Age | Commit message (Expand) | Author | Files | Lines |
2021-03-21 | check-certificates: be more verbose when attempting to renew | Christian Hesse | 1 | -0/+1 |
2021-02-24 | check-certificates: silence fetch | Christian Hesse | 1 | -1/+1 |
2021-02-24 | global: give script or function name in log messages | Christian Hesse | 1 | -12/+13 |
2021-02-18 | global: drop script 'global-wait'•••All scripts wait for the global functions on their own now.
change-44 | Christian Hesse | 1 | -0/+3 |
2021-02-16 | global-functions: drop support for attachment in notification e-mail | Christian Hesse | 1 | -1/+1 |
2021-01-11 | check-certificates: complete certificate renewal time•••With a modified certificate renewal time may have failed if the new
certificate was not found.
| Christian Hesse | 1 | -1/+1 |
2021-01-11 | check-certificates: do not renew if loosing private key | Christian Hesse | 1 | -0/+5 |
2021-01-11 | check-certificates: show info on private key | Christian Hesse | 1 | -0/+2 |
2021-01-01 | update copyright for 2021 | Christian Hesse | 1 | -1/+1 |
2020-12-18 | check-certificates: make the certificate renewal time configurablechange-40 | Christian Hesse | 1 | -1/+2 |
2020-11-26 | global-functions: clickable links in telegram notifications | Christian Hesse | 1 | -1/+1 |
2020-11-13 | check-certificates: decrease log severity to info | Christian Hesse | 1 | -2/+2 |
2020-09-18 | extend magic pattern with "by RouterOS"•••This matches the string included in export.
| Christian Hesse | 1 | -1/+1 |
2020-09-06 | check-certificates: do not notify with missing validity period | Christian Hesse | 1 | -1/+1 |
2020-09-01 | check-certificates: better check for non-empty value | Christian Hesse | 1 | -1/+1 |
2020-08-26 | [ ... print count-only ...] -> [ :len [ ... find ... ] ]•••Using 'print count-only' always prints a number to terminal, even if the
value is evaluated in a condition or assigned to a variable. This can be
quite annoying. Behavior will not chance (SUP-25503), so replacing the
code...
| Christian Hesse | 1 | -1/+1 |
2020-08-21 | check-certificates: wait to be fully connected | Christian Hesse | 1 | -4/+2 |
2020-08-21 | check-certificates: fix usage of function | Christian Hesse | 1 | -1/+1 |
2020-07-17 | check-certificates: add symbol in notification | Christian Hesse | 1 | -2/+3 |
2020-07-16 | check-certificates: use $IfThenElse | Christian Hesse | 1 | -7/+3 |
2020-06-19 | explicitly name the license•••Copyright (C) 2013-2020 Christian Hesse <mail@eworm.de>
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
https://www.gnu.org/licenses/#GPL
https://www.gnu.org/licenses/gpl.html
https://www.gnu.org/licenses/gpl.md
| Christian Hesse | 1 | -0/+1 |
2020-04-24 | check-certificates: exclude issued certificates on SCEP server | Christian Hesse | 1 | -16/+20 |
2020-04-24 | check-certificates: always use parenthesis | Christian Hesse | 1 | -2/+2 |
2020-04-24 | check-certificates: add missing blank | Christian Hesse | 1 | -1/+1 |
2020-04-03 | check-certificates: warn about missing chain | Christian Hesse | 1 | -1/+3 |
2020-04-03 | check-certificates: check and download certificate chain | Christian Hesse | 1 | -0/+3 |
2020-03-27 | add doc/check-certificates.md | Christian Hesse | 1 | -0/+1 |
2020-03-20 | check-certificates: exclude certificates issued by SCEP | Christian Hesse | 1 | -2/+2 |
2020-03-05 | check-certificates: use $LogPrintExit for debug | Christian Hesse | 1 | -5/+5 |
2020-02-28 | global-functions: sort alphabetically | Christian Hesse | 1 | -3/+3 |
2020-02-26 | global-functions: merge $LogAnd{Error,Put} to $LogPrintExit ...•••... and fix logging.
Logging with severity from variable (:log $severity ...) is not
possible, this is considered a syntax error. Also the 'workaround' with
parsing code failed with missing message in log.
The reliable code is a lot longer, so merge the two functions to save a
lot of duplicate code.
| Christian Hesse | 1 | -7/+6 |
2020-02-26 | check-certificates: use $LogAndPut | Christian Hesse | 1 | -2/+3 |
2020-02-26 | check-certificates: use $LogAndError | Christian Hesse | 1 | -2/+1 |
2020-02-26 | global-functions: $LogAndError: add severity | Christian Hesse | 1 | -1/+1 |
2020-02-26 | check-certificates: use $LogAndError | Christian Hesse | 1 | -2/+2 |
2020-02-24 | check-certificates: check for synced time | Christian Hesse | 1 | -0/+6 |
2020-02-06 | check-certificates: rename all certificates by their common names | Christian Hesse | 1 | -0/+5 |
2020-01-01 | update copyright for 2020 | Christian Hesse | 1 | -1/+1 |
2019-11-11 | check-certificates: make renew notification silent | Christian Hesse | 1 | -1/+1 |
2019-07-31 | check-certificates: fix renewing certificate in place | Christian Hesse | 1 | -14/+18 |
2019-07-18 | check-certificates: use $ParseKeyValueStore | Christian Hesse | 1 | -11/+3 |
2019-05-21 | check-certificates: get certificate values into array | Christian Hesse | 1 | -43/+28 |
2019-05-02 | check-certificates: do not try to renew locally issued certificates | Christian Hesse | 1 | -1/+1 |
2019-05-02 | check-certificates: give issuer info on locally issued certificates•••Certificates issued locally do not have an 'issuer' property, but a
'ca' one. Looks like either of both is filled, so just concatenate.
| Christian Hesse | 1 | -1/+2 |
2019-04-30 | global-functions: add $WaitForFile, wait for file on fetch•••The fetch command is asynchronous, the file is not guaranteed to be
available when command terminates.
I opened an issue at Mikrotik support (Ticket#2019041722004999),
their answer:
> You should perform a check in a loop.
> :delay until file exist
>
> That can happen also with any configuration not just files.
So add a function to wait for a file with given name.
I have not seen this with other configuration, though.
| Christian Hesse | 1 | -1/+4 |
2019-04-11 | check-certificates: make sure fingerprint is a string•••This makes sure the condition below works for certificate templates,
which do not have a fingerprint.
| Christian Hesse | 1 | -1/+1 |
2019-04-11 | check-certificates: do not send notification for templates | Christian Hesse | 1 | -1/+1 |
2019-04-11 | check-certificates: always return a string in $GetIssuerCN | Christian Hesse | 1 | -0/+1 |
2019-04-10 | check-certificates: add url encoding for certificate download | Christian Hesse | 1 | -4/+6 |
2019-04-10 | check-certificates: try to fetch PEM and P12 file | Christian Hesse | 1 | -4/+10 |
2019-04-10 | check-certificates: use full path...•••... to make sure syntax does not break if package is not installed.
| Christian Hesse | 1 | -3/+3 |
2019-04-10 | check-certificates: just change certificates, no loop | Christian Hesse | 1 | -12/+4 |
2019-04-09 | drop deprecated mode= for fetch | Christian Hesse | 1 | -1/+1 |
2019-04-03 | always write warnings and errors to log | Christian Hesse | 1 | -0/+1 |
2019-04-01 | check-certificates: support multiple passphraseschange-3 | Christian Hesse | 1 | -1/+3 |
2019-03-28 | check-certificates: show remaining time | Christian Hesse | 1 | -8/+16 |
2019-03-25 | check-certificates: update certificates for ipsec identities | Christian Hesse | 1 | -1/+12 |
2019-03-06 | check-certificates: split loop for certificate renew and warning•••This allows to have differnt time values.
| Christian Hesse | 1 | -20/+27 |
2019-01-12 | check-certificates: strip prefix from issuer CN | Christian Hesse | 1 | -1/+1 |
2019-01-12 | check-certificates: properly handle expired certificates | Christian Hesse | 1 | -4/+11 |
2019-01-09 | check-certificates: move conditions to loop | Christian Hesse | 1 | -60/+50 |
2019-01-09 | check-certificates: shorten key for detailed infos | Christian Hesse | 1 | -10/+10 |
2019-01-09 | check-certificates: show issuer CN only | Christian Hesse | 1 | -2/+11 |
2019-01-09 | check-certificates: include the issuer in notifications | Christian Hesse | 1 | -0/+4 |
2019-01-09 | check-certificates: update CommonName after renewal | Christian Hesse | 1 | -0/+1 |
2019-01-09 | check-certificates: use time functionality•••No need to calculate that...
| Christian Hesse | 1 | -25/+10 |
2019-01-09 | check-certificates: send notification on renewal | Christian Hesse | 1 | -8/+18 |
2019-01-09 | check-certificates: drop extra warning•••A sent notification implies that renewal failed.
| Christian Hesse | 1 | -2/+0 |
2019-01-04 | global: variable names are CamelCase••• ___ _ ___ __
/ _ )(_)__ _ / _/__ _/ /_
/ _ / / _ `/ / _/ _ `/ __/
/____/_/\_, / /_/ \_,_/\__/
_ __ /___/ _ __
| | / /___ __________ (_)___ ____ _/ /
| | /| / / __ `/ ___/ __ \/ / __ \/ __ `/ /
| |/ |/ / /_/ / / / / / / / / / / /_/ /_/
|__/|__/\__,_/_/ /_/ /_/_/_/ /_/\__, (_)
/____/
RouterOS has some odd behavior when it comes to variable names. Let's
have a look at the interfaces:
[admin@MikroTik] > / interface print where name=en1
Flags: D - dynamic, X - disabled, R - running, S - slave
# NAME TYPE ACTUAL-MTU L2MTU
0 RS en1 ether 1500 1598
That looks ok. Now we use a script:
{ :local interface "en1";
/ interface print where name=$interface; }
And the result...
[admin@MikroTik] > { :local interface "en1";
{... / interface print where name=$interface; }
Flags: D - dynamic, X - disabled, R - running, S - slave
# NAME TYPE ACTUAL-MTU L2MTU
0 RS en1 ether 1500 1598
... still looks ok.
We make a little modification to the script:
{ :local name "en1";
/ interface print where name=$name; }
And the result:
[admin@MikroTik] > { :local name "en1";
{... / interface print where name=$name; }
Flags: D - dynamic, X - disabled, R - running, S - slave
# NAME TYPE ACTUAL-MTU L2MTU
0 RS en1 ether 1500 1598
1 S en2 ether 1500 1598
2 S en3 ether 1500 1598
3 S en4 ether 1500 1598
4 S en5 ether 1500 1598
5 R br-local bridge 1500 1598
Ups! The filter has no effect!
That happens whenever the variable name ($name) matches the property
name (name=).
And another modification:
{ :local type "en1";
/ interface print where name=$type; }
And the result:
[admin@MikroTik] > { :local type "en1";
{... / interface print where name=$type; }
Flags: D - dynamic, X - disabled, R - running, S - slave
# NAME TYPE ACTUAL-MTU L2MTU
Ups! Nothing?
Even if the variable name ($type) matches whatever property name (type=)
things go wrong.
The answer from MikroTik support (in Ticket#2019010222000454):
> This is how scripting works in RouterOS and we will not fix it.
To get around this we use variable names in CamelCase. Let's hope
Mikrotik never ever introduces property names in CamelCase...
*fingers crossed*
| Christian Hesse | 1 | -47/+46 |
2019-01-02 | update copyright for 2019 | Christian Hesse | 1 | -1/+1 |
2018-12-20 | check-certificates: support auto-renew of certificates | Christian Hesse | 1 | -10/+44 |
2018-11-28 | global-functions: add identity tag in $SendNotification•••... and send subject in telegram message.
| Christian Hesse | 1 | -1/+1 |
2018-10-10 | global: remove unused variables | Christian Hesse | 1 | -2/+0 |
2018-10-09 | check-certificates: use function for notification | Christian Hesse | 1 | -3/+4 |
2018-09-27 | start scripts with a magic token / shebang | Christian Hesse | 1 | -1/+1 |
2018-08-24 | add empty comment at first line...•••... for better formatting in export.
| Christian Hesse | 1 | -0/+1 |
2018-07-05 | add scripts | Christian Hesse | 1 | -0/+52 |