diff --git a/doc/mod/ssh-keys-import.md b/doc/mod/ssh-keys-import.md index c6530ec2..434caa51 100644 --- a/doc/mod/ssh-keys-import.md +++ b/doc/mod/ssh-keys-import.md @@ -4,7 +4,7 @@ Import ssh keys for public key authentication [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.21-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.17-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) @@ -38,8 +38,9 @@ import that key: $SSHKeysImport "ssh-rsa AAAAB3Nza...QYZk8= user" admin; The third part of the key (`user` in this example) is inherited as -`info` in RouterOS. Also the `MD5` fingerprint is recorded, this helps -to audit and verify the available keys. +`info` in RouterOS (or `key-owner` with RouterOS 7.20.x and before). Also +the `MD5` fingerprint is recorded, this helps to audit and verify the +available keys. > ℹ️️ **Info**: Use `ssh-keygen` to show a fingerprint of an existing public > key file: `ssh-keygen -l -E md5 -f ~/.ssh/id_ed25519.pub` diff --git a/mod/ssh-keys-import.rsc b/mod/ssh-keys-import.rsc index f858a545..16a02859 100644 --- a/mod/ssh-keys-import.rsc +++ b/mod/ssh-keys-import.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2020-2026 Christian Hesse # https://rsc.eworm.de/COPYING.md # -# requires RouterOS, version=7.21 +# requires RouterOS, version=7.17 # # import ssh keys for public key authentication # https://rsc.eworm.de/doc/mod/ssh-keys-import.md @@ -40,8 +40,9 @@ :local FingerPrintMD5 [ :convert from=base64 transform=md5 to=hex ($KeyVal->1) ]; + :local RegEx ("\\bmd5=" . $FingerPrintMD5 . "\\b"); :if ([ :len [ /user/ssh-keys/find where user=$User \ - info~("\\bmd5=" . $FingerPrintMD5 . "\\b") ] ] > 0) do={ + (key-owner~$RegEx or info~$RegEx) ] ] > 0) do={ $LogPrint warning $0 ("The ssh public key (MD5:" . $FingerPrintMD5 . \ ") is already available for user '" . $User . "'."); :return false; diff --git a/netwatch-dns.rsc b/netwatch-dns.rsc index 038f0c54..2edbdf8c 100644 --- a/netwatch-dns.rsc +++ b/netwatch-dns.rsc @@ -3,12 +3,13 @@ # Copyright (c) 2022-2026 Christian Hesse # https://rsc.eworm.de/COPYING.md # -# requires RouterOS, version=7.22beta1 +# requires RouterOS, version=7.17 # requires device-mode, fetch # # monitor and manage dns/doh with netwatch # https://rsc.eworm.de/doc/netwatch-dns.md +:local ExitOK false; :onerror Err { :global GlobalConfigReady; :global GlobalFunctionsReady; :retry { :if ($GlobalConfigReady != true || $GlobalFunctionsReady != true) \ @@ -24,13 +25,15 @@ :global ScriptLock; :if ([ $ScriptLock $ScriptName ] = false) do={ - :exit; + :set ExitOK true; + :error false; } :local SettleTime (5m30s - [ /system/resource/get uptime ]); :if ($SettleTime > 0s) do={ $LogPrint info $ScriptName ("System just booted, giving netwatch " . $SettleTime . " to settle."); - :exit; + :set ExitOK true; + :error true; } :local DnsServers ({}); @@ -85,7 +88,8 @@ :if ($DohCurrent = $HostInfo->"doh-url" && [ $IsDNSResolving ] = true) do={ $LogPrint debug $ScriptName ("Current DoH server is still up and resolving: " . $DohCurrent); - :exit; + :set ExitOK true; + :error true; } :set ($DohServers->[ :len $DohServers ]) $HostInfo; @@ -128,7 +132,8 @@ } /ip/dns/cache/flush; $LogPrint info $ScriptName ("Setting DoH server: " . ($DohServer->"doh-url")); - :exit; + :set ExitOK true; + :error true; } else={ $LogPrint warning $ScriptName ("Received unexpected response from DoH server: " . \ ($DohServer->"doh-url")); @@ -136,5 +141,5 @@ } } } do={ - :global ExitError; $ExitError true [ :jobname ] $Err; + :global ExitError; $ExitError $ExitOK [ :jobname ] $Err; } diff --git a/telegram-chat.rsc b/telegram-chat.rsc index 5b15227e..53ab6c66 100644 --- a/telegram-chat.rsc +++ b/telegram-chat.rsc @@ -3,12 +3,13 @@ # Copyright (c) 2023-2026 Christian Hesse # https://rsc.eworm.de/COPYING.md # -# requires RouterOS, version=7.22beta1 +# requires RouterOS, version=7.17 # requires device-mode, fetch # # use Telegram to chat with your Router and send commands # https://rsc.eworm.de/doc/telegram-chat.md +:local ExitOK false; :onerror Err { :global GlobalConfigReady; :global GlobalFunctionsReady; :retry { :if ($GlobalConfigReady != true || $GlobalFunctionsReady != true) \ @@ -47,7 +48,8 @@ :global WaitFullyConnected; :if ([ $ScriptLock $ScriptName ] = false) do={ - :exit; + :set ExitOK true; + :error false; } $WaitFullyConnected; @@ -61,7 +63,8 @@ :if ([ $CertificateAvailable "Go Daddy Root Certificate Authority - G2" "fetch" ] = false) do={ $LogPrint warning $ScriptName ("Downloading required certificate failed."); - :exit; + :set ExitOK true; + :error false; } $RandomDelay $TelegramRandomDelay; @@ -86,7 +89,8 @@ :if ($Data = false) do={ $LogPrint warning $ScriptName ("Failed getting updates."); - :exit; + :set ExitOK true; + :error false; } :local JSON [ :deserialize from=json value=$Data ]; @@ -115,6 +119,7 @@ } :if ($Trusted = true) do={ + :local Done false; :if ($Command = "?") do={ $LogPrint info $ScriptName ("Sending notice for update " . $UpdateID . "."); $SendTelegram2 ({ origin=$ScriptName; chatid=($Chat->"id"); silent=true; \ @@ -122,9 +127,9 @@ subject=([ $SymbolForNotification "speech-balloon" ] . "Telegram Chat"); \ message=([ $IfThenElse ([ :len ($From->"first_name") ] > 0) ("Hello " . ($From->"first_name") . "!\n\n") ] . \ "Online" . [ $IfThenElse $TelegramChatActive " (and active!)" ] . ", awaiting your commands!") }); - :continue; + :set Done true; } - :if ([ :pick $Command 0 1 ] = "!") do={ + :if ($Done = false && [ :pick $Command 0 1 ] = "!") do={ :if ($Command ~ ("^! *(" . [ $EscapeForRegEx $Identity ] . "|@" . $TelegramChatGroups . ")\$")) do={ :set TelegramChatActive true; } else={ @@ -132,16 +137,17 @@ } $LogPrint info $ScriptName ("Now " . [ $IfThenElse $TelegramChatActive "active" "passive" ] . \ " from update " . $UpdateID . "!"); - :continue; + :set Done true; } - :if (($IsMyReply = 1 || ($IsAnyReply = false && \ + :if ($Done = false && ($IsMyReply = 1 || ($IsAnyReply = false && \ $TelegramChatActive = true)) && [ :len $Command ] > 0) do={ :if ([ $ValidateSyntax $Command ] = true) do={ :local State ""; :local File ("tmpfs/telegram-chat/" . [ $GetRandom20CharAlNum 6 ]); :if ([ $MkDir "tmpfs/telegram-chat" ] = false) do={ $LogPrint error $ScriptName ("Failed creating directory!"); - :exit; + :set ExitOK true; + :error false; } $LogPrint info $ScriptName ("Running command from update " . $UpdateID . ": " . $Command); :execute script=(":do {\n" . $Command . "\n} on-error={ /file/add name=\"" . $File . ".failed\" };" . \ @@ -191,5 +197,5 @@ :set TelegramChatOffset ([ :pick $TelegramChatOffset 1 3 ], \ [ $IfThenElse ($UpdateID >= $TelegramChatOffset->2) ($UpdateID + 1) ($TelegramChatOffset->2) ]); } do={ - :global ExitError; $ExitError true [ :jobname ] $Err; + :global ExitError; $ExitError $ExitOK [ :jobname ] $Err; }