Christian Hesse
a2749b2760
check-certificates: use prepared user-agent string with fetch
2024-01-19 13:23:52 +01:00
Christian Hesse
0ad1a79d67
netwatch-dns: be move verbose on time to settle
2024-01-18 21:07:52 +01:00
Christian Hesse
8a0a4c355b
global-functions: log successful loading
2024-01-18 12:53:17 +01:00
Christian Hesse
bb0c82adb3
sms-forward: log warning just once
2024-01-18 10:19:22 +01:00
Christian Hesse
a7619a5119
global-functions: $LogPrintOnce: support exit
2024-01-18 10:19:22 +01:00
Christian Hesse
306269f919
doc/hotspot-to-wpa: reference as WPA only...
...
... as this works with WPA3 as well. 😜
2024-01-18 10:05:29 +01:00
Christian Hesse
abd1edcdc3
doc/hotspot-to-wpa: fix property name
2024-01-17 14:55:42 +01:00
Christian Hesse
29623a46ea
global-functions: $HexToNum: use :tonum
2024-01-16 22:24:50 +01:00
Christian Hesse
be4221264c
INITIAL-COMMANDS: set script owner on initial creation
2024-01-16 22:01:04 +01:00
Christian Hesse
60bd9d1abc
README: set script owner on initial creation
2024-01-16 22:00:13 +01:00
Christian Hesse
5fd8c8a760
netwatch-dns: check DoH server with fetch
...
This way we do not have to configure possibly non-functional servers to
check. The query is for doh-check.eworm.de of type TXT, the expected
answer is 'doh-check-OK'.
% dig TXT doh-check.eworm.de +https @1.1.1.1
; <<>> DiG 9.18.21 <<>> TXT doh-check.eworm.de +https @1.1.1.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 42226
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;doh-check.eworm.de. IN TXT
;; ANSWER SECTION:
doh-check.eworm.de. 63791 IN TXT "doh-check-OK"
;; Query time: 16 msec
;; SERVER: 1.1.1.1#443(1.1.1.1) (HTTPS)
;; WHEN: Mon Jan 15 13:55:36 CET 2024
;; MSG SIZE rcvd: 72
2024-01-15 14:07:38 +01:00
Christian Hesse
85aeeadcee
netwatch-dns: check DoH server functionality...
...
... and try all servers one after another.
2024-01-11 15:33:03 +01:00
Christian Hesse
80db12a3e9
netwatch-dns: enable DoH certificate verification...
...
... if a certificate is named in configuration.
2024-01-11 09:22:32 +01:00
Christian Hesse
44a8195c37
doc/netwatch-dns: use new certificate for Cloudflare
2024-01-09 23:01:22 +01:00
Christian Hesse
d6645e8157
certs: add new DigiCert certificates...
...
... used by Cloudflare.
2024-01-09 23:00:13 +01:00
Christian Hesse
4249ad61df
global-functions: $CertificateDownload: move delay up
...
We still had cases where fetch misbehaves... But this was permanent.
Perhaps we should not touch the certificate too early...
2024-01-08 00:29:18 +01:00
Christian Hesse
8c458592f5
check-lte-firmware-upgrade: unbreak terminal detectiono
...
This broke with commit 50d7e1fa41b8f8a6a1379de5521798346fd1ae9f... 🫣
2024-01-07 23:13:54 +01:00
Christian Hesse
0760ea9121
check-lte-firmware-upgrade: fail on empty version string
2024-01-05 17:05:34 +01:00
Christian Hesse
9a73fc526f
update copyright for 2024
2024-01-01 15:25:25 +01:00
Christian Hesse
777c388b43
global-functions: $GetMacVendor: get new certificate
...
The service now uses: GTS CA 1P5 -> GTS Root R1
2023-12-22 14:47:54 +01:00
Christian Hesse
1c26d08267
mod/ssh-keys-import: unbreak import from file
...
Looks like this broke in c3045f3723
where
a non-existent variable name was used.
2023-12-21 11:34:55 +01:00
Christian Hesse
0377064f65
capsman-download-packages: avaiable packages only...
...
... as things became more complicated with 'wifi-qcom*'.
2023-12-20 12:29:24 +01:00
Christian Hesse
5aaa24b507
capsman-download-packages: use default set for legacy capsman...
...
... as well - now that 'wireless' package has been split from 'routeros'
guessing kind of broke. It required several attempts and intermittent
errors in logs to get things right.
2023-12-20 12:11:12 +01:00
Christian Hesse
5fdc8d9e65
doc/mode-button: document required type of led
2023-12-14 08:54:04 +01:00
Christian Hesse
f9528f0ac5
fw-addr-lists: warn on possible truncation
...
... as fetch truncates data at about 64kB, reported in SUP-132297.
2023-12-13 15:57:28 +01:00
Christian Hesse
db5ff00b5a
doc/capsman-download-packages: mention package-path
2023-12-05 11:01:14 +01:00
Christian Hesse
69af869572
mention the donation hint...
2023-12-05 00:11:19 +01:00
Christian Hesse
52b8e67309
celebrating ✨ ⭐ 1.000 stars ⭐ ✨ on Github!
2023-12-05 00:11:19 +01:00
Christian Hesse
d3611cebbd
mod/notification-email: $NotificationFunctions->"email": support hook for signature
...
You can compose your own signature by creating a function:
:global NotificationEMailSignature do={
:global EitherOr;
:local RouterBoard [ /system/routerboard/get ];
:return ( \
[ $EitherOr ($RouterBoard->"board-name") ($RouterBoard->"model") ] . " s/n " . $RouterBoard->"serial-number" . " | " . \
"RouterOS " . [ /system/package/update/get installed-version ] . " | " . \
"IP " . [ /ip/cloud/get public-address ]);
}
2023-12-05 00:11:19 +01:00
Christian Hesse
9fb596135e
check-certificates: properly renew from template
2023-12-05 00:11:19 +01:00
Christian Hesse
a12ccba29e
check-certificates: improve wording
2023-12-05 00:11:19 +01:00
Christian Hesse
8de6995c4b
check-certificates: add workaround for broken certificates...
...
... where the issuer array is borked. Or is this a RouterOS issue?
[eworm@carpo] > $InspectVar [ $ParseKeyValueStore [ /certificate/get ISRG-Root-X2 issuer ] ]
-type-> array
-key-> C
-type-> str
-value-> US,O=Internet Security Research Group,CN=ISRG Root X2
A good certificate looks like this:
[eworm@carpo] > $InspectVar [ $ParseKeyValueStore [ /certificate/get [ find where name~"eworm.net" ] issuer ] ]
-type-> array
-key-> C
-type-> str
-value-> US
-key-> CN
-type-> str
-value-> E1
-key-> O
-type-> str
-value-> Let's Encrypt
2023-12-04 13:05:46 +01:00
Christian Hesse
a08df7bdec
check-certificates: prevent infinte loop
2023-12-04 13:05:46 +01:00
Christian Hesse
3df99b0ee0
check-certificates: give full certificate chain
2023-12-04 13:05:46 +01:00
Christian Hesse
94607496ae
check-certificates: fix typo and syntax
2023-12-04 12:15:10 +01:00
Christian Hesse
e4b10d4b76
mod/notification-email: $QuotedPrintable: also encode question mark
...
Following the RFC it is not required, but looks like Thunderbird has an
issue here...
https://datatracker.ietf.org/doc/html/rfc2045#section-6.7
2023-12-04 12:08:47 +01:00
Christian Hesse
84368ec6eb
mod/notification-email: $QuotedPrintable: minor rework
...
We have to encode all characters from 0x00 to 0x1f as well...
Also the equal sign is nothing special here, just adding to list.
2023-12-04 12:08:47 +01:00
Christian Hesse
1bb2871e0b
global-functions: $FormatLine: use $CharacterMultiply
2023-12-04 12:08:47 +01:00
Christian Hesse
5e2e65b252
global-functions: $AlignRight: use $CharacterMultiply
2023-12-04 12:08:47 +01:00
Christian Hesse
8f24b4c490
global-functions: introduce $CharacterMultiply
2023-12-04 11:22:36 +01:00
Christian Hesse
15e347303b
global-functions: $DeviceInfo: add SNMP location and contact
2023-12-04 09:33:24 +01:00
Christian Hesse
aba4770395
fw-addr-lists: support timeout per list
...
This works with something like this:
:global FwAddrLists {
"allow"={
{ url="https://eworm.de/ros/fw-addr-lists/allow ";
cert="E1"; timeout=1w };
};
...
}
All urls for one named list should have the same timeout! With different
timeout values and identical addresses the behavior is besically undefined,
depending on order.
2023-11-30 13:51:57 +01:00
Christian Hesse
c6bf722e49
global-functions: introduce $MIN
2023-11-30 13:51:57 +01:00
Christian Hesse
495eff48de
global-functions: introduce $MAX
2023-11-30 13:51:57 +01:00
Christian Hesse
080bef89a9
global-functions: $SymbolByUnicodeName: rename up-arrow -> arrow-up
...
... so arrows are grouped in case we add more.
2023-11-30 13:51:57 +01:00
Christian Hesse
4e1d54d733
global-functions: $SymbolForNotification: properly append space to alt text
2023-11-30 13:51:57 +01:00
Christian Hesse
81a86ee043
netwatch-dns: get doh host name from static dns
2023-11-27 18:21:47 +01:00
Christian Hesse
1cc0e3429b
global-functions: introduce $AlignRight
2023-11-23 14:41:46 +01:00
Christian Hesse
cae5f425a6
telegram-chat: get rid of '.txt' file extension
2023-11-22 21:20:44 +01:00
Christian Hesse
d1abbede75
backup-email: get rid of '.txt' file extension
2023-11-22 21:18:39 +01:00