From 1d580c39f9c31c6d0bde8ee8c1ad92bdc0322ffa Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 27 Mar 2020 21:38:28 +0100 Subject: drop doc/template.md --- doc/template.md | 46 ---------------------------------------------- 1 file changed, 46 deletions(-) delete mode 100644 doc/template.md diff --git a/doc/template.md b/doc/template.md deleted file mode 100644 index bc86c32..0000000 --- a/doc/template.md +++ /dev/null @@ -1,46 +0,0 @@ -Script `template` -================= - -[◀ Go back to main README](../README.md) - -Description ------------ - -Short description... - -In detail ---------- - -Get all the details... - -Requirements and installation ------------------------------ - -We need... - -... then we install: - - [admin@MikroTik] > / system script add name=template - [admin@MikroTik] > / system script run script-updates - -Configuration -------------- - -The configuration goes to `global-config`, These are the parameters: - -* ... - -Usage and invocation --------------------- - -This is intended... - -See also --------- - -* [another script](template.md) -* ... - ---- -[◀ Go back to main README](../README.md) -[▲ Go back to top](#top) -- cgit v1.2.3-54-g00ecf From b2f81f7cad319684cb473c503a998caecdf78a71 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 27 Mar 2020 21:39:13 +0100 Subject: add doc/accesslist-duplicates.md --- accesslist-duplicates.capsman | 1 + accesslist-duplicates.local | 1 + accesslist-duplicates.template | 1 + doc/accesslist-duplicates.md | 49 ++++++++++++++++++++++++++++++++++++++++++ 4 files changed, 52 insertions(+) create mode 100644 doc/accesslist-duplicates.md diff --git a/accesslist-duplicates.capsman b/accesslist-duplicates.capsman index e506740..b441c31 100644 --- a/accesslist-duplicates.capsman +++ b/accesslist-duplicates.capsman @@ -3,6 +3,7 @@ # Copyright (c) 2018-2020 Christian Hesse # # print duplicate antries in wireless access list +# https://git.eworm.de/cgit/routeros-scripts/about/doc/accesslist-duplicates.md # # !! Do not edit this file, it is generated from template! diff --git a/accesslist-duplicates.local b/accesslist-duplicates.local index 4b812a5..00d9ae0 100644 --- a/accesslist-duplicates.local +++ b/accesslist-duplicates.local @@ -3,6 +3,7 @@ # Copyright (c) 2018-2020 Christian Hesse # # print duplicate antries in wireless access list +# https://git.eworm.de/cgit/routeros-scripts/about/doc/accesslist-duplicates.md # # !! Do not edit this file, it is generated from template! diff --git a/accesslist-duplicates.template b/accesslist-duplicates.template index 0d1c92c..f527810 100644 --- a/accesslist-duplicates.template +++ b/accesslist-duplicates.template @@ -3,6 +3,7 @@ # Copyright (c) 2018-2020 Christian Hesse # # print duplicate antries in wireless access list +# https://git.eworm.de/cgit/routeros-scripts/about/doc/accesslist-duplicates.md # # !! This is just a template! Replace '%PATH%' with 'caps-man' # !! or 'interface wireless'! diff --git a/doc/accesslist-duplicates.md b/doc/accesslist-duplicates.md new file mode 100644 index 0000000..2189322 --- /dev/null +++ b/doc/accesslist-duplicates.md @@ -0,0 +1,49 @@ +Find and remove access list duplicates +====================================== + +[◀ Go back to main README](../README.md) + +Description +----------- + +This script is supposed to run interactively to find and remove duplicate +entries in wireless access list. + +Requirements and installation +----------------------------- + +Depending on whether you use CAPsMAN (`/ caps-man`) or local wireless +interface (`/ interface wireless`) you need to install a different script. + +For CAPsMAN: + + $ScriptInstallUpdate accesslist-duplicates.capsman; + +For local interface: + + $ScriptInstallUpdate accesslist-duplicates.local; + +Usage and invocation +-------------------- + +Run this script from a terminal: + + [admin@kalyke] > / system script run accesslist-duplicates.local + Flags: X - disabled + 0 ;;; First entry with identical mac address... + mac-address=00:11:22:33:44:55 interface=any signal-range=-120..120 allow-signal-out-of-range=10s authentication=yes forwarding=yes ap-tx-limit=0 client-tx-limit=0 private-algo=none private-key="" private-pre-shared-key="" management-protection-key="" vlan-mode=default vlan-id=1 + + 1 ;;; Second entry with identical mac address... + mac-address=00:11:22:33:44:55 interface=any signal-range=-120..120 allow-signal-out-of-range=10s authentication=yes forwarding=yes ap-tx-limit=0 client-tx-limit=0 private-algo=none private-key="" private-pre-shared-key="" management-protection-key="" vlan-mode=default vlan-id=1 + + Numeric id to remove, any key to skip! + Removing numeric id 1... + +See also +-------- + +* [Collect MAC addresses in wireless access list](collect-wireless-mac.md) + +--- +[◀ Go back to main README](../README.md) +[▲ Go back to top](#top) -- cgit v1.2.3-54-g00ecf From 60a21e11b0611c0330f0da4996c95e994cb1a453 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 27 Mar 2020 21:39:37 +0100 Subject: add doc/bridge-port.md --- bridge-port-to-default | 1 + bridge-port-toggle | 1 + doc/bridge-port.md | 84 ++++++++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 86 insertions(+) create mode 100644 doc/bridge-port.md diff --git a/bridge-port-to-default b/bridge-port-to-default index db7cbdc..409dcb9 100644 --- a/bridge-port-to-default +++ b/bridge-port-to-default @@ -3,6 +3,7 @@ # Copyright (c) 2013-2020 Christian Hesse # # reset bridge ports to default bridge +# https://git.eworm.de/cgit/routeros-scripts/about/doc/bridge-port.md :global BridgePortTo; diff --git a/bridge-port-toggle b/bridge-port-toggle index b6ca4cd..a8ad8ad 100644 --- a/bridge-port-toggle +++ b/bridge-port-toggle @@ -3,6 +3,7 @@ # Copyright (c) 2013-2020 Christian Hesse # # toggle bridge ports between default and alt bridge +# https://git.eworm.de/cgit/routeros-scripts/about/doc/bridge-port.md :global BridgePortTo; diff --git a/doc/bridge-port.md b/doc/bridge-port.md new file mode 100644 index 0000000..2228ac8 --- /dev/null +++ b/doc/bridge-port.md @@ -0,0 +1,84 @@ +Manage ports in bridge +====================== + +[◀ Go back to main README](../README.md) + +Description +----------- + +These scripts are supposed to handle interfaces and switching them from +one bridge to another. + +Requirements and installation +----------------------------- + +Just install the scripts: + + $ScriptInstallUpdate bridge-port-to-default,bridge-port-toggle; + +Configuration +------------- + +The configuration goes to ports' comments (`/ interface bridge port`). + + / interface bridge port add bridge=br-guest comment="default=dhcp-client, alt=br-guest" disabled=yes interface=en1; + / interface bridge port add bridge=br-intern comment="default=br-intern, alt=br-guest" interface=en2; + / interface bridge port add bridge=br-guest comment="default=br-guest, extra=br-extra" interface=en3; + +Also dhcp client can be handled: + + / ip dhcp-client add comment="toggle with bridge port" disabled=no interface=en1; + +There is also global configuration: + +* `BridgePortTo`: specify the configuration to be applied by default + +Install [global-wait](global-wait.md) and add a scheduler to start with +default setup on system startup: + + / system scheduler add name=bridge-port-to-default on-event="/ system script { run global-wait; run bridge-port-to-default; }" start-time=startup; + +Usage and invocation +-------------------- + +The usage examples show what happens with the configuration from above. + +Running the script `bridge-port-to-default` applies all configuration given +with `default=`: + + / system script run bridge-port-to-default; + +For the three interfaces we get this configuration: + +* The special value `dhcp-client` enables the dhcp client for interface `en1`. The bridge port entry is disabled. +* Interface `en2` is put in bridge `br-intern`. +* Interface `en3` is put in bridge `br-guest`. + +Running the script `bridge-port-toggle` toggles to configuration given +with `alt=`: + + / system script run bridge-port-toggle; + +* Interface `en1` is put in bridge `br-guest`, dhcp client for the interface is disabled. +* Interface `en2` is put in bridge `br-guest`. +* Interface `en3` is unchanged, stays in bridge `br-guest`. + +Running the script `bridge-port-toggle` again toggles back to configuration +given with `default=`. + +More configuration can be loaded by setting `BridgePortTo`: + + :set BridgePortTo "extra"; + / system script run bridge-port-to-default; + +* Interfaces `en1` and `en2` are unchanged. +* Interface `en3` is put in bridge `br-intern`. + +See also +-------- + +* [Wait for configuration und functions](global-wait.md) + +--- +[◀ Go back to main README](../README.md) +[▲ Go back to top](#top) -- cgit v1.2.3-54-g00ecf From 74d192cf539df4744e19cfde9d4be085b6564aa8 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 27 Mar 2020 21:40:02 +0100 Subject: add doc/capsman-download-packages.md --- capsman-download-packages | 1 + doc/capsman-download-packages.md | 51 ++++++++++++++++++++++++++++++++++++++++ 2 files changed, 52 insertions(+) create mode 100644 doc/capsman-download-packages.md diff --git a/capsman-download-packages b/capsman-download-packages index c76ceee..de2feb9 100644 --- a/capsman-download-packages +++ b/capsman-download-packages @@ -4,6 +4,7 @@ # Michael Gisbers # # download and cleanup packages for CAP installation from CAPsMAN +# https://git.eworm.de/cgit/routeros-scripts/about/doc/capsman-download-packages.md :global CleanFilePath; :global DownloadPackage; diff --git a/doc/capsman-download-packages.md b/doc/capsman-download-packages.md new file mode 100644 index 0000000..ee4912d --- /dev/null +++ b/doc/capsman-download-packages.md @@ -0,0 +1,51 @@ +Download packages for CAP upgrade from CAPsMAN +============================================= + +[◀ Go back to main README](../README.md) + +Description +----------- + +CAPsMAN can upgrate CAP devices. If CAPsMAN device and CAP device(s) are +differnet architecture you need to store packages for CAP device's +architecture on local storage. + +This script automatically downloads these packages. + +Requirements and installation +----------------------------- + +Just install the script on CAPsMAN device: + + $ScriptInstallUpdate capsman-download-packages; + +Optionally create a scheduler to run after startup, with a delay to ensure +internet connectivity is given: + + / system scheduler add name=capsman-download-packages on-event=":delay 2m; / system script run capsman-download-packages;" start-time=startup; + +Only packages available in older version are downloaded. For initial setup +place the required packages to CAPsMAN package path (see +`/ caps-man manager`). + +Usage and invocation +-------------------- + +Run the script manually: + + / system script run capsman-download-packages; + +... or from scheduler. + +After package download all out-of-date CAP devices are upgraded automatically. +For a rolling upgrade install extra script +[capsman-rolling-upgrade](capsman-rolling-upgrade.md). + +See also +-------- + +* [Run rolling CAP upgrades from CAPsMAN](capsman-rolling-upgrade.md) + +--- +[◀ Go back to main README](../README.md) +[▲ Go back to top](#top) -- cgit v1.2.3-54-g00ecf From 77c1f6fd6324dc909ad4b69bdf4eb2083e4107d0 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 27 Mar 2020 21:40:16 +0100 Subject: add doc/capsman-rolling-upgrade.md --- capsman-rolling-upgrade | 1 + doc/capsman-rolling-upgrade.md | 39 +++++++++++++++++++++++++++++++++++++++ 2 files changed, 40 insertions(+) create mode 100644 doc/capsman-rolling-upgrade.md diff --git a/capsman-rolling-upgrade b/capsman-rolling-upgrade index cedfc47..38843e6 100644 --- a/capsman-rolling-upgrade +++ b/capsman-rolling-upgrade @@ -4,6 +4,7 @@ # Michael Gisbers # # upgrade CAPs one after another +# https://git.eworm.de/cgit/routeros-scripts/about/doc/capsman-rolling-upgrade.md :global ScriptLock; diff --git a/doc/capsman-rolling-upgrade.md b/doc/capsman-rolling-upgrade.md new file mode 100644 index 0000000..e78c87a --- /dev/null +++ b/doc/capsman-rolling-upgrade.md @@ -0,0 +1,39 @@ +Run rolling CAP upgrades from CAPsMAN +===================================== + +[◀ Go back to main README](../README.md) + +Description +----------- + +CAPsMAN can upgrate CAP devices. This script runs a rolling upgrade for +out-of-date CAP devices. The idea is to have just a fraction of devices +reboot at a time, having the others to serve wireless connectivity. + + +Requirements and installation +----------------------------- + +Just install the script: + + $ScriptInstallUpdate capsman-rolling-upgrade; + +Usage and invocation +-------------------- + +This script is intended as an add-on to +[capsman-download-packages](capsman-download-packages.md), being invoked by +that script when required. + +Alternatively run it manually: + + / system script run capsman-rolling-upgrade; + +See also +-------- + +* [Download packages for CAP upgrade from CAPsMAN](capsman-download-packages.md) + +--- +[◀ Go back to main README](../README.md) +[▲ Go back to top](#top) -- cgit v1.2.3-54-g00ecf From d08a342f06e268ef06e49f98e989db4ca26ec946 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 27 Mar 2020 21:40:35 +0100 Subject: add doc/certificate-renew-issued.md --- certificate-renew-issued | 1 + doc/certificate-renew-issued.md | 47 +++++++++++++++++++++++++++++++++++++++++ 2 files changed, 48 insertions(+) create mode 100644 doc/certificate-renew-issued.md diff --git a/certificate-renew-issued b/certificate-renew-issued index d5ff2c8..fe33b93 100644 --- a/certificate-renew-issued +++ b/certificate-renew-issued @@ -3,6 +3,7 @@ # Copyright (c) 2019-2020 Christian Hesse # # renew locally issued certificates +# https://git.eworm.de/cgit/routeros-scripts/about/doc/certificate-renew-issued.md :global CertIssuedExportPass; diff --git a/doc/certificate-renew-issued.md b/doc/certificate-renew-issued.md new file mode 100644 index 0000000..e460ce1 --- /dev/null +++ b/doc/certificate-renew-issued.md @@ -0,0 +1,47 @@ +Renew locally issued certificates +================================= + +[◀ Go back to main README](../README.md) + +Description +----------- + +This script renews certificates issued by a local certificate authority (CA). +Optionally the certificates are exported with individual passphrases for +easy pick-up. + +Requirements and installation +----------------------------- + +Just install the script: + + $ScriptInstallUpdate certificate-renew-issued; + +Configuration +------------- + +The configuration goes to `global-config-overlay`, there is just one +parameter: + +* `CertRenewPass`: an array holding individual passphrases for certificates + +Usage and invocation +-------------------- + +Run the script to renew certificates issued from a local CA. + + / system script run certificate-renew-issued; + +Only scripts with a remaining lifetime of three weeks or less are renewed. +The old certificate is revoked automatically. If a passphrase for a specific +certificate is given in `CertRenewPass` the certificate is exported and +PKCS#12 file (`cert-issued/CN.p12`) can be found on device's storage. + +See also +-------- + +* [Renew certificates and notify on expiration](check-certificates.md) + +--- +[◀ Go back to main README](../README.md) +[▲ Go back to top](#top) -- cgit v1.2.3-54-g00ecf From e962fe91899c169525ea015d702135f0ba10b0e3 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 27 Mar 2020 21:41:18 +0100 Subject: add doc/check-certificates.md --- check-certificates | 1 + doc/check-certificates.md | 52 +++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 53 insertions(+) create mode 100644 doc/check-certificates.md diff --git a/check-certificates b/check-certificates index 350adc7..b9c9075 100644 --- a/check-certificates +++ b/check-certificates @@ -3,6 +3,7 @@ # Copyright (c) 2013-2020 Christian Hesse # # check for certificate validity +# https://git.eworm.de/cgit/routeros-scripts/about/doc/check-certificates.md :global CertRenewPass; :global CertRenewUrl; diff --git a/doc/check-certificates.md b/doc/check-certificates.md new file mode 100644 index 0000000..51ecd14 --- /dev/null +++ b/doc/check-certificates.md @@ -0,0 +1,52 @@ +Renew certificates and notify on expiration +=========================================== + +[◀ Go back to main README](../README.md) + +Description +----------- + +This script tries to download and renew certificates, then notifies about +certificates that are still about to expire. + +Requirements and installation +----------------------------- + +Just install the script: + + $ScriptInstallUpdate check-certificates; + +Configuration +------------- + +The expiry notifications just require notification settings for e-mail and +telegram. + +For automatic download and renewal of certificates you need configuration +in `global-config-overlay`, these are the parameters: + +* `CertRenewPass`: an array of passphrases to try +* `CertRenewUrl`: the url to download certificates from + +Certificates on the web server should be named `CN.pem` (`PEM` format) or +`CN.p12` (`PKCS#12` format). + +Usage and invocation +-------------------- + +Just run the script: + + / system script run check-certificates; + +... or create a scheduler for periodic execution: + + / system scheduler add interval=1d name=check-certificates on-event="/ system script run check-certificates;" start-time=startup; + +See also +-------- + +* [Renew locally issued certificates](certificate-renew-issued.md) + +--- +[◀ Go back to main README](../README.md) +[▲ Go back to top](#top) -- cgit v1.2.3-54-g00ecf From ff867d1b6b20f90e7cd2296c3deeaec68e7e11cb Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 27 Mar 2020 21:41:40 +0100 Subject: add doc/check-health.md --- check-health | 1 + doc/check-health.md | 43 +++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 44 insertions(+) create mode 100644 doc/check-health.md diff --git a/check-health b/check-health index a7ead46..ef9fd23 100644 --- a/check-health +++ b/check-health @@ -3,6 +3,7 @@ # Copyright (c) 2019-2020 Christian Hesse # # check for RouterOS health state +# https://git.eworm.de/cgit/routeros-scripts/about/doc/check-health.md :global CheckHealthLast; :global CheckHealthTemperature; diff --git a/doc/check-health.md b/doc/check-health.md new file mode 100644 index 0000000..37f8e34 --- /dev/null +++ b/doc/check-health.md @@ -0,0 +1,43 @@ +Notify about health state +========================= + +[◀ Go back to main README](../README.md) + +Description +----------- + +This script is run from scheduler periodically, sending notification on +health related events: + +* voltage jumps up or down more than configured threshold +* power supply failed or recovered +* temperature is above or below threshold + +Note that bad initial state will not trigger an event. + +Only sensors available in hardware can be checked. See what your +hardware supports: + + / system health print; + +Requirements and installation +----------------------------- + +Just install the script and create a scheduler: + + $ScriptInstallUpdate check-health; + / system scheduler add interval=1m name=check-health on-event="/ system script run check-health;" start-time=startup; + +Configuration +------------- + +The configuration goes to `global-config-overlay`, These are the parameters: + +* `CheckHealthTemperature`: an array specifying temperature thresholds for sensors +* `CheckHealthVoltagePercent`: percentage value to trigger voltage jumps + +Also notification settings are required for e-mail and telegram. + +--- +[◀ Go back to main README](../README.md) +[▲ Go back to top](#top) -- cgit v1.2.3-54-g00ecf From 969ae57fc2f274ffc03e2870e39ca9a6fb9564ea Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 27 Mar 2020 21:41:56 +0100 Subject: add doc/check-lte-firmware-upgrade.md --- check-lte-firmware-upgrade | 3 ++- doc/check-lte-firmware-upgrade.md | 41 +++++++++++++++++++++++++++++++++++++++ 2 files changed, 43 insertions(+), 1 deletion(-) create mode 100644 doc/check-lte-firmware-upgrade.md diff --git a/check-lte-firmware-upgrade b/check-lte-firmware-upgrade index 101f5e1..6edb6f1 100644 --- a/check-lte-firmware-upgrade +++ b/check-lte-firmware-upgrade @@ -3,6 +3,7 @@ # Copyright (c) 2018-2020 Christian Hesse # # check for LTE firmware upgrade, send notification +# https://git.eworm.de/cgit/routeros-scripts/about/doc/check-lte-firmware-upgrade.md :global Identity; :global SentLteFirmwareUpgradeNotification; @@ -13,7 +14,7 @@ :local IntName [ / interface lte get $Interface name ]; :do { :local Firmware [ / interface lte firmware-upgrade $Interface once as-value ]; - + :if ($SentLteFirmwareUpgradeNotification = ($Firmware->"latest")) do={ :log debug ("Already sent the LTE firmware upgrade notification for version " . \ ($Firmware->"latest") . "."); diff --git a/doc/check-lte-firmware-upgrade.md b/doc/check-lte-firmware-upgrade.md new file mode 100644 index 0000000..c71dee5 --- /dev/null +++ b/doc/check-lte-firmware-upgrade.md @@ -0,0 +1,41 @@ +Notify on LTE firmware upgrade +============================== + +[◀ Go back to main README](../README.md) + +Description +----------- + +This script is run from scheduler periodically, checking for LTE firmware +upgrades. Currently supported LTE hardware: + +* R11e-LTE +* R11e-LTE-US +* R11e-4G +* R11e-LTE6 + +Requirements and installation +----------------------------- + +Just install the script: + + $ScriptInstallUpdate check-lte-firmware-upgrade; + +... and create a scheduler: + + / system scheduler add interval=1d name=check-lte-firmware-upgrade on-event="/ system script run check-lte-firmware-upgrade;" start-time=startup; + +Configuration +------------- + +Notification setting are required for e-mail and telegram. + +See also +-------- + +* [Notify on RouterOS update](check-routeros-update.md) +* [Install LTE firmware upgrade](unattended-lte-firmware-upgrade.md) + +--- +[◀ Go back to main README](../README.md) +[▲ Go back to top](#top) -- cgit v1.2.3-54-g00ecf From c1dcc280289e96d1c0de45b9ead189e31ed75b26 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 27 Mar 2020 21:42:19 +0100 Subject: add doc/check-routeros-update.md --- check-routeros-update | 1 + doc/check-routeros-update.md | 55 ++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 56 insertions(+) create mode 100644 doc/check-routeros-update.md diff --git a/check-routeros-update b/check-routeros-update index e034c0b..3bec07b 100644 --- a/check-routeros-update +++ b/check-routeros-update @@ -3,6 +3,7 @@ # Copyright (c) 2013-2020 Christian Hesse # # check for RouterOS update, send notification and/or install +# https://git.eworm.de/cgit/routeros-scripts/about/doc/check-routeros-update.md :global Identity; :global SafeUpdateUrl; diff --git a/doc/check-routeros-update.md b/doc/check-routeros-update.md new file mode 100644 index 0000000..c94381c --- /dev/null +++ b/doc/check-routeros-update.md @@ -0,0 +1,55 @@ +Notify on RouterOS update +========================= + +[◀ Go back to main README](../README.md) + +Description +----------- + +The primary use of this script is to notify about RouterOS updates. + +Run from a terminal you can start the update process or schedule it. + +Centrally managing update process of several devices is possibly by +specifying versions safe to be updated on a web server. + +Requirements and installation +----------------------------- + +Just install the script: + + $ScriptInstallUpdate check-routeros-update; + +And add a scheduler for automatic update notification: + + / system scheduler add interval=1d name=check-routeros-update on-event="/ system script run check-routeros-update;" start-time=startup; + +Configuration +------------- + +Configuration is required only if you want to control update process with +safe versions from a web server. The configuration goes to +`global-config-overlay`, this is the parameter: + +* `SafeUpdateUrl`: url to check for safe update, the channel (`long-term`, +`stable` or `testing`) is appended + +Usage and invocation +-------------------- + +Be notified when run from scheduler or run it manually: + + / system script run check-routeros-update; + +If an update is found you can install it right away. + +Installing script [packages-update](packages-update.md) gives extra options. + +See also +-------- + +* [Manage system update](packages-update.md) + +--- +[◀ Go back to main README](../README.md) +[▲ Go back to top](#top) -- cgit v1.2.3-54-g00ecf From d1bba48cc7c8f56323f503b632994e5b61f512fe Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 27 Mar 2020 21:42:33 +0100 Subject: add doc/cloud-backup.md --- cloud-backup | 1 + doc/cloud-backup.md | 46 ++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 47 insertions(+) create mode 100644 doc/cloud-backup.md diff --git a/cloud-backup b/cloud-backup index 9a225a2..316a2a4 100644 --- a/cloud-backup +++ b/cloud-backup @@ -3,6 +3,7 @@ # Copyright (c) 2013-2020 Christian Hesse # # upload backup to MikroTik cloud +# https://git.eworm.de/cgit/routeros-scripts/about/doc/cloud-backup.md :global BackupPassword; :global Identity; diff --git a/doc/cloud-backup.md b/doc/cloud-backup.md new file mode 100644 index 0000000..bda1267 --- /dev/null +++ b/doc/cloud-backup.md @@ -0,0 +1,46 @@ +Upload backup to Mikrotik cloud +=============================== + +[◀ Go back to main README](../README.md) + +Description +----------- + +This script uploads [binary backup to Mikrotik cloud](https://wiki.mikrotik.com/wiki/Manual:IP/Cloud#Backup). + +Requirements and installation +----------------------------- + +Just install the script: + + $ScriptInstallUpdate cloud-backup; + +Configuration +------------- + +The configuration goes to `global-config-overlay`, this is the only parameter: + +* `BackupPassword`: password to encrypt the backup with + +Also notification settings are required for e-mail and telegram. + +Usage and invocation +-------------------- + +Just run the script: + + / system script run cloud-backup; + +Creating a scheduler may be an option: + + / system scheduler add interval=1w name=cloud-backup on-event="/ system script run cloud-backup;" start-time=09:20:00; + +See also +-------- + +* [Send backup via e-mail](email-backup.md) +* [Upload backup to server](upload-backup.md) + +--- +[◀ Go back to main README](../README.md) +[▲ Go back to top](#top) -- cgit v1.2.3-54-g00ecf From 79e7b3229fcfb91c9cca0f7118aafc8dd0c60f37 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 27 Mar 2020 21:43:01 +0100 Subject: add doc/collect-wireless-mac.md --- collect-wireless-mac.capsman | 1 + collect-wireless-mac.local | 1 + collect-wireless-mac.template | 1 + doc/collect-wireless-mac.md | 54 +++++++++++++++++++++++++++++++++++++++++++ 4 files changed, 57 insertions(+) create mode 100644 doc/collect-wireless-mac.md diff --git a/collect-wireless-mac.capsman b/collect-wireless-mac.capsman index 95e46a2..c89ea19 100644 --- a/collect-wireless-mac.capsman +++ b/collect-wireless-mac.capsman @@ -3,6 +3,7 @@ # Copyright (c) 2013-2020 Christian Hesse # # collect wireless mac adresses in access list +# https://git.eworm.de/cgit/routeros-scripts/about/doc/collect-wireless-mac.md # # !! Do not edit this file, it is generated from template! diff --git a/collect-wireless-mac.local b/collect-wireless-mac.local index 8b5d5ac..eac8734 100644 --- a/collect-wireless-mac.local +++ b/collect-wireless-mac.local @@ -3,6 +3,7 @@ # Copyright (c) 2013-2020 Christian Hesse # # collect wireless mac adresses in access list +# https://git.eworm.de/cgit/routeros-scripts/about/doc/collect-wireless-mac.md # # !! Do not edit this file, it is generated from template! diff --git a/collect-wireless-mac.template b/collect-wireless-mac.template index 510afcc..0f936b3 100644 --- a/collect-wireless-mac.template +++ b/collect-wireless-mac.template @@ -3,6 +3,7 @@ # Copyright (c) 2013-2020 Christian Hesse # # collect wireless mac adresses in access list +# https://git.eworm.de/cgit/routeros-scripts/about/doc/collect-wireless-mac.md # # !! This is just a template! Replace '%PATH%' with 'caps-man' # !! or 'interface wireless'! diff --git a/doc/collect-wireless-mac.md b/doc/collect-wireless-mac.md new file mode 100644 index 0000000..45489bf --- /dev/null +++ b/doc/collect-wireless-mac.md @@ -0,0 +1,54 @@ +Collect MAC addresses in wireless access list +============================================= + +[◀ Go back to main README](../README.md) + +Description +----------- + +This script adds unknown MAC addresses of connected wireless devices to +address list. In addition a notification is sent. + +By default the access list entry is disabled, but you can easily enable +and modify it to your needs. + +Requirements and installation +----------------------------- + +Depending on whether you use CAPsMAN (`/ caps-man`) or local wireless +interface (`/ interface wireless`) you need to install a different script. + +For CAPsMAN: + + $ScriptInstallUpdate collect-wireless-mac.capsman; + +For local interface: + + $ScriptInstallUpdate collect-wireless-mac.local; + +Configuration +------------- + +On first run a disabled access list entry acting as marker (with comment +"`--- collected above ---`") is added. Move this entry to define where new +entries are to be added. + +Also notification settings are required for e-mail and telegram. + +Usage and invocation +-------------------- + +Run this script from a dhcp server as lease-script to collect the MAC +address when a new address is leased. You may want to use +[lease-script](lease-script.md). + +See also +-------- + +* [Comment DHCP leases with info from access list](dhcp-lease-comment.md) +* [Create DNS records for DHCP leases](dhcp-to-dns.md) +* [Run other scripts on DHCP lease](lease-script.md) + +--- +[◀ Go back to main README](../README.md) +[▲ Go back to top](#top) -- cgit v1.2.3-54-g00ecf From e949e527f632927f806d3c0340bc5319d681106a Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 27 Mar 2020 21:44:36 +0100 Subject: add doc/daily-psk.md --- daily-psk.capsman | 1 + daily-psk.local | 1 + daily-psk.template | 1 + doc/daily-psk.md | 56 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ 4 files changed, 59 insertions(+) create mode 100644 doc/daily-psk.md diff --git a/daily-psk.capsman b/daily-psk.capsman index 59b867e..623ef0c 100644 --- a/daily-psk.capsman +++ b/daily-psk.capsman @@ -4,6 +4,7 @@ # Michael Gisbers # # update daily PSK (pre shared key) +# https://git.eworm.de/cgit/routeros-scripts/about/doc/daily-psk.md # # !! Do not edit this file, it is generated from template! diff --git a/daily-psk.local b/daily-psk.local index 3915618..6245ebe 100644 --- a/daily-psk.local +++ b/daily-psk.local @@ -4,6 +4,7 @@ # Michael Gisbers # # update daily PSK (pre shared key) +# https://git.eworm.de/cgit/routeros-scripts/about/doc/daily-psk.md # # !! Do not edit this file, it is generated from template! diff --git a/daily-psk.template b/daily-psk.template index cab65f2..3181b1a 100644 --- a/daily-psk.template +++ b/daily-psk.template @@ -4,6 +4,7 @@ # Michael Gisbers # # update daily PSK (pre shared key) +# https://git.eworm.de/cgit/routeros-scripts/about/doc/daily-psk.md # # !! This is just a template! Replace '%PATH%' with 'caps-man' # !! or 'interface wireless'! diff --git a/doc/daily-psk.md b/doc/daily-psk.md new file mode 100644 index 0000000..e6d7aae --- /dev/null +++ b/doc/daily-psk.md @@ -0,0 +1,56 @@ +Use wireless network with daily psk +=================================== + +[◀ Go back to main README](../README.md) + +Description +----------- + +This script is supposed to provide a wifi network which changes the +passphrase to a pseudo-random string daily. + +Requirements and installation +----------------------------- + +Just install this script and [global-wait](global-wait.md). + +Depending on whether you use CAPsMAN (`/ caps-man`) or local wireless +interface (`/ interface wireless`) you need to install a different script. + +For CAPsMAN: + + $ScriptInstallUpdate daily-psk.capsman,global-wait; + +For local interface: + + $ScriptInstallUpdate daily-psk.local,global-wait; + +And add schedulers to run the script: + + / system scheduler add interval=1d name=daily-psk-nightly on-event="/ system script run daily-psk.local;" start-date=may/23/2018 start-time=03:00:00; + / system scheduler add name=daily-psk-startup on-event=":global WaitTimeSync; / system script { run global-wait; \$WaitTimeSync; run daily-psk.local; }" start-time=startup; + +These will update the passphrase on boot and nightly at 3:00. + +Configuration +------------- + +The configuration goes to `global-config-overlay`, these are the parameters: + +* `DailyPskMatchComment`: pattern to match the wireless access list comment +* `DailyPskSecrets`: an array with pseudo random strings + +Then add an access list entry: + + / interface wireless access-list add comment="Daily PSK" interface=wl-daily private-pre-shared-key="ToBeChangedDaily"; + +Also notification settings are required for e-mail and telegram. + +See also +-------- + +* [Wait for configuration und functions](global-wait.md) + +--- +[◀ Go back to main README](../README.md) +[▲ Go back to top](#top) -- cgit v1.2.3-54-g00ecf From c9b71398593c0ec1ceb5d6d15d319c16a65e121b Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 27 Mar 2020 21:44:36 +0100 Subject: add doc/dhcp-lease-comment.md --- dhcp-lease-comment.capsman | 1 + dhcp-lease-comment.local | 1 + dhcp-lease-comment.template | 1 + doc/dhcp-lease-comment.md | 49 +++++++++++++++++++++++++++++++++++++++++++++ 4 files changed, 52 insertions(+) create mode 100644 doc/dhcp-lease-comment.md diff --git a/dhcp-lease-comment.capsman b/dhcp-lease-comment.capsman index 5a5d98b..51ccca2 100644 --- a/dhcp-lease-comment.capsman +++ b/dhcp-lease-comment.capsman @@ -3,6 +3,7 @@ # Copyright (c) 2013-2020 Christian Hesse # # update dhcp-server lease comment with infos from access-list +# https://git.eworm.de/cgit/routeros-scripts/about/doc/dhcp-lease-comment.md # # !! Do not edit this file, it is generated from template! diff --git a/dhcp-lease-comment.local b/dhcp-lease-comment.local index eb74dab..96b98e1 100644 --- a/dhcp-lease-comment.local +++ b/dhcp-lease-comment.local @@ -3,6 +3,7 @@ # Copyright (c) 2013-2020 Christian Hesse # # update dhcp-server lease comment with infos from access-list +# https://git.eworm.de/cgit/routeros-scripts/about/doc/dhcp-lease-comment.md # # !! Do not edit this file, it is generated from template! diff --git a/dhcp-lease-comment.template b/dhcp-lease-comment.template index bcbb39a..6892f1b 100644 --- a/dhcp-lease-comment.template +++ b/dhcp-lease-comment.template @@ -3,6 +3,7 @@ # Copyright (c) 2013-2020 Christian Hesse # # update dhcp-server lease comment with infos from access-list +# https://git.eworm.de/cgit/routeros-scripts/about/doc/dhcp-lease-comment.md # # !! This is just a template! Replace '%PATH%' with 'caps-man' # !! or 'interface wireless'! diff --git a/doc/dhcp-lease-comment.md b/doc/dhcp-lease-comment.md new file mode 100644 index 0000000..caba7d6 --- /dev/null +++ b/doc/dhcp-lease-comment.md @@ -0,0 +1,49 @@ +Comment DHCP leases with info from access list +============================================== + +[◀ Go back to main README](../README.md) + +Description +----------- + +This script adds comments to dynamic dhcp server leases. Infos are taken +from wireless access list. + +Requirements and installation +----------------------------- + +Depending on whether you use CAPsMAN (`/ caps-man`) or local wireless +interface (`/ interface wireless`) you need to install a different script. + +For CAPsMAN: + + $ScriptInstallUpdate dhcp-lease-comment.capsman; + +For local interface: + + $ScriptInstallUpdate dhcp-lease-comment.local; + +Configuration +------------- + +Infos are taken from wireless access list. Add entries with proper comments +there. You may want to use [collect-wireless-mac](collect-wireless-mac.md) +to prepare entries. + +Usage and invocation +-------------------- + +Run this script from a dhcp server as lease-script to update the comment +just after a new address is leased. You may want to use +[lease-script](lease-script.md). + +See also +-------- + +* [Collect MAC addresses in wireless access list](collect-wireless-mac.md) +* [Create DNS records for DHCP leases](dhcp-to-dns.md) +* [Run other scripts on DHCP lease](lease-script.md) + +--- +[◀ Go back to main README](../README.md) +[▲ Go back to top](#top) -- cgit v1.2.3-54-g00ecf From e0346bf60efc96375555277171c994f64714ae86 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 27 Mar 2020 21:44:56 +0100 Subject: add doc/dhcp-to-dns.md --- dhcp-to-dns | 1 + doc/dhcp-to-dns.md | 42 ++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 43 insertions(+) create mode 100644 doc/dhcp-to-dns.md diff --git a/dhcp-to-dns b/dhcp-to-dns index 687db97..f88599c 100644 --- a/dhcp-to-dns +++ b/dhcp-to-dns @@ -3,6 +3,7 @@ # Copyright (c) 2013-2020 Christian Hesse # # check DHCP leases and add/remove/update DNS entries +# https://git.eworm.de/cgit/routeros-scripts/about/doc/dhcp-to-dns.md :global Domain; :global HostNameInZone; diff --git a/doc/dhcp-to-dns.md b/doc/dhcp-to-dns.md new file mode 100644 index 0000000..3f25659 --- /dev/null +++ b/doc/dhcp-to-dns.md @@ -0,0 +1,42 @@ +Create DNS records for DHCP leases +================================== + +[◀ Go back to main README](../README.md) + +Description +----------- + +This script adds (and removes) dns records based on dhcp server leases. + +Requirements and installation +----------------------------- + +Just install the script: + + $ScriptInstallUpdate dhcp-to-dns; + +Then run it from dhcp server as lease script. You may want to use +[lease-script](lease-script.md). + +A scheduler cares about cleanup: + + / system scheduler add interval=15m name=dhcp-to-dns on-event="/ system script run dhcp-to-dns;" start-time=startup; + +Configuration +------------- + +The configuration goes to `global-config-overlay`, these are the parameters: + +* `Domain`: the domain used for dns records +* `HostNameInZone`: whether or not to add the dhcp/dns server's hostname + +See also +-------- + +* [Collect MAC addresses in wireless access list](collect-wireless-mac.md) +* [Comment DHCP leases with info from access list](dhcp-lease-comment.md) +* [Run other scripts on DHCP lease](lease-script.md) + +--- +[◀ Go back to main README](../README.md) +[▲ Go back to top](#top) -- cgit v1.2.3-54-g00ecf From 8b724a9b5accef55bb85cc54ce19298f3a7ffc5e Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 27 Mar 2020 21:45:15 +0100 Subject: add doc/email-backup.md --- doc/email-backup.md | 52 ++++++++++++++++++++++++++++++++++++++++++++++++++++ email-backup | 1 + 2 files changed, 53 insertions(+) create mode 100644 doc/email-backup.md diff --git a/doc/email-backup.md b/doc/email-backup.md new file mode 100644 index 0000000..7f89a06 --- /dev/null +++ b/doc/email-backup.md @@ -0,0 +1,52 @@ +Send backup via e-mail +====================== + +[◀ Go back to main README](../README.md) + +Description +----------- + +This script sends binary backup (`/ system backup save`) and complete +configuration export (`/ export terse`) via e-mail. + + +Requirements and installation +----------------------------- + +Just install the script: + + $ScriptInstallUpdate email-backup; + +Configuration +------------- + +The configuration goes to `global-config-overlay`, These are the parameters: + +* `BackupSendBinary`: whether to send binary backup +* `BackupSendExport`: whether to send configuration export +* `BackupPassword`: password to encrypt the backup with +* `EmailBackupTo`: e-mail address to send to +* `EmailBackupCc`: e-mail address(es) to send in copy + +Also valid e-mail settings in `/ tool e-mail` are required to send mails. + +Usage and invocation +-------------------- + +Just run the script: + + / system script run email-backup; + +Creating a scheduler may be an option: + + / system scheduler add interval=1w name=email-backup on-event="/ system script run email-backup;" start-time=09:15:00; + +See also +-------- + +* [Upload backup to Mikrotik cloud](cloud-backup.md) +* [Upload backup to server](upload-backup.md) + +--- +[◀ Go back to main README](../README.md) +[▲ Go back to top](#top) diff --git a/email-backup b/email-backup index 2449173..3a00d04 100644 --- a/email-backup +++ b/email-backup @@ -3,6 +3,7 @@ # Copyright (c) 2013-2020 Christian Hesse # # create and email backup and config file +# https://git.eworm.de/cgit/routeros-scripts/about/doc/email-backup.md :global BackupPassword; :global BackupSendBinary; -- cgit v1.2.3-54-g00ecf From 2e0e83d13654dd0aad44c44b0db350554a562d77 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 27 Mar 2020 21:45:38 +0100 Subject: add doc/global-wait.md --- doc/global-wait.md | 34 ++++++++++++++++++++++++++++++++++ global-wait | 1 + 2 files changed, 35 insertions(+) create mode 100644 doc/global-wait.md diff --git a/doc/global-wait.md b/doc/global-wait.md new file mode 100644 index 0000000..9fcaa96 --- /dev/null +++ b/doc/global-wait.md @@ -0,0 +1,34 @@ +Wait for configuration und functions +==================================== + +[◀ Go back to main README](../README.md) + +Description +----------- + +The global scripts `global-config`, `global-config-overlay` and +`global-functions` are run by scheduler at system startup. Running another +script at system startup may result in race condition where configuration +and/or function are not yet available. This script is supposed to wait +for everything being prepared. + +Requirements and installation +----------------------------- + +Just install the script: + + $ScriptInstallUpdate global-wait; + +... and add it to your scheduler, for example in combination with +[bridge-port](bridge-port.md): + + / system scheduler add name=bridge-port-to-default on-event="/ system script { run global-wait; run bridge-port-to-default; }" start-time=startup; + +See also +-------- + +* [Manage ports in bridge](bridge-port.md) + +--- +[◀ Go back to main README](../README.md) +[▲ Go back to top](#top) diff --git a/global-wait b/global-wait index 29d634d..7e3cc6c 100644 --- a/global-wait +++ b/global-wait @@ -3,6 +3,7 @@ # Copyright (c) 2020 Christian Hesse # # wait for global-functions to finish +# https://git.eworm.de/cgit/routeros-scripts/about/doc/global-wait.md :global GlobalFunctionsReady; -- cgit v1.2.3-54-g00ecf From cba9352fc425528b36943c4715a9908a5bedc3c4 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 27 Mar 2020 21:45:54 +0100 Subject: add doc/gps-track.md --- doc/gps-track.md | 34 ++++++++++++++++++++++++++++++++++ gps-track | 1 + 2 files changed, 35 insertions(+) create mode 100644 doc/gps-track.md diff --git a/doc/gps-track.md b/doc/gps-track.md new file mode 100644 index 0000000..a7b3d7f --- /dev/null +++ b/doc/gps-track.md @@ -0,0 +1,34 @@ +Send GPS position to server +=========================== + +[◀ Go back to main README](../README.md) + +Description +----------- + +This script is supposed to run periodically from scheduler and send GPS +position data to a server for tracking. + +A hardware GPS antenna is required. + +Requirements and installation +----------------------------- + +Just install the script: + + $ScriptInstallUpdate gps-track; + +... and create a scheduler: + + / system scheduler add interval=1m name=gps-track on-event="/ system script run gps-track;" start-time=startup; + +Configuration +------------- + +The configuration goes to `global-config-overlay`, the only parameter is: + +* `GpsTrackUrl`: the url to send json data to + +--- +[◀ Go back to main README](../README.md) +[▲ Go back to top](#top) diff --git a/gps-track b/gps-track index 2513e03..4a27eb8 100644 --- a/gps-track +++ b/gps-track @@ -3,6 +3,7 @@ # Copyright (c) 2018-2020 Christian Hesse # # track gps data by sending json data to http server +# https://git.eworm.de/cgit/routeros-scripts/about/doc/gps-track.md :global GpsTrackUrl; :global Identity; -- cgit v1.2.3-54-g00ecf From 39857405d55c37542b3bc3b4dcef6d24c9a2ea62 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 27 Mar 2020 21:46:08 +0100 Subject: add doc/hotspot-to-wpa.md --- doc/hotspot-to-wpa.md | 48 ++++++++++++++++++++++++++++++++++++++++++++++++ hotspot-to-wpa | 1 + 2 files changed, 49 insertions(+) create mode 100644 doc/hotspot-to-wpa.md diff --git a/doc/hotspot-to-wpa.md b/doc/hotspot-to-wpa.md new file mode 100644 index 0000000..fbb9640 --- /dev/null +++ b/doc/hotspot-to-wpa.md @@ -0,0 +1,48 @@ +Use WPA2 network with hotspot credentials +========================================= + +[◀ Go back to main README](../README.md) + +Description +----------- + +RouterOS supports an unlimited number of MAC address specific passphrases +for WPA2 encrypted wifi networks via access list. The idea of this script +is to transfer hotspot credentials to MAC address specific WPA2 passphrase. + +Requirements and installation +----------------------------- + +You need a properly configured hotspot on one (open) SSID and a WP2 enabled +SSID with suffix "`-wpa`". + +Then install the script: + + $ScriptInstallUpdate hotspot-to-wpa; + +Configure your hotspot to use this script as `on-login` script: + + / ip hotspot user profile set on-login=hotspot-to-wpa [ find ]; + +Configuration +------------- + +On first run a disabled access list entry acting as marker (with comment +"`--- hotspot-to-wpa above ---`") is added. Move this entry to define where new +entries are to be added. + +Usage and invocation +-------------------- + +Create hotspot login credentials: + + / ip hotspot user add add comment="Test User 1" name=user1 password=v3ry; + / ip hotspot user add add comment="Test User 2" name=user2 password=s3cr3t; + +Now let the users connect and login to the hotspot. After that the devices +(identified by MAC address) can connect to the WPA2 network, using the +passphrase from hotspot credentials. + +--- +[◀ Go back to main README](../README.md) +[▲ Go back to top](#top) diff --git a/hotspot-to-wpa b/hotspot-to-wpa index f45bd6b..e862e45 100644 --- a/hotspot-to-wpa +++ b/hotspot-to-wpa @@ -3,6 +3,7 @@ # Copyright (c) 2019-2020 Christian Hesse # # add private WPA passphrase after hotspot login +# https://git.eworm.de/cgit/routeros-scripts/about/doc/hotspot-to-wpa.md :global LogPrintExit; -- cgit v1.2.3-54-g00ecf From b20fcaa94d64da64412f44afcca7cd4dabaa6fc0 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 27 Mar 2020 21:46:44 +0100 Subject: add doc/ip-addr-bridge.md --- doc/ip-addr-bridge.md | 32 ++++++++++++++++++++++++++++++++ ip-addr-bridge | 1 + 2 files changed, 33 insertions(+) create mode 100644 doc/ip-addr-bridge.md diff --git a/doc/ip-addr-bridge.md b/doc/ip-addr-bridge.md new file mode 100644 index 0000000..44dac6a --- /dev/null +++ b/doc/ip-addr-bridge.md @@ -0,0 +1,32 @@ +Manage IP addresses with bridge status +====================================== + +[◀ Go back to main README](../README.md) + +Description +----------- + +With RouterOS an IP address is always active, even if an interface is down. +Other venders handle this differently - and sometimes this behavior is +expected. This script mimics this behavior. + +Requirements and installation +----------------------------- + +Just install the script: + + $ScriptInstallUpdate ip-addr-bridge; + +... and make it run from scheduler: + + / system scheduler add name=ip-addr-bridge on-event="/ system script run ip-addr-bridge;" start-time=startup; + +This will disable IP addresses on bridges without at lease one running port. +The IP address is enabled if at least one port is running. + +Note that IP addresses on bridges without a single port (acting as loopback +interface) are ignored. + +--- +[◀ Go back to main README](../README.md) +[▲ Go back to top](#top) diff --git a/ip-addr-bridge b/ip-addr-bridge index 947e7fe..02781cc 100644 --- a/ip-addr-bridge +++ b/ip-addr-bridge @@ -3,6 +3,7 @@ # Copyright (c) 2018-2020 Christian Hesse # # enable or disable ip addresses based on bridge port state +# https://git.eworm.de/cgit/routeros-scripts/about/doc/ip-addr-bridge.md :foreach Bridge in=[ / interface bridge find ] do={ :local BrName [ / interface bridge get $Bridge name ]; -- cgit v1.2.3-54-g00ecf From 024e9c97a1f83a9b0eb09702f558af3ba8e048e3 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 27 Mar 2020 21:47:13 +0100 Subject: add doc/ipv6-update.md --- doc/ipv6-update.md | 56 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ ipv6-update | 1 + 2 files changed, 57 insertions(+) create mode 100644 doc/ipv6-update.md diff --git a/doc/ipv6-update.md b/doc/ipv6-update.md new file mode 100644 index 0000000..93ada42 --- /dev/null +++ b/doc/ipv6-update.md @@ -0,0 +1,56 @@ +Update configuration on IPv6 prefix change +========================================== + +[◀ Go back to main README](../README.md) + +Description +----------- + +With changing IPv6 prefix from ISP this script handles to update... + +* ipv6 firewall address-list +* dns records + +Requirements and installation +----------------------------- + +Just install the script: + + $ScriptInstallUpdate ipv6-update; + +Your ISP needs to provide an IPv6 prefix, your device receives it via dhcp: + + / ipv6 dhcp-client add add-default-route=yes interface=ppp-isp pool-name=isp request=prefix script=ipv6-update; + +Note this already adds this script as `script`. The pool name (here: "`isp`") +is important, we need it later. + +Also this expects there is an address assigned from pool to an interface: + + / ipv6 address add from-pool=isp interface=br-local; + +Sometimes dhcp client is stuck on reconnect and needs to be released. +Installing [ppp-on-up](ppp-on-up.md) may solve this. + +Configuration +------------- + +An address list entry is updated with current prefix and can be used in +firewall rules, comment has to be "`ipv6-pool-`" and actual pool name: + + / ipv6 firewall address-list add address=2003:cf:2f0f:de00::/56 comment=ipv6-pool-isp list=extern; + +Static DNS records need a special comment to be updated. Again it has to +start with "`ipv6-pool-`" and actual pool name, followed by a comma, +"`interface=`" and the name of interface this address is connected to: + + / ip dns static add address=2003:cf:2f0f:de00:1122:3344:5566:7788 comment="ipv6-pool-isp, interface=br-local" name=test.example.com ttl=15m; + +See also +-------- + +* [Run scripts on ppp connection](ppp-on-up.md) + +--- +[◀ Go back to main README](../README.md) +[▲ Go back to top](#top) diff --git a/ipv6-update b/ipv6-update index baea7c3..4e73b8f 100644 --- a/ipv6-update +++ b/ipv6-update @@ -3,6 +3,7 @@ # Copyright (c) 2013-2020 Christian Hesse # # update firewall and dns settings on IPv6 prefix change +# https://git.eworm.de/cgit/routeros-scripts/about/doc/ipv6-update.md :local PdPrefix $"pd-prefix"; -- cgit v1.2.3-54-g00ecf From e1377cbd927e0bca631c1d904d3172878f307410 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 27 Mar 2020 21:47:26 +0100 Subject: add doc/lease-script.md --- doc/lease-script.md | 36 ++++++++++++++++++++++++++++++++++++ lease-script | 1 + 2 files changed, 37 insertions(+) create mode 100644 doc/lease-script.md diff --git a/doc/lease-script.md b/doc/lease-script.md new file mode 100644 index 0000000..3c774f1 --- /dev/null +++ b/doc/lease-script.md @@ -0,0 +1,36 @@ +Run other scripts on DHCP lease +=============================== + +[◀ Go back to main README](../README.md) + +Description +----------- + +This script is supposed to run from dhcp server as lease script. Currently +it does: + +* run [dhcp-to-dns](dhcp-to-dns.md) +* run [collect-wireless-mac](collect-wireless-mac.md) +* run [dhcp-lease-comment](dhcp-lease-comment.md) + +Requirements and installation +----------------------------- + +Just install the script: + + $ScriptInstallUpdate lease-script; + +... and add it as `lease-script` to your dhcp server: + + / ip dhcp-server set lease-script=lease-script [ find ]; + +See also +-------- + +* [Collect MAC addresses in wireless access list](collect-wireless-mac.md) +* [Comment DHCP leases with info from access list](dhcp-lease-comment.md) +* [Create DNS records for DHCP leases](dhcp-to-dns.md) + +--- +[◀ Go back to main README](../README.md) +[▲ Go back to top](#top) diff --git a/lease-script b/lease-script index 1e73b31..87c0c90 100644 --- a/lease-script +++ b/lease-script @@ -3,6 +3,7 @@ # Copyright (c) 2013-2020 Christian Hesse # # run scripts on DHCP lease +# https://git.eworm.de/cgit/routeros-scripts/about/doc/lease-script.md :global LogPrintExit; -- cgit v1.2.3-54-g00ecf From 8c3489761ee7c31fbe01d93b9e648bbc671f6bce Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 27 Mar 2020 21:47:41 +0100 Subject: add doc/leds-mode.md --- doc/leds-mode.md | 50 ++++++++++++++++++++++++++++++++++++++++++++++++++ leds-day-mode | 1 + leds-night-mode | 1 + leds-toggle-mode | 1 + 4 files changed, 53 insertions(+) create mode 100644 doc/leds-mode.md diff --git a/doc/leds-mode.md b/doc/leds-mode.md new file mode 100644 index 0000000..e0f7cf3 --- /dev/null +++ b/doc/leds-mode.md @@ -0,0 +1,50 @@ +Manage LEDs dark mode +===================== + +[◀ Go back to main README](../README.md) + +Description +----------- + +These scripts control LEDs mode and allow to run your device +completely dark. Hardware support for dark mode is required. + +Requirements and installation +----------------------------- + +Just install the scripts: + + $ScriptInstallUpdate leds-day-mode,leds-night-mode,leds-toggle-mode; + +Usage and invocation +-------------------- + +To switch the device to dark mode: + + / system script run leds-night-mode; + +... and back to normal mode: + + / system script run leds-day-mode; + +To toggle between the two modes: + + / system script run leds-toggle-mode; + +Add these schedulers to switch to dark mode in the evening and back to +normal mode in the morning: + + / system scheduler add interval=1d name=leds-day-mode on-event="/ system script run leds-day-mode;" start-time=07:00:00; + / system scheduler add interval=1d name=leds-night-mode on-event="/ system script run leds-night-mode;" start-time=21:00:00; + +The script `leds-toggle-mode` can be used from [mode button](mode-button.md) +to toggle mode. + +See also +-------- + +* [Mode botton with multiple presses](mode-button.md) + +--- +[◀ Go back to main README](../README.md) +[▲ Go back to top](#top) diff --git a/leds-day-mode b/leds-day-mode index 0b50648..cd59bab 100644 --- a/leds-day-mode +++ b/leds-day-mode @@ -3,5 +3,6 @@ # Copyright (c) 2013-2020 Christian Hesse # # enable LEDs +# https://git.eworm.de/cgit/routeros-scripts/about/doc/leds-mode.md / system leds settings set all-leds-off=never; diff --git a/leds-night-mode b/leds-night-mode index 6a973e4..9048a83 100644 --- a/leds-night-mode +++ b/leds-night-mode @@ -3,5 +3,6 @@ # Copyright (c) 2013-2020 Christian Hesse # # disable LEDs +# https://git.eworm.de/cgit/routeros-scripts/about/doc/leds-mode.md / system leds settings set all-leds-off=immediate; diff --git a/leds-toggle-mode b/leds-toggle-mode index 7518ef4..5f67979 100644 --- a/leds-toggle-mode +++ b/leds-toggle-mode @@ -3,6 +3,7 @@ # Copyright (c) 2018-2020 Christian Hesse # # toggle LEDs mode +# https://git.eworm.de/cgit/routeros-scripts/about/doc/leds-mode.md :if ([ / system leds settings get all-leds-off ] = "never") do={ / system leds settings set all-leds-off=immediate; -- cgit v1.2.3-54-g00ecf From 5594ffd69afb9b72e73a62103cd657d51d4b0366 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 27 Mar 2020 21:48:25 +0100 Subject: add doc/mode-button.md --- doc/mode-button.md | 40 ++++++++++++++++++++++++++++++++++++++++ mode-button-event | 1 + mode-button-scheduler | 1 + 3 files changed, 42 insertions(+) create mode 100644 doc/mode-button.md diff --git a/doc/mode-button.md b/doc/mode-button.md new file mode 100644 index 0000000..5018d6e --- /dev/null +++ b/doc/mode-button.md @@ -0,0 +1,40 @@ +Mode botton with multiple presses +================================= + +[◀ Go back to main README](../README.md) + +Description +----------- + +These scripts extend the functionality of mode button. Instead of just one +you can trigger several actions by pressing the mode button several times. + +The hardware needs to have a mode button, see +`/ system routerboard mode-button`. + +Requirements and installation +----------------------------- + +Just install the scripts: + + $ScriptInstallUpdate mode-button-event,mode-button-scheduler; + +Then configure the mode-button to run `mode-button-event`: + + / system routerboard mode-button set enabled=yes on-event="/ system script run mode-button-event;"; + +Configuration +------------- + +The configuration goes to `global-config-overlay`, the only parameter is: + +* `ModeButton`: an array with defined actions + +Usage and invocation +-------------------- + +Press the mode button. :) + +--- +[◀ Go back to main README](../README.md) +[▲ Go back to top](#top) diff --git a/mode-button-event b/mode-button-event index 91b0edb..4768e09 100644 --- a/mode-button-event +++ b/mode-button-event @@ -3,6 +3,7 @@ # Copyright (c) 2018-2020 Christian Hesse # # run on mode-button event and count button presses +# https://git.eworm.de/cgit/routeros-scripts/about/doc/mode-button.md :global ModeButton; diff --git a/mode-button-scheduler b/mode-button-scheduler index 2b6f083..03f673b 100644 --- a/mode-button-scheduler +++ b/mode-button-scheduler @@ -3,6 +3,7 @@ # Copyright (c) 2018-2020 Christian Hesse # # act on multiple mode-botton presses from scheduler +# https://git.eworm.de/cgit/routeros-scripts/about/doc/mode-button.md :global ModeButton; -- cgit v1.2.3-54-g00ecf From f482c565c79e9413e45806dc4043ea4d6e1859a9 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 27 Mar 2020 21:48:52 +0100 Subject: add doc/netwatch-notify.md --- doc/netwatch-notify.md | 36 ++++++++++++++++++++++++++++++++++++ netwatch-notify | 1 + 2 files changed, 37 insertions(+) create mode 100644 doc/netwatch-notify.md diff --git a/doc/netwatch-notify.md b/doc/netwatch-notify.md new file mode 100644 index 0000000..51768ff --- /dev/null +++ b/doc/netwatch-notify.md @@ -0,0 +1,36 @@ +Notify on host up and down +========================== + +[◀ Go back to main README](../README.md) + +Description +----------- + +This script sends notifications about host UP and DOWN events. In comparison +to just netwatch (`/ tool netwatch`) and its `up-script` and `down-script` +this script implements a simple state machine. Host down events are triggered +only if the host is down for several checks to avoid false alerts. + +Requirements and installation +----------------------------- + +Just install the script: + + $ScriptInstallUpdate netwatch-notify; + +Then add a scheduler to run it periodically: + + / system scheduler add interval=1m name=netwatch-notify on-event="/ system script run netwatch-notify;" start-time=startup; + +Configuration +------------- + +The hosts to be checked have to be added to netwatch with specific comment: + + / tool netwatch add comment="notify, hostname=example.com" host=[ :resolve "example.com" ] timeout=5s; + +Also notification settings are required for e-mail and telegram. + +--- +[◀ Go back to main README](../README.md) +[▲ Go back to top](#top) diff --git a/netwatch-notify b/netwatch-notify index 5b47e3b..dca8304 100644 --- a/netwatch-notify +++ b/netwatch-notify @@ -3,6 +3,7 @@ # Copyright (c) 2020 Christian Hesse # # monitor netwatch and send notifications +# https://git.eworm.de/cgit/routeros-scripts/about/doc/netwatch-notify.md :global NetwatchNotify; -- cgit v1.2.3-54-g00ecf From 222fe8fd54c6cfa9b4a3d0cd545178659f331bfe Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 27 Mar 2020 21:49:03 +0100 Subject: add doc/netwatch-syslog.md --- doc/netwatch-syslog.md | 34 ++++++++++++++++++++++++++++++++++ netwatch-syslog | 1 + 2 files changed, 35 insertions(+) create mode 100644 doc/netwatch-syslog.md diff --git a/doc/netwatch-syslog.md b/doc/netwatch-syslog.md new file mode 100644 index 0000000..9a28bb9 --- /dev/null +++ b/doc/netwatch-syslog.md @@ -0,0 +1,34 @@ +Manage remote logging +===================== + +[◀ Go back to main README](../README.md) + +Description +----------- + +RouterOS supports sending log messages via network to a remote syslog server. +If the server is not available no log messages (with potentially sensitive +information) should be sent. This script disables remote logging by +availability. + +Requirements and installation +----------------------------- + +Let's assume there is a remote log action and associated logging rule: + + / system logging action set remote=10.0.0.1 [ find where name="remote" ]; + / system logging add action=remote topics=info; + +Just install the script: + + $ScriptInstallUpdate netwatch-syslog; + +... and create a netwatch matching the IP address from logging action above: + + / tool netwatch add down-script=netwatch-syslog host=10.0.0.1 up-script=netwatch-syslog; + +All logging rules are disabled when host is down. + +--- +[◀ Go back to main README](../README.md) +[▲ Go back to top](#top) diff --git a/netwatch-syslog b/netwatch-syslog index b76d31d..81ef4d5 100644 --- a/netwatch-syslog +++ b/netwatch-syslog @@ -5,6 +5,7 @@ # requires: dont-require-permissions=yes # # manage remote logging facilities +# https://git.eworm.de/cgit/routeros-scripts/about/doc/netwatch-syslog.md :local Remote [ /system logging action get ([ find where target=remote ]->0) remote ]; -- cgit v1.2.3-54-g00ecf From d075cce0efa8a9998e1a95c1bbe3be2462b6820d Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 27 Mar 2020 21:49:17 +0100 Subject: add doc/packages-update.md --- doc/packages-update.md | 46 ++++++++++++++++++++++++++++++++++++++++++++++ packages-update | 1 + 2 files changed, 47 insertions(+) create mode 100644 doc/packages-update.md diff --git a/doc/packages-update.md b/doc/packages-update.md new file mode 100644 index 0000000..882ce80 --- /dev/null +++ b/doc/packages-update.md @@ -0,0 +1,46 @@ +Manage system update +==================== + +[◀ Go back to main README](../README.md) + +Description +----------- + +In rare cases RouterOS fails to properly downlaod package on update +(`/ system package update install`), resulting in borked system with missing +packages. This script tries to avoid this situation by doing some basic +verification. + +But it provides some extra functionality: + +* send backup via e-mail if [email-backup](email-backup.md) is installed +* upload backup if [upload-backup](upload-backup.md) is installed +* schedule reboot at night + +Requirements and installation +----------------------------- + +Just install the script: + + $ScriptInstallUpdate packages-update; + +It is automatically run by [check-routeros-update](check-routeros-update.md) +if available. + +Usage and invocation +-------------------- + +Alternatively run it manually: + + / system script run packages-update; + +See also +-------- + +* [Notify on RouterOS update](check-routeros-update.md) +* [Send backup via e-mail](email-backup.md) +* [Upload backup to server](upload-backup.md) + +--- +[◀ Go back to main README](../README.md) +[▲ Go back to top](#top) diff --git a/packages-update b/packages-update index 5baa78b..9158c08 100644 --- a/packages-update +++ b/packages-update @@ -3,6 +3,7 @@ # Copyright (c) 2019-2020 Christian Hesse # # download packages and reboot for installation +# https://git.eworm.de/cgit/routeros-scripts/about/doc/packages-update.md :global DownloadPackage; :global LogPrintExit; -- cgit v1.2.3-54-g00ecf From 15995b495fb026584573edf8778ae533c1fce62d Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 27 Mar 2020 21:49:36 +0100 Subject: add doc/ppp-on-up.md --- doc/ppp-on-up.md | 34 ++++++++++++++++++++++++++++++++++ ppp-on-up | 1 + 2 files changed, 35 insertions(+) create mode 100644 doc/ppp-on-up.md diff --git a/doc/ppp-on-up.md b/doc/ppp-on-up.md new file mode 100644 index 0000000..432a640 --- /dev/null +++ b/doc/ppp-on-up.md @@ -0,0 +1,34 @@ +Run scripts on ppp connection +============================= + +[◀ Go back to main README](../README.md) + +Description +----------- + +This script is supposed to run on established ppp connection. Currently +it does: + +* release IPv6 dhcp leases (and thus force a renew) +* run [update-tunnelbroker](update-tunnelbroker.md) + +Requirements and installation +----------------------------- + +Just install the script: + + $ScriptInstallUpdate ppp-on-up; + +... and make it the `on-up` script for ppp profile: + + / ppp profile set on-up=ppp-on-up [ find ]; + +See also +-------- + +* [Update configuration on IPv6 prefix change](ipv6-update.md) +* [Update tunnelbroker configuration](update-tunnelbroker.md) + +--- +[◀ Go back to main README](../README.md) +[▲ Go back to top](#top) diff --git a/ppp-on-up b/ppp-on-up index 48d3413..18229eb 100644 --- a/ppp-on-up +++ b/ppp-on-up @@ -3,6 +3,7 @@ # Copyright (c) 2013-2020 Christian Hesse # # run scripts on ppp up +# https://git.eworm.de/cgit/routeros-scripts/about/doc/ppp-on-up.md :global LogPrintExit; -- cgit v1.2.3-54-g00ecf From 747af21bea685d75ea524c97fcb6e8d44b466c86 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 27 Mar 2020 21:49:51 +0100 Subject: add doc/rotate-ntp.md --- doc/rotate-ntp.md | 40 ++++++++++++++++++++++++++++++++++++++++ rotate-ntp | 1 + 2 files changed, 41 insertions(+) create mode 100644 doc/rotate-ntp.md diff --git a/doc/rotate-ntp.md b/doc/rotate-ntp.md new file mode 100644 index 0000000..eb04f5c --- /dev/null +++ b/doc/rotate-ntp.md @@ -0,0 +1,40 @@ +Rotate NTP servers +================== + +[◀ Go back to main README](../README.md) + +Description +----------- + +RouterOS requires NTP servers to be configured by IP address. Servers from a +pool may appear and disappear, leaving broken NTP configuration. + +This script allows to rotate IP addresses from a given pool. + +Requirements and installation +----------------------------- + +Just install the script: + + $ScriptInstallUpdate rotate-ntp; + +Configuration +------------- + +The configuration goes to `global-config-overlay`, this is the parameter: + +* `NtpPool`: dns name of ntp server pool + +Usage and invocation +-------------------- + +Just run the script to update the NTP configuration with actual IP +addresses from pool if required. + +Alternatively a scheduler can be created: + + / system scheduler add interval=5d name=rotate-ntp on-event="/ system script run rotate-ntp;" start-time=startup; + +--- +[◀ Go back to main README](../README.md) +[▲ Go back to top](#top) diff --git a/rotate-ntp b/rotate-ntp index 534f400..e0c1999 100644 --- a/rotate-ntp +++ b/rotate-ntp @@ -3,6 +3,7 @@ # Copyright (c) 2013-2020 Christian Hesse # # rotate the ntp servers +# https://git.eworm.de/cgit/routeros-scripts/about/doc/rotate-ntp.md :global NtpPool; -- cgit v1.2.3-54-g00ecf From ed2718da2a7beb6b1b1936681c531ec71612320f Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 27 Mar 2020 21:50:18 +0100 Subject: add doc/sms-action.md --- doc/sms-action.md | 49 +++++++++++++++++++++++++++++++++++++++++++++++++ sms-action | 1 + 2 files changed, 50 insertions(+) create mode 100644 doc/sms-action.md diff --git a/doc/sms-action.md b/doc/sms-action.md new file mode 100644 index 0000000..df9e14f --- /dev/null +++ b/doc/sms-action.md @@ -0,0 +1,49 @@ +Act on received SMS +=================== + +[◀ Go back to main README](../README.md) + +Description +----------- + +RouterOS can act on received SMS. Reboot the device from remote or do +whatever is required. + +A broadband interface with SMS support is required. + +Requirements and installation +----------------------------- + +Just install the script: + + $ScriptInstallUpdate sms-action; + +Configuration +------------- + +The configuration goes to `global-config-overlay`, this is the only parameter: + +* `SmsAction`: an array with pre-defined actions + +Then enable SMS actions: + + / tool sms set allowed-number=+491234567890 receive-enabled=yes secret=s3cr3t; + +Usage and invocation +-------------------- + +Send a SMS from allowed number to your device's phone number: + + :cmd s3cr3t script sms-action action=reboot; + +The value given by "`action=`" is one of the pre-defined actions from +`SmsAction`. + +See also +-------- + +* [Forward received SMS](sms-forward.md) + +--- +[◀ Go back to main README](../README.md) +[▲ Go back to top](#top) diff --git a/sms-action b/sms-action index 4442baf..2384167 100644 --- a/sms-action +++ b/sms-action @@ -3,6 +3,7 @@ # Copyright (c) 2018-2020 Christian Hesse # # run action on received SMS +# https://git.eworm.de/cgit/routeros-scripts/about/doc/sms-action.md :global SmsAction; -- cgit v1.2.3-54-g00ecf From e8bc0a7169df0d0995675aa86c1a84f7ebbb10f9 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 27 Mar 2020 21:50:27 +0100 Subject: add doc/sms-forward.md --- doc/sms-forward.md | 36 ++++++++++++++++++++++++++++++++++++ sms-forward | 1 + 2 files changed, 37 insertions(+) create mode 100644 doc/sms-forward.md diff --git a/doc/sms-forward.md b/doc/sms-forward.md new file mode 100644 index 0000000..28fc39b --- /dev/null +++ b/doc/sms-forward.md @@ -0,0 +1,36 @@ +Forward received SMS +==================== + +[◀ Go back to main README](../README.md) + +Description +----------- + +RouterOS can receive SMS. This script forwards SMS as notification. + +A broadband interface with SMS support is required. + +Requirements and installation +----------------------------- + +Just install the script: + + $ScriptInstallUpdate sms-forward; + +... and add a scheduler to run it periodically: + + / system scheduler add interval=2m name=sms-forward on-event="/ system script run sms-forward;" start-time=startup; + +Configuration +------------- + +Notification settings are required for e-mail and telegram. + +See also +-------- + +* [Act on received SMS](sms-action.md) + +--- +[◀ Go back to main README](../README.md) +[▲ Go back to top](#top) diff --git a/sms-forward b/sms-forward index 2ace48d..2045196 100644 --- a/sms-forward +++ b/sms-forward @@ -3,6 +3,7 @@ # Copyright (c) 2013-2020 Christian Hesse # # forward SMS to e-mail +# https://git.eworm.de/cgit/routeros-scripts/about/doc/sms-forward.md :global Identity; -- cgit v1.2.3-54-g00ecf From 997ef3bf2379c1526e39544067c8257d5e999b14 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 27 Mar 2020 21:50:53 +0100 Subject: add doc/ssh-keys-import.md --- doc/ssh-keys-import.md | 33 +++++++++++++++++++++++++++++++++ ssh-keys-import | 9 ++++----- 2 files changed, 37 insertions(+), 5 deletions(-) create mode 100644 doc/ssh-keys-import.md diff --git a/doc/ssh-keys-import.md b/doc/ssh-keys-import.md new file mode 100644 index 0000000..d221072 --- /dev/null +++ b/doc/ssh-keys-import.md @@ -0,0 +1,33 @@ +Import SSH keys +=============== + +[◀ Go back to main README](../README.md) + +Description +----------- + +This script imports public SSH keys (files with extension "`pub`") into +local store for user authentication. + +Requirements and installation +----------------------------- + +Just install the script: + + $ScriptInstallUpdate ssh-keys-import; + +Usage and invocation +-------------------- + +Copy files with extension "`pub`" containing public SSH keys for your device. +Then run the script: + + / system script run ssh-keys-import; + +Starting with an `authorized_keys` file you can split it on a shell: + + while read type key name; do echo $type $key $name > $name.pub; done < authorized_keys + +--- +[◀ Go back to main README](../README.md) +[▲ Go back to top](#top) diff --git a/ssh-keys-import b/ssh-keys-import index da933ce..9be92d1 100644 --- a/ssh-keys-import +++ b/ssh-keys-import @@ -3,9 +3,8 @@ # Copyright (c) 2013-2020 Christian Hesse # # import ssh keys from file +# https://git.eworm.de/cgit/routeros-scripts/about/doc/ssh-keys-import.md -# Split files with several keys from a shell... -# while read type key name; do echo $type $key $name > $name.pub; done < keys.pub -# ... then transfer with scp/sftp. - -:foreach Key in=[ / file find where type="ssh key" ] do={ / user ssh-key import user=admin public-key-file=[ / file get $Key name ]; } +:foreach Key in=[ / file find where type="ssh key" ] do={ + / user ssh-key import user=admin public-key-file=[ / file get $Key name ]; +} -- cgit v1.2.3-54-g00ecf From 1e5784225a5034713dae8bea8fe8db1572b8bfc1 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 27 Mar 2020 21:51:03 +0100 Subject: add doc/super-mario-theme.md --- doc/super-mario-theme.md | 31 +++++++++++++++++++++++++++++++ super-mario-theme | 1 + 2 files changed, 32 insertions(+) create mode 100644 doc/super-mario-theme.md diff --git a/doc/super-mario-theme.md b/doc/super-mario-theme.md new file mode 100644 index 0000000..68484dc --- /dev/null +++ b/doc/super-mario-theme.md @@ -0,0 +1,31 @@ +Play Super Mario theme +====================== + +[◀ Go back to main README](../README.md) + +Description +----------- + +This script plays Super Mario theme. + +The hardware needs a beeper. + +Requirements and installation +----------------------------- + +Just install the script: + + $ScriptInstallUpdate super-mario-theme; + +Usage and invocation +-------------------- + +Just run the script to play: + + / system script run super-mario-theme; + +For extra fun use it for dhcp lease script. :) + +--- +[◀ Go back to main README](../README.md) +[▲ Go back to top](#top) diff --git a/super-mario-theme b/super-mario-theme index 671abc5..a7bcb39 100644 --- a/super-mario-theme +++ b/super-mario-theme @@ -3,6 +3,7 @@ # Copyright (c) 2013-2020 Christian Hesse # # play Super Mario theme +# https://git.eworm.de/cgit/routeros-scripts/about/doc/super-mario-theme.md :local Beeps { { 660; 100 }; 150; { 660; 100 }; 300; { 660; 100 }; 300; -- cgit v1.2.3-54-g00ecf From f45dbb3a7323a40cf8b8d5b5945bcdc3e80d6286 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 27 Mar 2020 21:51:21 +0100 Subject: add doc/unattended-lte-firmware-upgrade.md --- doc/unattended-lte-firmware-upgrade.md | 42 ++++++++++++++++++++++++++++++++++ unattended-lte-firmware-upgrade | 1 + 2 files changed, 43 insertions(+) create mode 100644 doc/unattended-lte-firmware-upgrade.md diff --git a/doc/unattended-lte-firmware-upgrade.md b/doc/unattended-lte-firmware-upgrade.md new file mode 100644 index 0000000..68c74a1 --- /dev/null +++ b/doc/unattended-lte-firmware-upgrade.md @@ -0,0 +1,42 @@ +Install LTE firmware upgrade +============================ + +[◀ Go back to main README](../README.md) + +Description +----------- + +This script upgrades LTE firmware on compatible devices: + +* R11e-LTE +* R11e-LTE-US +* R11e-4G +* R11e-LTE6 + +A temporary scheduler is created to be independent from terminal. Thus +starting the upgrade process over the broadband connection is supported. + +Requirements and installation +----------------------------- + +Just install the script: + + $ScriptInstallUpdate unattended-lte-firmware-upgrade; + +Usage and invocation +-------------------- + +Run the script if an upgrade for your LTE hardware is available: + + / system script run unattended-lte-firmware-upgrade; + +Then be patient, go for a coffee and wait for the upgrade process to finish. + +See also +-------- + +* [Notify on LTE firmware upgrade](check-lte-firmware-upgrade.md) + +--- +[◀ Go back to main README](../README.md) +[▲ Go back to top](#top) diff --git a/unattended-lte-firmware-upgrade b/unattended-lte-firmware-upgrade index a0b297e..e54c9fb 100644 --- a/unattended-lte-firmware-upgrade +++ b/unattended-lte-firmware-upgrade @@ -3,6 +3,7 @@ # Copyright (c) 2018-2020 Christian Hesse # # schedule unattended lte firmware upgrade +# https://git.eworm.de/cgit/routeros-scripts/about/doc/unattended-lte-firmware-upgrade.md :foreach Interface in=[ / interface lte find ] do={ :local Firmware; -- cgit v1.2.3-54-g00ecf From a2b009502fb04d8e9421bd11b28903ac0ba05eb4 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 27 Mar 2020 21:51:40 +0100 Subject: add doc/update-gre-address.md --- doc/update-gre-address.md | 38 ++++++++++++++++++++++++++++++++++++++ update-gre-address | 1 + 2 files changed, 39 insertions(+) create mode 100644 doc/update-gre-address.md diff --git a/doc/update-gre-address.md b/doc/update-gre-address.md new file mode 100644 index 0000000..870759e --- /dev/null +++ b/doc/update-gre-address.md @@ -0,0 +1,38 @@ +Update GRE configuration with dynamic addresses +=============================================== + +[◀ Go back to main README](../README.md) + +Description +----------- + +Running a GRE tunnel over IPSec with IKEv2 is a common scenario. This is +easy to configure on client, but has an issue on server side: client IP +addresses are assigned dynamically via mode-config and have to be updated +for GRE interface. + +This script handles the address updates and disables the interface if the +client is disconnected. + +Requirements and installation +----------------------------- + +Just install the script: + + $ScriptInstallUpdate update-gre-address; + +... and add a scheduler to run the script periodically: + + / system scheduler add interval=30s name=update-gre-address on-event="/ system script run update-gre-address;" start-time=startup; + +Configuration +------------- + +The configuration goes to interface's comment. Add the client's IKEv2 +certificate CN into the comment: + + / interface gre set comment="ikev2-client1" gre-client1; + +--- +[◀ Go back to main README](../README.md) +[▲ Go back to top](#top) diff --git a/update-gre-address b/update-gre-address index fcd0183..8ede500 100644 --- a/update-gre-address +++ b/update-gre-address @@ -4,6 +4,7 @@ # # update gre interface remote address with dynamic address from # ipsec remote peer +# https://git.eworm.de/cgit/routeros-scripts/about/doc/update-gre-address.md / interface gre set remote-address=0.0.0.0 disabled=yes [ find where !running !disabled ]; -- cgit v1.2.3-54-g00ecf From 3f6539da4c1a2fe29ea5c684af37bcda8b7c8652 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 27 Mar 2020 21:52:02 +0100 Subject: add doc/update-tunnelbroker.md --- doc/update-tunnelbroker.md | 41 +++++++++++++++++++++++++++++++++++++++++ update-tunnelbroker | 3 +++ 2 files changed, 44 insertions(+) create mode 100644 doc/update-tunnelbroker.md diff --git a/doc/update-tunnelbroker.md b/doc/update-tunnelbroker.md new file mode 100644 index 0000000..3641588 --- /dev/null +++ b/doc/update-tunnelbroker.md @@ -0,0 +1,41 @@ +Update tunnelbroker configuration +================================= + +[◀ Go back to main README](../README.md) + +Description +----------- + +Connecting to [tunnelbroker.net](//tunnelbroker.net) from dynamic public +ip address requires the address to be sent to the remote, and to be set +locally. This script does both. + +Requirements and installation +----------------------------- + +Just install the script: + + $ScriptInstallUpdate update-tunnelbroker; + +Installing [ppp-on-up](ppp-on-up.md) makes this script run when ever a ppp +connection is established. + +Configuration +------------- + +The configuration goes to interface's comment: + + / interface 6to4 set comment="tunnelbroker, user=user, pass=s3cr3t, id=12345" tunnelbroker; + +Also enabling dynamic DNS in Mikrotik cloud is required: + + / ip cloud set ddns-enabled=yes; + +See also +-------- + +* [Run scripts on ppp connection](ppp-on-up.md) + +--- +[◀ Go back to main README](../README.md) +[▲ Go back to top](#top) diff --git a/update-tunnelbroker b/update-tunnelbroker index 3aed610..1b5bb9e 100644 --- a/update-tunnelbroker +++ b/update-tunnelbroker @@ -2,6 +2,9 @@ # RouterOS script: update-tunnelbroker # Copyright (c) 2013-2020 Christian Hesse # Michael Gisbers +# +# update local address of tunnelbroker interface +# https://git.eworm.de/cgit/routeros-scripts/about/doc/update-tunnelbroker.md :global CertificateAvailable; :global LogPrintExit; -- cgit v1.2.3-54-g00ecf From c32a727b6e4a47058c6c37442ce54e93b2623e02 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 27 Mar 2020 21:52:17 +0100 Subject: add doc/upload-backup.md --- doc/upload-backup.md | 62 ++++++++++++++++++++++++++++++++++++++++++++++++++++ upload-backup | 1 + 2 files changed, 63 insertions(+) create mode 100644 doc/upload-backup.md diff --git a/doc/upload-backup.md b/doc/upload-backup.md new file mode 100644 index 0000000..bbfbcc4 --- /dev/null +++ b/doc/upload-backup.md @@ -0,0 +1,62 @@ +Upload backup to server +======================= + +[◀ Go back to main README](../README.md) + +Description +----------- + +This script uploads binary backup (`/ system backup save`) and complete +configuration export (`/ export terse`) to external server. + +Requirements and installation +----------------------------- + +Just install the script: + + $ScriptInstallUpdate upload-backup; + +Configuration +------------- + +The configuration goes to `global-config-overlay`, these are the parameters: + +* `BackupSendBinary`: whether to send binary backup +* `BackupSendExport`: whether to send configuration export +* `BackupPassword`: password to encrypt the backup with +* `BackupUploadUrl`: url to upload to +* `BackupUploadUser`: username for server authentication +* `BackupUploadPass`: password for server authentication + +Also notification settings are required for e-mail and telegram. + +### Issues with SFTP client + +The RouterOS SFTP client is picky if it comes to authentication methods. +I had to disable all but password authentication on server side. For openssh +edit `/etc/ssh/sshd_config` and add a directive like this, changed for your +needs: + + Match User mikrotik + AuthenticationMethods password + +Usage and invocation +-------------------- + +Just run the script: + + / system script run upload-backup; + +Creating a scheduler may be an option: + + / system scheduler add interval=1w name=upload-backup on-event="/ system script run upload-backup;" start-time=09:25:00; + +See also +-------- + +* [Send backup via e-mail](email-backup.md) +* [Upload backup to Mikrotik cloud](cloud-backup.md) + +--- +[◀ Go back to main README](../README.md) +[▲ Go back to top](#top) diff --git a/upload-backup b/upload-backup index 16c6bd8..3473884 100644 --- a/upload-backup +++ b/upload-backup @@ -3,6 +3,7 @@ # Copyright (c) 2013-2020 Christian Hesse # # create and upload backup and config file +# https://git.eworm.de/cgit/routeros-scripts/about/doc/upload-backup.md :global BackupPassword; :global BackupSendBinary; -- cgit v1.2.3-54-g00ecf From 070ae8ecb5d1eb814793ecd3015835cd37c507cd Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 27 Mar 2020 21:54:00 +0100 Subject: link global-{config,config-overlay,functions} to main README --- global-config | 1 + global-config-overlay | 1 + global-functions | 1 + 3 files changed, 3 insertions(+) diff --git a/global-config b/global-config index 1ad8393..87f534b 100644 --- a/global-config +++ b/global-config @@ -3,6 +3,7 @@ # Copyright (c) 2013-2020 Christian Hesse # # global configuration +# https://git.eworm.de/cgit/routeros-scripts/about/ # Make sure all configuration properties are up to date and this # value is in sync with value in script 'global-functions'! diff --git a/global-config-overlay b/global-config-overlay index 90740cd..afe0dc4 100644 --- a/global-config-overlay +++ b/global-config-overlay @@ -3,6 +3,7 @@ # Copyright (c) 2013-2020 Christian Hesse # # global configuration, custom overlay +# https://git.eworm.de/cgit/routeros-scripts/about/ # Make sure all configuration properties are up to date and this # value is in sync with value in script 'global-functions'! diff --git a/global-functions b/global-functions index 1aa64d2..e98491c 100644 --- a/global-functions +++ b/global-functions @@ -4,6 +4,7 @@ # Michael Gisbers # # global functions +# https://git.eworm.de/cgit/routeros-scripts/about/ # expected configuration version :global ExpectedConfigVersion 14; -- cgit v1.2.3-54-g00ecf From c6389f5d2c6cda949abde1bcbe6d3b80eaf58832 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 27 Mar 2020 21:54:59 +0100 Subject: README: add section 'Available Scripts' and link documentation --- README.md | 44 ++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 44 insertions(+) diff --git a/README.md b/README.md index 6204ee9..42af97d 100644 --- a/README.md +++ b/README.md @@ -133,6 +133,50 @@ cleanup add a scheduler entry. There's much more to explore... Have fun! +Available Scripts +----------------- + +* [Find and remove access list duplicates](doc/accesslist-duplicates.md) +* [Manage ports in bridge](doc/bridge-port.md) +* [Download packages for CAP upgrade from CAPsMAN](doc/capsman-download-packages.md) +* [Run rolling CAP upgrades from CAPsMAN](doc/capsman-rolling-upgrade.md) +* [Renew locally issued certificates](doc/certificate-renew-issued.md) +* [Renew certificates and notify on expiration](doc/check-certificates.md) +* [Notify about health state](doc/check-health.md) +* [Notify on LTE firmware upgrade](doc/check-lte-firmware-upgrade.md) +* [Notify on RouterOS update](doc/check-routeros-update.md) +* [Upload backup to Mikrotik cloud](doc/cloud-backup.md) +* [Collect MAC addresses in wireless access list](doc/collect-wireless-mac.md) +* [Use wireless network with daily psk](doc/daily-psk.md) +* [Comment DHCP leases with info from access list](doc/dhcp-lease-comment.md) +* [Create DNS records for DHCP leases](doc/dhcp-to-dns.md) +* [Send backup via e-mail](doc/email-backup.md) +* [Wait for configuration und functions](doc/global-wait.md) +* [Send GPS position to server](doc/gps-track.md) +* [Use WPA2 network with hotspot credentials](doc/hotspot-to-wpa.md) +* [Update configuration on IPv6 prefix change](doc/ipv6-update.md) +* [Manage IP addresses with bridge status](doc/ip-addr-bridge.md) +* [Run other scripts on DHCP lease](doc/lease-script.md) +* [Manage LEDs dark mode](doc/leds-mode.md) +* [Mode botton with multiple presses](doc/mode-button.md) +* [Notify on host up and down](doc/netwatch-notify.md) +* [Manage remote logging](doc/netwatch-syslog.md) +* [Manage system update](doc/packages-update.md) +* [Run scripts on ppp connection](doc/ppp-on-up.md) +* [Rotate NTP servers](doc/rotate-ntp.md) +* [Act on received SMS](doc/sms-action.md) +* [Forward received SMS](doc/sms-forward.md) +* [Import SSH keys](doc/ssh-keys-import.md) +* [Play Super Mario theme](doc/super-mario-theme.md) +* [Install LTE firmware upgrade](doc/unattended-lte-firmware-upgrade.md) +* [Update GRE configuration with dynamic addresses](doc/update-gre-address.md) +* [Update tunnelbroker configuration](doc/update-tunnelbroker.md) +* [Upload backup to server](doc/upload-backup.md) + +[comment]: # (TODO: currently undocumented) +[comment]: # (* learn-mac-based-vlan) +[comment]: # (* manage-umts) + Contribute ---------- -- cgit v1.2.3-54-g00ecf From 1d93e92dcda753b855e89295f74dafae4743bb80 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 27 Mar 2020 21:57:12 +0100 Subject: Notify about new documentation! --- global-config | 2 +- global-config-overlay | 2 +- global-config.changes | 1 + global-functions | 2 +- 4 files changed, 4 insertions(+), 3 deletions(-) diff --git a/global-config b/global-config index 87f534b..d8c4fc4 100644 --- a/global-config +++ b/global-config @@ -7,7 +7,7 @@ # Make sure all configuration properties are up to date and this # value is in sync with value in script 'global-functions'! -:global GlobalConfigVersion 14; +:global GlobalConfigVersion 15; # This is used for DNS and backup file. :global Domain "example.com"; diff --git a/global-config-overlay b/global-config-overlay index afe0dc4..1e5234b 100644 --- a/global-config-overlay +++ b/global-config-overlay @@ -8,7 +8,7 @@ # Make sure all configuration properties are up to date and this # value is in sync with value in script 'global-functions'! # Comment or remove to disable change notifications. -:global GlobalConfigVersion 14; +:global GlobalConfigVersion 15; # The global-config script is updated by $ScriptInstallUpdate, # global-config-overlay becomes an overlay for your changes. diff --git a/global-config.changes b/global-config.changes index 7bd3c9f..c683262 100644 --- a/global-config.changes +++ b/global-config.changes @@ -17,4 +17,5 @@ 12="Removed '\$ScriptUpdatesConfigChangesIgnore', comment '\$GlobalConfigVersion' in 'global-config-overlay' to disable change notifications"; 13="Configuration for script 'bridge-port-to-default' changed with new syntax in comment"; 14="Dropped script 'script-updates', use '\$ScriptInstallUpdate' exclusively!"; + 15="New documentation is online! https://git.eworm.de/cgit/routeros-scripts/about/#available-scripts"; }; diff --git a/global-functions b/global-functions index e98491c..cdcba33 100644 --- a/global-functions +++ b/global-functions @@ -7,7 +7,7 @@ # https://git.eworm.de/cgit/routeros-scripts/about/ # expected configuration version -:global ExpectedConfigVersion 14; +:global ExpectedConfigVersion 15; # global variables not to be changed by user :global GlobalFunctionsReady false; -- cgit v1.2.3-54-g00ecf