diff options
author | Christian Hesse <mail@eworm.de> | 2019-01-03 17:45:43 +0100 |
---|---|---|
committer | Christian Hesse <mail@eworm.de> | 2019-01-04 12:35:34 +0100 |
commit | 870f00bb36f5af3088344371764da48bbde9651a (patch) | |
tree | 4e41839d17515cf05cb563fbb4dee92970889941 | |
parent | 7d06a7e8c2b66a12db65130bddb3578b3f04468f (diff) |
global: variable names are CamelCase
___ _ ___ __
/ _ )(_)__ _ / _/__ _/ /_
/ _ / / _ `/ / _/ _ `/ __/
/____/_/\_, / /_/ \_,_/\__/
_ __ /___/ _ __
| | / /___ __________ (_)___ ____ _/ /
| | /| / / __ `/ ___/ __ \/ / __ \/ __ `/ /
| |/ |/ / /_/ / / / / / / / / / / /_/ /_/
|__/|__/\__,_/_/ /_/ /_/_/_/ /_/\__, (_)
/____/
RouterOS has some odd behavior when it comes to variable names. Let's
have a look at the interfaces:
[admin@MikroTik] > / interface print where name=en1
Flags: D - dynamic, X - disabled, R - running, S - slave
# NAME TYPE ACTUAL-MTU L2MTU
0 RS en1 ether 1500 1598
That looks ok. Now we use a script:
{ :local interface "en1";
/ interface print where name=$interface; }
And the result...
[admin@MikroTik] > { :local interface "en1";
{... / interface print where name=$interface; }
Flags: D - dynamic, X - disabled, R - running, S - slave
# NAME TYPE ACTUAL-MTU L2MTU
0 RS en1 ether 1500 1598
... still looks ok.
We make a little modification to the script:
{ :local name "en1";
/ interface print where name=$name; }
And the result:
[admin@MikroTik] > { :local name "en1";
{... / interface print where name=$name; }
Flags: D - dynamic, X - disabled, R - running, S - slave
# NAME TYPE ACTUAL-MTU L2MTU
0 RS en1 ether 1500 1598
1 S en2 ether 1500 1598
2 S en3 ether 1500 1598
3 S en4 ether 1500 1598
4 S en5 ether 1500 1598
5 R br-local bridge 1500 1598
Ups! The filter has no effect!
That happens whenever the variable name ($name) matches the property
name (name=).
And another modification:
{ :local type "en1";
/ interface print where name=$type; }
And the result:
[admin@MikroTik] > { :local type "en1";
{... / interface print where name=$type; }
Flags: D - dynamic, X - disabled, R - running, S - slave
# NAME TYPE ACTUAL-MTU L2MTU
Ups! Nothing?
Even if the variable name ($type) matches whatever property name (type=)
things go wrong.
The answer from MikroTik support (in Ticket#2019010222000454):
> This is how scripting works in RouterOS and we will not fix it.
To get around this we use variable names in CamelCase. Let's hope
Mikrotik never ever introduces property names in CamelCase...
*fingers crossed*
41 files changed, 775 insertions, 782 deletions
@@ -78,7 +78,7 @@ crap and a good example how to *not* do it. Now let's download the main scripts and add them in configuration on the fly. - [admin@MikroTik] > :foreach script in={ "global-config"; "global-functions"; "script-updates" } do={ / system script add name=$script source=([ / tool fetch check-certificate=yes-without-crl ("https://git.eworm.de/cgit.cgi/routeros-scripts/plain/" . $script) output=user as-value]->"data"); } + [admin@MikroTik] > :foreach Script in={ "global-config"; "global-functions"; "script-updates" } do={ / system script add name=$Script source=([ / tool fetch check-certificate=yes-without-crl ("https://git.eworm.de/cgit.cgi/routeros-scripts/plain/" . $Script) output=user as-value]->"data"); } The configuration needs to be tweaked for your needs. Make sure not to send your mails to `mail@example.com`! diff --git a/accesslist-duplicates.capsman b/accesslist-duplicates.capsman index 58d8d2c..b0df339 100644 --- a/accesslist-duplicates.capsman +++ b/accesslist-duplicates.capsman @@ -6,31 +6,31 @@ # # !! Do not edit this file, it is generated from template! -:local seen [ :toarray "" ]; -:local shown [ :toarray "" ]; - :global Read; -:foreach acclist in=[ / caps-man access-list find where mac-address!="00:00:00:00:00:00" ] do={ - :local mac [ / caps-man access-list get $acclist mac-address ]; - :foreach "seen-mac" in=$seen do={ - :if ($"seen-mac" = $mac) do={ - :local skip 0; - :foreach "shown-mac" in=$shown do={ - :if ($"shown-mac" = $mac) do={ :set skip 1; } +:local Seen [ :toarray "" ]; +:local Shown [ :toarray "" ]; + +:foreach AccList in=[ / caps-man access-list find where mac-address!="00:00:00:00:00:00" ] do={ + :local Mac [ / caps-man access-list get $AccList mac-address ]; + :foreach SeenMac in=$Seen do={ + :if ($SeenMac = $Mac) do={ + :local Skip 0; + :foreach ShownMac in=$Shown do={ + :if ($ShownMac = $Mac) do={ :set Skip 1; } } - :if ($skip = 0) do={ - / caps-man access-list print where mac-address=$mac; - :set shown ( $shown , $mac ); + :if ($Skip = 0) do={ + / caps-man access-list print where mac-address=$Mac; + :set Shown ($Shown, $Mac); :put "\nEnter to skip, numeric id to remove!"; - :local remove [ $Read ]; - :if ($remove != "") do={ - :put ("Removing numeric id " . $remove . "...\n"); - / caps-man access-list remove $remove; + :local Remove [ $Read ]; + :if ($Remove != "") do={ + :put ("Removing numeric id " . $Remove . "...\n"); + / caps-man access-list remove $Remove; } } } } - :set seen ( $seen , $mac ); + :set Seen ($Seen, $Mac); } diff --git a/accesslist-duplicates.local b/accesslist-duplicates.local index 98b41f8..552a04a 100644 --- a/accesslist-duplicates.local +++ b/accesslist-duplicates.local @@ -6,31 +6,31 @@ # # !! Do not edit this file, it is generated from template! -:local seen [ :toarray "" ]; -:local shown [ :toarray "" ]; - :global Read; -:foreach acclist in=[ / interface wireless access-list find where mac-address!="00:00:00:00:00:00" ] do={ - :local mac [ / interface wireless access-list get $acclist mac-address ]; - :foreach "seen-mac" in=$seen do={ - :if ($"seen-mac" = $mac) do={ - :local skip 0; - :foreach "shown-mac" in=$shown do={ - :if ($"shown-mac" = $mac) do={ :set skip 1; } +:local Seen [ :toarray "" ]; +:local Shown [ :toarray "" ]; + +:foreach AccList in=[ / interface wireless access-list find where mac-address!="00:00:00:00:00:00" ] do={ + :local Mac [ / interface wireless access-list get $AccList mac-address ]; + :foreach SeenMac in=$Seen do={ + :if ($SeenMac = $Mac) do={ + :local Skip 0; + :foreach ShownMac in=$Shown do={ + :if ($ShownMac = $Mac) do={ :set Skip 1; } } - :if ($skip = 0) do={ - / interface wireless access-list print where mac-address=$mac; - :set shown ( $shown , $mac ); + :if ($Skip = 0) do={ + / interface wireless access-list print where mac-address=$Mac; + :set Shown ($Shown, $Mac); :put "\nEnter to skip, numeric id to remove!"; - :local remove [ $Read ]; - :if ($remove != "") do={ - :put ("Removing numeric id " . $remove . "...\n"); - / interface wireless access-list remove $remove; + :local Remove [ $Read ]; + :if ($Remove != "") do={ + :put ("Removing numeric id " . $Remove . "...\n"); + / interface wireless access-list remove $Remove; } } } } - :set seen ( $seen , $mac ); + :set Seen ($Seen, $Mac); } diff --git a/accesslist-duplicates.template b/accesslist-duplicates.template index 3b6a22a..18225a6 100644 --- a/accesslist-duplicates.template +++ b/accesslist-duplicates.template @@ -7,31 +7,31 @@ # !! This is just a template! Replace '%PATH%' with 'caps-man' # !! or 'interface wireless'! -:local seen [ :toarray "" ]; -:local shown [ :toarray "" ]; - :global Read; -:foreach acclist in=[ / %PATH% access-list find where mac-address!="00:00:00:00:00:00" ] do={ - :local mac [ / %PATH% access-list get $acclist mac-address ]; - :foreach "seen-mac" in=$seen do={ - :if ($"seen-mac" = $mac) do={ - :local skip 0; - :foreach "shown-mac" in=$shown do={ - :if ($"shown-mac" = $mac) do={ :set skip 1; } +:local Seen [ :toarray "" ]; +:local Shown [ :toarray "" ]; + +:foreach AccList in=[ / %PATH% access-list find where mac-address!="00:00:00:00:00:00" ] do={ + :local Mac [ / %PATH% access-list get $AccList mac-address ]; + :foreach SeenMac in=$Seen do={ + :if ($SeenMac = $Mac) do={ + :local Skip 0; + :foreach ShownMac in=$Shown do={ + :if ($ShownMac = $Mac) do={ :set Skip 1; } } - :if ($skip = 0) do={ - / %PATH% access-list print where mac-address=$mac; - :set shown ( $shown , $mac ); + :if ($Skip = 0) do={ + / %PATH% access-list print where mac-address=$Mac; + :set Shown ($Shown, $Mac); :put "\nEnter to skip, numeric id to remove!"; - :local remove [ $Read ]; - :if ($remove != "") do={ - :put ("Removing numeric id " . $remove . "...\n"); - / %PATH% access-list remove $remove; + :local Remove [ $Read ]; + :if ($Remove != "") do={ + :put ("Removing numeric id " . $Remove . "...\n"); + / %PATH% access-list remove $Remove; } } } } - :set seen ( $seen , $mac ); + :set Seen ($Seen, $Mac); } diff --git a/bridge-port-to-default b/bridge-port-to-default index 54f1e98..1117c1d 100644 --- a/bridge-port-to-default +++ b/bridge-port-to-default @@ -4,27 +4,27 @@ # # reset bridge ports to default bridge -:global "bridge-port-to"; +:global BridgePortTo; -:local "len" ([ :len $"bridge-port-to" ] + 1); +:local Len ([ :len $BridgePortTo ] + 1); -:if ($"len" = 1) do={ +:if ($Len = 1) do={ :delay 1s; - :set "len" ([ :len $"bridge-port-to" ] + 1); + :set Len ([ :len $BridgePortTo ] + 1); } -:foreach interface in=[ / interface bridge port find where comment!="" ] do={ - :foreach comment in=[ :toarray [ / interface bridge port get $interface comment ] ] do={ - :if ([ :pick $comment 0 $len ] = ($"bridge-port-to" . ":")) do={ - :local "interface-name" [ / interface bridge port get $interface interface ]; - :local "bridge-default" [ :pick $comment $len [ :len $comment ] ]; - :local "bridge-current" [ / interface bridge port get $interface bridge ]; - :if ($"bridge-default" != $"bridge-current") do={ - :log info ("Changing interface " . $"interface-name" . " to " . $"bridge-port-to" . " bridge " . $"bridge-default"); - / interface bridge port set bridge=$"bridge-default" $interface; - / ip dhcp-client renew [ find where interface=$"bridge-default" ]; +:foreach Interface in=[ / interface bridge port find where comment!="" ] do={ + :foreach Comment in=[ :toarray [ / interface bridge port get $Interface comment ] ] do={ + :if ([ :pick $Comment 0 $Len ] = ($BridgePortTo . ":")) do={ + :local InterfaceName [ / interface bridge port get $Interface interface ]; + :local BridgeDefault [ :pick $Comment $Len [ :len $Comment ] ]; + :local BridgeCurrent [ / interface bridge port get $Interface bridge ]; + :if ($BridgeDefault != $BridgeCurrent) do={ + :log info ("Changing interface " . $InterfaceName . " to " . $BridgePortTo . " bridge " . $BridgeDefault); + / interface bridge port set bridge=$BridgeDefault $Interface; + / ip dhcp-client renew [ find where interface=$BridgeDefault ]; } else={ - :log debug ("Interface " . $"interface-name" . " already connected to " . $"bridge-port-to" . " bridge " . $"bridge-default"); + :log debug ("Interface " . $InterfaceName . " already connected to " . $BridgePortTo . " bridge " . $BridgeDefault); } } } diff --git a/bridge-port-toggle b/bridge-port-toggle index c80f5e2..fc122f6 100644 --- a/bridge-port-toggle +++ b/bridge-port-toggle @@ -4,12 +4,12 @@ # # toggle bridge ports between default and alt bridge -:global "bridge-port-to"; +:global BridgePortTo; -:if ($"bridge-port-to" != "default") do={ - :set "bridge-port-to" "default"; +:if ($BridgePortTo != "default") do={ + :set BridgePortTo "default"; } else={ - :set "bridge-port-to" "alt"; + :set BridgePortTo "alt"; } / system script run bridge-port-to-default; diff --git a/capsman-download-packages b/capsman-download-packages index 08e9535..babea59 100644 --- a/capsman-download-packages +++ b/capsman-download-packages @@ -9,29 +9,29 @@ :global DownloadPackage; -:local "package-path" [ / caps-man manager get package-path ]; -:if ([ :pick $"package-path" 0 ] = "/") do={ - :set "package-path" [ :pick $"package-path" 1 [ :len $"package-path" ] ]; +:local PackagePath [ / caps-man manager get package-path ]; +:if ([ :pick $PackagePath 0 ] = "/") do={ + :set PackagePath [ :pick $PackagePath 1 [ :len $PackagePath ] ]; } -:local "installed-version" [ / system package update get installed-version ]; -:local updated false; +:local InstalledVersion [ / system package update get installed-version ]; +:local Updated false; -:foreach package in=[ / file find where type=package \ - package-version!=$"installed-version" name~("^" . $"package-path") ] do={ - :local "package-name" [ / file get $package package-name ]; - :local "package-architecture" [ / file get $package package-architecture ]; - :if ($"package-architecture" = "mips") do={ - :set "package-architecture" "mipsbe"; +:foreach Package in=[ / file find where type=package \ + package-version!=$InstalledVersion name~("^" . $PackagePath) ] do={ + :local PackageName [ / file get $Package package-name ]; + :local PackageArchitecture [ / file get $Package package-architecture ]; + :if ($PackageArchitecture = "mips") do={ + :set PackageArchitecture "mipsbe"; } - :if ($"package-name" = "wireless@") do={ - :set "package-name" "wireless"; + :if ($PackageName = "wireless@") do={ + :set PackageName "wireless"; } - :if ([ $DownloadPackage $"package-name" $"installed-version" $"package-architecture" $"package-path" ] = true) do={ - :set updated true; - / file remove $package; + :if ([ $DownloadPackage $PackageName $InstalledVersion $PackageArchitecture $PackagePath ] = true) do={ + :set Updated true; + / file remove $Package; } } -:if ($updated = true) do={ - / caps-man remote-cap upgrade [ find where version!=$"installed-version" ]; +:if ($Updated = true) do={ + / caps-man remote-cap upgrade [ find where version!=$InstalledVersion ]; } diff --git a/check-certificates b/check-certificates index ff79ce4..7347ed8 100644 --- a/check-certificates +++ b/check-certificates @@ -4,83 +4,82 @@ # # check for certificate validity -:global "identity"; -:global "cert-renew-url"; -:global "cert-renew-pass"; +:global Identity; +:global CertRenewUrl; +:global CertRenewPass; :global SendNotification; -:local months ("jan","feb","mar","apr","may","jun","jul","aug","sep","oct","nov","dec"); +:local Months { "jan"; "feb"; "mar"; "apr"; "may"; "jun"; + "jul"; "aug"; "sep"; "oct"; "nov"; "dec" }; -:local currentdate [ / system clock get date ]; +:local CurrentDate [ / system clock get date ]; -:local currentmonthstr [ :pick $currentdate 0 3 ]; -:local currentday [ :pick $currentdate 4 6 ]; -:local currentyear [ :pick $currentdate 7 11 ]; -:local currentmonth ([ :find $months $currentmonthstr -1 ] + 1); -:local currentstamp ($currentyear * 365 + $currentmonth * 30 + $currentday); +:local CurrentDay [ :pick $CurrentDate 4 6 ]; +:local CurrentYear [ :pick $CurrentDate 7 11 ]; +:local CurrentMonth ([ :find $Months [ :pick $CurrentDate 0 3 ] ] + 1); +:local CurrentStamp ($CurrentYear * 365 + $CurrentMonth * 30 + $CurrentDay); -:foreach cert in=[ / certificate find where !revoked ] do={ - :local certname [ / certificate get $cert name ]; - :local invaliddate [ / certificate get $cert invalid-after ]; +:foreach Cert in=[ / certificate find where !revoked ] do={ + :local CertName [ / certificate get $Cert name ]; + :local InvalidDate [ / certificate get $Cert invalid-after ]; - :if ([ :len $invaliddate ] > 0) do={ - :local invalidmonthstr [ :pick $invaliddate 0 3 ]; - :local invalidday [ :pick $invaliddate 4 6 ]; - :local invalidyear [ :pick $invaliddate 7 11 ]; - :local invalidmonth ([ :find $months $invalidmonthstr -1 ] + 1); - :local invalidstamp ($invalidyear * 365 + invalidmonth * 30 + invalidday); + :if ([ :len $InvalidDate ] > 0) do={ + :local InvalidDay [ :pick $InvalidDate 4 6 ]; + :local InvalidYear [ :pick $InvalidDate 7 11 ]; + :local InvalidMonth ([ :find $Months [ :pick $InvalidDate 0 3 ] ] + 1); + :local InvalidStamp ($InvalidYear * 365 + $InvalidMonth * 30 + $InvalidDay); - :local remaining ($invalidstamp - $currentstamp); + :local Remaining ($InvalidStamp - $CurrentStamp); - :if ($remaining < 15) do={ - :local commonname [ / certificate get $cert common-name ]; - :local fprint [ / certificate get $cert fingerprint ]; + :if ($Remaining < 15) do={ + :local CommonName [ / certificate get $Cert common-name ]; + :local FingerPrint [ / certificate get $Cert fingerprint ]; :do { - :if ([ :len $"cert-renew-url" ] = 0) do={ - :error "No renew-url given."; + :if ([ :len $CertRenewUrl ] = 0) do={ + :error "No CertRenewUrl given."; } - / tool fetch mode=https check-certificate=yes-without-crl url=($"cert-renew-url" . $commonname . ".pem"); - / certificate import file-name=($commonname . ".pem") passphrase=$"cert-renew-pass"; - / file remove [ find where name=($commonname . ".pem") ]; + / tool fetch mode=https check-certificate=yes-without-crl url=($CertRenewUrl . $CommonName . ".pem"); + / certificate import file-name=($CommonName . ".pem") passphrase=$CertRenewPass; + / file remove [ find where name=($CommonName . ".pem") ]; - :local certnew [ / certificate find where common-name=$commonname fingerprint!=$fprint ]; - :local certnamenew [ / certificate get $certnew name ]; + :local CertNew [ / certificate find where common-name=$CommonName fingerprint!=$FingerPrint ]; + :local CertNameNew [ / certificate get $CertNew name ]; - :foreach ipservice in=[ / ip service find where certificate=$certname ] do={ - / ip service set $ipservice certificate=$certnamenew; + :foreach IpService in=[ / ip service find where certificate=$CertName ] do={ + / ip service set $IpService certificate=$CertNameNew; } :do { - :foreach hotspot in=[ / ip hotspot profile find where ssl-certificate=$certname ] do={ - / ip hotspot profile set $hotspot ssl-certificate=$certnamenew; + :foreach Hotspot in=[ / ip hotspot profile find where ssl-certificate=$CertName ] do={ + / ip hotspot profile set $Hotspot ssl-certificate=$CertNameNew; } } on-error={ :log debug ("Setting hotspot certificates failed. Hotspot package not installed?"); } - / certificate remove $cert; - / certificate set $certnew name=$certname; + / certificate remove $Cert; + / certificate set $CertNew name=$CertName; } on-error={ - :log warning ("Failed to auto-update certificate " . $certname); + :log warning ("Failed to auto-update certificate " . $CertName); - :local invalidbefore [ / certificate get $cert invalid-before ]; - :local invalidafter [ / certificate get $cert invalid-after ]; + :local InvalidBefore [ / certificate get $Cert invalid-before ]; + :local InvalidAfter [ / certificate get $Cert invalid-after ]; $SendNotification ("Certificate warning!") \ - ("A certificate on " . $identity . " is about to expire.\n\n" . \ - "Certificate Name: " . $certname . "\n" . \ - "Common Name: " . $commonname . "\n" . \ - "Fingerprint: " . $fprint . "\n" . \ - "Validity: " . $invalidbefore . " to " . $invalidafter); - :log warning ("A certificate is about to expire within " . $remaining . " days: " . $certname); + ("A certificate on " . $Identity . " is about to expire.\n\n" . \ + "Certificate Name: " . $CertName . "\n" . \ + "Common Name: " . $CommonName . "\n" . \ + "Fingerprint: " . $FingerPrint . "\n" . \ + "Validity: " . $InvalidBefore . " to " . $InvalidAfter); + :log warning ("A certificate is about to expire within " . $Remaining . " days: " . $CertName); } } else={ - :log debug ("The certificate " . $certname . " expires in " . $remaining . " days."); + :log debug ("The certificate " . $CertName . " expires in " . $Remaining . " days."); } } else={ - :log debug ("The certificate " . $certname . " is just a template."); + :log debug ("The certificate " . $CertName . " is just a template."); } } diff --git a/check-lte-firmware-upgrade b/check-lte-firmware-upgrade index c99f5d7..6358a82 100644 --- a/check-lte-firmware-upgrade +++ b/check-lte-firmware-upgrade @@ -4,31 +4,31 @@ # # check for LTE firmware upgrade, send notification e-mails -:global "identity"; -:global "sent-lte-firmware-upgrade-notification"; +:global Identity; +:global SentLteFirmwareUpgradeNotification; :global SendNotification; -:foreach interface in=[ / interface lte find ] do={ - :local intname [ / interface lte get $interface name ]; +:foreach Interface in=[ / interface lte find ] do={ + :local IntName [ / interface lte get $Interface name ]; :do { - :local firmware [ / interface lte firmware-upgrade $interface once as-value ]; + :local Firmware [ / interface lte firmware-upgrade $Interface once as-value ]; # strip the extra line break (TODO: remove when fixed upstream) - :set ($firmware->"latest") [ :pick ($firmware->"latest") 0 [ :find ($firmware->"latest") "\n" ] ]; + :set ($Firmware->"latest") [ :pick ($Firmware->"latest") 0 [ :find ($Firmware->"latest") "\n" ] ]; - :if ($"sent-lte-firmware-upgrade-notification" = ($firmware->"latest")) do={ + :if ($SentLteFirmwareUpgradeNotification = ($Firmware->"latest")) do={ :log debug ("Already sent the LTE firmware upgrade notification for version " . \ - ($firmware->"latest") . "."); + ($Firmware->"latest") . "."); } else={ - :if (($firmware->"installed") != ($firmware->"latest")) do={ + :if (($Firmware->"installed") != ($Firmware->"latest")) do={ $SendNotification ("LTE firmware upgrade notification") \ - ("A new firmware version " . ($firmware->"latest") . " is available for " . \ - "LTE interface " . $intname . " on " . $identity . "."); - :set "sent-lte-firmware-upgrade-notification" ($firmware->"latest"); + ("A new firmware version " . ($Firmware->"latest") . " is available for " . \ + "LTE interface " . $IntName . " on " . $Identity . "."); + :set SentLteFirmwareUpgradeNotification ($Firmware->"latest"); } } } on-error={ :log debug ("Could not get latest LTE firmware version for interface " . \ - $intname . "."); + $IntName . "."); } } diff --git a/check-routeros-update b/check-routeros-update index 2a4e0b3..3564a09 100644 --- a/check-routeros-update +++ b/check-routeros-update @@ -4,9 +4,9 @@ # # check for RouterOS update, send notification e-mails -:global "identity"; -:global "safe-update-url"; -:global "sent-routeros-update-notification"; +:global Identity; +:global SafeUpdateUrl; +:global SentRouterosUpdateNotification; :global SendNotification; @@ -18,45 +18,45 @@ } / system package update check-for-updates without-paging; -:local installedversion [ / system package update get installed-version ]; -:local latestversion [ / system package update get latest-version ]; +:local InstalledVersion [ / system package update get installed-version ]; +:local LatestVersion [ / system package update get latest-version ]; -:if ($installedversion != $latestversion) do={ - :local channel [ / system package update get channel ]; - :local model [ / system routerboard get model ]; - :local serialnumber [ / system routerboard get serial-number ]; +:if ($InstalledVersion != $LatestVersion) do={ + :local Channel [ / system package update get channel ]; + :local Model [ / system routerboard get model ]; + :local SerialNumber [ / system routerboard get serial-number ]; - :if ([ :len $"safe-update-url" ] > 0) do={ - :local result; + :if ([ :len $SafeUpdateUrl ] > 0) do={ + :local Result; :do { - :set result [ / tool fetch check-certificate=yes-without-crl \ - ($"safe-update-url" . $channel . "?installed=" . $installedversion . \ - "&latest=" . $latestversion) output=user as-value ]; + :set Result [ / tool fetch check-certificate=yes-without-crl \ + ($SafeUpdateUrl . $Channel . "?installed=" . $InstalledVersion . \ + "&latest=" . $LatestVersion) output=user as-value ]; } on-error={ - :log warning ("Failed receiving safe version for " . $channel . "."); + :log warning ("Failed receiving safe version for " . $Channel . "."); } - :if ($result->"status" = "finished" && $result->"data" = $latestversion) do={ - :log info ("Version " . $latestversion . " is assumed safe, updating..."); + :if ($Result->"status" = "finished" && $Result->"data" = $LatestVersion) do={ + :log info ("Version " . $LatestVersion . " is considered safe, updating..."); $SendNotification ("RouterOS update notification") \ - ("Version " . $latestversion . " is assumed safe for " . $channel . \ - ", updating on " . $identity . "..."); + ("Version " . $LatestVersion . " is considered safe for " . $Channel . \ + ", updating on " . $Identity . "..."); / system package update install; :error "Waiting for system to reboot."; } } - :if ($"sent-routeros-update-notification" = $latestversion) do={ + :if ($SentRouterosUpdateNotification = $LatestVersion) do={ :error ("Already sent the RouterOS update notification for version " . \ - $latestversion . "."); + $LatestVersion . "."); } $SendNotification ("RouterOS update notification") \ ("There is a RouterOS update available\n\n" . \ - "Routerboard: " . $model . "\n" . \ - "Serial number: " . $serialnumber . "\n" . \ - "Hostname: " . $identity . "\n" . \ - "Channel: " . $channel . "\n" . \ - "Installed: " . $installedversion . "\n" . \ - "Available: " . $latestversion); - :set "sent-routeros-update-notification" $latestversion; + "Routerboard: " . $Model . "\n" . \ + "Serial number: " . $SerialNumber . "\n" . \ + "Hostname: " . $Identity . "\n" . \ + "Channel: " . $Channel . "\n" . \ + "Installed: " . $InstalledVersion . "\n" . \ + "Available: " . $LatestVersion); + :set SentRouterosUpdateNotification $LatestVersion; } diff --git a/collect-wireless-mac.capsman b/collect-wireless-mac.capsman index 08c0bdb..cca29e8 100644 --- a/collect-wireless-mac.capsman +++ b/collect-wireless-mac.capsman @@ -6,54 +6,54 @@ # # !! Do not edit this file, it is generated from template! -:global "identity"; +:global Identity; :global GetMacVendor; :global SendNotification; -:local "place-before" [ / caps-man access-list find where comment="--- collected above ---" disabled ]; -:if ([ :len $"place-before" ] = 0) do={ +:local PlaceBefore [ / caps-man access-list find where comment="--- collected above ---" disabled ]; +:if ([ :len $PlaceBefore ] = 0) do={ :error "Missing disabled access-list entry with comment '--- collected above ---'"; } -:foreach regtbl in=[ / caps-man registration-table find ] do={ - :local mac [ / caps-man registration-table get $regtbl mac-address ]; - :local acclst [ :pick [ / caps-man access-list find where mac-address=$mac ] 0 ]; - :if ( [ :len $acclst ] = 0 ) do={ - :local hostname "no dhcp lease"; - :local address "no dhcp lease"; - :local lease [ / ip dhcp-server lease find where mac-address=$mac ]; - :if ( [ :len $lease ] > 0 ) do={ - :set hostname [ / ip dhcp-server lease get $lease host-name ]; - :set address [ / ip dhcp-server lease get $lease address ]; +:foreach RegTbl in=[ / caps-man registration-table find ] do={ + :local Mac [ / caps-man registration-table get $RegTbl mac-address ]; + :local AccessList [ :pick [ / caps-man access-list find where mac-address=$Mac ] 0 ]; + :if ([ :len $AccessList ] = 0) do={ + :local HostName "no dhcp lease"; + :local Address "no dhcp lease"; + :local Lease [ / ip dhcp-server lease find where mac-address=$Mac ]; + :if ([ :len $Lease ] > 0) do={ + :set HostName [ / ip dhcp-server lease get $Lease host-name ]; + :set Address [ / ip dhcp-server lease get $Lease address ]; } - :if ( [ :len $hostname ] = 0 ) do={ - :set hostname "no hostname"; + :if ([ :len $HostName ] = 0) do={ + :set HostName "no hostname"; } - :if ( [ :len $address ] = 0 ) do={ - :set address "no address"; + :if ([ :len $Address ] = 0) do={ + :set Address "no address"; } - :local regentry [ / caps-man registration-table find where mac-address=$mac ]; - :local interface [ / caps-man registration-table get $regentry interface ]; - :local ssid [ / caps-man registration-table get $regentry ssid ]; - :local datetime ([ / system clock get date ] . " " . [ / system clock get time ]); - :local vendor [ $GetMacVendor $mac ]; - :local message ("unknown MAC address " . $mac . " (" . $vendor . ", " . $hostname . ") " . \ - "first seen on " . $datetime . " connected to SSID " . $ssid . ", interface " . $interface); - / log info $message; - / caps-man access-list add place-before=$"place-before" comment=$message mac-address=$mac disabled=yes; - $SendNotification ($mac . " connected to " . $ssid) \ - ("A device with unknown MAC address connected to " . $ssid . " on " . $identity . ".\n\n" . \ - "Controller: " . $identity . "\n" . \ - "Interface: " . $interface . "\n" . \ - "SSID: " . $ssid . "\n" . \ - "MAC: " . $mac . "\n" . \ - "Vendor: " . $vendor . "\n" . \ - "Hostname: " . $hostname . "\n" . \ - "Address: " . $address . "\n" . \ - "Date: " . $datetime); + :local RegEntry [ / caps-man registration-table find where mac-address=$Mac ]; + :local Interface [ / caps-man registration-table get $RegEntry interface ]; + :local Ssid [ / caps-man registration-table get $RegEntry ssid ]; + :local DateTime ([ / system clock get date ] . " " . [ / system clock get time ]); + :local Vendor [ $GetMacVendor $Mac ]; + :local Message ("unknown MAC address " . $Mac . " (" . $Vendor . ", " . $HostName . ") " . \ + "first seen on " . $DateTime . " connected to SSID " . $Ssid . ", interface " . $Interface); + / log info $Message; + / caps-man access-list add place-before=$PlaceBefore comment=$Message mac-address=$Mac disabled=yes; + $SendNotification ($Mac . " connected to " . $Ssid) \ + ("A device with unknown MAC address connected to " . $Ssid . " on " . $Identity . ".\n\n" . \ + "Controller: " . $Identity . "\n" . \ + "Interface: " . $Interface . "\n" . \ + "SSID: " . $Ssid . "\n" . \ + "MAC: " . $Mac . "\n" . \ + "Vendor: " . $Vendor . "\n" . \ + "Hostname: " . $HostName . "\n" . \ + "Address: " . $Address . "\n" . \ + "Date: " . $DateTime); } else={ - :local comment [ / caps-man access-list get $acclst comment ]; - :log debug ("MAC address " . $mac . " already known: " . $comment); + :local Comment [ / caps-man access-list get $AccessList comment ]; + :log debug ("MAC address " . $Mac . " already known: " . $Comment); } } diff --git a/collect-wireless-mac.local b/collect-wireless-mac.local index 7569ba0..49f3128 100644 --- a/collect-wireless-mac.local +++ b/collect-wireless-mac.local @@ -6,54 +6,54 @@ # # !! Do not edit this file, it is generated from template! -:global "identity"; +:global Identity; :global GetMacVendor; :global SendNotification; -:local "place-before" [ / interface wireless access-list find where comment="--- collected above ---" disabled ]; -:if ([ :len $"place-before" ] = 0) do={ +:local PlaceBefore [ / interface wireless access-list find where comment="--- collected above ---" disabled ]; +:if ([ :len $PlaceBefore ] = 0) do={ :error "Missing disabled access-list entry with comment '--- collected above ---'"; } -:foreach regtbl in=[ / interface wireless registration-table find ] do={ - :local mac [ / interface wireless registration-table get $regtbl mac-address ]; - :local acclst [ :pick [ / interface wireless access-list find where mac-address=$mac ] 0 ]; - :if ( [ :len $acclst ] = 0 ) do={ - :local hostname "no dhcp lease"; - :local address "no dhcp lease"; - :local lease [ / ip dhcp-server lease find where mac-address=$mac ]; - :if ( [ :len $lease ] > 0 ) do={ - :set hostname [ / ip dhcp-server lease get $lease host-name ]; - :set address [ / ip dhcp-server lease get $lease address ]; +:foreach RegTbl in=[ / interface wireless registration-table find ] do={ + :local Mac [ / interface wireless registration-table get $RegTbl mac-address ]; + :local AccessList [ :pick [ / interface wireless access-list find where mac-address=$Mac ] 0 ]; + :if ([ :len $AccessList ] = 0) do={ + :local HostName "no dhcp lease"; + :local Address "no dhcp lease"; + :local Lease [ / ip dhcp-server lease find where mac-address=$Mac ]; + :if ([ :len $Lease ] > 0) do={ + :set HostName [ / ip dhcp-server lease get $Lease host-name ]; + :set Address [ / ip dhcp-server lease get $Lease address ]; } - :if ( [ :len $hostname ] = 0 ) do={ - :set hostname "no hostname"; + :if ([ :len $HostName ] = 0) do={ + :set HostName "no hostname"; } - :if ( [ :len $address ] = 0 ) do={ - :set address "no address"; + :if ([ :len $Address ] = 0) do={ + :set Address "no address"; } - :local regentry [ / interface wireless registration-table find where mac-address=$mac ]; - :local interface [ / interface wireless registration-table get $regentry interface ]; - :local ssid [ / interface wireless get [ find where name=$interface ] ssid ]; - :local datetime ([ / system clock get date ] . " " . [ / system clock get time ]); - :local vendor [ $GetMacVendor $mac ]; - :local message ("unknown MAC address " . $mac . " (" . $vendor . ", " . $hostname . ") " . \ - "first seen on " . $datetime . " connected to SSID " . $ssid . ", interface " . $interface); - / log info $message; - / interface wireless access-list add place-before=$"place-before" comment=$message mac-address=$mac disabled=yes; - $SendNotification ($mac . " connected to " . $ssid) \ - ("A device with unknown MAC address connected to " . $ssid . " on " . $identity . ".\n\n" . \ - "Controller: " . $identity . "\n" . \ - "Interface: " . $interface . "\n" . \ - "SSID: " . $ssid . "\n" . \ - "MAC: " . $mac . "\n" . \ - "Vendor: " . $vendor . "\n" . \ - "Hostname: " . $hostname . "\n" . \ - "Address: " . $address . "\n" . \ - "Date: " . $datetime); + :local RegEntry [ / interface wireless registration-table find where mac-address=$Mac ]; + :local Interface [ / interface wireless registration-table get $RegEntry interface ]; + :local Ssid [ / interface wireless get [ find where name=$Interface ] ssid ]; + :local DateTime ([ / system clock get date ] . " " . [ / system clock get time ]); + :local Vendor [ $GetMacVendor $Mac ]; + :local Message ("unknown MAC address " . $Mac . " (" . $Vendor . ", " . $HostName . ") " . \ + "first seen on " . $DateTime . " connected to SSID " . $Ssid . ", interface " . $Interface); + / log info $Message; + / interface wireless access-list add place-before=$PlaceBefore comment=$Message mac-address=$Mac disabled=yes; + $SendNotification ($Mac . " connected to " . $Ssid) \ + ("A device with unknown MAC address connected to " . $Ssid . " on " . $Identity . ".\n\n" . \ + "Controller: " . $Identity . "\n" . \ + "Interface: " . $Interface . "\n" . \ + "SSID: " . $Ssid . "\n" . \ + "MAC: " . $Mac . "\n" . \ + "Vendor: " . $Vendor . "\n" . \ + "Hostname: " . $HostName . "\n" . \ + "Address: " . $Address . "\n" . \ + "Date: " . $DateTime); } else={ - :local comment [ / interface wireless access-list get $acclst comment ]; - :log debug ("MAC address " . $mac . " already known: " . $comment); + :local Comment [ / interface wireless access-list get $AccessList comment ]; + :log debug ("MAC address " . $Mac . " already known: " . $Comment); } } diff --git a/collect-wireless-mac.template b/collect-wireless-mac.template index 71c6384..bfd0438 100644 --- a/collect-wireless-mac.template +++ b/collect-wireless-mac.template @@ -7,55 +7,55 @@ # !! This is just a template! Replace '%PATH%' with 'caps-man' # !! or 'interface wireless'! -:global "identity"; +:global Identity; :global GetMacVendor; :global SendNotification; -:local "place-before" [ / %PATH% access-list find where comment="--- collected above ---" disabled ]; -:if ([ :len $"place-before" ] = 0) do={ +:local PlaceBefore [ / %PATH% access-list find where comment="--- collected above ---" disabled ]; +:if ([ :len $PlaceBefore ] = 0) do={ :error "Missing disabled access-list entry with comment '--- collected above ---'"; } -:foreach regtbl in=[ / %PATH% registration-table find ] do={ - :local mac [ / %PATH% registration-table get $regtbl mac-address ]; - :local acclst [ :pick [ / %PATH% access-list find where mac-address=$mac ] 0 ]; - :if ( [ :len $acclst ] = 0 ) do={ - :local hostname "no dhcp lease"; - :local address "no dhcp lease"; - :local lease [ / ip dhcp-server lease find where mac-address=$mac ]; - :if ( [ :len $lease ] > 0 ) do={ - :set hostname [ / ip dhcp-server lease get $lease host-name ]; - :set address [ / ip dhcp-server lease get $lease address ]; +:foreach RegTbl in=[ / %PATH% registration-table find ] do={ + :local Mac [ / %PATH% registration-table get $RegTbl mac-address ]; + :local AccessList [ :pick [ / %PATH% access-list find where mac-address=$Mac ] 0 ]; + :if ([ :len $AccessList ] = 0) do={ + :local HostName "no dhcp lease"; + :local Address "no dhcp lease"; + :local Lease [ / ip dhcp-server lease find where mac-address=$Mac ]; + :if ([ :len $Lease ] > 0) do={ + :set HostName [ / ip dhcp-server lease get $Lease host-name ]; + :set Address [ / ip dhcp-server lease get $Lease address ]; } - :if ( [ :len $hostname ] = 0 ) do={ - :set hostname "no hostname"; + :if ([ :len $HostName ] = 0) do={ + :set HostName "no hostname"; } - :if ( [ :len $address ] = 0 ) do={ - :set address "no address"; + :if ([ :len $Address ] = 0) do={ + :set Address "no address"; } - :local regentry [ / %PATH% registration-table find where mac-address=$mac ]; - :local interface [ / %PATH% registration-table get $regentry interface ]; - :local ssid [ / caps-man registration-table get $regentry ssid ]; - :local ssid [ / interface wireless get [ find where name=$interface ] ssid ]; - :local datetime ([ / system clock get date ] . " " . [ / system clock get time ]); - :local vendor [ $GetMacVendor $mac ]; - :local message ("unknown MAC address " . $mac . " (" . $vendor . ", " . $hostname . ") " . \ - "first seen on " . $datetime . " connected to SSID " . $ssid . ", interface " . $interface); - / log info $message; - / %PATH% access-list add place-before=$"place-before" comment=$message mac-address=$mac disabled=yes; - $SendNotification ($mac . " connected to " . $ssid) \ - ("A device with unknown MAC address connected to " . $ssid . " on " . $identity . ".\n\n" . \ - "Controller: " . $identity . "\n" . \ - "Interface: " . $interface . "\n" . \ - "SSID: " . $ssid . "\n" . \ - "MAC: " . $mac . "\n" . \ - "Vendor: " . $vendor . "\n" . \ - "Hostname: " . $hostname . "\n" . \ - "Address: " . $address . "\n" . \ - "Date: " . $datetime); + :local RegEntry [ / %PATH% registration-table find where mac-address=$Mac ]; + :local Interface [ / %PATH% registration-table get $RegEntry interface ]; + :local Ssid [ / caps-man registration-table get $RegEntry ssid ]; + :local Ssid [ / interface wireless get [ find where name=$Interface ] ssid ]; + :local DateTime ([ / system clock get date ] . " " . [ / system clock get time ]); + :local Vendor [ $GetMacVendor $Mac ]; + :local Message ("unknown MAC address " . $Mac . " (" . $Vendor . ", " . $HostName . ") " . \ + "first seen on " . $DateTime . " connected to SSID " . $Ssid . ", interface " . $Interface); + / log info $Message; + / %PATH% access-list add place-before=$PlaceBefore comment=$Message mac-address=$Mac disabled=yes; + $SendNotification ($Mac . " connected to " . $Ssid) \ + ("A device with unknown MAC address connected to " . $Ssid . " on " . $Identity . ".\n\n" . \ + "Controller: " . $Identity . "\n" . \ + "Interface: " . $Interface . "\n" . \ + "SSID: " . $Ssid . "\n" . \ + "MAC: " . $Mac . "\n" . \ + "Vendor: " . $Vendor . "\n" . \ + "Hostname: " . $HostName . "\n" . \ + "Address: " . $Address . "\n" . \ + "Date: " . $DateTime); } else={ - :local comment [ / %PATH% access-list get $acclst comment ]; - :log debug ("MAC address " . $mac . " already known: " . $comment); + :local Comment [ / %PATH% access-list get $AccessList comment ]; + :log debug ("MAC address " . $Mac . " already known: " . $Comment); } } @@ -4,105 +4,96 @@ # # update daily PSK (pre shared key) -:global "identity"; -:global "daily-psk-match-comment"; +:global Identity; +:global DailyPskMatchComment; :global SendNotification; -:local seen [ :toarray "" ]; +:local Seen [ :toarray "" ]; # return pseudo-random string for PSK :local GeneratePSK do={ - :local date [ :tostr $1 ]; + :local Date [ :tostr $1 ]; - :global "daily-psk-secrets"; + :global DailyPskSecrets; - :local months { - "jan"; "feb"; "mar"; "apr"; "may"; "jun"; - "jul"; "aug"; "sep"; "oct"; "nov"; "dec" - } - :local monthtbl { - 0; 3; 3; 6; 1; 4; 6; 2; 5; 0; 3; 5 - } + :local Months { "jan"; "feb"; "mar"; "apr"; "may"; "jun"; + "jul"; "aug"; "sep"; "oct"; "nov"; "dec" }; + :local MonthTbl { 0; 3; 3; 6; 1; 4; 6; 2; 5; 0; 3; 5 }; - :local monthstr [ :pick $date 0 3 ]; - :local month; - :local day [ :pick $date 4 6 ]; - :local century [ :pick $date 7 9 ]; - :local year [ :pick $date 9 11 ]; + :local MonthStr [ :pick $Date 0 3 ]; + :local Month; + :local Day [ :pick $Date 4 6 ]; + :local Century [ :pick $Date 7 9 ]; + :local Year [ :pick $Date 9 11 ]; # get numeric value for month - :for mindex from=0 to=[ :len $months ] do={ - :if ([ :pick $months $mindex ] = $monthstr) do={ - :set month $mindex; + :for MIndex from=0 to=[ :len $Months ] do={ + :if ([ :pick $Months $MIndex ] = $MonthStr) do={ + :set Month $MIndex; } } # calculate day of week - :local sum 0; - :set sum ($sum + (2 * (3 - ($century - (($century / 4) * 4))))); - :set sum ($sum + ($year / 4)); - :set sum ($sum + $year + $day); - :set sum ($sum + $month); - :set sum ($sum - (($sum / 7) * 7)); - - :local return ([ :pick [ :pick $"daily-psk-secrets" 0 ] ($day - 1) ] . \ - [ :pick [ :pick $"daily-psk-secrets" 1 ] $month ] . \ - [ :pick [ :pick $"daily-psk-secrets" 2 ] $sum ]); - - :return $return; + :local Sum 0; + :set Sum ($Sum + (2 * (3 - ($Century - (($Century / 4) * 4))))); + :set Sum ($Sum + ($Year / 4)); + :set Sum ($Sum + $Year + $Day); + :set Sum ($Sum + $Month); + :set Sum ($Sum - (($Sum / 7) * 7)); + + :local Return ([ :pick [ :pick $DailyPskSecrets 0 ] ($Day - 1) ] . \ + [ :pick [ :pick $DailyPskSecrets 1 ] $Month ] . \ + [ :pick [ :pick $DailyPskSecrets 2 ] $Sum ]); + + :return $Return; } -:local date [ / system clock get date ]; -:local newpsk [ $GeneratePSK $date ]; - -:foreach acclist in=[ / interface wireless access-list find where comment~$"daily-psk-match-comment" ] do={ - :local intname [ / interface wireless access-list get $acclist interface ]; - :local interface [ / interface wireless find where name=$intname disabled=no ]; - :local ssid [ / interface wireless get $intname ssid ]; - :local oldpsk [ / interface wireless access-list get $acclist private-pre-shared-key ]; - :local skip 0; - - :if ($newpsk != $oldpsk) do={ - :log info ("Updating daily PSK for " . $intname . " to " . $newpsk . " (was " . $oldpsk . ")"); - / interface wireless access-list set $acclist private-pre-shared-key=$newpsk; - - :if ([ :len $interface ] = 1) do={ - :foreach "seen-ssid" in=$seen do={ - :if ($"seen-ssid" = $ssid) do={ - :log debug ("Already sent a mail for SSID " . $ssid . ", skipping."); - :set skip 1; +:local Date [ / system clock get date ]; +:local NewPsk [ $GeneratePSK $Date ]; + +:foreach AccList in=[ / interface wireless access-list find where comment~$DailyPskMatchComment ] do={ + :local IntName [ / interface wireless access-list get $AccList interface ]; + :local Interface [ / interface wireless find where name=$IntName disabled=no ]; + :local Ssid [ / interface wireless get $IntName ssid ]; + :local OldPsk [ / interface wireless access-list get $AccList private-pre-shared-key ]; + :local Skip 0; + + :if ($NewPsk != $OldPsk) do={ + :log info ("Updating daily PSK for " . $IntName . " to " . $NewPsk . " (was " . $OldPsk . ")"); + / interface wireless access-list set $AccList private-pre-shared-key=$NewPsk; + + :if ([ :len $Interface ] = 1) do={ + :foreach SeenSsid in=$Seen do={ + :if ($SeenSsid = $Ssid) do={ + :log debug ("Already sent a mail for SSID " . $Ssid . ", skipping."); + :set Skip 1; } } - :if ($skip = 0) do={ - :set seen ( $seen, $ssid ); + :if ($Skip = 0) do={ + :set Seen ($Seen, $Ssid); - :local host "www.eworm.de" - :local srcpath ("/cgi-bin/cqrlogo-wifi.cgi" . \ - "?scale=8" . \ - "&level=1" . \ - "&ssid=" . $ssid . \ - "&pass=" . $newpsk); - :local attach "qrcode-daily.png"; + :local Url ("https://www.eworm.de/cgi-bin/cqrlogo-wifi.cgi" . \ + "?scale=8&level=1&ssid=" . $Ssid . "&pass=" . $NewPsk); + :local Attach "qrcode-daily.png"; :do { - / tool fetch mode=https check-certificate=yes-without-crl address=$host \ - host=$host src-path=$srcpath dst-path=$attach; + / tool fetch mode=https check-certificate=yes-without-crl \ + $Url dst-path=$Attach; } on-error={ - :set attach ""; + :set Attach ""; } - $SendNotification ("daily PSK " . $ssid) \ - ("This is the daily PSK on " . $identity . ":\n\n" . \ - "SSID: " . $ssid . "\n" . \ - "PSK: " . $newpsk . "\n" . \ - "Date: " . [ / system clock get date ] . "\n\n" . \ - "https://" . $host . $srcpath) \ - $attach; + $SendNotification ("daily PSK " . $Ssid) \ + ("This is the daily PSK on " . $Identity . ":\n\n" . \ + "SSID: " . $Ssid . "\n" . \ + "PSK: " . $NewPsk . "\n" . \ + "Date: " . $Date . "\n\n" . \ + $Url) $Attach; } } else={ - :log debug ("Missing active interface " . $intname . " for access list entry."); + :log debug ("Missing active interface " . $IntName . " for access list entry."); } } } diff --git a/daily-psk-schedule b/daily-psk-schedule index 853ae96..e5eb6f8 100644 --- a/daily-psk-schedule +++ b/daily-psk-schedule @@ -4,12 +4,12 @@ # # schedule daily-psk on startup -:local scheduler [ / system scheduler find where name=daily-psk-schedule ]; +:local Scheduler [ / system scheduler find where name="daily-psk-schedule" ]; -:if ([ / system scheduler get $scheduler interval ] = 0s) do={ - / system scheduler set interval=15s $scheduler; +:if ([ / system scheduler get $Scheduler interval ] = 0s) do={ + / system scheduler set interval=15s $Scheduler; } else={ - :if ([ / tool netwatch get [ find where comment=[ / tool e-mail get address ] ] status ] != "up" ) do={ + :if ([ / tool netwatch get [ find where comment=[ / tool e-mail get address ] ] status ] != "up") do={ :error "Mail server is not up."; } @@ -19,5 +19,5 @@ / system script run daily-psk; - / system scheduler set interval=0s $scheduler; + / system scheduler set interval=0s $Scheduler; } diff --git a/dhcp-lease-comment.capsman b/dhcp-lease-comment.capsman index 50e86b7..5e6e325 100644 --- a/dhcp-lease-comment.capsman +++ b/dhcp-lease-comment.capsman @@ -6,16 +6,16 @@ # # !! Do not edit this file, it is generated from template! -:foreach lease in=[ / ip dhcp-server lease find where dynamic=yes ] do={ - :local macaddress [ / ip dhcp-server lease get $lease mac-address ]; - :local oldcomment [ / ip dhcp-server lease get $lease comment ]; - :local newcomment; - :local accesslst [ :pick [ / caps-man access-list find where mac-address=$macaddress ] 0 ]; - :if ( [ :len $accesslst ] > 0 ) do={ - :set newcomment [ / caps-man access-list get $accesslst comment ]; +:foreach Lease in=[ / ip dhcp-server lease find where dynamic=yes ] do={ + :local MacAddress [ / ip dhcp-server lease get $Lease mac-address ]; + :local OldComment [ / ip dhcp-server lease get $Lease comment ]; + :local NewComment; + :local AccessList [ :pick [ / caps-man access-list find where mac-address=$MacAddress ] 0 ]; + :if ([ :len $AccessList ] > 0) do={ + :set NewComment [ / caps-man access-list get $AccessList comment ]; } - :if ([ :len $newcomment ] != 0 && $oldcomment != $newcomment) do={ - :log info ("Updating comment for DHCP lease " . $macaddress . ": " . $newcomment); - / ip dhcp-server lease set comment=$newcomment $lease; + :if ([ :len $NewComment ] != 0 && $OldComment != $NewComment) do={ + :log info ("Updating comment for DHCP lease " . $MacAddress . ": " . $NewComment); + / ip dhcp-server lease set comment=$NewComment $Lease; } } diff --git a/dhcp-lease-comment.local b/dhcp-lease-comment.local index 82cc9a9..98c11cc 100644 --- a/dhcp-lease-comment.local +++ b/dhcp-lease-comment.local @@ -6,16 +6,16 @@ # # !! Do not edit this file, it is generated from template! -:foreach lease in=[ / ip dhcp-server lease find where dynamic=yes ] do={ - :local macaddress [ / ip dhcp-server lease get $lease mac-address ]; - :local oldcomment [ / ip dhcp-server lease get $lease comment ]; - :local newcomment; - :local accesslst [ :pick [ / interface wireless access-list find where mac-address=$macaddress ] 0 ]; - :if ( [ :len $accesslst ] > 0 ) do={ - :set newcomment [ / interface wireless access-list get $accesslst comment ]; +:foreach Lease in=[ / ip dhcp-server lease find where dynamic=yes ] do={ + :local MacAddress [ / ip dhcp-server lease get $Lease mac-address ]; + :local OldComment [ / ip dhcp-server lease get $Lease comment ]; + :local NewComment; + :local AccessList [ :pick [ / interface wireless access-list find where mac-address=$MacAddress ] 0 ]; + :if ([ :len $AccessList ] > 0) do={ + :set NewComment [ / interface wireless access-list get $AccessList comment ]; } - :if ([ :len $newcomment ] != 0 && $oldcomment != $newcomment) do={ - :log info ("Updating comment for DHCP lease " . $macaddress . ": " . $newcomment); - / ip dhcp-server lease set comment=$newcomment $lease; + :if ([ :len $NewComment ] != 0 && $OldComment != $NewComment) do={ + :log info ("Updating comment for DHCP lease " . $MacAddress . ": " . $NewComment); + / ip dhcp-server lease set comment=$NewComment $Lease; } } diff --git a/dhcp-lease-comment.template b/dhcp-lease-comment.template index 211d338..b119596 100644 --- a/dhcp-lease-comment.template +++ b/dhcp-lease-comment.template @@ -7,16 +7,16 @@ # !! This is just a template! Replace '%PATH%' with 'caps-man' # !! or 'interface wireless'! -:foreach lease in=[ / ip dhcp-server lease find where dynamic=yes ] do={ - :local macaddress [ / ip dhcp-server lease get $lease mac-address ]; - :local oldcomment [ / ip dhcp-server lease get $lease comment ]; - :local newcomment; - :local accesslst [ :pick [ / %PATH% access-list find where mac-address=$macaddress ] 0 ]; - :if ( [ :len $accesslst ] > 0 ) do={ - :set newcomment [ / %PATH% access-list get $accesslst comment ]; +:foreach Lease in=[ / ip dhcp-server lease find where dynamic=yes ] do={ + :local MacAddress [ / ip dhcp-server lease get $Lease mac-address ]; + :local OldComment [ / ip dhcp-server lease get $Lease comment ]; + :local NewComment; + :local AccessList [ :pick [ / %PATH% access-list find where mac-address=$MacAddress ] 0 ]; + :if ([ :len $AccessList ] > 0) do={ + :set NewComment [ / %PATH% access-list get $AccessList comment ]; } - :if ([ :len $newcomment ] != 0 && $oldcomment != $newcomment) do={ - :log info ("Updating comment for DHCP lease " . $macaddress . ": " . $newcomment); - / ip dhcp-server lease set comment=$newcomment $lease; + :if ([ :len $NewComment ] != 0 && $OldComment != $NewComment) do={ + :log info ("Updating comment for DHCP lease " . $MacAddress . ": " . $NewComment); + / ip dhcp-server lease set comment=$NewComment $Lease; } } diff --git a/dhcp-to-dns b/dhcp-to-dns index c65745e..3ee7155 100644 --- a/dhcp-to-dns +++ b/dhcp-to-dns @@ -4,73 +4,73 @@ # # check DHCP leases and add/remove/update DNS entries -:global "identity"; -:global "domain"; -:global "hostname-in-zone"; +:global Identity; +:global Domain; +:global HostNameInZone; -:local zone; -:if ($"hostname-in-zone" = true) do={ - :set zone ("dhcp." . $identity . "." . $domain); +:local Zone; +:if ($HostNameInZone = true) do={ + :set Zone ("dhcp." . $Identity . "." . $Domain); } else={ - :set zone ("dhcp." . $domain); + :set Zone ("dhcp." . $Domain); } -:local ttl 5m; -:local hostname; -:local fqdn; -:local dnsip; -:local dhcpip; -:local dnsnode; -:local dhcpnode; +:local Ttl 5m; +:local HostName; +:local Fqdn; +:local DnsIp; +:local DhcpIp; +:local DnsNode; +:local DhcpNode; -:foreach static in=[ / ip dns static find where name ~ (".*\\." . $zone) ] do={ - :set fqdn [ / ip dns static get $static name ]; - :set hostname [ :pick $fqdn 0 ( [ :len $fqdn ] - ( [ :len $zone ] + 1 ) ) ]; - :set dhcpnode [ / ip dhcp-server lease find where host-name=$hostname dynamic=yes ]; - :if ( [ :len $dhcpnode ] > 0) do={ - :log debug ("Lease for " . $hostname . " still exists. Not deleting."); +:foreach Static in=[ / ip dns static find where name ~ (".*\\." . $Zone) ] do={ + :set Fqdn [ / ip dns static get $Static name ]; + :set HostName [ :pick $Fqdn 0 ([ :len $Fqdn ] - ([ :len $Zone ] + 1)) ]; + :set DhcpNode [ / ip dhcp-server lease find where host-name=$HostName dynamic=yes ]; + :if ([ :len $DhcpNode ] > 0) do={ + :log debug ("Lease for " . $HostName . " still exists. Not deleting."); } else={ - :local found false; - :log info ("Lease expired for " . $hostname . ", deleting DNS entry."); - / ip dns static remove $static; + :local Found false; + :log info ("Lease expired for " . $HostName . ", deleting DNS entry."); + / ip dns static remove $Static; } } -:foreach lease in=[ / ip dhcp-server lease find where dynamic=yes ] do={ - :local mac [ / ip dhcp-server lease get $lease mac-address ]; - :set dhcpip [ / ip dhcp-server lease get $lease address ]; - :local comment ("managed by dhcp-to-dns for " . $mac); - :set hostname [ / ip dhcp-server lease get $lease host-name ]; +:foreach Lease in=[ / ip dhcp-server lease find where dynamic=yes ] do={ + :local Mac [ / ip dhcp-server lease get $Lease mac-address ]; + :set DhcpIp [ / ip dhcp-server lease get $Lease address ]; + :local Comment ("managed by dhcp-to-dns for " . $Mac); + :set HostName [ / ip dhcp-server lease get $Lease host-name ]; - :while ($hostname ~ " ") do={ - :local pos [ :find $hostname " " ]; - :set hostname ( [ :pick $hostname 0 $pos ] . [ :pick $hostname ($pos + 1) 999 ] ); + :while ($HostName ~ " ") do={ + :local Pos [ :find $HostName " " ]; + :set HostName ([ :pick $HostName 0 $Pos ] . [ :pick $HostName ($Pos + 1) 999 ]); }; - :if ( [ :len $hostname ] > 0) do={ - :set fqdn ( $hostname . "." . $zone ); - :set dnsnode [ / ip dns static find where name=$fqdn ]; - :if ( [ :len $dnsnode ] > 0 ) do={ - :set dnsip [ / ip dns static get $dnsnode address ]; + :if ([ :len $HostName ] > 0) do={ + :set Fqdn ($HostName . "." . $Zone); + :set DnsNode [ / ip dns static find where name=$Fqdn ]; + :if ([ :len $DnsNode ] > 0) do={ + :set DnsIp [ / ip dns static get $DnsNode address ]; - :local leases [ / ip dhcp-server lease find where host-name=$hostname dynamic=yes ]; - :local hostnamecount [ / ip dhcp-server lease print count-only where host-name=$hostname dynamic=yes ]; - :if ( $hostnamecount > 1) do={ - :foreach j,lease in=$leases do={ - :if ($j + 1 = $hostnamecount) do={ - :set dhcpip [ / ip dhcp-server lease get $lease address ]; + :local Leases [ / ip dhcp-server lease find where host-name=$HostName dynamic=yes ]; + :local HostNameCount [ / ip dhcp-server lease print count-only where host-name=$HostName dynamic=yes ]; + :if ($HostNameCount > 1) do={ + :foreach J,Lease in=$Leases do={ + :if ($J + 1 = $HostNameCount) do={ + :set DhcpIp [ / ip dhcp-server lease get $Lease address ]; } } } - :if ( $dnsip = $dhcpip ) do={ - :log debug ("DNS entry for " . $fqdn . " does not need updating."); + :if ($DnsIp = $DhcpIp) do={ + :log debug ("DNS entry for " . $Fqdn . " does not need updating."); } else={ - :log info ("Replacing DNS entry for " . $fqdn . ", new address is " . $dhcpip . "."); - / ip dns static set name=$fqdn address=$dhcpip ttl=$ttl comment=$comment $dnsnode; + :log info ("Replacing DNS entry for " . $Fqdn . ", new address is " . $DhcpIp . "."); + / ip dns static set name=$Fqdn address=$DhcpIp ttl=$Ttl comment=$Comment $DnsNode; } } else={ - :log info ("Adding new DNS entry for " . $fqdn . ", address is " . $dhcpip . "."); - / ip dns static add name=$fqdn address=$dhcpip ttl=$ttl comment=$comment; + :log info ("Adding new DNS entry for " . $Fqdn . ", address is " . $DhcpIp . "."); + / ip dns static add name=$Fqdn address=$DhcpIp ttl=$Ttl comment=$Comment; } } } diff --git a/email-backup b/email-backup index a13a2ed..a15f766 100644 --- a/email-backup +++ b/email-backup @@ -4,72 +4,72 @@ # # create and email backup and config file -:global "identity"; -:global "domain"; -:global "email-backup-to"; -:global "email-backup-cc"; -:global "backup-send-binary"; -:global "backup-send-export"; -:global "backup-cloud"; -:global "backup-password"; +:global Identity; +:global Domain; +:global EmailBackupTo; +:global EmailBackupCc; +:global BackupSendBinary; +:global BackupSendExport; +:global BackupCloud; +:global BackupPassword; -:if ($"backup-send-binary" != true && \ - $"backup-send-export" != true && \ - $"backup-cloud" != true) do={ +:if ($BackupSendBinary != true && \ + $BackupSendExport != true && \ + $BackupCloud != true) do={ :error ("Configured to send neither backup nor config export."); } # filename based on identity -:local filename ($identity . "." . $domain); -:local cloudstatus $"backup-cloud"; -:local attach [ :toarray "" ]; +:local FileName ($Identity . "." . $Domain); +:local CloudStatus $BackupCloud; +:local Attach [ :toarray "" ]; # get some system information -:local model [ / system routerboard get model ]; -:local serialnumber [ / system routerboard get serial-number ]; -:local channel [ / system package update get channel ]; -:local installedversion [ / system package update get installed-version ]; +:local Model [ / system routerboard get model ]; +:local SerialNumber [ / system routerboard get serial-number ]; +:local Channel [ / system package update get channel ]; +:local InstalledVersion [ / system package update get installed-version ]; # binary backup -:if ($"backup-send-binary" = true || \ - $"backup-cloud" = true) do={ - / system backup save encryption=aes-sha256 name=$filename password=$"backup-password"; +:if ($BackupSendBinary = true || \ + $BackupCloud = true) do={ + / system backup save encryption=aes-sha256 name=$FileName password=$BackupPassword; # attach to mail - :if ($"backup-send-binary" = true) do={ - :set attach ( $attach, ($filename . ".backup") ); + :if ($BackupSendBinary = true) do={ + :set Attach ($Attach, ($FileName . ".backup")); } # upload to cloud - :if ($"backup-cloud" = true) do={ + :if ($BackupCloud = true) do={ :do { :if ([ / system backup cloud print count-only ] > 0) do={ / system backup cloud remove-file [ find ]; } - / system backup cloud upload-file action=upload src-file=($filename . ".backup"); + / system backup cloud upload-file action=upload src-file=($FileName . ".backup"); } on-error={ - :set cloudstatus "failed"; + :set CloudStatus "failed"; } } } # create configuration export -:if ($"backup-send-export" = true) do={ - / export terse file=$filename; - :set attach ( $attach, ($filename . ".rsc") ); +:if ($BackupSendExport = true) do={ + / export terse file=$FileName; + :set Attach ($Attach, ($FileName . ".rsc")); } # send email with status and files -/ tool e-mail send to=$"email-backup-to" cc=$"email-backup-cc" \ - subject=("[" . $identity . "] Backup & Config") \ - body=("Backup and config export for " . $identity . ".\n\n" . \ - "Routerboard: " . $model . "\n" . \ - "Serial number: " . $serialnumber . "\n" . \ - "Hostname: " . $identity . "\n" . \ - "Channel: " . $channel . "\n" . \ - "RouterOS: " . $installedversion . "\n\n" . \ - "Backup attached: " . $"backup-send-binary" . "\n" . \ - "Config attached: " . $"backup-send-export" . "\n" . \ - "Cloud backup: " . $cloudstatus) \ - file=$attach; +/ tool e-mail send to=$EmailBackupTo cc=$EmailBackupCc \ + subject=("[" . $Identity . "] Backup & Config") \ + body=("Backup and config export for " . $Identity . ".\n\n" . \ + "Routerboard: " . $Model . "\n" . \ + "Serial number: " . $SerialNumber . "\n" . \ + "Hostname: " . $Identity . "\n" . \ + "Channel: " . $Channel . "\n" . \ + "RouterOS: " . $InstalledVersion . "\n\n" . \ + "Backup attached: " . $BackupSendBinary . "\n" . \ + "Config attached: " . $BackupSendExport . "\n" . \ + "Cloud backup: " . $CloudStatus) \ + file=$Attach; } diff --git a/global-config b/global-config index 448fbea..85fc54b 100644 --- a/global-config +++ b/global-config @@ -6,45 +6,45 @@ # Make sure all configuration properties are up to date and this # value is in sync with value in script 'global-functions'! -:global GlobalConfigVersion 1; +:global GlobalConfigVersion 2; # This is used for DNS and backup file. -:global "domain" "example.com"; -:global "hostname-in-zone" true; +:global Domain "example.com"; +:global HostNameInZone true; # These addresses are used to send e-mails to. The to-addresses need # to be filled, cc-addresses can be empty, one address or a comma # separated list of addresses. -:global "email-general-to" "mail@example.com"; -:global "email-general-cc" "another@example.com"; -:global "email-backup-to" "mail@example.com"; -:global "email-backup-cc" ""; +:global EmailGeneralTo "mail@example.com"; +:global EmailGeneralCc "another@example.com"; +:global EmailBackupTo "mail@example.com"; +:global EmailBackupCc ""; # You can send Telegram notifications. Register a bot # and add the token and chat ids here. -:global "telegram-tokenid" ""; -:global "telegram-chatid" ""; -#:global "telegram-tokenid" "123456:ABCDEF-GHI"; -#:global "telegram-chatid" "12345678"; +:global TelegramTokenId ""; +:global TelegramChatId ""; +#:global TelegramTokenId "123456:ABCDEF-GHI"; +#:global TelegramChatId "12345678"; # This defines what backups to generate and what password to use. -:global "backup-send-binary" false; -:global "backup-send-export" true; -:global "backup-cloud" false; -:global "backup-password" "v3ry-s3cr3t"; +:global BackupSendBinary false; +:global BackupSendExport true; +:global BackupCloud false; +:global BackupPassword "v3ry-s3cr3t"; # Specify an address to enable auto update to version assumed safe. # The configured channel (bugfix, current, release-candidate) is appended. -:global "safe-update-url" ""; -#:global "safe-update-url" "https://example.com/ros/safe-update/"; +:global SafeUpdateUrl ""; +#:global SafeUpdateUrl "https://example.com/ros/safe-update/"; # This controls what configuration is activated by bridge-port-to-default. -:global "bridge-port-to" "default"; +:global BridgePortTo "default"; # Access-list entries matching this comment are updated # with daily pseudo-random PSK. -:global "daily-psk-match-comment" "Daily PSK"; -:global "daily-psk-secrets" { +:global DailyPskMatchComment "Daily PSK"; +:global DailyPskSecrets { { "Abusive"; "Aggressive"; "Bored"; "Chemical"; "Cold"; "Cruel"; "Curved"; "Delightful"; "Discreet"; "Elite"; "Evasive"; "Faded"; "Flat"; "Future"; "Grandiose"; @@ -60,9 +60,9 @@ } # Run different commands with multiple mode-button presses. -:global "mode-button" { +:global ModeButton { 1="/ system script run leds-toggle-mode;"; - 2=":global SendNotification; :global identity; \$SendNotification (\"Hello...\") (\"Hello world, \" . \$identity . \" calling!\");"; + 2=":global SendNotification; :global Identity; \$SendNotification (\"Hello...\") (\"Hello world, \" . \$Identity . \" calling!\");"; 3="/ system shutdown;"; 4="/ system reboot;"; 5="/ system script run bridge-port-toggle;"; @@ -70,7 +70,7 @@ }; # Run commands on SMS action. -:global "sms-action" { +:global SmsAction { bridge-port-toggle="/ system script run bridge-port-toggle;"; reboot="/ system reboot;"; shutdown="/ system shutdown;"; @@ -79,29 +79,29 @@ # This address should resolve ntp servers and is used to update # ntp settings. A pool can rotate servers. -:global "ntp-pool" "pool.ntp.org"; +:global NtpPool "pool.ntp.org"; # This is the address used to send gps data to. -:global "gps-track-url" "https://example.com/index.php"; +:global GpsTrackUrl "https://example.com/index.php"; # Enable this to fetch scripts from given url. -:global "script-updates-fetch" true; -:global "script-updates-baseurl" "https://git.eworm.de/cgit.cgi/routeros-scripts/plain/"; -#:global "script-updates-baseurl" "https://raw.githubusercontent.com/eworm-de/routeros-scripts/master/"; -#:global "script-updates-baseurl" "https://gitlab.com/eworm-de/routeros-scripts/raw/master/"; -:global "script-updates-urlsuffix" ""; -:global "script-updates-ignore" { +:global ScriptUpdatesFetch true; +:global ScriptUpdatesBaseUrl "https://git.eworm.de/cgit.cgi/routeros-scripts/plain/"; +#:global ScriptUpdatesBaseUrl "https://raw.githubusercontent.com/eworm-de/routeros-scripts/master/"; +#:global ScriptUpdatesBaseUrl "https://gitlab.com/eworm-de/routeros-scripts/raw/master/"; +:global ScriptUpdatesUrlSuffix ""; +:global ScriptUpdatesIgnore { "global-config" } # Use this for certificate auto-renew -:global "cert-renew-url" ""; -#:global "cert-renew-url" "https://example.com/certificates/"; -:global "cert-renew-pass" "v3ry-s3cr3t"; +:global CertRenewUrl ""; +#:global CertRenewUrl "https://example.com/certificates/"; +:global CertRenewPass "v3ry-s3cr3t"; # Configuration for update-tunnelbroker -#:global tunnelurl "ipv4.tunnelbroker.net"; -#:global tunneluser "user"; -#:global tunnelpass "v3ry-s3cr3t"; -#:global tunnelid "user-XXX.tunnel.tserv6.fra1.ipv6.he.net"; -#:global tunnelint "tunnelbroker"; +#:global TunnelUrl "ipv4.tunnelbroker.net"; +#:global TunnelUser "user"; +#:global TunnelPass "v3ry-s3cr3t"; +#:global TunnelId "user-XXX.tunnel.tserv6.fra1.ipv6.he.net"; +#:global TunnelInt "tunnelbroker"; diff --git a/global-functions b/global-functions index 8b98507..8b7c5b3 100644 --- a/global-functions +++ b/global-functions @@ -5,12 +5,12 @@ # global functions # expected configuration version -:global ExpectedConfigVersion 1; +:global ExpectedConfigVersion 2; # global variables not to be changed by user -:global "sent-routeros-update-notification" "-"; -:global "sent-lte-firmware-upgrade-notification" "-"; -:global "identity" [ / system identity get name ]; +:global SentRouterosUpdateNotification "-"; +:global SentLteFirmwareUpgradeNotification "-"; +:global Identity [ / system identity get name ]; # read input from user :global Read do={ @@ -19,44 +19,44 @@ # url encoding :global UrlEncode do={ - :local input [ :tostr $1 ]; - :local return ""; + :local Input [ :tostr $1 ]; + :local Return ""; - :if ([ :len $input ] > 0) do={ - :local chars " %&"; - :local subs { "%20"; "%25"; "%26" }; + :if ([ :len $Input ] > 0) do={ + :local Chars " %&"; + :local Subs { "%20"; "%25"; "%26" }; - :for i from=0 to=([ :len $input ] - 1) do={ - :local char [ :pick $input $i ]; - :local replace [ :find $chars $char ]; + :for I from=0 to=([ :len $Input ] - 1) do={ + :local Char [ :pick $Input $I ]; + :local Replace [ :find $Chars $Char ]; - :if ([ :len $replace ] > 0) do={ - :set char ($subs->$replace); + :if ([ :len $Replace ] > 0) do={ + :set Char ($Subs->$Replace); } - :set return ($return . $char); + :set Return ($Return . $Char); } } - :return $return; + :return $Return; } # check and import required certificates :global CertificateAvailable do={ - :local commonname [ :tostr $1 ]; - :local filename ([ :tostr $2 ] . ".pem"); + :local CommonName [ :tostr $1 ]; + :local FileName ([ :tostr $2 ] . ".pem"); - :global "script-updates-baseurl"; - :global "script-updates-urlsuffix"; + :global ScriptUpdatesBaseUrl; + :global ScriptUpdatesUrlSuffix; - :if ([ / certificate print count-only where common-name=$commonname ] = 0) do={ - :log info ("Certificate with CommonName " . $commonname . \ + :if ([ / certificate print count-only where common-name=$CommonName ] = 0) do={ + :log info ("Certificate with CommonName " . $CommonName . \ " not available, downloading and importing."); :do { / tool fetch check-certificate=yes-without-crl \ - ($"script-updates-baseurl" . "certs/" . \ - $filename . $"script-updates-urlsuffix") \ - dst-path=$filename; - / certificate import file-name=$filename passphrase=""; + ($ScriptUpdatesBaseUrl . "certs/" . \ + $FileName . $ScriptUpdatesUrlSuffix) \ + dst-path=$FileName; + / certificate import file-name=$FileName passphrase=""; } on-error={ :log warning "Failed imprting certificate!"; } @@ -66,35 +66,35 @@ # send notification via e-mail and telegram # Note that attachment is ignored for telegram! :global SendNotification do={ - :local subject [ :tostr $1 ]; - :local message [ :tostr $2 ]; - :local attach [ :tostr $3 ]; + :local Subject [ :tostr $1 ]; + :local Message [ :tostr $2 ]; + :local Attach [ :tostr $3 ]; - :global "identity"; - :global "email-general-to"; - :global "email-general-cc"; - :global "telegram-tokenid"; - :global "telegram-chatid"; + :global Identity; + :global EmailGeneralTo; + :global EmailGeneralCc; + :global TelegramTokenId; + :global TelegramChatId; :global UrlEncode; :global CertificateAvailable; - :if ([ :len $"email-general-to" ] > 0) do={ + :if ([ :len $EmailGeneralTo ] > 0) do={ :do { - / tool e-mail send to=$"email-general-to" cc=$"email-general-cc" \ - subject=("[" . $"identity" . "] " . $subject) body=$message file=$attach; + / tool e-mail send to=$EmailGeneralTo cc=$EmailGeneralCc \ + subject=("[" . $Identity . "] " . $Subject) body=$Message file=$Attach; } on-error={ :log warning "Failed sending notification mail!"; } } - :if ([ :len $"telegram-tokenid" ] > 0 && [ :len $"telegram-chatid" ] > 0) do={ + :if ([ :len $TelegramTokenId ] > 0 && [ :len $TelegramChatId ] > 0) do={ $CertificateAvailable "Go Daddy Secure Certificate Authority - G2" "godaddy"; :do { / tool fetch check-certificate=yes-without-crl keep-result=no http-method=post \ - ("https://api.telegram.org/bot" . $"telegram-tokenid" . "/sendMessage") \ - http-data=("chat_id=" . $"telegram-chatid" . "&text=" . \ - [ $UrlEncode ("[" . $"identity" . "] " . $subject . "\n\n" . $message) ]); + ("https://api.telegram.org/bot" . $TelegramTokenId . "/sendMessage") \ + http-data=("chat_id=" . $TelegramChatId . "&text=" . \ + [ $UrlEncode ("[" . $Identity . "] " . $Subject . "\n\n" . $Message) ]); } on-error={ :log warning "Failed sending telegram notification!"; } @@ -103,16 +103,16 @@ # get MAC vendor :global GetMacVendor do={ - :local mac [ :tostr $1 ]; + :local Mac [ :tostr $1 ]; :global CertificateAvailable; :do { - :local vendor; + :local Vendor; $CertificateAvailable "Let's Encrypt Authority X3" "letsencrypt"; - :set vendor ([ / tool fetch mode=https check-certificate=yes-without-crl \ - url=("https://api.macvendors.com/" . [ :pick $mac 0 8 ]) output=user as-value ]->"data"); - :return $vendor; + :set Vendor ([ / tool fetch mode=https check-certificate=yes-without-crl \ + ("https://api.macvendors.com/" . [ :pick $Mac 0 8 ]) output=user as-value ]->"data"); + :return $Vendor; } on-error={ :return "unknown vendor"; } @@ -120,25 +120,25 @@ # download package from upgrade server :global DownloadPackage do={ - :local pkgname [ :tostr $1 ]; - :local pkgver [ :tostr $2 ]; - :local pkgarch [ :tostr $3 ]; - :local pkgdest [ :tostr $4 ]; + :local PkgName [ :tostr $1 ]; + :local PkgVer [ :tostr $2 ]; + :local PkgArch [ :tostr $3 ]; + :local PkgDest [ :tostr $4 ]; :global CertificateAvailable; - :if ([ :len $pkgname ] = 0) do={ return false; } - :if ([ :len $pkgver ] = 0) do={ :set pkgver [ / system package update get installed-version ]; } - :if ([ :len $pkgarch ] = 0) do={ :set pkgarch [ / system resource get architecture-name ]; } + :if ([ :len $PkgName ] = 0) do={ return false; } + :if ([ :len $PkgVer ] = 0) do={ :set PkgVer [ / system package update get installed-version ]; } + :if ([ :len $PkgArch ] = 0) do={ :set PkgArch [ / system resource get architecture-name ]; } $CertificateAvailable "Let's Encrypt Authority X3" "letsencrypt"; do { - :local pkgfile ($pkgname . "-" . $pkgver . "-" . $pkgarch . ".npk"); + :local PkgFile ($PkgName . "-" . $PkgVer . "-" . $PkgArch . ".npk"); / tool fetch mode=https check-certificate=yes-without-crl \ - ("https://upgrade.mikrotik.com/routeros/" . $pkgver . "/" . $pkgfile) \ - dst-path=($pkgdest . "/" . $pkgfile); - return true; + ("https://upgrade.mikrotik.com/routeros/" . $PkgVer . "/" . $PkgFile) \ + dst-path=($PkgDest . "/" . $PkgFile); + :return true; } on-error={ - return false; + :return false; } } @@ -4,26 +4,23 @@ # # track gps data by sending json data to http server -:global "identity"; -:global "gps-track-url"; +:global Identity; +:global GpsTrackUrl; -:local gps [ / system gps monitor once as-value ]; +:local Gps [ / system gps monitor once as-value ]; -if ($gps->"valid" = true) do={ - :tool fetch mode=http \ - url=$"gps-track-url" \ - check-certificate=yes-without-crl \ - keep-result=no \ - http-method=post \ - http-content-type="application/json" \ +if ($Gps->"valid" = true) do={ + :tool fetch mode=https check-certificate=yes-without-crl \ + $GpsTrackUrl keep-result=no \ + http-method=post http-content-type="application/json" \ http-data=("{" . \ - "\"lat\":\"" . ($gps->"latitude") . "\"," . \ - "\"lon\":\"" . ($gps->"longitude") . "\"," . \ - "\"identity\":\"" . $identity . "\"" . \ + "\"lat\":\"" . ($Gps->"latitude") . "\"," . \ + "\"lon\":\"" . ($Gps->"longitude") . "\"," . \ + "\"identity\":\"" . $Identity . "\"" . \ "}"); :log debug ("Sending GPS data for tracking: " . \ - "lat: " . ($gps->"latitude") . " " . \ - "lon: " . ($gps->"longitude")); + "lat: " . ($Gps->"latitude") . " " . \ + "lon: " . ($Gps->"longitude")); } else={ :log debug ("GPS data not valid."); } diff --git a/initial-commands b/initial-commands index ad44ebb..86f46ba 100644 --- a/initial-commands +++ b/initial-commands @@ -12,8 +12,8 @@ :if ([ / certificate print count-only where fingerprint="96bcec06264976f37460779acf28c5a7cfe8a3c0aae11a8ffcee05c0bddf08c6" or fingerprint="731d3d9cfaa061487a1d71445a42f67df0afca2a6c2d2f98ff7b3ce112b1f568" or fingerprint="0687260331a72403d909f105e69bcf0d32e1bd2493ffc6d9206d11bcd6770739" ] != 3) do={ :error "Anything is wrong with your certificates!"; } - :foreach script in={ "global-config"; "global-functions"; "script-updates" } do={ - / system script add name=$script source=([ / tool fetch check-certificate=yes-without-crl ("https://git.eworm.de/cgit.cgi/routeros-scripts/plain/" . $script) output=user as-value]->"data"); + :foreach Script in={ "global-config"; "global-functions"; "script-updates" } do={ + / system script add name=$Script source=([ / tool fetch check-certificate=yes-without-crl ("https://git.eworm.de/cgit.cgi/routeros-scripts/plain/" . $Script) output=user as-value]->"data"); } / system script run global-config; / system script run global-functions; diff --git a/ip-addr-bridge b/ip-addr-bridge index 40bc017..f503310 100644 --- a/ip-addr-bridge +++ b/ip-addr-bridge @@ -4,13 +4,13 @@ # # enable or disable ip addresses based on bridge port state -:foreach bridge in=[ / interface bridge find ] do={ - :local brname [ / interface bridge get $bridge name ]; - :if ([ / interface bridge port print count-only where bridge=$brname ] > 0) do={ - :if ([ / interface bridge port print count-only where bridge=$brname and inactive=no ] = 0) do={ - / ip address disable [ find where !dynamic interface=$brname ]; +:foreach Bridge in=[ / interface bridge find ] do={ + :local BrName [ / interface bridge get $Bridge name ]; + :if ([ / interface bridge port print count-only where bridge=$BrName ] > 0) do={ + :if ([ / interface bridge port print count-only where bridge=$BrName and inactive=no ] = 0) do={ + / ip address disable [ find where !dynamic interface=$BrName ]; } else={ - / ip address enable [ find where !dynamic interface=$brname ]; + / ip address enable [ find where !dynamic interface=$BrName ]; } } } diff --git a/ipv6-update b/ipv6-update index 12b9856..73336c1 100644 --- a/ipv6-update +++ b/ipv6-update @@ -4,31 +4,33 @@ # # update firewall and dns settings on IPv6 prefix change -:local pool [ / ipv6 pool get [ find where prefix=$"pd-prefix" ] name ]; -:local addrlist [ / ipv6 firewall address-list find where comment=("ipv6-pool-" . $pool) ]; -:local oldprefix [ / ipv6 firewall address-list get $addrlist address ]; +:local PdPrefix $"pd-prefix"; + +:local Pool [ / ipv6 pool get [ find where prefix=$PdPrefix ] name ]; +:local AddrList [ / ipv6 firewall address-list find where comment=("ipv6-pool-" . $Pool) ]; +:local OldPrefix [ / ipv6 firewall address-list get $AddrList address ]; # give the interfaces a moment to receive their addresses :delay 2s; -if ($oldprefix != $"pd-prefix") do={ - :log info ("Updating IPv6 address list with new IPv6 prefix " . $"pd-prefix"); - / ipv6 firewall address-list set address=$"pd-prefix" $addrlist; +if ($OldPrefix != $PdPrefix) do={ + :log info ("Updating IPv6 address list with new IPv6 prefix " . $PdPrefix); + / ipv6 firewall address-list set address=$PdPrefix $AddrList; - :foreach record in=[ / ip dns static find where comment~("ipv6-pool-" . $pool) ] do={ - :local comment [ :toarray [ / ip dns static get $record comment ] ]; - :local intname [ :pick [ :pick $comment 1 ] 10 99 ]; - :local suffix [ :pick [ :pick $comment 2 ] 7 99 ]; + :foreach Record in=[ / ip dns static find where comment~("ipv6-pool-" . $Pool) ] do={ + :local Comment [ :toarray [ / ip dns static get $Record comment ] ]; + :local IntName [ :pick [ :pick $Comment 1 ] 10 99 ]; + :local Suffix [ :pick [ :pick $Comment 2 ] 7 99 ]; - :local prefix [ / ipv6 address get [ find where interface=$intname from-pool=$pool global ] address ]; - :local prefix64 [ :pick $prefix 0 [ :find $prefix "::/64" ] ]; + :local Prefix [ / ipv6 address get [ find where interface=$IntName from-pool=$Pool global ] address ]; + :local Prefix64 [ :pick $Prefix 0 [ :find $Prefix "::/64" ] ]; - :local name [ / ip dns static get $record name ]; - :if ([ :len $name ] = 0) do={ - :set name [ / ip dns static get $record regex ]; + :local Name [ / ip dns static get $Record name ]; + :if ([ :len $Name ] = 0) do={ + :set Name [ / ip dns static get $Record regex ]; } - :log info ("Updating DNS record for " . $name . " to " . $prefix64 . ":" . $suffix); - / ip dns static set address=($prefix64 . ":" . $suffix) $record; + :log info ("Updating DNS record for " . $Name . " to " . $Prefix64 . ":" . $Suffix); + / ip dns static set address=($Prefix64 . ":" . $Suffix) $Record; } } diff --git a/lease-script b/lease-script index 78b51c6..c110201 100644 --- a/lease-script +++ b/lease-script @@ -5,7 +5,7 @@ # run scripts on DHCP lease # ( / ip dhcp-server set lease-script=lease-script [ find ] ) -:local scripts { +:local Scripts { "dhcp-to-dns"; "collect-wireless-mac.local"; "dhcp-lease-comment.local"; @@ -16,9 +16,9 @@ # delay a second to give time to update the lease table :delay 1s; -:foreach script in=$scripts do={ - :if ([ / system script print count-only where name=$script ] > 0) do={ - :log debug ("Running script from lease-script: " . $script); - / system script run $script; +:foreach Script in=$Scripts do={ + :if ([ / system script print count-only where name=$Script ] > 0) do={ + :log debug ("Running script from lease-script: " . $Script); + / system script run $Script; } } diff --git a/manage-umts b/manage-umts index b13049a..e416ee2 100644 --- a/manage-umts +++ b/manage-umts @@ -4,24 +4,25 @@ # # manage UMTS interface based on ethernet and wireless status -:local etherint "en1"; -:local wlanint "wl-station"; -:local umtsint "t-mobile"; +:local EtherInt "en1"; +:local WlanInt "wl-station"; +:local UmtsInt "t-mobile"; -:local etherstatus [ / interface ethernet get $etherint running ]; -:local wlanstatus [ / interface wireless get $wlanint running ]; +:local EtherStatus [ / interface ethernet get $EtherInt running ]; +:local WlanStatus [ / interface wireless get $WlanInt running ]; -:if ( $etherstatus = true || wlanstatus = true ) do={ - :if ( [ / interface get $umtsint disabled ] = false ) do={ - :log info ("Ethernet (" . $etherint . " / " . $etherstatus . ") or " . \ - "wireless (" . $wlanint . " / " . $wlanstatus . ") is running, " . \ - "UMTS interface " . $umtsint . " is enabled. Disabling..."); - / interface set disabled=yes $umtsint; - }; +:if ($EtherStatus = true || $WlanStatus = true) do={ + :if ([ / interface get $UmtsInt disabled ] = false) do={ + :log info ("Ethernet (" . $EtherInt . " / " . $EtherStatus . ") or " . \ + "wireless (" . $WlanInt . " / " . $WlanStatus . ") is running, " . \ + "UMTS interface " . $UmtsInt . " is enabled. Disabling..."); + / interface set disabled=yes $UmtsInt; + } } else={ - :if ( [ / interface get $umtsint disabled ] = true ) do={ - :log info ("Neither ethernet (" . $etherint . ") nor wireless (" . $wlanint . ") interface is running, " . \ - "UMTS interface " . $umtsint . " is disabled. Enabling..."); - / interface set disabled=no $umtsint; - }; -}; + :if ([ / interface get $UmtsInt disabled ] = true) do={ + :log info ("Neither ethernet (" . $EtherInt . ") nor wireless (" . \ + $WlanInt . ") interface is running, UMTS interface " . $UmtsInt . \ + " is disabled. Enabling..."); + / interface set disabled=no $UmtsInt; + } +} diff --git a/mode-button-event b/mode-button-event index 8428945..82c1f4b 100644 --- a/mode-button-event +++ b/mode-button-event @@ -4,16 +4,16 @@ # # run on mode-button event and count button presses -:global "mode-button"; +:global ModeButton; -:set ($"mode-button"->"count") ($"mode-button"->"count" + 1); +:set ($ModeButton->"count") ($ModeButton->"count" + 1); -:local scheduler [ / system scheduler find where name="mode-button-scheduler" ]; +:local Scheduler [ / system scheduler find where name="mode-button-scheduler" ]; -:if ([ :len $scheduler ] = 0) do={ +:if ([ :len $Scheduler ] = 0) do={ :log info "Creating mode-button scheduler, counting presses..."; / system scheduler add name=mode-button-scheduler on-event=mode-button-scheduler interval=3s; } else={ :log debug "Updating mode-button-scheduler..."; - / system scheduler set $scheduler start-time=[ /system clock get time ]; + / system scheduler set $Scheduler start-time=[ /system clock get time ]; } diff --git a/mode-button-scheduler b/mode-button-scheduler index 4d3facf..bce6089 100644 --- a/mode-button-scheduler +++ b/mode-button-scheduler @@ -4,15 +4,15 @@ # # act on multiple mode-botton presses from scheduler -:global "mode-button"; +:global ModeButton; -:local count ($"mode-button"->"count"); -:local code ($"mode-button"->[ :tostr $count ]); -:local parsed [ :parse $code ]; +:local Count ($ModeButton->"count"); +:local Code ($ModeButton->[ :tostr $Count ]); +:local Parsed [ :parse $Code ]; -:set ($"mode-button"->"count") 0; +:set ($ModeButton->"count") 0; / system scheduler remove mode-button-scheduler; -:log info ("Acting on " . $count . " mode-button presses: " . $code); +:log info ("Acting on " . $Count . " mode-button presses: " . $Code); :delay 1s; -$parsed; +$Parsed; diff --git a/netwatch-syslog b/netwatch-syslog index 71d75d1..87e9709 100644 --- a/netwatch-syslog +++ b/netwatch-syslog @@ -6,9 +6,9 @@ # # manage remote logging facilities -:local remote [ /system logging action get [ :pick [ find where target=remote ] 0 ] remote ]; +:local Remote [ /system logging action get [ :pick [ find where target=remote ] 0 ] remote ]; -if ([ / tool netwatch get [ find where host=$remote ] status ] = "up") do={ +if ([ / tool netwatch get [ find where host=$Remote ] status ] = "up") do={ / system logging set disabled=no [ find where action=remote disabled=yes ]; } else={ / system logging set disabled=yes [ find where action=remote disabled=no ]; @@ -5,10 +5,11 @@ # run scripts on ppp up # variable $interface is available in ppp on-up script -:local dhcpclient [ / ipv6 dhcp-client find where interface=$interface ]; +:local Interface $interface; +:local DhcpClient [ / ipv6 dhcp-client find where interface=$Interface ]; -:if ( [ :len $dhcpclient ] > 0) do={ - / ipv6 dhcp-client disable $dhcpclient; +:if ([ :len $DhcpClient ] > 0) do={ + / ipv6 dhcp-client disable $DhcpClient; :delay 1s; - / ipv6 dhcp-client enable $dhcpclient; + / ipv6 dhcp-client enable $DhcpClient; } @@ -4,14 +4,14 @@ # # rotate the ntp servers -:global "ntp-pool"; +:global NtpPool; -:local ntp1 [ :resolve ("0." . $"ntp-pool") ]; -:local ntp2 [ :resolve ("1." . $"ntp-pool") ]; +:local Ntp1 [ :resolve ("0." . $NtpPool) ]; +:local Ntp2 [ :resolve ("1." . $NtpPool) ]; :if ([ / system ntp client get enabled ] != true) do={ :log warning "NTP client is not enabled!"; } -:log info ("Updating NTP servers to " . $ntp1 . " and " . $ntp2); -/ system ntp client set primary-ntp=$ntp1 secondary-ntp=$ntp2; +:log info ("Updating NTP servers to " . $Ntp1 . " and " . $Ntp2); +/ system ntp client set primary-ntp=$Ntp1 secondary-ntp=$Ntp2; diff --git a/script-updates b/script-updates index 5ed0f5b..971f2e4 100644 --- a/script-updates +++ b/script-updates @@ -6,80 +6,80 @@ :global GlobalConfigVersion; :global ExpectedConfigVersion; -:global "identity"; -:global "script-updates-fetch"; -:global "script-updates-baseurl"; -:global "script-updates-urlsuffix"; -:global "script-updates-ignore"; +:global Identity; +:global ScriptUpdatesFetch; +:global ScriptUpdatesBaseUrl; +:global ScriptUpdatesUrlSuffix; +:global ScriptUpdatesIgnore; :global SendNotification; -:foreach script in=[ / system script find ] do={ - :local ignore 0; - :local scriptname [ / system script get $script name ]; - :local scriptpolicy [ / system script get $script policy ]; - :local scriptfile [ / file find where name=("script-updates/" . $scriptname) ]; - :local sourcenew; - :if ([ :len $scriptfile ] > 0) do={ - :set sourcenew [ / file get $scriptfile content ]; - / file remove $scriptfile; +:foreach Script in=[ / system script find ] do={ + :local Ignore 0; + :local ScriptName [ / system script get $Script name ]; + :local ScriptPolicy [ / system script get $Script policy ]; + :local ScriptFile [ / file find where name=("script-updates/" . $ScriptName) ]; + :local SourceNew; + :if ([ :len $ScriptFile ] > 0) do={ + :set SourceNew [ / file get $ScriptFile content ]; + / file remove $ScriptFile; } - :foreach scheduler in=[ / system scheduler find where on-event=$scriptname ] do={ - :local schedulername [ / system scheduler get $scheduler name ]; - :local schedulerpolicy [ / system scheduler get $scheduler policy ]; - :if ($scriptpolicy != schedulerpolicy) do={ - :log warning ("Policies differ for script " . $scriptname . \ - " and its scheduler " . $schedulername . "!"); + :foreach Scheduler in=[ / system scheduler find where on-event=$ScriptName ] do={ + :local SchedulerName [ / system scheduler get $Scheduler name ]; + :local SchedulerPolicy [ / system scheduler get $Scheduler policy ]; + :if ($ScriptPolicy != $SchedulerPolicy) do={ + :log warning ("Policies differ for script " . $ScriptName . \ + " and its scheduler " . $SchedulerName . "!"); } } - :if ([ :len $sourcenew ] = 0 && $"script-updates-fetch" = true) do={ - :foreach "ignore-loop" in=$"script-updates-ignore" do={ - :if ($"ignore-loop" = $scriptname) do={ :set ignore 1; } + :if ([ :len $SourceNew ] = 0 && $ScriptUpdatesFetch = true) do={ + :foreach IgnoreLoop in=$ScriptUpdatesIgnore do={ + :if ($IgnoreLoop = $ScriptName) do={ :set Ignore 1; } } - :if ($ignore = 0) do={ - :log debug ("Fetching script from url: " . $scriptname); + :if ($Ignore = 0) do={ + :log debug ("Fetching script from url: " . $ScriptName); :do { - :local result [ / tool fetch check-certificate=yes-without-crl \ - ($"script-updates-baseurl" . $scriptname . $"script-updates-urlsuffix") \ + :local Result [ / tool fetch check-certificate=yes-without-crl \ + ($ScriptUpdatesBaseUrl . $ScriptName . $ScriptUpdatesUrlSuffix) \ output=user as-value ]; - :if ($result->"status" = "finished") do={ - :set sourcenew ($result->"data"); + :if ($Result->"status" = "finished") do={ + :set SourceNew ($Result->"data"); } } on-error={ - :log info ("Failed fetching " . $scriptname); + :log info ("Failed fetching " . $ScriptName); } } } - :if ([ :len $sourcenew ] > 0) do={ - :if ([ :pick $sourcenew 0 5 ] = "#!rsc") do={ - :local sourcecurrent [ / system script get $script source ]; - :if ($sourcenew != $sourcecurrent) do={ - :local "dont-require-permissions" \ - ($sourcenew~"\n# requires: dont-require-permissions=yes\n"); - :log info ("Updating script: " . $scriptname); - / system script set owner=$scriptname source=$sourcenew \ - dont-require-permissions=$"dont-require-permissions" $script; - :if ($scriptname = "global-functions") do={ + :if ([ :len $SourceNew ] > 0) do={ + :if ([ :pick $SourceNew 0 5 ] = "#!rsc") do={ + :local SourceCurrent [ / system script get $Script source ]; + :if ($SourceNew != $SourceCurrent) do={ + :local DontRequirePermissions \ + ($SourceNew~"\n# requires: dont-require-permissions=yes\n"); + :log info ("Updating script: " . $ScriptName); + / system script set owner=$ScriptName source=$SourceNew \ + dont-require-permissions=$DontRequirePermissions $Script; + :if ($ScriptName = "global-functions") do={ / system script run global-functions; } } else={ - :log debug ("Script " . $scriptname . " did not change"); + :log debug ("Script " . $ScriptName . " did not change."); } } else={ - :log warning ("Looks like new script " . $scriptname . " is not valid. Ignoring!"); + :log warning ("Looks like new script " . $ScriptName . " is not valid. Ignoring!"); } } else={ - :log debug ("No update for script " . $scriptname); + :log debug ("No update for script " . $ScriptName . "."); } } :if ($GlobalConfigVersion < $ExpectedConfigVersion) do={ $SendNotification "Configuration warning!" \ - ("Current configuration on " . $identity . " is out of date. " . \ + ("Current configuration on " . $Identity . " is out of date. " . \ "Please update global-config, then increase variable " . \ "GlobalConfigVersion (currently " . $GlobalConfigVersion . \ ") to " . $ExpectedConfigVersion . " and re-run global-config."); @@ -4,11 +4,13 @@ # # run action on received SMS -:global "sms-action"; +:global SmsAction; -:local code ($"sms-action"->$action); -:local parsed [ :parse $code ]; +:local Action $action; -:log info ("Acting on SMS action '" . $action . "': " . $code); +:local Code ($SmsAction->$Action); +:local Parsed [ :parse $Code ]; + +:log info ("Acting on SMS action '" . $Action . "': " . $Code); :delay 1s; -$parsed; +$Parsed; diff --git a/sms-forward b/sms-forward index d94f0c3..f22949f 100644 --- a/sms-forward +++ b/sms-forward @@ -4,7 +4,7 @@ # # forward SMS to e-mail -:global "identity"; +:global Identity; :global SendNotification; @@ -13,25 +13,25 @@ :error "Mail server is not up."; } -:local allowed [ / tool sms get allowed-number ]; -:local secret [ / tool sms get secret ]; +:local Allowed [ / tool sms get allowed-number ]; +:local Secret [ / tool sms get secret ]; # forward SMS in a loop -:foreach sms in=[ / tool sms inbox find ] do={ - :local message [ / tool sms inbox get $sms message ]; - :local phone [ / tool sms inbox get $sms phone ]; - :local timestamp [ / tool sms inbox get $sms timestamp ]; - :local type [ / tool sms inbox get $sms type ]; +:foreach Sms in=[ / tool sms inbox find ] do={ + :local Message [ / tool sms inbox get $Sms message ]; + :local Phone [ / tool sms inbox get $Sms phone ]; + :local TimeStamp [ / tool sms inbox get $Sms timestamp ]; + :local Type [ / tool sms inbox get $Sms type ]; - :if ($phone = $allowed && message~("^:cmd " . $secret . " script ")) do={ + :if ($Phone = $Allowed && $Message~("^:cmd " . $Secret . " script ")) do={ :log debug "Ignoring SMS, which starts a script."; } else={ $SendNotification ("SMS Forwarding") \ - ("A message was received by " . $identity . ":\n\n" . \ - "Phone: " . $phone . "\n" . \ - "Timestamp: " . $timestamp . "\n" . \ - "Type: " . $type . "\n\n" . \ - "Message:\n" . $message); - / tool sms inbox remove $sms; + ("A message was received by " . $Identity . ":\n\n" . \ + "Phone: " . $Phone . "\n" . \ + "Timestamp: " . $TimeStamp . "\n" . \ + "Type: " . $Type . "\n\n" . \ + "Message:\n" . $Message); + / tool sms inbox remove $Sms; } } diff --git a/ssh-keys-import b/ssh-keys-import index b7fc876..0f7fb5b 100644 --- a/ssh-keys-import +++ b/ssh-keys-import @@ -8,4 +8,4 @@ # while read type key name; do echo $type $key $name > $name.pub; done < keys.pub # ... then transfer with scp/sftp. -:foreach key in=[ / file find where type="ssh key" ] do={ / user ssh-key import user=admin public-key-file=[ / file get $key name ]; } +:foreach Key in=[ / file find where type="ssh key" ] do={ / user ssh-key import user=admin public-key-file=[ / file get $Key name ]; } diff --git a/super-mario-theme b/super-mario-theme index 5a03cc9..1e59c6a 100644 --- a/super-mario-theme +++ b/super-mario-theme @@ -4,7 +4,7 @@ # # play Super Mario theme -:local beeps { +:local Beeps { { 660; 100 }; 150; { 660; 100 }; 300; { 660; 100 }; 300; { 510; 100 }; 100; { 660; 100 }; 300; { 770; 100 }; 550; { 380; 100 }; 575; { 510; 100 }; 450; { 380; 100 }; 400; @@ -58,10 +58,10 @@ { 660; 100 }; 300; { 660; 100 }; 300; { 510; 100 }; 100; { 660; 100 }; 300; { 770; 100 }; 550; { 380; 100 }; 575 }; -:foreach beep in=$beeps do={ - :if ([ :len $beep ] = 2) do={ - :beep frequency=[ :pick $beep 0 ] length=([ :pick $beep 1 ] . "ms"); +:foreach Beep in=$Beeps do={ + :if ([ :len $Beep ] = 2) do={ + :beep frequency=[ :pick $Beep 0 ] length=([ :pick $Beep 1 ] . "ms"); } else={ - :delay ($beep . "ms"); + :delay ($Beep . "ms"); } } diff --git a/unattended-lte-firmware-upgrade b/unattended-lte-firmware-upgrade index 3570c57..9a717e3 100644 --- a/unattended-lte-firmware-upgrade +++ b/unattended-lte-firmware-upgrade @@ -4,26 +4,26 @@ # # schedule unattended lte firmware upgrade -:foreach interface in=[ / interface lte find ] do={ - :local firmware; - :local intname [ / interface lte get $interface name ]; +:foreach Interface in=[ / interface lte find ] do={ + :local Firmware; + :local IntName [ / interface lte get $Interface name ]; do { - :set firmware [ / interface lte firmware-upgrade $interface once as-value ]; + :set Firmware [ / interface lte firmware-upgrade $Interface once as-value ]; # strip the extra line break (TODO: remove when fixed upstream) - :set ($firmware->"latest") [ :pick ($firmware->"latest") 0 [ :find ($firmware->"latest") "\n" ] ]; + :set ($Firmware->"latest") [ :pick ($Firmware->"latest") 0 [ :find ($Firmware->"latest") "\n" ] ]; } on-error={ - :log debug ("Could not get latest LTE firmware version for interface " . $intname . "."); + :log debug ("Could not get latest LTE firmware version for interface " . $IntName . "."); } - :if (($firmware->"installed") != ($firmware->"latest")) do={ - :log info ("Scheduling LTE firmware upgrade for interface " . $intname . "."); - / system script add name=($intname . "-firmware-upgrade") source=("# unattended-lte-firmware-upgrade\n" . \ - "/ system scheduler remove " . $intname . "-firmware-upgrade;\n" . \ - "/ system script remove " . $intname . "-firmware-upgrade;\n" . \ - "/ interface lte firmware-upgrade " . $intname . " upgrade=yes;\n" . \ + :if (($Firmware->"installed") != ($Firmware->"latest")) do={ + :log info ("Scheduling LTE firmware upgrade for interface " . $IntName . "."); + / system script add name=($IntName . "-firmware-upgrade") source=("# unattended-lte-firmware-upgrade\n" . \ + "/ system scheduler remove " . $IntName . "-firmware-upgrade;\n" . \ + "/ system script remove " . $IntName . "-firmware-upgrade;\n" . \ + "/ interface lte firmware-upgrade " . $IntName . " upgrade=yes;\n" . \ ":log info (\"LTE firmware upgrade finished, waiting for installation before reset.\");\n" . \ ":delay 150s;\n" . \ - "/ interface lte at-chat " . $intname . " input=\"AT+RESET\";"); - / system scheduler add name=($intname . "-firmware-upgrade") on-event=($intname . "-firmware-upgrade") interval=1m; + "/ interface lte at-chat " . $IntName . " input=\"AT+RESET\";"); + / system scheduler add name=($IntName . "-firmware-upgrade") on-event=($IntName . "-firmware-upgrade") interval=1m; } } diff --git a/update-gre-address b/update-gre-address index 698f30c..2964d46 100644 --- a/update-gre-address +++ b/update-gre-address @@ -7,18 +7,18 @@ / interface gre set remote-address=0.0.0.0 disabled=yes [ find where !running !disabled ]; -:foreach peer in=[ / ip ipsec remote-peers find ] do={ - :local id [ / ip ipsec remote-peers get $peer id ]; - :local greint [ / interface gre find where comment=$id ]; - :if ([ :len $greint ] > 0) do={ - :local grename [ / interface gre get $greint name ]; - :local addrold [ / interface gre get $greint remote-address ]; - :local disabled [ / interface gre get $greint disabled ]; - :local addrnew [ / ip ipsec remote-peers get $peer dynamic-address ]; - :if ($addrnew != $addrold || $disabled = true) do={ - :log info ("Update remote address for interface " . $grename . " to " . $addrnew); - / interface gre set remote-address=0.0.0.0 disabled=yes [ find where remote-address=$addrnew name!=$grename ]; - / interface gre set $greint remote-address=$addrnew disabled=no; +:foreach Peer in=[ / ip ipsec remote-peers find ] do={ + :local Id [ / ip ipsec remote-peers get $Peer id ]; + :local GreInt [ / interface gre find where comment=$Id ]; + :if ([ :len $GreInt ] > 0) do={ + :local GreName [ / interface gre get $GreInt name ]; + :local AddrOld [ / interface gre get $GreInt remote-address ]; + :local Disabled [ / interface gre get $GreInt disabled ]; + :local AddrNew [ / ip ipsec remote-peers get $Peer dynamic-address ]; + :if ($AddrNew != $AddrOld || $Disabled = true) do={ + :log info ("Update remote address for interface " . $GreName . " to " . $AddrNew); + / interface gre set remote-address=0.0.0.0 disabled=yes [ find where remote-address=$AddrNew name!=$GreName ]; + / interface gre set $GreInt remote-address=$AddrNew disabled=no; } } } diff --git a/update-tunnelbroker b/update-tunnelbroker index fccd41c..cf8af45 100644 --- a/update-tunnelbroker +++ b/update-tunnelbroker @@ -3,11 +3,11 @@ # Copyright (c) 2013-2019 Christian Hesse <mail@eworm.de> # Michael Gisbers <michael@gisbers.de> -:global tunnelurl; -:global tunneluser; -:global tunnelpass; -:global tunnelid; -:global tunnelint; +:global TunnelUrl; +:global TunnelUser; +:global TunnelPass; +:global TunnelId; +:global TunnelInt; :global CertificateAvailable; @@ -16,22 +16,22 @@ } # get the last ip address from tunnel interface -:local tunnellastip [ / interface 6to4 get [ / interface 6to4 find where name=$tunnelint ] local-address ]; +:local TunnelLastIp [ / interface 6to4 get [ / interface 6to4 find where name=$TunnelInt ] local-address ]; # Get the current ip address from cloud / ip cloud force-update; -while ([ / ip cloud get status ] != "updated" ) do={ +:while ([ / ip cloud get status ] != "updated") do={ :delay 1s; } -:local tunnelip [ / ip cloud get public-address ]; +:local TunnelIp [ / ip cloud get public-address ]; -:if ($tunnelip != $tunnellastip) do={ +:if ($TunnelIp != $TunnelLastIp) do={ $CertificateAvailable "Starfield Secure Certificate Authority - G2" "starfield"; - :log info ("Local address changed, sending UPDATE to tunnelbroker! New address: " . $tunnelip); + :log info ("Local address changed, sending UPDATE to tunnelbroker! New address: " . $TunnelIp); / tool fetch mode=https check-certificate=yes-without-crl \ - ("https://" . $tunnelurl . "/nic/update\?hostname=" . $tunnelid) \ - user=$tunneluser password=$tunnelpass keep-result=no; - / interface 6to4 set [ / interface 6to4 find where name=$tunnelint ] local-address=$tunnelip; + ("https://" . $TunnelUrl . "/nic/update\?hostname=" . $TunnelId) \ + user=$TunnelUser password=$TunnelPass keep-result=no; + / interface 6to4 set [ / interface 6to4 find where name=$TunnelInt ] local-address=$TunnelIp; } else={ :log debug "All tunnelbroker configuration is up to date."; } |