routeros-scripts/initial-commands
Christian Hesse 870f00bb36 global: variable names are CamelCase
___  _         ___     __
           / _ )(_)__ _   / _/__ _/ /_
          / _  / / _ `/  / _/ _ `/ __/
         /____/_/\_, /  /_/ \_,_/\__/
 _       __     /___/       _             __
| |     / /___ __________  (_)___  ____ _/ /
| | /| / / __ `/ ___/ __ \/ / __ \/ __ `/ /
| |/ |/ / /_/ / /  / / / / / / / / /_/ /_/
|__/|__/\__,_/_/  /_/ /_/_/_/ /_/\__, (_)
                                /____/

RouterOS has some odd behavior when it comes to variable names. Let's
have a look at the interfaces:

[admin@MikroTik] > / interface print where name=en1
Flags: D - dynamic, X - disabled, R - running, S - slave
 #     NAME                                TYPE       ACTUAL-MTU L2MTU
 0  RS en1                                 ether            1500  1598

That looks ok. Now we use a script:

{ :local interface "en1";
  / interface print where name=$interface; }

And the result...

[admin@MikroTik] > { :local interface "en1";
{...   / interface print where name=$interface; }
Flags: D - dynamic, X - disabled, R - running, S - slave
 #     NAME                                TYPE       ACTUAL-MTU L2MTU
 0  RS en1                                 ether            1500  1598

... still looks ok.
We make a little modification to the script:

{ :local name "en1";
  / interface print where name=$name; }

And the result:

[admin@MikroTik] > { :local name "en1";
{...   / interface print where name=$name; }
Flags: D - dynamic, X - disabled, R - running, S - slave
 #     NAME                                TYPE       ACTUAL-MTU L2MTU
 0  RS en1                                 ether            1500  1598
 1   S en2                                 ether            1500  1598
 2   S en3                                 ether            1500  1598
 3   S en4                                 ether            1500  1598
 4   S en5                                 ether            1500  1598
 5  R  br-local                            bridge           1500  1598

Ups! The filter has no effect!
That happens whenever the variable name ($name) matches the property
name (name=).

And another modification:

{ :local type "en1";
  / interface print where name=$type; }

And the result:

[admin@MikroTik] > { :local type "en1";
{...   / interface print where name=$type; }
Flags: D - dynamic, X - disabled, R - running, S - slave
 #     NAME                                TYPE       ACTUAL-MTU L2MTU

Ups! Nothing?
Even if the variable name ($type) matches whatever property name (type=)
things go wrong.

The answer from MikroTik support (in Ticket#2019010222000454):

> This is how scripting works in RouterOS and we will not fix it.

To get around this we use variable names in CamelCase. Let's hope
Mikrotik never ever introduces property names in CamelCase...

*fingers crossed*
2019-01-04 12:35:34 +01:00

22 lines
1.6 KiB
Text

#!rsc
# RouterOS script: initial-commands
# Copyright (c) 2018-2019 Christian Hesse <mail@eworm.de>
{
/ tool fetch "https://git.eworm.de/cgit.cgi/routeros-scripts/plain/certs/letsencrypt.pem" dst-path="letsencrypt.pem";
:delay 1s;
/ certificate import file-name=letsencrypt.pem passphrase="";
/ certificate set name="ISRG-Root-X1" [ find where fingerprint="96bcec06264976f37460779acf28c5a7cfe8a3c0aae11a8ffcee05c0bddf08c6" ];
/ certificate set name="Let-s-Encrypt-Authority-X3" [ find where fingerprint="731d3d9cfaa061487a1d71445a42f67df0afca2a6c2d2f98ff7b3ce112b1f568" ];
/ certificate set name="DST-Root-CA-X3" [ find where fingerprint="0687260331a72403d909f105e69bcf0d32e1bd2493ffc6d9206d11bcd6770739" ];
:if ([ / certificate print count-only where fingerprint="96bcec06264976f37460779acf28c5a7cfe8a3c0aae11a8ffcee05c0bddf08c6" or fingerprint="731d3d9cfaa061487a1d71445a42f67df0afca2a6c2d2f98ff7b3ce112b1f568" or fingerprint="0687260331a72403d909f105e69bcf0d32e1bd2493ffc6d9206d11bcd6770739" ] != 3) do={
:error "Anything is wrong with your certificates!";
}
:foreach Script in={ "global-config"; "global-functions"; "script-updates" } do={
/ system script add name=$Script source=([ / tool fetch check-certificate=yes-without-crl ("https://git.eworm.de/cgit.cgi/routeros-scripts/plain/" . $Script) output=user as-value]->"data");
}
/ system script run global-config;
/ system script run global-functions;
/ system scheduler add name=global-config start-time=startup on-event=global-config;
/ system scheduler add name=global-functions start-time=startup on-event=global-functions;
}