aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--Makefile20
-rw-r--r--accesslist-duplicates.template.rsc20
-rw-r--r--accesslist-duplicates.wifiwave2.rsc42
-rw-r--r--capsman-download-packages.capsman.rsc89
-rw-r--r--capsman-download-packages.rsc85
-rw-r--r--capsman-download-packages.template.rsc106
-rw-r--r--capsman-download-packages.wifiwave2.rsc74
-rw-r--r--capsman-rolling-upgrade.capsman.rsc40
-rw-r--r--capsman-rolling-upgrade.rsc35
-rw-r--r--capsman-rolling-upgrade.template.rsc48
-rw-r--r--capsman-rolling-upgrade.wifiwave2.rsc41
-rw-r--r--collect-wireless-mac.capsman.rsc4
-rw-r--r--collect-wireless-mac.local.rsc4
-rw-r--r--collect-wireless-mac.template.rsc40
-rw-r--r--collect-wireless-mac.wifiwave2.rsc86
-rw-r--r--daily-psk.template.rsc26
-rw-r--r--daily-psk.wifiwave2.rsc90
-rw-r--r--dhcp-lease-comment.template.rsc12
-rw-r--r--dhcp-lease-comment.wifiwave2.rsc33
-rw-r--r--doc/accesslist-duplicates.md13
-rw-r--r--doc/capsman-download-packages.md29
-rw-r--r--doc/capsman-rolling-upgrade.md14
-rw-r--r--doc/collect-wireless-mac.md13
-rw-r--r--doc/daily-psk.md25
-rw-r--r--doc/dhcp-lease-comment.md13
-rw-r--r--doc/hotspot-to-wpa.md34
-rw-r--r--global-functions.rsc2
-rw-r--r--hotspot-to-wpa-cleanup.capsman.rsc68
-rw-r--r--hotspot-to-wpa-cleanup.rsc65
-rw-r--r--hotspot-to-wpa-cleanup.template.rsc75
-rw-r--r--hotspot-to-wpa-cleanup.wifiwave2.rsc68
-rw-r--r--hotspot-to-wpa.capsman.rsc89
-rw-r--r--hotspot-to-wpa.rsc86
-rw-r--r--hotspot-to-wpa.template.rsc110
-rw-r--r--hotspot-to-wpa.wifiwave2.rsc86
-rw-r--r--news-and-changes.rsc2
36 files changed, 1340 insertions, 347 deletions
diff --git a/Makefile b/Makefile
index 8c9bcf5..100aa78 100644
--- a/Makefile
+++ b/Makefile
@@ -2,25 +2,33 @@
# template scripts -> final scripts
# markdown files -> html files
-TEMPLATE = $(wildcard *.template.rsc)
-CAPSMAN = $(TEMPLATE:.template.rsc=.capsman.rsc)
-LOCAL = $(TEMPLATE:.template.rsc=.local.rsc)
+CAPSMAN = $(wildcard *.capsman.rsc)
+LOCAL = $(wildcard *.local.rsc)
+WIFIWAVE2 = $(wildcard *.wifiwave2.rsc)
MARKDOWN = $(wildcard *.md doc/*.md doc/mod/*.md)
HTML = $(MARKDOWN:.md=.html)
-all: $(CAPSMAN) $(LOCAL) $(HTML)
+all: $(CAPSMAN) $(LOCAL) $(WIFIWAVE2) $(HTML)
%.html: %.md Makefile
markdown $< | sed 's/href="\([-_\./[:alnum:]]*\)\.md"/href="\1.html"/g' > $@
%.local.rsc: %.template.rsc Makefile
- sed -e '/\/caps-man/d' -e 's|%PATH%|interface\/wireless|' -e 's|%TEMPL%|.local|' \
+ sed -e '/\/caps-man/d' -e '/\/interface\/wifiwave2/d' -e 's|%TEMPL%|.local|' \
+ -e '/^# NOT \/interface\/wireless #$$/,/^# NOT \/interface\/wireless #$$/d' \
-e '/^# !!/,/^# !!/c # !! Do not edit this file, it is generated from template!' \
< $< > $@
%.capsman.rsc: %.template.rsc Makefile
- sed -e '/\/interface\/wireless/d' -e 's|%PATH%|caps-man|' -e 's|%TEMPL%|.capsman|' \
+ sed -e '/\/interface\/wifiwave2/d' -e '/\/interface\/wireless/d' -e 's|%TEMPL%|.capsman|' \
+ -e '/^# NOT \/caps-man #$$/,/^# NOT \/caps-man #$$/d' \
+ -e '/^# !!/,/^# !!/c # !! Do not edit this file, it is generated from template!' \
+ < $< > $@
+
+%.wifiwave2.rsc: %.template.rsc Makefile
+ sed -e '/\/caps-man/d' -e '/\/interface\/wireless/d' -e 's|%TEMPL%|.wifiwave2|' \
+ -e '/^# NOT \/interface\/wifiwave2 #$$/,/^# NOT \/interface\/wifiwave2 #$$/d' \
-e '/^# !!/,/^# !!/c # !! Do not edit this file, it is generated from template!' \
< $< > $@
diff --git a/accesslist-duplicates.template.rsc b/accesslist-duplicates.template.rsc
index 80c47a9..85d444e 100644
--- a/accesslist-duplicates.template.rsc
+++ b/accesslist-duplicates.template.rsc
@@ -6,8 +6,8 @@
# print duplicate antries in wireless access list
# https://git.eworm.de/cgit/routeros-scripts/about/doc/accesslist-duplicates.md
#
-# !! This is just a template! Replace '%PATH%' with 'caps-man'
-# !! or 'interface wireless'!
+# !! This is just a template to generate the real script!
+# !! Pattern '%TEMPL%' is replaced, paths are filtered.
:local 0 "accesslist-duplicates%TEMPL%";
:global GlobalFunctionsReady;
@@ -18,8 +18,12 @@
:local Seen ({});
:local Shown ({});
-:foreach AccList in=[ /%PATH%/access-list/find where mac-address!="00:00:00:00:00:00" ] do={
- :local Mac [ /%PATH%/access-list/get $AccList mac-address ];
+:foreach AccList in=[ /caps-man/access-list/find where mac-address!="00:00:00:00:00:00" ] do={
+:foreach AccList in=[ /interface/wifiwave2/access-list/find where mac-address!="00:00:00:00:00:00" ] do={
+:foreach AccList in=[ /interface/wireless/access-list/find where mac-address!="00:00:00:00:00:00" ] do={
+ :local Mac [ /caps-man/access-list/get $AccList mac-address ];
+ :local Mac [ /interface/wifiwave2/access-list/get $AccList mac-address ];
+ :local Mac [ /interface/wireless/access-list/get $AccList mac-address ];
:foreach SeenMac in=$Seen do={
:if ($SeenMac = $Mac) do={
:local Skip 0;
@@ -27,14 +31,18 @@
:if ($ShownMac = $Mac) do={ :set Skip 1; }
}
:if ($Skip = 0) do={
- /%PATH%/access-list/print where mac-address=$Mac;
+ /caps-man/access-list/print where mac-address=$Mac;
+ /interface/wifiwave2/access-list/print where mac-address=$Mac;
+ /interface/wireless/access-list/print where mac-address=$Mac;
:set Shown ($Shown, $Mac);
:put "\nNumeric id to remove, any key to skip!";
:local Remove [ :tonum [ $Read ] ];
:if ([ :typeof $Remove ] = "num") do={
:put ("Removing numeric id " . $Remove . "...\n");
- /%PATH%/access-list/remove $Remove;
+ /caps-man/access-list/remove $Remove;
+ /interface/wifiwave2/access-list/remove $Remove;
+ /interface/wireless/access-list/remove $Remove;
}
}
}
diff --git a/accesslist-duplicates.wifiwave2.rsc b/accesslist-duplicates.wifiwave2.rsc
new file mode 100644
index 0000000..7c0ecf4
--- /dev/null
+++ b/accesslist-duplicates.wifiwave2.rsc
@@ -0,0 +1,42 @@
+#!rsc by RouterOS
+# RouterOS script: accesslist-duplicates.wifiwave2
+# Copyright (c) 2018-2023 Christian Hesse <mail@eworm.de>
+# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md
+#
+# print duplicate antries in wireless access list
+# https://git.eworm.de/cgit/routeros-scripts/about/doc/accesslist-duplicates.md
+#
+# !! Do not edit this file, it is generated from template!
+
+:local 0 "accesslist-duplicates.wifiwave2";
+:global GlobalFunctionsReady;
+:while ($GlobalFunctionsReady != true) do={ :delay 500ms; }
+
+:global Read;
+
+:local Seen ({});
+:local Shown ({});
+
+:foreach AccList in=[ /interface/wifiwave2/access-list/find where mac-address!="00:00:00:00:00:00" ] do={
+ :local Mac [ /interface/wifiwave2/access-list/get $AccList mac-address ];
+ :foreach SeenMac in=$Seen do={
+ :if ($SeenMac = $Mac) do={
+ :local Skip 0;
+ :foreach ShownMac in=$Shown do={
+ :if ($ShownMac = $Mac) do={ :set Skip 1; }
+ }
+ :if ($Skip = 0) do={
+ /interface/wifiwave2/access-list/print where mac-address=$Mac;
+ :set Shown ($Shown, $Mac);
+
+ :put "\nNumeric id to remove, any key to skip!";
+ :local Remove [ :tonum [ $Read ] ];
+ :if ([ :typeof $Remove ] = "num") do={
+ :put ("Removing numeric id " . $Remove . "...\n");
+ /interface/wifiwave2/access-list/remove $Remove;
+ }
+ }
+ }
+ }
+ :set Seen ($Seen, $Mac);
+}
diff --git a/capsman-download-packages.capsman.rsc b/capsman-download-packages.capsman.rsc
new file mode 100644
index 0000000..99ff052
--- /dev/null
+++ b/capsman-download-packages.capsman.rsc
@@ -0,0 +1,89 @@
+#!rsc by RouterOS
+# RouterOS script: capsman-download-packages.capsman
+# Copyright (c) 2018-2023 Christian Hesse <mail@eworm.de>
+# Michael Gisbers <michael@gisbers.de>
+# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md
+#
+# download and cleanup packages for CAP installation from CAPsMAN
+# https://git.eworm.de/cgit/routeros-scripts/about/doc/capsman-download-packages.md
+#
+# !! Do not edit this file, it is generated from template!
+
+:local 0 "capsman-download-packages.capsman";
+:global GlobalFunctionsReady;
+:while ($GlobalFunctionsReady != true) do={ :delay 500ms; }
+
+:global CleanFilePath;
+:global DownloadPackage;
+:global LogPrintExit2;
+:global MkDir;
+:global ScriptLock;
+:global WaitFullyConnected;
+
+$ScriptLock $0;
+$WaitFullyConnected;
+
+:local PackagePath [ $CleanFilePath [ /caps-man/manager/get package-path ] ];
+:local InstalledVersion [ /system/package/update/get installed-version ];
+:local Updated false;
+
+:if ([ :len $PackagePath ] = 0) do={
+ $LogPrintExit2 warning $0 ("The CAPsMAN package path is not defined, can not download packages.") true;
+}
+
+:if ([ :len [ /file/find where name=$PackagePath type="directory" ] ] = 0) do={
+ :if ([ $MkDir $PackagePath ] = false) do={
+ $LogPrintExit2 warning $0 ("Creating directory at CAPsMAN package path (" . \
+ $PackagePath . ") failed!") true;
+ }
+ $LogPrintExit2 info $0 ("Created directory at CAPsMAN package path (" . $PackagePath . \
+ "). Please place your packages!") false;
+}
+
+:foreach Package in=[ /file/find where type=package \
+ package-version!=$InstalledVersion name~("^" . $PackagePath) ] do={
+ :local File [ /file/get $Package ];
+ :if ($File->"package-architecture" = "mips") do={
+ :set ($File->"package-architecture") "mipsbe";
+ }
+ :if ([ $DownloadPackage ($File->"package-name") $InstalledVersion \
+ ($File->"package-architecture") $PackagePath ] = true) do={
+ :set Updated true;
+ /file/remove $Package;
+ }
+}
+
+:if ([ :len [ /system/logging/find where topics~"error" !(topics~"!error") \
+ !(topics~"!caps") action=memory !disabled !invalid ] ] < 1) do={
+ $LogPrintExit2 warning $0 ("Looks like error messages for 'caps' are not sent to memory. " . \
+ "Probably can not download packages automatically.") false;
+} else={
+ :if ($Updated = false && [ /system/resource/get uptime ] < 2m) do={
+ $LogPrintExit2 info $0 ("No packages downloaded, yet. Delaying for logs.") false;
+ :delay 2m;
+ }
+}
+
+:foreach Log in=[ /log/find where topics=({"caps"; "error"}) \
+ message~("upgrade status: failed, failed to download file '.*-" . $InstalledVersion . \
+ "-.*\\.npk', no such file") ] do={
+ :local Message [ /log/get $Log message ];
+ :local Package [ :pick $Message \
+ ([ :find $Message "'" ] + 1) \
+ [ :find $Message ("-" . $InstalledVersion . "-") ] ];
+ :local Arch [ :pick $Message \
+ ([ :find $Message ("-" . $InstalledVersion . "-") ] + 2 + [ :len $InstalledVersion ]) \
+ [ :find $Message ".npk" ] ];
+ :if ([ $DownloadPackage $Package $InstalledVersion $Arch $PackagePath ] = true) do={
+ :set Updated true;
+ }
+}
+
+:if ($Updated = true) do={
+ :local Script ([ /system/script/find where source~"\n# provides: capsman-rolling-upgrade\n" ]->0);
+ :if ([ :len $Script ] > 0) do={
+ /system/script/run $Script;
+ } else={
+ /caps-man/remote-cap/upgrade [ find where version!=$InstalledVersion ];
+ }
+}
diff --git a/capsman-download-packages.rsc b/capsman-download-packages.rsc
index 08edd59..2da00ca 100644
--- a/capsman-download-packages.rsc
+++ b/capsman-download-packages.rsc
@@ -1,86 +1,3 @@
#!rsc by RouterOS
-# RouterOS script: capsman-download-packages
-# Copyright (c) 2018-2023 Christian Hesse <mail@eworm.de>
-# Michael Gisbers <michael@gisbers.de>
-# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md
#
-# download and cleanup packages for CAP installation from CAPsMAN
-# https://git.eworm.de/cgit/routeros-scripts/about/doc/capsman-download-packages.md
-
-:local 0 "capsman-download-packages";
-:global GlobalFunctionsReady;
-:while ($GlobalFunctionsReady != true) do={ :delay 500ms; }
-
-:global CleanFilePath;
-:global DownloadPackage;
-:global LogPrintExit2;
-:global MkDir;
-:global ScriptLock;
-:global WaitFullyConnected;
-
-$ScriptLock $0;
-$WaitFullyConnected;
-
-:local PackagePath [ $CleanFilePath [ /caps-man/manager/get package-path ] ];
-:local InstalledVersion [ /system/package/update/get installed-version ];
-:local Updated false;
-
-:if ([ :len $PackagePath ] = 0) do={
- $LogPrintExit2 warning $0 ("The CAPsMAN package path is not defined, can not download packages.") true;
-}
-
-:if ([ :len [ /file/find where name=$PackagePath type="directory" ] ] = 0) do={
- :if ([ $MkDir $PackagePath ] = false) do={
- $LogPrintExit2 warning $0 ("Creating directory at CAPsMAN package path (" . \
- $PackagePath . ") failed!") true;
- }
- $LogPrintExit2 info $0 ("Created directory at CAPsMAN package path (" . $PackagePath . \
- "). Please place your packages!") false;
-}
-
-:foreach Package in=[ /file/find where type=package \
- package-version!=$InstalledVersion name~("^" . $PackagePath) ] do={
- :local File [ /file/get $Package ];
- :if ($File->"package-architecture" = "mips") do={
- :set ($File->"package-architecture") "mipsbe";
- }
- :if ([ $DownloadPackage ($File->"package-name") $InstalledVersion \
- ($File->"package-architecture") $PackagePath ] = true) do={
- :set Updated true;
- /file/remove $Package;
- }
-}
-
-:if ([ :len [ /system/logging/find where topics~"error" !(topics~"!error") \
- !(topics~"!caps") action=memory !disabled !invalid ] ] < 1) do={
- $LogPrintExit2 warning $0 ("Looks like error messages for 'caps' are not sent to memory. " . \
- "Probably can not download packages automatically.") false;
-} else={
- :if ($Updated = false && [ /system/resource/get uptime ] < 2m) do={
- $LogPrintExit2 info $0 ("No packages downloaded, yet. Delaying for logs.") false;
- :delay 2m;
- }
-}
-
-:foreach Log in=[ /log/find where topics=({"caps"; "error"}) \
- message~("upgrade status: failed, failed to download file '.*-" . $InstalledVersion . \
- "-.*\\.npk', no such file") ] do={
- :local Message [ /log/get $Log message ];
- :local Package [ :pick $Message \
- ([ :find $Message "'" ] + 1) \
- [ :find $Message ("-" . $InstalledVersion . "-") ] ];
- :local Arch [ :pick $Message \
- ([ :find $Message ("-" . $InstalledVersion . "-") ] + 2 + [ :len $InstalledVersion ]) \
- [ :find $Message ".npk" ] ];
- :if ([ $DownloadPackage $Package $InstalledVersion $Arch $PackagePath ] = true) do={
- :set Updated true;
- }
-}
-
-:if ($Updated = true) do={
- :if ([ :len [ /system/script/find where name="capsman-rolling-upgrade" ] ] > 0) do={
- /system/script/run capsman-rolling-upgrade;
- } else={
- /caps-man/remote-cap/upgrade [ find where version!=$InstalledVersion ];
- }
-}
+# dummy for migration
diff --git a/capsman-download-packages.template.rsc b/capsman-download-packages.template.rsc
new file mode 100644
index 0000000..71bced0
--- /dev/null
+++ b/capsman-download-packages.template.rsc
@@ -0,0 +1,106 @@
+#!rsc by RouterOS
+# RouterOS script: capsman-download-packages%TEMPL%
+# Copyright (c) 2018-2023 Christian Hesse <mail@eworm.de>
+# Michael Gisbers <michael@gisbers.de>
+# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md
+#
+# download and cleanup packages for CAP installation from CAPsMAN
+# https://git.eworm.de/cgit/routeros-scripts/about/doc/capsman-download-packages.md
+#
+# !! This is just a template! Replace '%PATH%' with 'caps-man',
+# !! 'interface/wireless' or 'interface/wifiwave2'!
+
+:local 0 "capsman-download-packages%TEMPL%";
+:global GlobalFunctionsReady;
+:while ($GlobalFunctionsReady != true) do={ :delay 500ms; }
+
+:global CleanFilePath;
+:global DownloadPackage;
+:global LogPrintExit2;
+:global MkDir;
+:global ScriptLock;
+:global WaitFullyConnected;
+
+$ScriptLock $0;
+$WaitFullyConnected;
+
+:local PackagePath [ $CleanFilePath [ /caps-man/manager/get package-path ] ];
+:local PackagePath [ $CleanFilePath [ /interface/wifiwave2/capsman/get package-path ] ];
+:local InstalledVersion [ /system/package/update/get installed-version ];
+:local Updated false;
+
+:if ([ :len $PackagePath ] = 0) do={
+ $LogPrintExit2 warning $0 ("The CAPsMAN package path is not defined, can not download packages.") true;
+}
+
+:if ([ :len [ /file/find where name=$PackagePath type="directory" ] ] = 0) do={
+ :if ([ $MkDir $PackagePath ] = false) do={
+ $LogPrintExit2 warning $0 ("Creating directory at CAPsMAN package path (" . \
+ $PackagePath . ") failed!") true;
+ }
+ $LogPrintExit2 info $0 ("Created directory at CAPsMAN package path (" . $PackagePath . \
+ "). Please place your packages!") false;
+}
+
+:foreach Package in=[ /file/find where type=package \
+ package-version!=$InstalledVersion name~("^" . $PackagePath) ] do={
+ :local File [ /file/get $Package ];
+ :if ($File->"package-architecture" = "mips") do={
+ :set ($File->"package-architecture") "mipsbe";
+ }
+ :if ([ $DownloadPackage ($File->"package-name") $InstalledVersion \
+ ($File->"package-architecture") $PackagePath ] = true) do={
+ :set Updated true;
+ /file/remove $Package;
+ }
+}
+
+# NOT /interface/wifiwave2 #
+:if ([ :len [ /system/logging/find where topics~"error" !(topics~"!error") \
+ !(topics~"!caps") action=memory !disabled !invalid ] ] < 1) do={
+ $LogPrintExit2 warning $0 ("Looks like error messages for 'caps' are not sent to memory. " . \
+ "Probably can not download packages automatically.") false;
+} else={
+ :if ($Updated = false && [ /system/resource/get uptime ] < 2m) do={
+ $LogPrintExit2 info $0 ("No packages downloaded, yet. Delaying for logs.") false;
+ :delay 2m;
+ }
+}
+
+:foreach Log in=[ /log/find where topics=({"caps"; "error"}) \
+ message~("upgrade status: failed, failed to download file '.*-" . $InstalledVersion . \
+ "-.*\\.npk', no such file") ] do={
+ :local Message [ /log/get $Log message ];
+ :local Package [ :pick $Message \
+ ([ :find $Message "'" ] + 1) \
+ [ :find $Message ("-" . $InstalledVersion . "-") ] ];
+ :local Arch [ :pick $Message \
+ ([ :find $Message ("-" . $InstalledVersion . "-") ] + 2 + [ :len $InstalledVersion ]) \
+ [ :find $Message ".npk" ] ];
+ :if ([ $DownloadPackage $Package $InstalledVersion $Arch $PackagePath ] = true) do={
+ :set Updated true;
+ }
+}
+# NOT /interface/wifiwave2 #
+# NOT /caps-man #
+:if ([ :len [ /file/find where type=package name~("^" . $PackagePath) ] ] = 0) do={
+ $LogPrintExit2 info $0 ("No packages available, downloading default set.") false;
+ :foreach Arch in={ "arm"; "arm64" } do={
+ :foreach Package in={ "routeros"; "wifiwave2" } do={
+ :if ([ $DownloadPackage $Package $InstalledVersion $Arch $PackagePath ] = true) do={
+ :set Updated true;
+ }
+ }
+ }
+}
+# NOT /caps-man #
+
+:if ($Updated = true) do={
+ :local Script ([ /system/script/find where source~"\n# provides: capsman-rolling-upgrade\n" ]->0);
+ :if ([ :len $Script ] > 0) do={
+ /system/script/run $Script;
+ } else={
+ /caps-man/remote-cap/upgrade [ find where version!=$InstalledVersion ];
+ /interface/wifiwave2/capsman/remote-cap/upgrade [ find where version!=$InstalledVersion ];
+ }
+}
diff --git a/capsman-download-packages.wifiwave2.rsc b/capsman-download-packages.wifiwave2.rsc
new file mode 100644
index 0000000..6a12b2d
--- /dev/null
+++ b/capsman-download-packages.wifiwave2.rsc
@@ -0,0 +1,74 @@
+#!rsc by RouterOS
+# RouterOS script: capsman-download-packages.wifiwave2
+# Copyright (c) 2018-2023 Christian Hesse <mail@eworm.de>
+# Michael Gisbers <michael@gisbers.de>
+# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md
+#
+# download and cleanup packages for CAP installation from CAPsMAN
+# https://git.eworm.de/cgit/routeros-scripts/about/doc/capsman-download-packages.md
+#
+# !! Do not edit this file, it is generated from template!
+
+:local 0 "capsman-download-packages.wifiwave2";
+:global GlobalFunctionsReady;
+:while ($GlobalFunctionsReady != true) do={ :delay 500ms; }
+
+:global CleanFilePath;
+:global DownloadPackage;
+:global LogPrintExit2;
+:global MkDir;
+:global ScriptLock;
+:global WaitFullyConnected;
+
+$ScriptLock $0;
+$WaitFullyConnected;
+
+:local PackagePath [ $CleanFilePath [ /interface/wifiwave2/capsman/get package-path ] ];
+:local InstalledVersion [ /system/package/update/get installed-version ];
+:local Updated false;
+
+:if ([ :len $PackagePath ] = 0) do={
+ $LogPrintExit2 warning $0 ("The CAPsMAN package path is not defined, can not download packages.") true;
+}
+
+:if ([ :len [ /file/find where name=$PackagePath type="directory" ] ] = 0) do={
+ :if ([ $MkDir $PackagePath ] = false) do={
+ $LogPrintExit2 warning $0 ("Creating directory at CAPsMAN package path (" . \
+ $PackagePath . ") failed!") true;
+ }
+ $LogPrintExit2 info $0 ("Created directory at CAPsMAN package path (" . $PackagePath . \
+ "). Please place your packages!") false;
+}
+
+:foreach Package in=[ /file/find where type=package \
+ package-version!=$InstalledVersion name~("^" . $PackagePath) ] do={
+ :local File [ /file/get $Package ];
+ :if ($File->"package-architecture" = "mips") do={
+ :set ($File->"package-architecture") "mipsbe";
+ }
+ :if ([ $DownloadPackage ($File->"package-name") $InstalledVersion \
+ ($File->"package-architecture") $PackagePath ] = true) do={
+ :set Updated true;
+ /file/remove $Package;
+ }
+}
+
+:if ([ :len [ /file/find where type=package name~("^" . $PackagePath) ] ] = 0) do={
+ $LogPrintExit2 info $0 ("No packages available, downloading default set.") false;
+ :foreach Arch in={ "arm"; "arm64" } do={
+ :foreach Package in={ "routeros"; "wifiwave2" } do={
+ :if ([ $DownloadPackage $Package $InstalledVersion $Arch $PackagePath ] = true) do={
+ :set Updated true;
+ }
+ }
+ }
+}
+
+:if ($Updated = true) do={
+ :local Script ([ /system/script/find where source~"\n# provides: capsman-rolling-upgrade\n" ]->0);
+ :if ([ :len $Script ] > 0) do={
+ /system/script/run $Script;
+ } else={
+ /interface/wifiwave2/capsman/remote-cap/upgrade [ find where version!=$InstalledVersion ];
+ }
+}
diff --git a/capsman-rolling-upgrade.capsman.rsc b/capsman-rolling-upgrade.capsman.rsc
new file mode 100644
index 0000000..7f83b6c
--- /dev/null
+++ b/capsman-rolling-upgrade.capsman.rsc
@@ -0,0 +1,40 @@
+#!rsc by RouterOS
+# RouterOS script: capsman-rolling-upgrade.capsman
+# Copyright (c) 2018-2023 Christian Hesse <mail@eworm.de>
+# Michael Gisbers <michael@gisbers.de>
+# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md
+#
+# provides: capsman-rolling-upgrade
+#
+# upgrade CAPs one after another
+# https://git.eworm.de/cgit/routeros-scripts/about/doc/capsman-rolling-upgrade.md
+#
+# !! Do not edit this file, it is generated from template!
+
+:local 0 "capsman-rolling-upgrade.capsman";
+:global GlobalFunctionsReady;
+:while ($GlobalFunctionsReady != true) do={ :delay 500ms; }
+
+:global LogPrintExit2;
+:global ScriptLock;
+
+$ScriptLock $0;
+
+:local InstalledVersion [ /system/package/update/get installed-version ];
+
+:local RemoteCapCount [ :len [ /caps-man/remote-cap/find ] ];
+:if ($RemoteCapCount > 0) do={
+ :local Delay (600 / $RemoteCapCount);
+ :if ($Delay > 120) do={ :set Delay 120; }
+ :foreach RemoteCap in=[ /caps-man/remote-cap/find where version!=$InstalledVersion ] do={
+ :local RemoteCapVal [ /caps-man/remote-cap/get $RemoteCap ];
+ :if ([ :len $RemoteCapVal ] > 1) do={
+ $LogPrintExit2 info $0 ("Starting upgrade for " . $RemoteCapVal->"name" . \
+ " (" . $RemoteCapVal->"identity" . ")...") false;
+ /caps-man/remote-cap/upgrade $RemoteCap;
+ } else={
+ $LogPrintExit2 warning $0 ("Remote CAP vanished, skipping upgrade.") false;
+ }
+ :delay ($Delay . "s");
+ }
+}
diff --git a/capsman-rolling-upgrade.rsc b/capsman-rolling-upgrade.rsc
index 1f4a51c..2da00ca 100644
--- a/capsman-rolling-upgrade.rsc
+++ b/capsman-rolling-upgrade.rsc
@@ -1,36 +1,3 @@
#!rsc by RouterOS
-# RouterOS script: capsman-rolling-upgrade
-# Copyright (c) 2018-2023 Christian Hesse <mail@eworm.de>
-# Michael Gisbers <michael@gisbers.de>
-# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md
#
-# upgrade CAPs one after another
-# https://git.eworm.de/cgit/routeros-scripts/about/doc/capsman-rolling-upgrade.md
-
-:local 0 "capsman-rolling-upgrade";
-:global GlobalFunctionsReady;
-:while ($GlobalFunctionsReady != true) do={ :delay 500ms; }
-
-:global LogPrintExit2;
-:global ScriptLock;
-
-$ScriptLock $0;
-
-:local InstalledVersion [ /system/package/update/get installed-version ];
-
-:local RemoteCapCount [ :len [ /caps-man/remote-cap/find ] ];
-:if ($RemoteCapCount > 0) do={
- :local Delay (600 / $RemoteCapCount);
- :if ($Delay > 120) do={ :set Delay 120; }
- :foreach RemoteCap in=[ /caps-man/remote-cap/find where version!=$InstalledVersion ] do={
- :local RemoteCapVal [ /caps-man/remote-cap/get $RemoteCap ];
- :if ([ :len $RemoteCapVal ] > 1) do={
- $LogPrintExit2 info $0 ("Starting upgrade for " . $RemoteCapVal->"name" . \
- " (" . $RemoteCapVal->"identity" . ")...") false;
- /caps-man/remote-cap/upgrade $RemoteCap;
- } else={
- $LogPrintExit2 warning $0 ("Remote CAP vanished, skipping upgrade.") false;
- }
- :delay ($Delay . "s");
- }
-}
+# dummy for migration
diff --git a/capsman-rolling-upgrade.template.rsc b/capsman-rolling-upgrade.template.rsc
new file mode 100644
index 0000000..0890ad2
--- /dev/null
+++ b/capsman-rolling-upgrade.template.rsc
@@ -0,0 +1,48 @@
+#!rsc by RouterOS
+# RouterOS script: capsman-rolling-upgrade%TEMPL%
+# Copyright (c) 2018-2023 Christian Hesse <mail@eworm.de>
+# Michael Gisbers <michael@gisbers.de>
+# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md
+#
+# provides: capsman-rolling-upgrade
+#
+# upgrade CAPs one after another
+# https://git.eworm.de/cgit/routeros-scripts/about/doc/capsman-rolling-upgrade.md
+#
+# !! This is just a template! Replace '%PATH%' with 'caps-man',
+# !! 'interface/wireless' or 'interface/wifiwave2'!
+
+:local 0 "capsman-rolling-upgrade%TEMPL%";
+:global GlobalFunctionsReady;
+:while ($GlobalFunctionsReady != true) do={ :delay 500ms; }
+
+:global LogPrintExit2;
+:global ScriptLock;
+
+$ScriptLock $0;
+
+:local InstalledVersion [ /system/package/update/get installed-version ];
+
+:local RemoteCapCount [ :len [ /caps-man/remote-cap/find ] ];
+:local RemoteCapCount [ :len [ /interface/wifiwave2/capsman/remote-cap/find ] ];
+:if ($RemoteCapCount > 0) do={
+ :local Delay (600 / $RemoteCapCount);
+ :if ($Delay > 120) do={ :set Delay 120; }
+ :foreach RemoteCap in=[ /caps-man/remote-cap/find where version!=$InstalledVersion ] do={
+ :foreach RemoteCap in=[ /interface/wifiwave2/capsman/remote-cap/find where version!=$InstalledVersion ] do={
+ :local RemoteCapVal [ /caps-man/remote-cap/get $RemoteCap ];
+ :local RemoteCapVal [ /interface/wifiwave2/capsman/remote-cap/get $RemoteCap ];
+ :if ([ :len $RemoteCapVal ] > 1) do={
+# NOT /caps-man #
+ :set ($RemoteCapVal->"name") ($RemoteCapVal->"common-name");
+# NOT /caps-man #
+ $LogPrintExit2 info $0 ("Starting upgrade for " . $RemoteCapVal->"name" . \
+ " (" . $RemoteCapVal->"identity" . ")...") false;
+ /caps-man/remote-cap/upgrade $RemoteCap;
+ /interface/wifiwave2/capsman/remote-cap/upgrade $RemoteCap;
+ } else={
+ $LogPrintExit2 warning $0 ("Remote CAP vanished, skipping upgrade.") false;
+ }
+ :delay ($Delay . "s");
+ }
+}
diff --git a/capsman-rolling-upgrade.wifiwave2.rsc b/capsman-rolling-upgrade.wifiwave2.rsc
new file mode 100644
index 0000000..c0c08e7
--- /dev/null
+++ b/capsman-rolling-upgrade.wifiwave2.rsc
@@ -0,0 +1,41 @@
+#!rsc by RouterOS
+# RouterOS script: capsman-rolling-upgrade.wifiwave2
+# Copyright (c) 2018-2023 Christian Hesse <mail@eworm.de>
+# Michael Gisbers <michael@gisbers.de>
+# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md
+#
+# provides: capsman-rolling-upgrade
+#
+# upgrade CAPs one after another
+# https://git.eworm.de/cgit/routeros-scripts/about/doc/capsman-rolling-upgrade.md
+#
+# !! Do not edit this file, it is generated from template!
+
+:local 0 "capsman-rolling-upgrade.wifiwave2";
+:global GlobalFunctionsReady;
+:while ($GlobalFunctionsReady != true) do={ :delay 500ms; }
+
+:global LogPrintExit2;
+:global ScriptLock;
+
+$ScriptLock $0;
+
+:local InstalledVersion [ /system/package/update/get installed-version ];
+
+:local RemoteCapCount [ :len [ /interface/wifiwave2/capsman/remote-cap/find ] ];
+:if ($RemoteCapCount > 0) do={
+ :local Delay (600 / $RemoteCapCount);
+ :if ($Delay > 120) do={ :set Delay 120; }
+ :foreach RemoteCap in=[ /interface/wifiwave2/capsman/remote-cap/find where version!=$InstalledVersion ] do={
+ :local RemoteCapVal [ /interface/wifiwave2/capsman/remote-cap/get $RemoteCap ];
+ :if ([ :len $RemoteCapVal ] > 1) do={
+ :set ($RemoteCapVal->"name") ($RemoteCapVal->"common-name");
+ $LogPrintExit2 info $0 ("Starting upgrade for " . $RemoteCapVal->"name" . \
+ " (" . $RemoteCapVal->"identity" . ")...") false;
+ /interface/wifiwave2/capsman/remote-cap/upgrade $RemoteCap;
+ } else={
+ $LogPrintExit2 warning $0 ("Remote CAP vanished, skipping upgrade.") false;
+ }
+ :delay ($Delay . "s");
+ }
+}
diff --git a/collect-wireless-mac.capsman.rsc b/collect-wireless-mac.capsman.rsc
index c6cae9c..f21fc46 100644
--- a/collect-wireless-mac.capsman.rsc
+++ b/collect-wireless-mac.capsman.rsc
@@ -3,11 +3,11 @@
# Copyright (c) 2013-2023 Christian Hesse <mail@eworm.de>
# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md
#
+# provides: lease-script, order=40
+#
# collect wireless mac adresses in access list
# https://git.eworm.de/cgit/routeros-scripts/about/doc/collect-wireless-mac.md
#
-# provides: lease-script, order=40
-#
# !! Do not edit this file, it is generated from template!
:local 0 "collect-wireless-mac.capsman";
diff --git a/collect-wireless-mac.local.rsc b/collect-wireless-mac.local.rsc
index fa8fe8d..6bc8f45 100644
--- a/collect-wireless-mac.local.rsc
+++ b/collect-wireless-mac.local.rsc
@@ -3,11 +3,11 @@
# Copyright (c) 2013-2023 Christian Hesse <mail@eworm.de>
# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md
#
+# provides: lease-script, order=40
+#
# collect wireless mac adresses in access list
# https://git.eworm.de/cgit/routeros-scripts/about/doc/collect-wireless-mac.md
#
-# provides: lease-script, order=40
-#
# !! Do not edit this file, it is generated from template!
:local 0 "collect-wireless-mac.local";
diff --git a/collect-wireless-mac.template.rsc b/collect-wireless-mac.template.rsc
index 6f9efc5..df6b831 100644
--- a/collect-wireless-mac.template.rsc
+++ b/collect-wireless-mac.template.rsc
@@ -3,13 +3,13 @@
# Copyright (c) 2013-2023 Christian Hesse <mail@eworm.de>
# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md
#
+# provides: lease-script, order=40
+#
# collect wireless mac adresses in access list
# https://git.eworm.de/cgit/routeros-scripts/about/doc/collect-wireless-mac.md
#
-# provides: lease-script, order=40
-#
-# !! This is just a template! Replace '%PATH%' with 'caps-man'
-# !! or 'interface wireless'!
+# !! This is just a template to generate the real script!
+# !! Pattern '%TEMPL%' is replaced, paths are filtered.
:local 0 "collect-wireless-mac%TEMPL%";
:global GlobalFunctionsReady;
@@ -27,25 +27,39 @@
$ScriptLock $0 false 10;
-:if ([ :len [ /%PATH%/access-list/find where comment="--- collected above ---" disabled ] ] = 0) do={
- /%PATH%/access-list/add comment="--- collected above ---" disabled=yes;
+:if ([ :len [ /caps-man/access-list/find where comment="--- collected above ---" disabled ] ] = 0) do={
+:if ([ :len [ /interface/wifiwave2/access-list/find where comment="--- collected above ---" disabled ] ] = 0) do={
+:if ([ :len [ /interface/wireless/access-list/find where comment="--- collected above ---" disabled ] ] = 0) do={
+ /caps-man/access-list/add comment="--- collected above ---" disabled=yes;
+ /interface/wifiwave2/access-list/add comment="--- collected above ---" disabled=yes;
+ /interface/wireless/access-list/add comment="--- collected above ---" disabled=yes;
$LogPrintExit2 warning $0 ("Added disabled access-list entry with comment '--- collected above ---'.") false;
}
-:local PlaceBefore ([ /%PATH%/access-list/find where comment="--- collected above ---" disabled ]->0);
+:local PlaceBefore ([ /caps-man/access-list/find where comment="--- collected above ---" disabled ]->0);
+:local PlaceBefore ([ /interface/wifiwave2/access-list/find where comment="--- collected above ---" disabled ]->0);
+:local PlaceBefore ([ /interface/wireless/access-list/find where comment="--- collected above ---" disabled ]->0);
-:foreach Reg in=[ /%PATH%/registration-table/find ] do={
+:foreach Reg in=[ /caps-man/registration-table/find ] do={
+:foreach Reg in=[ /interface/wifiwave2/registration-table/find ] do={
+:foreach Reg in=[ /interface/wireless/registration-table/find ] do={
:local RegVal;
:do {
- :set RegVal [ /%PATH%/registration-table/get $Reg ];
+ :set RegVal [ /caps-man/registration-table/get $Reg ];
+ :set RegVal [ /interface/wifiwave2/registration-table/get $Reg ];
+ :set RegVal [ /interface/wireless/registration-table/get $Reg ];
} on-error={
$LogPrintExit2 debug $0 ("Device already gone... Ignoring.") false;
}
:if ([ :len ($RegVal->"mac-address") ] > 0) do={
- :local AccessList ([ /%PATH%/access-list/find where mac-address=($RegVal->"mac-address") ]->0);
+ :local AccessList ([ /caps-man/access-list/find where mac-address=($RegVal->"mac-address") ]->0);
+ :local AccessList ([ /interface/wifiwave2/access-list/find where mac-address=($RegVal->"mac-address") ]->0);
+ :local AccessList ([ /interface/wireless/access-list/find where mac-address=($RegVal->"mac-address") ]->0);
:if ([ :len $AccessList ] > 0) do={
$LogPrintExit2 debug $0 ("MAC address " . $RegVal->"mac-address" . " already known: " . \
- [ /%PATH%/access-list/get $AccessList comment ]) false;
+ [ /caps-man/access-list/get $AccessList comment ]) false;
+ [ /interface/wifiwave2/access-list/get $AccessList comment ]) false;
+ [ /interface/wireless/access-list/get $AccessList comment ]) false;
}
:if ([ :len $AccessList ] = 0) do={
@@ -68,7 +82,9 @@ $ScriptLock $0 false 10;
:local Message ("MAC address " . $RegVal->"mac-address" . " (" . $Vendor . ", " . $HostName . ") " . \
"first seen on " . $DateTime . " connected to SSID " . $RegVal->"ssid" . ", interface " . $RegVal->"interface");
$LogPrintExit2 info $0 $Message false;
- /%PATH%/access-list/add place-before=$PlaceBefore comment=$Message mac-address=($RegVal->"mac-address") disabled=yes;
+ /caps-man/access-list/add place-before=$PlaceBefore comment=$Message mac-address=($RegVal->"mac-address") disabled=yes;
+ /interface/wifiwave2/access-list/add place-before=$PlaceBefore comment=$Message mac-address=($RegVal->"mac-address") disabled=yes;
+ /interface/wireless/access-list/add place-before=$PlaceBefore comment=$Message mac-address=($RegVal->"mac-address") disabled=yes;
$SendNotification2 ({ origin=$0; \
subject=([ $SymbolForNotification "mobile-phone" ] . $RegVal->"mac-address" . " connected to " . $RegVal->"ssid"); \
message=("A device with unknown MAC address connected to " . $RegVal->"ssid" . " on " . $Identity . ".\n\n" . \
diff --git a/collect-wireless-mac.wifiwave2.rsc b/collect-wireless-mac.wifiwave2.rsc
new file mode 100644
index 0000000..42713a6
--- /dev/null
+++ b/collect-wireless-mac.wifiwave2.rsc
@@ -0,0 +1,86 @@
+#!rsc by RouterOS
+# RouterOS script: collect-wireless-mac.wifiwave2
+# Copyright (c) 2013-2023 Christian Hesse <mail@eworm.de>
+# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md
+#
+# provides: lease-script, order=40
+#
+# collect wireless mac adresses in access list
+# https://git.eworm.de/cgit/routeros-scripts/about/doc/collect-wireless-mac.md
+#
+# !! Do not edit this file, it is generated from template!
+
+:local 0 "collect-wireless-mac.wifiwave2";
+:global GlobalFunctionsReady;
+:while ($GlobalFunctionsReady != true) do={ :delay 500ms; }
+
+:global Identity;
+
+:global EitherOr;
+:global FormatLine;
+:global GetMacVendor;
+:global LogPrintExit2;
+:global ScriptLock;
+:global SendNotification2;
+:global SymbolForNotification;
+
+$ScriptLock $0 false 10;
+
+:if ([ :len [ /interface/wifiwave2/access-list/find where comment="--- collected above ---" disabled ] ] = 0) do={
+ /interface/wifiwave2/access-list/add comment="--- collected above ---" disabled=yes;
+ $LogPrintExit2 warning $0 ("Added disabled access-list entry with comment '--- collected above ---'.") false;
+}
+:local PlaceBefore ([ /interface/wifiwave2/access-list/find where comment="--- collected above ---" disabled ]->0);
+
+:foreach Reg in=[ /interface/wifiwave2/registration-table/find ] do={
+ :local RegVal;
+ :do {
+ :set RegVal [ /interface/wifiwave2/registration-table/get $Reg ];
+ } on-error={
+ $LogPrintExit2 debug $0 ("Device already gone... Ignoring.") false;
+ }
+
+ :if ([ :len ($RegVal->"mac-address") ] > 0) do={
+ :local AccessList ([ /interface/wifiwave2/access-list/find where mac-address=($RegVal->"mac-address") ]->0);
+ :if ([ :len $AccessList ] > 0) do={
+ $LogPrintExit2 debug $0 ("MAC address " . $RegVal->"mac-address" . " already known: " . \
+ [ /interface/wifiwave2/access-list/get $AccessList comment ]) false;
+ }
+
+ :if ([ :len $AccessList ] = 0) do={
+ :local Address "no dhcp lease";
+ :local DnsName "no dhcp lease";
+ :local HostName "no dhcp lease";
+ :local Lease ([ /ip/dhcp-server/lease/find where active-mac-address=($RegVal->"mac-address") dynamic=yes status=bound ]->0);
+ :if ([ :len $Lease ] > 0) do={
+ :set Address [ /ip/dhcp-server/lease/get $Lease active-address ];
+ :set HostName [ $EitherOr [ /ip/dhcp-server/lease/get $Lease host-name ] "no hostname" ];
+ :set DnsName "no dns name";
+ :local DnsRec ([ /ip/dns/static/find where address=$Address ]->0);
+ :if ([ :len $DnsRec ] > 0) do={
+ :set DnsName [ /ip/dns/static/get $DnsRec name ];
+ }
+ }
+ :local DateTime ([ /system/clock/get date ] . " " . [ /system/clock/get time ]);
+ :local Vendor [ $GetMacVendor ($RegVal->"mac-address") ];
+ :local Message ("MAC address " . $RegVal->"mac-address" . " (" . $Vendor . ", " . $HostName . ") " . \
+ "first seen on " . $DateTime . " connected to SSID " . $RegVal->"ssid" . ", interface " . $RegVal->"interface");
+ $LogPrintExit2 info $0 $Message false;
+ /interface/wifiwave2/access-list/add place-before=$PlaceBefore comment=$Message mac-address=($RegVal->"mac-address") disabled=yes;
+ $SendNotification2 ({ origin=$0; \
+ subject=([ $SymbolForNotification "mobile-phone" ] . $RegVal->"mac-address" . " connected to " . $RegVal->"ssid"); \
+ message=("A device with unknown MAC address connected to " . $RegVal->"ssid" . " on " . $Identity . ".\n\n" . \
+ [ $FormatLine "Controller" $Identity ] . "\n" . \
+ [ $FormatLine "Interface" ($RegVal->"interface") ] . "\n" . \
+ [ $FormatLine "SSID" ($RegVal->"ssid") ] . "\n" . \
+ [ $FormatLine "MAC" ($RegVal->"mac-address") ] . "\n" . \
+ [ $FormatLine "Vendor" $Vendor ] . "\n" . \
+ [ $FormatLine "Hostname" $HostName ] . "\n" . \
+ [ $FormatLine "Address" $Address ] . "\n" . \
+ [ $FormatLine "DNS name" $DnsName ] . "\n" . \
+ [ $FormatLine "Date" $DateTime ]) });
+ }
+ } else={
+ $LogPrintExit2 debug $0 ("No mac address available... Ignoring.") false;
+ }
+}
diff --git a/daily-psk.template.rsc b/daily-psk.template.rsc
index 777f6c0..125e6c5 100644
--- a/daily-psk.template.rsc
+++ b/daily-psk.template.rsc
@@ -7,8 +7,8 @@
# update daily PSK (pre shared key)
# https://git.eworm.de/cgit/routeros-scripts/about/doc/daily-psk.md
#
-# !! This is just a template! Replace '%PATH%' with 'caps-man'
-# !! or 'interface wireless'!
+# !! This is just a template to generate the real script!
+# !! Pattern '%TEMPL%' is replaced, paths are filtered.
:local 0 "daily-psk%TEMPL%";
:global GlobalFunctionsReady;
@@ -55,24 +55,32 @@ $WaitFullyConnected;
:local Date [ /system/clock/get date ];
:local NewPsk [ $GeneratePSK $Date ];
-:foreach AccList in=[ /%PATH%/access-list/find where comment~$DailyPskMatchComment ] do={
- :local IntName [ /interface/wireless/access-list/get $AccList interface ];
- :local Ssid [ /interface/wireless/get $IntName ssid ];
- :local OldPsk [ /interface/wireless/access-list/get $AccList private-pre-shared-key ];
- # /interface/wireless above - /caps-man below
+:foreach AccList in=[ /caps-man/access-list/find where comment~$DailyPskMatchComment ] do={
+:foreach AccList in=[ /interface/wifiwave2/access-list/find where comment~$DailyPskMatchComment ] do={
+:foreach AccList in=[ /interface/wireless/access-list/find where comment~$DailyPskMatchComment ] do={
:local SsidRegExp [ /caps-man/access-list/get $AccList ssid-regexp ];
+ :local SsidRegExp [ /interface/wifiwave2/access-list/get $AccList ssid-regexp ];
:local Configuration ([ /caps-man/configuration/find where ssid~$SsidRegExp ]->0);
+ :local Configuration ([ /interface/wifiwave2/configuration/find where ssid~$SsidRegExp ]->0);
:local Ssid [ /caps-man/configuration/get $Configuration ssid ];
+ :local Ssid [ /interface/wifiwave2/configuration/get $Configuration ssid ];
:local OldPsk [ /caps-man/access-list/get $AccList private-passphrase ];
+ :local OldPsk [ /interface/wifiwave2/access-list/get $AccList passphrase ];
+ # /caps-man /interface/wifiwave2 above - /interface/wireless below
+ :local IntName [ /interface/wireless/access-list/get $AccList interface ];
+ :local Ssid [ /interface/wireless/get $IntName ssid ];
+ :local OldPsk [ /interface/wireless/access-list/get $AccList private-pre-shared-key ];
:local Skip 0;
:if ($NewPsk != $OldPsk) do={
$LogPrintExit2 info $0 ("Updating daily PSK for " . $Ssid . " to " . $NewPsk . " (was " . $OldPsk . ")") false;
- /interface/wireless/access-list/set $AccList private-pre-shared-key=$NewPsk;
/caps-man/access-list/set $AccList private-passphrase=$NewPsk;
+ /interface/wifiwave2/access-list/set $AccList passphrase=$NewPsk;
+ /interface/wireless/access-list/set $AccList private-pre-shared-key=$NewPsk;
- :if ([ :len [ /interface/wireless/find where name=$IntName !disabled ] ] = 1) do={
:if ([ :len [ /caps-man/actual-interface-configuration/find where configuration.ssid=$Ssid !disabled ] ] > 0) do={
+ :if ([ :len [ /interface/wifiwave2/actual-configuration/find where configuration.ssid=$Ssid ] ] > 0) do={
+ :if ([ :len [ /interface/wireless/find where name=$IntName !disabled ] ] = 1) do={
:foreach SeenSsid in=$Seen do={
:if ($SeenSsid = $Ssid) do={
$LogPrintExit2 debug $0 ("Already sent a mail for SSID " . $Ssid . ", skipping.") false;
diff --git a/daily-psk.wifiwave2.rsc b/daily-psk.wifiwave2.rsc
new file mode 100644
index 0000000..40c79cd
--- /dev/null
+++ b/daily-psk.wifiwave2.rsc
@@ -0,0 +1,90 @@
+#!rsc by RouterOS
+# RouterOS script: daily-psk.wifiwave2
+# Copyright (c) 2013-2023 Christian Hesse <mail@eworm.de>
+# Michael Gisbers <michael@gisbers.de>
+# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md
+#
+# update daily PSK (pre shared key)
+# https://git.eworm.de/cgit/routeros-scripts/about/doc/daily-psk.md
+#
+# !! Do not edit this file, it is generated from template!
+
+:local 0 "daily-psk.wifiwave2";
+:global GlobalFunctionsReady;
+:while ($GlobalFunctionsReady != true) do={ :delay 500ms; }
+
+:global DailyPskMatchComment;
+:global DailyPskQrCodeUrl;
+:global Identity;
+
+:global FormatLine;
+:global LogPrintExit2;
+:global ScriptLock;
+:global SendNotification2;
+:global SymbolForNotification;
+:global UrlEncode;
+:global WaitForFile;
+:global WaitFullyConnected;
+
+$ScriptLock $0;
+$WaitFullyConnected;
+
+# return pseudo-random string for PSK
+:local GeneratePSK do={
+ :local Date [ :tostr $1 ];
+
+ :global DailyPskSecrets;
+
+ :global ParseDate;
+
+ :set Date [ $ParseDate $Date ];
+
+ :local A ((14 - ($Date->"month")) / 12);
+ :local B (($Date->"year") - $A);
+ :local C (($Date->"month") + 12 * $A - 2);
+ :local WeekDay (7000 + ($Date->"day") + $B + ($B / 4) - ($B / 100) + ($B / 400) + ((31 * $C) / 12));
+ :set WeekDay ($WeekDay - (($WeekDay / 7) * 7));
+
+ :return (($DailyPskSecrets->0->(($Date->"day") - 1)) . \
+ ($DailyPskSecrets->1->(($Date->"month") - 1)) . \
+ ($DailyPskSecrets->2->$WeekDay));
+}
+
+:local Seen ({});
+:local Date [ /system/clock/get date ];
+:local NewPsk [ $GeneratePSK $Date ];
+
+:foreach AccList in=[ /interface/wifiwave2/access-list/find where comment~$DailyPskMatchComment ] do={
+ :local SsidRegExp [ /interface/wifiwave2/access-list/get $AccList ssid-regexp ];
+ :local Configuration ([ /interface/wifiwave2/configuration/find where ssid~$SsidRegExp ]->0);
+ :local Ssid [ /interface/wifiwave2/configuration/get $Configuration ssid ];
+ :local OldPsk [ /interface/wifiwave2/access-list/get $AccList passphrase ];
+ :local Skip 0;
+
+ :if ($NewPsk != $OldPsk) do={
+ $LogPrintExit2 info $0 ("Updating daily PSK for " . $Ssid . " to " . $NewPsk . " (was " . $OldPsk . ")") false;
+ /interface/wifiwave2/access-list/set $AccList passphrase=$NewPsk;
+
+ :if ([ :len [ /interface/wifiwave2/actual-configuration/find where configuration.ssid=$Ssid ] ] > 0) do={
+ :foreach SeenSsid in=$Seen do={
+ :if ($SeenSsid = $Ssid) do={
+ $LogPrintExit2 debug $0 ("Already sent a mail for SSID " . $Ssid . ", skipping.") false;
+ :set Skip 1;
+ }
+ }
+
+ :if ($Skip = 0) do={
+ :set Seen ($Seen, $Ssid);
+ :local Link ($DailyPskQrCodeUrl . \
+ "?scale=8&level=1&ssid=" . [ $UrlEncode $Ssid ] . "&pass=" . [ $UrlEncode $NewPsk ]);
+ $SendNotification2 ({ origin=$0; \
+ subject=([ $SymbolForNotification "calendar" ] . "daily PSK " . $Ssid); \
+ message=("This is the daily PSK on " . $Identity . ":\n\n" . \
+ [ $FormatLine "SSID" $Ssid ] . "\n" . \
+ [ $FormatLine "PSK" $NewPsk ] . "\n" . \
+ [ $FormatLine "Date" $Date ] . "\n\n" . \
+ "A client device specific rule must not exist!"); link=$Link });
+ }
+ }
+ }
+}
diff --git a/dhcp-lease-comment.template.rsc b/dhcp-lease-comment.template.rsc
index be28cfd..0f16285 100644
--- a/dhcp-lease-comment.template.rsc
+++ b/dhcp-lease-comment.template.rsc
@@ -8,8 +8,8 @@
# update dhcp-server lease comment with infos from access-list
# https://git.eworm.de/cgit/routeros-scripts/about/doc/dhcp-lease-comment.md
#
-# !! This is just a template! Replace '%PATH%' with 'caps-man'
-# !! or 'interface wireless'!
+# !! This is just a template to generate the real script!
+# !! Pattern '%TEMPL%' is replaced, paths are filtered.
:local 0 "dhcp-lease-comment%TEMPL%";
:global GlobalFunctionsReady;
@@ -23,9 +23,13 @@ $ScriptLock $0;
:foreach Lease in=[ /ip/dhcp-server/lease/find where dynamic=yes status=bound ] do={
:local LeaseVal [ /ip/dhcp-server/lease/get $Lease ];
:local NewComment;
- :local AccessList ([ /%PATH%/access-list/find where mac-address=($LeaseVal->"active-mac-address") ]->0);
+ :local AccessList ([ /caps-man/access-list/find where mac-address=($LeaseVal->"active-mac-address") ]->0);
+ :local AccessList ([ /interface/wifiwave2/access-list/find where mac-address=($LeaseVal->"active-mac-address") ]->0);
+ :local AccessList ([ /interface/wireless/access-list/find where mac-address=($LeaseVal->"active-mac-address") ]->0);
:if ([ :len $AccessList ] > 0) do={
- :set NewComment [ /%PATH%/access-list/get $AccessList comment ];
+ :set NewComment [ /caps-man/access-list/get $AccessList comment ];
+ :set NewComment [ /interface/wifiwave2/access-list/get $AccessList comment ];
+ :set NewComment [ /interface/wireless/access-list/get $AccessList comment ];
}
:if ([ :len $NewComment ] != 0 && $LeaseVal->"comment" != $NewComment) do={
$LogPrintExit2 info $0 ("Updating comment for DHCP lease " . $LeaseVal->"active-mac-address" . ": " . $NewComment) false;
diff --git a/dhcp-lease-comment.wifiwave2.rsc b/dhcp-lease-comment.wifiwave2.rsc
new file mode 100644
index 0000000..200c53b
--- /dev/null
+++ b/dhcp-lease-comment.wifiwave2.rsc
@@ -0,0 +1,33 @@
+#!rsc by RouterOS
+# RouterOS script: dhcp-lease-comment.wifiwave2
+# Copyright (c) 2013-2023 Christian Hesse <mail@eworm.de>
+# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md
+#
+# provides: lease-script, order=60
+#
+# update dhcp-server lease comment with infos from access-list
+# https://git.eworm.de/cgit/routeros-scripts/about/doc/dhcp-lease-comment.md
+#
+# !! Do not edit this file, it is generated from template!
+
+:local 0 "dhcp-lease-comment.wifiwave2";
+:global GlobalFunctionsReady;
+:while ($GlobalFunctionsReady != true) do={ :delay 500ms; }
+
+:global LogPrintExit2;
+:global ScriptLock;
+
+$ScriptLock $0;
+
+:foreach Lease in=[ /ip/dhcp-server/lease/find where dynamic=yes status=bound ] do={
+ :local LeaseVal [ /ip/dhcp-server/lease/get $Lease ];
+ :local NewComment;
+ :local AccessList ([ /interface/wifiwave2/access-list/find where mac-address=($LeaseVal->"active-mac-address") ]->0);
+ :if ([ :len $AccessList ] > 0) do={
+ :set NewComment [ /interface/wifiwave2/access-list/get $AccessList comment ];
+ }
+ :if ([ :len $NewComment ] != 0 && $LeaseVal->"comment" != $NewComment) do={
+ $LogPrintExit2 info $0 ("Updating comment for DHCP lease " . $LeaseVal->"active-mac-address" . ": " . $NewComment) false;
+ /ip/dhcp-server/lease/set comment=$NewComment $Lease;
+ }
+}
diff --git a/doc/accesslist-duplicates.md b/doc/accesslist-duplicates.md
index c59aebf..e3767e7 100644
--- a/doc/accesslist-duplicates.md
+++ b/doc/accesslist-duplicates.md
@@ -15,14 +15,19 @@ entries in wireless access list.
Requirements and installation
-----------------------------
-Depending on whether you use CAPsMAN (`/caps-man`) or local wireless
-interface (`/interface/wireless`) you need to install a different script.
+Depending on whether you use `wifiwave2` package (`/interface/wifiwave2`)
+or legacy wifi with CAPsMAN (`/caps-man`) or local wireless interface
+(`/interface/wireless`) you need to install a different script.
-For CAPsMAN:
+For `wifiwave2`:
+
+ $ScriptInstallUpdate accesslist-duplicates.wifiwave2;
+
+For legacy CAPsMAN:
$ScriptInstallUpdate accesslist-duplicates.capsman;
-For local interface:
+For legacy local interface:
$ScriptInstallUpdate accesslist-duplicates.local;
diff --git a/doc/capsman-download-packages.md b/doc/capsman-download-packages.md
index 58f84e8..8174c13 100644
--- a/doc/capsman-download-packages.md
+++ b/doc/capsman-download-packages.md
@@ -18,24 +18,39 @@ This script automatically downloads these packages.
Requirements and installation
-----------------------------
-Just install the script on CAPsMAN device:
+Just install the script on CAPsMAN device. Depending on whether you use
+`wifiwave2` package (`/interface/wifiwave2`) or legacy wifi with CAPsMAN
+(`/caps-man`) you need to install a different script.
- $ScriptInstallUpdate capsman-download-packages;
+For `wifiwave2`:
-Optionally add a scheduler to run after startup:
+ $ScriptInstallUpdate capsman-download-packages.wifiwave2;
- /system/scheduler/add name=capsman-download-packages on-event="/system/script/run capsman-download-packages;" start-time=startup;
+For legacy CAPsMAN:
+
+ $ScriptInstallUpdate capsman-download-packages.capsman;
+
+Optionally add a scheduler to run after startup. For `wifiwave2`:
+
+ /system/scheduler/add name=capsman-download-packages on-event="/system/script/run capsman-download-packages.wifiwave2;" start-time=startup;
+
+For legacy CAPsMAN:
+
+ /system/scheduler/add name=capsman-download-packages on-event="/system/script/run capsman-download-packages.capsman;" start-time=startup;
Packages available in local storage in older version are downloaded
-unconditionally. The script tries to download missing packages by guessing
-from system log.
+unconditionally.
+
+If no packages are found the script tries to download missing packages for
+legacy CAPsMAN by guessing from system log. For `wifiwave2` a default set
+of packages (`routeros` and `wifiwave2` for *arm* and *arm64*) is downloaded.
Usage and invocation
--------------------
Run the script manually:
- /system/script/run capsman-download-packages;
+ /system/script/run capsman-download-packages.wifiwave2;
... or from scheduler.
diff --git a/doc/capsman-rolling-upgrade.md b/doc/capsman-rolling-upgrade.md
index d146adf..5c038e9 100644
--- a/doc/capsman-rolling-upgrade.md
+++ b/doc/capsman-rolling-upgrade.md
@@ -20,9 +20,17 @@ parallel.
Requirements and installation
-----------------------------
-Just install the script:
+Just install the script on CAPsMAN device. Depending on whether you use
+`wifiwave2` package (`/interface/wifiwave2`) or legacy wifi with CAPsMAN
+(`/caps-man`) you need to install a different script.
- $ScriptInstallUpdate capsman-rolling-upgrade;
+For `wifiwave2`:
+
+ $ScriptInstallUpdate capsman-rolling-upgrade.wifiwave2;
+
+For legacy CAPsMAN:
+
+ $ScriptInstallUpdate capsman-rolling-upgrade.capsman;
Usage and invocation
--------------------
@@ -33,7 +41,7 @@ that script when required.
Alternatively run it manually:
- /system/script/run capsman-rolling-upgrade;
+ /system/script/run capsman-rolling-upgrade.wifiwave2;
See also
--------
diff --git a/doc/collect-wireless-mac.md b/doc/collect-wireless-mac.md
index dd3743f..9ba1e3a 100644
--- a/doc/collect-wireless-mac.md
+++ b/doc/collect-wireless-mac.md
@@ -22,14 +22,19 @@ and modify it to your needs.
Requirements and installation
-----------------------------
-Depending on whether you use CAPsMAN (`/caps-man`) or local wireless
-interface (`/interface/wireless`) you need to install a different script.
+Depending on whether you use `wifiwave2` package (`/interface/wifiwave2`)
+or legacy wifi with CAPsMAN (`/caps-man`) or local wireless interface
+(`/interface/wireless`) you need to install a different script.
-For CAPsMAN:
+For `wifiwave2`:
+
+ $ScriptInstallUpdate collect-wireless-mac.capsman.wifiwave2;
+
+For legacy CAPsMAN:
$ScriptInstallUpdate collect-wireless-mac.capsman;
-For local interface:
+For legacy local interface:
$ScriptInstallUpdate collect-wireless-mac.local;
diff --git a/doc/daily-psk.md b/doc/daily-psk.md
index 9a5e558..60a645f 100644
--- a/doc/daily-psk.md
+++ b/doc/daily-psk.md
@@ -21,17 +21,24 @@ Requirements and installation
Just install this script.
-Depending on whether you use CAPsMAN (`/caps-man`) or local wireless
-interface (`/interface/wireless`) you need to install a different script
-and add schedulers to run the script:
+Depending on whether you use `wifiwave2` package (`/interface/wifiwave2`)
+or legacy wifi with CAPsMAN (`/caps-man`) or local wireless interface
+(`/interface/wireless`) you need to install a different script and add
+schedulers to run the script:
-For CAPsMAN:
+For `wifiwave2`:
+
+ $ScriptInstallUpdate daily-psk.wifiwave2;
+ /system/scheduler/add interval=1d name=daily-psk on-event="/system/script/run daily-psk.wifiwave2;" start-time=03:00:00;
+ /system/scheduler/add name=daily-psk@startup on-event="/system/script/run daily-psk.wifiwave2;" start-time=startup;
+
+For legacy CAPsMAN:
$ScriptInstallUpdate daily-psk.capsman;
/system/scheduler/add interval=1d name=daily-psk on-event="/system/script/run daily-psk.capsman;" start-time=03:00:00;
/system/scheduler/add name=daily-psk@startup on-event="/system/script/run daily-psk.capsman;" start-time=startup;
-For local interface:
+For legacy local interface:
$ScriptInstallUpdate daily-psk.local;
/system/scheduler/add interval=1d name=daily-psk on-event="/system/script/run daily-psk.local;" start-time=03:00:00;
@@ -51,11 +58,15 @@ The configuration goes to `global-config-overlay`, these are the parameters:
> [`global-config`](../global-config.rsc) (the one without `-overlay`) to
> your local `global-config-overlay` and modify it to your specific needs.
-Then add an access list entry. For CAPsMAN:
+Then add an access list entry. For `wifiwave2`:
+
+ /interface/wifiwave2/access-list/add comment="Daily PSK" ssid-regexp="-guest\$" passphrase="ToBeChangedDaily";
+
+For legacy CAPsMAN:
/caps-man/access-list/add comment="Daily PSK" ssid-regexp="-guest\$" private-passphrase="ToBeChangedDaily";
-For local interface:
+For legacy local interface:
/interface/wireless/access-list/add comment="Daily PSK" interface=wl-daily private-pre-shared-key="ToBeChangedDaily";
diff --git a/doc/dhcp-lease-comment.md b/doc/dhcp-lease-comment.md
index 4add0b8..cd29641 100644
--- a/doc/dhcp-lease-comment.md
+++ b/doc/dhcp-lease-comment.md
@@ -15,14 +15,19 @@ from wireless access list.
Requirements and installation
-----------------------------
-Depending on whether you use CAPsMAN (`/caps-man`) or local wireless
-interface (`/interface/wireless`) you need to install a different script.
+Depending on whether you use `wifiwave2` package (`/interface/wifiwave2`)
+or legacy wifi with CAPsMAN (`/caps-man`) or local wireless interface
+(`/interface/wireless`) you need to install a different script.
-For CAPsMAN:
+For `wifiwave2`:
+
+ $ScriptInstallUpdate dhcp-lease-comment.wifiwave2;
+
+For legacy CAPsMAN:
$ScriptInstallUpdate dhcp-lease-comment.capsman;
-For local interface:
+For legacy local interface:
$ScriptInstallUpdate dhcp-lease-comment.local;
diff --git a/doc/hotspot-to-wpa.md b/doc/hotspot-to-wpa.md
index 2630694..4909eef 100644
--- a/doc/hotspot-to-wpa.md
+++ b/doc/hotspot-to-wpa.md
@@ -19,24 +19,35 @@ Requirements and installation
You need a properly configured hotspot on one (open) SSID and a WP2 enabled
SSID with suffix "`-wpa`".
-Then install the script:
+Then install the script. Depending on whether you use `wifiwave2` package
+(`/interface/wifiwave2`) or legacy wifi with CAPsMAN (`/caps-man`) you need
+to install a different script and set it as `on-login` script in hotspot.
- $ScriptInstallUpdate hotspot-to-wpa;
+For `wifiwave2`:
-Configure your hotspot to use this script as `on-login` script:
+ $ScriptInstallUpdate hotspot-to-wpa.wifiwave2;
+ /ip/hotspot/user/profile/set on-login="hotspot-to-wpa.wifiwave2" [ find ];
- /ip/hotspot/user/profile/set on-login=hotspot-to-wpa [ find ];
+For legacy CAPsMAN:
+
+ $ScriptInstallUpdate hotspot-to-wpa.capsman;
+ /ip/hotspot/user/profile/set on-login="hotspot-to-wpa.capsman" [ find ];
### Automatic cleanup
With just `hotspot-to-wpa` installed the mac addresses will last in the
-access list forever. Install the optional script for automatic cleanup:
+access list forever. Install the optional script for automatic cleanup
+and add a scheduler.
+
+For `wifiwave2`:
- $ScriptInstallUpdate hotspot-to-wpa-cleanup,lease-script;
+ $ScriptInstallUpdate hotspot-to-wpa-cleanup.wifiwave2,lease-script;
+ /system/scheduler/add interval=1d name=hotspot-to-wpa-cleanup on-event="/system/script/run hotspot-to-wpa-cleanup.wifiwave2;" start-time=startup;
-Create a scheduler:
+For legacy CAPsMAN:
- /system/scheduler/add interval=1d name=hotspot-to-wpa-cleanup on-event="/system/script/run hotspot-to-wpa-cleanup;" start-time=startup;
+ $ScriptInstallUpdate hotspot-to-wpa-cleanup.capsman,lease-script;
+ /system/scheduler/add interval=1d name=hotspot-to-wpa-cleanup on-event="/system/script/run hotspot-to-wpa-cleanup.capsman;" start-time=startup;
And add the lease script and matcher comment to your wpa interfaces' dhcp
server. You can add more information to the comment, separated by comma. In
@@ -74,7 +85,12 @@ Additionally templates can be created to give more options for access list:
* `vlan-id`: connect device to specific VLAN
* `vlan-mode`: set the VLAN mode for device
-For a hotspot called `example` the template could look like this:
+For a hotspot called `example` the template could look like this. For
+`wifiwave2`:
+
+ /interface/wifiwave2/access-list/add comment="hotspot-to-wpa template example" disabled=yes private-passphrase="ignore" ssid-regexp="^example\$" vlan-id=10;
+
+For legacy CAPsMAN:
/caps-man/access-list/add comment="hotspot-to-wpa template example" disabled=yes private-passphrase="ignore" ssid-regexp="^example\$" vlan-id=10 vlan-mode=use-tag;
diff --git a/global-functions.rsc b/global-functions.rsc
index e317af9..b9b20ee 100644
--- a/global-functions.rsc
+++ b/global-functions.rsc
@@ -12,7 +12,7 @@
:local 0 "global-functions";
# expected configuration version
-:global ExpectedConfigVersion 103;
+:global ExpectedConfigVersion 104;
# global variables not to be changed by user
:global GlobalFunctionsReady false;
diff --git a/hotspot-to-wpa-cleanup.capsman.rsc b/hotspot-to-wpa-cleanup.capsman.rsc
new file mode 100644
index 0000000..5bded2c
--- /dev/null
+++ b/hotspot-to-wpa-cleanup.capsman.rsc
@@ -0,0 +1,68 @@
+#!rsc by RouterOS
+# RouterOS script: hotspot-to-wpa-cleanup.capsman
+# Copyright (c) 2021-2023 Christian Hesse <mail@eworm.de>
+# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md
+#
+# provides: lease-script, order=80
+#
+# manage and clean up private WPA passphrase after hotspot login
+# https://git.eworm.de/cgit/routeros-scripts/about/doc/hotspot-to-wpa.md
+#
+# !! Do not edit this file, it is generated from template!
+
+:local 0 "hotspot-to-wpa-cleanup.capsman";
+:global GlobalFunctionsReady;
+:while ($GlobalFunctionsReady != true) do={ :delay 500ms; }
+
+:global EitherOr;
+:global LogPrintExit2;
+:global ParseKeyValueStore;
+:global ScriptLock;
+
+$ScriptLock $0 false 10;
+
+:local DHCPServers ({});
+:foreach Server in=[ /ip/dhcp-server/find where comment~"hotspot-to-wpa" ] do={
+ :local ServerVal [ /ip/dhcp-server/get $Server ]
+ :local ServerInfo [ $ParseKeyValueStore ($ServerVal->"comment") ];
+ :if (($ServerInfo->"hotspot-to-wpa") = "wpa") do={
+ :set ($DHCPServers->($ServerVal->"name")) \
+ [ :totime [ $EitherOr ($ServerInfo->"timeout") 4w ] ];
+ }
+}
+
+:foreach Client in=[ /caps-man/registration-table/find where comment~"^hotspot-to-wpa:" ] do={
+ :local ClientVal [ /caps-man/registration-table/get $Client ];
+ :foreach Lease in=[ /ip/dhcp-server/lease/find where dynamic \
+ mac-address=($ClientVal->"mac-address") ] do={
+ :if (($DHCPServers->[ /ip/dhcp-server/lease/get $Lease server ]) > 0s) do={
+ $LogPrintExit2 info $0 ("Client with mac address " . ($ClientVal->"mac-address") . \
+ " connected to WPA, making lease static.") false;
+ /ip/dhcp-server/lease/make-static $Lease;
+ /ip/dhcp-server/lease/set comment=($ClientVal->"comment") $Lease;
+ }
+ }
+}
+
+:foreach Client in=[ /caps-man/access-list/find where comment~"^hotspot-to-wpa:" \
+ !(comment~[ /system/clock/get date ]) ] do={
+ :local ClientVal [ /caps-man/access-list/get $Client ];
+ :if ([ :len [ /ip/dhcp-server/lease/find where !dynamic comment~"^hotspot-to-wpa:" \
+ mac-address=($ClientVal->"mac-address") ] ] = 0) do={
+ $LogPrintExit2 info $0 ("Client with mac address " . ($ClientVal->"mac-address") . \
+ " did not connect to WPA, removing from access list.") false;
+ /caps-man/access-list/remove $Client;
+ }
+}
+
+:foreach Server,Timeout in=$DHCPServers do={
+ :foreach Lease in=[ /ip/dhcp-server/lease/find where !dynamic status="waiting" \
+ server=$Server last-seen>$Timeout comment~"^hotspot-to-wpa:" ] do={
+ :local LeaseVal [ /ip/dhcp-server/lease/get $Lease ];
+ $LogPrintExit2 info $0 ("Client with mac address " . ($LeaseVal->"mac-address") . \
+ " was not seen for " . $Timeout . ", removing.") false;
+ /caps-man/access-list/remove [ find where comment~"^hotspot-to-wpa:" \
+ mac-address=($LeaseVal->"mac-address") ];
+ /ip/dhcp-server/lease/remove $Lease;
+ }
+}
diff --git a/hotspot-to-wpa-cleanup.rsc b/hotspot-to-wpa-cleanup.rsc
index adb0abb..2da00ca 100644
--- a/hotspot-to-wpa-cleanup.rsc
+++ b/hotspot-to-wpa-cleanup.rsc
@@ -1,66 +1,3 @@
#!rsc by RouterOS
-# RouterOS script: hotspot-to-wpa-cleanup
-# Copyright (c) 2021-2023 Christian Hesse <mail@eworm.de>
-# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md
#
-# provides: lease-script, order=80
-#
-# manage and clean up private WPA passphrase after hotspot login
-# https://git.eworm.de/cgit/routeros-scripts/about/doc/hotspot-to-wpa.md
-
-:local 0 "hotspot-to-wpa-cleanup";
-:global GlobalFunctionsReady;
-:while ($GlobalFunctionsReady != true) do={ :delay 500ms; }
-
-:global EitherOr;
-:global LogPrintExit2;
-:global ParseKeyValueStore;
-:global ScriptLock;
-
-$ScriptLock $0 false 10;
-
-:local DHCPServers ({});
-:foreach Server in=[ /ip/dhcp-server/find where comment~"hotspot-to-wpa" ] do={
- :local ServerVal [ /ip/dhcp-server/get $Server ]
- :local ServerInfo [ $ParseKeyValueStore ($ServerVal->"comment") ];
- :if (($ServerInfo->"hotspot-to-wpa") = "wpa") do={
- :set ($DHCPServers->($ServerVal->"name")) \
- [ :totime [ $EitherOr ($ServerInfo->"timeout") 4w ] ];
- }
-}
-
-:foreach Client in=[ /caps-man/registration-table/find where comment~"^hotspot-to-wpa:" ] do={
- :local ClientVal [ /caps-man/registration-table/get $Client ];
- :foreach Lease in=[ /ip/dhcp-server/lease/find where dynamic \
- mac-address=($ClientVal->"mac-address") ] do={
- :if (($DHCPServers->[ /ip/dhcp-server/lease/get $Lease server ]) > 0s) do={
- $LogPrintExit2 info $0 ("Client with mac address " . ($ClientVal->"mac-address") . \
- " connected to WPA, making lease static.") false;
- /ip/dhcp-server/lease/make-static $Lease;
- /ip/dhcp-server/lease/set comment=($ClientVal->"comment") $Lease;
- }
- }
-}
-
-:foreach Client in=[ /caps-man/access-list/find where comment~"^hotspot-to-wpa:" \
- !(comment~[ /system/clock/get date ]) ] do={
- :local ClientVal [ /caps-man/access-list/get $Client ];
- :if ([ :len [ /ip/dhcp-server/lease/find where !dynamic comment~"^hotspot-to-wpa:" \
- mac-address=($ClientVal->"mac-address") ] ] = 0) do={
- $LogPrintExit2 info $0 ("Client with mac address " . ($ClientVal->"mac-address") . \
- " did not connect to WPA, removing from access list.") false;
- /caps-man/access-list/remove $Client;
- }
-}
-
-:foreach Server,Timeout in=$DHCPServers do={
- :foreach Lease in=[ /ip/dhcp-server/lease/find where !dynamic status="waiting" \
- server=$Server last-seen>$Timeout comment~"^hotspot-to-wpa:" ] do={
- :local LeaseVal [ /ip/dhcp-server/lease/get $Lease ];
- $LogPrintExit2 info $0 ("Client with mac address " . ($LeaseVal->"mac-address") . \
- " was not seen for " . $Timeout . ", removing.") false;
- /caps-man/access-list/remove [ find where comment~"^hotspot-to-wpa:" \
- mac-address=($LeaseVal->"mac-address") ];
- /ip/dhcp-server/lease/remove $Lease;
- }
-}
+# dummy for migration
diff --git a/hotspot-to-wpa-cleanup.template.rsc b/hotspot-to-wpa-cleanup.template.rsc
new file mode 100644
index 0000000..38313d9
--- /dev/null
+++ b/hotspot-to-wpa-cleanup.template.rsc
@@ -0,0 +1,75 @@
+#!rsc by RouterOS
+# RouterOS script: hotspot-to-wpa-cleanup%TEMPL%
+# Copyright (c) 2021-2023 Christian Hesse <mail@eworm.de>
+# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md
+#
+# provides: lease-script, order=80
+#
+# manage and clean up private WPA passphrase after hotspot login
+# https://git.eworm.de/cgit/routeros-scripts/about/doc/hotspot-to-wpa.md
+#
+# !! This is just a template to generate the real script!
+# !! Pattern '%TEMPL%' is replaced, paths are filtered.
+
+:local 0 "hotspot-to-wpa-cleanup%TEMPL%";
+:global GlobalFunctionsReady;
+:while ($GlobalFunctionsReady != true) do={ :delay 500ms; }
+
+:global EitherOr;
+:global LogPrintExit2;
+:global ParseKeyValueStore;
+:global ScriptLock;
+
+$ScriptLock $0 false 10;
+
+:local DHCPServers ({});
+:foreach Server in=[ /ip/dhcp-server/find where comment~"hotspot-to-wpa" ] do={
+ :local ServerVal [ /ip/dhcp-server/get $Server ]
+ :local ServerInfo [ $ParseKeyValueStore ($ServerVal->"comment") ];
+ :if (($ServerInfo->"hotspot-to-wpa") = "wpa") do={
+ :set ($DHCPServers->($ServerVal->"name")) \
+ [ :totime [ $EitherOr ($ServerInfo->"timeout") 4w ] ];
+ }
+}
+
+:foreach Client in=[ /caps-man/registration-table/find where comment~"^hotspot-to-wpa:" ] do={
+:foreach Client in=[ /interface/wifiwave2/registration-table/find where comment~"^hotspot-to-wpa:" ] do={
+ :local ClientVal [ /caps-man/registration-table/get $Client ];
+ :local ClientVal [ /interface/wifiwave2/registration-table/get $Client ];
+ :foreach Lease in=[ /ip/dhcp-server/lease/find where dynamic \
+ mac-address=($ClientVal->"mac-address") ] do={
+ :if (($DHCPServers->[ /ip/dhcp-server/lease/get $Lease server ]) > 0s) do={
+ $LogPrintExit2 info $0 ("Client with mac address " . ($ClientVal->"mac-address") . \
+ " connected to WPA, making lease static.") false;
+ /ip/dhcp-server/lease/make-static $Lease;
+ /ip/dhcp-server/lease/set comment=($ClientVal->"comment") $Lease;
+ }
+ }
+}
+
+:foreach Client in=[ /caps-man/access-list/find where comment~"^hotspot-to-wpa:" \
+:foreach Client in=[ /interface/wifiwave2/access-list/find where comment~"^hotspot-to-wpa:" \
+ !(comment~[ /system/clock/get date ]) ] do={
+ :local ClientVal [ /caps-man/access-list/get $Client ];
+ :local ClientVal [ /interface/wifiwave2/access-list/get $Client ];
+ :if ([ :len [ /ip/dhcp-server/lease/find where !dynamic comment~"^hotspot-to-wpa:" \
+ mac-address=($ClientVal->"mac-address") ] ] = 0) do={
+ $LogPrintExit2 info $0 ("Client with mac address " . ($ClientVal->"mac-address") . \
+ " did not connect to WPA, removing from access list.") false;
+ /caps-man/access-list/remove $Client;
+ /interface/wifiwave2/access-list/remove $Client;
+ }
+}
+
+:foreach Server,Timeout in=$DHCPServers do={
+ :foreach Lease in=[ /ip/dhcp-server/lease/find where !dynamic status="waiting" \
+ server=$Server last-seen>$Timeout comment~"^hotspot-to-wpa:" ] do={
+ :local LeaseVal [ /ip/dhcp-server/lease/get $Lease ];
+ $LogPrintExit2 info $0 ("Client with mac address " . ($LeaseVal->"mac-address") . \
+ " was not seen for " . $Timeout . ", removing.") false;
+ /caps-man/access-list/remove [ find where comment~"^hotspot-to-wpa:" \
+ /interface/wifiwave2/access-list/remove [ find where comment~"^hotspot-to-wpa:" \
+ mac-address=($LeaseVal->"mac-address") ];
+ /ip/dhcp-server/lease/remove $Lease;
+ }
+}
diff --git a/hotspot-to-wpa-cleanup.wifiwave2.rsc b/hotspot-to-wpa-cleanup.wifiwave2.rsc
new file mode 100644
index 0000000..a8ba34c
--- /dev/null
+++ b/hotspot-to-wpa-cleanup.wifiwave2.rsc
@@ -0,0 +1,68 @@
+#!rsc by RouterOS
+# RouterOS script: hotspot-to-wpa-cleanup.wifiwave2
+# Copyright (c) 2021-2023 Christian Hesse <mail@eworm.de>
+# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md
+#
+# provides: lease-script, order=80
+#
+# manage and clean up private WPA passphrase after hotspot login
+# https://git.eworm.de/cgit/routeros-scripts/about/doc/hotspot-to-wpa.md
+#
+# !! Do not edit this file, it is generated from template!
+
+:local 0 "hotspot-to-wpa-cleanup.wifiwave2";
+:global GlobalFunctionsReady;
+:while ($GlobalFunctionsReady != true) do={ :delay 500ms; }
+
+:global EitherOr;
+:global LogPrintExit2;
+:global ParseKeyValueStore;
+:global ScriptLock;
+
+$ScriptLock $0 false 10;
+
+:local DHCPServers ({});
+:foreach Server in=[ /ip/dhcp-server/find where comment~"hotspot-to-wpa" ] do={
+ :local ServerVal [ /ip/dhcp-server/get $Server ]
+ :local ServerInfo [ $ParseKeyValueStore ($ServerVal->"comment") ];
+ :if (($ServerInfo->"hotspot-to-wpa") = "wpa") do={
+ :set ($DHCPServers->($ServerVal->"name")) \
+ [ :totime [ $EitherOr ($ServerInfo->"timeout") 4w ] ];
+ }
+}
+
+:foreach Client in=[ /interface/wifiwave2/registration-table/find where comment~"^hotspot-to-wpa:" ] do={
+ :local ClientVal [ /interface/wifiwave2/registration-table/get $Client ];
+ :foreach Lease in=[ /ip/dhcp-server/lease/find where dynamic \
+ mac-address=($ClientVal->"mac-address") ] do={
+ :if (($DHCPServers->[ /ip/dhcp-server/lease/get $Lease server ]) > 0s) do={
+ $LogPrintExit2 info $0 ("Client with mac address " . ($ClientVal->"mac-address") . \
+ " connected to WPA, making lease static.") false;
+ /ip/dhcp-server/lease/make-static $Lease;
+ /ip/dhcp-server/lease/set comment=($ClientVal->"comment") $Lease;
+ }
+ }
+}
+
+:foreach Client in=[ /interface/wifiwave2/access-list/find where comment~"^hotspot-to-wpa:" \
+ !(comment~[ /system/clock/get date ]) ] do={
+ :local ClientVal [ /interface/wifiwave2/access-list/get $Client ];
+ :if ([ :len [ /ip/dhcp-server/lease/find where !dynamic comment~"^hotspot-to-wpa:" \
+ mac-address=($ClientVal->"mac-address") ] ] = 0) do={
+ $LogPrintExit2 info $0 ("Client with mac address " . ($ClientVal->"mac-address") . \
+ " did not connect to WPA, removing from access list.") false;
+ /interface/wifiwave2/access-list/remove $Client;
+ }
+}
+
+:foreach Server,Timeout in=$DHCPServers do={
+ :foreach Lease in=[ /ip/dhcp-server/lease/find where !dynamic status="waiting" \
+ server=$Server last-seen>$Timeout comment~"^hotspot-to-wpa:" ] do={
+ :local LeaseVal [ /ip/dhcp-server/lease/get $Lease ];
+ $LogPrintExit2 info $0 ("Client with mac address " . ($LeaseVal->"mac-address") . \
+ " was not seen for " . $Timeout . ", removing.") false;
+ /interface/wifiwave2/access-list/remove [ find where comment~"^hotspot-to-wpa:" \
+ mac-address=($LeaseVal->"mac-address") ];
+ /ip/dhcp-server/lease/remove $Lease;
+ }
+}
diff --git a/hotspot-to-wpa.capsman.rsc b/hotspot-to-wpa.capsman.rsc
new file mode 100644
index 0000000..a7ebafb
--- /dev/null
+++ b/hotspot-to-wpa.capsman.rsc
@@ -0,0 +1,89 @@
+#!rsc by RouterOS
+# RouterOS script: hotspot-to-wpa.capsman
+# Copyright (c) 2019-2023 Christian Hesse <mail@eworm.de>
+# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md
+#
+# add private WPA passphrase after hotspot login
+# https://git.eworm.de/cgit/routeros-scripts/about/doc/hotspot-to-wpa.md
+#
+# !! Do not edit this file, it is generated from template!
+
+:local 0 "hotspot-to-wpa.capsman";
+:global GlobalFunctionsReady;
+:while ($GlobalFunctionsReady != true) do={ :delay 500ms; }
+
+:global EitherOr;
+:global LogPrintExit2;
+:global ParseKeyValueStore;
+:global ScriptLock;
+
+$ScriptLock $0;
+
+:local MacAddress $"mac-address";
+:local UserName $username;
+
+:if ([ :typeof $MacAddress ] = "nothing" || [ :typeof $UserName ] = "nothing") do={
+ $LogPrintExit2 error $0 ("This script is supposed to run from hotspot on login.") true;
+}
+
+:local Date [ /system/clock/get date ];
+:local UserVal ({});
+:if ([ :len [ /ip/hotspot/user/find where name=$UserName ] ] > 0) do={
+ :set UserVal [ /ip/hotspot/user/get [ find where name=$UserName ] ];
+}
+:local UserInfo [ $ParseKeyValueStore ($UserVal->"comment") ];
+:local Hotspot [ /ip/hotspot/host/get [ find where mac-address=$MacAddress authorized ] server ];
+
+:if ([ :len [ /caps-man/access-list/find where comment="--- hotspot-to-wpa above ---" disabled ] ] = 0) do={
+ /caps-man/access-list/add comment="--- hotspot-to-wpa above ---" disabled=yes;
+ $LogPrintExit2 warning $0 ("Added disabled access-list entry with comment '--- hotspot-to-wpa above ---'.") false;
+}
+:local PlaceBefore ([ /caps-man/access-list/find where comment="--- hotspot-to-wpa above ---" disabled ]->0);
+
+:if ([ :len [ /caps-man/access-list/find where \
+ comment=("hotspot-to-wpa template " . $Hotspot) disabled ] ] = 0) do={
+ /caps-man/access-list/add comment=("hotspot-to-wpa template " . $Hotspot) disabled=yes place-before=$PlaceBefore;
+ $LogPrintExit2 warning $0 ("Added template in access-list for hotspot '" . $Hotspot . "'.") false;
+}
+:local Template [ /caps-man/access-list/get ([ find where \
+ comment=("hotspot-to-wpa template " . $Hotspot) disabled ]->0) ];
+
+:if ($Template->"action" = "reject") do={
+ $LogPrintExit2 info $0 ("Ignoring login for hotspot '" . $Hotspot . "'.") true;
+}
+
+# allow login page to load
+:delay 1s;
+
+$LogPrintExit2 info $0 ("Adding/updating access-list entry for mac address " . $MacAddress . \
+ " (user " . $UserName . ").") false;
+/caps-man/access-list/remove [ find where mac-address=$MacAddress comment~"^hotspot-to-wpa: " ];
+/caps-man/access-list/add private-passphrase=($UserVal->"password") ssid-regexp="-wpa\$" \
+ mac-address=$MacAddress comment=("hotspot-to-wpa: " . $UserName . ", " . $MacAddress . ", " . $Date) \
+ action=reject place-before=$PlaceBefore;
+
+:local Entry [ /caps-man/access-list/find where mac-address=$MacAddress \
+ comment=("hotspot-to-wpa: " . $UserName . ", " . $MacAddress . ", " . $Date) ];
+:local PrivatePassphrase [ $EitherOr ($UserInfo->"private-passphrase") ($Template->"private-passphrase") ];
+:if ([ :len $PrivatePassphrase ] > 0) do={
+ :if ($PrivatePassphrase = "ignore") do={
+ /caps-man/access-list/set $Entry !private-passphrase;
+ } else={
+ /caps-man/access-list/set $Entry private-passphrase=$PrivatePassphrase;
+ }
+}
+:local SsidRegexp [ $EitherOr ($UserInfo->"ssid-regexp") ($Template->"ssid-regexp") ];
+:if ([ :len $SsidRegexp ] > 0) do={
+ /caps-man/access-list/set $Entry ssid-regexp=$SsidRegexp;
+}
+:local VlanId [ $EitherOr ($UserInfo->"vlan-id") ($Template->"vlan-id") ];
+:if ([ :len $VlanId ] > 0) do={
+ /caps-man/access-list/set $Entry vlan-id=$VlanId;
+}
+:local VlanMode [ $EitherOr ($UserInfo->"vlan-mode") ($Template->"vlan-mode") ];
+:if ([ :len $VlanMode] > 0) do={
+ /caps-man/access-list/set $Entry vlan-mode=$VlanMode;
+}
+
+:delay 2s;
+/caps-man/access-list/set $Entry action=accept;
diff --git a/hotspot-to-wpa.rsc b/hotspot-to-wpa.rsc
index 35d4fa5..2da00ca 100644
--- a/hotspot-to-wpa.rsc
+++ b/hotspot-to-wpa.rsc
@@ -1,87 +1,3 @@
#!rsc by RouterOS
-# RouterOS script: hotspot-to-wpa
-# Copyright (c) 2019-2023 Christian Hesse <mail@eworm.de>
-# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md
#
-# add private WPA passphrase after hotspot login
-# https://git.eworm.de/cgit/routeros-scripts/about/doc/hotspot-to-wpa.md
-
-:local 0 "hotspot-to-wpa";
-:global GlobalFunctionsReady;
-:while ($GlobalFunctionsReady != true) do={ :delay 500ms; }
-
-:global EitherOr;
-:global LogPrintExit2;
-:global ParseKeyValueStore;
-:global ScriptLock;
-
-$ScriptLock $0;
-
-:local MacAddress $"mac-address";
-:local UserName $username;
-
-:if ([ :typeof $MacAddress ] = "nothing" || [ :typeof $UserName ] = "nothing") do={
- $LogPrintExit2 error $0 ("This script is supposed to run from hotspot on login.") true;
-}
-
-:local Date [ /system/clock/get date ];
-:local UserVal ({});
-:if ([ :len [ /ip/hotspot/user/find where name=$UserName ] ] > 0) do={
- :set UserVal [ /ip/hotspot/user/get [ find where name=$UserName ] ];
-}
-:local UserInfo [ $ParseKeyValueStore ($UserVal->"comment") ];
-:local Hotspot [ /ip/hotspot/host/get [ find where mac-address=$MacAddress authorized ] server ];
-
-:if ([ :len [ /caps-man/access-list/find where comment="--- hotspot-to-wpa above ---" disabled ] ] = 0) do={
- /caps-man/access-list/add comment="--- hotspot-to-wpa above ---" disabled=yes;
- $LogPrintExit2 warning $0 ("Added disabled access-list entry with comment '--- hotspot-to-wpa above ---'.") false;
-}
-:local PlaceBefore ([ /caps-man/access-list/find where comment="--- hotspot-to-wpa above ---" disabled ]->0);
-
-:if ([ :len [ /caps-man/access-list/find where \
- comment=("hotspot-to-wpa template " . $Hotspot) disabled ] ] = 0) do={
- /caps-man/access-list/add comment=("hotspot-to-wpa template " . $Hotspot) disabled=yes place-before=$PlaceBefore;
- $LogPrintExit2 warning $0 ("Added template in access-list for hotspot '" . $Hotspot . "'.") false;
-}
-:local Template [ /caps-man/access-list/get ([ find where \
- comment=("hotspot-to-wpa template " . $Hotspot) disabled ]->0) ];
-
-:if ($Template->"action" = "reject") do={
- $LogPrintExit2 info $0 ("Ignoring login for hotspot '" . $Hotspot . "'.") true;
-}
-
-# allow login page to load
-:delay 1s;
-
-$LogPrintExit2 info $0 ("Adding/updating access-list entry for mac address " . $MacAddress . \
- " (user " . $UserName . ").") false;
-/caps-man/access-list/remove [ find where mac-address=$MacAddress comment~"^hotspot-to-wpa: " ];
-/caps-man/access-list/add comment=("hotspot-to-wpa: " . $UserName . ", " . $MacAddress . ", " . $Date) \
- mac-address=$MacAddress private-passphrase=($UserVal->"password") ssid-regexp="-wpa\$" \
- action=reject place-before=$PlaceBefore;
-
-:local Entry [ /caps-man/access-list/find where mac-address=$MacAddress \
- comment=("hotspot-to-wpa: " . $UserName . ", " . $MacAddress . ", " . $Date) ];
-:local PrivatePassphrase [ $EitherOr ($UserInfo->"private-passphrase") ($Template->"private-passphrase") ];
-:if ([ :len $PrivatePassphrase ] > 0) do={
- :if ($PrivatePassphrase = "ignore") do={
- /caps-man/access-list/set $Entry !private-passphrase;
- } else={
- /caps-man/access-list/set $Entry private-passphrase=$PrivatePassphrase;
- }
-}
-:local SsidRegexp [ $EitherOr ($UserInfo->"ssid-regexp") ($Template->"ssid-regexp") ];
-:if ([ :len $SsidRegexp ] > 0) do={
- /caps-man/access-list/set $Entry ssid-regexp=$SsidRegexp;
-}
-:local VlanId [ $EitherOr ($UserInfo->"vlan-id") ($Template->"vlan-id") ];
-:if ([ :len $VlanId ] > 0) do={
- /caps-man/access-list/set $Entry vlan-id=$VlanId;
-}
-:local VlanMode [ $EitherOr ($UserInfo->"vlan-mode") ($Template->"vlan-mode") ];
-:if ([ :len $VlanMode] > 0) do={
- /caps-man/access-list/set $Entry vlan-mode=$VlanMode;
-}
-
-:delay 2s;
-/caps-man/access-list/set $Entry action=accept;
+# dummy for migration
diff --git a/hotspot-to-wpa.template.rsc b/hotspot-to-wpa.template.rsc
new file mode 100644
index 0000000..f465722
--- /dev/null
+++ b/hotspot-to-wpa.template.rsc
@@ -0,0 +1,110 @@
+#!rsc by RouterOS
+# RouterOS script: hotspot-to-wpa%TEMPL%
+# Copyright (c) 2019-2023 Christian Hesse <mail@eworm.de>
+# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md
+#
+# add private WPA passphrase after hotspot login
+# https://git.eworm.de/cgit/routeros-scripts/about/doc/hotspot-to-wpa.md
+#
+# !! This is just a template to generate the real script!
+# !! Pattern '%TEMPL%' is replaced, paths are filtered.
+
+:local 0 "hotspot-to-wpa%TEMPL%";
+:global GlobalFunctionsReady;
+:while ($GlobalFunctionsReady != true) do={ :delay 500ms; }
+
+:global EitherOr;
+:global LogPrintExit2;
+:global ParseKeyValueStore;
+:global ScriptLock;
+
+$ScriptLock $0;
+
+:local MacAddress $"mac-address";
+:local UserName $username;
+
+:if ([ :typeof $MacAddress ] = "nothing" || [ :typeof $UserName ] = "nothing") do={
+ $LogPrintExit2 error $0 ("This script is supposed to run from hotspot on login.") true;
+}
+
+:local Date [ /system/clock/get date ];
+:local UserVal ({});
+:if ([ :len [ /ip/hotspot/user/find where name=$UserName ] ] > 0) do={
+ :set UserVal [ /ip/hotspot/user/get [ find where name=$UserName ] ];
+}
+:local UserInfo [ $ParseKeyValueStore ($UserVal->"comment") ];
+:local Hotspot [ /ip/hotspot/host/get [ find where mac-address=$MacAddress authorized ] server ];
+
+:if ([ :len [ /caps-man/access-list/find where comment="--- hotspot-to-wpa above ---" disabled ] ] = 0) do={
+:if ([ :len [ /interface/wifiwave2/access-list/find where comment="--- hotspot-to-wpa above ---" disabled ] ] = 0) do={
+ /caps-man/access-list/add comment="--- hotspot-to-wpa above ---" disabled=yes;
+ /interface/wifiwave2/access-list/add comment="--- hotspot-to-wpa above ---" disabled=yes;
+ $LogPrintExit2 warning $0 ("Added disabled access-list entry with comment '--- hotspot-to-wpa above ---'.") false;
+}
+:local PlaceBefore ([ /caps-man/access-list/find where comment="--- hotspot-to-wpa above ---" disabled ]->0);
+:local PlaceBefore ([ /interface/wifiwave2/access-list/find where comment="--- hotspot-to-wpa above ---" disabled ]->0);
+
+:if ([ :len [ /caps-man/access-list/find where \
+:if ([ :len [ /interface/wifiwave2/access-list/find where \
+ comment=("hotspot-to-wpa template " . $Hotspot) disabled ] ] = 0) do={
+ /caps-man/access-list/add comment=("hotspot-to-wpa template " . $Hotspot) disabled=yes place-before=$PlaceBefore;
+ /interface/wifiwave2/access-list/add comment=("hotspot-to-wpa template " . $Hotspot) disabled=yes place-before=$PlaceBefore;
+ $LogPrintExit2 warning $0 ("Added template in access-list for hotspot '" . $Hotspot . "'.") false;
+}
+:local Template [ /caps-man/access-list/get ([ find where \
+:local Template [ /interface/wifiwave2/access-list/get ([ find where \
+ comment=("hotspot-to-wpa template " . $Hotspot) disabled ]->0) ];
+
+:if ($Template->"action" = "reject") do={
+ $LogPrintExit2 info $0 ("Ignoring login for hotspot '" . $Hotspot . "'.") true;
+}
+
+# allow login page to load
+:delay 1s;
+
+$LogPrintExit2 info $0 ("Adding/updating access-list entry for mac address " . $MacAddress . \
+ " (user " . $UserName . ").") false;
+/caps-man/access-list/remove [ find where mac-address=$MacAddress comment~"^hotspot-to-wpa: " ];
+/interface/wifiwave2/access-list/remove [ find where mac-address=$MacAddress comment~"^hotspot-to-wpa: " ];
+/caps-man/access-list/add private-passphrase=($UserVal->"password") ssid-regexp="-wpa\$" \
+/interface/wifiwave2/access-list/add passphrase=($UserVal->"password") ssid-regexp="-wpa\$" \
+ mac-address=$MacAddress comment=("hotspot-to-wpa: " . $UserName . ", " . $MacAddress . ", " . $Date) \
+ action=reject place-before=$PlaceBefore;
+
+:local Entry [ /caps-man/access-list/find where mac-address=$MacAddress \
+:local Entry [ /interface/wifiwave2/access-list/find where mac-address=$MacAddress \
+ comment=("hotspot-to-wpa: " . $UserName . ", " . $MacAddress . ", " . $Date) ];
+# NOT /caps-man #
+:set ($Template->"private-passphrase") ($Template->"passphrase");
+# NOT /caps-man #
+:local PrivatePassphrase [ $EitherOr ($UserInfo->"private-passphrase") ($Template->"private-passphrase") ];
+:if ([ :len $PrivatePassphrase ] > 0) do={
+ :if ($PrivatePassphrase = "ignore") do={
+ /caps-man/access-list/set $Entry !private-passphrase;
+ /interface/wifiwave2/access-list/set $Entry !passphrase;
+ } else={
+ /caps-man/access-list/set $Entry private-passphrase=$PrivatePassphrase;
+ /interface/wifiwave2/access-list/set $Entry passphrase=$PrivatePassphrase;
+ }
+}
+:local SsidRegexp [ $EitherOr ($UserInfo->"ssid-regexp") ($Template->"ssid-regexp") ];
+:if ([ :len $SsidRegexp ] > 0) do={
+ /caps-man/access-list/set $Entry ssid-regexp=$SsidRegexp;
+ /interface/wifiwave2/access-list/set $Entry ssid-regexp=$SsidRegexp;
+}
+:local VlanId [ $EitherOr ($UserInfo->"vlan-id") ($Template->"vlan-id") ];
+:if ([ :len $VlanId ] > 0) do={
+ /caps-man/access-list/set $Entry vlan-id=$VlanId;
+ /interface/wifiwave2/access-list/set $Entry vlan-id=$VlanId;
+}
+# NOT /interface/wifiwave2 #
+:local VlanMode [ $EitherOr ($UserInfo->"vlan-mode") ($Template->"vlan-mode") ];
+:if ([ :len $VlanMode] > 0) do={
+ /caps-man/access-list/set $Entry vlan-mode=$VlanMode;
+ /interface/wifiwave2/access-list/set $Entry vlan-mode=$VlanMode;
+}
+# NOT /interface/wifiwave2 #
+
+:delay 2s;
+/caps-man/access-list/set $Entry action=accept;
+/interface/wifiwave2/access-list/set $Entry action=accept;
diff --git a/hotspot-to-wpa.wifiwave2.rsc b/hotspot-to-wpa.wifiwave2.rsc
new file mode 100644
index 0000000..ea44a9d
--- /dev/null
+++ b/hotspot-to-wpa.wifiwave2.rsc
@@ -0,0 +1,86 @@
+#!rsc by RouterOS
+# RouterOS script: hotspot-to-wpa.wifiwave2
+# Copyright (c) 2019-2023 Christian Hesse <mail@eworm.de>
+# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md
+#
+# add private WPA passphrase after hotspot login
+# https://git.eworm.de/cgit/routeros-scripts/about/doc/hotspot-to-wpa.md
+#
+# !! Do not edit this file, it is generated from template!
+
+:local 0 "hotspot-to-wpa.wifiwave2";
+:global GlobalFunctionsReady;
+:while ($GlobalFunctionsReady != true) do={ :delay 500ms; }
+
+:global EitherOr;
+:global LogPrintExit2;
+:global ParseKeyValueStore;
+:global ScriptLock;
+
+$ScriptLock $0;
+
+:local MacAddress $"mac-address";
+:local UserName $username;
+
+:if ([ :typeof $MacAddress ] = "nothing" || [ :typeof $UserName ] = "nothing") do={
+ $LogPrintExit2 error $0 ("This script is supposed to run from hotspot on login.") true;
+}
+
+:local Date [ /system/clock/get date ];
+:local UserVal ({});
+:if ([ :len [ /ip/hotspot/user/find where name=$UserName ] ] > 0) do={
+ :set UserVal [ /ip/hotspot/user/get [ find where name=$UserName ] ];
+}
+:local UserInfo [ $ParseKeyValueStore ($UserVal->"comment") ];
+:local Hotspot [ /ip/hotspot/host/get [ find where mac-address=$MacAddress authorized ] server ];
+
+:if ([ :len [ /interface/wifiwave2/access-list/find where comment="--- hotspot-to-wpa above ---" disabled ] ] = 0) do={
+ /interface/wifiwave2/access-list/add comment="--- hotspot-to-wpa above ---" disabled=yes;
+ $LogPrintExit2 warning $0 ("Added disabled access-list entry with comment '--- hotspot-to-wpa above ---'.") false;
+}
+:local PlaceBefore ([ /interface/wifiwave2/access-list/find where comment="--- hotspot-to-wpa above ---" disabled ]->0);
+
+:if ([ :len [ /interface/wifiwave2/access-list/find where \
+ comment=("hotspot-to-wpa template " . $Hotspot) disabled ] ] = 0) do={
+ /interface/wifiwave2/access-list/add comment=("hotspot-to-wpa template " . $Hotspot) disabled=yes place-before=$PlaceBefore;
+ $LogPrintExit2 warning $0 ("Added template in access-list for hotspot '" . $Hotspot . "'.") false;
+}
+:local Template [ /interface/wifiwave2/access-list/get ([ find where \
+ comment=("hotspot-to-wpa template " . $Hotspot) disabled ]->0) ];
+
+:if ($Template->"action" = "reject") do={
+ $LogPrintExit2 info $0 ("Ignoring login for hotspot '" . $Hotspot . "'.") true;
+}
+
+# allow login page to load
+:delay 1s;
+
+$LogPrintExit2 info $0 ("Adding/updating access-list entry for mac address " . $MacAddress . \
+ " (user " . $UserName . ").") false;
+/interface/wifiwave2/access-list/remove [ find where mac-address=$MacAddress comment~"^hotspot-to-wpa: " ];
+/interface/wifiwave2/access-list/add passphrase=($UserVal->"password") ssid-regexp="-wpa\$" \
+ mac-address=$MacAddress comment=("hotspot-to-wpa: " . $UserName . ", " . $MacAddress . ", " . $Date) \
+ action=reject place-before=$PlaceBefore;
+
+:local Entry [ /interface/wifiwave2/access-list/find where mac-address=$MacAddress \
+ comment=("hotspot-to-wpa: " . $UserName . ", " . $MacAddress . ", " . $Date) ];
+:set ($Template->"private-passphrase") ($Template->"passphrase");
+:local PrivatePassphrase [ $EitherOr ($UserInfo->"private-passphrase") ($Template->"private-passphrase") ];
+:if ([ :len $PrivatePassphrase ] > 0) do={
+ :if ($PrivatePassphrase = "ignore") do={
+ /interface/wifiwave2/access-list/set $Entry !passphrase;
+ } else={
+ /interface/wifiwave2/access-list/set $Entry passphrase=$PrivatePassphrase;
+ }
+}
+:local SsidRegexp [ $EitherOr ($UserInfo->"ssid-regexp") ($Template->"ssid-regexp") ];
+:if ([ :len $SsidRegexp ] > 0) do={
+ /interface/wifiwave2/access-list/set $Entry ssid-regexp=$SsidRegexp;
+}
+:local VlanId [ $EitherOr ($UserInfo->"vlan-id") ($Template->"vlan-id") ];
+:if ([ :len $VlanId ] > 0) do={
+ /interface/wifiwave2/access-list/set $Entry vlan-id=$VlanId;
+}
+
+:delay 2s;
+/interface/wifiwave2/access-list/set $Entry action=accept;
diff --git a/news-and-changes.rsc b/news-and-changes.rsc
index 572f431..7ac56f8 100644
--- a/news-and-changes.rsc
+++ b/news-and-changes.rsc
@@ -17,10 +17,12 @@
101="Introduced new script 'fw-addr-lists' to download, import and update firewall address-lists.";
102="Modified 'hotspot-to-wpa' to support non-local (radius) users.";
103="Dropped hard-coded name and timeout from 'hotspot-to-wpa-cleanup', instead a comment is required for dhcp server now.";
+ 104="All relevant scripts were ported to new wifiwave2 and are available for AX devices now!";
};
# Migration steps to be applied on script updates
:global GlobalConfigMigration {
97=":local Rec [ /ip/dns/static/find where comment~\"^managed by dhcp-to-dns for \" ]; :if ([ :len \$Rec ] > 0) do={ /ip/dns/static/remove \$Rec; /system/script/run dhcp-to-dns; }";
100=":global ScriptInstallUpdate; :if ([ :len [ /system/script/find where name=\"ssh-keys-import\" source~\"^#!rsc by RouterOS\\n\" ] ] > 0) do={ /system/script/set name=\"mod/ssh-keys-import\" ssh-keys-import; \$ScriptInstallUpdate; }";
+ 104=":global CharacterReplace; :global ScriptInstallUpdate; :foreach Script in={ \"capsman-download-packages\"; \"capsman-rolling-upgrade\"; \"hotspot-to-wpa\"; \"hotspot-to-wpa-cleanup\" } do={ /system/script/set name=(\$Script . \".capsman\") [ find where name=\$Script ]; :foreach Scheduler in=[ /system/scheduler/find where on-event~(\$Script . \"([^-.]|\\\$)\") ] do={ /system/scheduler/set \$Scheduler on-event=[ \$CharacterReplace [ get \$Scheduler on-event ] \$Script (\$Script . \".capsman\") ]; }; }; /ip/hotspot/user/profile/set on-login=\"hotspot-to-wpa.capsman\" [ find where on-login=\"hotspot-to-wpa\" ]; \$ScriptInstallUpdate;";
};