aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--README.md5
-rw-r--r--doc/bridge-port.md5
-rw-r--r--doc/global-functions.d/bridge-port-vlan.md83
-rw-r--r--global-config2
-rw-r--r--global-config-overlay2
-rw-r--r--global-config.changes1
-rw-r--r--global-functions2
-rw-r--r--global-functions.d/bridge-port-vlan62
8 files changed, 159 insertions, 3 deletions
diff --git a/README.md b/README.md
index ca3554f..1787ab5 100644
--- a/README.md
+++ b/README.md
@@ -201,6 +201,11 @@ Available Scripts
[comment]: # (* learn-mac-based-vlan)
[comment]: # (* manage-umts)
+Available modules
+-----------------
+
+* [Manage VLANs on bridge ports](doc/global-functions.d/bridge-port-vlan.md)
+
Contact
-------
diff --git a/doc/bridge-port.md b/doc/bridge-port.md
index d5435b4..924bd6a 100644
--- a/doc/bridge-port.md
+++ b/doc/bridge-port.md
@@ -76,6 +76,11 @@ More configuration can be loaded by setting `BridgePortTo`:
* Interfaces `en1` and `en2` are unchanged.
* Interface `en3` is put in bridge `br-intern`.
+See also
+--------
+
+* [Manage VLANs on bridge ports](global-functions.d/bridge-port-vlan.md)
+
---
[◀ Go back to main README](../README.md)
[▲ Go back to top](#top)
diff --git a/doc/global-functions.d/bridge-port-vlan.md b/doc/global-functions.d/bridge-port-vlan.md
new file mode 100644
index 0000000..f59cb83
--- /dev/null
+++ b/doc/global-functions.d/bridge-port-vlan.md
@@ -0,0 +1,83 @@
+Manage VLANs on bridge ports
+============================
+
+[◀ Go back to main README](../../README.md)
+
+🛈 This module can not be used on its own but requires the base installation.
+See [main README](../../README.md) for details.
+
+Description
+-----------
+
+This module and its function are supposed to handle VLANs on bridge ports.
+
+Requirements and installation
+-----------------------------
+
+Just install the module:
+
+ $ScriptInstallUpdate global-functions.d/bridge-port-vlan;
+
+Configuration
+-------------
+
+Using named VLANs you have to add comments in bridge vlan menu:
+
+ / interface bridge vlan add bridge=bridge comment=intern tagged=br-local vlan-ids=10;
+ / interface bridge vlan add bridge=bridge comment=geust tagged=br-local vlan-ids=20;
+ / interface bridge vlan add bridge=bridge comment=extra tagged=br-local vlan-ids=30;
+
+The configuration goes to ports' comments (`/ interface bridge port`).
+
+ / interface bridge port add bridge=bridge comment="default=dhcp-client, alt=guest" disabled=yes interface=en1;
+ / interface bridge port add bridge=bridge comment="default=intern, alt=guest, extra=30" interface=en2;
+ / interface bridge port add bridge=bridge comment="default=guest, extra=extra" interface=en3;
+
+Also dhcp client can be handled:
+
+ / ip dhcp-client add comment="toggle with bridge port" disabled=no interface=en1;
+
+Add a scheduler to start with default setup on system startup:
+
+ / system scheduler add name=bridge-port-vlan on-event=":global GlobalFunctionsReady; :while (\$GlobalFunctionsReady != true) do={ :delay 500ms; }; :global BridgePortVlan; \$BridgePortVlan default;" start-time=startup;
+
+Usage and invocation
+--------------------
+
+The usage examples show what happens with the configuration from above.
+
+Running the function `$BridgePortVlan` with parameter `default` applies all
+configuration given with `default=`:
+
+ $BridgePortVlan default;
+
+For the three interfaces we get this configuration:
+
+* The special value `dhcp-client` enables the dhcp client for interface `en1`. The bridge port entry is disabled.
+* Primary VLAN `intern` (ID `10`) is configured on `en2`.
+* Primary VLAN `guest` (ID `20`) is configured on `en3`.
+
+Running the function `$BridgePortVlan` with parameter `alt` applies all
+configuration given with `alt=`:
+
+ $BridgePortVlan alt;
+
+* Primary VLAN `guest` (ID `20`) is configured on `en1`, dhcp client for the interface is disabled.
+* Primary VLAN `guest` (ID `20`) is configured on `en2`.
+* Interface `en3` is unchanged, primary VLAN `guest` (ID `20`) is unchanged.
+
+Running the function `$BridgePortVlan` with parameter `extra` applies another
+configuration:
+
+* Interface `en1` is unchanged.
+* Primary VLAN `extra` (via its ID `30`) is configured on `en2`.
+* Primary VLAN `extra` (ID `30`) is configured on `en3`.
+
+See also
+--------
+
+* [Manage ports in bridge](../bridge-port.md)
+
+---
+[◀ Go back to main README](../../README.md)
+[▲ Go back to top](#top)
diff --git a/global-config b/global-config
index bf3b0e4..5dc9a20 100644
--- a/global-config
+++ b/global-config
@@ -8,7 +8,7 @@
# Make sure all configuration properties are up to date and this
# value is in sync with value in script 'global-functions'!
-:global GlobalConfigVersion 64;
+:global GlobalConfigVersion 65;
# This is used for DNS and backup file.
:global Domain "example.com";
diff --git a/global-config-overlay b/global-config-overlay
index 78d34b0..7bdc516 100644
--- a/global-config-overlay
+++ b/global-config-overlay
@@ -8,7 +8,7 @@
# Make sure all configuration properties are up to date and this
# value is in sync with value in script 'global-functions'!
# Comment or remove to disable news and change notifications.
-:global GlobalConfigVersion 64;
+:global GlobalConfigVersion 65;
# Copy configuration from global-config here and modify it.
diff --git a/global-config.changes b/global-config.changes
index 1ef2792..6a8b145 100644
--- a/global-config.changes
+++ b/global-config.changes
@@ -68,6 +68,7 @@
62="Added '\$ScriptRunOnce' to run a script from URL once without installation, intended to aid configuration management and the like.";
63="Moved optional functions '\$IPCalc' and '\$ScriptRunOnce' to modules.";
64="Implemented '\$InspectVar' in module to inspect variables.";
+ 65="Added module to manage VLANs on bridge ports.";
};
# Migration steps to be applied on script updates
diff --git a/global-functions b/global-functions
index 80d6e6a..dbfeaa1 100644
--- a/global-functions
+++ b/global-functions
@@ -8,7 +8,7 @@
# https://git.eworm.de/cgit/routeros-scripts/about/
# expected configuration version
-:global ExpectedConfigVersion 64;
+:global ExpectedConfigVersion 65;
# global variables not to be changed by user
:global GlobalFunctionsReady false;
diff --git a/global-functions.d/bridge-port-vlan b/global-functions.d/bridge-port-vlan
new file mode 100644
index 0000000..754579a
--- /dev/null
+++ b/global-functions.d/bridge-port-vlan
@@ -0,0 +1,62 @@
+#!rsc by RouterOS
+# RouterOS script: global-functions.d/bridge-port-vlan
+# Copyright (c) 2013-2021 Christian Hesse <mail@eworm.de>
+# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md
+#
+# manage VLANs on bridge ports
+# https://git.eworm.de/cgit/routeros-scripts/about/doc/global-functions.d/bridge-port-vlan.md
+
+:global BridgePortVlan;
+
+# TODO
+:global BridgePortVlan do={
+ :local ConfigTo [ :tostr $1 ];
+
+ :global IfThenElse;
+ :global LogPrintExit2;
+ :global ParseKeyValueStore;
+
+ :foreach BridgePort in=[ / interface bridge port find where !(comment=[]) ] do={
+ :local BridgePortVal [ / interface bridge port get $BridgePort ];
+ :foreach Config,Vlan in=[ $ParseKeyValueStore ($BridgePortVal->"comment") ] do={
+ :if ($Config = $ConfigTo) do={
+ :local DHCPClient [ / ip dhcp-client find where interface=$BridgePortVal->"interface" comment="toggle with bridge port" ];
+
+ :if ($Vlan = "dhcp-client") do={
+ :if ([ :len $DHCPClient ] != 1) do={
+ $LogPrintExit2 warning $0 ([ $IfThenElse ([ :len $DHCPClient ] = 0) "Missing" "Duplicate" ] . \
+ " dhcp client configuration for interface " . $BridgePortVal->"interface" . "!") true;
+ }
+ :local DHCPClientDisabled [ / ip dhcp-client get $DHCPClient disabled ];
+
+ :if ($BridgePortVal->"disabled" = false || $DHCPClientDisabled = true) do={
+ $LogPrintExit2 info $0 ("Disabling bridge port for interface " . $BridgePortVal->"interface" . ", enabling dhcp client.") false;
+ / interface bridge port disable $BridgePort;
+ :delay 200ms;
+ / ip dhcp-client enable $DHCPClient;
+ }
+ } else={
+ :if ($Vlan != [ :tostr [ :tonum $Vlan ] ]) do={
+ :do {
+ :set $Vlan ([ / interface bridge vlan get [ find where comment=$Vlan ] vlan-ids ]->0);
+ } on-error={
+ $LogPrintExit2 warning $0 ("Could not find VLAN '" . $Vlan . "' for interface " . $BridgePortVal->"interface" . "!") true;
+ }
+ }
+ :if ($BridgePortVal->"disabled" = true || $Vlan != $BridgePortVal->"pvid") do={
+ $LogPrintExit2 info $0 ("Enabling bridge port for interface " . $BridgePortVal->"interface" . ", changing to " . $ConfigTo . \
+ " vlan " . $Vlan . ", disabling dhcp client.") false;
+ :if ([ :len $DHCPClient ] = 1) do={
+ / ip dhcp-client disable $DHCPClient;
+ :delay 200ms;
+ }
+ / interface bridge port set disabled=no pvid=$Vlan $BridgePort;
+ } else={
+ $LogPrintExit2 debug $0 ("Interface " . $BridgePortVal->"interface" . " already connected to " . $ConfigTo . \
+ " vlan " . $Vlan . ".") false;
+ }
+ }
+ }
+ }
+ }
+}