From 62707dc549855e1c4247a9d2df599afc48782902 Mon Sep 17 00:00:00 2001
From: Christian Hesse <mail@eworm.de>
Date: Thu, 9 Feb 2023 22:42:02 +0100
Subject: ipv6-update: support host addresses in address-list

---
 doc/ipv6-update.md    |  7 ++++++-
 global-config.changes |  1 +
 global-functions      |  2 +-
 ipv6-update           | 17 ++++++++++++++---
 4 files changed, 22 insertions(+), 5 deletions(-)

diff --git a/doc/ipv6-update.md b/doc/ipv6-update.md
index 49804f4..f49cfaa 100644
--- a/doc/ipv6-update.md
+++ b/doc/ipv6-update.md
@@ -11,7 +11,7 @@ Description
 
 With changing IPv6 prefix from ISP this script handles to update...
 
-* ipv6 firewall address-list
+* ipv6 firewall address-list (prefixes (`/64`) and host addresses (`/128`))
 * dns records
 
 Requirements and installation
@@ -52,6 +52,11 @@ has to be associated to an interface in comment:
 
     /ipv6/firewall/address-list/add address=2003:cf:2f0f:de01::/64 comment="ipv6-pool-isp, interface=br-local" list=local;
 
+Updating address list entries with host addresses works as well, the new
+prefix is combinded with given suffix then:
+
+    /ipv6/firewall/address-list/add address=2003:cf:2f0f:de01:e3e0:f8fa:8cd6:dbe1/128 comment="ipv6-pool-isp, interface=br-local" list=hosts;
+
 Static DNS records need a special comment to be updated. Again it has to
 start with "`ipv6-pool-`" and actual pool name, followed by a comma,
 "`interface=`" and the name of interface this address is connected to:
diff --git a/global-config.changes b/global-config.changes
index dd40f09..ad8e7a9 100644
--- a/global-config.changes
+++ b/global-config.changes
@@ -102,6 +102,7 @@
   91="Dropped check for CAP in 'check-routeros-update' to solve issues with wifiwave2 package.";
   92="Made qr-code url configurable for 'daily-psk'.";
   93="Added support to backup global-config-overlay in 'backup-email' and 'backup-upload'.";
+  94="Added support for host addresses in address-list for 'ipv6-update'.";
 };
 
 # Migration steps to be applied on script updates
diff --git a/global-functions b/global-functions
index c179263..89d2612 100644
--- a/global-functions
+++ b/global-functions
@@ -12,7 +12,7 @@
 :local 0 "global-functions";
 
 # expected configuration version
-:global ExpectedConfigVersion 93;
+:global ExpectedConfigVersion 94;
 
 # global variables not to be changed by user
 :global GlobalFunctionsReady false;
diff --git a/ipv6-update b/ipv6-update
index dd22538..2838feb 100644
--- a/ipv6-update
+++ b/ipv6-update
@@ -41,9 +41,20 @@
     :local Prefix [ /ipv6/address/find where from-pool=$Pool interface=($Comment->"interface") global ];
     :if ([ :len $Prefix ] = 1) do={
       :set Prefix [ /ipv6/address/get $Prefix address ];
-      $LogPrintExit2 info $0 ("Updating IPv6 address list with new IPv6 prefix " . $Prefix . \
-        " from interface " . ($Comment->"interface")) false;
-      /ipv6/firewall/address-list/set address=$Prefix $ListEntry;
+
+      :if ([ :typeof [ :find ($ListEntryVal->"address") "/128" ] ] = "num" ) do={
+        :set Prefix ([ :toip6 [ :pick $Prefix 0 [ :find $Prefix "/64" ] ] ] & ffff:ffff:ffff:ffff::);
+        :local Address ($ListEntryVal->"address");
+        :local Address ($Prefix | ([ :toip6 [ :pick $Address 0 [ :find $Address "/128" ] ] ] & ::ffff:ffff:ffff:ffff));
+
+        $LogPrintExit2 info $0 ("Updating IPv6 address list with new IPv6 host address " . $Address . \
+          " from interface " . ($Comment->"interface")) false;
+        /ipv6/firewall/address-list/set address=$Address $ListEntry;
+      } else={
+        $LogPrintExit2 info $0 ("Updating IPv6 address list with new IPv6 prefix " . $Prefix . \
+          " from interface " . ($Comment->"interface")) false;
+        /ipv6/firewall/address-list/set address=$Prefix $ListEntry;
+      }
     }
   }
 
-- 
cgit v1.2.3-54-g00ecf