Commit graph

2335 commits

Author SHA1 Message Date
Christian Hesse
7594345da8 README: copy *relevant* configuration only 2022-10-31 21:45:36 +01:00
Christian Hesse
6822e71564 netwatch-notify: cache the result
If this script runs from terminal this will not change... 😜
So cache the result.

Co-authored-by: Michael Gisbers <michael@gisbers.de>
2022-10-21 15:00:42 +02:00
Michael Gisbers
a0163aa487 netwatch-notify: always show messages when run from terminal
Co-authored-by: Christian Hesse <mail@eworm.de>
2022-10-21 15:00:41 +02:00
Christian Hesse
c3da4ed696 netwatch-notify: stop flooding the log after down notification
This will now log all messages before notification, and every two hours
(or scheduler interval * 120) after.
2022-10-21 15:00:39 +02:00
Christian Hesse
a1ef912ec7 Merge branch 'notifications' into next
These are generated with my 'RouterOS-Scripts Notification Generator':
https://eworm.de/ros/notification/
2022-10-20 11:37:35 +02:00
Christian Hesse
aef88e313b doc/sms-forward: update notification
---- ✂️ ----
📨 SMS Forwarding from 7277

Received this message by MikroTik from 7277:

On oct/17/2022 13:44:10 GMT -0 type class-0:
Welcome to our network!
---- ✂️ ----
2022-10-20 11:37:09 +02:00
Christian Hesse
ee7836263f doc/netwatch-notify: update notifications
---- ✂️ ----
 Netwatch Notify: example.com down

The host 'example.com' (93.184.216.34) is down since oct/19/2022 16:27:03.
---- ✂️ ----
 Netwatch Notify: example.com up

The host 'example.com' (93.184.216.34) is up since oct/19/2022 17:03:00.
It was down for 6 checks since oct/19/2022 16:27:03.
---- ✂️ ----
2022-10-20 11:37:05 +02:00
Christian Hesse
4f8a2bd8e2 doc/log-forward: update notification
---- ✂️ ----
⚠️ Log Forwarding

The log on MikroTik contains these 3 messages after 6d23:55:18 uptime.

 ● 13:24:02 script;error backup-cloud: Failed uploading backup for MikroTik to cloud!
 ● 13:24:17 system;info;account user admin logged in from 192.168.88.177 via ssh
 ● 13:24:57 system;info;account user admin logged out from 192.168.88.177 via ssh
---- ✂️ ----
2022-10-20 11:28:09 +02:00
Christian Hesse
694f4e2894 doc/daily-psk: update notification
---- ✂️ ----
📅 daily PSK Guest-Wifi

This is the daily PSK on MikroTik:

SSID: Guest-Wifi
PSK:  S3cr3tStr1ng
Date: oct/18/2022

A client device specific rule must not exist!

🔗 https://www.eworm.de/cgi-bin/cqrlogo-wifi.cgi?scale=8&level=1&ssid=Guest-Wifi&pass=S3cr3tStr1ng
---- ✂️ ----
2022-10-20 11:28:09 +02:00
Christian Hesse
dddbd3da27 doc/collect-wireless-mac: update notification
---- ✂️ ----
📱 48:F1:7F:D0:E5:4E connected to Wifi

A device with unknown MAC address connected to Wifi on MikroTik.

Controller: MikroTik
Interface:  wl5-wifi
SSID:       Wifi
MAC:        48:F1:7F:D0:E5:4E
Vendor:     Intel Corporate
Hostname:   host-523c8e0e
Address:    192.168.20.254
DNS name:   host-523c8e0e.dhcp.MikroTik.example.com
Date:       oct/20/2022 09:21:56
---- ✂️ ----
2022-10-20 11:28:09 +02:00
Christian Hesse
6940f851b0 doc/check-routeros-update: update notification
---- ✂️ ----
 RouterOS update

A new RouterOS version 7.6 is available for MikroTik.

Hostname:       MikroTik
Board name:     CHR
Architecture:   x86_64
RouterOS:
    Channel:    stable
    Installed:  7.5
    Available:  7.6
RouterOS-Scripts:
    Version:    85

🔗 https://mikrotik.com/download/changelogs/stable-release-tree
---- ✂️ ----
2022-10-20 11:28:09 +02:00
Christian Hesse
863cf9cae0 doc/check-lte-firmware-upgrade: update notification
---- ✂️ ----
 LTE firmware upgrade

A new firmware version R11e-LTE6_V033 is available for LTE interface lte on MikroTik.

Interface: MikroTik R11e-LTE6
Installed: R11e-LTE6_V027
Available: R11e-LTE6_V033
---- ✂️ ----
2022-10-20 11:28:09 +02:00
Christian Hesse
692ed21262 doc/check-health: update notifications
---- ✂️ ----
📉 Health warning: voltage

The voltage on MikroTik jumped more than 10%.

old value: 16.2V
new value: 12.4V
---- ✂️ ----
🔥 Health warning: temperature

The temperature on MikroTik is above threshold: 51°C
---- ✂️ ----
 Health recovery: temperature

The temperature on MikroTik dropped below threshold: 47°C
---- ✂️ ----
 Health warning: psu1-state

The power supply unit 'psu1-state' on MikroTik failed!
---- ✂️ ----
 Health recovery: psu1-state

The power supply unit 'psu1-state' on MikroTik recovered!
---- ✂️ ----
2022-10-20 11:28:09 +02:00
Christian Hesse
fadf4d5008 doc/check-certificates: update notification
---- ✂️ ----
🔏 Certificate renewed

A certificate on MikroTik has been renewed.

Name:        example.com
CommonName:  example.com
Private key: available
Fingerprint: cc54cdd01fcd7698ecb71213874be776906eb33d26cd57754d168632f14c4c8b
Issuer:      R3
Validity:    sep/08/2022 03:50:56 to dec/07/2022 03:50:55
Expires in:  8w 3d 12:03:30
---- ✂️ ----
2022-10-20 11:28:09 +02:00
Christian Hesse
98844d85d5 doc/backup-upload: update notification
---- ✂️ ----
💾⬆️ Backup & Config upload

Backup and config export upload for MikroTik.

Hostname:       MikroTik
Board name:     CHR
Architecture:   x86_64
RouterOS:
    Channel:    stable
    Installed:  7.6
RouterOS-Scripts:
    Version:    85

Backup file:    MikroTik_example_com.backup
Config file:    MikroTik_example_com.rsc
---- ✂️ ----
2022-10-20 11:28:09 +02:00
Christian Hesse
3733e0a919 doc/backup-cloud: update notification
---- ✂️ ----
💾☁️ Cloud backup

Uploaded backup for MikroTik to cloud.

Hostname:       MikroTik
Board name:     CHR
Architecture:   x86_64
RouterOS:
    Channel:    stable
    Installed:  7.6
RouterOS-Scripts:
    Version:    85

Name:           cloud-20221020-092419
Size:           370767 B (362 KiB)
Download key:   LLDBfPcWXxmSetWilqeJX5V
---- ✂️ ----
2022-10-20 11:28:09 +02:00
Christian Hesse
8c89fb0a4e README: update notification
---- ✂️ ----
📌 News and configuration changes

The configuration version on MikroTik increased to 85, current configuration may need modification. Please review and update global-config-overlay, then re-run global-config.

Changes:
 ● Support for e-mail notifications moved to a module. It is installed automatically if required.
 ● Dropped 'netwatch-syslog', filtering in firewall is advised.
---- ✂️ ----
2022-10-20 10:01:04 +02:00
Christian Hesse
4106b199bf mod/notification-telegram: drop 'Telegram' from wording 2022-10-19 22:46:23 +02:00
Christian Hesse
fe87e9551d firmware-upgrade-reboot: update wording, give version 2022-10-19 11:57:52 +02:00
Christian Hesse
bff6689b10 ipsec-to-dns: strip "CN=" from peer's id 2022-10-19 08:54:11 +02:00
Christian Hesse
621154ab83 ipsec-to-dns: remove debug output
Oops... 😳

This sneaked in with initial commit 862417b8d3
("add 'ipsec-to-dns'").
2022-10-19 08:45:40 +02:00
Christian Hesse
2f8e8b7448 update-gre-address: strip "CN=" from peer's id
The prefix "CN=" is now added in RouterOS 7.6... Let's match with and
without the prefix in comment.
2022-10-18 22:43:42 +02:00
Christian Hesse
640cb81119 netwatch-notify: fix the count...
This broke in commit 6f772e92a6
("netwatch-notify: rename array element") where not only the array
element but also the option was renamed.
2022-10-14 22:39:21 +02:00
Christian Hesse
493d534706 update-tunnelbroker: drop extra detection, use response from update
Why hammer on another service? The tunnelbroker response contains the
address we need. So send the update every time, and use that
information.
2022-10-09 23:56:53 +02:00
Christian Hesse
e7995fa06b update-tunnelbroker: get public address from website
This is a good condidate:

https://showipv6.de/

We can drop the cloud code, which seems to be unreliable in somd
situations.
2022-10-09 23:56:53 +02:00
Christian Hesse
c95cbdbc1e doc/update-tunnelbroker: give more hints on expected config 2022-10-09 00:00:50 +02:00
Christian Hesse
16e93018ef update-tunnelbroker: work around timing issue
Looks like fetch command has a timing issue with the tunnelbroker
endpoint... We have to try several times to work around this.
Consider the update failed on third error.
2022-10-08 23:06:22 +02:00
Christian Hesse
ebaa9b617d update-tunnelbroker: add error handling for fetch command 2022-10-08 22:38:31 +02:00
Christian Hesse
dd22dfd26d backup-email: check if dependency for sending e-mail is installed 2022-09-29 10:31:54 +02:00
Christian Hesse
10182949ea global-functions: $ScriptInstallUpdate: disable notification only...
... if requested, but keep output and logs.
2022-09-28 09:17:32 +02:00
Christian Hesse
b18ca62dbd global-functions: $ScriptInstallUpdate: drop dead code... 2022-09-28 09:17:12 +02:00
Christian Hesse
5120aa096f global-functions: $ScriptInstallUpdate: drop code for permission workaround
This is no longer used as 'netwatch-syslog' is gone.
2022-09-25 22:18:44 +02:00
Christian Hesse
10bf3c758f drop 'learn-mac-based-vlan' and 'manage-umts'
This was undocumented and scripts did never catch up with general
quality expectations, for example global-config and global functions
were not used.
If you need the code get it from git history. 😜
2022-09-25 22:18:44 +02:00
Christian Hesse
bfe2cbf575 drop 'netwatch-syslog'
To filter in firewall you should use something like this:

/ip/firewall/filter/add action=reject chain=output out-interface-list=WAN port=514 protocol=udp reject-with=icmp-admin-prohibited;
/ip/firewall/filter/add action=reject chain=forward out-interface-list=WAN port=514 protocol=udp reject-with=icmp-admin-prohibited;
2022-09-25 22:18:44 +02:00
Christian Hesse
eccc187014 introduce 'mod/notification-email', split off from global-functions 2022-09-25 22:10:05 +02:00
Christian Hesse
562c565fcf global-functions: $FlushEmailQueue: do not flush if sending 2022-09-25 18:44:14 +02:00
Christian Hesse
a05b8c1881 Makefile: add a clean target 2022-09-25 18:44:14 +02:00
Christian Hesse
fb9aca90f0 unattended-lte-firmware-upgrade: increase delay before extra reset 2022-09-21 16:36:54 +02:00
Christian Hesse
493e4fc8c1 netwatch-notify: use a counter for resolve failures
This should relax the error message a bit as it is not triggered
on first failure.
2022-09-20 22:49:04 +02:00
Christian Hesse
84b5e77860 global-functions: $GetMacVendor: detect locally administered addresses
https://en.wikipedia.org/wiki/MAC_address#Universal_vs._local_(U/L_bit)
2022-09-20 09:30:33 +02:00
Christian Hesse
c33e813f20 mod/notification-matrix: $FlushMatrixQueue: use $0 for scheduler name 2022-09-15 22:25:59 +02:00
Christian Hesse
47e4f292cb mod/notification-telegram: $FlushTelegramQueue: use $0 for scheduler name 2022-09-15 22:25:59 +02:00
Christian Hesse
3f92edb5c1 global-functions: $FlushEmailQueue: use $0 for scheduler name 2022-09-15 22:25:59 +02:00
Christian Hesse
f245751339 global-functions: $FlushEmailQueue: do not flush with resolver issues
Flushing the mail queue with resolver issues can flood the log with
messages like:

e-mail;error Error sending e-mail <=?utf-8?Q?[MikroTik] =F0=9F=92=BE=E2=98=81 Cloud backup?=>: DNS resolve failed

Try to avoid this...
2022-09-15 22:03:19 +02:00
Christian Hesse
220dd8f892 netwatch-dns: support downloading / importing certificate 2022-09-13 20:28:52 +02:00
Christian Hesse
3988c70290 doc/netwatch-dns: fix example command...
This broke with:

 * doc/netwatch-dns: giving hostname in comment is not required
   9853943a36
2022-09-13 15:18:28 +02:00
Christian Hesse
e927c6b08b global-functions: $GetMacVendor: switched to Let's Encrypt (R3)
So let's check for the correct one, and drop the other.
2022-09-13 15:18:28 +02:00
Christian Hesse
a1af9577ca global-functions: $ScriptInstallUpdate: prepare for future certificate chain 2022-09-09 14:02:02 +02:00
Christian Hesse
e228c73984 Merge branch 'netwatch-notify' into next 2022-09-08 09:27:17 +02:00
Christian Hesse
5aff4019fe netwatch-notify: do not (yet) notify if parent is up recently
Monitoring a VPN (or similar) may be tricky: This used to send notifications
if the physical connection recovered, but the VPN and/or its routing did not
yet. Let's work around and send notification only if the parent is up
for at least three checks.
2022-09-07 22:20:52 +02:00