mirror of
https://github.com/eworm-de/routeros-scripts
synced 2024-05-14 08:04:19 +00:00
870f00bb36
___ _ ___ __ / _ )(_)__ _ / _/__ _/ /_ / _ / / _ `/ / _/ _ `/ __/ /____/_/\_, / /_/ \_,_/\__/ _ __ /___/ _ __ | | / /___ __________ (_)___ ____ _/ / | | /| / / __ `/ ___/ __ \/ / __ \/ __ `/ / | |/ |/ / /_/ / / / / / / / / / / /_/ /_/ |__/|__/\__,_/_/ /_/ /_/_/_/ /_/\__, (_) /____/ RouterOS has some odd behavior when it comes to variable names. Let's have a look at the interfaces: [admin@MikroTik] > / interface print where name=en1 Flags: D - dynamic, X - disabled, R - running, S - slave # NAME TYPE ACTUAL-MTU L2MTU 0 RS en1 ether 1500 1598 That looks ok. Now we use a script: { :local interface "en1"; / interface print where name=$interface; } And the result... [admin@MikroTik] > { :local interface "en1"; {... / interface print where name=$interface; } Flags: D - dynamic, X - disabled, R - running, S - slave # NAME TYPE ACTUAL-MTU L2MTU 0 RS en1 ether 1500 1598 ... still looks ok. We make a little modification to the script: { :local name "en1"; / interface print where name=$name; } And the result: [admin@MikroTik] > { :local name "en1"; {... / interface print where name=$name; } Flags: D - dynamic, X - disabled, R - running, S - slave # NAME TYPE ACTUAL-MTU L2MTU 0 RS en1 ether 1500 1598 1 S en2 ether 1500 1598 2 S en3 ether 1500 1598 3 S en4 ether 1500 1598 4 S en5 ether 1500 1598 5 R br-local bridge 1500 1598 Ups! The filter has no effect! That happens whenever the variable name ($name) matches the property name (name=). And another modification: { :local type "en1"; / interface print where name=$type; } And the result: [admin@MikroTik] > { :local type "en1"; {... / interface print where name=$type; } Flags: D - dynamic, X - disabled, R - running, S - slave # NAME TYPE ACTUAL-MTU L2MTU Ups! Nothing? Even if the variable name ($type) matches whatever property name (type=) things go wrong. The answer from MikroTik support (in Ticket#2019010222000454): > This is how scripting works in RouterOS and we will not fix it. To get around this we use variable names in CamelCase. Let's hope Mikrotik never ever introduces property names in CamelCase... *fingers crossed*
144 lines
4.1 KiB
Text
144 lines
4.1 KiB
Text
#!rsc
|
|
# RouterOS script: global-functions
|
|
# Copyright (c) 2013-2019 Christian Hesse <mail@eworm.de>
|
|
#
|
|
# global functions
|
|
|
|
# expected configuration version
|
|
:global ExpectedConfigVersion 2;
|
|
|
|
# global variables not to be changed by user
|
|
:global SentRouterosUpdateNotification "-";
|
|
:global SentLteFirmwareUpgradeNotification "-";
|
|
:global Identity [ / system identity get name ];
|
|
|
|
# read input from user
|
|
:global Read do={
|
|
:return;
|
|
}
|
|
|
|
# url encoding
|
|
:global UrlEncode do={
|
|
:local Input [ :tostr $1 ];
|
|
:local Return "";
|
|
|
|
:if ([ :len $Input ] > 0) do={
|
|
:local Chars " %&";
|
|
:local Subs { "%20"; "%25"; "%26" };
|
|
|
|
:for I from=0 to=([ :len $Input ] - 1) do={
|
|
:local Char [ :pick $Input $I ];
|
|
:local Replace [ :find $Chars $Char ];
|
|
|
|
:if ([ :len $Replace ] > 0) do={
|
|
:set Char ($Subs->$Replace);
|
|
}
|
|
:set Return ($Return . $Char);
|
|
}
|
|
}
|
|
|
|
:return $Return;
|
|
}
|
|
|
|
# check and import required certificates
|
|
:global CertificateAvailable do={
|
|
:local CommonName [ :tostr $1 ];
|
|
:local FileName ([ :tostr $2 ] . ".pem");
|
|
|
|
:global ScriptUpdatesBaseUrl;
|
|
:global ScriptUpdatesUrlSuffix;
|
|
|
|
:if ([ / certificate print count-only where common-name=$CommonName ] = 0) do={
|
|
:log info ("Certificate with CommonName " . $CommonName . \
|
|
" not available, downloading and importing.");
|
|
:do {
|
|
/ tool fetch check-certificate=yes-without-crl \
|
|
($ScriptUpdatesBaseUrl . "certs/" . \
|
|
$FileName . $ScriptUpdatesUrlSuffix) \
|
|
dst-path=$FileName;
|
|
/ certificate import file-name=$FileName passphrase="";
|
|
} on-error={
|
|
:log warning "Failed imprting certificate!";
|
|
}
|
|
}
|
|
}
|
|
|
|
# send notification via e-mail and telegram
|
|
# Note that attachment is ignored for telegram!
|
|
:global SendNotification do={
|
|
:local Subject [ :tostr $1 ];
|
|
:local Message [ :tostr $2 ];
|
|
:local Attach [ :tostr $3 ];
|
|
|
|
:global Identity;
|
|
:global EmailGeneralTo;
|
|
:global EmailGeneralCc;
|
|
:global TelegramTokenId;
|
|
:global TelegramChatId;
|
|
|
|
:global UrlEncode;
|
|
:global CertificateAvailable;
|
|
|
|
:if ([ :len $EmailGeneralTo ] > 0) do={
|
|
:do {
|
|
/ tool e-mail send to=$EmailGeneralTo cc=$EmailGeneralCc \
|
|
subject=("[" . $Identity . "] " . $Subject) body=$Message file=$Attach;
|
|
} on-error={
|
|
:log warning "Failed sending notification mail!";
|
|
}
|
|
}
|
|
|
|
:if ([ :len $TelegramTokenId ] > 0 && [ :len $TelegramChatId ] > 0) do={
|
|
$CertificateAvailable "Go Daddy Secure Certificate Authority - G2" "godaddy";
|
|
:do {
|
|
/ tool fetch check-certificate=yes-without-crl keep-result=no http-method=post \
|
|
("https://api.telegram.org/bot" . $TelegramTokenId . "/sendMessage") \
|
|
http-data=("chat_id=" . $TelegramChatId . "&text=" . \
|
|
[ $UrlEncode ("[" . $Identity . "] " . $Subject . "\n\n" . $Message) ]);
|
|
} on-error={
|
|
:log warning "Failed sending telegram notification!";
|
|
}
|
|
}
|
|
}
|
|
|
|
# get MAC vendor
|
|
:global GetMacVendor do={
|
|
:local Mac [ :tostr $1 ];
|
|
|
|
:global CertificateAvailable;
|
|
|
|
:do {
|
|
:local Vendor;
|
|
$CertificateAvailable "Let's Encrypt Authority X3" "letsencrypt";
|
|
:set Vendor ([ / tool fetch mode=https check-certificate=yes-without-crl \
|
|
("https://api.macvendors.com/" . [ :pick $Mac 0 8 ]) output=user as-value ]->"data");
|
|
:return $Vendor;
|
|
} on-error={
|
|
:return "unknown vendor";
|
|
}
|
|
}
|
|
|
|
# download package from upgrade server
|
|
:global DownloadPackage do={
|
|
:local PkgName [ :tostr $1 ];
|
|
:local PkgVer [ :tostr $2 ];
|
|
:local PkgArch [ :tostr $3 ];
|
|
:local PkgDest [ :tostr $4 ];
|
|
|
|
:global CertificateAvailable;
|
|
|
|
:if ([ :len $PkgName ] = 0) do={ return false; }
|
|
:if ([ :len $PkgVer ] = 0) do={ :set PkgVer [ / system package update get installed-version ]; }
|
|
:if ([ :len $PkgArch ] = 0) do={ :set PkgArch [ / system resource get architecture-name ]; }
|
|
|
|
$CertificateAvailable "Let's Encrypt Authority X3" "letsencrypt";
|
|
do {
|
|
:local PkgFile ($PkgName . "-" . $PkgVer . "-" . $PkgArch . ".npk");
|
|
/ tool fetch mode=https check-certificate=yes-without-crl \
|
|
("https://upgrade.mikrotik.com/routeros/" . $PkgVer . "/" . $PkgFile) \
|
|
dst-path=($PkgDest . "/" . $PkgFile);
|
|
:return true;
|
|
} on-error={
|
|
:return false;
|
|
}
|
|
}
|