mirror of
https://github.com/eworm-de/routeros-scripts
synced 2024-05-14 08:04:19 +00:00
117 lines
3.5 KiB
Text
117 lines
3.5 KiB
Text
#!rsc
|
|
# RouterOS script: daily-psk
|
|
# Copyright (c) 2013-2018 Christian Hesse <mail@eworm.de>
|
|
#
|
|
# update daily PSK (pre shared key)
|
|
|
|
:global "identity";
|
|
:global "email-general-to";
|
|
:global "email-general-cc";
|
|
:global "daily-psk-match-comment";
|
|
|
|
:global SendNotification;
|
|
|
|
:local seen [ :toarray "" ];
|
|
|
|
# return pseudo-random string for PSK
|
|
:local GeneratePSK do={
|
|
:local date $1;
|
|
|
|
:global "daily-psk-secrets";
|
|
|
|
:local months {
|
|
"jan"; "feb"; "mar"; "apr"; "may"; "jun";
|
|
"jul"; "aug"; "sep"; "oct"; "nov"; "dec"
|
|
}
|
|
:local monthtbl {
|
|
0; 3; 3; 6; 1; 4; 6; 2; 5; 0; 3; 5
|
|
}
|
|
|
|
:local monthstr [ :pick $date 0 3 ];
|
|
:local month;
|
|
:local day [ :pick $date 4 6 ];
|
|
:local century [ :pick $date 7 9 ];
|
|
:local year [ :pick $date 9 11 ];
|
|
|
|
# get numeric value for month
|
|
:for mindex from=0 to=[ :len $months ] do={
|
|
:if ([ :pick $months $mindex ] = $monthstr) do={
|
|
:set month $mindex;
|
|
}
|
|
}
|
|
|
|
# calculate day of week
|
|
:local sum 0;
|
|
:set sum ($sum + (2 * (3 - ($century - (($century / 4) * 4)))));
|
|
:set sum ($sum + ($year / 4));
|
|
:set sum ($sum + $year + $day);
|
|
:set sum ($sum + $month);
|
|
:set sum ($sum - (($sum / 7) * 7));
|
|
|
|
:local return ([ :pick [ :pick $"daily-psk-secrets" 0 ] ($day - 1) ] . \
|
|
[ :pick [ :pick $"daily-psk-secrets" 1 ] $month ] . \
|
|
[ :pick [ :pick $"daily-psk-secrets" 2 ] $sum ]);
|
|
|
|
:return $return;
|
|
}
|
|
|
|
# check mail server
|
|
:if ([ / tool netwatch get [ find where comment=[ / tool e-mail get address ] ] status ] != "up" ) do={
|
|
:error "Mail server is not up.";
|
|
}
|
|
|
|
# check time
|
|
:if ([ / system ntp client get status ] != "synchronized") do={
|
|
:error "Time is not yet synchronized from ntp.";
|
|
}
|
|
|
|
:local date [ / system clock get date ];
|
|
:local newpsk [ $GeneratePSK $date ];
|
|
|
|
:foreach acclist in=[ / interface wireless access-list find where comment~$"daily-psk-match-comment" ] do={
|
|
:local intname [ / interface wireless access-list get $acclist interface ];
|
|
:local interface [ / interface wireless find where name=$intname disabled=no ];
|
|
:local ssid [ / interface wireless get $intname ssid ];
|
|
:local oldpsk [ / interface wireless access-list get $acclist private-pre-shared-key ];
|
|
:local skip 0;
|
|
|
|
:if ($newpsk != $oldpsk) do={
|
|
:log info ("Updating daily PSK for " . $intname . " to " . $newpsk . " (was " . $oldpsk . ")");
|
|
/ interface wireless access-list set $acclist private-pre-shared-key=$newpsk;
|
|
|
|
:if ([ :len $interface ] = 1) do={
|
|
:foreach "seen-ssid" in=$seen do={
|
|
:if ($"seen-ssid" = $ssid) do={
|
|
:log debug ("Already sent a mail for SSID " . $ssid . ", skipping.");
|
|
:set skip 1;
|
|
}
|
|
}
|
|
|
|
:if ($skip = 0) do={
|
|
:set $seen ( $seen, $ssid );
|
|
|
|
:local host "www.eworm.de"
|
|
:local srcpath ("/cgi-bin/cqrlogo-wifi.cgi" . \
|
|
"?scale=8" . \
|
|
"&level=1" . \
|
|
"&ssid=" . $ssid . \
|
|
"&pass=" . $newpsk);
|
|
|
|
/ tool fetch mode=https check-certificate=yes-without-crl address=$host host=$host \
|
|
src-path=$srcpath dst-path=qrcode-daily.png;
|
|
|
|
$SendNotification ("[" . $identity . "] daily PSK " . $ssid) \
|
|
("This is the daily PSK on " . $identity . ":\n\n" . \
|
|
"SSID: " . $ssid . "\n" . \
|
|
"PSK: " . $newpsk . "\n" . \
|
|
"Date: " . [ / system clock get date ] . "\n\n" . \
|
|
"https://" . $host . $srcpath) \
|
|
"qrcode-daily.png";
|
|
}
|
|
} else={
|
|
:log debug ("Missing active interface " . $intname . " for access list entry.");
|
|
}
|
|
}
|
|
}
|
|
|
|
/ system scheduler set disabled=yes [ find where name=daily-psk disabled=no ];
|