diff options
author | Christian Hesse <mail@eworm.de> | 2022-10-09 19:45:18 +0200 |
---|---|---|
committer | Christian Hesse <mail@eworm.de> | 2022-10-09 23:56:53 +0200 |
commit | e7995fa06b023918fa40de10d4a299ee4a89b2f0 (patch) | |
tree | e72eccfda13e37737c15621f619bc1fe7eaa6d9d | |
parent | c95cbdbc1e849f8044b00f85f9a29e064af1ccd1 (diff) |
update-tunnelbroker: get public address from website
This is a good condidate:
https://showipv6.de/
We can drop the cloud code, which seems to be unreliable in somd
situations.
-rw-r--r-- | doc/update-tunnelbroker.md | 4 | ||||
-rw-r--r-- | update-tunnelbroker | 23 |
2 files changed, 13 insertions, 14 deletions
diff --git a/doc/update-tunnelbroker.md b/doc/update-tunnelbroker.md index 4da4fa8..3338e2b 100644 --- a/doc/update-tunnelbroker.md +++ b/doc/update-tunnelbroker.md @@ -33,10 +33,6 @@ The configuration goes to interface's comment: You should know you user name from login. The `id` is the tunnel's numeric id, `pass` is the *update key* found on the tunnel's advanced tab. -Also enabling dynamic DNS in Mikrotik cloud is required: - - /ip/cloud/set ddns-enabled=yes; - See also -------- diff --git a/update-tunnelbroker b/update-tunnelbroker index eecd02b..8562d58 100644 --- a/update-tunnelbroker +++ b/update-tunnelbroker @@ -17,16 +17,22 @@ :global LogPrintExit2; :global ParseKeyValueStore; -:if ([ /ip/cloud/get ddns-enabled ] != true) do={ - $LogPrintExit2 error $0 ("IP cloud DDNS is not enabled.") true; +:if ([ $CertificateAvailable "Starfield Secure Certificate Authority - G2" ] = false || \ + [ $CertificateAvailable "R3" ] = false) do={ + $LogPrintExit2 error $0 ("Downloading required certificate failed.") true; } -# Get the current ip address from cloud -/ip/cloud/force-update; -:while ([ /ip/cloud/get status ] != "updated") do={ - :delay 1s; +:local PublicAddress; +:do { + :set PublicAddress ([ /tool/fetch check-certificate=yes-without-crl \ + "https://ipv4.showipv6.de/short" output=user as-value ]->"data"); +} on-error={ + $LogPrintExit2 error $0 ("Failed getting public address.") true; +} + +:if ([ :len [ /ip/address find where address~("^" . $PublicAddress . "/") ] ] < 1) do={ + $LogPrintExit2 warning $0 ("The address " . $PublicAddress . " is not configured on your device. NAT by ISP?") false; } -:local PublicAddress [ /ip/cloud/get public-address ]; :foreach Interface in=[ /interface/6to4/find where comment~"^tunnelbroker" !disabled ] do={ :local InterfaceVal [ /interface/6to4/get $Interface ]; @@ -36,9 +42,6 @@ :local Success false; :local Comment [ $ParseKeyValueStore ($InterfaceVal->"comment") ]; - :if ([ $CertificateAvailable "Starfield Secure Certificate Authority - G2" ] = false) do={ - $LogPrintExit2 error $0 ("Downloading required certificate failed.") true; - } $LogPrintExit2 info $0 ("Local address changed, sending UPDATE to tunnelbroker! New address: " . $PublicAddress) false; :while ($I < 3 && $Success = false) do={ :do { |