From e1f134ead584c7b2e9ed406f5520d7f1a23294aa Mon Sep 17 00:00:00 2001
From: Christian Hesse <mail@eworm.de>
Date: Thu, 5 Jul 2018 15:29:26 +0200
Subject: add scripts

---
 update-gre-address | 30 ++++++++++++++++++++++++++++++
 1 file changed, 30 insertions(+)
 create mode 100644 update-gre-address

(limited to 'update-gre-address')

diff --git a/update-gre-address b/update-gre-address
new file mode 100644
index 0000000..ea55a9b
--- /dev/null
+++ b/update-gre-address
@@ -0,0 +1,30 @@
+# RouterOS script: update-gre-address
+# Copyright (c) 2013-2018 Christian Hesse <mail@eworm.de>
+#
+# update gre interface remote address with dynamic address from
+# ipsec remote peer
+
+:global "gre-cert-prefix";
+:global "gre-int-prefix";
+
+/ interface gre set remote-address=0.0.0.0 disabled=yes [ find where !running !disabled ];
+
+:foreach peer in=[ / ip ipsec remote-peers find ] do={
+  :local id [ / ip ipsec remote-peers get $peer id ];
+
+  :if ([ :pick $id 0 [ :len $"gre-cert-prefix" ] ] = $"gre-cert-prefix") do={
+    :local name [ :pick $id [ :len $"gre-cert-prefix" ] [ :len $id ] ];
+    :local addrnew [ / ip ipsec remote-peers get $peer dynamic-address ];
+    :local grename ($"gre-int-prefix" . $name);
+    :local greint [ / interface gre find where name=$grename ];
+    :if ([ :len $greint ] > 0) do={
+      :local addrold [ / interface gre get $greint remote-address ];
+      :local disabled [ / interface gre get $greint disabled ];
+      :if ($addrnew != $addrold || $disabled = true) do={
+        :log info ("Update remote address for interface " . $grename . " to " . $addrnew);
+        / interface gre set remote-address=0.0.0.0 disabled=yes [ find where remote-address=$addrnew name!=$grename ];
+        / interface gre set $greint remote-address=$addrnew disabled=no;
+      }
+    }
+  }
+}
-- 
cgit v1.2.3-54-g00ecf