diff options
author | Christian Hesse <mail@eworm.de> | 2018-07-05 15:29:26 +0200 |
---|---|---|
committer | Christian Hesse <mail@eworm.de> | 2018-07-05 15:34:08 +0200 |
commit | e1f134ead584c7b2e9ed406f5520d7f1a23294aa (patch) | |
tree | 929660280fb0acc183401d7e59a40f1cd7e8992c /update-gre-address | |
parent | 1d99dc38ff1f583d6e46adc5d1ba3455114d53c1 (diff) |
add scripts
Diffstat (limited to 'update-gre-address')
-rw-r--r-- | update-gre-address | 30 |
1 files changed, 30 insertions, 0 deletions
diff --git a/update-gre-address b/update-gre-address new file mode 100644 index 0000000..ea55a9b --- /dev/null +++ b/update-gre-address @@ -0,0 +1,30 @@ +# RouterOS script: update-gre-address +# Copyright (c) 2013-2018 Christian Hesse <mail@eworm.de> +# +# update gre interface remote address with dynamic address from +# ipsec remote peer + +:global "gre-cert-prefix"; +:global "gre-int-prefix"; + +/ interface gre set remote-address=0.0.0.0 disabled=yes [ find where !running !disabled ]; + +:foreach peer in=[ / ip ipsec remote-peers find ] do={ + :local id [ / ip ipsec remote-peers get $peer id ]; + + :if ([ :pick $id 0 [ :len $"gre-cert-prefix" ] ] = $"gre-cert-prefix") do={ + :local name [ :pick $id [ :len $"gre-cert-prefix" ] [ :len $id ] ]; + :local addrnew [ / ip ipsec remote-peers get $peer dynamic-address ]; + :local grename ($"gre-int-prefix" . $name); + :local greint [ / interface gre find where name=$grename ]; + :if ([ :len $greint ] > 0) do={ + :local addrold [ / interface gre get $greint remote-address ]; + :local disabled [ / interface gre get $greint disabled ]; + :if ($addrnew != $addrold || $disabled = true) do={ + :log info ("Update remote address for interface " . $grename . " to " . $addrnew); + / interface gre set remote-address=0.0.0.0 disabled=yes [ find where remote-address=$addrnew name!=$grename ]; + / interface gre set $greint remote-address=$addrnew disabled=no; + } + } + } +} |