiwave2/access-list/get $AccList passphrase ];
:local Skip 0;
:if ($NewPsk != $OldPsk) do={
$LogPrintExit2 info $ScriptName ("Updating daily PSK for " . $Ssid . " to " . $NewPsk . " (was " . $OldPsk . ")") false;
/interface/wifiwave2/access-list/set $AccList passphrase=$NewPsk;
:if ([ :len [ /interface/wifiwave2/actual-configuration/find where configuration.ssid=$Ssid ] ] > 0) do={
:if ($Seen->$Ssid = 1) do={
$LogPrintExit2 debug $ScriptName ("Already sent a mail for SSID " . $Ssid . ", skipping.") false;
} else={
:local Link ($DailyPskQrCodeUrl . \
"?scale=8&level=1&ssid=" . [ $UrlEncode $Ssid ] . "&pass=" . [ $UrlEncode $NewPsk ]);
$SendNotification2 ({ origin=$ScriptName; \
subject=([ $SymbolForNotification "calendar" ] . "daily PSK " . $Ssid); \
message=("This is the daily PSK on " . $Identity . ":\n\n" . \
[ $FormatLine "SSID" $Ssid ] . "\n" . \
[ $FormatLine "PSK" $NewPsk ] . "\n" . \
[ $FormatLine "Date" $Date ] . "\n\n" . \
"A client device specific rule must not exist!"); link=$Link });
:set ($Seen->$Ssid) 1;
}
}
}
}
}
$Main [ :jobname ];

2
dhcp-lease-comment.template.rsc
View file

@ -30,12 +30,10 @@
:local NewComment;
:local AccessList ([ /caps-man/access-list/find where mac-address=($LeaseVal->"active-mac-address") ]->0);
:local AccessList ([ /interface/wifi/access-list/find where mac-address=($LeaseVal->"active-mac-address") ]->0);
:local AccessList ([ /interface/wifiwave2/access-list/find where mac-address=($LeaseVal->"active-mac-address") ]->0);
:local AccessList ([ /interface/wireless/access-list/find where mac-address=($LeaseVal->"active-mac-address") ]->0);
:if ([ :len $AccessList ] > 0) do={
:set NewComment [ /caps-man/access-list/get $AccessList comment ];
:set NewComment [ /interface/wifi/access-list/get $AccessList comment ];
:set NewComment [ /interface/wifiwave2/access-list/get $AccessList comment ];
:set NewComment [ /interface/wireless/access-list/get $AccessList comment ];
}
:if ([ :len $NewComment ] != 0 && $LeaseVal->"comment" != $NewComment) do={

41
dhcp-lease-comment.wifiwave2.rsc
View file

@ -1,41 +0,0 @@
#!rsc by RouterOS
# RouterOS script: dhcp-lease-comment.wifiwave2
# Copyright (c) 2013-2024 Christian Hesse <mail@eworm.de>
# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md
#
# provides: lease-script, order=60
# requires RouterOS, version=7.12
#
# update dhcp-server lease comment with infos from access-list
# https://git.eworm.de/cgit/routeros-scripts/about/doc/dhcp-lease-comment.md
#
# !! Do not edit this file, it is generated from template!
:global GlobalFunctionsReady;
:while ($GlobalFunctionsReady != true) do={ :delay 500ms; }
:local Main do={
:local ScriptName [ :tostr $1 ];
:global LogPrintExit2;
:global ScriptLock;
:if ([ $ScriptLock $ScriptName ] = false) do={
:return false;
}
:foreach Lease in=[ /ip/dhcp-server/lease/find where dynamic=yes status=bound ] do={
:local LeaseVal [ /ip/dhcp-server/lease/get $Lease ];
:local NewComment;
:local AccessList ([ /interface/wifiwave2/access-list/find where mac-address=($LeaseVal->"active-mac-address") ]->0);
:if ([ :len $AccessList ] > 0) do={
:set NewComment [ /interface/wifiwave2/access-list/get $AccessList comment ];
}
:if ([ :len $NewComment ] != 0 && $LeaseVal->"comment" != $NewComment) do={
$LogPrintExit2 info $ScriptName ("Updating comment for DHCP lease " . $LeaseVal->"active-mac-address" . ": " . $NewComment) false;
/ip/dhcp-server/lease/set comment=$NewComment $Lease;
}
}
}
$Main [ :jobname ];

13
doc/accesslist-duplicates.md
View file

@ -15,19 +15,14 @@ entries in wireless access list.
Requirements and installation
-----------------------------
Depending on whether you use `wifi` package (`/interface/wifi`), `wifiwave2`
package (`/interface/wifiwave2`), legacy wifi with CAPsMAN (`/caps-man`)
or local wireless interface (`/interface/wireless`) you need to install a
different script.
Depending on whether you use `wifi` package (`/interface/wifi`), legacy
wifi with CAPsMAN (`/caps-man`) or local wireless interface
(`/interface/wireless`) you need to install a different script.
For `wifi` (RouterOS 7.13 and later):
For `wifi`:
$ScriptInstallUpdate accesslist-duplicates.wifi;
For `wifiwave2` (up to RouterOS 7.12):
$ScriptInstallUpdate accesslist-duplicates.wifiwave2;
For legacy CAPsMAN:
$ScriptInstallUpdate accesslist-duplicates.capsman;

19
doc/capsman-download-packages.md
View file

@ -23,31 +23,21 @@ as that is where packages are downloaded to and where the system expects
them.
Then just install the script on CAPsMAN device.
Depending on whether you use `wifi` package (`/interface/wifi`), `wifiwave2`
package (`/interface/wifiwave2`) or legacy wifi with CAPsMAN (`/caps-man`)
you need to install a different script.
Depending on whether you use `wifi` package (`/interface/wifi`) or legacy
wifi with CAPsMAN (`/caps-man`) you need to install a different script.
For `wifi` (RouterOS 7.13 and later):
For `wifi`:
$ScriptInstallUpdate capsman-download-packages.wifi;
For `wifiwave2` (up to RouterOS 7.12):
$ScriptInstallUpdate capsman-download-packages.wifiwave2;
For legacy CAPsMAN:
$ScriptInstallUpdate capsman-download-packages.capsman;
Optionally add a scheduler to run after startup. For `wifi` (RouterOS 7.13
and later):
Optionally add a scheduler to run after startup. For `wifi`:
/system/scheduler/add name=capsman-download-packages on-event="/system/script/run capsman-download-packages.wifi;" start-time=startup;
For `wifiwave2` (up to RouterOS 7.12):
/system/scheduler/add name=capsman-download-packages on-event="/system/script/run capsman-download-packages.wifiwave2;" start-time=startup;
For legacy CAPsMAN:
/system/scheduler/add name=capsman-download-packages on-event="/system/script/run capsman-download-packages.capsman;" start-time=startup;
@ -58,7 +48,6 @@ unconditionally.
If no packages are found the script downloads a default set of packages:
* `wifi`: `routeros` and `wifi-qcom` for *arm* and *arm64*, `wifi-qcom-ac` for *arm*
* `wifiwave2`: `routeros` and `wifiwave2` for *arm* and *arm64*
* legacy CAPsMAN: `routeros` and `wireless` for *arm* and *mipsbe*
> **Info**: If you have packages in the directory and things go wrong for

11
doc/capsman-rolling-upgrade.md
View file

@ -21,18 +21,13 @@ Requirements and installation
-----------------------------
Just install the script on CAPsMAN device.
Depending on whether you use `wifi` package (`/interface/wifi`), `wifiwave2`
package (`/interface/wifiwave2`) or legacy wifi with CAPsMAN (`/caps-man`)
you need to install a different script.
Depending on whether you use `wifi` package (`/interface/wifi`) or legacy
wifi with CAPsMAN (`/caps-man`) you need to install a different script.
For `wifi` (RouterOS 7.13 and later):
For `wifi`:
$ScriptInstallUpdate capsman-rolling-upgrade.wifi;
For `wifiwave2` (up to RouterOS 7.12):
$ScriptInstallUpdate capsman-rolling-upgrade.wifiwave2;
For legacy CAPsMAN:
$ScriptInstallUpdate capsman-rolling-upgrade.capsman;

13
doc/collect-wireless-mac.md
View file

@ -22,19 +22,14 @@ and modify it to your needs.
Requirements and installation
-----------------------------
Depending on whether you use `wifi` package (`/interface/wifi`), `wifiwave2`
package (`/interface/wifiwave2`), legacy wifi with CAPsMAN (`/caps-man`)
or local wireless interface (`/interface/wireless`) you need to install a
different script.
Depending on whether you use `wifi` package (`/interface/wifi`), legacy
wifi with CAPsMAN (`/caps-man`) or local wireless interface
(`/interface/wireless`) you need to install a different script.
For `wifi` (RouterOS 7.13 and later):
For `wifi`:
$ScriptInstallUpdate collect-wireless-mac.wifi;
For `wifiwave2` (up to RouterOS 7.12):
$ScriptInstallUpdate collect-wireless-mac.wifiwave2;
For legacy CAPsMAN:
$ScriptInstallUpdate collect-wireless-mac.capsman;

22
doc/daily-psk.md
View file

@ -21,23 +21,17 @@ Requirements and installation
Just install this script.
Depending on whether you use `wifi` package (`/interface/wifi`), `wifiwave2`
package (`/interface/wifiwave2`), legacy wifi with CAPsMAN (`/caps-man`)
or local wireless interface (`/interface/wireless`) you need to install a
different script and add schedulers to run the script:
Depending on whether you use `wifi` package (`/interface/wifi`), legacy
wifi with CAPsMAN (`/caps-man`) or local wireless interface
(`/interface/wireless`) you need to install a different script and add
schedulers to run the script:
For `wifi` (RouterOS 7.13 and later):
For `wifi`:
$ScriptInstallUpdate daily-psk.wifi;
/system/scheduler/add interval=1d name=daily-psk on-event="/system/script/run daily-psk.wifi;" start-time=03:00:00;
/system/scheduler/add name=daily-psk@startup on-event="/system/script/run daily-psk.wifi;" start-time=startup;
For `wifiwave2` (up to RouterOS 7.12):
$ScriptInstallUpdate daily-psk.wifiwave2;
/system/scheduler/add interval=1d name=daily-psk on-event="/system/script/run daily-psk.wifiwave2;" start-time=03:00:00;
/system/scheduler/add name=daily-psk@startup on-event="/system/script/run daily-psk.wifiwave2;" start-time=startup;
For legacy CAPsMAN:
$ScriptInstallUpdate daily-psk.capsman;
@ -64,14 +58,10 @@ The configuration goes to `global-config-overlay`, these are the parameters:
> [`global-config`](../global-config.rsc) (the one without `-overlay`) to
> your local `global-config-overlay` and modify it to your specific needs.
Then add an access list entry. For `wifi` (RouterOS 7.13 and later):
Then add an access list entry. For `wifi`:
/interface/wifi/access-list/add comment="Daily PSK" ssid-regexp="-guest\$" passphrase="ToBeChangedDaily";
For `wifiwave2` (up to RouterOS 7.12):
/interface/wifiwave2/access-list/add comment="Daily PSK" ssid-regexp="-guest\$" passphrase="ToBeChangedDaily";
For legacy CAPsMAN:
/caps-man/access-list/add comment="Daily PSK" ssid-regexp="-guest\$" private-passphrase="ToBeChangedDaily";

13
doc/dhcp-lease-comment.md
View file

@ -15,19 +15,14 @@ from wireless access list.
Requirements and installation
-----------------------------
Depending on whether you use `wifi` package (`/interface/wifi`), `wifiwave2`
package (`/interface/wifiwave2`), legacy wifi with CAPsMAN (`/caps-man`)
or local wireless interface (`/interface/wireless`) you need to install a
different script.
Depending on whether you use `wifi` package (`/interface/wifi`), legacy
wifi with CAPsMAN (`/caps-man`) or local wireless interface
(`/interface/wireless`) you need to install a different script.
For `wifi` (RouterOS 7.13 and later):
For `wifi`:
$ScriptInstallUpdate dhcp-lease-comment.wifi;
For `wifiwave2` (up to RouterOS 7.12):
$ScriptInstallUpdate dhcp-lease-comment.wifiwave2;
For legacy CAPsMAN:
$ScriptInstallUpdate dhcp-lease-comment.capsman;

29
doc/hotspot-to-wpa.md
View file

@ -20,21 +20,15 @@ You need a properly configured hotspot on one (open) SSID and a WPA enabled
SSID with suffix "`-wpa`".
Then install the script.
Depending on whether you use `wifi` package (`/interface/wifi`), `wifiwave2`
package (`/interface/wifiwave2`) or legacy wifi with CAPsMAN (`/caps-man`)
you need to install a different script and set it as `on-login` script in
hotspot.
Depending on whether you use `wifi` package (`/interface/wifi`)or legacy
wifi with CAPsMAN (`/caps-man`) you need to install a different script and
set it as `on-login` script in hotspot.
For `wifi` (RouterOS 7.13 and later):
For `wifi`:
$ScriptInstallUpdate hotspot-to-wpa.wifi;
/ip/hotspot/user/profile/set on-login="hotspot-to-wpa.wifi" [ find ];
For `wifiwave2` (up to RouterOS 7.12):
$ScriptInstallUpdate hotspot-to-wpa.wifiwave2;
/ip/hotspot/user/profile/set on-login="hotspot-to-wpa.wifiwave2" [ find ];
For legacy CAPsMAN:
$ScriptInstallUpdate hotspot-to-wpa.capsman;
@ -46,16 +40,11 @@ With just `hotspot-to-wpa` installed the mac addresses will last in the
access list forever. Install the optional script for automatic cleanup
and add a scheduler.
For `wifi` (RouterOS 7.13 and later):
For `wifi`:
$ScriptInstallUpdate hotspot-to-wpa-cleanup.wifi,lease-script;
/system/scheduler/add interval=1d name=hotspot-to-wpa-cleanup on-event="/system/script/run hotspot-to-wpa-cleanup.wifi;" start-time=startup;
For `wifiwave2` (up to RouterOS 7.12):
$ScriptInstallUpdate hotspot-to-wpa-cleanup.wifiwave2,lease-script;
/system/scheduler/add interval=1d name=hotspot-to-wpa-cleanup on-event="/system/script/run hotspot-to-wpa-cleanup.wifiwave2;" start-time=startup;
For legacy CAPsMAN:
$ScriptInstallUpdate hotspot-to-wpa-cleanup.capsman,lease-script;
@ -97,15 +86,11 @@ Additionally templates can be created to give more options for access list:
* `vlan-id`: connect device to specific VLAN
* `vlan-mode`: set the VLAN mode for device
For a hotspot called `example` the template could look like this. For
`wifi` (RouterOS 7.13 and later):
For a hotspot called `example` the template could look like this.
For `wifi`:
/interface/wifi/access-list/add comment="hotspot-to-wpa template example" disabled=yes passphrase="ignore" ssid-regexp="^example\$" vlan-id=10;
For `wifiwave2` (up to RouterOS 7.12):
/interface/wifiwave2/access-list/add comment="hotspot-to-wpa template example" disabled=yes passphrase="ignore" ssid-regexp="^example\$" vlan-id=10;
For legacy CAPsMAN:
/caps-man/access-list/add comment="hotspot-to-wpa template example" disabled=yes private-passphrase="ignore" ssid-regexp="^example\$" vlan-id=10 vlan-mode=use-tag;

2
global-functions.rsc
View file

@ -12,7 +12,7 @@
:local ScriptName [ :jobname ];
# expected configuration version
:global ExpectedConfigVersion 120;
:global ExpectedConfigVersion 121;
# global variables not to be changed by user
:global GlobalFunctionsReady false;

6
hotspot-to-wpa-cleanup.template.rsc
View file

@ -39,10 +39,8 @@
:foreach Client in=[ /caps-man/registration-table/find where comment~"^hotspot-to-wpa:" ] do={
:foreach Client in=[ /interface/wifi/registration-table/find where comment~"^hotspot-to-wpa:" ] do={
:foreach Client in=[ /interface/wifiwave2/registration-table/find where comment~"^hotspot-to-wpa:" ] do={
:local ClientVal [ /caps-man/registration-table/get $Client ];
:local ClientVal [ /interface/wifi/registration-table/get $Client ];
:local ClientVal [ /interface/wifiwave2/registration-table/get $Client ];
:foreach Lease in=[ /ip/dhcp-server/lease/find where dynamic \
mac-address=($ClientVal->"mac-address") ] do={
:if (($DHCPServers->[ /ip/dhcp-server/lease/get $Lease server ]) > 0s) do={
@ -56,18 +54,15 @@
:foreach Client in=[ /caps-man/access-list/find where comment~"^hotspot-to-wpa:" \
:foreach Client in=[ /interface/wifi/access-list/find where comment~"^hotspot-to-wpa:" \
:foreach Client in=[ /interface/wifiwave2/access-list/find where comment~"^hotspot-to-wpa:" \
!(comment~[ /system/clock/get date ]) ] do={
:local ClientVal [ /caps-man/access-list/get $Client ];
:local ClientVal [ /interface/wifi/access-list/get $Client ];
:local ClientVal [ /interface/wifiwave2/access-list/get $Client ];
:if ([ :len [ /ip/dhcp-server/lease/find where !dynamic comment~"^hotspot-to-wpa:" \
mac-address=($ClientVal->"mac-address") ] ] = 0) do={
$LogPrintExit2 info $ScriptName ("Client with mac address " . ($ClientVal->"mac-address") . \
" did not connect to WPA, removing from access list.") false;
/caps-man/access-list/remove $Client;
/interface/wifi/access-list/remove $Client;
/interface/wifiwave2/access-list/remove $Client;
}
}
@ -79,7 +74,6 @@
" was not seen for " . ($LeaseVal->"last-seen") . ", removing.") false;
/caps-man/access-list/remove [ find where comment~"^hotspot-to-wpa:" \
/interface/wifi/access-list/remove [ find where comment~"^hotspot-to-wpa:" \
/interface/wifiwave2/access-list/remove [ find where comment~"^hotspot-to-wpa:" \
mac-address=($LeaseVal->"mac-address") ];
/ip/dhcp-server/lease/remove $Lease;
}

76
hotspot-to-wpa-cleanup.wifiwave2.rsc
View file

@ -1,76 +0,0 @@
#!rsc by RouterOS
# RouterOS script: hotspot-to-wpa-cleanup.wifiwave2
# Copyright (c) 2021-2024 Christian Hesse <mail@eworm.de>
# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md
#
# provides: lease-script, order=80
# requires RouterOS, version=7.12
#
# manage and clean up private WPA passphrase after hotspot login
# https://git.eworm.de/cgit/routeros-scripts/about/doc/hotspot-to-wpa.md
#
# !! Do not edit this file, it is generated from template!
:global GlobalFunctionsReady;
:while ($GlobalFunctionsReady != true) do={ :delay 500ms; }
:local Main do={
:local ScriptName [ :tostr $1 ];
:global EitherOr;
:global LogPrintExit2;
:global ParseKeyValueStore;
:global ScriptLock;
:if ([ $ScriptLock $ScriptName 10 ] = false) do={
:return false;
}
:local DHCPServers ({});
:foreach Server in=[ /ip/dhcp-server/find where comment~"hotspot-to-wpa" ] do={
:local ServerVal [ /ip/dhcp-server/get $Server ]
:local ServerInfo [ $ParseKeyValueStore ($ServerVal->"comment") ];
:if (($ServerInfo->"hotspot-to-wpa") = "wpa") do={
:set ($DHCPServers->($ServerVal->"name")) \
[ :totime [ $EitherOr ($ServerInfo->"timeout") 4w ] ];
}
}
:foreach Client in=[ /interface/wifiwave2/registration-table/find where comment~"^hotspot-to-wpa:" ] do={
:local ClientVal [ /interface/wifiwave2/registration-table/get $Client ];
:foreach Lease in=[ /ip/dhcp-server/lease/find where dynamic \
mac-address=($ClientVal->"mac-address") ] do={
:if (($DHCPServers->[ /ip/dhcp-server/lease/get $Lease server ]) > 0s) do={
$LogPrintExit2 info $ScriptName ("Client with mac address " . ($ClientVal->"mac-address") . \
" connected to WPA, making lease static.") false;
/ip/dhcp-server/lease/make-static $Lease;
/ip/dhcp-server/lease/set comment=($ClientVal->"comment") $Lease;
}
}
}
:foreach Client in=[ /interface/wifiwave2/access-list/find where comment~"^hotspot-to-wpa:" \
!(comment~[ /system/clock/get date ]) ] do={
:local ClientVal [ /interface/wifiwave2/access-list/get $Client ];
:if ([ :len [ /ip/dhcp-server/lease/find where !dynamic comment~"^hotspot-to-wpa:" \
mac-address=($ClientVal->"mac-address") ] ] = 0) do={
$LogPrintExit2 info $ScriptName ("Client with mac address " . ($ClientVal->"mac-address") . \
" did not connect to WPA, removing from access list.") false;
/interface/wifiwave2/access-list/remove $Client;
}
}
:foreach Server,Timeout in=$DHCPServers do={
:foreach Lease in=[ /ip/dhcp-server/lease/find where !dynamic status="waiting" \
server=$Server last-seen>$Timeout comment~"^hotspot-to-wpa:" ] do={
:local LeaseVal [ /ip/dhcp-server/lease/get $Lease ];
$LogPrintExit2 info $ScriptName ("Client with mac address " . ($LeaseVal->"mac-address") . \
" was not seen for " . ($LeaseVal->"last-seen") . ", removing.") false;
/interface/wifiwave2/access-list/remove [ find where comment~"^hotspot-to-wpa:" \
mac-address=($LeaseVal->"mac-address") ];
/ip/dhcp-server/lease/remove $Lease;
}
}
}
$Main [ :jobname ];

16
hotspot-to-wpa.template.rsc
View file

@ -42,28 +42,22 @@
:if ([ :len [ /caps-man/access-list/find where comment="--- hotspot-to-wpa above ---" disabled ] ] = 0) do={
:if ([ :len [ /interface/wifi/access-list/find where comment="--- hotspot-to-wpa above ---" disabled ] ] = 0) do={
:if ([ :len [ /interface/wifiwave2/access-list/find where comment="--- hotspot-to-wpa above ---" disabled ] ] = 0) do={
/caps-man/access-list/add comment="--- hotspot-to-wpa above ---" disabled=yes;
/interface/wifi/access-list/add comment="--- hotspot-to-wpa above ---" disabled=yes;
/interface/wifiwave2/access-list/add comment="--- hotspot-to-wpa above ---" disabled=yes;
$LogPrintExit2 warning $ScriptName ("Added disabled access-list entry with comment '--- hotspot-to-wpa above ---'.") false;
}
:local PlaceBefore ([ /caps-man/access-list/find where comment="--- hotspot-to-wpa above ---" disabled ]->0);
:local PlaceBefore ([ /interface/wifi/access-list/find where comment="--- hotspot-to-wpa above ---" disabled ]->0);
:local PlaceBefore ([ /interface/wifiwave2/access-list/find where comment="--- hotspot-to-wpa above ---" disabled ]->0);
:if ([ :len [ /caps-man/access-list/find where \
:if ([ :len [ /interface/wifi/access-list/find where \
:if ([ :len [ /interface/wifiwave2/access-list/find where \
comment=("hotspot-to-wpa template " . $Hotspot) disabled ] ] = 0) do={
/caps-man/access-list/add comment=("hotspot-to-wpa template " . $Hotspot) disabled=yes place-before=$PlaceBefore;
/interface/wifi/access-list/add comment=("hotspot-to-wpa template " . $Hotspot) disabled=yes place-before=$PlaceBefore;
/interface/wifiwave2/access-list/add comment=("hotspot-to-wpa template " . $Hotspot) disabled=yes place-before=$PlaceBefore;
$LogPrintExit2 warning $ScriptName ("Added template in access-list for hotspot '" . $Hotspot . "'.") false;
}
:local Template [ /caps-man/access-list/get ([ find where \
:local Template [ /interface/wifi/access-list/get ([ find where \
:local Template [ /interface/wifiwave2/access-list/get ([ find where \
comment=("hotspot-to-wpa template " . $Hotspot) disabled ]->0) ];
:if ($Template->"action" = "reject") do={
@ -78,16 +72,13 @@
" (user " . $UserName . ").") false;
/caps-man/access-list/remove [ find where mac-address=$MacAddress comment~"^hotspot-to-wpa: " ];
/interface/wifi/access-list/remove [ find where mac-address=$MacAddress comment~"^hotspot-to-wpa: " ];
/interface/wifiwave2/access-list/remove [ find where mac-address=$MacAddress comment~"^hotspot-to-wpa: " ];
/caps-man/access-list/add private-passphrase=($UserVal->"password") ssid-regexp="-wpa\$" \
/interface/wifi/access-list/add passphrase=($UserVal->"password") ssid-regexp="-wpa\$" \
/interface/wifiwave2/access-list/add passphrase=($UserVal->"password") ssid-regexp="-wpa\$" \
mac-address=$MacAddress comment=("hotspot-to-wpa: " . $UserName . ", " . $MacAddress . ", " . $Date) \
action=reject place-before=$PlaceBefore;
:local Entry [ /caps-man/access-list/find where mac-address=$MacAddress \
:local Entry [ /interface/wifi/access-list/find where mac-address=$MacAddress \
:local Entry [ /interface/wifiwave2/access-list/find where mac-address=$MacAddress \
comment=("hotspot-to-wpa: " . $UserName . ", " . $MacAddress . ", " . $Date) ];
# NOT /caps-man/ #
:set ($Template->"private-passphrase") ($Template->"passphrase");
@ -97,38 +88,31 @@
:if ($PrivatePassphrase = "ignore") do={
/caps-man/access-list/set $Entry !private-passphrase;
/interface/wifi/access-list/set $Entry !passphrase;
/interface/wifiwave2/access-list/set $Entry !passphrase;
} else={
/caps-man/access-list/set $Entry private-passphrase=$PrivatePassphrase;
/interface/wifi/access-list/set $Entry passphrase=$PrivatePassphrase;
/interface/wifiwave2/access-list/set $Entry passphrase=$PrivatePassphrase;
}
}
:local SsidRegexp [ $EitherOr ($UserInfo->"ssid-regexp") ($Template->"ssid-regexp") ];
:if ([ :len $SsidRegexp ] > 0) do={
/caps-man/access-list/set $Entry ssid-regexp=$SsidRegexp;
/interface/wifi/access-list/set $Entry ssid-regexp=$SsidRegexp;
/interface/wifiwave2/access-list/set $Entry ssid-regexp=$SsidRegexp;
}
:local VlanId [ $EitherOr ($UserInfo->"vlan-id") ($Template->"vlan-id") ];
:if ([ :len $VlanId ] > 0) do={
/caps-man/access-list/set $Entry vlan-id=$VlanId;
/interface/wifi/access-list/set $Entry vlan-id=$VlanId;
/interface/wifiwave2/access-list/set $Entry vlan-id=$VlanId;
}
# NOT /interface/wifi/ #
# NOT /interface/wifiwave2/ #
:local VlanMode [ $EitherOr ($UserInfo->"vlan-mode") ($Template->"vlan-mode") ];
:if ([ :len $VlanMode] > 0) do={
/caps-man/access-list/set $Entry vlan-mode=$VlanMode;
}
# NOT /interface/wifiwave2/ #
# NOT /interface/wifi/ #
:delay 2s;
/caps-man/access-list/set $Entry action=accept;
/interface/wifi/access-list/set $Entry action=accept;
/interface/wifiwave2/access-list/set $Entry action=accept;
}
$Main [ :jobname ] $"mac-address" $username;

95
hotspot-to-wpa.wifiwave2.rsc
View file

@ -1,95 +0,0 @@
#!rsc by RouterOS
# RouterOS script: hotspot-to-wpa.wifiwave2
# Copyright (c) 2019-2024 Christian Hesse <mail@eworm.de>
# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md
#
# requires RouterOS, version=7.12
#
# add private WPA passphrase after hotspot login
# https://git.eworm.de/cgit/routeros-scripts/about/doc/hotspot-to-wpa.md
#
# !! Do not edit this file, it is generated from template!
:global GlobalFunctionsReady;
:while ($GlobalFunctionsReady != true) do={ :delay 500ms; }
:local Main do={
:local ScriptName [ :tostr $1 ];
:local MacAddress [ :tostr $2 ];
:local UserName [ :tostr $3 ];
:global EitherOr;
:global LogPrintExit2;
:global ParseKeyValueStore;
:global ScriptLock;
:if ([ $ScriptLock $ScriptName ] = false) do={
:return false;
}
:if ([ :len $MacAddress ] = 0 || [ :len $UserName ] = 0) do={
$LogPrintExit2 error $ScriptName ("This script is supposed to run from hotspot on login.") true;
}
:local Date [ /system/clock/get date ];
:local UserVal ({});
:if ([ :len [ /ip/hotspot/user/find where name=$UserName ] ] > 0) do={
:set UserVal [ /ip/hotspot/user/get [ find where name=$UserName ] ];
}
:local UserInfo [ $ParseKeyValueStore ($UserVal->"comment") ];
:local Hotspot [ /ip/hotspot/host/get [ find where mac-address=$MacAddress authorized ] server ];
:if ([ :len [ /interface/wifiwave2/access-list/find where comment="--- hotspot-to-wpa above ---" disabled ] ] = 0) do={
/interface/wifiwave2/access-list/add comment="--- hotspot-to-wpa above ---" disabled=yes;
$LogPrintExit2 warning $ScriptName ("Added disabled access-list entry with comment '--- hotspot-to-wpa above ---'.") false;
}
:local PlaceBefore ([ /interface/wifiwave2/access-list/find where comment="--- hotspot-to-wpa above ---" disabled ]->0);
:if ([ :len [ /interface/wifiwave2/access-list/find where \
comment=("hotspot-to-wpa template " . $Hotspot) disabled ] ] = 0) do={
/interface/wifiwave2/access-list/add comment=("hotspot-to-wpa template " . $Hotspot) disabled=yes place-before=$PlaceBefore;
$LogPrintExit2 warning $ScriptName ("Added template in access-list for hotspot '" . $Hotspot . "'.") false;
}
:local Template [ /interface/wifiwave2/access-list/get ([ find where \
comment=("hotspot-to-wpa template " . $Hotspot) disabled ]->0) ];
:if ($Template->"action" = "reject") do={
$LogPrintExit2 info $ScriptName ("Ignoring login for hotspot '" . $Hotspot . "'.") false;
:return true;
}
# allow login page to load
:delay 1s;
$LogPrintExit2 info $ScriptName ("Adding/updating access-list entry for mac address " . $MacAddress . \
" (user " . $UserName . ").") false;
/interface/wifiwave2/access-list/remove [ find where mac-address=$MacAddress comment~"^hotspot-to-wpa: " ];
/interface/wifiwave2/access-list/add passphrase=($UserVal->"password") ssid-regexp="-wpa\$" \
mac-address=$MacAddress comment=("hotspot-to-wpa: " . $UserName . ", " . $MacAddress . ", " . $Date) \
action=reject place-before=$PlaceBefore;
:local Entry [ /interface/wifiwave2/access-list/find where mac-address=$MacAddress \
comment=("hotspot-to-wpa: " . $UserName . ", " . $MacAddress . ", " . $Date) ];
:set ($Template->"private-passphrase") ($Template->"passphrase");
:local PrivatePassphrase [ $EitherOr ($UserInfo->"private-passphrase") ($Template->"private-passphrase") ];
:if ([ :len $PrivatePassphrase ] > 0) do={
:if ($PrivatePassphrase = "ignore") do={
/interface/wifiwave2/access-list/set $Entry !passphrase;
} else={
/interface/wifiwave2/access-list/set $Entry passphrase=$PrivatePassphrase;
}
}
:local SsidRegexp [ $EitherOr ($UserInfo->"ssid-regexp") ($Template->"ssid-regexp") ];
:if ([ :len $SsidRegexp ] > 0) do={
/interface/wifiwave2/access-list/set $Entry ssid-regexp=$SsidRegexp;
}
:local VlanId [ $EitherOr ($UserInfo->"vlan-id") ($Template->"vlan-id") ];
:if ([ :len $VlanId ] > 0) do={
/interface/wifiwave2/access-list/set $Entry vlan-id=$VlanId;
}
:delay 2s;
/interface/wifiwave2/access-list/set $Entry action=accept;
}
$Main [ :jobname ] $"mac-address" $username;

1
news-and-changes.rsc
View file

@ -45,6 +45,7 @@
"Huge configuration and lots of scripts give an extra risk. Take care!");
119="Added support for IPv6 to script 'fw-addr-lists'.";
120="Implemented a workaround in 'backup-cloud'. Now script should no longer just crash, but send notification with error.";
121="The 'wifiwave2' scripts are finally gone. Development continues with 'wifi' in RouterOS 7.13 and later.";
};
# Migration steps to be applied on script updates