Age | Commit message (Collapse) | Author | Files | Lines |
|
New RouterOS releases bring new features, and thus new syntax.
Installing a new script on old RouterOS results in syntax errors. We
want to give clear warning messages, so by adding an extra comment into
the script...
# requires RouterOS, version=7.8beta3
... installing on unsupported RouterOS version is mitigated.
|
|
|
|
... that returns the first line that matches a pattern.
|
|
Looks like the function is called for every message to match otherwise. 😳
|
|
|
|
|
|
This was missing in commit bff6689b103287f44c573e3134b9b9a64c36c0a8 and
cause the dns entry to be delete and re-created over and over again.
|
|
... as we want a RAM disk.
|
|
|
|
|
|
... and log a warning.
|
|
|
|
|
|
This is used for e-mail only...
|
|
|
|
|
|
We had...
◀ Go back to main README
▲ Go back to top
... and switch to...
⬅️ Go back to main README
⬆️ Go back to top
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Missed one in b6ddc5968e7a3393bb6e9b0c0ccf96379efc62b4...
|
|
|
|
|
|
|
|
|
|
... if the path starts with "tmpfs/". This helps to mitigate flash wear.
|
|
|
|
|
|
|
|
|
|
... to specify that the preceding character should be displayed with emoji
presentation.
https://unicode-table.com/en/FE0F/
|
|
... and use it in $GetMacVendor.
|
|
... which was introduced in RouterOS 7.7beta8.
|
|
|
|
|
|
|
|
|
|
... to make sure the checks are not re-run every second.
|
|
|
|
... but with all characters from alphabet with $GetRandom20CharAlNum.
|
|
... but with all characters from alphabet with $GetRandom20CharAlNum.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
If this script runs from terminal this will not change... 😜
So cache the result.
Co-authored-by: Michael Gisbers <michael@gisbers.de>
|
|
Co-authored-by: Christian Hesse <mail@eworm.de>
|
|
This will now log all messages before notification, and every two hours
(or scheduler interval * 120) after.
|
|
These are generated with my 'RouterOS-Scripts Notification Generator':
https://eworm.de/ros/notification/
|
|
---- ✂️ ----
📨 SMS Forwarding from 7277
Received this message by MikroTik from 7277:
On oct/17/2022 13:44:10 GMT -0 type class-0:
Welcome to our network!
---- ✂️ ----
|
|
---- ✂️ ----
❌ Netwatch Notify: example.com down
The host 'example.com' (93.184.216.34) is down since oct/19/2022 16:27:03.
---- ✂️ ----
✅ Netwatch Notify: example.com up
The host 'example.com' (93.184.216.34) is up since oct/19/2022 17:03:00.
It was down for 6 checks since oct/19/2022 16:27:03.
---- ✂️ ----
|
|
---- ✂️ ----
⚠️ Log Forwarding
The log on MikroTik contains these 3 messages after 6d23:55:18 uptime.
● 13:24:02 script;error backup-cloud: Failed uploading backup for MikroTik to cloud!
● 13:24:17 system;info;account user admin logged in from 192.168.88.177 via ssh
● 13:24:57 system;info;account user admin logged out from 192.168.88.177 via ssh
---- ✂️ ----
|
|
---- ✂️ ----
📅 daily PSK Guest-Wifi
This is the daily PSK on MikroTik:
SSID: Guest-Wifi
PSK: S3cr3tStr1ng
Date: oct/18/2022
A client device specific rule must not exist!
🔗 https://www.eworm.de/cgi-bin/cqrlogo-wifi.cgi?scale=8&level=1&ssid=Guest-Wifi&pass=S3cr3tStr1ng
---- ✂️ ----
|
|
---- ✂️ ----
📱 48:F1:7F:D0:E5:4E connected to Wifi
A device with unknown MAC address connected to Wifi on MikroTik.
Controller: MikroTik
Interface: wl5-wifi
SSID: Wifi
MAC: 48:F1:7F:D0:E5:4E
Vendor: Intel Corporate
Hostname: host-523c8e0e
Address: 192.168.20.254
DNS name: host-523c8e0e.dhcp.MikroTik.example.com
Date: oct/20/2022 09:21:56
---- ✂️ ----
|
|
---- ✂️ ----
✨ RouterOS update
A new RouterOS version 7.6 is available for MikroTik.
Hostname: MikroTik
Board name: CHR
Architecture: x86_64
RouterOS:
Channel: stable
Installed: 7.5
Available: 7.6
RouterOS-Scripts:
Version: 85
🔗 https://mikrotik.com/download/changelogs/stable-release-tree
---- ✂️ ----
|
|
---- ✂️ ----
✨ LTE firmware upgrade
A new firmware version R11e-LTE6_V033 is available for LTE interface lte on MikroTik.
Interface: MikroTik R11e-LTE6
Installed: R11e-LTE6_V027
Available: R11e-LTE6_V033
---- ✂️ ----
|
|
---- ✂️ ----
⚡📉 Health warning: voltage
The voltage on MikroTik jumped more than 10%.
old value: 16.2V
new value: 12.4V
---- ✂️ ----
🔥 Health warning: temperature
The temperature on MikroTik is above threshold: 51°C
---- ✂️ ----
✅ Health recovery: temperature
The temperature on MikroTik dropped below threshold: 47°C
---- ✂️ ----
❌ Health warning: psu1-state
The power supply unit 'psu1-state' on MikroTik failed!
---- ✂️ ----
✅ Health recovery: psu1-state
The power supply unit 'psu1-state' on MikroTik recovered!
---- ✂️ ----
|
|
---- ✂️ ----
🔏 Certificate renewed
A certificate on MikroTik has been renewed.
Name: example.com
CommonName: example.com
Private key: available
Fingerprint: cc54cdd01fcd7698ecb71213874be776906eb33d26cd57754d168632f14c4c8b
Issuer: R3
Validity: sep/08/2022 03:50:56 to dec/07/2022 03:50:55
Expires in: 8w 3d 12:03:30
---- ✂️ ----
|
|
---- ✂️ ----
💾⬆️ Backup & Config upload
Backup and config export upload for MikroTik.
Hostname: MikroTik
Board name: CHR
Architecture: x86_64
RouterOS:
Channel: stable
Installed: 7.6
RouterOS-Scripts:
Version: 85
Backup file: MikroTik_example_com.backup
Config file: MikroTik_example_com.rsc
---- ✂️ ----
|
|
---- ✂️ ----
💾☁️ Cloud backup
Uploaded backup for MikroTik to cloud.
Hostname: MikroTik
Board name: CHR
Architecture: x86_64
RouterOS:
Channel: stable
Installed: 7.6
RouterOS-Scripts:
Version: 85
Name: cloud-20221020-092419
Size: 370767 B (362 KiB)
Download key: LLDBfPcWXxmSetWilqeJX5V
---- ✂️ ----
|
|
---- ✂️ ----
📌 News and configuration changes
The configuration version on MikroTik increased to 85, current configuration may need modification. Please review and update global-config-overlay, then re-run global-config.
Changes:
● Support for e-mail notifications moved to a module. It is installed automatically if required.
● Dropped 'netwatch-syslog', filtering in firewall is advised.
---- ✂️ ----
|
|
|
|
|
|
|
|
Oops... 😳
This sneaked in with initial commit 862417b8d32f6eef1c05ba9137fe2a7f14436987
("add 'ipsec-to-dns'").
|
|
The prefix "CN=" is now added in RouterOS 7.6... Let's match with and
without the prefix in comment.
|
|
This broke in commit 6f772e92a616acb15bdef8ab7b7bfdb9d002bfeb
("netwatch-notify: rename array element") where not only the array
element but also the option was renamed.
|
|
Why hammer on another service? The tunnelbroker response contains the
address we need. So send the update every time, and use that
information.
|
|
This is a good condidate:
https://showipv6.de/
We can drop the cloud code, which seems to be unreliable in somd
situations.
|
|
|
|
Looks like fetch command has a timing issue with the tunnelbroker
endpoint... We have to try several times to work around this.
Consider the update failed on third error.
|
|
|
|
|
|
... if requested, but keep output and logs.
|
|
|
|
This is no longer used as 'netwatch-syslog' is gone.
|
|
This was undocumented and scripts did never catch up with general
quality expectations, for example global-config and global functions
were not used.
If you need the code get it from git history. 😜
|
|
To filter in firewall you should use something like this:
/ip/firewall/filter/add action=reject chain=output out-interface-list=WAN port=514 protocol=udp reject-with=icmp-admin-prohibited;
/ip/firewall/filter/add action=reject chain=forward out-interface-list=WAN port=514 protocol=udp reject-with=icmp-admin-prohibited;
|
|
|
|
|
|
|
|
|
|
This should relax the error message a bit as it is not triggered
on first failure.
|
|
https://en.wikipedia.org/wiki/MAC_address#Universal_vs._local_(U/L_bit)
|
|
|
|
|
|
|
|
Flushing the mail queue with resolver issues can flood the log with
messages like:
e-mail;error Error sending e-mail <=?utf-8?Q?[MikroTik] =F0=9F=92=BE=E2=98=81 Cloud backup?=>: DNS resolve failed
Try to avoid this...
|
|
|