From 744a03896c3276ca0bee9af5735851bb64a7f542 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 18 Dec 2020 09:59:13 +0100 Subject: ipv6-update: automatically add ipv6 address list entry --- doc/ipv6-update.md | 3 +++ 1 file changed, 3 insertions(+) (limited to 'doc') diff --git a/doc/ipv6-update.md b/doc/ipv6-update.md index 93ada42..5295bd5 100644 --- a/doc/ipv6-update.md +++ b/doc/ipv6-update.md @@ -40,6 +40,9 @@ firewall rules, comment has to be "`ipv6-pool-`" and actual pool name: / ipv6 firewall address-list add address=2003:cf:2f0f:de00::/56 comment=ipv6-pool-isp list=extern; +As this entry is mandatory it is created automatically if it does not exist, +with the comment also set for list. + Static DNS records need a special comment to be updated. Again it has to start with "`ipv6-pool-`" and actual pool name, followed by a comma, "`interface=`" and the name of interface this address is connected to: -- cgit v1.2.3-70-g09d2 From cb72eccc6cf66cab0412f7bd696aa079fffc5180 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 18 Dec 2020 10:11:18 +0100 Subject: ipv6-update: update interface specific address list entries --- doc/ipv6-update.md | 6 ++++++ ipv6-update | 12 ++++++++++++ 2 files changed, 18 insertions(+) (limited to 'doc') diff --git a/doc/ipv6-update.md b/doc/ipv6-update.md index 5295bd5..f736433 100644 --- a/doc/ipv6-update.md +++ b/doc/ipv6-update.md @@ -43,6 +43,12 @@ firewall rules, comment has to be "`ipv6-pool-`" and actual pool name: As this entry is mandatory it is created automatically if it does not exist, with the comment also set for list. +Address list entries for specific interfaces can be updated as well. The +interface needs to get its address from pool `isp` and the address list entry +has to be associated to an interface in comment: + + / ipv6 firewall address-list add address=2003:cf:2f0f:de01::/64 comment="ipv6-pool-isp, interface=br-local" list=local; + Static DNS records need a special comment to be updated. Again it has to start with "`ipv6-pool-`" and actual pool name, followed by a comma, "`interface=`" and the name of interface this address is connected to: diff --git a/ipv6-update b/ipv6-update index 1baa0a4..2224a11 100644 --- a/ipv6-update +++ b/ipv6-update @@ -31,6 +31,18 @@ # give the interfaces a moment to receive their addresses :delay 2s; + :foreach ListEntry in=[ / ipv6 firewall address-list find where comment~("^ipv6-pool-" . $Pool . ",") ] do={ + :local ListEntryVal [ / ipv6 firewall address-list get $ListEntry ]; + :local Comment [ $ParseKeyValueStore ($ListEntryVal->"comment") ]; + + :local Address [ / ipv6 address find where from-pool=$Pool interface=($Comment->"interface") ]; + :if ([ :len $Address ] = 1) do={ + :set Address [ / ipv6 address get $Address address ]; + :log info ("Updating IPv6 address list with new IPv6 prefix " . $Address . " from interface " . ($Comment->"interface")); + / ipv6 firewall address-list set address=$Address $ListEntry; + } + } + :foreach Record in=[ / ip dns static find where comment~("^ipv6-pool-" . $Pool . ",") ] do={ :local RecordVal [ / ip dns static get $Record ]; :local Comment [ $ParseKeyValueStore ($RecordVal->"comment") ]; -- cgit v1.2.3-70-g09d2