From e7995fa06b023918fa40de10d4a299ee4a89b2f0 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Sun, 9 Oct 2022 19:45:18 +0200 Subject: update-tunnelbroker: get public address from website This is a good condidate: https://showipv6.de/ We can drop the cloud code, which seems to be unreliable in somd situations. --- doc/update-tunnelbroker.md | 4 ---- update-tunnelbroker | 23 +++++++++++++---------- 2 files changed, 13 insertions(+), 14 deletions(-) diff --git a/doc/update-tunnelbroker.md b/doc/update-tunnelbroker.md index 4da4fa8..3338e2b 100644 --- a/doc/update-tunnelbroker.md +++ b/doc/update-tunnelbroker.md @@ -33,10 +33,6 @@ The configuration goes to interface's comment: You should know you user name from login. The `id` is the tunnel's numeric id, `pass` is the *update key* found on the tunnel's advanced tab. -Also enabling dynamic DNS in Mikrotik cloud is required: - - /ip/cloud/set ddns-enabled=yes; - See also -------- diff --git a/update-tunnelbroker b/update-tunnelbroker index eecd02b..8562d58 100644 --- a/update-tunnelbroker +++ b/update-tunnelbroker @@ -17,16 +17,22 @@ :global LogPrintExit2; :global ParseKeyValueStore; -:if ([ /ip/cloud/get ddns-enabled ] != true) do={ - $LogPrintExit2 error $0 ("IP cloud DDNS is not enabled.") true; +:if ([ $CertificateAvailable "Starfield Secure Certificate Authority - G2" ] = false || \ + [ $CertificateAvailable "R3" ] = false) do={ + $LogPrintExit2 error $0 ("Downloading required certificate failed.") true; } -# Get the current ip address from cloud -/ip/cloud/force-update; -:while ([ /ip/cloud/get status ] != "updated") do={ - :delay 1s; +:local PublicAddress; +:do { + :set PublicAddress ([ /tool/fetch check-certificate=yes-without-crl \ + "https://ipv4.showipv6.de/short" output=user as-value ]->"data"); +} on-error={ + $LogPrintExit2 error $0 ("Failed getting public address.") true; +} + +:if ([ :len [ /ip/address find where address~("^" . $PublicAddress . "/") ] ] < 1) do={ + $LogPrintExit2 warning $0 ("The address " . $PublicAddress . " is not configured on your device. NAT by ISP?") false; } -:local PublicAddress [ /ip/cloud/get public-address ]; :foreach Interface in=[ /interface/6to4/find where comment~"^tunnelbroker" !disabled ] do={ :local InterfaceVal [ /interface/6to4/get $Interface ]; @@ -36,9 +42,6 @@ :local Success false; :local Comment [ $ParseKeyValueStore ($InterfaceVal->"comment") ]; - :if ([ $CertificateAvailable "Starfield Secure Certificate Authority - G2" ] = false) do={ - $LogPrintExit2 error $0 ("Downloading required certificate failed.") true; - } $LogPrintExit2 info $0 ("Local address changed, sending UPDATE to tunnelbroker! New address: " . $PublicAddress) false; :while ($I < 3 && $Success = false) do={ :do { -- cgit v1.2.3-70-g09d2