Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2024-01-16 | README: set script owner on initial creation | Christian Hesse | 1 | -1/+1 | |
2024-01-15 | netwatch-dns: check DoH server with fetch | Christian Hesse | 1 | -15/+25 | |
This way we do not have to configure possibly non-functional servers to check. The query is for doh-check.eworm.de of type TXT, the expected answer is 'doh-check-OK'. % dig TXT doh-check.eworm.de +https @1.1.1.1 ; <<>> DiG 9.18.21 <<>> TXT doh-check.eworm.de +https @1.1.1.1 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 42226 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 1232 ;; QUESTION SECTION: ;doh-check.eworm.de. IN TXT ;; ANSWER SECTION: doh-check.eworm.de. 63791 IN TXT "doh-check-OK" ;; Query time: 16 msec ;; SERVER: 1.1.1.1#443(1.1.1.1) (HTTPS) ;; WHEN: Mon Jan 15 13:55:36 CET 2024 ;; MSG SIZE rcvd: 72 | |||||
2024-01-11 | netwatch-dns: check DoH server functionality... | Christian Hesse | 1 | -21/+31 | |
... and try all servers one after another. | |||||
2024-01-11 | netwatch-dns: enable DoH certificate verification... | Christian Hesse | 1 | -1/+3 | |
... if a certificate is named in configuration. | |||||
2024-01-09 | doc/netwatch-dns: use new certificate for Cloudflare | Christian Hesse | 1 | -1/+1 | |
2024-01-09 | certs: add new DigiCert certificates... | Christian Hesse | 1 | -0/+182 | |
... used by Cloudflare. | |||||
2024-01-08 | global-functions: $CertificateDownload: move delay up | Christian Hesse | 1 | -1/+1 | |
We still had cases where fetch misbehaves... But this was permanent. Perhaps we should not touch the certificate too early... | |||||
2024-01-07 | check-lte-firmware-upgrade: unbreak terminal detectiono | Christian Hesse | 1 | -4/+5 | |
This broke with commit 50d7e1fa41b8f8a6a1379de5521798346fd1ae9f... 🫣 | |||||
2024-01-05 | check-lte-firmware-upgrade: fail on empty version string | Christian Hesse | 1 | -0/+5 | |
2024-01-01 | update copyright for 2024 | Christian Hesse | 85 | -85/+85 | |
2023-12-22 | global-functions: $GetMacVendor: get new certificate | Christian Hesse | 2 | -1/+239 | |
The service now uses: GTS CA 1P5 -> GTS Root R1 | |||||
2023-12-21 | mod/ssh-keys-import: unbreak import from file | Christian Hesse | 1 | -1/+1 | |
Looks like this broke in c3045f372350bd8dd0a8f10efb8a4b938e896145 where a non-existent variable name was used. | |||||
2023-12-20 | capsman-download-packages: avaiable packages only... | Christian Hesse | 3 | -3/+7 | |
... as things became more complicated with 'wifi-qcom*'. | |||||
2023-12-20 | capsman-download-packages: use default set for legacy capsman... | Christian Hesse | 3 | -55/+16 | |
... as well - now that 'wireless' package has been split from 'routeros' guessing kind of broke. It required several attempts and intermittent errors in logs to get things right. | |||||
2023-12-14 | doc/mode-button: document required type of led | Christian Hesse | 1 | -1/+1 | |
2023-12-13 | fw-addr-lists: warn on possible truncation | Christian Hesse | 1 | -0/+5 | |
... as fetch truncates data at about 64kB, reported in SUP-132297. | |||||
2023-12-05 | doc/capsman-download-packages: mention package-path | Christian Hesse | 1 | -1/+5 | |
2023-12-05 | mention the donation hint...change-116 | Christian Hesse | 2 | -1/+8 | |
2023-12-05 | celebrating ✨⭐ 1.000 stars ⭐✨ on Github!change-115 | Christian Hesse | 2 | -1/+4 | |
2023-12-05 | mod/notification-email: $NotificationFunctions->"email": support hook for ↵ | Christian Hesse | 1 | -1/+2 | |
signature You can compose your own signature by creating a function: :global NotificationEMailSignature do={ :global EitherOr; :local RouterBoard [ /system/routerboard/get ]; :return ( \ [ $EitherOr ($RouterBoard->"board-name") ($RouterBoard->"model") ] . " s/n " . $RouterBoard->"serial-number" . " | " . \ "RouterOS " . [ /system/package/update/get installed-version ] . " | " . \ "IP " . [ /ip/cloud/get public-address ]); } | |||||
2023-12-05 | check-certificates: properly renew from template | Christian Hesse | 1 | -1/+1 | |
2023-12-05 | check-certificates: improve wording | Christian Hesse | 1 | -3/+2 | |
2023-12-04 | check-certificates: add workaround for broken certificates... | Christian Hesse | 1 | -2/+4 | |
... where the issuer array is borked. Or is this a RouterOS issue? [eworm@carpo] > $InspectVar [ $ParseKeyValueStore [ /certificate/get ISRG-Root-X2 issuer ] ] -type-> array -key-> C -type-> str -value-> US,O=Internet Security Research Group,CN=ISRG Root X2 A good certificate looks like this: [eworm@carpo] > $InspectVar [ $ParseKeyValueStore [ /certificate/get [ find where name~"eworm.net" ] issuer ] ] -type-> array -key-> C -type-> str -value-> US -key-> CN -type-> str -value-> E1 -key-> O -type-> str -value-> Let's Encrypt | |||||
2023-12-04 | check-certificates: prevent infinte loop | Christian Hesse | 1 | -1/+2 | |
2023-12-04 | check-certificates: give full certificate chain | Christian Hesse | 1 | -7/+28 | |
2023-12-04 | check-certificates: fix typo and syntax | Christian Hesse | 1 | -2/+2 | |
2023-12-04 | mod/notification-email: $QuotedPrintable: also encode question mark | Christian Hesse | 1 | -1/+1 | |
Following the RFC it is not required, but looks like Thunderbird has an issue here... https://datatracker.ietf.org/doc/html/rfc2045#section-6.7 | |||||
2023-12-04 | mod/notification-email: $QuotedPrintable: minor rework | Christian Hesse | 1 | -10/+11 | |
We have to encode all characters from 0x00 to 0x1f as well... Also the equal sign is nothing special here, just adding to list. | |||||
2023-12-04 | global-functions: $FormatLine: use $CharacterMultiply | Christian Hesse | 1 | -1/+3 | |
2023-12-04 | global-functions: $AlignRight: use $CharacterMultiply | Christian Hesse | 1 | -1/+2 | |
2023-12-04 | global-functions: introduce $CharacterMultiply | Christian Hesse | 1 | -0/+10 | |
2023-12-04 | global-functions: $DeviceInfo: add SNMP location and contact | Christian Hesse | 1 | -1/+6 | |
2023-11-30 | fw-addr-lists: support timeout per list | Christian Hesse | 2 | -7/+9 | |
This works with something like this: :global FwAddrLists { "allow"={ { url="https://eworm.de/ros/fw-addr-lists/allow"; cert="E1"; timeout=1w }; }; ... } All urls for one named list should have the same timeout! With different timeout values and identical addresses the behavior is besically undefined, depending on order. | |||||
2023-11-30 | global-functions: introduce $MIN | Christian Hesse | 1 | -0/+7 | |
2023-11-30 | global-functions: introduce $MAX | Christian Hesse | 1 | -0/+7 | |
2023-11-30 | global-functions: $SymbolByUnicodeName: rename up-arrow -> arrow-up | Christian Hesse | 1 | -1/+1 | |
... so arrows are grouped in case we add more. | |||||
2023-11-30 | global-functions: $SymbolForNotification: properly append space to alt text | Christian Hesse | 1 | -2/+3 | |
2023-11-27 | netwatch-dns: get doh host name from static dns | Christian Hesse | 2 | -1/+15 | |
2023-11-23 | global-functions: introduce $AlignRight | Christian Hesse | 1 | -0/+14 | |
2023-11-22 | telegram-chat: get rid of '.txt' file extension | Christian Hesse | 1 | -3/+3 | |
2023-11-22 | backup-email: get rid of '.txt' file extension | Christian Hesse | 1 | -4/+4 | |
2023-11-22 | backup-upload: get rid of '.txt' file extension | Christian Hesse | 1 | -4/+4 | |
2023-11-21 | packages-update: refuse automatic update to RouterOS 7.13routeros-7.13beta1-3 | Christian Hesse | 1 | -0/+5 | |
... as migration to wireless or wifi package has to be done. Please update manually by running: /system/package/update/install | |||||
2023-11-16 | check-routeros-update: rename scheduler | Christian Hesse | 1 | -1/+1 | |
This was missing for commit f7c72b6ed96e45bf1fbb54c46ce09e1fccc791be... | |||||
2023-11-15 | drop old files left from migration | Christian Hesse | 3 | -381/+2 | |
2023-11-15 | check-health: decrease indention in messages | Christian Hesse | 1 | -5/+5 | |
2023-11-15 | check-health: use $HumanReadableNum for RAM utilization | Christian Hesse | 1 | -3/+4 | |
2023-11-15 | backup-upload: build file info in a function | Christian Hesse | 1 | -14/+18 | |
2023-11-15 | backup-upload: give more info on files | Christian Hesse | 1 | -6/+19 | |
2023-11-15 | backup-cloud: use $HumanReadableNum for file size | Christian Hesse | 1 | -1/+2 | |
2023-11-15 | global-functions: introduce $HumanReadableNum | Christian Hesse | 1 | -0/+31 | |
2023-11-15 | Merge branch 'wifi' into nextrouteros-7.13beta1-2 | Christian Hesse | 26 | -60/+692 | |
2023-11-15 | notify about parted scripts for wifi packagechange-114 | Christian Hesse | 2 | -1/+2 | |
2023-11-15 | hotspot-to-wpa{,-cleanup}: support new wifi package | Christian Hesse | 5 | -6/+199 | |
2023-11-15 | dhcp-lease-comment: support new wifi package | Christian Hesse | 3 | -4/+44 | |
2023-11-15 | daily-psk: support new wifi package | Christian Hesse | 3 | -7/+109 | |
2023-11-15 | collect-wireless-mac: support new wifi package | Christian Hesse | 3 | -4/+107 | |
2023-11-15 | capsman-rolling-upgrade: support new wifi package | Christian Hesse | 3 | -5/+55 | |
2023-11-15 | capsman-download-packages: support new wifi package | Christian Hesse | 3 | -8/+104 | |
2023-11-15 | accesslist-duplicates: support new wifi package | Christian Hesse | 3 | -5/+45 | |
2023-11-15 | Makefile: support new wifi package... | Christian Hesse | 6 | -21/+28 | |
... introduced with RouterOS 7.13beta1. | |||||
2023-11-14 | Merge branch 'scheduler' into nextrouteros-7.13beta1-1 | Christian Hesse | 6 | -26/+26 | |
2023-11-14 | mod/notification-telegram: rename scheduler | Christian Hesse | 1 | -5/+5 | |
2023-11-14 | mod/notification-ntfy: rename scheduler | Christian Hesse | 1 | -5/+5 | |
2023-11-14 | mod/notification-matrix: rename scheduler | Christian Hesse | 1 | -5/+5 | |
2023-11-14 | mod/notification-email: rename scheduler | Christian Hesse | 1 | -4/+4 | |
2023-11-14 | packages-update: rename scheduler | Christian Hesse | 1 | -2/+2 | |
2023-11-14 | mode-button: rename scheduler | Christian Hesse | 1 | -5/+5 | |
2023-11-14 | capsman-rolling-upgrade: update template comment | Christian Hesse | 1 | -2/+2 | |
2023-11-14 | capsman-download-packages: update template comment | Christian Hesse | 1 | -2/+2 | |
2023-11-14 | doc/collect-wireless-mac: fix copy-and-paste error | Christian Hesse | 1 | -1/+1 | |
2023-11-14 | doc/capsman-download-packages: hint on cleanup | Christian Hesse | 1 | -0/+3 | |
2023-11-14 | hotspot-to-wpa: drop dead code | Christian Hesse | 1 | -1/+0 | |
2023-11-09 | global-functions: drop $Read | Christian Hesse | 1 | -6/+0 | |
... which is no longer required now that RouterOS 7.12beta1 provides /terminal/ask. | |||||
2023-11-09 | doc/accesslist-duplicates: reference stable version | Christian Hesse | 1 | -1/+1 | |
2023-11-09 | accesslist-duplicates: use /terminal/askrouteros-7.12beta1-4 | Christian Hesse | 5 | -16/+18 | |
This was introduced in RouterOS 7.12beta1. | |||||
2023-11-09 | mod/notification-matrix: introduce $SetupMatrix{Authenticate,JoinRoom} for setupchange-113 | Christian Hesse | 9 | -40/+115 | |
Well, now that we have a JSON parser... Let's improve the user experience a bit. | |||||
2023-11-09 | doc/mod/notification-telegram: end all commands with a semicolon | Christian Hesse | 1 | -2/+2 | |
2023-11-09 | doc/mod/notification-ntfy: end all commands with a semicolon | Christian Hesse | 1 | -2/+2 | |
2023-11-09 | doc/mod/notification-matrix: end all commands with a semicolon | Christian Hesse | 1 | -2/+2 | |
2023-11-09 | doc/mod/notification-email: end all commands with a semicolon | Christian Hesse | 1 | -2/+2 | |
2023-11-09 | doc/mod/ssh-keys-import: reference stable version | Christian Hesse | 1 | -1/+1 | |
2023-11-09 | mod/ssh-keys-import: continue import after intermediate failure | Christian Hesse | 1 | -1/+5 | |
2023-11-09 | mod/ssh-keys-import: do not import twice | Christian Hesse | 1 | -0/+7 | |
2023-11-09 | mod/ssh-keys-import: drop the version check for ed25519 keys...routeros-7.12beta1-3 | Christian Hesse | 1 | -4/+2 | |
... now that we require RouterOS 7.12beta1 anyway. | |||||
2023-11-09 | mod/ssh-keys-import: calculate fingerprint...routeros-7.12beta1-2change-112 | Christian Hesse | 4 | -3/+15 | |
... and store it in key-owner, which is descriptive only. This requires RouterOS 7.12beta1 for the 'transform' property for ':convert' command. | |||||
2023-11-07 | mod/ssh-keys-import: parse key into array | Christian Hesse | 1 | -8/+10 | |
2023-11-07 | README: print name with proplist for certificate verification | Christian Hesse | 2 | -3/+4 | |
2023-11-07 | README: reference stable version | Christian Hesse | 1 | -1/+1 | |
2023-11-07 | global-functions: $ParseDate: drop code for old format...routeros-7.10beta5-2 | Christian Hesse | 2 | -11/+2 | |
... and increase required RouterOS. We should probably wait some time before merging this: Even current versions have some hidden places with old format: [admin@MikroTik] > /system/resource/print [...] version: 7.10.2 (stable) build-time: Jul/12/2023 09:45:11 [...] (Though this is written with capital letter and fails anyway...) Something similar goes for `/ip/neighbor`, where format depends on remote devices. Does anybody need to parse this? | |||||
2023-10-27 | netwatch-notify: match on word boundary | Christian Hesse | 1 | -1/+1 | |
2023-10-27 | netwatch-dns: match on word boundary | Christian Hesse | 1 | -2/+2 | |
2023-10-27 | dhcp-to-dns: prepare string 'mac in server' | Christian Hesse | 1 | -15/+11 | |
2023-10-27 | dhcp-to-dns: prepare full names for A and CNAME records | Christian Hesse | 1 | -14/+16 | |
2023-10-27 | dhcp-to-dns: info on mac address bound multiple time | Christian Hesse | 1 | -0/+3 | |
2023-10-27 | dhcp-to-dns: warn on duplicate names | Christian Hesse | 1 | -0/+5 | |
2023-10-27 | dhcp-to-dns: allow multiple records for one mac addresschange-111 | Christian Hesse | 3 | -25/+34 | |
Now that we can have differnt name suffixes via networks it makes sense to allow multiple records for one mac address. Also update the wording for messages... | |||||
2023-10-27 | global-functions: introduce $LogPrintOnce | Christian Hesse | 1 | -0/+23 | |
This does work just like $LogPrintExit2, except it acts just *once* for each message, until device is rebooted. | |||||
2023-10-26 | README: explain sensitive property | Christian Hesse | 1 | -0/+3 | |
2023-10-26 | global: switch eworm.de to new certificate chain (E1 / ISRG Root X2) | Christian Hesse | 9 | -142/+15 | |
old chain: R3 / ISRG Root X1 new chain: E1 / ISRG Root X2 No user interaction or migration is required for existing installations as we install 'E1' and 'ISRG Root X2' for some time already. |