aboutsummaryrefslogtreecommitdiffstats
AgeCommit message (Expand)AuthorFilesLines
2024-01-11netwatch-dns: check DoH server functionality...•••... and try all servers one after another. Gravatar Christian Hesse1-21/+31
2024-01-11netwatch-dns: enable DoH certificate verification...•••... if a certificate is named in configuration. Gravatar Christian Hesse1-1/+3
2024-01-09doc/netwatch-dns: use new certificate for CloudflareGravatar Christian Hesse1-1/+1
2024-01-09certs: add new DigiCert certificates...•••... used by Cloudflare. Gravatar Christian Hesse1-0/+182
2024-01-08global-functions: $CertificateDownload: move delay up•••We still had cases where fetch misbehaves... But this was permanent. Perhaps we should not touch the certificate too early... Gravatar Christian Hesse1-1/+1
2024-01-07check-lte-firmware-upgrade: unbreak terminal detectiono•••This broke with commit 50d7e1fa41b8f8a6a1379de5521798346fd1ae9f... 🫣 Gravatar Christian Hesse1-4/+5
2024-01-05check-lte-firmware-upgrade: fail on empty version stringGravatar Christian Hesse1-0/+5
2024-01-01update copyright for 2024Gravatar Christian Hesse85-85/+85
2023-12-22global-functions: $GetMacVendor: get new certificate•••The service now uses: GTS CA 1P5 -> GTS Root R1 Gravatar Christian Hesse2-1/+239
2023-12-21mod/ssh-keys-import: unbreak import from file•••Looks like this broke in c3045f372350bd8dd0a8f10efb8a4b938e896145 where a non-existent variable name was used. Gravatar Christian Hesse1-1/+1
2023-12-20capsman-download-packages: avaiable packages only...•••... as things became more complicated with 'wifi-qcom*'. Gravatar Christian Hesse3-3/+7
2023-12-20capsman-download-packages: use default set for legacy capsman...•••... as well - now that 'wireless' package has been split from 'routeros' guessing kind of broke. It required several attempts and intermittent errors in logs to get things right. Gravatar Christian Hesse3-55/+16
2023-12-14doc/mode-button: document required type of ledGravatar Christian Hesse1-1/+1
2023-12-13fw-addr-lists: warn on possible truncation•••... as fetch truncates data at about 64kB, reported in SUP-132297. Gravatar Christian Hesse1-0/+5
2023-12-05doc/capsman-download-packages: mention package-pathGravatar Christian Hesse1-1/+5
2023-12-05mention the donation hint...change-116Gravatar Christian Hesse2-1/+8
2023-12-05celebrating ✨⭐ 1.000 stars ⭐✨ on Github!change-115Gravatar Christian Hesse2-1/+4
2023-12-05mod/notification-email: $NotificationFunctions->"email": support hook for sig...•••You can compose your own signature by creating a function: :global NotificationEMailSignature do={ :global EitherOr; :local RouterBoard [ /system/routerboard/get ]; :return ( \ [ $EitherOr ($RouterBoard->"board-name") ($RouterBoard->"model") ] . " s/n " . $RouterBoard->"serial-number" . " | " . \ "RouterOS " . [ /system/package/update/get installed-version ] . " | " . \ "IP " . [ /ip/cloud/get public-address ]); } Gravatar Christian Hesse1-1/+2
2023-12-05check-certificates: properly renew from templateGravatar Christian Hesse1-1/+1
2023-12-05check-certificates: improve wordingGravatar Christian Hesse1-3/+2
2023-12-04check-certificates: add workaround for broken certificates...•••... where the issuer array is borked. Or is this a RouterOS issue? [eworm@carpo] > $InspectVar [ $ParseKeyValueStore [ /certificate/get ISRG-Root-X2 issuer ] ] -type-> array -key-> C -type-> str -value-> US,O=Internet Security Research Group,CN=ISRG Root X2 A good certificate looks like this: [eworm@carpo] > $InspectVar [ $ParseKeyValueStore [ /certificate/get [ find where name~"eworm.net" ] issuer ] ] -type-> array -key-> C -type-> str -value-> US -key-> CN -type-> str -value-> E1 -key-> O -type-> str -value-> Let's Encrypt Gravatar Christian Hesse1-2/+4
2023-12-04check-certificates: prevent infinte loopGravatar Christian Hesse1-1/+2
2023-12-04check-certificates: give full certificate chainGravatar Christian Hesse1-7/+28
2023-12-04check-certificates: fix typo and syntaxGravatar Christian Hesse1-2/+2
2023-12-04mod/notification-email: $QuotedPrintable: also encode question mark•••Following the RFC it is not required, but looks like Thunderbird has an issue here... https://datatracker.ietf.org/doc/html/rfc2045#section-6.7 Gravatar Christian Hesse1-1/+1
2023-12-04mod/notification-email: $QuotedPrintable: minor rework•••We have to encode all characters from 0x00 to 0x1f as well... Also the equal sign is nothing special here, just adding to list. Gravatar Christian Hesse1-10/+11
2023-12-04global-functions: $FormatLine: use $CharacterMultiplyGravatar Christian Hesse1-1/+3
2023-12-04global-functions: $AlignRight: use $CharacterMultiplyGravatar Christian Hesse1-1/+2
2023-12-04global-functions: introduce $CharacterMultiplyGravatar Christian Hesse1-0/+10
2023-12-04global-functions: $DeviceInfo: add SNMP location and contactGravatar Christian Hesse1-1/+6
2023-11-30fw-addr-lists: support timeout per list•••This works with something like this: :global FwAddrLists { "allow"={ { url="https://eworm.de/ros/fw-addr-lists/allow"; cert="E1"; timeout=1w }; }; ... } All urls for one named list should have the same timeout! With different timeout values and identical addresses the behavior is besically undefined, depending on order. Gravatar Christian Hesse2-7/+9
2023-11-30global-functions: introduce $MINGravatar Christian Hesse1-0/+7
2023-11-30global-functions: introduce $MAXGravatar Christian Hesse1-0/+7
2023-11-30global-functions: $SymbolByUnicodeName: rename up-arrow -> arrow-up•••... so arrows are grouped in case we add more. Gravatar Christian Hesse1-1/+1
2023-11-30global-functions: $SymbolForNotification: properly append space to alt textGravatar Christian Hesse1-2/+3
2023-11-27netwatch-dns: get doh host name from static dnsGravatar Christian Hesse2-1/+15
2023-11-23global-functions: introduce $AlignRightGravatar Christian Hesse1-0/+14
2023-11-22telegram-chat: get rid of '.txt' file extensionGravatar Christian Hesse1-3/+3
2023-11-22backup-email: get rid of '.txt' file extensionGravatar Christian Hesse1-4/+4
2023-11-22backup-upload: get rid of '.txt' file extensionGravatar Christian Hesse1-4/+4
2023-11-21packages-update: refuse automatic update to RouterOS 7.13•••... as migration to wireless or wifi package has to be done. Please update manually by running: /system/package/update/install routeros-7.13beta1-3Gravatar Christian Hesse1-0/+5
2023-11-16check-routeros-update: rename scheduler•••This was missing for commit f7c72b6ed96e45bf1fbb54c46ce09e1fccc791be... Gravatar Christian Hesse1-1/+1
2023-11-15drop old files left from migrationGravatar Christian Hesse3-381/+2
2023-11-15check-health: decrease indention in messagesGravatar Christian Hesse1-5/+5
2023-11-15check-health: use $HumanReadableNum for RAM utilizationGravatar Christian Hesse1-3/+4
2023-11-15backup-upload: build file info in a functionGravatar Christian Hesse1-14/+18
2023-11-15backup-upload: give more info on filesGravatar Christian Hesse1-6/+19
2023-11-15backup-cloud: use $HumanReadableNum for file sizeGravatar Christian Hesse1-1/+2
2023-11-15global-functions: introduce $HumanReadableNumGravatar Christian Hesse1-0/+31
2023-11-15Merge branch 'wifi' into nextrouteros-7.13beta1-2Gravatar Christian Hesse26-60/+692
2023-11-15notify about parted scripts for wifi packagechange-114Gravatar Christian Hesse2-1/+2
2023-11-15hotspot-to-wpa{,-cleanup}: support new wifi packageGravatar Christian Hesse5-6/+199
2023-11-15dhcp-lease-comment: support new wifi packageGravatar Christian Hesse3-4/+44
2023-11-15daily-psk: support new wifi packageGravatar Christian Hesse3-7/+109
2023-11-15collect-wireless-mac: support new wifi packageGravatar Christian Hesse3-4/+107
2023-11-15capsman-rolling-upgrade: support new wifi packageGravatar Christian Hesse3-5/+55
2023-11-15capsman-download-packages: support new wifi packageGravatar Christian Hesse3-8/+104
2023-11-15accesslist-duplicates: support new wifi packageGravatar Christian Hesse3-5/+45
2023-11-15Makefile: support new wifi package...•••... introduced with RouterOS 7.13beta1. Gravatar Christian Hesse6-21/+28
2023-11-14Merge branch 'scheduler' into nextrouteros-7.13beta1-1Gravatar Christian Hesse6-26/+26
2023-11-14mod/notification-telegram: rename schedulerGravatar Christian Hesse1-5/+5
2023-11-14mod/notification-ntfy: rename schedulerGravatar Christian Hesse1-5/+5
2023-11-14mod/notification-matrix: rename schedulerGravatar Christian Hesse1-5/+5
2023-11-14mod/notification-email: rename schedulerGravatar Christian Hesse1-4/+4
2023-11-14packages-update: rename schedulerGravatar Christian Hesse1-2/+2
2023-11-14mode-button: rename schedulerGravatar Christian Hesse1-5/+5
2023-11-14capsman-rolling-upgrade: update template commentGravatar Christian Hesse1-2/+2
2023-11-14capsman-download-packages: update template commentGravatar Christian Hesse1-2/+2
2023-11-14doc/collect-wireless-mac: fix copy-and-paste errorGravatar Christian Hesse1-1/+1
2023-11-14doc/capsman-download-packages: hint on cleanupGravatar Christian Hesse1-0/+3
2023-11-14hotspot-to-wpa: drop dead codeGravatar Christian Hesse1-1/+0
2023-11-09global-functions: drop $Read•••... which is no longer required now that RouterOS 7.12beta1 provides /terminal/ask. Gravatar Christian Hesse1-6/+0
2023-11-09doc/accesslist-duplicates: reference stable versionGravatar Christian Hesse1-1/+1
2023-11-09accesslist-duplicates: use /terminal/ask•••This was introduced in RouterOS 7.12beta1. routeros-7.12beta1-4Gravatar Christian Hesse5-16/+18
2023-11-09mod/notification-matrix: introduce $SetupMatrix{Authenticate,JoinRoom} for setup•••Well, now that we have a JSON parser... Let's improve the user experience a bit. change-113Gravatar Christian Hesse9-40/+115
2023-11-09doc/mod/notification-telegram: end all commands with a semicolonGravatar Christian Hesse1-2/+2
2023-11-09doc/mod/notification-ntfy: end all commands with a semicolonGravatar Christian Hesse1-2/+2
2023-11-09doc/mod/notification-matrix: end all commands with a semicolonGravatar Christian Hesse1-2/+2
2023-11-09doc/mod/notification-email: end all commands with a semicolonGravatar Christian Hesse1-2/+2
2023-11-09doc/mod/ssh-keys-import: reference stable versionGravatar Christian Hesse1-1/+1
2023-11-09mod/ssh-keys-import: continue import after intermediate failureGravatar Christian Hesse1-1/+5
2023-11-09mod/ssh-keys-import: do not import twiceGravatar Christian Hesse1-0/+7
2023-11-09mod/ssh-keys-import: drop the version check for ed25519 keys...•••... now that we require RouterOS 7.12beta1 anyway. routeros-7.12beta1-3Gravatar Christian Hesse1-4/+2
2023-11-09mod/ssh-keys-import: calculate fingerprint...•••... and store it in key-owner, which is descriptive only. This requires RouterOS 7.12beta1 for the 'transform' property for ':convert' command. routeros-7.12beta1-2change-112Gravatar Christian Hesse4-3/+15
2023-11-07mod/ssh-keys-import: parse key into arrayGravatar Christian Hesse1-8/+10
2023-11-07README: print name with proplist for certificate verificationGravatar Christian Hesse2-3/+4
2023-11-07README: reference stable versionGravatar Christian Hesse1-1/+1
2023-11-07global-functions: $ParseDate: drop code for old format...•••... and increase required RouterOS. We should probably wait some time before merging this: Even current versions have some hidden places with old format: [admin@MikroTik] > /system/resource/print [...] version: 7.10.2 (stable) build-time: Jul/12/2023 09:45:11 [...] (Though this is written with capital letter and fails anyway...) Something similar goes for `/ip/neighbor`, where format depends on remote devices. Does anybody need to parse this? routeros-7.10beta5-2Gravatar Christian Hesse2-11/+2
2023-10-27netwatch-notify: match on word boundaryGravatar Christian Hesse1-1/+1
2023-10-27netwatch-dns: match on word boundaryGravatar Christian Hesse1-2/+2
2023-10-27dhcp-to-dns: prepare string 'mac in server'Gravatar Christian Hesse1-15/+11
2023-10-27dhcp-to-dns: prepare full names for A and CNAME recordsGravatar Christian Hesse1-14/+16
2023-10-27dhcp-to-dns: info on mac address bound multiple timeGravatar Christian Hesse1-0/+3
2023-10-27dhcp-to-dns: warn on duplicate namesGravatar Christian Hesse1-0/+5
2023-10-27dhcp-to-dns: allow multiple records for one mac address•••Now that we can have differnt name suffixes via networks it makes sense to allow multiple records for one mac address. Also update the wording for messages... change-111Gravatar Christian Hesse3-25/+34
2023-10-27global-functions: introduce $LogPrintOnce•••This does work just like $LogPrintExit2, except it acts just *once* for each message, until device is rebooted. Gravatar Christian Hesse1-0/+23
2023-10-26README: explain sensitive propertyGravatar Christian Hesse1-0/+3
2023-10-26global: switch eworm.de to new certificate chain (E1 / ISRG Root X2)•••old chain: R3 / ISRG Root X1 new chain: E1 / ISRG Root X2 No user interaction or migration is required for existing installations as we install 'E1' and 'ISRG Root X2' for some time already. Gravatar Christian Hesse9-142/+15
2023-10-25global-functions: $ParseJson: prevent infinite loop...•••... which could happen on corrupted or truncated input. Gravatar Christian Hesse1-2/+4
2023-10-24check-health: reverse logic for RAM (free -> utilization)...•••... to bring it in sync with CPU utilization. Also make the output more verbose, at least for the warning. ---- ✂️ ---- 🗃️📈️ Health warning: RAM utilization The RAM utilization on MikroTik is at 81%! total: 64 MiB used: 52 MiB free: 11 MiB ---- ✂️ ---- 🗃️📉️ Health recovery: RAM utilization The RAM utilization on MikroTik decreased to 65%. ---- ✂️ ---- Gravatar Christian Hesse6-19/+20