ipsec-to-dns: handle "CN=" from peer's idrouteros-7.6-3

This was missing in commit bff6689b103287f44c573e3134b9b9a64c36c0a8 and cause the dns entry to be delete and re-created over and over again.
author: Christian Hesse <mail@eworm.de> 2023-01-17 12:34:05 +0100
committer: Christian Hesse <mail@eworm.de> 2023-01-17 12:34:05 +0100
commit: 03fb459ea4d1ec6e09d4d87b8c8e94b887f9ed89 (patch)
tree: 1de095793ea15a5ba758f4238e8922f101bd9e34
parent: 23e5c01a429115a9c7590be10744debdb848782c (diff)
1 files changed, 4 insertions, 2 deletions
diff --git a/ipsec-to-dns b/ipsec-to-dns
index 04ad4b8..530c714 100644
--- a/ipsec-to-dns
+++ b/ipsec-to-dns
@@ -16,8 +16,9 @@
 :global PrefixInZone;
 
 :global CharacterReplace;
-:global LogPrintExit2;
+:global EscapeForRegEx;
 :global IfThenElse;
+:global LogPrintExit2;
 
 :local Zone \
   ([ $IfThenElse ($PrefixInZone = true) "ipsec." ] . \
@@ -35,7 +36,8 @@
 :foreach DnsRecord in=[ /ip/dns/static/find where comment ~ $CommentPrefix ] do={
   :local DnsRecordVal [ /ip/dns/static/get $DnsRecord ];
   :local PeerId [ $CharacterReplace ($DnsRecordVal->"comment") $CommentPrefix "" ];
-  :if ([ :len [ /ip/ipsec/active-peers/find where id=$PeerId dynamic-address=($DnsRecordVal->"address") ] ] > 0) do={
+  :if ([ :len [ /ip/ipsec/active-peers/find where id~("^(CN=)?" . [ $EscapeForRegEx $PeerId ] . "\$") \
+       dynamic-address=($DnsRecordVal->"address") ] ] > 0) do={
     $LogPrintExit2 debug $0 ("Peer " . $PeerId . " (" . $DnsRecordVal->"name" . ") still exists. Not deleting DNS entry.") false;
   } else={
     :local Found false;
author	Christian Hesse <mail@eworm.de>	2023-01-17 12:34:05 +0100
committer	Christian Hesse <mail@eworm.de>	2023-01-17 12:34:05 +0100
commit	03fb459ea4d1ec6e09d4d87b8c8e94b887f9ed89 (patch)
tree	1de095793ea15a5ba758f4238e8922f101bd9e34
parent	23e5c01a429115a9c7590be10744debdb848782c (diff)