From 16a551a0ee712b81dc267e50414ceee39d434edc Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 23 Jun 2023 22:30:34 +0200 Subject: hotspot-to-wpa-cleanup: drop hard-coded server name, find by comment --- hotspot-to-wpa-cleanup.rsc | 28 +++++++++++++++++++--------- 1 file changed, 19 insertions(+), 9 deletions(-) (limited to 'hotspot-to-wpa-cleanup.rsc') diff --git a/hotspot-to-wpa-cleanup.rsc b/hotspot-to-wpa-cleanup.rsc index 15f63f9..b3aba11 100644 --- a/hotspot-to-wpa-cleanup.rsc +++ b/hotspot-to-wpa-cleanup.rsc @@ -13,26 +13,36 @@ :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } :global LogPrintExit2; +:global ParseKeyValueStore; :global ScriptLock; $ScriptLock $0 false 10; +:local DHCPServers ({}); +:foreach Server in=[ /ip/dhcp-server/find where comment~"hotspot-to-wpa" ] do={ + :local ServerVal [ /ip/dhcp-server/get $Server ] + :if (([ $ParseKeyValueStore ($ServerVal->"comment") ]->"hotspot-to-wpa") = "wpa") do={ + :set ($DHCPServers->($ServerVal->"name")) 1; + } +} + :foreach Client in=[ /caps-man/registration-table/find where comment~"^hotspot-to-wpa:" ] do={ :local ClientVal [ /caps-man/registration-table/get $Client ]; - :local Lease [ /ip/dhcp-server/lease/find where server~"wpa" dynamic \ - mac-address=($ClientVal->"mac-address") ]; - :if ([ :len $Lease ] > 0) do={ - $LogPrintExit2 info $0 ("Client with mac address " . ($ClientVal->"mac-address") . \ - " connected to WPA, making lease static.") false; - /ip/dhcp-server/lease/make-static $Lease; - /ip/dhcp-server/lease/set comment=($ClientVal->"comment") $Lease; + :foreach Lease in=[ /ip/dhcp-server/lease/find where dynamic \ + mac-address=($ClientVal->"mac-address") ] do={ + :if (($DHCPServers->[ /ip/dhcp-server/lease/get $Lease server ]) = 1) do={ + $LogPrintExit2 info $0 ("Client with mac address " . ($ClientVal->"mac-address") . \ + " connected to WPA, making lease static.") false; + /ip/dhcp-server/lease/make-static $Lease; + /ip/dhcp-server/lease/set comment=($ClientVal->"comment") $Lease; + } } } -:foreach Client in=[ /caps-man/access-list/find where comment~"^hotspot-to-wpa:" and \ +:foreach Client in=[ /caps-man/access-list/find where comment~"^hotspot-to-wpa:" \ !(comment~[ /system/clock/get date ]) ] do={ :local ClientVal [ /caps-man/access-list/get $Client ]; - :if ([ :len [ /ip/dhcp-server/lease/find where server~"wpa" !dynamic \ + :if ([ :len [ /ip/dhcp-server/lease/find where !dynamic comment~"^hotspot-to-wpa:" \ mac-address=($ClientVal->"mac-address") ] ] = 0) do={ $LogPrintExit2 info $0 ("Client with mac address " . ($ClientVal->"mac-address") . \ " did not connect to WPA, removing from access list.") false; -- cgit v1.2.3-54-g00ecf From 64ab9eec6756a95df14471b0ebf0f3014c478e9a Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 27 Jun 2023 21:59:18 +0200 Subject: hotspot-to-wpa-cleanup: drop hard-coded timeout, get from comment This keeps the default of four weeks, though. --- doc/hotspot-to-wpa.md | 5 +++++ hotspot-to-wpa-cleanup.rsc | 27 ++++++++++++++++----------- news-and-changes.rsc | 2 +- 3 files changed, 22 insertions(+), 12 deletions(-) (limited to 'hotspot-to-wpa-cleanup.rsc') diff --git a/doc/hotspot-to-wpa.md b/doc/hotspot-to-wpa.md index 5cbe22c..2630694 100644 --- a/doc/hotspot-to-wpa.md +++ b/doc/hotspot-to-wpa.md @@ -44,6 +44,11 @@ this example the server is called `hotspot-to-wpa`. /ip/dhcp-server/set lease-script=lease-script comment="hotspot-to-wpa=wpa" hotspot-to-wpa; +You can specify the timeout after which a device is removed from leases and +access-list. The default is four weeks. + + /ip/dhcp-server/set lease-script=lease-script comment="hotspot-to-wpa=wpa, timeout=2w" hotspot-to-wpa; + Configuration ------------- diff --git a/hotspot-to-wpa-cleanup.rsc b/hotspot-to-wpa-cleanup.rsc index b3aba11..adb0abb 100644 --- a/hotspot-to-wpa-cleanup.rsc +++ b/hotspot-to-wpa-cleanup.rsc @@ -12,6 +12,7 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } +:global EitherOr; :global LogPrintExit2; :global ParseKeyValueStore; :global ScriptLock; @@ -21,8 +22,10 @@ $ScriptLock $0 false 10; :local DHCPServers ({}); :foreach Server in=[ /ip/dhcp-server/find where comment~"hotspot-to-wpa" ] do={ :local ServerVal [ /ip/dhcp-server/get $Server ] - :if (([ $ParseKeyValueStore ($ServerVal->"comment") ]->"hotspot-to-wpa") = "wpa") do={ - :set ($DHCPServers->($ServerVal->"name")) 1; + :local ServerInfo [ $ParseKeyValueStore ($ServerVal->"comment") ]; + :if (($ServerInfo->"hotspot-to-wpa") = "wpa") do={ + :set ($DHCPServers->($ServerVal->"name")) \ + [ :totime [ $EitherOr ($ServerInfo->"timeout") 4w ] ]; } } @@ -30,7 +33,7 @@ $ScriptLock $0 false 10; :local ClientVal [ /caps-man/registration-table/get $Client ]; :foreach Lease in=[ /ip/dhcp-server/lease/find where dynamic \ mac-address=($ClientVal->"mac-address") ] do={ - :if (($DHCPServers->[ /ip/dhcp-server/lease/get $Lease server ]) = 1) do={ + :if (($DHCPServers->[ /ip/dhcp-server/lease/get $Lease server ]) > 0s) do={ $LogPrintExit2 info $0 ("Client with mac address " . ($ClientVal->"mac-address") . \ " connected to WPA, making lease static.") false; /ip/dhcp-server/lease/make-static $Lease; @@ -50,12 +53,14 @@ $ScriptLock $0 false 10; } } -:foreach Lease in=[ /ip/dhcp-server/lease/find where !dynamic status=waiting \ - last-seen>4w comment~"^hotspot-to-wpa:" ] do={ - :local LeaseVal [ /ip/dhcp-server/lease/get $Lease ]; - $LogPrintExit2 info $0 ("Client with mac address " . ($LeaseVal->"mac-address") . \ - " was not seen for long time, removing.") false; - /caps-man/access-list/remove [ find where comment~"^hotspot-to-wpa:" \ - mac-address=($LeaseVal->"mac-address") ]; - /ip/dhcp-server/lease/remove $Lease; +:foreach Server,Timeout in=$DHCPServers do={ + :foreach Lease in=[ /ip/dhcp-server/lease/find where !dynamic status="waiting" \ + server=$Server last-seen>$Timeout comment~"^hotspot-to-wpa:" ] do={ + :local LeaseVal [ /ip/dhcp-server/lease/get $Lease ]; + $LogPrintExit2 info $0 ("Client with mac address " . ($LeaseVal->"mac-address") . \ + " was not seen for " . $Timeout . ", removing.") false; + /caps-man/access-list/remove [ find where comment~"^hotspot-to-wpa:" \ + mac-address=($LeaseVal->"mac-address") ]; + /ip/dhcp-server/lease/remove $Lease; + } } diff --git a/news-and-changes.rsc b/news-and-changes.rsc index fd7742e..572f431 100644 --- a/news-and-changes.rsc +++ b/news-and-changes.rsc @@ -16,7 +16,7 @@ 100="The script 'ssh-keys-import' became a module 'mod/ssh-keys-import' with enhanced functionality."; 101="Introduced new script 'fw-addr-lists' to download, import and update firewall address-lists."; 102="Modified 'hotspot-to-wpa' to support non-local (radius) users."; - 103="Dropped hard-coded name from 'hotspot-to-wpa-cleanup', instead a comment is required for dhcp server now."; + 103="Dropped hard-coded name and timeout from 'hotspot-to-wpa-cleanup', instead a comment is required for dhcp server now."; }; # Migration steps to be applied on script updates -- cgit v1.2.3-54-g00ecf