#!rsc # RouterOS script: hotspot-to-wpa # Copyright (c) 2019-2020 Christian Hesse <mail@eworm.de> # # add private WPA passphrase after hotspot login :local MacAddress $"mac-address"; :local UserName $username; :local Date [ / system clock get date ]; :local PassWord [ / ip hotspot user get [ find where name=$UserName ] password ]; :if ([ / caps-man access-list print count-only where comment="--- hotspot-to-wpa above ---" disabled ] = 0) do={ / caps-man access-list add comment="--- hotspot-to-wpa above ---" disabled; log warn "Added disabled access-list entry with comment '--- hotspot-to-wpa above ---'."; } :local PlaceBefore [ / caps-man access-list find where comment="--- hotspot-to-wpa above ---" disabled ]; / caps-man access-list remove [ find where mac-address=$MacAddress comment~"^hotspot-to-wpa: " ]; :local Limits [ / caps-man access-list get $PlaceBefore ]; :if (($Limits->"ap-tx-limit") > 0 && ($Limits->"client-tx-limit") > 0) do={ / caps-man access-list add comment=("hotspot-to-wpa: " . $UserName . ", " . $MacAddress . ", " . $Date) \ mac-address=$MacAddress private-passphrase=$PassWord ssid-regexp="-wpa\$" \ ap-tx-limit=($Limits->"ap-tx-limit") client-tx-limit=($Limits->"client-tx-limit") \ place-before=$PlaceBefore; } else={ / caps-man access-list add comment=("hotspot-to-wpa: " . $UserName . ", " . $MacAddress . ", " . $Date) \ mac-address=$MacAddress private-passphrase=$PassWord ssid-regexp="-wpa\$" place-before=$PlaceBefore; }