aboutsummaryrefslogtreecommitdiffstats
path: root/fw-addr-lists.rsc
diff options
context:
space:
mode:
Diffstat (limited to 'fw-addr-lists.rsc')
-rw-r--r--fw-addr-lists.rsc62
1 files changed, 34 insertions, 28 deletions
diff --git a/fw-addr-lists.rsc b/fw-addr-lists.rsc
index f0940fe..0c45f7e 100644
--- a/fw-addr-lists.rsc
+++ b/fw-addr-lists.rsc
@@ -8,11 +8,11 @@
# download, import and update firewall address-lists
# https://rsc.eworm.de/doc/fw-addr-lists.md
-:global GlobalFunctionsReady;
-:while ($GlobalFunctionsReady != true) do={ :delay 500ms; }
-
:local ExitOK false;
-:do {
+:onerror Err {
+ :global GlobalConfigReady; :global GlobalFunctionsReady;
+ :retry { :if ($GlobalConfigReady != true || $GlobalFunctionsReady != true) \
+ do={ :error ("Global config and/or functions not ready."); }; } delay=500ms max=50;
:local ScriptName [ :jobname ];
:global FwAddrLists;
@@ -48,6 +48,12 @@
}
$WaitFullyConnected;
+ :if ([ :len [ /log/find where topics=({"script"; "warning"}) \
+ message=("\$LogPrintOnce: The message is already in log, scripting subsystem may have crashed before!") ] ] > 0) do={
+ $LogPrintOnce warning $ScriptName ("Scripting subsystem may have crashed, possibly caused by us. Delaying!");
+ :delay 5m;
+ }
+
:local ListComment ("managed by " . $ScriptName);
:foreach FwListName,FwList in=$FwAddrLists do={
@@ -114,8 +120,8 @@
:error true;
}
:if ($Address ~ "^[0-9a-zA-Z]*:[0-9a-zA-Z:\\.]+(/[0-9]{1,3})?\$") do={
- :if ($Address ~ "/128\$") do={
- :set Address [ :pick $Address 0 ([ :len $Address ] - 4) ];
+ :if ([ :typeof [ :find $Address "/" ] ] = "nil") do={
+ :set Address ($Address . "/128");
}
:set ($IPv6Addresses->$Branch->$Address) $TimeOut;
:error true;
@@ -135,15 +141,15 @@
:local Branch [ $GetBranch $Address ];
:local TimeOut ($IPv4Addresses->$Branch->$Address);
:if ([ :typeof $TimeOut ] = "time") do={
- $LogPrintVerbose debug $ScriptName ("Renewing IPv4 address in list '" . $FwListName . \
- "' with " . $TimeOut . ": " . $Address);
+ $LogPrintVerbose debug $ScriptName ("Renewing IPv4 address " . $Address . \
+ " in list '" . $FwListName . "' with " . $TimeOut . ".");
/ip/firewall/address-list/set $Entry timeout=$TimeOut;
:set ($IPv4Addresses->$Branch->$Address);
:set CntRenew ($CntRenew + 1);
} else={
:if ($Failure = false) do={
- $LogPrintVerbose debug $ScriptName ("Removing IPv4 address from list '" . $FwListName . \
- "': " . $Address);
+ $LogPrintVerbose debug $ScriptName ("Removing IPv4 address " . $Address . \
+ " from list '" . $FwListName . ".");
/ip/firewall/address-list/remove $Entry;
:set CntRemove ($CntRemove + 1);
}
@@ -156,15 +162,15 @@
:local Branch [ $GetBranch $Address ];
:local TimeOut ($IPv6Addresses->$Branch->$Address);
:if ([ :typeof $TimeOut ] = "time") do={
- $LogPrintVerbose debug $ScriptName ("Renewing IPv6 address in list '" . $FwListName . \
- "' with " . $TimeOut . ": " . $Address);
+ $LogPrintVerbose debug $ScriptName ("Renewing IPv6 address " . $Address . \
+ " in list '" . $FwListName . "' with " . $TimeOut . ".");
/ipv6/firewall/address-list/set $Entry timeout=$TimeOut;
:set ($IPv6Addresses->$Branch->$Address);
:set CntRenew ($CntRenew + 1);
} else={
:if ($Failure = false) do={
- $LogPrintVerbose debug $ScriptName ("Removing IPv6 address from list '" . $FwListName . \
- "': " . $Address);
+ $LogPrintVerbose debug $ScriptName ("Removing IPv6 address " . $Address . \
+ " from list '" . $FwListName .".");
/ipv6/firewall/address-list/remove $Entry;
:set CntRemove ($CntRemove + 1);
}
@@ -174,15 +180,15 @@
:foreach BranchName,Branch in=$IPv4Addresses do={
$LogPrintVerbose debug $ScriptName ("Handling branch: " . $BranchName);
:foreach Address,Timeout in=$Branch do={
- $LogPrintVerbose debug $ScriptName ("Adding IPv4 address to list '" . $FwListName . \
- "' with " . $Timeout . ": " . $Address);
- :do {
+ $LogPrintVerbose debug $ScriptName ("Adding IPv4 address " . $Address . \
+ " to list '" . $FwListName . "' with " . $Timeout . ".");
+ :onerror Err {
/ip/firewall/address-list/add list=$FwListName comment=$ListComment \
address=$Address timeout=$Timeout;
:set CntAdd ($CntAdd + 1);
- } on-error={
- $LogPrint warning $ScriptName ("Failed to add IPv4 address to list '" . $FwListName . \
- "': " . $Address);
+ } do={
+ $LogPrint warning $ScriptName ("Failed to add IPv4 address " . $Address . \
+ " to list '" . $FwListName . "': " . $Err);
}
}
}
@@ -190,15 +196,15 @@
:foreach BranchName,Branch in=$IPv6Addresses do={
$LogPrintVerbose debug $ScriptName ("Handling branch: " . $BranchName);
:foreach Address,Timeout in=$Branch do={
- $LogPrintVerbose debug $ScriptName ("Adding IPv6 address to list '" . $FwListName . \
- "' with " . $Timeout . ": " . $Address);
- :do {
+ $LogPrintVerbose debug $ScriptName ("Adding IPv6 address " . $Address . \
+ " to list '" . $FwListName . "' with " . $Timeout . ".");
+ :onerror Err {
/ipv6/firewall/address-list/add list=$FwListName comment=$ListComment \
address=$Address timeout=$Timeout;
:set CntAdd ($CntAdd + 1);
- } on-error={
- $LogPrint warning $ScriptName ("Failed to add IPv6 address to list '" . $FwListName . \
- "': " . $Address);
+ } do={
+ $LogPrint warning $ScriptName ("Failed to add IPv6 address " . $Address . \
+ " to list '" . $FwListName . "': " . $Err);
}
}
}
@@ -209,6 +215,6 @@
" - renewed: " . [ $HumanReadableNum $CntRenew 1000 ] . \
" - removed: " . [ $HumanReadableNum $CntRemove 1000 ]);
}
-} on-error={
- :global ExitError; $ExitError $ExitOK [ :jobname ];
+} do={
+ :global ExitError; $ExitError $ExitOK [ :jobname ] $Err;
}
generated by cgit v1.2.3-70-g09d2 (git 2.50.0) at 2025-07-02 06:05:43 +0000